jq1.io
Author Image

Ideas as Code

© 2023 Jude Quintana
Built with Hugo

$init super refactor

Oct 11, 2022 in TERRAFORM
aws vpc tgw peering routing intra-region cross-region decentralized-hub-spoke-topology cloud-networking
2 min read

Aaaand we’re back with another heavy hitting round of super refactorization in Terraform!

I think the first iteration of Super Router for AWS went well.

It allowed us to peer and route both intra-region and cross-region TGWs and VPCs with a single module.

But there was one really annoying flaw.

The caveat in the design is that the peer TGWs will have to go through the Super Router’s local provider region to get to other peer TGWs.

Meaning that TGWs in us-east-1 will have to route through the Super Router TGW in us-west-2 to get to other TGWs in us-east-1.

The super refactor eliminates this caveat.

Shout out to Lade Sobowale for pointing out another TGW is needed to get rid of the unnecessary cross region journey.

Super Router is now composed of two TGWs (one for each region) instead of one TGW making it’s functionality actually SUPER.

TGWs will route to other intra-region TGWs without leaving the region.

Cross-region routing is down to one TGW attachment instead of one for each peer.

Going from this awkward architecture:

module "tgw_super_router_usw2_to_use1" {
  source = "git@github.com:JudeQuintana/terraform-modules.git//networking/tgw_super_router_for_tgw_centralized_router?ref=v1.4.4"

  providers = {
    aws.local = aws.usw2 # super router will be built in the aws.local provider region
    aws.peer  = aws.use1
  }

  env_prefix                = var.env_prefix
  region_az_labels          = var.region_az_labels
  local_amazon_side_asn     = 64521
  local_centralized_routers = [module.tgw_centralized_router_usw2, module.tgw_centralized_router_usw2_another] # local list must be all same region as each other in aws.local provider.
  peer_centralized_routers  = [module.tgw_centralized_router_use1, module.tgw_centralized_router_use1_another] # peer list must all be same region as each other in aws.peer provider.
}

super-router-before

To a moar super one:

module "tgw_super_router_usw2_to_use1" {
  source = "git@github.com:JudeQuintana/terraform-modules.git//networking/tgw_super_router_for_tgw_centralized_router?ref=v1.4.5"

  providers = {
    aws.local = aws.usw2 # local super router tgw will be built in the aws.local provider region
    aws.peer  = aws.use1 # peer super router tgw will be built in the aws.peer provider region
  }

  env_prefix                = var.env_prefix
  region_az_labels          = var.region_az_labels
  local_amazon_side_asn     = 64521
  local_centralized_routers = [module.tgw_centralized_router_usw2, module.tgw_centralized_router_usw2_another] # local list must be all same region as each other in aws.local provider.
  peer_amazon_side_asn      = 64522
  peer_centralized_routers  = [module.tgw_centralized_router_use1, module.tgw_centralized_router_use1_another] # peer list must all be same region as each other in aws.peer provider.
}

super-router-after

Looks like the Super Router module just leveled up!

Plus, the Super Router Demo has been hella upgraded and updated so check it out!

~jq1 #AoD

“Styles unbreakable, shatterproof!” - O.D.B.

Update January 29th 2023:

The Shokunin version v1.4.6 (and later) has been released for Super Router.

New features means new steez in Slappin chrome on the WIP!

Feedback

What did you think about this post? jude@jq1.io

Super Powered, Super Sharp, Super Router! Slappin' chrome on the WIP