Various interpolation functions for CIDR range manipulation. #3127
Conversation
|
The Travis-CI tests are failing on I don't believe that's related to my change but if I'm mistaken please let me know and I'll fix it! |
|
Thanks @apparentlymart – the Travis CI failures are indeed unrelated; I've patched them up in #3130 |
|
I rebased this on top of the fix in #3130, so the tests are now passing. |
|
👍 for the idea! This will make the DSL even more readable and clear. |
|
@phinze maintaining this changeset in a mergable state is quite bothersome for its size, because Could I get a quick review on this so I don't have to keep manually rebasing it every few weeks? 😀 |
|
@apparentlymart +1 cutting a small v0.6.5 right now so i'd like to keep master quiet for a bit, will add this to my list for today once that is out |
|
Oh okay cool. Wish I'd known that before I just merged a bunch of stuff 😀, but I'll stop. |
| * `cidrfirstaddr(iprange)` - Takes an IP address range in CIDR notation | ||
| and returns the first IP address in that range. This is the same | ||
| as simply removing the prefix indicator from the end. For example, | ||
| ``cidrfirstaddr("10.0.0.0/8", 2)`` returns ``10.0.0.0``. |
There was a problem hiding this comment.
The behavior of this doesn't match what I'm used to seeing in CIDR manipulation tooling. Here's the output of ipcalc on that example CIDR:
❯ ipcalc 10.0.0.0/8
Address: 10.0.0.0 00001010. 00000000.00000000.00000000
Netmask: 255.0.0.0 = 8 11111111. 00000000.00000000.00000000
Wildcard: 0.255.255.255 00000000. 11111111.11111111.11111111
=>
Network: 10.0.0.0/8 00001010. 00000000.00000000.00000000
HostMin: 10.0.0.1 00001010. 00000000.00000000.00000001
HostMax: 10.255.255.254 00001010. 11111111.11111111.11111110
Broadcast: 10.255.255.255 00001010. 11111111.11111111.11111111
I'd expect cidrfirstaddr to match HostMin there, but it does not. Is there a use case I'm missing?
No worries! I should have broadcast that I was starting the release wheels beforehand. Initial review Qs inline. 👌 |
|
I've never used For I'll write up a new version of this that makes the same distinctions
|
|
Having looked at this a bit more deeply, I think there is more complexity here than I first realized. IPv6 doesn't have the concept of broadcast addresses since it lacks broadcast, and so I don't want to run into this and implicitly impose IPv4-oriented concepts onto IPv6. So instead I'm planning to strip this down a bit to the core stuff that definitely won't differ between IPv4 and IPv6:
...and then I'll let the other use-cases soak for a while. |
|
@phinze as noted above, I reduced this down to just three of the functions to start with since I think these are the core things needed to do basic address calculations and I want to research a little more how the other functions should behave for IPv6 addresses. If you're cool with it I'd like to merge in these three to start with and then follow up with the others later once I have a bit more understanding of the usual conventions for IPv6 addressing schemes. (Sadly there's no IPv6 in my world right now because we're on AWS and there's no IPv6 there...) |
|
@apparentlymart Sounds good to me! These look good. 👍 |
| * `cidrmask(iprange)` - Takes an IP address range in CIDR notation | ||
| and returns the address-formatted subnet mask format that some | ||
| systems expect for IPv4 interfaces. For example, | ||
| ``cidrmask("10.0.0.0/8", 2)`` returns ``255.0.0.0``. Not applicable |
There was a problem hiding this comment.
I think you want to get rid of the , 2 in your example here.
There was a problem hiding this comment.
You're right. Thanks for catching that!
These new functions allow Terraform to be used for network address space planning tasks, and make it easier to produce reusable modules that contain or depend on network infrastructure. For example: - cidrsubnet allows an aws_subnet to derive its CIDR prefix from its parent aws_vpc. - cidrhost allows a fixed IP address for a resource to be assigned within an address range defined elsewhere. - cidrnetmask provides the dotted-decimal form of a prefix length that is accepted by some systems such as routing tables and static network interface configuration files. The bulk of the work here is done by an external library I authored called go-cidr. It is MIT licensed and was implemented primarily for the purpose of using it within Terraform. It has its own unit tests and so the unit tests within this change focus on simple success cases and on the correct handling of the various error cases.
|
Thanks! I corrected the doc bug that @thegedge spotted, along with another one I spotted while fixing it (the function was still documented as |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
ghost
locked and limited conversation to collaborators
These new functions allow Terraform to be used for network address space planning tasks, and make it easier to produce reusable modules that contain or depend on network infrastructure.
For example:
cidrsubnetallows anaws_subnetto derive its CIDR prefix from its parentaws_vpc.cidrhostallows a fixed IP address for a resource to be assigned within an address range defined elsewhere, for when dynamic allocation is not desired. Computing a host address allows reusable modules to derive addresses from input variables.cidrfirstaddrandcidrlastaddrrespectively provide the IP addresses that bound the range, which is what many DHCP servers accept as configuration of a dynamic allocation range.cidrmaskprovides the dotted-decimal form of a prefix length that is accepted by some systems such as routers and OS-level static network interface configuration files. (e.g.255.255.0.0)The bulk of the work here is done by an external library I authored called go-cidr. It is MIT licensed and was implemented primarily for the purpose of using it within Terraform. It has its own unit tests and so the unit tests within this change focus on simple success cases and on the correct handling of the various error cases.
make test)