diff --git a/contrib/terraform/openstack/README.md b/contrib/terraform/openstack/README.md
index 76741b31c27b3145171402c3932f58d2aafda215..fdf2d12116bdac25ece7931fa994d905f026e479 100644
--- a/contrib/terraform/openstack/README.md
+++ b/contrib/terraform/openstack/README.md
@@ -251,6 +251,7 @@ For your cluster, edit `inventory/$CLUSTER/cluster.tfvars`.
|`dns_nameservers`| An array of DNS name server names to be used by hosts in the internal subnet. |
|`floatingip_pool` | Name of the pool from which floating IPs will be allocated |
|`k8s_master_fips` | A list of floating IPs that you have already pre-allocated; they will be attached to master nodes instead of creating new random floating IPs. |
+|`bastion_fips` | A list of floating IPs that you have already pre-allocated; they will be attached to bastion node instead of creating new random floating IPs. |
|`external_net` | UUID of the external network that will be routed to |
|`flavor_k8s_master`,`flavor_k8s_node`,`flavor_etcd`, `flavor_bastion`,`flavor_gfs_node` | Flavor depends on your openstack installation, you can get available flavor IDs through `openstack flavor list` |
|`image`,`image_gfs` | Name of the image to use in provisioning the compute resources. Should already be loaded into glance. |
diff --git a/contrib/terraform/openstack/kubespray.tf b/contrib/terraform/openstack/kubespray.tf
index 424c134dde8bc23b64d18c05734fed0d305f4c96..c32659f968c4b8e51fb044848a0377e4440334f8 100644
--- a/contrib/terraform/openstack/kubespray.tf
+++ b/contrib/terraform/openstack/kubespray.tf
@@ -24,6 +24,7 @@ module "ips" {
router_id = module.network.router_id
k8s_nodes = var.k8s_nodes
k8s_master_fips = var.k8s_master_fips
+ bastion_fips = var.bastion_fips
router_internal_port_id = module.network.router_internal_port_id
}
diff --git a/contrib/terraform/openstack/modules/ips/main.tf b/contrib/terraform/openstack/modules/ips/main.tf
index c7fcf700cae24034d4bc2c3a3a5d16db1878e5e8..243572162f2f447ffd988422397b20e0c924b9a1 100644
--- a/contrib/terraform/openstack/modules/ips/main.tf
+++ b/contrib/terraform/openstack/modules/ips/main.tf
@@ -28,7 +28,7 @@ resource "openstack_networking_floatingip_v2" "k8s_node" {
}
resource "openstack_networking_floatingip_v2" "bastion" {
- count = var.number_of_bastions
+ count = length(var.bastion_fips) > 0 ? 0 : var.number_of_bastions
pool = var.floatingip_pool
depends_on = [null_resource.dummy_dependency]
}
diff --git a/contrib/terraform/openstack/modules/ips/outputs.tf b/contrib/terraform/openstack/modules/ips/outputs.tf
index 98754914014fcb95e86bcebb6e0bb566f97020ce..591cac2502f62cec08484b7b2fc96a2bc6639d9a 100644
--- a/contrib/terraform/openstack/modules/ips/outputs.tf
+++ b/contrib/terraform/openstack/modules/ips/outputs.tf
@@ -17,5 +17,5 @@ output "k8s_nodes_fips" {
}
output "bastion_fips" {
- value = openstack_networking_floatingip_v2.bastion[*].address
+ value = length(var.bastion_fips) > 0 ? var.bastion_fips : openstack_networking_floatingip_v2.bastion[*].address
}
diff --git a/contrib/terraform/openstack/modules/ips/variables.tf b/contrib/terraform/openstack/modules/ips/variables.tf
index c5fd6b7f40d2a4fec952926169958aa19424609d..a30fffde0259268b0a37e403a5bc184c2eacaab8 100644
--- a/contrib/terraform/openstack/modules/ips/variables.tf
+++ b/contrib/terraform/openstack/modules/ips/variables.tf
@@ -20,4 +20,6 @@ variable "k8s_nodes" {}
variable "k8s_master_fips" {}
+variable "bastion_fips" {}
+
variable "router_internal_port_id" {}
diff --git a/contrib/terraform/openstack/variables.tf b/contrib/terraform/openstack/variables.tf
index a6c3c6408db5c9bc1db3ad365c1def4a2d78ca4a..99b57db69b158183ec64497cc1173e422b1503dc 100644
--- a/contrib/terraform/openstack/variables.tf
+++ b/contrib/terraform/openstack/variables.tf
@@ -162,6 +162,12 @@ variable "k8s_master_fips" {
default = []
}
+variable "bastion_fips" {
+ description = "specific pre-existing floating IPs to use for bastion node"
+ type = list(string)
+ default = []
+}
+
variable "floatingip_pool" {
description = "name of the floating ip pool to use"
default = "external"