Cleanup support for networks, subnets, routers, router interfaces#13
Open
claudia-lola wants to merge 10 commits into
Open
Cleanup support for networks, subnets, routers, router interfaces#13claudia-lola wants to merge 10 commits into
claudia-lola wants to merge 10 commits into
Conversation
claudia-lola
force-pushed
the
network-support
branch
from
ae23d34 to
862fc58
Compare
sjpb
requested changes
May 27, 2026
Collaborator
There was a problem hiding this comment.
As discussed elsewhere:
- PR description and title need work
- Resources which are nested in current ansible config should be nested, i.e. subnets -> networks, router interfaces -> router
- child resources (subnets/router interfaces) should have a composite key refering to their parent, so children of the same name can exist in different parents
- Networks are not a child of a project but MAY reference them. So being able to provide tenant ID (for networks in projects NOT controlled by this config) or project name (for networks in projects which ARE controlled by this config) is OK, but needs documenting. And the resource key NOT being based on the network name but being a user-defined unique key again makes sense in this context (as not child of projects) but again needs documenting.
Collaborator
|
In PR comment: networks = {
"demo-network:demo-project" #tofu resource name = {should that be networks = {
"demo-network:demo-project" = { #tofu resource name and similar ... |
Collaborator
|
Last review said:
But in PR comment: ...
subnets = [
{
key = "demo-subnet:demo-project" #tofu resource name
name = "demo-subnet" #openstack subnet name
project = "demo-project"
}
]a) You're having to create this composite key yourself - I'd have expected it to have been created from the parent network key + the subnet name. I'd have expected this example to look like: networks = {
"demo-network:demo-project" = { # unique resource name
name = "demo-network" #openstack network name
project = "demo-project"
subnets = {
"demo-subnet" = {} # openstack subnet name
}
}
}Edit: Hmm I see having the user-created unique key on the subnet does allow e.g. router interfaces to reference it. Maybe that's simpler to explain. The point re. project/tenant ID stands, they cannot be different from the parent network. And so given the point elsewhere about not using the list idx in the key for idempotency, maybe it'd be better as networks = {
"demo-network:demo-project" = { # unique resource name
name = "demo-network" #openstack network name
project = "demo-project"
subnets = {
"demo-subnet:demo-project" = { # tofu resource name
name = "demo-subnet" # openstack subnet name
}
}
} |
sjpb
requested changes
Jun 2, 2026
Collaborator
sjpb
left a comment
sjpb
left a comment
There was a problem hiding this comment.
So top-level:
- Don't use idx as part of the resource name - it breaks idempotency if things in the list get reordered/moved. So e.g. I think instead of subnets being a list of maps where elements have a "key" parameter, just make it a map, keyed directly by that.
- The PR first comment isn't valid HCL, there's comments inside {} which won't work, and the formatting is a bit wacky. Just copy it into a separate file and run
tofu fmton it until it stops complaining. - Where child resources can only take same values as their parent, you shouldn't need to respecify them. E.g. having to pass "project" to subnet when the parent "network" has it is not necessary/bad UX.
- I can see that subnets do probably need a manually-specified unique key. Else it'll get hard to reference them from e.g. router interfaces.
- Leaving the ability to specify e.g. subnet ids directly is neat - lets us e.g. specify router interfaces even when the subnet is not part of this config 👍
- Where map variables include lists/maps, the type of that should be specified.
claudia-lola
force-pushed
the
network-support
branch
from
35aa5c6 to
a65c68c
Compare
sjpb
requested changes
Jun 3, 2026
| subnet_id: Optional string, openstack subnet ID | ||
| ip_address: Optional string | ||
|
|
||
| interfaces: Optional list - |
Collaborator
There was a problem hiding this comment.
Suggested change
| interfaces: Optional list - | |
| interfaces: Optional list of maps: |
Collaborator
There was a problem hiding this comment.
If this is a list, is it "stable" if you e.g. have 3x interfaces and delete the 2nd? i.e. it only shows the deletion, not a delete/recreate for 3rd? I think it should be if you get the resource key correct, but be nice to have that confirmed
sjpb
changed the title
Co-authored-by: Steve Brasier <33413598+sjpb@users.noreply.github.com>
claudia-lola
force-pushed
the
network-support
branch
from
6320914 to
a949e3f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Improves the definition for the above items to correctly model dependencies and more closely match the current Ansible stackhpc/openstack-config configuration.
Example config: