Create Virtual Cloud Network Resources

Virtual cloud network resources manage traffic between users and the resources in each compartment.

About Virtual Cloud Network Resources

Virtual cloud network (VCN) resources provide virtual versions of traditional network components.

You can define subnets (private and public IP addresses) within each VCN. You'll leverage two services to manage network traffic.

Description of the illustration vcn_arch.png

• The internet gateway service is the single point of contact between the internet and resources on the public subnet. In the event of a network security issue, such as a distributed denial of service (DDoS) attack, stopping this service halts all traffic to the tenancy.
• The network address translation (NAT) service provides an outbound only service for resources on private subnets. For example, a virtual machine in a private subnet can make a request to download patches through the NAT service.

Define the Virtual Cloud Network Variables

Create the virtual cloud network module configuration files that define the VCN resources.

1. Change directories to the vcn folder.
2. Create a text file named vcn.tfand copy the following code into the file.

   resource "oci_core_virtual_network" "base_vcn" {
     "cidr_block"   = "${var.vcn_cidr}"
     compartment_id = "${var.compartment_ocid}"
     display_name   = "${var.app_tag}_${var.environment}_vcn"
     dns_label      = "${lower(format("%s", var.app_tag))}"
   }
   
   resource "oci_core_internet_gateway" "base_ig" {
     compartment_id = "${var.compartment_ocid}"
     display_name   = "${var.app_tag}_${var.environment}_internetgateway"
     vcn_id         = "${oci_core_virtual_network.base_vcn.id}"
   }
   
   resource "oci_core_nat_gateway" "nat_gateway" {
     compartment_id = "${var.compartment_ocid}"
     vcn_id         = "${oci_core_virtual_network.base_vcn.id}"
     display_name   = "${var.app_tag}_${var.environment}_nat_gateway"
   }
   

Build the Virtual Cloud Network Configuration

Create the Terraform configuration files to define variables passed from the root file to the vcn module and to report data to the Terraform user.

1. In the vcn folder, create a text file named variables.tf and copy the following code into the file.

   variable "tenancy_ocid" {}
   
   variable "compartment_ocid" {}
   
   # Used in naming the resources.
   variable "app_tag" {}
   
   # Used in naming the resources.
   variable "environment" {}
   
   variable "vcn_cidr" {}
   

2. Create a file named vcn_output.tf and copy the following code into the file.

   "output" "vcnid" {
     "value" = "${oci_core_virtual_network.base_vcn.id}"
   }
   
   "output" "default_dhcp_id" {
     "value" = "${oci_core_virtual_network.base_vcn.default_dhcp_options_id}"
   }
   
   "output" "internet_gateway_id" {
     "value" = "${oci_core_internet_gateway.base_ig.id}"
   }
   
   "output" "nat_gateway_id" {
     value = "${oci_core_nat_gateway.nat_gateway.id}"
   }