Let’s cook NAT Gateway in OCI!

Let’s cook something today, ok? I am not sure if you have had a chance to read this blog with a tutorial for automation of NAT instance deployment in OCI with Terraform utility? This blog post is just great, but seems to be a little bit outdated. The same I can say about this whitepaper. Why? Because now in Terraform OCI Provider you can use NAT Gateway without dedicated VM for NAT purposes. Now in OCI, you can build NAT Gateway. Let’s call it an attribute of your VCN. Here is Terraform code snippet for this purpose:

resource "oci_core_nat_gateway" "FoggyKitchenNatGateway" {
  compartment_id = "${var.compartment_ocid}"
  display_name = "Foggy Kitchen NAT Gateway" 
  vcn_id = "${oci_core_virtual_network.FoggyKitchenVCN.id}"
}

Of course, it is not enough. You have your VMs in private subnet and this private subnet will require route table which will embrace brand new NAT gateway:

resource "oci_core_route_table" "FoggyKitchenPrivateRouteTable1" {
  compartment_id = "${var.compartment_ocid}"
  vcn_id = "${oci_core_virtual_network.FoggyKitchenVCN.id}"
  display_name = "Foggy Kitchen Private Route Table"
  route_rules {
    destination = "0.0.0.0/0"
    destination_type  = "CIDR_BLOCK"
    network_entity_id = "${oci_core_nat_gateway.FoggyKitchenNatGateway.id}"
  }
}

And here is private subnet definition:

resource "oci_core_subnet" "FoggyKitchenPrivateSubnet1" {
  availability_domain = "${var.ADs[0]}"
  cidr_block = "10.0.1.0/24"
  display_name = "Foggy Kitchen Private Subnet1"
  dns_label = "fkprivsub1"
  compartment_id = "${var.compartment_ocid}"
  vcn_id = "${oci_core_virtual_network.FoggyKitchenVCN.id}"
  route_table_id = "${oci_core_route_table.FoggyKitchenPrivateRouteTable1.id}"
  dhcp_options_id = "${oci_core_dhcp_options.FoggyKitchenDhcpOptions1.id}"
  security_list_ids = ["${oci_core_security_list.FoggyKitchenPrivateSSHSecurityList.id}"]
  prohibit_public_ip_on_vnic = "true"
}

Hope you will find it interesting, my dear Master Chef!  In case of the other features of NAT Gateway, please take a look into OCI docs here. If you need to know more in case of Terraform OCI Provider and NAT Gateway support I suggest this link.

Bon Appetit!

Martin.

PS. Here are screenshots from Cloud UI after my Terraform code execution:

Pic1. NAT Gateway

My_NAT_Gateway

Pic2. Route table supporting NAT Gateway traffic

Route_Table_for_NAT_Gateway

2 thoughts on “Let’s cook NAT Gateway in OCI!

Leave a Reply