Abstraction for clustered networks in Terraform provider

1

Hi! I’m setting up a cluster of five nodes, and I am interested in managing various config aspects with the terraform provider (using OpenTofu).

We connect a number of VLANs to the cluster, so I was researching options to create an abstraction to make the code less verbose and repetitive.

The following is based on the Cluster example in the Terraform documentation.

locals {
  # Create a datastructure to hold networks
  networks = [
    {
      name = "example-vlan2000"
      description = "foobar"
      port = "vlan2000"
    }
  ]
}

# Create each network on all nodes
resource "incus_network" "incus1-networks" {
  for_each = { for value in local.networks : "incus1-${value.name}" => value }
  name   = each.value.name
  target = "incus1.example.com"

  config = {
    "bridge.external_interfaces" = each.value.port
  }
}

resource "incus_network" "incus2-networks" {
  for_each = { for value in local.networks : "incus2-${value.name}" => value }
  name   = each.value.name
  target = "incus2.example.com"

  config = {
    "bridge.external_interfaces" = each.value.port
  }
}

resource "incus_network" "incus3-networks" {
  for_each = { for value in local.networks : "incus3-${value.name}" => value }
  name   = each.value.name
  target = "incus3.example.com"

  config = {
    "bridge.external_interfaces" = each.value.port
  }
}

# Finish the clusterwide network
resource "incus_network" "incus-cluster-network" {
  for_each = { for value in local.networks : value.name => value }

  depends_on = [
    # TODO: These references cannot be generated code apparently
    incus_network.incus1-momus-vlan2000,
    incus_network.incus2-momus-vlan2000,
    incus_network.incus3-momus-vlan2000,
  ]

  project = incus_project.example.name
  type = "bridge"
  name = each.value.name
  description = each.value.description
}

The problem is with depends_on, which apparently cannot have generated values:

A single static variable reference is required: only attribute access and indexing with constant keys. No calculations, function calls, template expressions, etc are allowed here.

Additionally, the Terraform documentation describes depends_on as an option of “last resort”, which doesn’t improve my confidence in the current dependency resolution.

You should use depends_on as a last resort because it can cause Terraform to create more conservative plans that replace more resources than necessary.

I’ve started looking at wrappers like TerraNix, which can apparently template references, but ideally I could get this done with native hcl.

Any ideas?