{"id":35182787,"url":"https://github.com/hops-ops/configuration-aws-ipv4-network-allocation","last_synced_at":"2026-04-06T00:02:00.519Z","repository":{"id":330353663,"uuid":"1122499443","full_name":"hops-ops/configuration-aws-ipv4-network-allocation","owner":"hops-ops","description":"Interfaces with IPAM to create allocations for a Network to use","archived":false,"fork":false,"pushed_at":"2026-02-25T07:48:54.000Z","size":105,"stargazers_count":0,"open_issues_count":3,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-25T12:43:59.502Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"KCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hops-ops.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2025-12-24T21:48:46.000Z","updated_at":"2026-01-19T09:12:12.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/hops-ops/configuration-aws-ipv4-network-allocation","commit_stats":null,"previous_names":["hops-ops/configuration-aws-ipv4-network-allocation"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/hops-ops/configuration-aws-ipv4-network-allocation","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hops-ops%2Fconfiguration-aws-ipv4-network-allocation","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hops-ops%2Fconfiguration-aws-ipv4-network-allocation/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hops-ops%2Fconfiguration-aws-ipv4-network-allocation/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hops-ops%2Fconfiguration-aws-ipv4-network-allocation/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hops-ops","download_url":"https://codeload.github.com/hops-ops/configuration-aws-ipv4-network-allocation/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hops-ops%2Fconfiguration-aws-ipv4-network-allocation/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31454200,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-05T21:22:52.476Z","status":"ssl_error","status_checked_at":"2026-04-05T21:22:51.943Z","response_time":75,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-12-29T03:59:48.822Z","updated_at":"2026-04-06T00:02:00.513Z","avatar_url":"https://github.com/hops-ops.png","language":"KCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# aws-ipv4-network-allocation\n\nCrossplane configuration that bridges IPAM and Network by creating per-network IPAM pools and reserving IPv4 CIDRs via `VPCIpamPoolCidrAllocation`. Exposes allocated CIDRs in status for downstream Network configurations to consume.\n\n## Overview\n\nThis configuration implements the IPv4 allocation layer in the four-entity networking model:\n\n```\naws-ipam (global pools)\n    └── aws-ipv4-network-allocation (per-network pools + allocations)\n            └── aws-network (VPC + subnets using allocated CIDRs)\n```\n\n## Pool Hierarchy\n\nThe configuration creates a hierarchy of IPAM pools:\n\n```\nRegional Pool (from aws-ipam)\n└── VPC Pool (/16 default)\n    └── Subnet Pool (same CIDR as VPC)\n        ├── Private Allocations per AZ (/20 default)\n        └── Public Allocations per AZ (/24 default)\n```\n\n## Usage\n\n### Minimal Example\n\n```yaml\napiVersion: aws.hops.ops.com.ai/v1alpha1\nkind: IPv4NetworkAllocation\nmetadata:\n  name: prod-east\n  namespace: infra\nspec:\n  # Required: regional pool ID from aws-ipam status\n  regionalPoolId: ipam-pool-0123456789abcdef0\n  # Required: IPAM scope ID from aws-ipam status.ipam.privateDefaultScopeId\n  scopeId: ipam-scope-0123456789abcdef0\n```\n\nUses defaults:\n- VPC netmask: /16\n- Private subnets: /20 in AZs a, b, c\n- Public subnets: /24 in AZs a, b, c\n\n### Standard Example\n\n```yaml\napiVersion: aws.hops.ops.com.ai/v1alpha1\nkind: IPv4NetworkAllocation\nmetadata:\n  name: prod-east\n  namespace: infra\nspec:\n  regionalPoolId: ipam-pool-0123456789abcdef0\n  scopeId: ipam-scope-0123456789abcdef0\n\n  providerConfigRef:\n    name: default\n\n  aws:\n    region: us-east-1\n\n  vpc:\n    netmaskLength: 16\n\n  subnets:\n    availabilityZones:\n    - a\n    - b\n    - c\n    public:\n      netmaskLength: 24\n    private:\n      netmaskLength: 20\n```\n\n### Custom Sizes Example\n\n```yaml\napiVersion: aws.hops.ops.com.ai/v1alpha1\nkind: IPv4NetworkAllocation\nmetadata:\n  name: dev-west\n  namespace: infra\nspec:\n  regionalPoolId: ipam-pool-0123456789abcdef0\n  scopeId: ipam-scope-0123456789abcdef0\n\n  providerConfigRef:\n    name: default\n\n  aws:\n    region: us-west-2\n\n  # Smaller VPC for dev\n  vpc:\n    netmaskLength: 20\n\n  # Only 2 AZs, smaller subnets\n  subnets:\n    availabilityZones:\n    - a\n    - b\n    public:\n      netmaskLength: 24\n    private:\n      netmaskLength: 22\n```\n\n## Status\n\nOnce all allocations are ready, the status exposes:\n\n```yaml\nstatus:\n  ready: true\n  cidr: \"10.0.0.0/16\"\n  vpcPoolId: \"ipam-pool-vpc-12345\"\n  subnetPoolId: \"ipam-pool-subnet-12345\"\n  subnets:\n    private-a: \"10.0.0.0/20\"\n    private-b: \"10.0.16.0/20\"\n    private-c: \"10.0.32.0/20\"\n    public-a: \"10.0.48.0/24\"\n    public-b: \"10.0.49.0/24\"\n    public-c: \"10.0.50.0/24\"\n```\n\n## Spec Reference\n\n| Field | Type | Default | Description |\n|-------|------|---------|-------------|\n| `regionalPoolId` | string | (required) | ID of the regional IPAM pool to allocate from |\n| `scopeId` | string | (required) | IPAM scope ID for creating child pools |\n| `providerConfigRef.name` | string | `\"default\"` | AWS ProviderConfig name |\n| `providerConfigRef.kind` | string | `\"ProviderConfig\"` | ProviderConfig kind |\n| `aws.region` | string | `\"us-east-1\"` | AWS region |\n| `aws.locale` | string | (unset) | AWS locale for CIDR allocation restriction |\n| `aws.tags` | object | `{}` | Additional tags merged with defaults |\n| `vpc.netmaskLength` | integer | `16` | VPC CIDR netmask (8-28) |\n| `subnets.availabilityZones` | []string | `[\"a\", \"b\", \"c\"]` | AZ suffixes |\n| `subnets.public.enabled` | boolean | `true` | Whether to create public subnets |\n| `subnets.public.netmaskLength` | integer | `24` | Public subnet netmask (20-24) |\n| `subnets.private.enabled` | boolean | `true` | Whether to create private subnets |\n| `subnets.private.netmaskLength` | integer | `20` | Private subnet netmask (20-24) |\n| `managementPolicies` | []string | `[\"*\"]` | Crossplane management policies |\n\n## Observed-State Gating\n\nThe composition uses observed-state gating to create resources in stages:\n\n1. **Stage 1**: VPC pool + CIDR (always created)\n2. **Stage 2**: Subnet pool + CIDR (after VPC pool ready)\n3. **Stage 3**: Subnet allocations (after subnet pool ready)\n\nThis prevents premature resource creation and ensures CIDRs are properly allocated before dependent resources reference them.\n\n## Development\n\n```bash\n# Render examples\nmake render:all\n\n# Validate examples\nmake validate:all\n\n# Run unit tests\nmake test\n\n# Run E2E tests (requires AWS credentials)\nmake e2e\n```\n\n## Testing\n\n### Unit Tests\n\nLocated in `tests/test-render/`, these test:\n- Minimal example with defaults\n- Standard example with explicit values\n- Multi-step reconciliation with observed resources\n- Status output with allocated CIDRs\n\n### E2E Tests\n\nLocated in `tests/e2etest-ipv4networkallocations/`. Prerequisites:\n1. Run `aws-ipam` E2E test first to create persistent IPAM\n2. Copy AWS credentials to `tests/e2etest-ipv4networkallocations/secrets/aws-creds`\n3. Update `_regional_pool_id` in `main.k` with your pool ID\n\n## Dependencies\n\n- Requires `aws-ipam` to create regional pools\n- Used by `aws-network` for VPC/subnet CIDRs\n- Part of `aws-globalnetwork` orchestration\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhops-ops%2Fconfiguration-aws-ipv4-network-allocation","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhops-ops%2Fconfiguration-aws-ipv4-network-allocation","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhops-ops%2Fconfiguration-aws-ipv4-network-allocation/lists"}