Don't create router to external network when BYO subnet is set

It may not be possible to set a router to the external network, or may
not be necessary, depending on how the customer chooses to route their traffic.
Since it is very hard to contextually deduce what external routing
scheme the customer wants to set up, it is preferrable to just not
attempt to automate anything for them, and let them customize it themselves.

data/data/openstack/topology/private-network.tf

@@ -2,6 +2,7 @@ locals {
   nodes_cidr_block = var.cidr_block
   nodes_subnet_id  = var.machines_subnet_id != "" ? var.machines_subnet_id : openstack_networking_subnet_v2.nodes[0].id
   nodes_network_id = var.machines_network_id != "" ? var.machines_network_id : openstack_networking_network_v2.openshift-private[0].id
+  create_router    = var.machines_subnet_id != "" ? 0 : 1
 }
 
 data "openstack_networking_network_v2" "external_network" {
@@ -127,10 +128,10 @@ resource "openstack_networking_floatingip_associate_v2" "api_fip" {
   count       = length(var.lb_floating_ip) == 0 ? 0 : 1
   port_id     = openstack_networking_port_v2.api_port.id
   floating_ip = var.lb_floating_ip
-  depends_on  = [openstack_networking_router_interface_v2.nodes_router_interface]
 }
 
 resource "openstack_networking_router_v2" "openshift-external-router" {
+  count               = local.create_router
   name                = "${var.cluster_id}-external-router"
   admin_state_up      = true
   external_network_id = data.openstack_networking_network_v2.external_network.id
@@ -138,6 +139,7 @@ resource "openstack_networking_router_v2" "openshift-external-router" {
 }
 
 resource "openstack_networking_router_interface_v2" "nodes_router_interface" {
-  router_id = openstack_networking_router_v2.openshift-external-router.id
+  count     = local.create_router
+  router_id = openstack_networking_router_v2.openshift-external-router[0].id
   subnet_id = local.nodes_subnet_id
 }

docs/user/openstack/customization.md

@@ -28,7 +28,7 @@ Beyond the [platform-agnostic `install-config.yaml` properties](../customization
 * `clusterOSImage` (optional string): Either a URL with `http(s)` or `file` scheme to override the default OS image for cluster nodes or an existing Glance image name.
 * `apiVIP` (optional string): An IP addresss on the machineNetwork that will be assigned to the API VIP. Be aware that the `10` and `11` of the machineNetwork will be taken by neutron dhcp by default, and wont be available.
 * `ingressVIP` (optional string): An IP address on the machineNetwork that will be assigned to the ingress VIP. Be aware that the `10` and `11` of the machineNetwork will be taken by neutron dhcp by default, and wont be available.
-* `machinesSubnet` (optional string): the UUID of an openstack subnet to install the nodes of the cluster onto. The first CIDR in `networks.machineNetwork` must match the cidr of the `machinesSubnet`. Also note that setting `externalDNS` while setting `machinesSubnet` is invalid usage. If you want to add a DNS to your cluster while using a custom subnet, add it to the subnet in openstack [like this](https://docs.openstack.org/neutron/rocky/admin/config-dns-res.html).
+* `machinesSubnet` (optional string): the UUID of an openstack subnet to install the nodes of the cluster onto. The first CIDR in `networks.machineNetwork` must match the cidr of the `machinesSubnet`. In order to support more complex networking configurations, we expect the subnet passed to already be connected to an external network in some way. When this option is set, we will no longer attempt to create a router. Also note that setting `externalDNS` while setting `machinesSubnet` is invalid usage. If you want to add a DNS to your cluster while using a custom subnet, add it to the subnet in openstack [like this](https://docs.openstack.org/neutron/rocky/admin/config-dns-res.html). 
 
 ## Machine pools