[#11206] Add BGP Peer Router Appliance instance argument

GoogleCloudPlatform · Nov 28, 2022 · e999e91 · e999e91
1 parent 19073c2
commit e999e91
Show file tree

Hide file tree

Showing 4 changed files with 198 additions and 0 deletions.
diff --git a/mmv1/products/compute/api.yaml b/mmv1/products/compute/api.yaml
@@ -14398,6 +14398,15 @@ objects:
           If set to true, the peer connection can be established with routing information.
           The default is true.
         default_value: true
+      - !ruby/object:Api::Type::ResourceRef
+        name: 'routerApplianceInstance'
+        resource: 'Instance'
+        imports: 'selfLink'
+        description: |
+          The URI of the VM instance that is used as third-party router appliances
+          such as Next Gen Firewalls, Virtual Routers, or Router Appliances.
+          The VM instance must be located in zones contained in the same region as
+          this Cloud Router. The VM instance is the peer side of the BGP session.
   - !ruby/object:Api::Resource
     name: 'SecurityPolicy'
     kind: 'compute#securityPolicy'

diff --git a/mmv1/products/compute/terraform.yaml b/mmv1/products/compute/terraform.yaml
@@ -2698,6 +2698,13 @@ overrides: !ruby/object:Overrides::ResourceOverrides
         vars:
           router_name: "my-router"
           peer_name: "my-router-peer"
+      - !ruby/object:Provider::Terraform::Examples
+        name: "router_peer_router_appliance"
+        primary_resource_id: "peer"
+        skip_test: true
+        vars:
+          router_name: "my-router"
+          peer_name: "my-router-peer"
     properties:
       advertiseMode: !ruby/object:Overrides::Terraform::PropertyOverride
         custom_flatten: 'templates/terraform/custom_flatten/default_if_empty.erb'
@@ -2721,6 +2728,7 @@ overrides: !ruby/object:Overrides::ResourceOverrides
         send_empty_value: true
       ipAddress: !ruby/object:Overrides::Terraform::PropertyOverride
         default_from_api: true
+      routerApplianceInstance: !ruby/object:Overrides::Terraform::PropertyOverride
   SecurityPolicy: !ruby/object:Overrides::Terraform::ResourceOverride
     exclude: true
   ServiceAttachment: !ruby/object:Overrides::Terraform::ResourceOverride

diff --git a/mmv1/templates/terraform/examples/router_peer_router_appliance.tf.erb b/mmv1/templates/terraform/examples/router_peer_router_appliance.tf.erb
@@ -0,0 +1,49 @@
+resource "google_compute_address" "address" {
+  name         = "address"
+  region       = google_compute_subnetwork.foobar.region
+  subnetwork   = google_compute_subnetwork.foobar.id
+  address_type = "INTERNAL"
+}
+
+resource "google_compute_router_interface" "foobar" {
+  name                = "<%= ctx[:vars]['router_name'] %>-intf"
+  redundant_interface = google_compute_router_interface.foobar_redundant.name
+  region              = google_compute_router.foobar.region
+  router              = google_compute_router.foobar.name
+  subnetwork          = google_compute_subnetwork.foobar.self_link
+}
+
+resource "google_compute_router_interface" "intf_redundant" {
+  name       = "<%= ctx[:vars]['router_name'] %>-intf-redundant"
+  region     = google_compute_router.foobar.region
+  router     = google_compute_router.foobar.name
+  subnetwork = google_compute_subnetwork.foobar.self_link
+}
+
+resource "google_compute_router_peer" "peer" {
+  name                      = "<%= ctx[:vars]['peer_name'] %>"
+  router                    = "<%= ctx[:vars]['router_name'] %>"
+  region                    = "us-central1"
+  peer_ip_address           = google_compute_address.address.address
+  peer_asn                  = 65513
+  interface                 = google_compute_router_interface.intf_redundant.name
+  router_appliance_instance = google_compute_instance.router_appliance_instance.self_link
+}
+
+resource "google_compute_instance" {
+  name           = "router-appliance"
+  zone           = "us-central1-a"
+  machine_type   = "e2-medium"
+  can_ip_forward = true
+
+  boot_disk {
+    initialize_params {
+      image = "debian-cloud/debian-11"
+    }
+  }
+
+  network_interface {
+    network_ip = google_compute_address.foobar.address
+    subnetwork = google_compute_subnetwork.foobar.self_link
+  }
+}
diff --git a/mmv1/third_party/terraform/tests/resource_compute_router_bgp_peer_test.go b/mmv1/third_party/terraform/tests/resource_compute_router_bgp_peer_test.go
@@ -155,6 +155,29 @@ func TestAccComputeRouterPeer_bfd(t *testing.T) {
 	})
 }
 
+func TestAccComputeRouterPeer_routerApplianceInstance(t *testing.T) {
+	t.Parallel()
+
+	routerName := fmt.Sprintf("tf-test-router-%s", randString(t, 10))
+	vcrTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckComputeRouterPeerDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccComputeRouterPeerRouterApplianceInstance(routerName),
+				Check: testAccCheckComputeRouterPeerExists(
+					t, "google_compute_router_peer.foobar"),
+			},
+			{
+				ResourceName:      "google_compute_router_peer.foobar",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func testAccCheckComputeRouterPeerDestroyProducer(t *testing.T) func(s *terraform.State) error {
 	return func(s *terraform.State) error {
 		config := googleProviderConfig(t)
@@ -493,6 +516,115 @@ resource "google_compute_router_peer" "foobar" {
 `, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName)
 }
 
+func testAccComputeRouterPeerRouterApplianceInstance(routerName string) string {
+	return fmt.Sprintf(`
+resource "google_compute_network" "foobar" {
+  name = "%s-net"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "foobar" {
+  name          = "%s-sub"
+  network       = google_compute_network.foobar.self_link
+  ip_cidr_range = "10.0.0.0/16"
+  region        = "us-central1"
+}
+
+resource "google_compute_address" "addr_intf" {
+  name  			 = "%s-addr-intf"
+  region 			 = google_compute_subnetwork.foobar.region
+  subnetwork   = google_compute_subnetwork.foobar.id
+  address_type = "INTERNAL"
+}
+
+resource "google_compute_address" "addr_intf_red" {
+  name  			 = "%s-addr-intf-red"
+  region 			 = google_compute_subnetwork.foobar.region
+  subnetwork   = google_compute_subnetwork.foobar.id
+  address_type = "INTERNAL"
+}
+
+resource "google_compute_address" "addr_peer" {
+  name  			 = "%s-addr-peer"
+  region 			 = google_compute_subnetwork.foobar.region
+  subnetwork   = google_compute_subnetwork.foobar.id
+  address_type = "INTERNAL"
+}
+
+resource "google_compute_instance" "foobar" {
+  name           = "%s-vm"
+  machine_type   = "e2-medium"
+  zone           = "us-central1-a"
+  can_ip_forward = true
+
+  boot_disk {
+    initialize_params {
+      image = "debian-cloud/debian-11"
+    }
+  }
+
+  network_interface {
+  	network_ip = google_compute_address.addr_peer.address
+    subnetwork = google_compute_subnetwork.foobar.self_link
+  }
+}
+
+resource "google_network_connectivity_hub" "foobar" {
+  name    = "%s-hub"
+}
+
+resource "google_network_connectivity_spoke" "foobar" {
+  name     = "%s-spoke"
+  location = google_compute_subnetwork.foobar.region
+  hub      =  google_network_connectivity_hub.foobar.id
+
+  linked_router_appliance_instances {
+    instances {
+      virtual_machine = google_compute_instance.foobar.self_link
+      ip_address      = google_compute_address.addr_peer.address
+    }
+    site_to_site_data_transfer = false
+  }
+}
+
+resource "google_compute_router" "foobar" {
+  name    = "%s-ra"
+  region  = google_compute_subnetwork.foobar.region
+  network = google_compute_network.foobar.self_link
+  bgp {
+    asn = 64514
+  }
+}
+
+resource "google_compute_router_interface" "foobar" {
+  name                = "%s-intf"
+  region              = google_compute_router.foobar.region
+  router              = google_compute_router.foobar.name
+  subnetwork          = google_compute_subnetwork.foobar.self_link
+  private_ip_address  = google_compute_address.addr_intf.address
+  redundant_interface = google_compute_router_interface.foobar_redundant.name
+}
+
+resource "google_compute_router_interface" "foobar_redundant" {
+  name      				 = "%s-intf-red"
+  region   	 			   = google_compute_router.foobar.region
+  router     				 = google_compute_router.foobar.name
+  subnetwork         = google_compute_subnetwork.foobar.self_link
+  private_ip_address = google_compute_address.addr_intf_red.address
+}
+
+resource "google_compute_router_peer" "foobar" {
+  name                      = "%s-peer"
+  router                    = google_compute_router.foobar.name
+  region                    = google_compute_router.foobar.region
+  peer_ip_address           = google_compute_address.addr_peer.address
+  peer_asn                  = 65515
+  interface                 = google_compute_router_interface.foobar_redundant.name
+  router_appliance_instance = google_compute_instance.foobar.self_link
+}
+`, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName, routerName)
+}
+
 func testAccComputeRouterPeerAdvertiseModeUpdate(routerName string) string {
 	return fmt.Sprintf(`
 resource "google_compute_network" "foobar" {