Add support for ILB as next-hop with tags (GoogleCloudPlatform#5162)

khajduczenia · Oct 12, 2021 · d219b2e · d219b2e
1 parent a7f7b70
commit d219b2e
Show file tree

Hide file tree

Showing 4 changed files with 130 additions and 8 deletions.
diff --git a/mmv1/products/compute/api.yaml b/mmv1/products/compute/api.yaml
@@ -12899,16 +12899,25 @@ objects:
         output: true
         description: |
           URL to a Network that should handle matching packets.
-      - !ruby/object:Api::Type::ResourceRef
+      - !ruby/object:Api::Type::String
         name: 'nextHopIlb'
-        resource: 'ForwardingRule'
-        imports: 'selfLink'
         description: |
-          The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets.
-          You can only specify the forwarding rule as a partial or full URL. For example, the following are all valid URLs:
-          https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
-          regions/region/forwardingRules/forwardingRule
-          Note that this can only be used when the destinationRange is a public (non-RFC 1918) IP CIDR range.
+          The IP address or URL to a forwarding rule of type
+          loadBalancingScheme=INTERNAL that should handle matching
+          packets.
+
+          With the GA provider you can only specify the forwarding
+          rule as a partial or full URL. For example, the following
+          are all valid values:
+          * 10.128.0.56
+          * https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+          * regions/region/forwardingRules/forwardingRule
+
+          When the beta provider, you can also specify the IP address
+          of a forwarding rule from the same VPC or any peered VPC.
+
+          Note that this can only be used when the destinationRange is
+          a public (non-RFC 1918) IP CIDR range.
         input: true
         exactly_one_of:
           - next_hop_gateway

diff --git a/mmv1/products/compute/terraform.yaml b/mmv1/products/compute/terraform.yaml
@@ -2133,6 +2133,17 @@ overrides: !ruby/object:Overrides::ResourceOverrides
           health_check_name: "proxy-health-check"
           backend_name: "compute-backend"
           route_name: "route-ilb"
+      - !ruby/object:Provider::Terraform::Examples
+        name: "route_ilb_vip"
+        primary_resource_id: "route-ilb"
+        min_version: beta
+        vars:
+          producer_name: "producer"
+          consumer_name: "consumer"
+          forwarding_rule_name: "compute-forwarding-rule"
+          health_check_name: "proxy-health-check"
+          backend_name: "compute-backend"
+          route_name: "route-ilb"
     properties:
       name: !ruby/object:Overrides::Terraform::PropertyOverride
         validation: !ruby/object:Provider::Terraform::Validation
@@ -2164,6 +2175,8 @@ overrides: !ruby/object:Overrides::ResourceOverrides
           * `projects/project/zones/zone/instances/instance`
           * `zones/zone/instances/instance`
           * Just the instance name, with the zone in `next_hop_instance_zone`.
+      nextHopIlb: !ruby/object:Overrides::Terraform::PropertyOverride
+        diff_suppress_func: 'compareIpAddressOrSelfLinkOrResourceName'
       tags: !ruby/object:Overrides::Terraform::PropertyOverride
         custom_expand: templates/terraform/custom_expand/set_to_list.erb
         is_set: true

diff --git a/mmv1/templates/terraform/examples/route_ilb_vip.tf.erb b/mmv1/templates/terraform/examples/route_ilb_vip.tf.erb
@@ -0,0 +1,86 @@
+resource "google_compute_network" "producer" {
+  provider                = google-beta
+  name                    = "<%= ctx[:vars]['producer_name'] %>-vpc"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "producer" {
+  provider      = google-beta
+  name          = "<%= ctx[:vars]['producer_name'] %>-subnet"
+  ip_cidr_range = "10.0.1.0/24"
+  region        = "us-central1"
+  network       = google_compute_network.producer.id
+}
+
+resource "google_compute_network" "consumer" {
+  provider                = google-beta
+  name                    = "<%= ctx[:vars]['consumer_name'] %>-vpc"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "consumer" {
+  provider      = google-beta
+  name          = "<%= ctx[:vars]['consumer_name'] %>-subnet"
+  ip_cidr_range = "10.0.2.0/24"
+  region        = "us-central1"
+  network       = google_compute_network.consumer.id
+}
+
+resource "google_compute_network_peering" "peering1" {
+  provider     = google-beta
+  name         = "peering-<%= ctx[:vars]['producer_name'] %>-to-<%= ctx[:vars]['consumer_name'] %>"
+  network      = google_compute_network.consumer.id
+  peer_network = google_compute_network.producer.id
+}
+
+resource "google_compute_network_peering" "peering2" {
+  provider     = google-beta
+  name         = "peering-<%= ctx[:vars]['consumer_name'] %>-to-<%= ctx[:vars]['producer_name'] %>"
+  network      = google_compute_network.producer.id
+  peer_network = google_compute_network.consumer.id
+}
+
+resource "google_compute_health_check" "hc" {
+  provider           = google-beta
+  name               = "<%= ctx[:vars]['health_check_name'] %>"
+  check_interval_sec = 1
+  timeout_sec        = 1
+
+  tcp_health_check {
+    port = "80"
+  }
+}
+
+resource "google_compute_region_backend_service" "backend" {
+  provider      = google-beta
+  name          = "<%= ctx[:vars]['backend_name'] %>"
+  region        = "us-central1"
+  health_checks = [google_compute_health_check.hc.id]
+}
+
+resource "google_compute_forwarding_rule" "default" {
+  provider = google-beta
+  name     = "<%= ctx[:vars]['forwarding_rule_name'] %>"
+  region   = "us-central1"
+
+  load_balancing_scheme = "INTERNAL"
+  backend_service       = google_compute_region_backend_service.backend.id
+  all_ports             = true
+  network               = google_compute_network.producer.name
+  subnetwork            = google_compute_subnetwork.producer.name
+}
+
+resource "google_compute_route" "<%= ctx[:primary_resource_id] %>" {
+  provider     = google-beta
+  name         = "<%= ctx[:vars]['route_name'] %>"
+  dest_range   = "0.0.0.0/0"
+  network      = google_compute_network.consumer.name
+  next_hop_ilb = google_compute_forwarding_rule.default.ip_address
+  priority     = 2000
+  tags         = ["tag1", "tag2"]
+
+  depends_on = [
+    google_compute_network_peering.peering1,
+    google_compute_network_peering.peering2
+  ]
+}
diff --git a/mmv1/third_party/terraform/utils/common_diff_suppress.go.erb b/mmv1/third_party/terraform/utils/common_diff_suppress.go.erb
@@ -6,6 +6,7 @@ package google
 import (
 	"crypto/sha256"
 	"encoding/hex"
+	"net"
 	"strings"
 	"time"
 
@@ -179,3 +180,16 @@ func durationDiffSuppress(k, old, new string, d *schema.ResourceData) bool {
 	}
 	return oDuration == nDuration
 }
+
+// Use this method when the field accepts either an IP address or a
+// self_link referencing a resource (such as google_compute_route's
+// next_hop_ilb)
+func compareIpAddressOrSelfLinkOrResourceName(_, old, new string, _ *schema.ResourceData) bool {
+	// if we can parse `new` as an IP address, then compare as strings
+	if net.ParseIP(new) != nil {
+		return new == old
+	}
+
+	// otherwise compare as self links
+	return compareSelfLinkOrResourceName("", old, new, nil)
+}