From d219b2e41097aef325e9ccbed07dcddf48a043bb Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 9 Sep 2021 19:57:52 +0200 Subject: [PATCH] Add support for ILB as next-hop with tags (#5162) --- mmv1/products/compute/api.yaml | 25 ++++-- mmv1/products/compute/terraform.yaml | 13 +++ .../terraform/examples/route_ilb_vip.tf.erb | 86 +++++++++++++++++++ .../utils/common_diff_suppress.go.erb | 14 +++ 4 files changed, 130 insertions(+), 8 deletions(-) create mode 100644 mmv1/templates/terraform/examples/route_ilb_vip.tf.erb diff --git a/mmv1/products/compute/api.yaml b/mmv1/products/compute/api.yaml index 8c18efde05a4..e0720f4c1163 100644 --- a/mmv1/products/compute/api.yaml +++ b/mmv1/products/compute/api.yaml @@ -12899,16 +12899,25 @@ objects: output: true description: | URL to a Network that should handle matching packets. - - !ruby/object:Api::Type::ResourceRef + - !ruby/object:Api::Type::String name: 'nextHopIlb' - resource: 'ForwardingRule' - imports: 'selfLink' description: | - The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets. - You can only specify the forwarding rule as a partial or full URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule - Note that this can only be used when the destinationRange is a public (non-RFC 1918) IP CIDR range. + The IP address or URL to a forwarding rule of type + loadBalancingScheme=INTERNAL that should handle matching + packets. + + With the GA provider you can only specify the forwarding + rule as a partial or full URL. For example, the following + are all valid values: + * 10.128.0.56 + * https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule + * regions/region/forwardingRules/forwardingRule + + When the beta provider, you can also specify the IP address + of a forwarding rule from the same VPC or any peered VPC. + + Note that this can only be used when the destinationRange is + a public (non-RFC 1918) IP CIDR range. input: true exactly_one_of: - next_hop_gateway diff --git a/mmv1/products/compute/terraform.yaml b/mmv1/products/compute/terraform.yaml index 309f42fbb2cf..771986c8e782 100644 --- a/mmv1/products/compute/terraform.yaml +++ b/mmv1/products/compute/terraform.yaml @@ -2133,6 +2133,17 @@ overrides: !ruby/object:Overrides::ResourceOverrides health_check_name: "proxy-health-check" backend_name: "compute-backend" route_name: "route-ilb" + - !ruby/object:Provider::Terraform::Examples + name: "route_ilb_vip" + primary_resource_id: "route-ilb" + min_version: beta + vars: + producer_name: "producer" + consumer_name: "consumer" + forwarding_rule_name: "compute-forwarding-rule" + health_check_name: "proxy-health-check" + backend_name: "compute-backend" + route_name: "route-ilb" properties: name: !ruby/object:Overrides::Terraform::PropertyOverride validation: !ruby/object:Provider::Terraform::Validation @@ -2164,6 +2175,8 @@ overrides: !ruby/object:Overrides::ResourceOverrides * `projects/project/zones/zone/instances/instance` * `zones/zone/instances/instance` * Just the instance name, with the zone in `next_hop_instance_zone`. + nextHopIlb: !ruby/object:Overrides::Terraform::PropertyOverride + diff_suppress_func: 'compareIpAddressOrSelfLinkOrResourceName' tags: !ruby/object:Overrides::Terraform::PropertyOverride custom_expand: templates/terraform/custom_expand/set_to_list.erb is_set: true diff --git a/mmv1/templates/terraform/examples/route_ilb_vip.tf.erb b/mmv1/templates/terraform/examples/route_ilb_vip.tf.erb new file mode 100644 index 000000000000..7b9bc7d265a6 --- /dev/null +++ b/mmv1/templates/terraform/examples/route_ilb_vip.tf.erb @@ -0,0 +1,86 @@ +resource "google_compute_network" "producer" { + provider = google-beta + name = "<%= ctx[:vars]['producer_name'] %>-vpc" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "producer" { + provider = google-beta + name = "<%= ctx[:vars]['producer_name'] %>-subnet" + ip_cidr_range = "10.0.1.0/24" + region = "us-central1" + network = google_compute_network.producer.id +} + +resource "google_compute_network" "consumer" { + provider = google-beta + name = "<%= ctx[:vars]['consumer_name'] %>-vpc" + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "consumer" { + provider = google-beta + name = "<%= ctx[:vars]['consumer_name'] %>-subnet" + ip_cidr_range = "10.0.2.0/24" + region = "us-central1" + network = google_compute_network.consumer.id +} + +resource "google_compute_network_peering" "peering1" { + provider = google-beta + name = "peering-<%= ctx[:vars]['producer_name'] %>-to-<%= ctx[:vars]['consumer_name'] %>" + network = google_compute_network.consumer.id + peer_network = google_compute_network.producer.id +} + +resource "google_compute_network_peering" "peering2" { + provider = google-beta + name = "peering-<%= ctx[:vars]['consumer_name'] %>-to-<%= ctx[:vars]['producer_name'] %>" + network = google_compute_network.producer.id + peer_network = google_compute_network.consumer.id +} + +resource "google_compute_health_check" "hc" { + provider = google-beta + name = "<%= ctx[:vars]['health_check_name'] %>" + check_interval_sec = 1 + timeout_sec = 1 + + tcp_health_check { + port = "80" + } +} + +resource "google_compute_region_backend_service" "backend" { + provider = google-beta + name = "<%= ctx[:vars]['backend_name'] %>" + region = "us-central1" + health_checks = [google_compute_health_check.hc.id] +} + +resource "google_compute_forwarding_rule" "default" { + provider = google-beta + name = "<%= ctx[:vars]['forwarding_rule_name'] %>" + region = "us-central1" + + load_balancing_scheme = "INTERNAL" + backend_service = google_compute_region_backend_service.backend.id + all_ports = true + network = google_compute_network.producer.name + subnetwork = google_compute_subnetwork.producer.name +} + +resource "google_compute_route" "<%= ctx[:primary_resource_id] %>" { + provider = google-beta + name = "<%= ctx[:vars]['route_name'] %>" + dest_range = "0.0.0.0/0" + network = google_compute_network.consumer.name + next_hop_ilb = google_compute_forwarding_rule.default.ip_address + priority = 2000 + tags = ["tag1", "tag2"] + + depends_on = [ + google_compute_network_peering.peering1, + google_compute_network_peering.peering2 + ] +} diff --git a/mmv1/third_party/terraform/utils/common_diff_suppress.go.erb b/mmv1/third_party/terraform/utils/common_diff_suppress.go.erb index 87c5c53787f7..0a3e69ed433c 100644 --- a/mmv1/third_party/terraform/utils/common_diff_suppress.go.erb +++ b/mmv1/third_party/terraform/utils/common_diff_suppress.go.erb @@ -6,6 +6,7 @@ package google import ( "crypto/sha256" "encoding/hex" + "net" "strings" "time" @@ -179,3 +180,16 @@ func durationDiffSuppress(k, old, new string, d *schema.ResourceData) bool { } return oDuration == nDuration } + +// Use this method when the field accepts either an IP address or a +// self_link referencing a resource (such as google_compute_route's +// next_hop_ilb) +func compareIpAddressOrSelfLinkOrResourceName(_, old, new string, _ *schema.ResourceData) bool { + // if we can parse `new` as an IP address, then compare as strings + if net.ParseIP(new) != nil { + return new == old + } + + // otherwise compare as self links + return compareSelfLinkOrResourceName("", old, new, nil) +}