vmware · spacegospod · Jan 30, 2024 · Jan 23, 2024
diff --git a/docs/resources/cluster.md b/docs/resources/cluster.md
@@ -42,6 +42,7 @@ The following data is prerequisite for creation:
   * Evaluate if you want to have pNICs on multiple vSphere Distributed Switches in the NSX-T domain. At least two pNICs are needed on a single switch.
 
 **Note:** If you expand/contract a Cluster be sure to first remove the cluster ref under the cluster, apply the plan and then remove the commissioned host resource.
+**Note:** Do not attempt to add and remove hosts in a single configuration change. Apply each change separately.
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

diff --git a/docs/resources/edge_cluster.md b/docs/resources/edge_cluster.md
@@ -0,0 +1,128 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "vcf_edge_cluster Resource - terraform-provider-vcf"
+subcategory: ""
+description: |-
+
+---
+
+# vcf_edge_cluster (Resource)
+
+
+Prerequisites for creating an NSX edge cluster
+* The following conditions must be met:
+    * Separate VLANs must be available for Host TEP VLAN and Edge TEP VLAN use
+    * Host TEP VLAN and Edge TEP VLAN need to be routed
+    * If dynamic routing is desired, two BGP peers (on TORs or infra ESG) with an interface IP, ASN and BGP password are required
+    * An ASN has to be reserved for the NSX Edge cluster's Tier-0 interfaces
+    * DNS entries for NSX Edge components should be populated in a customer-managed DNS server
+    * The vSphere clusters hosting the Edge clusters should be L2 Uniform. All host nodes in a hosting vSphere cluster need to have identical management, uplink, Edge and host TEP networks
+    * The vSphere clusters hosting the NSX Edge node VMs must have the same pNIC speed for NSX enabled VDS uplinks chosen for Edge overlay (e.g., either 10G or 25G but not both)
+    * All nodes of an NSX Edge cluster must use the same set of NSX enabled VDS uplinks. The selected uplinks must be prepared for overlay use
+    * If the vSphere cluster hosting the Edge nodes has hosts with a DPU device then enable SR-IOV in the BIOS and in the vSphere Client (if required by your DPU vendor)
+
+Do not attempt to add and remove edge nodes in a single configuration change. You can either shrink or expand a cluster, but you cannot run both operations
+simultaneously.
+
+Review the documentation for VMware Cloud Foundation for more information about NSX Edge Clusters.
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `admin_password` (String) Administrator password for the NSX manager
+- `audit_password` (String) Audit user password for the NSX manager
+- `edge_node` (Block List, Min: 1) The nodes in the edge cluster (see [below for nested schema](#nestedblock--edge_node))
+- `form_factor` (String) One among: XLARGE, LARGE, MEDIUM, SMALL
+- `high_availability` (String) One among: ACTIVE_ACTIVE, ACTIVE_STANDBY
+- `mtu` (Number) Maximum transmission unit size for the cluster
+- `name` (String) The name of the edge cluster
+- `profile_type` (String) One among: DEFAULT, CUSTOM. If set to CUSTOM a 'profile' must be provided
+- `root_password` (String) Root user password for the NSX manager
+- `routing_type` (String) One among: EBGP, STATIC
+- `tier0_name` (String) Name for the Tier-0 gateway
+- `tier1_name` (String) Name for the Tier-1 gateway
+
+### Optional
+
+- `asn` (Number) ASN for the cluster
+- `internal_transit_subnets` (List of String) Subnet addresses in CIDR notation that are used to assign addresses to logical links connecting service routers and distributed routers
+- `profile` (Block List, Max: 1) The specification for the edge cluster profile (see [below for nested schema](#nestedblock--profile))
+- `skip_tep_routability_check` (Boolean) Set to true to bypass normal ICMP-based check of Edge TEP / host TEP routability (default is false, meaning do check)
+- `tier1_unhosted` (Boolean) Select whether Tier-1 being created per this spec is hosted on the new Edge cluster or not (default value is false, meaning hosted)
+- `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))
+- `transit_subnets` (List of String) Transit subnet addresses in CIDR notation that are used to assign addresses to logical links connecting Tier-0 and Tier-1s
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+
+<a id="nestedblock--edge_node"></a>
+### Nested Schema for `edge_node`
+
+Required:
+
+- `admin_password` (String) The administrator password for the edge node
+- `audit_password` (String) The audit password for the edge node
+- `compute_cluster_id` (String) The id of the compute cluster
+- `inter_rack_cluster` (Boolean) Whether or not this is an inter-rack cluster. True for L2 non-uniform and L3, false for L2 uniform
+- `management_gateway` (String) The gateway address for the management network
+- `management_ip` (String) The IP address (CIDR) for the management network
+- `name` (String) The name of the edge node
+- `root_password` (String) The root user password for the edge node
+- `tep1_ip` (String) The IP address (CIDR) of the first tunnel endpoint
+- `tep2_ip` (String) The IP address (CIDR) of the second tunnel endpoint
+- `tep_gateway` (String) The gateway for the tunnel endpoints
+- `tep_vlan` (Number) The VLAN ID for the tunnel endpoint
+
+Optional:
+
+- `first_nsx_vds_uplink` (String) The name of the first NSX-enabled VDS uplink
+- `second_nsx_vds_uplink` (String) The name of the second NSX-enabled VDS uplink
+- `uplink` (Block List) Specifications of Tier-0 uplinks for the edge node (see [below for nested schema](#nestedblock--edge_node--uplink))
+
+<a id="nestedblock--edge_node--uplink"></a>
+### Nested Schema for `edge_node.uplink`
+
+Required:
+
+- `interface_ip` (String) The IP address (CIDR) for the distributed switch uplink
+- `vlan` (Number) The VLAN ID for the distributed switch uplink
+
+Optional:
+
+- `bgp_peer` (Block List) List of BGP Peer configurations (see [below for nested schema](#nestedblock--edge_node--uplink--bgp_peer))
+
+<a id="nestedblock--edge_node--uplink--bgp_peer"></a>
+### Nested Schema for `edge_node.uplink.bgp_peer`
+
+Required:
+
+- `asn` (Number) ASN
+- `ip` (String) IP address
+- `password` (String) Password
+
+
+
+
+<a id="nestedblock--profile"></a>
+### Nested Schema for `profile`
+
+Required:
+
+- `bfd_allowed_hop` (Number) BFD allowed hop
+- `bfd_declare_dead_multiple` (Number) BFD declare dead multiple
+- `bfd_probe_interval` (Number) BFD probe interval
+- `name` (String) The name of the profile
+- `standby_relocation_threshold` (Number) Standby relocation threshold
+
+
+<a id="nestedblock--timeouts"></a>
+### Nested Schema for `timeouts`
+
+Optional:
+
+- `create` (String)
+- `update` (String)
diff --git a/examples/data-sources/cluster/variables.tf b/examples/data-sources/cluster/variables.tf
@@ -1,19 +1,19 @@
 variable "sddc_manager_username" {
   description = "Username used to authenticate against an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "sddc_manager_password" {
   description = "Password used to authenticate against an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "sddc_manager_host" {
   description = "Fully qualified domain name of an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "vcf_cluster_id" {
   description = "Id of the cluster that is to be used as a data source. Note: management domain default cluster ID can be used to refer to some of it's attributes"
-  default = ""
+  default     = ""
 }
diff --git a/examples/data-sources/cluster/vcf_cluster.tf b/examples/data-sources/cluster/vcf_cluster.tf
@@ -1,7 +1,7 @@
 terraform {
   required_providers {
     vcf = {
-      source  = "vmware/vcf"
+      source = "vmware/vcf"
     }
   }
 }

diff --git a/examples/data-sources/cluster/vcf_credentials.tf b/examples/data-sources/cluster/vcf_credentials.tf
@@ -1,7 +1,7 @@
 terraform {
   required_providers {
     vcf = {
-      source  = "vmware/vcf"
+      source = "vmware/vcf"
     }
   }
 }

diff --git a/examples/data-sources/credentials/vcf_credentials.tf b/examples/data-sources/credentials/vcf_credentials.tf
@@ -1,7 +1,7 @@
 terraform {
   required_providers {
     vcf = {
-      source  = "vmware/vcf"
+      source = "vmware/vcf"
     }
   }
 }

diff --git a/examples/data-sources/domain/variables.tf b/examples/data-sources/domain/variables.tf
@@ -1,19 +1,19 @@
 variable "sddc_manager_username" {
   description = "Username used to authenticate against an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "sddc_manager_password" {
   description = "Password used to authenticate against an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "sddc_manager_host" {
   description = "Fully qualified domain name of an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "vcf_domain_id" {
   description = "Id of the domain that is to be used as a data source. Note: management domain ID can be used to refer to some of it's attributes"
-  default = ""
+  default     = ""
 }
diff --git a/examples/data-sources/domain/vcf_domain.tf b/examples/data-sources/domain/vcf_domain.tf
@@ -1,7 +1,7 @@
 terraform {
   required_providers {
     vcf = {
-      source  = "vmware/vcf"
+      source = "vmware/vcf"
     }
   }
 }

diff --git a/examples/main.tf b/examples/main.tf
@@ -2,7 +2,7 @@
 terraform {
   required_providers {
     vcf = {
-      source  = "vmware/vcf"
+      source = "vmware/vcf"
     }
   }
 }
@@ -16,7 +16,7 @@ provider "vcf" {
 
 # Resources
 resource "vcf_ceip" "ceip" {
-  status    = "DISABLE"
+  status = "DISABLE"
 }
 
 resource "vcf_user" "testuser1" {
@@ -34,30 +34,30 @@ resource "vcf_user" "serviceuser1" {
 }
 
 output "serviceuser1_apikey" {
-  value = "${vcf_user.serviceuser1.api_key}"
+  value = vcf_user.serviceuser1.api_key
 }
 
 resource "vcf_network_pool" "eng_pool" {
-  name    = "engineering-pool2"
+  name = "engineering-pool2"
   network {
-    gateway   = "192.168.8.1"
-    mask      = "255.255.255.0"
-    mtu       = 9000
-    subnet    = "192.168.8.0"
-    type      = "VSAN"
-    vlan_id   = 100
+    gateway = "192.168.8.1"
+    mask    = "255.255.255.0"
+    mtu     = 9000
+    subnet  = "192.168.8.0"
+    type    = "VSAN"
+    vlan_id = 100
     ip_pools {
       start = "192.168.8.5"
       end   = "192.168.8.50"
     }
   }
   network {
-    gateway   = "192.168.9.1"
-    mask      = "255.255.255.0"
-    mtu       = 9000
-    subnet    = "192.168.9.0"
-    type      = "vMotion"
-    vlan_id   = 100
+    gateway = "192.168.9.1"
+    mask    = "255.255.255.0"
+    mtu     = 9000
+    subnet  = "192.168.9.0"
+    type    = "vMotion"
+    vlan_id = 100
     ip_pools {
       start = "192.168.9.5"
       end   = "192.168.9.50"
@@ -66,25 +66,25 @@ resource "vcf_network_pool" "eng_pool" {
 }
 
 resource "vcf_host" "esxi_1" {
-  fqdn      = "esxi-1.vrack.vsphere.local"
-  username  = var.esxi_1_user
-  password  = var.esxi_1_pass
+  fqdn              = "esxi-1.vrack.vsphere.local"
+  username          = var.esxi_1_user
+  password          = var.esxi_1_pass
   network_pool_name = "bringup-networkpool"
-  storage_type = "VSAN"
+  storage_type      = "VSAN"
 }
 
 resource "vcf_host" "esxi_2" {
-  fqdn      = "esxi-2.vrack.vsphere.local"
-  username  = var.esxi_2_user
-  password  = var.esxi_2_pass
+  fqdn              = "esxi-2.vrack.vsphere.local"
+  username          = var.esxi_2_user
+  password          = var.esxi_2_pass
   network_pool_name = "bringup-networkpool"
-  storage_type = "VSAN"
+  storage_type      = "VSAN"
 }
 
 resource "vcf_host" "esxi_3" {
-  fqdn      = "esxi-3.vrack.vsphere.local"
-  username  = var.esxi_3_user
-  password  = var.esxi_3_pass
+  fqdn              = "esxi-3.vrack.vsphere.local"
+  username          = var.esxi_3_user
+  password          = var.esxi_3_pass
   network_pool_name = "bringup-networkpool"
-  storage_type = "VSAN"
+  storage_type      = "VSAN"
 }
diff --git a/examples/provider/provider.tf b/examples/provider/provider.tf
@@ -2,7 +2,7 @@
 terraform {
   required_providers {
     vcf = {
-      source  = "vmware/vcf"
+      source = "vmware/vcf"
     }
   }
 }

diff --git a/examples/provider/variables.tf b/examples/provider/variables.tf
@@ -1,14 +1,14 @@
 variable "sddc_manager_username" {
   description = "Username used to authenticate against an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "sddc_manager_password" {
   description = "Password used to authenticate against an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "sddc_manager_host" {
   description = "FQDN of an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
diff --git a/examples/resources/certificates/certificate/variables.tf b/examples/resources/certificates/certificate/variables.tf
@@ -1,19 +1,19 @@
 variable "sddc_manager_username" {
   description = "Username used to authenticate against an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "sddc_manager_password" {
   description = "Password used to authenticate against an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "sddc_manager_host" {
   description = "Fully qualified domain name of an SDDC Manager instance"
-  default = ""
+  default     = ""
 }
 
 variable "vcf_domain_id" {
   description = "Id of the domain for whose resources CSRs are to be generated"
-  default = ""
+  default     = ""
 }