feat(sdn): add support for zones, vnets, subnets, validation, and tests

.all-contributorsrc

@@ -1396,6 +1396,15 @@
       "contributions": [
         "code"
       ]
+    },
+    {
+      "login": "Vaneixus",
+      "name": "Marco Attia",
+      "avatar_url": "https://avatars.githubusercontent.com/u/54147992?v=4",
+      "profile": "https://github.com/Vaneixus",
+      "contributions": [
+        "code"
+      ]
     }
   ],
   "contributorsPerLine": 7,

CONTRIBUTORS.md

@@ -197,6 +197,7 @@
     <tr>
       <td align="center" valign="top" width="14.28%"><a href="https://github.com/cowgod"><img src="https://avatars.githubusercontent.com/u/523086?v=4?s=100" width="100px;" alt="Dan McCormack"/><br /><sub><b>Dan McCormack</b></sub></a><br /><a href="https://github.com/bpg/terraform-provider-proxmox/commits?author=cowgod" title="Documentation">📖</a></td>
       <td align="center" valign="top" width="14.28%"><a href="https://github.com/valkiriaaquatica"><img src="https://avatars.githubusercontent.com/u/56233573?v=4?s=100" width="100px;" alt="VALKIRIA ACUATICA  "/><br /><sub><b>VALKIRIA ACUATICA  </b></sub></a><br /><a href="https://github.com/bpg/terraform-provider-proxmox/commits?author=valkiriaaquatica" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/Vaneixus"><img src="https://avatars.githubusercontent.com/u/54147992?v=4?s=100" width="100px;" alt="Marco Attia"/><br /><sub><b>Marco Attia</b></sub></a><br /><a href="https://github.com/bpg/terraform-provider-proxmox/commits?author=Vaneixus" title="Code">💻</a></td>
     </tr>
   </tbody>
   <tfoot>

README.md

@@ -71,7 +71,7 @@ The following assumptions are made about the test environment:
 
 - It has one node named `pve`
 - The node has local storages named `local` and `local-lvm`
-- The "Snippets" content type is enabled in the `local` storage
+- The "Snippets" and "Import" content types are enabled in the `local` storage
 - Default Linux Bridge "vmbr0" is VLAN aware (datacenter -> pve -> network -> edit & apply)
 
 Create `example/terraform.tfvars` with the following variables:

docs/data-sources/virtual_environment_sdn_subnet.md

@@ -0,0 +1,41 @@
+---
+layout: page
+title: proxmox_virtual_environment_sdn_subnet
+parent: Data Sources
+subcategory: Virtual Environment
+description: |-
+  Retrieve details about a specific SDN Subnet in Proxmox VE.
+---
+
+# Data Source: proxmox_virtual_environment_sdn_subnet
+
+Retrieve details about a specific SDN Subnet in Proxmox VE.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `subnet` (String)
+- `vnet` (String) The VNet this subnet belongs to.
+
+### Read-Only
+
+- `canonical_name` (String)
+- `dhcp_dns_server` (String) The DNS server used for DHCP.
+- `dhcp_range` (Attributes List) List of DHCP ranges (start and end IPs). (see [below for nested schema](#nestedatt--dhcp_range))
+- `dnszoneprefix` (String) Prefix used for DNS zone delegation.
+- `gateway` (String) The gateway address for the subnet.
+- `id` (String) The full ID in the format 'vnet-id/subnet-id'.
+- `snat` (Boolean) Whether SNAT is enabled for the subnet.
+- `type` (String)
+
+<a id="nestedatt--dhcp_range"></a>
+### Nested Schema for `dhcp_range`
+
+Read-Only:
+
+- `end_address` (String) End of the DHCP range.
+- `start_address` (String) Start of the DHCP range.

docs/data-sources/virtual_environment_sdn_vnet.md

@@ -0,0 +1,32 @@
+---
+layout: page
+title: proxmox_virtual_environment_sdn_vnet
+parent: Data Sources
+subcategory: Virtual Environment
+description: |-
+  Retrieves information about an existing SDN Vnet in Proxmox VE.
+---
+
+# Data Source: proxmox_virtual_environment_sdn_vnet
+
+Retrieves information about an existing SDN Vnet in Proxmox VE.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) The name of the vnet.
+
+### Read-Only
+
+- `alias` (String) - An alias for this vnet.
+- `id` (String) - The ID of the vnet (usually the name).
+- `isolate_ports` (Boolean) - Whether ports are isolated.
+- `tag` (Number) - VLAN/VXLAN tag.
+- `type` (String) - Type of the vnet.
+- `vlanaware` (Boolean) - Whether this vnet is VLAN aware.
+- `zone` (String) - The zone associated with the vnet.
+- `zonetype` (String) - The type of the zone associated with this vnet.

docs/data-sources/virtual_environment_sdn_zone.md

@@ -0,0 +1,45 @@
+---
+layout: page
+title: proxmox_virtual_environment_sdn_zone
+parent: Data Sources
+subcategory: Virtual Environment
+description: |-
+  Fetch a Proxmox SDN Zone by name.
+---
+
+# Data Source: proxmox_virtual_environment_sdn_zone
+
+
+This data source allows you to fetch information about an existing SDN zone in a Proxmox Virtual Environment (PVE) cluster by its name.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) Name (ID) of the SDN zone.
+
+### Read-Only
+
+- `advertise_subnets` (Boolean) - Whether to advertise subnets to the zone.
+- `bridge` (String) – Linux bridge device used (if applicable).
+- `controller` (String) – Controller for EVPN zones.
+- `disable_arp_nd_suppression` (Boolean) – Whether ARP/ND suppression is disabled.
+- `dns` (String) – DNS server configured for the zone.
+- `dns_zone` (String) – The DNS zone name used by this SDN zone.
+- `exit_nodes` (String) – Nodes designated as exit points.
+- `exit_nodes_local_routing` (Boolean) – Whether local routing is enabled for exit nodes.
+- `id` (String) - The ID of the SDN zone.
+- `ipam` (String) – The IP Address Management (IPAM) method used in the zone.
+- `mtu` (Number) – Maximum Transmission Unit for this zone.
+- `nodes` (String) – Comma-separated list of node names associated with the zone.
+- `peers` (String) – Peers used for some zone types only.
+- `primary_exit_node` (String) – The main exit node.
+- `reversedns` (String) – Reverse DNS server for the zone.
+- `rt_import` (String) – Route targets to import.
+- `tag` (Number) – VLAN tag or other numeric identifier.
+- `type` (String) – The SDN zone type (e.g., `simple`, `vlan`, `vxlan`, `evpn`).
+- `vlan_protocol` (String) – VLAN protocol used.
+- `vrf_vxlan` (Number) – VXLAN ID associated with VRF zones.

docs/guides/cloud-image.md

@@ -109,11 +109,12 @@ resource "proxmox_virtual_environment_vm" "debian_vm" {
 
   disk {
     datastore_id = "local-lvm"
-    file_id      = "local:iso/debian-12-genericcloud-amd64.img"
-    interface    = "virtio0"
-    iothread     = true
-    discard      = "on"
-    size         = 20
+    # qcow2 image downloaded from https://cloud.debian.org/images/cloud/bookworm/latest/ and renamed to *.img
+    file_id   = "local:iso/debian-12-genericcloud-amd64.img"
+    interface = "virtio0"
+    iothread  = true
+    discard   = "on"
+    size      = 20
   }
 }
 ```

docs/guides/cloud-init.md

@@ -21,6 +21,9 @@ resource "proxmox_virtual_environment_vm" "ubuntu_vm" {
   name      = "test-ubuntu"
   node_name = "pve"
 
+  # should be true if qemu agent is not installed / enabled on the VM
+  stop_on_destroy = true
+
   initialization {
     ip_config {
       ipv4 {

docs/guides/setup-proxmox-for-tests.md

@@ -92,4 +92,4 @@ Goal is to have a proxmox node in VM using <https://virt-manager.org/> for a job
 
 10. Now you can run `make example`.
 
-11. If you see error with proxmox_virtual_environment_file: the datastore "local" does not support content type "snippets"; supported content types are: `[backup, iso, vztmpl]`, you need to enable them, see <https://registry.terraform.io/providers/bpg/proxmox/latest/docs/resources/virtual_environment_file#snippets>.
+11. If you see error with proxmox_virtual_environment_file: the datastore "local" does not support content type "snippets"; supported content types are: `[backup, iso, vztmpl, import]`, you need to enable them, see <https://registry.terraform.io/providers/bpg/proxmox/latest/docs/resources/virtual_environment_file#snippets>.

docs/resources/virtual_environment_download_file.md

@@ -4,12 +4,12 @@ title: proxmox_virtual_environment_download_file
 parent: Resources
 subcategory: Virtual Environment
 description: |-
-  Manages files upload using PVE download-url API. It can be fully compatible and faster replacement for image files created using proxmox_virtual_environment_file. Supports images for VMs (ISO images) and LXC (CT Templates).
+  Manages files upload using PVE download-url API. It can be fully compatible and faster replacement for image files created using proxmox_virtual_environment_file. Supports images for VMs (ISO and disk images) and LXC (CT Templates).
 ---
 
 # Resource: proxmox_virtual_environment_download_file
 
-Manages files upload using PVE download-url API. It can be fully compatible and faster replacement for image files created using `proxmox_virtual_environment_file`. Supports images for VMs (ISO images) and LXC (CT Templates).
+Manages files upload using PVE download-url API. It can be fully compatible and faster replacement for image files created using `proxmox_virtual_environment_file`. Supports images for VMs (ISO and disk images) and LXC (CT Templates).
 
 ~> Besides the `Datastore.AllocateTemplate` privilege, this resource requires both the `Sys.Audit` and `Sys.Modify` privileges.<br><br>
 For more details, see the [`download-url`](https://pve.proxmox.com/pve-docs/api-viewer/index.html#/nodes/{node}/storage/{storage}/download-url) API documentation under the "Required permissions" section.
@@ -27,6 +27,16 @@ resource "proxmox_virtual_environment_download_file" "release_20231228_debian_12
   checksum_algorithm = "sha512"
 }
 
+resource "proxmox_virtual_environment_download_file" "release_20231228_debian_12_bookworm_qcow2" {
+  content_type       = "import"
+  datastore_id       = "local"
+  file_name          = "debian-12-generic-amd64-20231228-1609.qcow2"
+  node_name          = "pve"
+  url                = "https://cloud.debian.org/images/cloud/bookworm/20231228-1609/debian-12-generic-amd64-20231228-1609.qcow2"
+  checksum           = "d2fbcf11fb28795842e91364d8c7b69f1870db09ff299eb94e4fbbfa510eb78d141e74c1f4bf6dfa0b7e33d0c3b66e6751886feadb4e9916f778bab1776bdf1b"
+  checksum_algorithm = "sha512"
+}
+
 resource "proxmox_virtual_environment_download_file" "latest_debian_12_bookworm_qcow2_img" {
   content_type = "iso"
   datastore_id = "local"
@@ -35,6 +45,14 @@ resource "proxmox_virtual_environment_download_file" "latest_debian_12_bookworm_
   url          = "https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-amd64.qcow2"
 }
 
+resource "proxmox_virtual_environment_download_file" "latest_debian_12_bookworm_qcow2" {
+  content_type = "import"
+  datastore_id = "local"
+  file_name    = "debian-12-generic-amd64.qcow2"
+  node_name    = "pve"
+  url          = "https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-amd64.qcow2"
+}
+
 resource "proxmox_virtual_environment_download_file" "latest_ubuntu_22_jammy_qcow2_img" {
   content_type = "iso"
   datastore_id = "local"
@@ -73,7 +91,7 @@ resource "proxmox_virtual_environment_download_file" "latest_ubuntu_22_jammy_lxc
 
 ### Required
 
-- `content_type` (String) The file content type. Must be `iso` for VM images or `vztmpl` for LXC images.
+- `content_type` (String) The file content type. Must be `iso` or `import` for VM images or `vztmpl` for LXC images.
 - `datastore_id` (String) The identifier for the target datastore.
 - `node_name` (String) The node name.
 - `url` (String) The URL to download the file from. Must match regex: `https?://.*`.
@@ -83,7 +101,7 @@ resource "proxmox_virtual_environment_download_file" "latest_ubuntu_22_jammy_lxc
 - `checksum` (String) The expected checksum of the file.
 - `checksum_algorithm` (String) The algorithm to calculate the checksum of the file. Must be `md5` | `sha1` | `sha224` | `sha256` | `sha384` | `sha512`.
 - `decompression_algorithm` (String) Decompress the downloaded file using the specified compression algorithm. Must be one of `gz` | `lzo` | `zst` | `bz2`.
-- `file_name` (String) The file name. If not provided, it is calculated using `url`. PVE will raise 'wrong file extension' error for some popular extensions file `.raw` or `.qcow2`. Workaround is to use e.g. `.img` instead.
+- `file_name` (String) The file name. If not provided, it is calculated using `url`. PVE will raise 'wrong file extension' error for some popular extensions file `.raw` or `.qcow2` on PVE versions prior to 8.4. Workaround is to use e.g. `.img` instead.
 - `overwrite` (Boolean) By default `true`. If `true` and file size has changed in the datastore, it will be replaced. If `false`, there will be no check.
 - `overwrite_unmanaged` (Boolean) If `true` and a file with the same name already exists in the datastore, it will be deleted and the new file will be downloaded. If `false` and the file already exists, an error will be returned.
 - `upload_timeout` (Number) The file download timeout seconds. Default is 600 (10min).

docs/resources/virtual_environment_file.md

@@ -7,7 +7,7 @@ subcategory: Virtual Environment
 
 # Resource: proxmox_virtual_environment_file
 
-Use this resource to upload files to a Proxmox VE node. The file can be a backup, an ISO image, a snippet, or a container template depending on the `content_type` attribute.
+Use this resource to upload files to a Proxmox VE node. The file can be a backup, an ISO image, a Disk Image, a snippet, or a container template depending on the `content_type` attribute.
 
 ## Example Usage
 
@@ -33,6 +33,8 @@ resource "proxmox_virtual_environment_file" "backup" {
 
 -> Consider using `proxmox_virtual_environment_download_file` resource instead. Using this resource for images is less efficient (requires to transfer uploaded image to node) though still supported.
 
+-> Importing Disks is not enabled by default in new Proxmox installations. You need to enable them in the 'Datacenter>Storage' section of the proxmox interface before first using this resource with `content_type = "import"`.
+
 ```hcl
 resource "proxmox_virtual_environment_file" "ubuntu_container_template" {
   content_type = "iso"
@@ -45,6 +47,18 @@ resource "proxmox_virtual_environment_file" "ubuntu_container_template" {
 }
 ```
 
+```hcl
+resource "proxmox_virtual_environment_file" "ubuntu_container_template" {
+  content_type = "import"
+  datastore_id = "local"
+  node_name    = "pve"
+
+  source_file {
+    path = "https://cloud-images.ubuntu.com/jammy/20230929/jammy-server-cloudimg-amd64-disk-kvm.img"
+  }
+}
+```
+
 ### Snippets
 
 -> Snippets are not enabled by default in new Proxmox installations. You need to enable them in the 'Datacenter>Storage' section of the proxmox interface before first using this resource.
@@ -126,6 +140,7 @@ resource "proxmox_virtual_environment_file" "ubuntu_container_template" {
     - `backup` (allowed extensions: `.vzdump`, `.tar.gz`, `.tar.xz`, `tar.zst`)
     - `iso` (allowed extensions: `.iso`, `.img`)
     - `snippets` (allowed extensions: any)
+    - `import` (allowed extensions: `.raw`, `.qcow2`, `.vmdk`)
     - `vztmpl` (allowed extensions: `.tar.gz`, `.tar.xz`, `tar.zst`)
 - `datastore_id` - (Required) The datastore id.
 - `file_mode` - The file mode in octal format, e.g. `0700` or `600`. Note that the prefixes `0o` and `0x` is not supported! Setting this attribute is also only allowed for `root@pam` authenticated user.

docs/resources/virtual_environment_sdn_subnet.md

@@ -0,0 +1,44 @@
+---
+layout: page
+title: proxmox_virtual_environment_sdn_subnet
+parent: Resources
+subcategory: Virtual Environment
+description: |-
+  Manages SDN Subnets in Proxmox VE.
+---
+
+# Resource: proxmox_virtual_environment_sdn_subnet
+
+Manages SDN Subnets in Proxmox VE.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `subnet` (String) The name/ID of the subnet.
+- `vnet` (String) The VNet to which this subnet belongs.
+
+### Optional
+
+- `dhcp_dns_server` (String) The DNS server used for DHCP.
+- `dhcp_range` (Attributes List) List of DHCP ranges (start and end IPs). (see [below for nested schema](#nestedatt--dhcp_range))
+- `dnszoneprefix` (String) Prefix used for DNS zone delegation.
+- `gateway` (String) The gateway address for the subnet.
+- `snat` (Boolean) Whether SNAT is enabled for the subnet.
+
+### Read-Only
+
+- `canonical_name` (String) Canonical name of the subnet (e.g. zoneM-10.10.0.0-24).
+- `id` (String) The unique identifier of this resource.
+- `type` (String) Subnet type (set default at 'subnet')
+
+<a id="nestedatt--dhcp_range"></a>
+### Nested Schema for `dhcp_range`
+
+Required:
+
+- `end_address` (String) End of the DHCP range.
+- `start_address` (String) Start of the DHCP range.

docs/resources/virtual_environment_sdn_vnet.md

@@ -0,0 +1,35 @@
+---
+layout: page
+title: proxmox_virtual_environment_sdn_vnet
+parent: Resources
+subcategory: Virtual Environment
+description: |-
+  Manages Proxmox VE SDN vnet.
+---
+
+# Resource: proxmox_virtual_environment_sdn_vnet
+
+Manages Proxmox VE SDN vnet.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) Unique identifier for the vnet.
+- `zone` (String) The zone to which this vnet belongs.
+- `zonetype` (String) Parent's zone type. MUST be specified.
+
+### Optional
+
+- `alias` (String) An optional alias for this vnet.
+- `isolate_ports` (Boolean) Whether to isolate ports within this vnet.
+- `tag` (Number) Tag value for VLAN/VXLAN (depends on zone type).
+- `vlanaware` (Boolean) Whether this vnet is VLAN aware.
+
+### Read-Only
+
+- `id` (String) The unique identifier of this resource.
+- `type` (String) Type of vnet (e.g. 'vnet').