feat(sdn): add support for zone resources and datasources

.golangci.yml

@@ -44,6 +44,8 @@ linters:
     gosec:
       excludes:
         - G115
+    lll:
+      line-length: 150
     revive:
       rules:
         - name: "package-comments"

docs/resources/virtual_environment_sdn_zone_evpn.md

@@ -0,0 +1,38 @@
+---
+layout: page
+title: proxmox_virtual_environment_sdn_zone_evpn
+parent: Resources
+subcategory: Virtual Environment
+description: |-
+  EVPN Zone in Proxmox SDN. The EVPN zone creates a routable Layer 3 network, capable of spanning across multiple clusters.
+---
+
+# Resource: proxmox_virtual_environment_sdn_zone_evpn
+
+EVPN Zone in Proxmox SDN. The EVPN zone creates a routable Layer 3 network, capable of spanning across multiple clusters.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) The unique identifier of the SDN zone.
+
+### Optional
+
+- `advertise_subnets` (Boolean) Enable subnet advertisement for EVPN.
+- `controller` (String) EVPN controller address.
+- `disable_arp_nd_suppression` (Boolean) Disable ARP/ND suppression for EVPN.
+- `dns` (String) DNS API server address.
+- `dns_zone` (String) DNS domain name. Used to register hostnames, such as `<hostname>.<domain>`. The DNS zone must already exist on the DNS server.
+- `exit_nodes` (Set of String) List of exit nodes for EVPN.
+- `exit_nodes_local_routing` (Boolean) Enable local routing for EVPN exit nodes.
+- `ipam` (String) IP Address Management system.
+- `mtu` (Number) MTU value for the zone.
+- `nodes` (Set of String) Proxmox node names.
+- `primary_exit_node` (String) Primary exit node for EVPN.
+- `reverse_dns` (String) Reverse DNS API server address.
+- `rt_import` (String) Route target import for EVPN.
+- `vrf_vxlan` (Number) VRF VXLAN-ID used for dedicated routing interconnect between VNets. It must be different than the VXLAN-ID of the VNets.

docs/resources/virtual_environment_sdn_zone_qinq.md

@@ -0,0 +1,33 @@
+---
+layout: page
+title: proxmox_virtual_environment_sdn_zone_qinq
+parent: Resources
+subcategory: Virtual Environment
+description: |-
+  QinQ Zone in Proxmox SDN. QinQ also known as VLAN stacking, that uses multiple layers of VLAN tags for isolation. The QinQ zone defines the outer VLAN tag (the Service VLAN) whereas the inner VLAN tag is defined by the VNet. Your physical network switches must support stacked VLANs for this configuration. Due to the double stacking of tags, you need 4 more bytes for QinQ VLANs. For example, you must reduce the MTU to 1496 if you physical interface MTU is 1500.
+---
+
+# Resource: proxmox_virtual_environment_sdn_zone_qinq
+
+QinQ Zone in Proxmox SDN. QinQ also known as VLAN stacking, that uses multiple layers of VLAN tags for isolation. The QinQ zone defines the outer VLAN tag (the Service VLAN) whereas the inner VLAN tag is defined by the VNet. Your physical network switches must support stacked VLANs for this configuration. Due to the double stacking of tags, you need 4 more bytes for QinQ VLANs. For example, you must reduce the MTU to 1496 if you physical interface MTU is 1500.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) The unique identifier of the SDN zone.
+
+### Optional
+
+- `bridge` (String) A local, VLAN-aware bridge that is already configured on each local node
+- `dns` (String) DNS API server address.
+- `dns_zone` (String) DNS domain name. Used to register hostnames, such as `<hostname>.<domain>`. The DNS zone must already exist on the DNS server.
+- `ipam` (String) IP Address Management system.
+- `mtu` (Number) MTU value for the zone.
+- `nodes` (Set of String) Proxmox node names.
+- `reverse_dns` (String) Reverse DNS API server address.
+- `service_vlan` (Number) Service VLAN tag for QinQ.
+- `service_vlan_protocol` (String) Service VLAN protocol for QinQ.

docs/resources/virtual_environment_sdn_zone_simple.md

@@ -0,0 +1,30 @@
+---
+layout: page
+title: proxmox_virtual_environment_sdn_zone_simple
+parent: Resources
+subcategory: Virtual Environment
+description: |-
+  Simple Zone in Proxmox SDN. It will create an isolated VNet bridge. This bridge is not linked to a physical interface, and VM traffic is only local on each the node. It can be used in NAT or routed setups.
+---
+
+# Resource: proxmox_virtual_environment_sdn_zone_simple
+
+Simple Zone in Proxmox SDN. It will create an isolated VNet bridge. This bridge is not linked to a physical interface, and VM traffic is only local on each the node. It can be used in NAT or routed setups.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) The unique identifier of the SDN zone.
+
+### Optional
+
+- `dns` (String) DNS API server address.
+- `dns_zone` (String) DNS domain name. Used to register hostnames, such as `<hostname>.<domain>`. The DNS zone must already exist on the DNS server.
+- `ipam` (String) IP Address Management system.
+- `mtu` (Number) MTU value for the zone.
+- `nodes` (Set of String) Proxmox node names.
+- `reverse_dns` (String) Reverse DNS API server address.

docs/resources/virtual_environment_sdn_zone_vlan.md

@@ -0,0 +1,31 @@
+---
+layout: page
+title: proxmox_virtual_environment_sdn_zone_vlan
+parent: Resources
+subcategory: Virtual Environment
+description: |-
+  VLAN Zone in Proxmox SDN. It uses an existing local Linux or OVS bridge to connect to the node's physical interface. It uses VLAN tagging defined in the VNet to isolate the network segments. This allows connectivity of VMs between different nodes.
+---
+
+# Resource: proxmox_virtual_environment_sdn_zone_vlan
+
+VLAN Zone in Proxmox SDN. It uses an existing local Linux or OVS bridge to connect to the node's physical interface. It uses VLAN tagging defined in the VNet to isolate the network segments. This allows connectivity of VMs between different nodes.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) The unique identifier of the SDN zone.
+
+### Optional
+
+- `bridge` (String) The local bridge or OVS switch, already configured on _each_ node that allows node-to-node connection.
+- `dns` (String) DNS API server address.
+- `dns_zone` (String) DNS domain name. Used to register hostnames, such as `<hostname>.<domain>`. The DNS zone must already exist on the DNS server.
+- `ipam` (String) IP Address Management system.
+- `mtu` (Number) MTU value for the zone.
+- `nodes` (Set of String) Proxmox node names.
+- `reverse_dns` (String) Reverse DNS API server address.

docs/resources/virtual_environment_sdn_zone_vxlan.md

@@ -0,0 +1,31 @@
+---
+layout: page
+title: proxmox_virtual_environment_sdn_zone_vxlan
+parent: Resources
+subcategory: Virtual Environment
+description: |-
+  VXLAN Zone in Proxmox SDN. It establishes a tunnel (overlay) on top of an existing network (underlay). This encapsulates layer 2 Ethernet frames within layer 4 UDP datagrams using the default destination port 4789. You have to configure the underlay network yourself to enable UDP connectivity between all peers. Because VXLAN encapsulation uses 50 bytes, the MTU needs to be 50 bytes lower than the outgoing physical interface.
+---
+
+# Resource: proxmox_virtual_environment_sdn_zone_vxlan
+
+VXLAN Zone in Proxmox SDN. It establishes a tunnel (overlay) on top of an existing network (underlay). This encapsulates layer 2 Ethernet frames within layer 4 UDP datagrams using the default destination port 4789. You have to configure the underlay network yourself to enable UDP connectivity between all peers. Because VXLAN encapsulation uses 50 bytes, the MTU needs to be 50 bytes lower than the outgoing physical interface.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) The unique identifier of the SDN zone.
+
+### Optional
+
+- `dns` (String) DNS API server address.
+- `dns_zone` (String) DNS domain name. Used to register hostnames, such as `<hostname>.<domain>`. The DNS zone must already exist on the DNS server.
+- `ipam` (String) IP Address Management system.
+- `mtu` (Number) MTU value for the zone.
+- `nodes` (Set of String) Proxmox node names.
+- `peers` (Set of String) A list of IP addresses of each node in the VXLAN zone. This can be external nodes reachable at this IP address. All nodes in the cluster need to be mentioned here
+- `reverse_dns` (String) Reverse DNS API server address.

fwprovider/cluster/sdn/zone/resource_evpn.go

@@ -0,0 +1,158 @@
+/*
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/.
+ */
+
+package zone
+
+import (
+	"context"
+	"regexp"
+
+	"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
+	"github.com/hashicorp/terraform-plugin-framework/diag"
+	"github.com/hashicorp/terraform-plugin-framework/resource"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/schema/validator"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+
+	"github.com/bpg/terraform-provider-proxmox/fwprovider/types/stringset"
+	"github.com/bpg/terraform-provider-proxmox/proxmox/cluster/sdn/zones"
+
+	proxmoxtypes "github.com/bpg/terraform-provider-proxmox/proxmox/types"
+)
+
+var (
+	_ resource.ResourceWithConfigure   = &EVPNResource{}
+	_ resource.ResourceWithImportState = &EVPNResource{}
+)
+
+type evpnModel struct {
+	genericModel
+
+	AdvertiseSubnets        types.Bool      `tfsdk:"advertise_subnets"`
+	Controller              types.String    `tfsdk:"controller"`
+	DisableARPNDSuppression types.Bool      `tfsdk:"disable_arp_nd_suppression"`
+	ExitNodes               stringset.Value `tfsdk:"exit_nodes"`
+	ExitNodesLocalRouting   types.Bool      `tfsdk:"exit_nodes_local_routing"`
+	PrimaryExitNode         types.String    `tfsdk:"primary_exit_node"`
+	RouteTargetImport       types.String    `tfsdk:"rt_import"`
+	VRFVXLANID              types.Int64     `tfsdk:"vrf_vxlan"`
+}
+
+func (m *evpnModel) importFromAPI(name string, data *zones.ZoneData, diags *diag.Diagnostics) {
+	m.genericModel.importFromAPI(name, data, diags)
+
+	m.AdvertiseSubnets = types.BoolPointerValue(data.AdvertiseSubnets.PointerBool())
+	m.Controller = types.StringPointerValue(data.Controller)
+	m.DisableARPNDSuppression = types.BoolPointerValue(data.DisableARPNDSuppression.PointerBool())
+	m.ExitNodes = stringset.NewValueString(data.ExitNodes, diags, stringset.WithSeparator(","))
+	m.ExitNodesLocalRouting = types.BoolPointerValue(data.ExitNodesLocalRouting.PointerBool())
+	m.PrimaryExitNode = types.StringPointerValue(data.ExitNodesPrimary)
+	m.RouteTargetImport = types.StringPointerValue(data.RouteTargetImport)
+	m.VRFVXLANID = types.Int64PointerValue(data.VRFVXLANID)
+}
+
+func (m *evpnModel) toAPIRequestBody(ctx context.Context, diags *diag.Diagnostics) *zones.ZoneRequestData {
+	data := m.genericModel.toAPIRequestBody(ctx, diags)
+
+	data.AdvertiseSubnets = proxmoxtypes.CustomBoolPtr(m.AdvertiseSubnets.ValueBoolPointer())
+	data.Controller = m.Controller.ValueStringPointer()
+	data.DisableARPNDSuppression = proxmoxtypes.CustomBoolPtr(m.DisableARPNDSuppression.ValueBoolPointer())
+	data.ExitNodes = m.ExitNodes.ValueStringPointer(ctx, diags, stringset.WithSeparator(","))
+	data.ExitNodesLocalRouting = proxmoxtypes.CustomBoolPtr(m.ExitNodesLocalRouting.ValueBoolPointer())
+	data.ExitNodesPrimary = m.PrimaryExitNode.ValueStringPointer()
+	data.RouteTargetImport = m.RouteTargetImport.ValueStringPointer()
+	data.VRFVXLANID = m.VRFVXLANID.ValueInt64Pointer()
+
+	return data
+}
+
+type EVPNResource struct {
+	generic *genericZoneResource
+}
+
+func NewEVPNResource() resource.Resource {
+	return &EVPNResource{
+		generic: newGenericZoneResource(zoneResourceConfig{
+			typeNameSuffix: "_sdn_zone_evpn",
+			zoneType:       zones.TypeEVPN,
+			modelFunc:      func() zoneModel { return &evpnModel{} },
+		}).(*genericZoneResource),
+	}
+}
+
+func (r *EVPNResource) Schema(_ context.Context, _ resource.SchemaRequest, resp *resource.SchemaResponse) {
+	resp.Schema = schema.Schema{
+		Description: "EVPN Zone in Proxmox SDN.",
+		MarkdownDescription: "EVPN Zone in Proxmox SDN. The EVPN zone creates a routable Layer 3 network, capable of " +
+			"spanning across multiple clusters.",
+		Attributes: genericAttributesWith(map[string]schema.Attribute{
+			"advertise_subnets": schema.BoolAttribute{
+				Optional:    true,
+				Description: "Enable subnet advertisement for EVPN.",
+			},
+			"controller": schema.StringAttribute{
+				Optional:    true,
+				Description: "EVPN controller address.",
+			},
+			"disable_arp_nd_suppression": schema.BoolAttribute{
+				Optional:    true,
+				Description: "Disable ARP/ND suppression for EVPN.",
+			},
+			"exit_nodes": stringset.ResourceAttribute("List of exit nodes for EVPN.", ""),
+			"exit_nodes_local_routing": schema.BoolAttribute{
+				Optional:    true,
+				Description: "Enable local routing for EVPN exit nodes.",
+			},
+			"primary_exit_node": schema.StringAttribute{
+				Optional:    true,
+				Description: "Primary exit node for EVPN.",
+			},
+			"rt_import": schema.StringAttribute{
+				Optional:    true,
+				Description: "Route target import for EVPN.",
+				Validators: []validator.String{
+					stringvalidator.RegexMatches(
+						regexp.MustCompile(`^(\d+):(\d+)$`),
+						"must be in the format '<ASN>:<number>' (e.g., '65000:65000')",
+					),
+				},
+			},
+			"vrf_vxlan": schema.Int64Attribute{
+				Optional: true,
+				Description: "VRF VXLAN-ID used for dedicated routing interconnect between VNets. It must be different " +
+					"than the VXLAN-ID of the VNets.",
+			},
+		}),
+	}
+}
+
+func (r *EVPNResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
+	r.generic.Metadata(ctx, req, resp)
+}
+
+func (r *EVPNResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) {
+	r.generic.Configure(ctx, req, resp)
+}
+
+func (r *EVPNResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) {
+	r.generic.Create(ctx, req, resp)
+}
+
+func (r *EVPNResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) {
+	r.generic.Read(ctx, req, resp)
+}
+
+func (r *EVPNResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
+	r.generic.Update(ctx, req, resp)
+}
+
+func (r *EVPNResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
+	r.generic.Delete(ctx, req, resp)
+}
+
+func (r *EVPNResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
+	r.generic.ImportState(ctx, req, resp)
+}