telemetry integration support added (#3585) (#2149)

* telemetry integration support added

* sentence corrected

* merge conflict fixed

* doc fixed as per PR comments

* indentation fixed

* implemented PR comments

* added beta only block to fix the tests failing in tpg

* Update third_party/terraform/website/docs/r/container_cluster.html.markdown

Co-authored-by: Dana Hoffman <[email protected]>

* Update third_party/terraform/website/docs/r/container_cluster.html.markdown

Co-authored-by: Dana Hoffman <[email protected]>

* cluster telemtery doc reference pointed

Co-authored-by: Dana Hoffman <[email protected]>
Signed-off-by: Modular Magician <[email protected]>

Co-authored-by: Dana Hoffman <[email protected]>

Author: modular-magician

.changelog/3585.txt

@@ -0,0 +1,3 @@
+```release-note: enhancement
+container :  Added cluster_telemetry attribute to `google_container_cluster`
+```

google-beta/resource_container_cluster.go

@@ -539,11 +539,12 @@ func resourceContainerCluster() *schema.Resource {
 			},
 
 			"logging_service": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Default:      "logging.googleapis.com/kubernetes",
-				ValidateFunc: validation.StringInSlice([]string{"logging.googleapis.com", "logging.googleapis.com/kubernetes", "none"}, false),
-				Description:  `The logging service that the cluster should write logs to. Available options include logging.googleapis.com(Legacy Stackdriver), logging.googleapis.com/kubernetes(Stackdriver Kubernetes Engine Logging), and none. Defaults to logging.googleapis.com/kubernetes.`,
+				Type:          schema.TypeString,
+				Optional:      true,
+				Computed:      true,
+				ConflictsWith: []string{"cluster_telemetry"},
+				ValidateFunc:  validation.StringInSlice([]string{"logging.googleapis.com", "logging.googleapis.com/kubernetes", "none"}, false),
+				Description:   `The logging service that the cluster should write logs to. Available options include logging.googleapis.com(Legacy Stackdriver), logging.googleapis.com/kubernetes(Stackdriver Kubernetes Engine Logging), and none. Defaults to logging.googleapis.com/kubernetes.`,
 			},
 
 			"maintenance_policy": {
@@ -694,11 +695,12 @@ func resourceContainerCluster() *schema.Resource {
 			},
 
 			"monitoring_service": {
-				Type:         schema.TypeString,
-				Optional:     true,
-				Default:      "monitoring.googleapis.com/kubernetes",
-				ValidateFunc: validation.StringInSlice([]string{"monitoring.googleapis.com", "monitoring.googleapis.com/kubernetes", "none"}, false),
-				Description:  `The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com(Legacy Stackdriver), monitoring.googleapis.com/kubernetes(Stackdriver Kubernetes Engine Monitoring), and none. Defaults to monitoring.googleapis.com/kubernetes.`,
+				Type:          schema.TypeString,
+				Optional:      true,
+				Computed:      true,
+				ConflictsWith: []string{"cluster_telemetry"},
+				ValidateFunc:  validation.StringInSlice([]string{"monitoring.googleapis.com", "monitoring.googleapis.com/kubernetes", "none"}, false),
+				Description:   `The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com(Legacy Stackdriver), monitoring.googleapis.com/kubernetes(Stackdriver Kubernetes Engine Monitoring), and none. Defaults to monitoring.googleapis.com/kubernetes.`,
 			},
 
 			"network": {
@@ -1036,6 +1038,22 @@ func resourceContainerCluster() *schema.Resource {
 				},
 			},
 
+			"cluster_telemetry": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Computed: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"type": {
+							Type:         schema.TypeString,
+							Required:     true,
+							ValidateFunc: validation.StringInSlice([]string{"DISABLED", "ENABLED", "SYSTEM_ONLY"}, false),
+						},
+					},
+				},
+			},
+
 			"resource_usage_export_config": {
 				Type:        schema.TypeList,
 				MaxItems:    1,
@@ -1184,8 +1202,9 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er
 			Enabled:         d.Get("enable_shielded_nodes").(bool),
 			ForceSendFields: []string{"Enabled"},
 		},
-		ReleaseChannel: expandReleaseChannel(d.Get("release_channel")),
-		EnableTpu:      d.Get("enable_tpu").(bool),
+		ReleaseChannel:   expandReleaseChannel(d.Get("release_channel")),
+		ClusterTelemetry: expandClusterTelemetry(d.Get("cluster_telemetry")),
+		EnableTpu:        d.Get("enable_tpu").(bool),
 		NetworkConfig: &containerBeta.NetworkConfig{
 			EnableIntraNodeVisibility: d.Get("enable_intranode_visibility").(bool),
 		},
@@ -1503,6 +1522,10 @@ func resourceContainerClusterRead(d *schema.ResourceData, meta interface{}) erro
 		return err
 	}
 
+	if err := d.Set("cluster_telemetry", flattenClusterTelemetry(cluster.ClusterTelemetry)); err != nil {
+		return err
+	}
+
 	d.Set("resource_labels", cluster.ResourceLabels)
 	d.Set("label_fingerprint", cluster.LabelFingerprint)
 
@@ -2168,6 +2191,36 @@ func resourceContainerClusterUpdate(d *schema.ResourceData, meta interface{}) er
 
 	d.Partial(false)
 
+	if d.HasChange("cluster_telemetry") {
+		req := &containerBeta.UpdateClusterRequest{
+			Update: &containerBeta.ClusterUpdate{
+				DesiredClusterTelemetry: expandClusterTelemetry(d.Get("cluster_telemetry")),
+			},
+		}
+		updateF := func() error {
+			log.Println("[DEBUG] updating cluster_telemetry")
+			name := containerClusterFullName(project, location, clusterName)
+			op, err := config.clientContainerBeta.Projects.Locations.Clusters.Update(name, req).Do()
+			if err != nil {
+				return err
+			}
+
+			// Wait until it's updated
+			err = containerOperationWait(config, op, project, location, "updating Cluster Telemetry", d.Timeout(schema.TimeoutUpdate))
+			log.Println("[DEBUG] done updating cluster_telemetry")
+			return err
+		}
+
+		// Call update serially.
+		if err := lockedCall(lockKey, updateF); err != nil {
+			return err
+		}
+
+		log.Printf("[INFO] GKE cluster %s Cluster Telemetry has been updated to %#v", d.Id(), req.Update.DesiredClusterTelemetry)
+
+		d.SetPartial("cluster_telemetry")
+	}
+
 	if _, err := containerClusterAwaitRestingState(config, project, location, clusterName, d.Timeout(schema.TimeoutUpdate)); err != nil {
 		return err
 	}
@@ -2690,6 +2743,17 @@ func expandDatabaseEncryption(configured interface{}) *containerBeta.DatabaseEnc
 	}
 }
 
+func expandClusterTelemetry(configured interface{}) *containerBeta.ClusterTelemetry {
+	l := configured.([]interface{})
+	if len(l) == 0 || l[0] == nil {
+		return nil
+	}
+	config := l[0].(map[string]interface{})
+	return &containerBeta.ClusterTelemetry{
+		Type: config["type"].(string),
+	}
+}
+
 func expandWorkloadIdentityConfig(configured interface{}) *containerBeta.WorkloadIdentityConfig {
 	l := configured.([]interface{})
 	if len(l) == 0 || l[0] == nil {
@@ -2913,6 +2977,16 @@ func flattenReleaseChannel(c *containerBeta.ReleaseChannel) []map[string]interfa
 	return result
 }
 
+func flattenClusterTelemetry(c *containerBeta.ClusterTelemetry) []map[string]interface{} {
+	result := []map[string]interface{}{}
+	if c != nil {
+		result = append(result, map[string]interface{}{
+			"type": c.Type,
+		})
+	}
+	return result
+}
+
 func flattenWorkloadIdentityConfig(c *containerBeta.WorkloadIdentityConfig) []map[string]interface{} {
 	if c == nil {
 		return nil

google-beta/resource_container_cluster_test.go

@@ -416,6 +416,48 @@ func TestAccContainerCluster_withInvalidReleaseChannel(t *testing.T) {
 	})
 }
 
+func TestAccContainerCluster_withTelemetryEnabled(t *testing.T) {
+	t.Parallel()
+	clusterName := fmt.Sprintf("tf-test-cluster-%s", randString(t, 10))
+	vcrTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckContainerClusterDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccContainerCluster_withTelemetryEnabled(clusterName, "ENABLED"),
+			},
+			{
+				ResourceName:            "google_container_cluster.with_cluster_telemetry",
+				ImportStateIdPrefix:     "us-central1-a/",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"min_master_version"},
+			},
+			{
+				Config: testAccContainerCluster_withTelemetryEnabled(clusterName, "DISABLED"),
+			},
+			{
+				ResourceName:            "google_container_cluster.with_cluster_telemetry",
+				ImportStateIdPrefix:     "us-central1-a/",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"min_master_version"},
+			},
+			{
+				Config: testAccContainerCluster_withTelemetryEnabled(clusterName, "SYSTEM_ONLY"),
+			},
+			{
+				ResourceName:            "google_container_cluster.with_cluster_telemetry",
+				ImportStateIdPrefix:     "us-central1-a/",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"min_master_version"},
+			},
+		},
+	})
+}
+
 func TestAccContainerCluster_withMasterAuthorizedNetworksConfig(t *testing.T) {
 	t.Parallel()
 
@@ -2211,6 +2253,21 @@ resource "google_container_cluster" "with_release_channel" {
 `, clusterName, channel)
 }
 
+func testAccContainerCluster_withTelemetryEnabled(clusterName string, telemetryType string) string {
+	return fmt.Sprintf(`
+resource "google_container_cluster" "with_cluster_telemetry" {
+  name               = "%s"
+  location           = "us-central1-a"
+  initial_node_count = 1
+  min_master_version = "1.15"
+
+  cluster_telemetry {
+    type = "%s"
+  }
+}
+`, clusterName, telemetryType)
+}
+
 func testAccContainerCluster_removeNetworkPolicy(clusterName string) string {
 	return fmt.Sprintf(`
 resource "google_container_cluster" "with_network_policy_enabled" {

website/docs/r/container_cluster.html.markdown

@@ -268,6 +268,10 @@ region are guaranteed to support the same version.
 * `private_cluster_config` - (Optional) Configuration for [private clusters](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters),
 clusters with private nodes. Structure is documented below.
 
+* `cluster_telemetry` - (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)) Configuration for
+   [ClusterTelemetry](https://cloud.google.com/monitoring/kubernetes-engine/installing#controlling_the_collection_of_application_logs) feature,
+   Structure is documented below.
+
 * `project` - (Optional) The ID of the project in which the resource belongs. If it
     is not provided, the provider project is used.
 
@@ -308,6 +312,11 @@ subnetwork in which the cluster's instances are launched.
 * `enable_intranode_visibility` - (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
     Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network.
 
+The `cluster_telemetry` blocks supports
+
+* `type` - Telemetry integration for the cluster. Supported values (`ENABLE, DISABLE, SYSTEM_ONLY`);
+   `SYSTEM_ONLY` (Only system components are monitored and logged) is only available in GKE versions 1.15 and later.
+
 The `addons_config` block supports:
 
 * `horizontal_pod_autoscaling` - (Optional) The status of the Horizontal Pod Autoscaling