Revert netlb tracking (#3695)

* Revert "Feature/NetLB connection tracking (#5207) (#3655)"

This reverts commit d167db2.

* Removed NetLB from release notes

Author: melinath

.changelog/5207.txt

@@ -11,7 +11,6 @@ IMPROVEMENTS:
 * cloudbuild: added field `service_account` to `google_cloudbuild_trigger` ([#3661](https://github.com/hashicorp/terraform-provider-google-beta/pull/3661))
 * composer: added field `scheduler_count` to `google_composer_environment` ([#3660](https://github.com/hashicorp/terraform-provider-google-beta/pull/3660))
 * compute: Disabled recreation of GCE instances when updating `resource_policies` property ([#3668](https://github.com/hashicorp/terraform-provider-google-beta/pull/3668))
-* compute: added NetLB support for Connection Tracking as `connectionTrackingPolicy` in `RegionBackendService` ([#3655](https://github.com/hashicorp/terraform-provider-google-beta/pull/3655))
 * container: added support for `logging_config` and `monitoring_config` to `google_container_cluster` ([#3641](https://github.com/hashicorp/terraform-provider-google-beta/pull/3641))
 * kms: added support for `import_only` to `google_kms_crypto_key` ([#3659](https://github.com/hashicorp/terraform-provider-google-beta/pull/3659))
 * networkservices: boosted the default timeout for `google_network_services_edge_cache_origin` from 30m to 60m ([#3674](https://github.com/hashicorp/terraform-provider-google-beta/pull/3674))

CHANGELOG.md

@@ -404,63 +404,6 @@ connections, but still work to finish started).`,
 				Default: 0,
 			},
 
-			"connection_tracking_policy": {
-				Type:     schema.TypeList,
-				Optional: true,
-				Description: `Connection Tracking configuration for this BackendService.
-This is available only for Layer 4 Internal Load Balancing and
-Network Load Balancing.`,
-				MaxItems: 1,
-				Elem: &schema.Resource{
-					Schema: map[string]*schema.Schema{
-						"connection_persistence_on_unhealthy_backends": {
-							Type:         schema.TypeString,
-							Optional:     true,
-							ValidateFunc: validation.StringInSlice([]string{"DEFAULT_FOR_PROTOCOL", "NEVER_PERSIST", "ALWAYS_PERSIST", ""}, false),
-							Description: `Specifies connection persistence when backends are unhealthy.
-
-If set to 'DEFAULT_FOR_PROTOCOL', the existing connections persist on
-unhealthy backends only for connection-oriented protocols (TCP and SCTP)
-and only if the Tracking Mode is PER_CONNECTION (default tracking mode)
-or the Session Affinity is configured for 5-tuple. They do not persist
-for UDP.
-
-If set to 'NEVER_PERSIST', after a backend becomes unhealthy, the existing
-connections on the unhealthy backend are never persisted on the unhealthy
-backend. They are always diverted to newly selected healthy backends
-(unless all backends are unhealthy).
-
-If set to 'ALWAYS_PERSIST', existing connections always persist on
-unhealthy backends regardless of protocol and session affinity. It is
-generally not recommended to use this mode overriding the default. Default value: "DEFAULT_FOR_PROTOCOL" Possible values: ["DEFAULT_FOR_PROTOCOL", "NEVER_PERSIST", "ALWAYS_PERSIST"]`,
-							Default: "DEFAULT_FOR_PROTOCOL",
-						},
-						"idle_timeout_sec": {
-							Type:     schema.TypeInt,
-							Computed: true,
-							Optional: true,
-							Description: `Specifies how long to keep a Connection Tracking entry while there is
-no matching traffic (in seconds). 
-
-For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
-
-For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.`,
-						},
-						"tracking_mode": {
-							Type:         schema.TypeString,
-							Optional:     true,
-							ValidateFunc: validation.StringInSlice([]string{"PER_CONNECTION", "PER_SESSION", ""}, false),
-							Description: `Specifies the key used for connection tracking. There are two options:
-'PER_CONNECTION': The Connection Tracking is performed as per the
-Connection Key (default Hash Method) for the specific protocol.
-
-'PER_SESSION': The Connection Tracking is performed as per the
-configured Session Affinity. It matches the configured Session Affinity. Default value: "PER_CONNECTION" Possible values: ["PER_CONNECTION", "PER_SESSION"]`,
-							Default: "PER_CONNECTION",
-						},
-					},
-				},
-			},
 			"consistent_hash": {
 				Type:     schema.TypeList,
 				Optional: true,
@@ -908,9 +851,9 @@ If it is not provided, the provider region is used.`,
 				Type:         schema.TypeString,
 				Computed:     true,
 				Optional:     true,
-				ValidateFunc: validation.StringInSlice([]string{"NONE", "CLIENT_IP", "CLIENT_IP_PORT_PROTO", "CLIENT_IP_PROTO", "GENERATED_COOKIE", "HEADER_FIELD", "HTTP_COOKIE", "CLIENT_IP_NO_DESTINATION", ""}, false),
+				ValidateFunc: validation.StringInSlice([]string{"NONE", "CLIENT_IP", "CLIENT_IP_PORT_PROTO", "CLIENT_IP_PROTO", "GENERATED_COOKIE", "HEADER_FIELD", "HTTP_COOKIE", ""}, false),
 				Description: `Type of session affinity to use. The default is NONE. Session affinity is
-not applicable if the protocol is UDP. Possible values: ["NONE", "CLIENT_IP", "CLIENT_IP_PORT_PROTO", "CLIENT_IP_PROTO", "GENERATED_COOKIE", "HEADER_FIELD", "HTTP_COOKIE", "CLIENT_IP_NO_DESTINATION"]`,
+not applicable if the protocol is UDP. Possible values: ["NONE", "CLIENT_IP", "CLIENT_IP_PORT_PROTO", "CLIENT_IP_PROTO", "GENERATED_COOKIE", "HEADER_FIELD", "HTTP_COOKIE"]`,
 			},
 			"timeout_sec": {
 				Type:     schema.TypeInt,
@@ -1204,12 +1147,6 @@ func resourceComputeRegionBackendServiceCreate(d *schema.ResourceData, meta inte
 	} else if v, ok := d.GetOkExists("session_affinity"); !isEmptyValue(reflect.ValueOf(sessionAffinityProp)) && (ok || !reflect.DeepEqual(v, sessionAffinityProp)) {
 		obj["sessionAffinity"] = sessionAffinityProp
 	}
-	connectionTrackingPolicyProp, err := expandComputeRegionBackendServiceConnectionTrackingPolicy(d.Get("connection_tracking_policy"), d, config)
-	if err != nil {
-		return err
-	} else if v, ok := d.GetOkExists("connection_tracking_policy"); !isEmptyValue(reflect.ValueOf(connectionTrackingPolicyProp)) && (ok || !reflect.DeepEqual(v, connectionTrackingPolicyProp)) {
-		obj["connectionTrackingPolicy"] = connectionTrackingPolicyProp
-	}
 	timeoutSecProp, err := expandComputeRegionBackendServiceTimeoutSec(d.Get("timeout_sec"), d, config)
 	if err != nil {
 		return err
@@ -1404,9 +1341,6 @@ func resourceComputeRegionBackendServiceRead(d *schema.ResourceData, meta interf
 	if err := d.Set("session_affinity", flattenComputeRegionBackendServiceSessionAffinity(res["sessionAffinity"], d, config)); err != nil {
 		return fmt.Errorf("Error reading RegionBackendService: %s", err)
 	}
-	if err := d.Set("connection_tracking_policy", flattenComputeRegionBackendServiceConnectionTrackingPolicy(res["connectionTrackingPolicy"], d, config)); err != nil {
-		return fmt.Errorf("Error reading RegionBackendService: %s", err)
-	}
 	if err := d.Set("timeout_sec", flattenComputeRegionBackendServiceTimeoutSec(res["timeoutSec"], d, config)); err != nil {
 		return fmt.Errorf("Error reading RegionBackendService: %s", err)
 	}
@@ -1556,12 +1490,6 @@ func resourceComputeRegionBackendServiceUpdate(d *schema.ResourceData, meta inte
 	} else if v, ok := d.GetOkExists("session_affinity"); !isEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, sessionAffinityProp)) {
 		obj["sessionAffinity"] = sessionAffinityProp
 	}
-	connectionTrackingPolicyProp, err := expandComputeRegionBackendServiceConnectionTrackingPolicy(d.Get("connection_tracking_policy"), d, config)
-	if err != nil {
-		return err
-	} else if v, ok := d.GetOkExists("connection_tracking_policy"); !isEmptyValue(reflect.ValueOf(v)) && (ok || !reflect.DeepEqual(v, connectionTrackingPolicyProp)) {
-		obj["connectionTrackingPolicy"] = connectionTrackingPolicyProp
-	}
 	timeoutSecProp, err := expandComputeRegionBackendServiceTimeoutSec(d.Get("timeout_sec"), d, config)
 	if err != nil {
 		return err
@@ -2748,48 +2676,6 @@ func flattenComputeRegionBackendServiceSessionAffinity(v interface{}, d *schema.
 	return v
 }
 
-func flattenComputeRegionBackendServiceConnectionTrackingPolicy(v interface{}, d *schema.ResourceData, config *Config) interface{} {
-	if v == nil {
-		return nil
-	}
-	original := v.(map[string]interface{})
-	if len(original) == 0 {
-		return nil
-	}
-	transformed := make(map[string]interface{})
-	transformed["idle_timeout_sec"] =
-		flattenComputeRegionBackendServiceConnectionTrackingPolicyIdleTimeoutSec(original["idleTimeoutSec"], d, config)
-	transformed["tracking_mode"] =
-		flattenComputeRegionBackendServiceConnectionTrackingPolicyTrackingMode(original["trackingMode"], d, config)
-	transformed["connection_persistence_on_unhealthy_backends"] =
-		flattenComputeRegionBackendServiceConnectionTrackingPolicyConnectionPersistenceOnUnhealthyBackends(original["connectionPersistenceOnUnhealthyBackends"], d, config)
-	return []interface{}{transformed}
-}
-func flattenComputeRegionBackendServiceConnectionTrackingPolicyIdleTimeoutSec(v interface{}, d *schema.ResourceData, config *Config) interface{} {
-	// Handles the string fixed64 format
-	if strVal, ok := v.(string); ok {
-		if intVal, err := strconv.ParseInt(strVal, 10, 64); err == nil {
-			return intVal
-		}
-	}
-
-	// number values are represented as float64
-	if floatVal, ok := v.(float64); ok {
-		intVal := int(floatVal)
-		return intVal
-	}
-
-	return v // let terraform core handle it otherwise
-}
-
-func flattenComputeRegionBackendServiceConnectionTrackingPolicyTrackingMode(v interface{}, d *schema.ResourceData, config *Config) interface{} {
-	return v
-}
-
-func flattenComputeRegionBackendServiceConnectionTrackingPolicyConnectionPersistenceOnUnhealthyBackends(v interface{}, d *schema.ResourceData, config *Config) interface{} {
-	return v
-}
-
 func flattenComputeRegionBackendServiceTimeoutSec(v interface{}, d *schema.ResourceData, config *Config) interface{} {
 	// Handles the string fixed64 format
 	if strVal, ok := v.(string); ok {
@@ -3769,51 +3655,6 @@ func expandComputeRegionBackendServiceSessionAffinity(v interface{}, d Terraform
 	return v, nil
 }
 
-func expandComputeRegionBackendServiceConnectionTrackingPolicy(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
-	l := v.([]interface{})
-	if len(l) == 0 || l[0] == nil {
-		return nil, nil
-	}
-	raw := l[0]
-	original := raw.(map[string]interface{})
-	transformed := make(map[string]interface{})
-
-	transformedIdleTimeoutSec, err := expandComputeRegionBackendServiceConnectionTrackingPolicyIdleTimeoutSec(original["idle_timeout_sec"], d, config)
-	if err != nil {
-		return nil, err
-	} else if val := reflect.ValueOf(transformedIdleTimeoutSec); val.IsValid() && !isEmptyValue(val) {
-		transformed["idleTimeoutSec"] = transformedIdleTimeoutSec
-	}
-
-	transformedTrackingMode, err := expandComputeRegionBackendServiceConnectionTrackingPolicyTrackingMode(original["tracking_mode"], d, config)
-	if err != nil {
-		return nil, err
-	} else if val := reflect.ValueOf(transformedTrackingMode); val.IsValid() && !isEmptyValue(val) {
-		transformed["trackingMode"] = transformedTrackingMode
-	}
-
-	transformedConnectionPersistenceOnUnhealthyBackends, err := expandComputeRegionBackendServiceConnectionTrackingPolicyConnectionPersistenceOnUnhealthyBackends(original["connection_persistence_on_unhealthy_backends"], d, config)
-	if err != nil {
-		return nil, err
-	} else if val := reflect.ValueOf(transformedConnectionPersistenceOnUnhealthyBackends); val.IsValid() && !isEmptyValue(val) {
-		transformed["connectionPersistenceOnUnhealthyBackends"] = transformedConnectionPersistenceOnUnhealthyBackends
-	}
-
-	return transformed, nil
-}
-
-func expandComputeRegionBackendServiceConnectionTrackingPolicyIdleTimeoutSec(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
-	return v, nil
-}
-
-func expandComputeRegionBackendServiceConnectionTrackingPolicyTrackingMode(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
-	return v, nil
-}
-
-func expandComputeRegionBackendServiceConnectionTrackingPolicyConnectionPersistenceOnUnhealthyBackends(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
-	return v, nil
-}
-
 func expandComputeRegionBackendServiceTimeoutSec(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
 	return v, nil
 }

google-beta/resource_compute_region_backend_service.go

@@ -386,59 +386,6 @@ resource "google_compute_subnetwork" "default" {
 `, context)
 }
 
-func TestAccComputeRegionBackendService_regionBackendServiceConnectionTrackingExample(t *testing.T) {
-	t.Parallel()
-
-	context := map[string]interface{}{
-		"random_suffix": randString(t, 10),
-	}
-
-	vcrTest(t, resource.TestCase{
-		PreCheck:     func() { testAccPreCheck(t) },
-		Providers:    testAccProviders,
-		CheckDestroy: testAccCheckComputeRegionBackendServiceDestroyProducer(t),
-		Steps: []resource.TestStep{
-			{
-				Config: testAccComputeRegionBackendService_regionBackendServiceConnectionTrackingExample(context),
-			},
-			{
-				ResourceName:            "google_compute_region_backend_service.default",
-				ImportState:             true,
-				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"network", "region"},
-			},
-		},
-	})
-}
-
-func testAccComputeRegionBackendService_regionBackendServiceConnectionTrackingExample(context map[string]interface{}) string {
-	return Nprintf(`
-resource "google_compute_region_backend_service" "default" {
-  name                            = "tf-test-region-service%{random_suffix}"
-  region                          = "us-central1"
-  health_checks                   = [google_compute_region_health_check.health_check.id]
-  connection_draining_timeout_sec = 10
-  session_affinity                = "CLIENT_IP"
-  protocol                        = "TCP"
-  load_balancing_scheme           = "EXTERNAL"
-  connection_tracking_policy {
-    tracking_mode                                = "PER_SESSION"
-    connection_persistence_on_unhealthy_backends = "NEVER_PERSIST"
-    idle_timeout_sec                             = 60
-  }
-}
-
-resource "google_compute_region_health_check" "health_check" {
-  name               = "tf-test-rbs-health-check%{random_suffix}"
-  region             = "us-central1"
-
-  tcp_health_check {
-    port = 22
-  }
-}
-`, context)
-}
-
 func testAccCheckComputeRegionBackendServiceDestroyProducer(t *testing.T) func(s *terraform.State) error {
 	return func(s *terraform.State) error {
 		for name, rs := range s.RootModule().Resources {

google-beta/resource_compute_region_backend_service_generated_test.go

@@ -5,7 +5,7 @@ import (
 	"fmt"
 	"testing"
 
-	dcl "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl"
+	"github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl"
 	gkehub "github.com/GoogleCloudPlatform/declarative-resource-client-library/services/google/gkehub/beta"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"

google-beta/resource_gke_hub_feature_membership_test.go

@@ -279,39 +279,6 @@ resource "google_compute_subnetwork" "default" {
   network       = google_compute_network.default.id
 }
 ```
-<div class = "oics-button" style="float: right; margin: 0 0 -15px">
-  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=region_backend_service_connection_tracking&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
-    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
-  </a>
-</div>
-## Example Usage - Region Backend Service Connection Tracking
-
-
-```hcl
-resource "google_compute_region_backend_service" "default" {
-  name                            = "region-service"
-  region                          = "us-central1"
-  health_checks                   = [google_compute_region_health_check.health_check.id]
-  connection_draining_timeout_sec = 10
-  session_affinity                = "CLIENT_IP"
-  protocol                        = "TCP"
-  load_balancing_scheme           = "EXTERNAL"
-  connection_tracking_policy {
-    tracking_mode                                = "PER_SESSION"
-    connection_persistence_on_unhealthy_backends = "NEVER_PERSIST"
-    idle_timeout_sec                             = 60
-  }
-}
-
-resource "google_compute_region_health_check" "health_check" {
-  name               = "rbs-health-check"
-  region             = "us-central1"
-
-  tcp_health_check {
-    port = 22
-  }
-}
-```
 
 ## Argument Reference
 
@@ -464,14 +431,7 @@ The following arguments are supported:
   (Optional)
   Type of session affinity to use. The default is NONE. Session affinity is
   not applicable if the protocol is UDP.
-  Possible values are `NONE`, `CLIENT_IP`, `CLIENT_IP_PORT_PROTO`, `CLIENT_IP_PROTO`, `GENERATED_COOKIE`, `HEADER_FIELD`, `HTTP_COOKIE`, and `CLIENT_IP_NO_DESTINATION`.
-
-* `connection_tracking_policy` -
-  (Optional)
-  Connection Tracking configuration for this BackendService.
-  This is available only for Layer 4 Internal Load Balancing and
-  Network Load Balancing.
-  Structure is [documented below](#nested_connection_tracking_policy).
+  Possible values are `NONE`, `CLIENT_IP`, `CLIENT_IP_PORT_PROTO`, `CLIENT_IP_PROTO`, `GENERATED_COOKIE`, `HEADER_FIELD`, and `HTTP_COOKIE`.
 
 * `timeout_sec` -
   (Optional)
@@ -957,43 +917,6 @@ The following arguments are supported:
   less than one second are represented with a 0 `seconds` field and a positive
   `nanos` field. Must be from 0 to 999,999,999 inclusive.
 
-<a name="nested_connection_tracking_policy"></a>The `connection_tracking_policy` block supports:
-
-* `idle_timeout_sec` -
-  (Optional)
-  Specifies how long to keep a Connection Tracking entry while there is
-  no matching traffic (in seconds). 
-  For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
-  For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
-
-* `tracking_mode` -
-  (Optional)
-  Specifies the key used for connection tracking. There are two options:
-  `PER_CONNECTION`: The Connection Tracking is performed as per the
-  Connection Key (default Hash Method) for the specific protocol.
-  `PER_SESSION`: The Connection Tracking is performed as per the
-  configured Session Affinity. It matches the configured Session Affinity.
-  Default value is `PER_CONNECTION`.
-  Possible values are `PER_CONNECTION` and `PER_SESSION`.
-
-* `connection_persistence_on_unhealthy_backends` -
-  (Optional)
-  Specifies connection persistence when backends are unhealthy.
-  If set to `DEFAULT_FOR_PROTOCOL`, the existing connections persist on
-  unhealthy backends only for connection-oriented protocols (TCP and SCTP)
-  and only if the Tracking Mode is PER_CONNECTION (default tracking mode)
-  or the Session Affinity is configured for 5-tuple. They do not persist
-  for UDP.
-  If set to `NEVER_PERSIST`, after a backend becomes unhealthy, the existing
-  connections on the unhealthy backend are never persisted on the unhealthy
-  backend. They are always diverted to newly selected healthy backends
-  (unless all backends are unhealthy).
-  If set to `ALWAYS_PERSIST`, existing connections always persist on
-  unhealthy backends regardless of protocol and session affinity. It is
-  generally not recommended to use this mode overriding the default.
-  Default value is `DEFAULT_FOR_PROTOCOL`.
-  Possible values are `DEFAULT_FOR_PROTOCOL`, `NEVER_PERSIST`, and `ALWAYS_PERSIST`.
-
 <a name="nested_log_config"></a>The `log_config` block supports:
 
 * `enable` -