Implement OKE changes to support Native VCN Clusters

Author: srishtipmishra

CHANGELOG.md

@@ -2,6 +2,7 @@
 
 ### Added
 - Support for updating instance type in `oci_oce_oce_instance`
+- Support for private native vcn clusters to `container_engine`
 
 ## 4.17.0 (March 10, 2021)
 

examples/container_engine/regional_subnet/cluster.tf

@@ -9,6 +9,12 @@ resource "oci_containerengine_cluster" "test_cluster" {
   vcn_id             = oci_core_vcn.test_vcn.id
 
   #Optional
+  endpoint_config {
+    subnet_id             = oci_core_subnet.cluster_regional_subnet.id
+    is_public_ip_enabled  = "true"
+    nsg_ids               = [oci_core_network_security_group.test_nsg.id]
+  }
+
   options {
     service_lb_subnet_ids = [oci_core_subnet.clusterSubnet_1.id, oci_core_subnet.clusterSubnet_2.id]
 

examples/container_engine/regional_subnet/networking.tf

@@ -7,6 +7,12 @@ resource "oci_core_vcn" "test_vcn" {
   display_name   = "tfVcnForClusters"
 }
 
+resource "oci_core_network_security_group" "test_nsg" {
+  compartment_id = var.compartment_ocid
+  display_name   = "tfNsgForClusters"
+  vcn_id         = oci_core_vcn.test_vcn.id
+}
+
 resource "oci_core_internet_gateway" "test_ig" {
   compartment_id = var.compartment_ocid
   display_name   = "tfClusterInternetGateway"
@@ -51,6 +57,18 @@ resource "oci_core_subnet" "clusterSubnet_2" {
   route_table_id    = oci_core_route_table.test_route_table.id
 }
 
+resource "oci_core_subnet" "cluster_regional_subnet" {
+  #Required
+  cidr_block     = "10.0.26.0/24"
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_vcn.test_vcn.id
+
+  # Provider code tries to maintain compatibility with old versions.
+  security_list_ids = [oci_core_vcn.test_vcn.default_security_list_id]
+  display_name      = "clusterRegionalSubnet"
+  route_table_id    = oci_core_route_table.test_route_table.id
+}
+
 resource "oci_core_subnet" "node_pool_regional_subnet_1" {
   #Required
   cidr_block     = "10.0.24.0/24"

go.mod

@@ -14,4 +14,4 @@ require (
 )
 
 // Uncomment this line to get OCI Go SDK from local source instead of github
-//replace github.com/oracle/oci-go-sdk => ../../oracle/oci-go-sdk
+// replace github.com/oracle/oci-go-sdk/v35 => ../../oracle/oci-go-sdk

oci/containerengine_cluster_kube_config_data_source.go

@@ -24,6 +24,10 @@ func ContainerengineClusterKubeConfigDataSource() *schema.Resource {
 				Type:     schema.TypeString,
 				Required: true,
 			},
+			"endpoint": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
 			"expiration": {
 				Type:     schema.TypeInt,
 				Optional: true,
@@ -67,6 +71,10 @@ func (s *ContainerengineClusterKubeConfigDataSourceCrud) Get() error {
 		request.ClusterId = &tmp
 	}
 
+	if endpoint, ok := s.D.GetOkExists("endpoint"); ok {
+		request.Endpoint = oci_containerengine.CreateClusterKubeconfigContentDetailsEndpointEnum(endpoint.(string))
+	}
+
 	if expiration, ok := s.D.GetOkExists("expiration"); ok {
 		tmp := expiration.(int)
 		request.Expiration = &tmp

oci/containerengine_cluster_kube_config_test.go

@@ -16,6 +16,7 @@ import (
 var (
 	clusterKubeConfigSingularDataSourceRepresentation = map[string]interface{}{
 		"cluster_id":    Representation{repType: Required, create: `${oci_containerengine_cluster.test_cluster.id}`},
+		"endpoint":      Representation{repType: Optional, create: `LEGACY_KUBERNETES`},
 		"token_version": Representation{repType: Optional, create: `2.0.0`},
 	}
 
@@ -56,6 +57,7 @@ func TestContainerengineClusterKubeConfigResource_basic(t *testing.T) {
 					compartmentIdVariableStr + ClusterKubeConfigResourceConfig,
 				Check: resource.ComposeAggregateTestCheckFunc(
 					resource.TestCheckResourceAttrSet(singularDatasourceName, "cluster_id"),
+					resource.TestCheckResourceAttr(singularDatasourceName, "endpoint", "LEGACY_KUBERNETES"),
 					resource.TestCheckResourceAttr(singularDatasourceName, "token_version", "2.0.0"),
 					resource.TestCheckResourceAttrSet(singularDatasourceName, "content"),
 				),

oci/containerengine_cluster_resource.go

@@ -59,6 +59,39 @@ func ContainerengineClusterResource() *schema.Resource {
 			},
 
 			// Optional
+			"endpoint_config": {
+				Type:     schema.TypeList,
+				Optional: true,
+				MaxItems: 1,
+				MinItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						// Required
+						"subnet_id": {
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+						},
+
+						// Optional
+						"is_public_ip_enabled": {
+							Type:     schema.TypeBool,
+							Optional: true,
+							Computed: true,
+						},
+						"nsg_ids": {
+							Type:     schema.TypeSet,
+							Optional: true,
+							Set:      literalTypeHashCodeForSets,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+						},
+
+						// Computed
+					},
+				},
+			},
 			"kms_key_id": {
 				Type:     schema.TypeString,
 				Optional: true,
@@ -194,6 +227,14 @@ func ContainerengineClusterResource() *schema.Resource {
 							Type:     schema.TypeString,
 							Computed: true,
 						},
+						"private_endpoint": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"public_endpoint": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
 					},
 				},
 			},
@@ -336,6 +377,17 @@ func (s *ContainerengineClusterResourceCrud) Create() error {
 		request.CompartmentId = &tmp
 	}
 
+	if endpointConfig, ok := s.D.GetOkExists("endpoint_config"); ok {
+		if tmpList := endpointConfig.([]interface{}); len(tmpList) > 0 {
+			fieldKeyFormat := fmt.Sprintf("%s.%d.%%s", "endpoint_config", 0)
+			tmp, err := s.mapToCreateClusterEndpointConfigDetails(fieldKeyFormat)
+			if err != nil {
+				return err
+			}
+			request.EndpointConfig = &tmp
+		}
+	}
+
 	if kmsKeyId, ok := s.D.GetOkExists("kms_key_id"); ok {
 		tmp := kmsKeyId.(string)
 		request.KmsKeyId = &tmp
@@ -525,10 +577,16 @@ func (s *ContainerengineClusterResourceCrud) Get() error {
 }
 
 func (s *ContainerengineClusterResourceCrud) Update() error {
-	request := oci_containerengine.UpdateClusterRequest{}
+	clusterID := s.D.Id()
+	if endpointConfig, ok := s.D.GetOkExists("endpoint_config"); ok && s.D.HasChange("endpoint_config") {
+		err := s.updateClusterEndpointConfig(clusterID, endpointConfig)
+		if err != nil {
+			return err
+		}
+	}
 
-	tmp := s.D.Id()
-	request.ClusterId = &tmp
+	request := oci_containerengine.UpdateClusterRequest{}
+	request.ClusterId = &clusterID
 
 	if kubernetesVersion, ok := s.D.GetOkExists("kubernetes_version"); ok {
 		tmp := kubernetesVersion.(string)
@@ -561,6 +619,26 @@ func (s *ContainerengineClusterResourceCrud) Update() error {
 	workId := response.OpcWorkRequestId
 	return s.getClusterFromWorkRequest(workId, getRetryPolicy(s.DisableNotFoundRetries, "containerengine"), oci_containerengine.WorkRequestResourceActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate))
 }
+func (s *ContainerengineClusterResourceCrud) updateClusterEndpointConfig(clusterID string, endpointConfig interface{}) error {
+	request := oci_containerengine.UpdateClusterEndpointConfigRequest{}
+	request.ClusterId = &clusterID
+	if tmpList := endpointConfig.([]interface{}); len(tmpList) > 0 {
+		fieldKeyFormat := fmt.Sprintf("%s.%d.%%s", "endpoint_config", 0)
+		tmp, err := s.mapToUpdateClusterEndpointConfigDetails(fieldKeyFormat)
+		if err != nil {
+			return err
+		}
+		request.UpdateClusterEndpointConfigDetails = tmp
+	}
+
+	response, err := s.Client.UpdateClusterEndpointConfig(context.Background(), request)
+	if err != nil {
+		return err
+	}
+
+	workID := response.OpcWorkRequestId
+	return s.getClusterFromWorkRequest(workID, getRetryPolicy(s.DisableNotFoundRetries, "containerengine"), oci_containerengine.WorkRequestResourceActionTypeUpdated, s.D.Timeout(schema.TimeoutUpdate))
+}
 
 func (s *ContainerengineClusterResourceCrud) Delete() error {
 	request := oci_containerengine.DeleteClusterRequest{}
@@ -589,6 +667,12 @@ func (s *ContainerengineClusterResourceCrud) SetData() error {
 		s.D.Set("compartment_id", *s.Res.CompartmentId)
 	}
 
+	if s.Res.EndpointConfig != nil {
+		s.D.Set("endpoint_config", []interface{}{ClusterEndpointConfigToMap(s.Res.EndpointConfig, false)})
+	} else {
+		s.D.Set("endpoint_config", nil)
+	}
+
 	if s.Res.Endpoints != nil {
 		s.D.Set("endpoints", []interface{}{ClusterEndpointsToMap(s.Res.Endpoints)})
 	} else {
@@ -762,6 +846,14 @@ func ClusterEndpointsToMap(obj *oci_containerengine.ClusterEndpoints) map[string
 		result["kubernetes"] = string(*obj.Kubernetes)
 	}
 
+	if obj.PrivateEndpoint != nil {
+		result["private_endpoint"] = string(*obj.PrivateEndpoint)
+	}
+
+	if obj.PublicEndpoint != nil {
+		result["public_endpoint"] = string(*obj.PublicEndpoint)
+	}
+
 	return result
 }
 
@@ -807,6 +899,82 @@ func ClusterMetadataToMap(obj *oci_containerengine.ClusterMetadata) map[string]i
 	return result
 }
 
+func (s *ContainerengineClusterResourceCrud) mapToUpdateClusterEndpointConfigDetails(fieldKeyFormat string) (oci_containerengine.UpdateClusterEndpointConfigDetails, error) {
+	result := oci_containerengine.UpdateClusterEndpointConfigDetails{}
+	if isPublicIpEnabled, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "is_public_ip_enabled")); ok {
+		tmp := isPublicIpEnabled.(bool)
+		result.IsPublicIpEnabled = &tmp
+	}
+	if nsgIds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "nsg_ids")); ok {
+		set := nsgIds.(*schema.Set)
+		interfaces := set.List()
+		tmp := make([]string, len(interfaces))
+		for i := range interfaces {
+			if interfaces[i] != nil {
+				tmp[i] = interfaces[i].(string)
+			}
+		}
+		if len(tmp) != 0 || s.D.HasChange(fmt.Sprintf(fieldKeyFormat, "nsg_ids")) {
+			result.NsgIds = tmp
+		}
+	}
+	return result, nil
+}
+
+func (s *ContainerengineClusterResourceCrud) mapToCreateClusterEndpointConfigDetails(fieldKeyFormat string) (oci_containerengine.CreateClusterEndpointConfigDetails, error) {
+	result := oci_containerengine.CreateClusterEndpointConfigDetails{}
+
+	if isPublicIpEnabled, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "is_public_ip_enabled")); ok {
+		tmp := isPublicIpEnabled.(bool)
+		result.IsPublicIpEnabled = &tmp
+	}
+
+	if nsgIds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "nsg_ids")); ok {
+		set := nsgIds.(*schema.Set)
+		interfaces := set.List()
+		tmp := make([]string, len(interfaces))
+		for i := range interfaces {
+			if interfaces[i] != nil {
+				tmp[i] = interfaces[i].(string)
+			}
+		}
+		if len(tmp) != 0 || s.D.HasChange(fmt.Sprintf(fieldKeyFormat, "nsg_ids")) {
+			result.NsgIds = tmp
+		}
+	}
+
+	if subnetId, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "subnet_id")); ok {
+		tmp := subnetId.(string)
+		result.SubnetId = &tmp
+	}
+
+	return result, nil
+}
+
+func ClusterEndpointConfigToMap(obj *oci_containerengine.ClusterEndpointConfig, datasource bool) map[string]interface{} {
+	result := map[string]interface{}{}
+
+	if obj.IsPublicIpEnabled != nil {
+		result["is_public_ip_enabled"] = bool(*obj.IsPublicIpEnabled)
+	}
+
+	nsgIds := []interface{}{}
+	for _, item := range obj.NsgIds {
+		nsgIds = append(nsgIds, item)
+	}
+	if datasource {
+		result["nsg_ids"] = nsgIds
+	} else {
+		result["nsg_ids"] = schema.NewSet(literalTypeHashCodeForSets, nsgIds)
+	}
+
+	if obj.SubnetId != nil {
+		result["subnet_id"] = string(*obj.SubnetId)
+	}
+
+	return result
+}
+
 func (s *ContainerengineClusterResourceCrud) mapToKubernetesNetworkConfig(fieldKeyFormat string) (oci_containerengine.KubernetesNetworkConfig, error) {
 	result := oci_containerengine.KubernetesNetworkConfig{}