Added - Support for OCI FSS IPv6 Support

Author: aaygoyal

examples/storage/fss/mount_target.tf

@@ -30,6 +30,23 @@ resource "oci_file_storage_mount_target" "my_mount_target_1" {
   is_lock_override = var.is_lock_override
 }
 
+resource "oci_file_storage_mount_target" "my_mount_target_3" {
+  #Required
+  availability_domain = data.oci_identity_availability_domain.ad.name
+  compartment_id      = var.compartment_ocid
+  subnet_id           = oci_core_subnet.my_subnet1.id
+
+  #Optional
+  display_name = var.mount_target_3_display_name
+  ip_address = cidrhost(oci_core_vcn.my_vcn.ipv6cidr_blocks[0], 21)
+  freeform_tags = {
+    "Department" = "FinanceTest"
+  }
+  requested_throughput = "1"
+
+  nsg_ids = [oci_core_network_security_group.test_network_security_group.id]
+}
+
 resource "oci_file_storage_mount_target" "my_mount_target_2" {
   #Required
   availability_domain = data.oci_identity_availability_domain.ad.name

examples/storage/fss/network.tf

@@ -6,6 +6,7 @@ resource "oci_core_vcn" "my_vcn" {
   compartment_id = var.compartment_ocid
   display_name   = "myvcn"
   dns_label      = "myvcn"
+  is_ipv6enabled = true
 }
 
 resource "oci_core_internet_gateway" "my_internet_gateway" {
@@ -38,6 +39,19 @@ resource "oci_core_subnet" "my_subnet" {
   route_table_id      = oci_core_route_table.my_route_table.id
 }
 
+resource "oci_core_subnet" "my_subnet1" {
+  depends_on          = [oci_core_network_security_group.test_network_security_group]
+  availability_domain = data.oci_identity_availability_domain.ad.name
+  cidr_block          = var.my_subnet1_cidr
+  display_name        = "mysubnet1"
+  dns_label           = "mysubnet1"
+  compartment_id      = var.compartment_ocid
+  vcn_id              = oci_core_vcn.my_vcn.id
+  security_list_ids   = [oci_core_security_list.my_security_list.id]
+  route_table_id      = oci_core_route_table.my_route_table.id
+  ipv6cidr_blocks = ["${substr(oci_core_vcn.my_vcn.ipv6cidr_blocks[0], 0, length(oci_core_vcn.my_vcn.ipv6cidr_blocks[0]) - 2)}${64}"]
+}
+
 resource "oci_core_network_security_group" "test_network_security_group" {
   #Required
   compartment_id = var.compartment_ocid

examples/storage/fss/variables.tf

@@ -34,6 +34,10 @@ variable "my_subnet_cidr" {
   default = "10.0.1.0/24"
 }
 
+variable "my_subnet1_cidr" {
+  default = "10.0.2.0/24"
+}
+
 variable "file_system_1_display_name" {
   default = "my_fs_1"
 }
@@ -78,6 +82,10 @@ variable "mount_target_2_display_name" {
   default = "my_mount_target_2"
 }
 
+variable "mount_target_3_display_name" {
+  default = "my_mount_target_3"
+}
+
 variable "export_path_fs1_mt1" {
   default = "/myfsspaths/fs1/path1"
 }

internal/integrationtest/file_storage_mount_target_test.go

@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"regexp"
 	"strconv"
+	"strings"
 	"testing"
 	"time"
 
@@ -102,6 +103,17 @@ var (
 		"requested_throughput": acctest.Representation{RepType: acctest.Optional, Create: `1`},
 		"lifecycle":            acctest.RepresentationGroup{RepType: acctest.Required, Group: ignoreDefinedTagsDifferencesRepresentation},
 	}
+	FileStorageIPV6MountTargetRepresentation = map[string]interface{}{
+		"availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}`},
+		"compartment_id":      acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`},
+		"subnet_id":           acctest.Representation{RepType: acctest.Required, Create: `${oci_core_subnet.test_subnet1.id}`},
+		//"defined_tags":         acctest.Representation{RepType: acctest.Optional, Create: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "value")}`, Update: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "updatedValue")}`},
+		"display_name":         acctest.Representation{RepType: acctest.Optional, Create: `mount-target-ipv6`},
+		"hostname_label":       acctest.Representation{RepType: acctest.Optional, Create: `hostnamelabel`},
+		"ip_address":           acctest.Representation{RepType: acctest.Optional, Create: `${cidrhost(oci_core_vcn.test_vcn.ipv6cidr_blocks[0], 21)}`},
+		"requested_throughput": acctest.Representation{RepType: acctest.Optional, Create: `1`},
+		"lifecycle":            acctest.RepresentationGroup{RepType: acctest.Required, Group: ignoreDefinedTagsDifferencesRepresentation},
+	}
 	FileStorageMountTargetKerberosRepresentation = map[string]interface{}{
 		"kerberos_realm":                 acctest.Representation{RepType: acctest.Required, Create: `kerberosRealm`, Update: `kerberosRealm2`},
 		"backup_key_tab_secret_version":  acctest.Representation{RepType: acctest.Optional, Create: `0`, Update: `0`},
@@ -483,7 +495,53 @@ func TestFileStorageMountTargetResource_failedWorkRequest(t *testing.T) {
 		},
 	})
 }
+func TestFileStorageMountTargetResource_ipv6(t *testing.T) {
+	httpreplay.SetScenario("TestFileStorageMountTargetResource_ipv6")
+	defer httpreplay.SaveScenario()
+	config := acctest.ProviderTestConfig()
+
+	compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid")
+	compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId)
+
+	resourceName := "oci_file_storage_mount_target.test_mount_target123"
+	// Get subnet CIDR block based on its VCN CIDR Block
+	// For example: VCN CIDR Block: 2607:9b80:9a0f:0100::/56, Subnet CIDR Block: 2607:9b80:9a0f:0100::/64
+	subnetCidrBlock := `${substr(oci_core_vcn.test_vcn.ipv6cidr_blocks[0], 0, length(oci_core_vcn.test_vcn.ipv6cidr_blocks[0]) - 2)}${64}`
+	//subnetCidrBlock := `fd1b:392a:ffb6::/64`
+	acctest.ResourceTest(t, testAccCheckFileStorageMountTargetDestroy, []resource.TestStep{
+		// verify resource creation fails for the second mount target with the same ip_address
+		{
+			Config: config + compartmentIdVariableStr +
+				acctest.GenerateResourceFromRepresentationMap("oci_core_network_security_group", "test_network_security_group", acctest.Required, acctest.Create, CoreNetworkSecurityGroupRepresentation) +
+				acctest.GenerateResourceFromRepresentationMap("oci_core_subnet", "test_subnet1", acctest.Required, acctest.Create, acctest.RepresentationCopyWithNewProperties(CoreSubnetRepresentation, map[string]interface{}{
+					"availability_domain": acctest.Representation{RepType: acctest.Required, Create: `${lower("${data.oci_identity_availability_domains.test_availability_domains.availability_domains.0.name}")}`},
+					"dns_label":           acctest.Representation{RepType: acctest.Required, Create: `dnslabel`},
+					"ipv6cidr_blocks":     acctest.Representation{RepType: acctest.Required, Create: []string{subnetCidrBlock}},
+				})) +
+				acctest.GenerateResourceFromRepresentationMap("oci_core_vcn", "test_vcn", acctest.Required, acctest.Create, acctest.RepresentationCopyWithNewProperties(CoreVcnRepresentation, map[string]interface{}{
+					"dns_label":      acctest.Representation{RepType: acctest.Required, Create: `dnslabel`},
+					"is_ipv6enabled": acctest.Representation{RepType: acctest.Required, Create: `true`},
+				})) +
+				AvailabilityDomainConfig +
+				acctest.GenerateResourceFromRepresentationMap("oci_file_storage_mount_target", "test_mount_target123", acctest.Optional, acctest.Update, acctest.RepresentationCopyWithRemovedProperties(FileStorageIPV6MountTargetRepresentation, []string{"idmap_type", "kerberos", "ldap_idmap"})),
+			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
+				//resource.TestCheckResourceAttr(resourceName, "ip_address", "fd1b:392a:ffb6::20"),
+				func(s *terraform.State) (err error) {
+					// Get the IP address from the resource state
+					ipAddress, err := acctest.FromInstanceState(s, resourceName, "ip_address")
+
+					// Check if the IP address contains a colon (which is typical for IPv6)
+					if !strings.Contains(ipAddress, ":") {
+						return fmt.Errorf("IP address %s is not an IPv6 address (it does not contain a colon)", ipAddress)
+					}
 
+					// If it contains a colon, it's an IPv6 address, no error
+					return nil
+				},
+			),
+		},
+	})
+}
 func TestFileStorageMountTargetResource_hpmtTest(t *testing.T) {
 	httpreplay.SetScenario("TestFileStorageMountTargetResource_hpmtTest")
 	defer httpreplay.SaveScenario()

internal/service/file_storage/file_storage_mount_target_resource.go

@@ -248,6 +248,13 @@ func FileStorageMountTargetResource() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+			"mount_target_ipv6ids": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
 			"observed_throughput": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -694,6 +701,8 @@ func (s *FileStorageMountTargetResourceCrud) SetData() error {
 	}
 	s.D.Set("locks", locks)
 
+	s.D.Set("mount_target_ipv6ids", s.Res.MountTargetIpv6Ids)
+
 	nsgIds := []interface{}{}
 	for _, item := range s.Res.NsgIds {
 		nsgIds = append(nsgIds, item)

internal/service/file_storage/file_storage_mount_targets_data_source.go

@@ -163,6 +163,8 @@ func (s *FileStorageMountTargetsDataSourceCrud) SetData() error {
 		}
 		mountTarget["locks"] = locks
 
+		mountTarget["mount_target_ipv6ids"] = r.MountTargetIpv6Ids
+
 		mountTarget["nsg_ids"] = r.NsgIds
 
 		if r.ObservedThroughput != nil {

website/docs/d/file_storage_exports.html.markdown

@@ -66,7 +66,7 @@ The following attributes are exported:
 	* `identity_squash` - Used when clients accessing the file system through this export have their UID and GID remapped to 'anonymousUid' and 'anonymousGid'. If `ALL`, all users and groups are remapped; if `ROOT`, only the root user and group (UID/GID 0) are remapped; if `NONE`, no remapping is done. If unspecified, defaults to `ROOT`. 
 	* `is_anonymous_access_allowed` - Whether or not to enable anonymous access to the file system through this export in cases where a user isn't found in the LDAP server used for ID mapping. If true, and the user is not found in the LDAP directory, the operation uses the Squash UID and Squash GID. 
 	* `require_privileged_source_port` - If `true`, clients accessing the file system through this export must connect from a privileged source port. If unspecified, defaults to `true`. 
-	* `source` - Clients these options should apply to. Must be a either single IPv4 address or single IPv4 CIDR block.
+	* `source` - Clients these options should apply to. Must be a either single IPv4/IPv6 address or single IPv4/IPv6 CIDR block.
 
 		**Note:** Access will also be limited by any applicable VCN security rules and the ability to route IP packets to the mount target. Mount targets do not have Internet-routable IP addresses. 
 * `export_set_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of this export's export set.

website/docs/d/file_storage_mount_targets.html.markdown

@@ -80,6 +80,7 @@ The following attributes are exported:
 	* `related_resource_id` - The ID of the resource that is locking this resource. Indicates that deleting this resource will remove the lock. 
 	* `time_created` - When the lock was created.
 	* `type` - Type of the lock.
+* `mount_target_ipv6ids` - The OCIDs of the IPv6 addresses associated with this mount target.
 * `nsg_ids` - A list of Network Security Group [OCIDs](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) associated with this mount target. A maximum of 5 is allowed. Setting this to an empty array after the list is created removes the mount target from all NSGs. For more information about NSGs, see [Security Rules](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/securityrules.htm). 
 * `observed_throughput` - Current billed throughput for mount target in Gbps. This corresponds to shape of mount target. Available shapes and corresponding throughput are listed at [Mount Target Performance](https://docs.oracle.com/iaas/Content/File/Tasks/managingmounttargets.htm#performance). 
 * `private_ip_ids` - The OCIDs of the private IP addresses associated with this mount target.

website/docs/r/file_storage_export.html.markdown

@@ -72,7 +72,7 @@ The following arguments are supported:
 	* `identity_squash` - (Optional) (Updatable) Used when clients accessing the file system through this export have their UID and GID remapped to 'anonymousUid' and 'anonymousGid'. If `ALL`, all users and groups are remapped; if `ROOT`, only the root user and group (UID/GID 0) are remapped; if `NONE`, no remapping is done. If unspecified, defaults to `ROOT`. 
 	* `is_anonymous_access_allowed` - (Optional) (Updatable) Whether or not to enable anonymous access to the file system through this export in cases where a user isn't found in the LDAP server used for ID mapping. If true, and the user is not found in the LDAP directory, the operation uses the Squash UID and Squash GID. 
 	* `require_privileged_source_port` - (Optional) (Updatable) If `true`, clients accessing the file system through this export must connect from a privileged source port. If unspecified, defaults to `true`. 
-	* `source` - (Required) (Updatable) Clients these options should apply to. Must be a either single IPv4 address or single IPv4 CIDR block.
+	* `source` - (Required) (Updatable) Clients these options should apply to. Must be a either single IPv4/IPv6 address or single IPv4/IPv6 CIDR block.
 
 		**Note:** Access will also be limited by any applicable VCN security rules and the ability to route IP packets to the mount target. Mount targets do not have Internet-routable IP addresses. 
 * `export_set_id` - (Required) The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of this export's export set.
@@ -113,7 +113,7 @@ The following attributes are exported:
 	* `identity_squash` - Used when clients accessing the file system through this export have their UID and GID remapped to 'anonymousUid' and 'anonymousGid'. If `ALL`, all users and groups are remapped; if `ROOT`, only the root user and group (UID/GID 0) are remapped; if `NONE`, no remapping is done. If unspecified, defaults to `ROOT`. 
 	* `is_anonymous_access_allowed` - Whether or not to enable anonymous access to the file system through this export in cases where a user isn't found in the LDAP server used for ID mapping. If true, and the user is not found in the LDAP directory, the operation uses the Squash UID and Squash GID. 
 	* `require_privileged_source_port` - If `true`, clients accessing the file system through this export must connect from a privileged source port. If unspecified, defaults to `true`. 
-	* `source` - Clients these options should apply to. Must be a either single IPv4 address or single IPv4 CIDR block.
+	* `source` - Clients these options should apply to. Must be a either single IPv4/IPv6 address or single IPv4/IPv6 CIDR block.
 
 		**Note:** Access will also be limited by any applicable VCN security rules and the ability to route IP packets to the mount target. Mount targets do not have Internet-routable IP addresses. 
 * `export_set_id` - The [OCID](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of this export's export set.

website/docs/r/file_storage_mount_target.html.markdown

@@ -108,7 +108,11 @@ The following arguments are supported:
 * `freeform_tags` - (Optional) (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}` 
 * `hostname_label` - (Optional) The hostname for the mount target's IP address, used for DNS resolution. The value is the hostname portion of the private IP address's fully qualified domain name (FQDN). For example, `files-1` in the FQDN `files-1.subnet123.vcn1.oraclevcn.com`. Must be unique across all VNICs in the subnet and comply with [RFC 952](https://tools.ietf.org/html/rfc952) and [RFC 1123](https://tools.ietf.org/html/rfc1123).
 
-	Note: This attribute value is stored in the [PrivateIp](https://docs.cloud.oracle.com/en-us/iaas/api/#/en/iaas/20160918/PrivateIp/) resource, not in the `mountTarget` resource. To update the `hostnameLabel`, use `GetMountTarget` to obtain the [OCIDs](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the mount target's private IPs (`privateIpIds`). Then, you can use [UpdatePrivateIp](https://docs.cloud.oracle.com/en-us/iaas/api/#/en/iaas/20160918/PrivateIp/UpdatePrivateIp) to update the `hostnameLabel` value.
+	Note:
+
+	If the IP address is IPv4, this attribute value is stored in the [PrivateIp](https://docs.cloud.oracle.com/en-us/iaas/api/#/en/iaas/20160918/PrivateIp/) resource, not in the `mountTarget` resource. To update the `hostnameLabel`, use `GetMountTarget` to obtain the [OCIDs](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the mount target's private IPs (`privateIpIds`). Then, you can use [UpdatePrivateIp](https://docs.cloud.oracle.com/en-us/iaas/api/#/en/iaas/20160918/PrivateIp/UpdatePrivateIp) to update the `hostnameLabel` value.
+
+	If the IP address is IPv6, it is stored in the [Ipv6] (https://docs.oracle.com/en-us/iaas/api/#/en/iaas/20160918/Ipv6) resource To update the `hostnameLabel`, use `GetMountTarget` to obtain the [OCIDs](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the mount target's IPv6 address (`mountTargetIpv6Ids`). Then, you can use [UpdateIpv6](https://docs.cloud.oracle.com/en-us/iaas/api/#/en/iaas/20160918/Ipv6/UpdateIpv6) to update the `hostnameLabel` value.
 
 	For more information, see [DNS in Your Virtual Cloud Network](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/dns.htm).
 
@@ -177,6 +181,7 @@ The following attributes are exported:
 	* `related_resource_id` - The ID of the resource that is locking this resource. Indicates that deleting this resource will remove the lock. 
 	* `time_created` - When the lock was created.
 	* `type` - Type of the lock.
+* `mount_target_ipv6ids` - The OCIDs of the IPv6 addresses associated with this mount target.
 * `nsg_ids` - A list of Network Security Group [OCIDs](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) associated with this mount target. A maximum of 5 is allowed. Setting this to an empty array after the list is created removes the mount target from all NSGs. For more information about NSGs, see [Security Rules](https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/securityrules.htm). 
 * `observed_throughput` - Current billed throughput for mount target in Gbps. This corresponds to shape of mount target. Available shapes and corresponding throughput are listed at [Mount Target Performance](https://docs.oracle.com/iaas/Content/File/Tasks/managingmounttargets.htm#performance). 
 * `private_ip_ids` - The OCIDs of the private IP addresses associated with this mount target.