Support Proxy Protocol for TCP Listeners

Author: jotruon

CHANGELOG.md

@@ -1,4 +1,8 @@
 ## 3.62.0 (Unreleased)
+
+### Added
+- Support Proxy Protocol for `oci_load_balancer_listener`
+
 ## 3.61.0 (February 05, 2020)
 
 ### Added

examples/load_balancer/lb_full/lb_full.tf

@@ -314,6 +314,20 @@ resource "oci_load_balancer_listener" "lb-listener2" {
   }
 }
 
+resource "oci_load_balancer_listener" "lb-listener3" {
+  load_balancer_id         = "${oci_load_balancer.lb1.id}"
+  name                     = "tcp"
+  default_backend_set_name = "${oci_load_balancer_backend_set.lb-bes1.name}"
+  port                     = 80
+  protocol                 = "TCP"
+  rule_set_names           = ["${oci_load_balancer_rule_set.test_rule_set.name}"]
+
+  connection_configuration {
+    idle_timeout_in_seconds            = "2"
+    backend_tcp_proxy_protocol_version = "1"
+  }
+}
+
 resource "oci_load_balancer_backend" "lb-be1" {
   load_balancer_id = "${oci_load_balancer.lb1.id}"
   backendset_name  = "${oci_load_balancer_backend_set.lb-bes1.name}"

oci/load_balancer_listener_resource.go

@@ -69,6 +69,10 @@ func LoadBalancerListenerResource() *schema.Resource {
 						},
 
 						// Optional
+						"backend_tcp_proxy_protocol_version": {
+							Type:     schema.TypeInt,
+							Optional: true,
+						},
 
 						// Computed
 					},
@@ -577,6 +581,15 @@ func parseListenerCompositeId(compositeId string) (listenerName string, loadBala
 func (s *LoadBalancerListenerResourceCrud) mapToConnectionConfiguration(fieldKeyFormat string) (oci_load_balancer.ConnectionConfiguration, error) {
 	result := oci_load_balancer.ConnectionConfiguration{}
 
+	if backendTcpProxyProtocolVersion, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "backend_tcp_proxy_protocol_version")); ok {
+		tmp := backendTcpProxyProtocolVersion.(int)
+		// Terraform v11 will auto assign nil value to 0 which is invalid value
+		// this check will remove backend_tcp_proxy_protocol_version in the request
+		if tmp != 0 {
+			result.BackendTcpProxyProtocolVersion = &tmp
+		}
+	}
+
 	if idleTimeoutInSeconds, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "idle_timeout_in_seconds")); ok {
 		tmp := idleTimeoutInSeconds.(string)
 		tmpInt64, err := strconv.ParseInt(tmp, 10, 64)
@@ -592,6 +605,10 @@ func (s *LoadBalancerListenerResourceCrud) mapToConnectionConfiguration(fieldKey
 func ConnectionConfigurationToMap(obj *oci_load_balancer.ConnectionConfiguration) map[string]interface{} {
 	result := map[string]interface{}{}
 
+	if obj.BackendTcpProxyProtocolVersion != nil {
+		result["backend_tcp_proxy_protocol_version"] = int(*obj.BackendTcpProxyProtocolVersion)
+	}
+
 	if obj.IdleTimeout != nil {
 		result["idle_timeout_in_seconds"] = strconv.FormatInt(*obj.IdleTimeout, 10)
 	}

oci/load_balancer_listener_tcp_test.go

@@ -0,0 +1,85 @@
+// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
+
+package oci
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+
+	"github.com/terraform-providers/terraform-provider-oci/httpreplay"
+)
+
+var (
+	ListenerTcpRequiredOnlyResource = ListenerResourceDependencies +
+		generateResourceFromRepresentationMap("oci_load_balancer_listener", "test_listener_tcp", Required, Create, listenerTcpRepresentation)
+	listenerTcpRepresentation = map[string]interface{}{
+		"default_backend_set_name": Representation{repType: Required, create: `${oci_load_balancer_backend_set.test_backend_set.name}`},
+		"load_balancer_id":         Representation{repType: Required, create: `${oci_load_balancer_load_balancer.test_load_balancer.id}`},
+		"name":                     Representation{repType: Required, create: `mylistener`},
+		"port":                     Representation{repType: Required, create: `10`, update: `11`},
+		"protocol":                 Representation{repType: Required, create: `TCP`},
+		"connection_configuration": RepresentationGroup{Optional, listenerTcpConnectionConfigurationRepresentation},
+		"rule_set_names":           Representation{repType: Optional, create: []string{`${oci_load_balancer_rule_set.test_rule_set.name}`}},
+	}
+	listenerTcpConnectionConfigurationRepresentation = map[string]interface{}{
+		"idle_timeout_in_seconds":            Representation{repType: Required, create: `10`, update: `11`},
+		"backend_tcp_proxy_protocol_version": Representation{repType: Optional, create: `1`, update: `2`},
+	}
+)
+
+func TestLoadBalancerListenerTcpResource_basic(t *testing.T) {
+	httpreplay.SetScenario("TestLoadBalancerListenerTcpResource_basic")
+	defer httpreplay.SaveScenario()
+
+	provider := testAccProvider
+	config := testProviderConfig()
+
+	compartmentId := getEnvSettingWithBlankDefault("compartment_ocid")
+	compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId)
+
+	resourceName := "oci_load_balancer_listener.test_listener_tcp"
+
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() { testAccPreCheck(t) },
+		Providers: map[string]terraform.ResourceProvider{
+			"oci": provider,
+		},
+		CheckDestroy: testAccCheckLoadBalancerListenerDestroy,
+		Steps: []resource.TestStep{
+			// verify create with TCP optional
+			{
+				Config: config + compartmentIdVariableStr + ListenerResourceDependencies +
+					generateResourceFromRepresentationMap("oci_load_balancer_listener", "test_listener_tcp", Optional, Create, listenerTcpRepresentation),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr(resourceName, "connection_configuration.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.backend_tcp_proxy_protocol_version", "1"),
+					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.idle_timeout_in_seconds", "10"),
+					resource.TestCheckResourceAttrSet(resourceName, "load_balancer_id"),
+					resource.TestCheckResourceAttr(resourceName, "name", "mylistener"),
+					resource.TestCheckResourceAttr(resourceName, "port", "10"),
+					resource.TestCheckResourceAttr(resourceName, "protocol", "TCP"),
+					resource.TestCheckResourceAttr(resourceName, "rule_set_names.#", "1"),
+				),
+			},
+
+			// verify update with TCP optional
+			{
+				Config: config + compartmentIdVariableStr + ListenerResourceDependencies +
+					generateResourceFromRepresentationMap("oci_load_balancer_listener", "test_listener_tcp", Optional, Update, listenerTcpRepresentation),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr(resourceName, "connection_configuration.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.backend_tcp_proxy_protocol_version", "2"),
+					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.idle_timeout_in_seconds", "11"),
+					resource.TestCheckResourceAttrSet(resourceName, "load_balancer_id"),
+					resource.TestCheckResourceAttr(resourceName, "name", "mylistener"),
+					resource.TestCheckResourceAttr(resourceName, "port", "11"),
+					resource.TestCheckResourceAttr(resourceName, "protocol", "TCP"),
+					resource.TestCheckResourceAttr(resourceName, "rule_set_names.#", "1"),
+				),
+			},
+		},
+	})
+}

website/docs/r/load_balancer_listener.html.markdown

@@ -27,6 +27,9 @@ resource "oci_load_balancer_listener" "test_listener" {
 	connection_configuration {
 		#Required
 		idle_timeout_in_seconds = "${var.listener_connection_configuration_idle_timeout_in_seconds}"
+
+		#Optional
+		backend_tcp_proxy_protocol_version = "${var.listener_connection_configuration_backend_tcp_proxy_protocol_version}"
 	}
 	hostname_names = ["${oci_load_balancer_hostname.test_hostname.name}"]
 	path_route_set_name = "${oci_load_balancer_path_route_set.test_path_route_set.name}"
@@ -47,6 +50,7 @@ resource "oci_load_balancer_listener" "test_listener" {
 The following arguments are supported:
 
 * `connection_configuration` - (Optional) (Updatable) 
+	* `backend_tcp_proxy_protocol_version` - (Required when `protocol` = `TCP`) (Updatable) The backend TCP Proxy Protocol version.  Example: `1` 
 	* `idle_timeout_in_seconds` - (Required) (Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.
 
 		For more information, see [Connection Configuration](https://docs.cloud.oracle.com/iaas/Content/Balance/Reference/connectionreuse.htm#ConnectionConfiguration).