From 4d51d339216cf1d540a7858d39c0bcf08553c0bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Mon, 10 Jun 2024 13:35:57 +0000 Subject: [PATCH] Use var.vpc_config.subnetwork in NEGs when var.neg_config.*.subnetwork is not provided --- modules/net-lb-app-int-cross-region/README.md | 2 +- modules/net-lb-app-int-cross-region/main.tf | 2 +- modules/net-lb-app-int/README.md | 2 +- modules/net-lb-app-int/main.tf | 2 +- modules/net-lb-proxy-int/README.md | 2 +- modules/net-lb-proxy-int/main.tf | 2 +- .../net_lb_app_int/examples/zonal-neg.yaml | 110 ++++++++++++++ .../examples/zonal-neg.yaml | 136 ++++++++++++++++++ .../net_lb_proxy_int/examples/zonal-neg.yaml | 98 +++++++++++++ 9 files changed, 350 insertions(+), 6 deletions(-) create mode 100644 tests/modules/net_lb_app_int/examples/zonal-neg.yaml create mode 100644 tests/modules/net_lb_app_int_cross_region/examples/zonal-neg.yaml create mode 100644 tests/modules/net_lb_proxy_int/examples/zonal-neg.yaml diff --git a/modules/net-lb-app-int-cross-region/README.md b/modules/net-lb-app-int-cross-region/README.md index 3aee718876..b36cc1b096 100644 --- a/modules/net-lb-app-int-cross-region/README.md +++ b/modules/net-lb-app-int-cross-region/README.md @@ -352,7 +352,7 @@ module "ilb-l7" { } } } -# tftest modules=1 resources=12 +# tftest modules=1 resources=12 inventory=zonal-neg.yaml ``` #### Hybrid NEG creation diff --git a/modules/net-lb-app-int-cross-region/main.tf b/modules/net-lb-app-int-cross-region/main.tf index 302d980347..52a7db8678 100644 --- a/modules/net-lb-app-int-cross-region/main.tf +++ b/modules/net-lb-app-int-cross-region/main.tf @@ -117,7 +117,7 @@ resource "google_compute_network_endpoint_group" "default" { subnetwork = ( each.value.type == "NON_GCP_PRIVATE_IP_PORT" ? null - : try(each.value.subnetwork, var.vpc_config.subnetworks[substr(each.value.zone, 0, length(each.value.zone) - 2)]) + : coalesce(each.value.subnetwork, var.vpc_config.subnetworks[substr(each.value.zone, 0, length(each.value.zone) - 2)]) ) } diff --git a/modules/net-lb-app-int/README.md b/modules/net-lb-app-int/README.md index b59847221c..039a241eb3 100644 --- a/modules/net-lb-app-int/README.md +++ b/modules/net-lb-app-int/README.md @@ -290,7 +290,7 @@ module "ilb-l7" { subnetwork = var.subnet.self_link } } -# tftest modules=1 resources=8 +# tftest modules=1 resources=8 inventory=zonal-neg.yaml ``` #### Hybrid NEG creation diff --git a/modules/net-lb-app-int/main.tf b/modules/net-lb-app-int/main.tf index e119a9297b..fac0430fa6 100644 --- a/modules/net-lb-app-int/main.tf +++ b/modules/net-lb-app-int/main.tf @@ -167,7 +167,7 @@ resource "google_compute_network_endpoint_group" "default" { subnetwork = ( each.value.type == "NON_GCP_PRIVATE_IP_PORT" ? null - : try(each.value.subnetwork, var.vpc_config.subnetwork) + : coalesce(each.value.subnetwork, var.vpc_config.subnetwork) ) } diff --git a/modules/net-lb-proxy-int/README.md b/modules/net-lb-proxy-int/README.md index 2761625bd0..276c383fe9 100644 --- a/modules/net-lb-proxy-int/README.md +++ b/modules/net-lb-proxy-int/README.md @@ -199,7 +199,7 @@ module "int-tcp-proxy" { subnetwork = var.subnet.self_link } } -# tftest modules=1 resources=7 +# tftest modules=1 resources=7 inventory=zonal-neg.yaml ``` #### Hybrid NEG creation diff --git a/modules/net-lb-proxy-int/main.tf b/modules/net-lb-proxy-int/main.tf index 404b4f4bc2..0e7e3a7030 100644 --- a/modules/net-lb-proxy-int/main.tf +++ b/modules/net-lb-proxy-int/main.tf @@ -93,7 +93,7 @@ resource "google_compute_network_endpoint_group" "default" { subnetwork = ( each.value.type == "NON_GCP_PRIVATE_IP_PORT" ? null - : try(each.value.subnetwork, var.vpc_config.subnetwork) + : coalesce(each.value.subnetwork, var.vpc_config.subnetwork) ) } diff --git a/tests/modules/net_lb_app_int/examples/zonal-neg.yaml b/tests/modules/net_lb_app_int/examples/zonal-neg.yaml new file mode 100644 index 0000000000..5063b7fb4f --- /dev/null +++ b/tests/modules/net_lb_app_int/examples/zonal-neg.yaml @@ -0,0 +1,110 @@ +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + google_compute_address.test: + address: 10.0.0.10 + address_type: INTERNAL + network: null + project: project-id + region: europe-west1 + subnetwork: subnet_self_link + module.ilb-l7.google_compute_forwarding_rule.default: + description: Terraform managed. + ip_protocol: TCP + load_balancing_scheme: INTERNAL_MANAGED + name: ilb-test + network: projects/xxx/global/networks/aaa + network_tier: PREMIUM + port_range: '80' + project: project-id + region: europe-west1 + subnetwork: subnet_self_link + module.ilb-l7.google_compute_health_check.default["default"]: + check_interval_sec: 5 + description: Terraform managed. + grpc_health_check: [] + healthy_threshold: 2 + http2_health_check: [] + http_health_check: + - host: null + port: null + port_name: null + port_specification: USE_SERVING_PORT + proxy_header: NONE + request_path: / + response: null + name: ilb-test-default + project: project-id + ssl_health_check: [] + tcp_health_check: [] + timeout_sec: 5 + module.ilb-l7.google_compute_network_endpoint.default["my-neg-e-0"]: + instance: test-1 + ip_address: 10.0.0.10 + network_endpoint_group: ilb-test-my-neg + port: 80 + project: project-id + timeouts: null + zone: europe-west1-b + module.ilb-l7.google_compute_network_endpoint_group.default["my-neg"]: + default_port: null + description: Terraform managed. + name: ilb-test-my-neg + network: projects/xxx/global/networks/aaa + network_endpoint_type: GCE_VM_IP_PORT + project: project-id + subnetwork: subnet_self_link + timeouts: null + zone: europe-west1-b + module.ilb-l7.google_compute_region_backend_service.default["default"]: + backend: + - balancing_mode: RATE + capacity_scaler: 1 + description: Terraform managed. + max_rate_per_endpoint: 1 + description: Terraform managed. + iap: [] + load_balancing_scheme: INTERNAL_MANAGED + name: ilb-test-default + project: project-id + protocol: HTTP + region: europe-west1 + module.ilb-l7.google_compute_region_target_http_proxy.default[0]: + description: Terraform managed. + name: ilb-test + project: project-id + region: europe-west1 + module.ilb-l7.google_compute_region_url_map.default: + default_route_action: [] + default_url_redirect: [] + description: Terraform managed. + host_rule: [] + name: ilb-test + path_matcher: [] + project: project-id + region: europe-west1 + + +counts: + google_compute_address: 1 + google_compute_forwarding_rule: 1 + google_compute_health_check: 1 + google_compute_network_endpoint: 1 + google_compute_network_endpoint_group: 1 + google_compute_region_backend_service: 1 + google_compute_region_target_http_proxy: 1 + google_compute_region_url_map: 1 + modules: 1 + resources: 8 diff --git a/tests/modules/net_lb_app_int_cross_region/examples/zonal-neg.yaml b/tests/modules/net_lb_app_int_cross_region/examples/zonal-neg.yaml new file mode 100644 index 0000000000..1244a5636d --- /dev/null +++ b/tests/modules/net_lb_app_int_cross_region/examples/zonal-neg.yaml @@ -0,0 +1,136 @@ +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + google_compute_address.address_ew1: + address: 10.0.0.10 + address_type: INTERNAL + name: neg-test-ew1 + project: project-id + region: europe-west1 + subnetwork: subnet_self_link + google_compute_address.address_ew4: + address: 10.0.0.11 + address_type: INTERNAL + name: neg-test-ew4 + project: project-id + region: europe-west4 + subnetwork: subnet_self_link + module.ilb-l7.google_compute_backend_service.default["default"]: + backend: + - balancing_mode: RATE + capacity_scaler: 1 + description: Terraform managed. + max_rate_per_endpoint: 1 + - balancing_mode: RATE + capacity_scaler: 1 + description: Terraform managed. + max_rate_per_endpoint: 1 + circuit_breakers: [] + connection_draining_timeout_sec: 300 + consistent_hash: [] + description: Terraform managed. + iap: [] + load_balancing_scheme: INTERNAL_MANAGED + locality_lb_policies: [] + name: ilb-test-default + outlier_detection: [] + project: project-id + protocol: HTTP + security_settings: [] + module.ilb-l7.google_compute_global_forwarding_rule.forwarding_rules["europe-west1"]: + description: Terraform managed. + ip_protocol: TCP + load_balancing_scheme: INTERNAL_MANAGED + metadata_filters: [] + name: ilb-test-europe-west1 + network: projects/xxx/global/networks/aaa + port_range: '80' + project: project-id + subnetwork: subnet_self_link + module.ilb-l7.google_compute_global_forwarding_rule.forwarding_rules["europe-west4"]: + description: Terraform managed. + ip_protocol: TCP + load_balancing_scheme: INTERNAL_MANAGED + metadata_filters: [] + name: ilb-test-europe-west4 + network: projects/xxx/global/networks/aaa + port_range: '80' + project: project-id + subnetwork: subnet_self_link + module.ilb-l7.google_compute_health_check.default["default"]: + check_interval_sec: 5 + description: Terraform managed. + grpc_health_check: [] + healthy_threshold: 2 + http2_health_check: [] + http_health_check: + - host: null + port: null + port_name: null + port_specification: USE_SERVING_PORT + proxy_header: NONE + request_path: / + response: null + https_health_check: [] + name: ilb-test-default + project: project-id + ssl_health_check: [] + tcp_health_check: [] + timeout_sec: 5 + unhealthy_threshold: 2 + module.ilb-l7.google_compute_network_endpoint.default["my-neg-ew1-e-0"]: + instance: test-ew1 + ip_address: 10.0.0.10 + network_endpoint_group: ilb-test-my-neg-ew1 + port: 80 + project: project-id + zone: europe-west1-b + module.ilb-l7.google_compute_network_endpoint.default["my-neg-ew4-e-0"]: + instance: test-ew4 + ip_address: 10.0.0.11 + network_endpoint_group: ilb-test-my-neg-ew4 + port: 80 + project: project-id + zone: europe-west4-b + module.ilb-l7.google_compute_network_endpoint_group.default["my-neg-ew1"]: + description: Terraform managed. + name: ilb-test-my-neg-ew1 + network: projects/xxx/global/networks/aaa + network_endpoint_type: GCE_VM_IP_PORT + project: project-id + subnetwork: subnet_self_link + zone: europe-west1-b + module.ilb-l7.google_compute_network_endpoint_group.default["my-neg-ew4"]: + description: Terraform managed. + name: ilb-test-my-neg-ew4 + network: projects/xxx/global/networks/aaa + network_endpoint_type: GCE_VM_IP_PORT + project: project-id + subnetwork: subnet_self_link + zone: europe-west4-b + module.ilb-l7.google_compute_target_http_proxy.default[0]: + description: Terraform managed. + name: ilb-test + project: project-id + module.ilb-l7.google_compute_url_map.default: + default_route_action: [] + default_url_redirect: [] + description: Terraform managed. + header_action: [] + host_rule: [] + name: ilb-test + path_matcher: [] + project: project-id + test: [] diff --git a/tests/modules/net_lb_proxy_int/examples/zonal-neg.yaml b/tests/modules/net_lb_proxy_int/examples/zonal-neg.yaml new file mode 100644 index 0000000000..2b45f9e1a8 --- /dev/null +++ b/tests/modules/net_lb_proxy_int/examples/zonal-neg.yaml @@ -0,0 +1,98 @@ +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + google_compute_address.test: + address: 10.0.0.10 + address_type: INTERNAL + description: null + name: neg-test + project: project-id + region: europe-west1 + subnetwork: subnet_self_link + module.int-tcp-proxy.google_compute_forwarding_rule.default: + description: Terraform managed. + ip_protocol: TCP + load_balancing_scheme: INTERNAL_MANAGED + name: int-tcp-proxy + network: projects/xxx/global/networks/aaa + port_range: '80' + project: project-id + region: europe-west1 + subnetwork: subnet_self_link + module.int-tcp-proxy.google_compute_network_endpoint.default["my-neg-e-0"]: + instance: test-1 + ip_address: 10.0.0.10 + network_endpoint_group: int-tcp-proxy-my-neg + port: 80 + project: project-id + zone: europe-west1-b + module.int-tcp-proxy.google_compute_network_endpoint_group.default["my-neg"]: + description: Terraform managed. + name: int-tcp-proxy-my-neg + network: projects/xxx/global/networks/aaa + network_endpoint_type: GCE_VM_IP_PORT + project: project-id + subnetwork: subnet_self_link + zone: europe-west1-b + module.int-tcp-proxy.google_compute_region_backend_service.default: + backend: + - balancing_mode: CONNECTION + capacity_scaler: 1 + description: Terraform managed. + failover: false + max_connections_per_endpoint: 10 + circuit_breakers: [] + connection_draining_timeout_sec: 0 + connection_tracking_policy: [] + consistent_hash: [] + description: Terraform managed. + failover_policy: [] + iap: [] + load_balancing_scheme: INTERNAL_MANAGED + name: int-tcp-proxy + network: null # TODO: ??? + outlier_detection: [] + project: project-id + protocol: TCP + region: europe-west1 + session_affinity: NONE + subsetting: [] + module.int-tcp-proxy.google_compute_region_health_check.default[0]: + check_interval_sec: 5 + description: Terraform managed. + grpc_health_check: [] + healthy_threshold: 2 + http2_health_check: [] + http_health_check: [] + https_health_check: [] + name: int-tcp-proxy + project: project-id + region: europe-west1 + ssl_health_check: [] + tcp_health_check: + - port: null + port_name: null + port_specification: USE_SERVING_PORT + proxy_header: NONE + request: null + response: null + timeout_sec: 5 + unhealthy_threshold: 2 + module.int-tcp-proxy.google_compute_region_target_tcp_proxy.default: + description: Terraform managed. + name: int-tcp-proxy + project: project-id + proxy_header: NONE + region: europe-west1