diff --git a/docs/data-sources/consul_cluster.md b/docs/data-sources/consul_cluster.md index 73edd1a74..03f7b984a 100644 --- a/docs/data-sources/consul_cluster.md +++ b/docs/data-sources/consul_cluster.md @@ -32,6 +32,7 @@ data "hcp_consul_cluster" "example" { ### Read-Only +- **auto_hvn_to_hvn_peering** (Boolean) Enables automatic HVN to HVN peering when creating a secondary cluster in a federation. - **cloud_provider** (String) The provider where the HCP Consul cluster is located. Only 'aws' is available at this time. - **connect_enabled** (Boolean) Denotes the Consul connect feature should be enabled for this cluster. Default to true. - **consul_automatic_upgrades** (Boolean) Denotes that automatic Consul upgrades are enabled. diff --git a/docs/guides/consul-federation.md b/docs/guides/consul-federation.md index f69d29d7c..838f90a60 100644 --- a/docs/guides/consul-federation.md +++ b/docs/guides/consul-federation.md @@ -1,31 +1,40 @@ --- subcategory: "" -page_title: "Federate HCP Consul clusters - HCP Provider" +page_title: "Federation with Auto HVN Peering - HCP Provider" description: |- - An example of federating a new HCP Consul cluster with an existing one. + An example of federating a new HCP Consul cluster with an existing one via auto peering. --- -# Federate a new HCP Consul cluster with an existing one +# Federation with Auto HVN Peering Once you have a HCP Consul cluster, you can create a new Consul cluster to federate with the existing one. +By providing `auto_hvn_to_hvn_peering` as a parameter on the secondary cluster, the HVNs are being peered +automatically ensuring full connectivity. This parameter only ever has to be provided on secondary clusters. ```terraform -resource "hcp_hvn" "example" { - hvn_id = var.hvn_id +resource "hcp_hvn" "primary" { + hvn_id = var.primary_hvn_id cloud_provider = var.cloud_provider - region = var.region + region = var.primary_region +} + +resource "hcp_hvn" "secondary" { + hvn_id = var.secondary_hvn_id + cloud_provider = var.cloud_provider + region = var.secondary_region } resource "hcp_consul_cluster" "primary" { - hvn_id = hcp_hvn.example.hvn_id + hvn_id = hcp_hvn.primary.hvn_id cluster_id = var.primary_cluster_id tier = "development" } resource "hcp_consul_cluster" "secondary" { - hvn_id = hcp_hvn.example.hvn_id - cluster_id = var.secondary_cluster_id - tier = "development" - primary_link = hcp_consul_cluster.primary.self_link + hvn_id = hcp_hvn.secondary.hvn_id + cluster_id = var.secondary_cluster_id + tier = "development" + primary_link = hcp_consul_cluster.primary.self_link + auto_hvn_to_hvn_peering = true } -``` \ No newline at end of file +``` diff --git a/docs/resources/consul_cluster.md b/docs/resources/consul_cluster.md index 630f9d520..efa1e6556 100644 --- a/docs/resources/consul_cluster.md +++ b/docs/resources/consul_cluster.md @@ -7,7 +7,7 @@ description: |- # hcp_consul_cluster (Resource) --> **Note:** The `primary_link` attribute is related to federation, a feature that is currently in private beta. +-> **Note:** The `primary_link` and `auto_hvn_to_hvn_peering` attributes are related to federation, a feature that is currently in private beta. -> **Note:** The `plus` tier is currently in private beta. @@ -41,6 +41,7 @@ resource "hcp_consul_cluster" "example" { ### Optional +- **auto_hvn_to_hvn_peering** (Boolean) Enables automatic HVN to HVN peering when creating a secondary cluster in a federation. - **connect_enabled** (Boolean) Denotes the Consul connect feature should be enabled for this cluster. Default to true. - **datacenter** (String) The Consul data center name of the cluster. If not specified, it is defaulted to the value of `cluster_id`. - **id** (String) The ID of this resource. @@ -86,4 +87,4 @@ Import is supported using the following syntax: ```shell # The import ID is {cluster_id} terraform import hcp_consul_cluster.example consul-cluster -``` \ No newline at end of file +``` diff --git a/examples/guides/consul_cluster_federation/main.tf b/examples/guides/consul_cluster_federation/main.tf index 97b8aa2cf..d03576a39 100644 --- a/examples/guides/consul_cluster_federation/main.tf +++ b/examples/guides/consul_cluster_federation/main.tf @@ -1,18 +1,25 @@ -resource "hcp_hvn" "example" { - hvn_id = var.hvn_id +resource "hcp_hvn" "primary" { + hvn_id = var.primary_hvn_id cloud_provider = var.cloud_provider - region = var.region + region = var.primary_region +} + +resource "hcp_hvn" "secondary" { + hvn_id = var.secondary_hvn_id + cloud_provider = var.cloud_provider + region = var.secondary_region } resource "hcp_consul_cluster" "primary" { - hvn_id = hcp_hvn.example.hvn_id + hvn_id = hcp_hvn.primary.hvn_id cluster_id = var.primary_cluster_id tier = "development" } resource "hcp_consul_cluster" "secondary" { - hvn_id = hcp_hvn.example.hvn_id - cluster_id = var.secondary_cluster_id - tier = "development" - primary_link = hcp_consul_cluster.primary.self_link + hvn_id = hcp_hvn.secondary.hvn_id + cluster_id = var.secondary_cluster_id + tier = "development" + primary_link = hcp_consul_cluster.primary.self_link + auto_hvn_to_hvn_peering = true } \ No newline at end of file diff --git a/examples/guides/consul_cluster_federation/variables.tf b/examples/guides/consul_cluster_federation/variables.tf index b38b11598..499232865 100644 --- a/examples/guides/consul_cluster_federation/variables.tf +++ b/examples/guides/consul_cluster_federation/variables.tf @@ -1,5 +1,10 @@ -variable "hvn_id" { - description = "The ID of the HCP HVN." +variable "primary_hvn_id" { + description = "The ID of the primary HCP HVN." + type = string +} + +variable "secondary_hvn_id" { + description = "The ID of the secondary HCP HVN." type = string } @@ -8,8 +13,13 @@ variable "cloud_provider" { type = string } -variable "region" { - description = "The region of the HCP HVN and Consul cluster." +variable "primary_region" { + description = "The region of the HCP HVN and primary Consul cluster." + type = string +} + +variable "secondary_region" { + description = "The region of the HCP HVN and secondary Consul cluster." type = string } diff --git a/examples/resources/hcp_consul_cluster/federation.tf b/examples/resources/hcp_consul_cluster/federation.tf deleted file mode 100644 index abe8446b6..000000000 --- a/examples/resources/hcp_consul_cluster/federation.tf +++ /dev/null @@ -1,19 +0,0 @@ -resource "hcp_hvn" "example" { - hvn_id = "hvn" - cloud_provider = "aws" - region = "us-west-2" - cidr_block = "172.25.16.0/20" -} - -resource "hcp_consul_cluster" "primary" { - hvn_id = hcp_hvn.example.hvn_id - cluster_id = "consul-cluster-primary" - tier = "development" -} - -resource "hcp_consul_cluster" "secondary" { - hvn_id = hcp_hvn.example.hvn_id - cluster_id = "consul-cluster-secondary" - tier = "development" - primary_link = hcp_consul_cluster.primary.self_link -} \ No newline at end of file diff --git a/go.mod b/go.mod index 1125d893f..fcfd41e69 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/google/uuid v1.2.0 github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 github.com/hashicorp/hcl/v2 v2.8.2 // indirect - github.com/hashicorp/hcp-sdk-go v0.9.0 + github.com/hashicorp/hcp-sdk-go v0.10.0 github.com/hashicorp/terraform-exec v0.13.3 // indirect github.com/hashicorp/terraform-plugin-docs v0.4.0 github.com/hashicorp/terraform-plugin-sdk/v2 v2.5.0 diff --git a/go.sum b/go.sum index eeebb4efd..4f1af3a8c 100644 --- a/go.sum +++ b/go.sum @@ -351,8 +351,8 @@ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ github.com/hashicorp/hcl/v2 v2.3.0/go.mod h1:d+FwDBbOLvpAM3Z6J7gPj/VoAGkNe/gm352ZhjJ/Zv8= github.com/hashicorp/hcl/v2 v2.8.2 h1:wmFle3D1vu0okesm8BTLVDyJ6/OL9DCLUwn0b2OptiY= github.com/hashicorp/hcl/v2 v2.8.2/go.mod h1:bQTN5mpo+jewjJgh8jr0JUguIi7qPHUF6yIfAEN3jqY= -github.com/hashicorp/hcp-sdk-go v0.9.0 h1:vwwIuCJO4dDRpMW5lhogc8TPtE3EiDVHF0u8iIklcQ4= -github.com/hashicorp/hcp-sdk-go v0.9.0/go.mod h1:Tm9BAlTkp6jknZ0YNxF/556JBC/meCN1LUmWFN38HsU= +github.com/hashicorp/hcp-sdk-go v0.10.0 h1:RB2GD9orNtINInggRmsw1iC4ODj5X7JagXK5CY+7Db4= +github.com/hashicorp/hcp-sdk-go v0.10.0/go.mod h1:Tm9BAlTkp6jknZ0YNxF/556JBC/meCN1LUmWFN38HsU= github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/terraform-exec v0.12.0/go.mod h1:SGhto91bVRlgXQWcJ5znSz+29UZIa8kpBbkGwQ+g9E8= diff --git a/internal/provider/data_source_consul_cluster.go b/internal/provider/data_source_consul_cluster.go index 5bea33da4..e1a9f9130 100644 --- a/internal/provider/data_source_consul_cluster.go +++ b/internal/provider/data_source_consul_cluster.go @@ -132,6 +132,11 @@ func dataSourceConsulCluster() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "auto_hvn_to_hvn_peering": { + Description: "Enables automatic HVN to HVN peering when creating a secondary cluster in a federation.", + Type: schema.TypeBool, + Computed: true, + }, }, } } diff --git a/internal/provider/resource_consul_cluster.go b/internal/provider/resource_consul_cluster.go index 8c905ad30..4cb7e9328 100644 --- a/internal/provider/resource_consul_cluster.go +++ b/internal/provider/resource_consul_cluster.go @@ -129,6 +129,13 @@ func resourceConsulCluster() *schema.Resource { return strings.ToLower(old) == strings.ToLower(new) }, }, + "auto_hvn_to_hvn_peering": { + Description: "Enables automatic HVN to HVN peering when creating a secondary cluster in a federation.", + Type: schema.TypeBool, + Optional: true, + ForceNew: true, + Computed: true, + }, // computed outputs "organization_id": { Description: "The ID of the organization this HCP Consul cluster is located in.", @@ -296,6 +303,10 @@ func resourceConsulClusterCreate(ctx context.Context, d *schema.ResourceData, me connectEnabled := d.Get("connect_enabled").(bool) publicEndpoint := d.Get("public_endpoint").(bool) + // Enabling auto peering will peer this cluster's HVN with every other HVN with members in this federation. + // The peering happens within the secondary cluster create operation. + autoHvnToHvnPeering := d.Get("auto_hvn_to_hvn_peering").(bool) + log.Printf("[INFO] Creating Consul cluster (%s)", clusterID) consulCuster := &consulmodels.HashicorpCloudConsul20210204Cluster{ @@ -314,6 +325,7 @@ func resourceConsulClusterCreate(ctx context.Context, d *schema.ResourceData, me Network: newLink(loc, "hvn", hvnID), Private: !publicEndpoint, }, + AutoHvnToHvnPeering: autoHvnToHvnPeering, }, ConsulVersion: consulVersion, ID: clusterID, @@ -449,6 +461,10 @@ func setConsulClusterResourceData(d *schema.ResourceData, cluster *consulmodels. return err } + if err := d.Set("auto_hvn_to_hvn_peering", cluster.Config.AutoHvnToHvnPeering); err != nil { + return err + } + if publicEndpoint { // No port needed to communicate with HCP Consul via HTTPS if err := d.Set("consul_public_endpoint_url", fmt.Sprintf("https://%s", cluster.DNSNames.Public)); err != nil { diff --git a/internal/provider/resource_consul_cluster_test.go b/internal/provider/resource_consul_cluster_test.go index 78e58de48..bcaa0a072 100644 --- a/internal/provider/resource_consul_cluster_test.go +++ b/internal/provider/resource_consul_cluster_test.go @@ -61,6 +61,7 @@ func TestAccConsulCluster(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "consul_snapshot_interval", "24h"), resource.TestCheckResourceAttr(resourceName, "consul_snapshot_retention", "30d"), resource.TestCheckResourceAttr(resourceName, "connect_enabled", "true"), + resource.TestCheckResourceAttr(resourceName, "auto_hvn_to_hvn_peering", "false"), resource.TestCheckResourceAttrSet(resourceName, "organization_id"), resource.TestCheckResourceAttrSet(resourceName, "project_id"), resource.TestCheckResourceAttrSet(resourceName, "consul_config_file"), diff --git a/templates/guides/consul-federation.md.tmpl b/templates/guides/consul-federation.md.tmpl index 6e5d18f1b..64867b445 100644 --- a/templates/guides/consul-federation.md.tmpl +++ b/templates/guides/consul-federation.md.tmpl @@ -1,12 +1,14 @@ --- subcategory: "" -page_title: "Federate HCP Consul clusters - HCP Provider" +page_title: "Federation with Auto HVN Peering - HCP Provider" description: |- - An example of federating a new HCP Consul cluster with an existing one. + An example of federating a new HCP Consul cluster with an existing one via auto peering. --- -# Federate a new HCP Consul cluster with an existing one +# Federation with Auto HVN Peering Once you have a HCP Consul cluster, you can create a new Consul cluster to federate with the existing one. +By providing `auto_hvn_to_hvn_peering` as a parameter on the secondary cluster, the HVNs are being peered +automatically ensuring full connectivity. This parameter only ever has to be provided on secondary clusters. -{{ tffile "examples/guides/consul_cluster_federation/main.tf" }} \ No newline at end of file +{{ tffile "examples/guides/consul_cluster_federation/main.tf" }} diff --git a/templates/resources/consul_cluster.md.tmpl b/templates/resources/consul_cluster.md.tmpl index 1d46a12b5..f0dc9c2ff 100644 --- a/templates/resources/consul_cluster.md.tmpl +++ b/templates/resources/consul_cluster.md.tmpl @@ -7,7 +7,7 @@ description: |- # {{.Type}} ({{.Name}}) --> **Note:** The `primary_link` attribute is related to federation, a feature that is currently in private beta. +-> **Note:** The `primary_link` and `auto_hvn_to_hvn_peering` attributes are related to federation, a feature that is currently in private beta. -> **Note:** The `plus` tier is currently in private beta. @@ -23,4 +23,4 @@ description: |- Import is supported using the following syntax: -{{ codefile "shell" "examples/resources/hcp_consul_cluster/import.sh" }} \ No newline at end of file +{{ codefile "shell" "examples/resources/hcp_consul_cluster/import.sh" }}