From 01ba4788537b1f7dd7aec8f0df28d289ebf00dfb Mon Sep 17 00:00:00 2001 From: phamann Date: Fri, 25 Aug 2017 11:39:03 +0100 Subject: [PATCH 01/10] r/Service add external_traffic_policy to spec --- kubernetes/resource_kubernetes_service.go | 5 +++++ kubernetes/resource_kubernetes_service_test.go | 2 ++ kubernetes/structure_service_spec.go | 4 +++- website/docs/r/service.html.markdown | 1 + 4 files changed, 11 insertions(+), 1 deletion(-) diff --git a/kubernetes/resource_kubernetes_service.go b/kubernetes/resource_kubernetes_service.go index 855974ab12..d4d4a64d55 100644 --- a/kubernetes/resource_kubernetes_service.go +++ b/kubernetes/resource_kubernetes_service.go @@ -53,6 +53,11 @@ func resourceKubernetesService() *schema.Resource { Description: "The external reference that kubedns or equivalent will return as a CNAME record for this service. No proxying will be involved. Must be a valid DNS name and requires `type` to be `ExternalName`.", Optional: true, }, + "external_traffic_policy": { + Type: schema.TypeString, + Description: "Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. `Local` preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. `Cluster` obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading. More info: https://kubernetes.io/docs/tutorials/services/source-ip/", + Optional: true, + }, "load_balancer_ip": { Type: schema.TypeString, Description: "Only applies to `type = LoadBalancer`. LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying this field when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature.", diff --git a/kubernetes/resource_kubernetes_service_test.go b/kubernetes/resource_kubernetes_service_test.go index a51ada9c30..e35b75f221 100644 --- a/kubernetes/resource_kubernetes_service_test.go +++ b/kubernetes/resource_kubernetes_service_test.go @@ -143,6 +143,7 @@ func TestAccKubernetesService_loadBalancer(t *testing.T) { resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_ips.1452553500", "10.0.0.4"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_ips.3371212991", "10.0.0.3"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_name", "ext-name-"+name), + resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_traffic_policy", "Local"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.load_balancer_source_ranges.#", "2"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.load_balancer_source_ranges.138364083", "10.0.0.5/32"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.load_balancer_source_ranges.445311837", "10.0.0.6/32"), @@ -170,6 +171,7 @@ func TestAccKubernetesService_loadBalancer(t *testing.T) { resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_ips.1452553500", "10.0.0.4"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_ips.563283338", "10.0.0.5"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_name", "ext-name-modified-"+name), + resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_traffic_policy", "Local"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.load_balancer_source_ranges.#", "2"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.load_balancer_source_ranges.2271073252", "10.0.0.1/32"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.load_balancer_source_ranges.2515041290", "10.0.0.2/32"), diff --git a/kubernetes/structure_service_spec.go b/kubernetes/structure_service_spec.go index 09761b857e..eab02a841e 100644 --- a/kubernetes/structure_service_spec.go +++ b/kubernetes/structure_service_spec.go @@ -135,7 +135,9 @@ func expandServiceSpec(l []interface{}) v1.ServiceSpec { if v, ok := in["publish_not_ready_addresses"].(bool); ok { obj.PublishNotReadyAddresses = v } - + if v, ok := in["external_traffic_policy"].(string); ok { + obj.ExternalName = v + } return obj } diff --git a/website/docs/r/service.html.markdown b/website/docs/r/service.html.markdown index 9b57aac39a..052a59b3fb 100644 --- a/website/docs/r/service.html.markdown +++ b/website/docs/r/service.html.markdown @@ -87,6 +87,7 @@ For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/la * `cluster_ip` - (Optional) The IP address of the service. It is usually assigned randomly by the master. If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. `None` can be specified for headless services when proxying is not required. Ignored if type is `ExternalName`. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/services#virtual-ips-and-service-proxies) * `external_ips` - (Optional) A list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system. * `external_name` - (Optional) The external reference that kubedns or equivalent will return as a CNAME record for this service. No proxying will be involved. Must be a valid DNS name and requires `type` to be `ExternalName`. +* `external_traffic_policy` - (Optional) Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. `Local` preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. `Cluster` obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading. More info: https://kubernetes.io/docs/tutorials/services/source-ip/ * `load_balancer_ip` - (Optional) Only applies to `type = LoadBalancer`. LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying this field when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. * `load_balancer_source_ranges` - (Optional) If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/services-firewalls) * `port` - (Required) The list of ports that are exposed by this service. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/services#virtual-ips-and-service-proxies) From 222a1142758c5cd5103bf6e68c7bcf51d90302fb Mon Sep 17 00:00:00 2001 From: phamann Date: Wed, 30 Aug 2017 11:38:50 +0100 Subject: [PATCH 02/10] Update/add references to ExternalTrafficPolicy in structure_service_spec --- kubernetes/structure_service_spec.go | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/kubernetes/structure_service_spec.go b/kubernetes/structure_service_spec.go index eab02a841e..4077d338ca 100644 --- a/kubernetes/structure_service_spec.go +++ b/kubernetes/structure_service_spec.go @@ -56,6 +56,9 @@ func flattenServiceSpec(in v1.ServiceSpec) []interface{} { } att["publish_not_ready_addresses"] = in.PublishNotReadyAddresses + if in.ExternalTrafficPolicy != "" { + att["external_traffic_policy"] = string(in.ExternalTrafficPolicy) + } return []interface{}{att} } @@ -136,7 +139,7 @@ func expandServiceSpec(l []interface{}) v1.ServiceSpec { obj.PublishNotReadyAddresses = v } if v, ok := in["external_traffic_policy"].(string); ok { - obj.ExternalName = v + obj.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyType(v) } return obj } @@ -220,5 +223,11 @@ func patchServiceSpec(keyPrefix, pathPrefix string, d *schema.ResourceData, v *v }) } } + if d.HasChange(keyPrefix + "external_traffic_policy") { + ops = append(ops, &ReplaceOperation{ + Path: pathPrefix + "externalTrafficPolicy", + Value: d.Get(keyPrefix + "external_traffic_policy").(string), + }) + } return ops, nil } From df911a988da3f8642ee8195b18b8270f6baa957a Mon Sep 17 00:00:00 2001 From: Alex Somesan Date: Mon, 20 May 2019 18:31:08 +0200 Subject: [PATCH 03/10] Fix formatting --- kubernetes/structure_service_spec.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/kubernetes/structure_service_spec.go b/kubernetes/structure_service_spec.go index 4077d338ca..9ee16e71b2 100644 --- a/kubernetes/structure_service_spec.go +++ b/kubernetes/structure_service_spec.go @@ -209,6 +209,12 @@ func patchServiceSpec(keyPrefix, pathPrefix string, d *schema.ResourceData, v *v Value: d.Get(keyPrefix + "external_name").(string), }) } + if d.HasChange(keyPrefix + "external_traffic_policy") { + ops = append(ops, &ReplaceOperation{ + Path: pathPrefix + "externalTrafficPolicy", + Value: d.Get(keyPrefix + "external_traffic_policy").(string), + }) + } if d.HasChange(keyPrefix + "publish_not_ready_addresses") { p := pathPrefix + "publishNotReadyAddresses" v := d.Get(keyPrefix + "publish_not_ready_addresses").(bool) From 3d77518fb394624d82e5fdd179ba85a28ae948a5 Mon Sep 17 00:00:00 2001 From: Alex Somesan Date: Mon, 20 May 2019 18:59:45 +0200 Subject: [PATCH 04/10] remove duplicate code from merge conflict resolution --- kubernetes/structure_service_spec.go | 6 ------ 1 file changed, 6 deletions(-) diff --git a/kubernetes/structure_service_spec.go b/kubernetes/structure_service_spec.go index 9ee16e71b2..9ef118f835 100644 --- a/kubernetes/structure_service_spec.go +++ b/kubernetes/structure_service_spec.go @@ -229,11 +229,5 @@ func patchServiceSpec(keyPrefix, pathPrefix string, d *schema.ResourceData, v *v }) } } - if d.HasChange(keyPrefix + "external_traffic_policy") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "externalTrafficPolicy", - Value: d.Get(keyPrefix + "external_traffic_policy").(string), - }) - } return ops, nil } From d230f87780c9e15ac79343527ed116371a6269a0 Mon Sep 17 00:00:00 2001 From: Alex Somesan Date: Mon, 20 May 2019 19:00:59 +0200 Subject: [PATCH 05/10] Add validation to 'external_traffic_policy' --- kubernetes/resource_kubernetes_service.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/kubernetes/resource_kubernetes_service.go b/kubernetes/resource_kubernetes_service.go index d4d4a64d55..61631bbba9 100644 --- a/kubernetes/resource_kubernetes_service.go +++ b/kubernetes/resource_kubernetes_service.go @@ -7,6 +7,7 @@ import ( "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/helper/validation" api "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -54,9 +55,10 @@ func resourceKubernetesService() *schema.Resource { Optional: true, }, "external_traffic_policy": { - Type: schema.TypeString, - Description: "Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. `Local` preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. `Cluster` obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading. More info: https://kubernetes.io/docs/tutorials/services/source-ip/", - Optional: true, + Type: schema.TypeString, + Description: "Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. `Local` preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. `Cluster` obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading. More info: https://kubernetes.io/docs/tutorials/services/source-ip/", + Optional: true, + ValidateFunc: validation.StringInSlice([]string{"Local", "Cluster"}, false), }, "load_balancer_ip": { Type: schema.TypeString, From 872504300429b011502455303c8384e689ebc2e9 Mon Sep 17 00:00:00 2001 From: Alex Somesan Date: Mon, 20 May 2019 19:10:26 +0200 Subject: [PATCH 06/10] Set default for 'external_traffic_policy' --- kubernetes/resource_kubernetes_service.go | 1 + 1 file changed, 1 insertion(+) diff --git a/kubernetes/resource_kubernetes_service.go b/kubernetes/resource_kubernetes_service.go index 61631bbba9..fd482ced66 100644 --- a/kubernetes/resource_kubernetes_service.go +++ b/kubernetes/resource_kubernetes_service.go @@ -58,6 +58,7 @@ func resourceKubernetesService() *schema.Resource { Type: schema.TypeString, Description: "Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. `Local` preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. `Cluster` obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading. More info: https://kubernetes.io/docs/tutorials/services/source-ip/", Optional: true, + Default: "Cluster", ValidateFunc: validation.StringInSlice([]string{"Local", "Cluster"}, false), }, "load_balancer_ip": { From 01d5bd145f107e98431d4ad3d6f80186c92888fa Mon Sep 17 00:00:00 2001 From: Alex Somesan Date: Wed, 22 May 2019 21:03:30 +0200 Subject: [PATCH 07/10] Remove default and make 'external_traffic_policy' computed. --- kubernetes/resource_kubernetes_service.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/resource_kubernetes_service.go b/kubernetes/resource_kubernetes_service.go index fd482ced66..1879e24a94 100644 --- a/kubernetes/resource_kubernetes_service.go +++ b/kubernetes/resource_kubernetes_service.go @@ -58,7 +58,7 @@ func resourceKubernetesService() *schema.Resource { Type: schema.TypeString, Description: "Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. `Local` preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. `Cluster` obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading. More info: https://kubernetes.io/docs/tutorials/services/source-ip/", Optional: true, - Default: "Cluster", + Computed: true, ValidateFunc: validation.StringInSlice([]string{"Local", "Cluster"}, false), }, "load_balancer_ip": { From 3b4d1f371d72772c5580844f54563fc7220255a5 Mon Sep 17 00:00:00 2001 From: Alex Somesan Date: Wed, 22 May 2019 21:10:57 +0200 Subject: [PATCH 08/10] Add 'external_traffic_policy' to the service datasource. --- kubernetes/data_source_kubernetes_service.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/kubernetes/data_source_kubernetes_service.go b/kubernetes/data_source_kubernetes_service.go index 80991d1f31..3bd4bb892f 100644 --- a/kubernetes/data_source_kubernetes_service.go +++ b/kubernetes/data_source_kubernetes_service.go @@ -2,6 +2,7 @@ package kubernetes import ( "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/helper/validation" meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -35,6 +36,13 @@ func dataSourceKubernetesService() *schema.Resource { Description: "The external reference that kubedns or equivalent will return as a CNAME record for this service. No proxying will be involved. Must be a valid DNS name and requires `type` to be `ExternalName`.", Computed: true, }, + "external_traffic_policy": { + Type: schema.TypeString, + Description: "Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. `Local` preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. `Cluster` obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading. More info: https://kubernetes.io/docs/tutorials/services/source-ip/", + Optional: true, + Computed: true, + ValidateFunc: validation.StringInSlice([]string{"Local", "Cluster"}, false), + }, "load_balancer_ip": { Type: schema.TypeString, Description: "Only applies to `type = LoadBalancer`. LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying this field when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature.", From c7483d27c0967059ee8c7e910420cf626f673c19 Mon Sep 17 00:00:00 2001 From: Alex Somesan Date: Wed, 22 May 2019 21:30:53 +0200 Subject: [PATCH 09/10] Add 'external_traffic_policy' to the kubernete_service datasource docs. --- website/docs/d/service.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/d/service.html.markdown b/website/docs/d/service.html.markdown index ba200acca4..86ab40d0fe 100644 --- a/website/docs/d/service.html.markdown +++ b/website/docs/d/service.html.markdown @@ -75,6 +75,7 @@ The following arguments are supported: * `cluster_ip` - The IP address of the service. It is usually assigned randomly by the master. If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. `None` can be specified for headless services when proxying is not required. Ignored if type is `ExternalName`. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/services#virtual-ips-and-service-proxies) * `external_ips` - A list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system. * `external_name` - The external reference that kubedns or equivalent will return as a CNAME record for this service. No proxying will be involved. Must be a valid DNS name and requires `type` to be `ExternalName`. +* `external_traffic_policy` - (Optional) Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. `Local` preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. `Cluster` obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading. More info: https://kubernetes.io/docs/tutorials/services/source-ip/ * `load_balancer_ip` - Only applies to `type = LoadBalancer`. LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying this field when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. * `load_balancer_source_ranges` - If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/services-firewalls) * `port` - The list of ports that are exposed by this service. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/services#virtual-ips-and-service-proxies) From 8238910ab372239a4546bc7d3627173ba495eaf9 Mon Sep 17 00:00:00 2001 From: Alex Somesan Date: Wed, 22 May 2019 21:48:44 +0200 Subject: [PATCH 10/10] Adapt TestAccKubernetesService_loadBalancer for 'external_traffic_policy' --- kubernetes/resource_kubernetes_service_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kubernetes/resource_kubernetes_service_test.go b/kubernetes/resource_kubernetes_service_test.go index e35b75f221..5cdcc6af0e 100644 --- a/kubernetes/resource_kubernetes_service_test.go +++ b/kubernetes/resource_kubernetes_service_test.go @@ -143,7 +143,7 @@ func TestAccKubernetesService_loadBalancer(t *testing.T) { resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_ips.1452553500", "10.0.0.4"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_ips.3371212991", "10.0.0.3"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_name", "ext-name-"+name), - resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_traffic_policy", "Local"), + resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.external_traffic_policy", "Cluster"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.load_balancer_source_ranges.#", "2"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.load_balancer_source_ranges.138364083", "10.0.0.5/32"), resource.TestCheckResourceAttr("kubernetes_service.test", "spec.0.load_balancer_source_ranges.445311837", "10.0.0.6/32"), @@ -697,6 +697,7 @@ resource "kubernetes_service" "test" { external_name = "ext-name-modified-%s" external_ips = ["10.0.0.4", "10.0.0.5"] load_balancer_source_ranges = ["10.0.0.1/32", "10.0.0.2/32"] + external_traffic_policy = "Local" selector = { App = "MyModifiedApp"