Skip to content

Commit

Permalink
Introduces map data for ns groups and ns services
Browse files Browse the repository at this point in the history
Such data source builds a name to uuids map of the whole table.
This map can be referenced in configuration to obtain object uuids at
a cost of single roudtrip to NSX, which improves apply and refresh
time at scale.

Signed-off-by: Anna Khmelnitsky <[email protected]>
  • Loading branch information
annakhm committed Sep 1, 2021
1 parent d174060 commit 5cbe660
Show file tree
Hide file tree
Showing 7 changed files with 320 additions and 0 deletions.
62 changes: 62 additions & 0 deletions nsxt/data_source_nsxt_ns_groups.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
/* Copyright © 2017 VMware, Inc. All Rights Reserved.
SPDX-License-Identifier: MPL-2.0 */

package nsxt

import (
"fmt"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

func dataSourceNsxtNsGroups() *schema.Resource {
return &schema.Resource{
Read: dataSourceNsxtNsGroupsRead,

Schema: map[string]*schema.Schema{
"items": {
Type: schema.TypeMap,
Description: "Mapping of group UUID by display name",
Computed: true,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
},
}
}

func dataSourceNsxtNsGroupsRead(d *schema.ResourceData, m interface{}) error {
nsxClient := m.(nsxtClients).NsxtClient
if nsxClient == nil {
return dataSourceNotSupportedError()
}

// Get by full name
groupMap := make(map[string]string)
lister := func(info *paginationInfo) error {
objList, _, err := nsxClient.GroupingObjectsApi.ListNSGroups(nsxClient.Context, info.LocalVarOptionals)
if err != nil {
return fmt.Errorf("Error while reading NS groups: %v", err)
}
info.PageCount = int64(len(objList.Results))
info.TotalCount = objList.ResultCount
info.Cursor = objList.Cursor

// go over the list to find the correct one
for _, objInList := range objList.Results {
groupMap[objInList.DisplayName] = objInList.Id
}
return nil
}

_, err := handlePagination(lister)
if err != nil {
return err
}

d.SetId(newUUID())
d.Set("items", groupMap)

return nil
}
58 changes: 58 additions & 0 deletions nsxt/data_source_nsxt_ns_groups_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
/* Copyright © 2017 VMware, Inc. All Rights Reserved.
SPDX-License-Identifier: MPL-2.0 */

package nsxt

import (
"fmt"
"testing"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
)

func TestAccDataSourceNsxtNsGroups_basic(t *testing.T) {
groupName := getAccTestDataSourceName()
testResourceName := "data.nsxt_ns_groups.test"
// in order to verify correct functionality, we compare fetching by name with regular data source
// and fetching using the map data source with same name
// in order to verify map fetching with pair comparison, we use an extra resource
checkDataSourceName := "data.nsxt_ns_group.check"
checkResourceName := "nsxt_ns_group.check"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccOnlyLocalManager(t); testAccTestMP(t); testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: func(state *terraform.State) error {
return testAccDataSourceNsxtNsGroupDeleteByName(groupName)
},
Steps: []resource.TestStep{
{
PreConfig: func() {
if err := testAccDataSourceNsxtNsGroupCreate(groupName); err != nil {
panic(err)
}
},
Config: testAccNSXNsGroupsReadTemplate(groupName),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttrSet(testResourceName, "id"),
resource.TestCheckResourceAttrPair(checkResourceName, "display_name", checkDataSourceName, "id"),
),
},
},
})
}

func testAccNSXNsGroupsReadTemplate(groupName string) string {
return fmt.Sprintf(`
data "nsxt_ns_groups" "test" {
}
data "nsxt_ns_group" "check" {
display_name = "%s"
}
resource "nsxt_ns_group" "check" {
display_name = data.nsxt_ns_groups.test.items["%s"]
}`, groupName, groupName)
}
62 changes: 62 additions & 0 deletions nsxt/data_source_nsxt_ns_services.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
/* Copyright © 2017 VMware, Inc. All Rights Reserved.
SPDX-License-Identifier: MPL-2.0 */

package nsxt

import (
"fmt"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

func dataSourceNsxtNsServices() *schema.Resource {
return &schema.Resource{
Read: dataSourceNsxtNsServicesRead,

Schema: map[string]*schema.Schema{
"items": {
Type: schema.TypeMap,
Description: "Mapping of service UUID by display name",
Computed: true,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
},
}
}

func dataSourceNsxtNsServicesRead(d *schema.ResourceData, m interface{}) error {
nsxClient := m.(nsxtClients).NsxtClient
if nsxClient == nil {
return dataSourceNotSupportedError()
}

// Get by full name
serviceMap := make(map[string]string)
lister := func(info *paginationInfo) error {
objList, _, err := nsxClient.GroupingObjectsApi.ListNSServices(nsxClient.Context, info.LocalVarOptionals)
if err != nil {
return fmt.Errorf("Error while reading NS services: %v", err)
}
info.PageCount = int64(len(objList.Results))
info.TotalCount = objList.ResultCount
info.Cursor = objList.Cursor

// go over the list to find the correct one
for _, objInList := range objList.Results {
serviceMap[objInList.DisplayName] = objInList.Id
}
return nil
}

_, err := handlePagination(lister)
if err != nil {
return err
}

d.SetId(newUUID())
d.Set("items", serviceMap)

return nil
}
58 changes: 58 additions & 0 deletions nsxt/data_source_nsxt_ns_services_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
/* Copyright © 2017 VMware, Inc. All Rights Reserved.
SPDX-License-Identifier: MPL-2.0 */

package nsxt

import (
"fmt"
"testing"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
)

func TestAccDataSourceNsxtNsServices_basic(t *testing.T) {
serviceName := getAccTestDataSourceName()
testResourceName := "data.nsxt_ns_services.test"
// in order to verify correct functionality, we compare fetching by name with regular data source
// and fetching using the map data source with same name
// in order to verify map fetching with pair comparison, we use an extra resource
checkDataSourceName := "data.nsxt_ns_service.check"
checkResourceName := "nsxt_ns_group.check"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccOnlyLocalManager(t); testAccTestMP(t); testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: func(state *terraform.State) error {
return testAccDataSourceNsxtNsServiceDeleteByName(serviceName)
},
Steps: []resource.TestStep{
{
PreConfig: func() {
if err := testAccDataSourceNsxtNsServiceCreate(serviceName); err != nil {
panic(err)
}
},
Config: testAccNSXNsServicesReadTemplate(serviceName),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttrSet(testResourceName, "id"),
resource.TestCheckResourceAttrPair(checkResourceName, "display_name", checkDataSourceName, "id"),
),
},
},
})
}

func testAccNSXNsServicesReadTemplate(serviceName string) string {
return fmt.Sprintf(`
data "nsxt_ns_services" "test" {
}
data "nsxt_ns_service" "check" {
display_name = "%s"
}
resource "nsxt_ns_group" "check" {
display_name = data.nsxt_ns_services.test.items["%s"]
}`, serviceName, serviceName)
}
2 changes: 2 additions & 0 deletions nsxt/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -203,7 +203,9 @@ func Provider() *schema.Provider {
"nsxt_logical_tier1_router": dataSourceNsxtLogicalTier1Router(),
"nsxt_mac_pool": dataSourceNsxtMacPool(),
"nsxt_ns_group": dataSourceNsxtNsGroup(),
"nsxt_ns_groups": dataSourceNsxtNsGroups(),
"nsxt_ns_service": dataSourceNsxtNsService(),
"nsxt_ns_services": dataSourceNsxtNsServices(),
"nsxt_edge_cluster": dataSourceNsxtEdgeCluster(),
"nsxt_certificate": dataSourceNsxtCertificate(),
"nsxt_ip_pool": dataSourceNsxtIPPool(),
Expand Down
36 changes: 36 additions & 0 deletions website/docs/d/ns_groups.html.markdown
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
---
subcategory: "Manager"
layout: "nsxt"
page_title: "NSXT: ns_groups"
description: A networking and security groups data source. This data source builds "display name to id" map representation of the whole table.
---

# nsxt_ns_groups

This data source builds a "name to uuid" map of the whole NS Group table. Such map can be referenced in configuration to obtain object uuids by display name at a cost of single roudtrip to NSX, which improves apply and refresh
time at scale, compared to multiple instances of `nsxt_ns_group` data source.

## Example Usage

```hcl
data "nsxt_ns_group" "map" {
}
resource "nsxt_firewall_section" "s1" {
display_name = "section1"
applied_to {
target_type = "NSGroup"
target_id = data.nsxt_ns_groups.map.items["group1"]
}
section_type = "LAYER3"
}
```

## Attributes Reference

In addition to arguments listed above, the following attributes are exported:

* `items` - Map of ns group uuids keyed by display name.
42 changes: 42 additions & 0 deletions website/docs/d/ns_services.html.markdown
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
---
subcategory: "Manager"
layout: "nsxt"
page_title: "NSXT: ns_services"
description: A networking and security services data source. This data source builds "display name to id" map representation of the whole table.
---

# nsxt_ns_services

This data source builds a "name to uuid" map of the whole NS Services table. Such map can be referenced in configuration to obtain object uuids by display name at a cost of single roudtrip to NSX, which improves apply and refresh
time at scale, compared to multiple instances of `nsxt_ns_service` data source.

## Example Usage

```hcl
data "nsxt_ns_service" "map" {
}
resource "nsxt_firewall_section" "s1" {
display_name = "section1"
rule {
display_name = "in_rule"
action = "DROP"
direction = "IN"
service {
target_type = "NSService"
target_id = data.nsxt_ns_services.map.items["service1"]
}
}
section_type = "LAYER3"
}
```

## Attributes Reference

In addition to arguments listed above, the following attributes are exported:

* `items` - Map of ns service uuids keyed by display name.

0 comments on commit 5cbe660

Please sign in to comment.