From f179c933479a64144817f1c4ee0345d7e970eb71 Mon Sep 17 00:00:00 2001 From: Shizhao Liu Date: Wed, 13 Dec 2023 22:51:43 +0000 Subject: [PATCH] Resource to prepare for NSXT cluster upgrade Signed-off-by: Shizhao Liu --- nsxt/provider.go | 2 + ...ource_nsxt_upgrade_precheck_acknowledge.go | 88 +++++ nsxt/resource_nsxt_upgrade_prepare.go | 309 ++++++++++++++++++ ...upgrade_precheck_acknowledge.html.markdown | 32 ++ website/docs/r/upgrade_prepare.html.markdown | 47 +++ 5 files changed, 478 insertions(+) create mode 100644 nsxt/resource_nsxt_upgrade_precheck_acknowledge.go create mode 100644 nsxt/resource_nsxt_upgrade_prepare.go create mode 100644 website/docs/r/upgrade_precheck_acknowledge.html.markdown create mode 100644 website/docs/r/upgrade_prepare.html.markdown diff --git a/nsxt/provider.go b/nsxt/provider.go index 55e1ba98d..4a4b794d5 100644 --- a/nsxt/provider.go +++ b/nsxt/provider.go @@ -441,6 +441,8 @@ func Provider() *schema.Provider { "nsxt_policy_lb_http_application_profile": resourceNsxtPolicyLBHttpApplicationProfile(), "nsxt_policy_security_policy_rule": resourceNsxtPolicySecurityPolicyRule(), "nsxt_policy_parent_security_policy": resourceNsxtPolicyParentSecurityPolicy(), + "nsxt_upgrade_prepare": resourceNsxtUpgradePrepare(), + "nsxt_upgrade_precheck_acknowledge": resourceNsxtUpgradePrecheckAcknowledge(), }, ConfigureFunc: providerConfigure, diff --git a/nsxt/resource_nsxt_upgrade_precheck_acknowledge.go b/nsxt/resource_nsxt_upgrade_precheck_acknowledge.go new file mode 100644 index 000000000..02ca86e5d --- /dev/null +++ b/nsxt/resource_nsxt_upgrade_precheck_acknowledge.go @@ -0,0 +1,88 @@ +/* Copyright © 2023 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + nsxModel "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp/nsx/model" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp/nsx/upgrade" +) + +func resourceNsxtUpgradePrecheckAcknowledge() *schema.Resource { + return &schema.Resource{ + Create: resourceNsxtUpgradePrecheckAcknowledgeCreate, + Read: resourceNsxtUpgradePrecheckAcknowledgeRead, + Update: resourceNsxtUpgradePrecheckAcknowledgeUpdate, + Delete: resourceNsxtUpgradePrecheckAcknowledgeDelete, + + Schema: map[string]*schema.Schema{ + "precheck_id": { + Type: schema.TypeList, + Description: "IDs of failed prechecks that user wants to acknowledge before upgrade", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Description: "ID of failed precheck to acknowledge", + Required: true, + }, + }, + }, + Required: true, + }, + }, + } +} + +func resourceNsxtUpgradePrecheckAcknowledgeCreate(d *schema.ResourceData, m interface{}) error { + id := d.Id() + if id == "" { + id = newUUID() + } + d.SetId(id) + precheckIDs := interface2StringList(d.Get("precheck_id").([]interface{})) + connector := getPolicyConnector(m) + client := upgrade.NewPreUpgradeChecksClient(connector) + for _, precheckID := range precheckIDs { + err := client.Acknowledge(precheckID) + if err != nil { + return handleCreateError("NsxtUpgradePrecheckAcknowledge", id, err) + } + } + return resourceNsxtUpgradePrecheckAcknowledgeRead(d, m) +} + +func resourceNsxtUpgradePrecheckAcknowledgeRead(d *schema.ResourceData, m interface{}) error { + id := d.Id() + precheckWarnings, err := getPrecheckErrors(m, nsxModel.UpgradeCheckFailure_TYPE_WARNING) + if err != nil { + return handleReadError(d, "NsxtUpgradePrecheckAcknowledge", id, err) + } + err = setAcknowledgedPrecheckIDsInSchema(d, precheckWarnings) + if err != nil { + return handleReadError(d, "NsxtUpgradePrecheckAcknowledge", id, err) + } + return nil +} + +func setAcknowledgedPrecheckIDsInSchema(d *schema.ResourceData, precheckWarnings []nsxModel.UpgradeCheckFailure) error { + var precheckWarningIDs []map[string]interface{} + for _, precheckWarning := range precheckWarnings { + elem := make(map[string]interface{}) + if !(*precheckWarning.NeedsAck) { + id := *precheckWarning.Id + elem["id"] = id + precheckWarningIDs = append(precheckWarningIDs, elem) + } + } + return d.Set("precheck_id", precheckWarningIDs) +} + +func resourceNsxtUpgradePrecheckAcknowledgeUpdate(d *schema.ResourceData, m interface{}) error { + return nil +} + +func resourceNsxtUpgradePrecheckAcknowledgeDelete(d *schema.ResourceData, m interface{}) error { + return nil +} diff --git a/nsxt/resource_nsxt_upgrade_prepare.go b/nsxt/resource_nsxt_upgrade_prepare.go new file mode 100644 index 000000000..1b29ea9c4 --- /dev/null +++ b/nsxt/resource_nsxt_upgrade_prepare.go @@ -0,0 +1,309 @@ +/* Copyright © 2023 VMware, Inc. All Rights Reserved. + SPDX-License-Identifier: MPL-2.0 */ + +package nsxt + +import ( + "fmt" + "log" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp/nsx" + nsxModel "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp/nsx/model" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp/nsx/upgrade" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp/nsx/upgrade/bundles" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp/nsx/upgrade/eula" + "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp/nsx/upgrade/pre_upgrade_checks" +) + +func resourceNsxtUpgradePrepare() *schema.Resource { + return &schema.Resource{ + Create: resourceNsxtUpgradePrepareCreate, + Read: resourceNsxtUpgradePrepareRead, + Update: resourceNsxtUpgradePrepareUpdate, + Delete: resourceNsxtUpgradePrepareDelete, + + Schema: map[string]*schema.Schema{ + "upgrade_bundle_url": { + Type: schema.TypeString, + Description: "URL of the NSXT Upgrade bundle", + Required: true, + }, + "precheck_bundle_url": { + Type: schema.TypeString, + Description: "URL of the NSXT Upgrade precheck bundle (Only applied to NSXT version >= 4.1.1)", + Optional: true, + }, + "version": { + Type: schema.TypeString, + Description: "Version for the upgrade", + Required: true, + }, + "accept_user_agreement": { + Type: schema.TypeBool, + Description: "Whether to accept the user agreement", + Required: true, + }, + "failed_prechecks": { + Type: schema.TypeList, + Description: "List of failed prechecks for the upgrade, only include warnings, if precheck failed with error then the resource creation will fail", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Description: "ID of failed precheck", + Computed: true, + }, + "message": { + Type: schema.TypeString, + Description: "Message of the failed precheck", + Computed: true, + }, + }, + }, + Computed: true, + }, + }, + } +} + +func uploadPrecheckAndUpgradeBundle(d *schema.ResourceData, m interface{}) error { + upgradeBundleURL := d.Get("upgrade_bundle_url").(string) + precheckBundleURL := d.Get("precheck_bundle_url").(string) + upgradeBundleType := nsxModel.UpgradeBundleFetchRequest_BUNDLE_TYPE_UPGRADE + precheckBundleType := nsxModel.UpgradeBundleFetchRequest_BUNDLE_TYPE_PRE_UPGRADE + version := d.Get("version").(string) + installParam := false + c := m.(nsxtClients) + userName := c.NsxtClientConfig.UserName + password := c.NsxtClientConfig.Password + if !precheckBundleCompatibilityCheck(precheckBundleURL) { + return fmt.Errorf("Precheck bundle is only supported and required for NSXT version >= 4.1.1") + } + if len(precheckBundleURL) > 0 { + err := uploadUpgradeBundle(m, precheckBundleURL, userName, password, precheckBundleType, version, installParam) + if err != nil { + return fmt.Errorf("Failed to upload precheck bundle: %s", err) + } + } + err := uploadUpgradeBundle(m, upgradeBundleURL, userName, password, upgradeBundleType, version, installParam) + if err != nil { + return fmt.Errorf("Failed to upload upgrade bundle: %s", err) + } + return nil +} + +func precheckBundleCompatibilityCheck(precheckBundleURL string) bool { + if nsxVersionLower("4.1.1") && len(precheckBundleURL) > 0 { + return false + } + if nsxVersionHigherOrEqual("4.1.1") && len(precheckBundleURL) == 0 { + return false + } + return true +} + +func uploadUpgradeBundle(m interface{}, url string, userName string, password string, bundleType string, version string, installParam bool) error { + connector := getPolicyConnector(m) + client := upgrade.NewBundlesClient(connector) + bundleFetchRequest := nsxModel.UpgradeBundleFetchRequest{ + BundleType: &bundleType, + Password: &password, + Username: &userName, + Url: &url, + Version: &version, + } + bundleID, err := client.Create(bundleFetchRequest, &installParam) + if err != nil { + return fmt.Errorf("Failed to upload upgrade bundle with ID %s: %s", bundleID, err) + } + return waitForBundleUpload(m, *bundleID.BundleId) +} + +func acceptUserAgreement(d *schema.ResourceData, m interface{}) error { + connector := getPolicyConnector(m) + acceptUserAgreement := d.Get("accept_user_agreement").(bool) + if !acceptUserAgreement { + return fmt.Errorf("To proceed with upgrade, you must accept user agreement") + } + client := eula.NewAcceptClient(connector) + err := client.Create() + if err != nil { + return handleCreateError("NsxtUpgradePrepare", "", err) + } + return nil +} + +func executePreupgradeChecks(m interface{}) error { + connector := getPolicyConnector(m) + client := nsx.NewUpgradeClient(connector) + return client.Executepreupgradechecks(nil, nil, nil, nil, nil, nil) +} + +func getPrecheckErrors(m interface{}, typeParam string) ([]nsxModel.UpgradeCheckFailure, error) { + connector := getPolicyConnector(m) + client := pre_upgrade_checks.NewFailuresClient(connector) + resultList, err := client.List(nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, &typeParam, nil, nil) + if err != nil { + return nil, err + } + return resultList.Results, nil +} + +func setFailedPrechecksInSchema(d *schema.ResourceData, precheckWarnings []nsxModel.UpgradeCheckFailure) error { + var failedPrechecksList []map[string]interface{} + for _, warning := range precheckWarnings { + id := *warning.Id + message := *(warning.Message.Message) + elem := make(map[string]interface{}) + elem["id"] = id + elem["message"] = message + failedPrechecksList = append(failedPrechecksList, elem) + } + return d.Set("failed_prechecks", failedPrechecksList) +} + +func resourceNsxtUpgradePrepareCreate(d *schema.ResourceData, m interface{}) error { + id := d.Id() + if id == "" { + id = newUUID() + } + d.SetId(id) + err := prepareForUpgrade(d, m) + if err != nil { + return handleCreateError("NsxtUpgradePrepare", id, err) + } + return resourceNsxtUpgradePrepareRead(d, m) +} + +func prepareForUpgrade(d *schema.ResourceData, m interface{}) error { + // 1. Accept user agreement + err := acceptUserAgreement(d, m) + if err != nil { + return err + } + // 2. Upload upgrade bundle and wait for upload to complete + err = uploadPrecheckAndUpgradeBundle(d, m) + if err != nil { + return fmt.Errorf("Failed to upload upgrade bundle: %s", err) + } + // 3. Check UC upgrade status. API call to upgrade UC is invoked + // after user uploads an upgrade bundle. + err = waitForUcUpgrade(m) + + // 4. Execute pre-upgrade checks + err = executePreupgradeChecks(m) + if err != nil { + return fmt.Errorf("Failed to execute pre-upgrade checks: %s", err) + } + // 5. Check if there is error in prechecks + precheckFailures, err := getPrecheckErrors(m, nsxModel.UpgradeCheckFailure_TYPE_FAILURE) + if err != nil { + return fmt.Errorf("Failed to get precheck errors: %s", err) + } + if len(precheckFailures) > 0 { + return fmt.Errorf("Encounter errors in precheck %s", *(precheckFailures[0].Message.Message)) + } + return nil +} + +func waitForUcUpgrade(m interface{}) error { + connector := getPolicyConnector(m) + client := upgrade.NewUcUpgradeStatusClient(connector) + pendingStates := []string{ + nsxModel.UcUpgradeStatus_STATE_NOT_STARTED, + nsxModel.UcUpgradeStatus_STATE_IN_PROGRESS, + } + targetStates := []string{ + nsxModel.UcUpgradeStatus_STATE_SUCCESS, + nsxModel.UcUpgradeStatus_STATE_FAILED, + } + timeout := 1200 + stateConf := &resource.StateChangeConf{ + Pending: pendingStates, + Target: targetStates, + Refresh: func() (interface{}, string, error) { + state, err := client.Get() + if err != nil { + return state, nsxModel.UcUpgradeStatus_STATE_FAILED, logAPIError("Error while waiting for UC upgrade", err) + } + + log.Printf("[DEBUG] Current status for UC Upgrade is %s", *state.State) + + return state, *state.State, nil + }, + Timeout: time.Duration(timeout) * time.Second, + MinTimeout: 1 * time.Second, + Delay: 1 * time.Second, + } + _, err := stateConf.WaitForState() + if err != nil { + return fmt.Errorf("Failed to upgrade UC: %v", err) + } + return nil +} + +func resourceNsxtUpgradePrepareRead(d *schema.ResourceData, m interface{}) error { + id := d.Id() + precheckWarnings, err := getPrecheckErrors(m, nsxModel.UpgradeCheckFailure_TYPE_WARNING) + if err != nil { + return handleReadError(d, "NsxtUpgradePrepare", id, err) + } + err = setFailedPrechecksInSchema(d, precheckWarnings) + if err != nil { + return handleReadError(d, "NsxtUpgradePrepare", id, err) + } + return nil +} + +func resourceNsxtUpgradePrepareUpdate(d *schema.ResourceData, m interface{}) error { + id := d.Id() + err := prepareForUpgrade(d, m) + if err != nil { + return handleUpdateError("NsxtUpgradePrepare", id, err) + } + return resourceNsxtUpgradePrepareRead(d, m) +} + +func resourceNsxtUpgradePrepareDelete(d *schema.ResourceData, m interface{}) error { + return nil +} + +func waitForBundleUpload(m interface{}, bundleID string) error { + connector := getPolicyConnector(m) + client := bundles.NewUploadStatusClient(connector) + pendingStates := []string{ + nsxModel.UpgradeBundleUploadStatus_STATUS_UPLOADING, + nsxModel.UpgradeBundleUploadStatus_STATUS_VERIFYING, + } + targetStates := []string{ + nsxModel.UpgradeBundleUploadStatus_STATUS_SUCCESS, + nsxModel.UpgradeBundleUploadStatus_STATUS_FAILED, + } + timeout := 1200 + stateConf := &resource.StateChangeConf{ + Pending: pendingStates, + Target: targetStates, + Refresh: func() (interface{}, string, error) { + state, err := client.Get(bundleID) + if err != nil { + msg := fmt.Sprintf("Error while waiting for bundle %s upload", bundleID) + return state, nsxModel.UpgradeBundleUploadStatus_STATUS_FAILED, logAPIError(msg, err) + } + + log.Printf("[DEBUG] Current status for uploading bundle %s is %s", bundleID, *state.Status) + + return state, *state.Status, nil + }, + Timeout: time.Duration(timeout) * time.Second, + MinTimeout: 1 * time.Second, + Delay: 1 * time.Second, + } + _, err := stateConf.WaitForState() + if err != nil { + return fmt.Errorf("Failed to upload bundle %s: %v", bundleID, err) + } + return nil +} diff --git a/website/docs/r/upgrade_precheck_acknowledge.html.markdown b/website/docs/r/upgrade_precheck_acknowledge.html.markdown new file mode 100644 index 000000000..5d24b7a77 --- /dev/null +++ b/website/docs/r/upgrade_precheck_acknowledge.html.markdown @@ -0,0 +1,32 @@ +--- +subcategory: "Beta" +layout: "nsxt" +page_title: "NSXT: nsxt_upgrade_precheck_acknowledge" +description: A resource to acknowledge failed NSXT upgrade prechecks. +--- + +# nsxt_upgrade_precheck_acknowledge + +This resource provides a method for acknowledging the failed prechecks +for NSXT upgrade. + +## Example Usage + +```hcl +resource "nsxt_upgrade_precheck_acknowledge" "test" { + precheck_id { + id = "backupOperationCheck" + } +} +``` + +## Argument Reference + +The following arguments are supported: + +* `precheck_id` - (Required) List of ids of failed prechecks user want to acknowledge. + * `id` - (Required) Id of failed prechecks. + +## Importing + +Importing is not supported for this resource. diff --git a/website/docs/r/upgrade_prepare.html.markdown b/website/docs/r/upgrade_prepare.html.markdown new file mode 100644 index 000000000..74dfba7bc --- /dev/null +++ b/website/docs/r/upgrade_prepare.html.markdown @@ -0,0 +1,47 @@ +--- +subcategory: "Beta" +layout: "nsxt" +page_title: "NSXT: nsxt_upgrade_prepare" +description: A resource to prepare for the upgrade of NSXT cluster. +--- + +# nsxt_upgrade_prepare + +This resource provides a method for preparing the upgrade of NSXT cluster, +it will upload upgrade bundle to NSX and run upgrade prechecks. +If there are errors in precheck result, the creation of resource will fail. +Precheck warnings will be listed in the `failed_prechecks` field of terraform state, +user can use the nsxt_upgrade_precheck_acknowledge resource to acknowledge these +warnings. + +## Example Usage + +```hcl +resource "nsxt_upgrade_prepare" "test" { + upgrade_bundle_url = "http://url-to-upgrade-bundle.mub" + precheck_bundle_url = "http://url-to-precheck-bundle.pub" + version = "4.2.0" + accept_user_agreement = true +} +``` + +## Argument Reference + +The following arguments are supported: + +* `upgrade_bundle_url` - (Required) The url to download the Manager Upgrade bundle. +* `precheck_bundle_url` - (Optional) The url to download the Precheck bundle. This field is required and only applied to NSX version >= 4.1.1 +* `accept_user_agreement` - (Required) User agreement must be accepted before upgrade. +* `version` - (Required) Target version of the upgrade. + +## Argument Reference + +In addition to arguments listed above, the following attributes are exported: + +* `failed_prechecks` - (Computed) Failed prechecks from running pre-upgrade check. + * `id` - ID of the failed precheck. + * `message` - Message of the failed precheck. + +## Importing + +Importing is not supported for this resource.