From f7d8badaa07cbfbcf3a264179fd260c9c418f883 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 09:56:07 +0100 Subject: [PATCH 01/28] Add support for CSE 4.2.1 Signed-off-by: abarreiro --- ...example => terraform.tfvars.example.4.2.0} | 8 +-- .../step1/terraform.tfvars.example.4.2.1 | 61 +++++++++++++++++++ .../v4.2/install/step1/variables.tf | 3 - ...ervice_extension_4_x_install.html.markdown | 58 +++++++++++++++--- 4 files changed, 115 insertions(+), 15 deletions(-) rename examples/container-service-extension/v4.2/install/step1/{terraform.tfvars.example => terraform.tfvars.example.4.2.0} (93%) create mode 100644 examples/container-service-extension/v4.2/install/step1/terraform.tfvars.example.4.2.1 diff --git a/examples/container-service-extension/v4.2/install/step1/terraform.tfvars.example b/examples/container-service-extension/v4.2/install/step1/terraform.tfvars.example.4.2.0 similarity index 93% rename from examples/container-service-extension/v4.2/install/step1/terraform.tfvars.example rename to examples/container-service-extension/v4.2/install/step1/terraform.tfvars.example.4.2.0 index 2d1d3f7ec..6ede0fc95 100644 --- a/examples/container-service-extension/v4.2/install/step1/terraform.tfvars.example +++ b/examples/container-service-extension/v4.2/install/step1/terraform.tfvars.example.4.2.0 @@ -28,11 +28,11 @@ cse_admin_password = "change-me" # These are required to create the Runtime Defined Entity that will contain the CSE Server configuration (vcdKeConfig) # To know more about the specific versions, please refer to the CSE documentation. -# The values set here correspond to CSE 4.2: +# The values set here correspond to CSE 4.2.0: vcdkeconfig_template_filepath = "../../entities/vcdkeconfig.json.template" -capvcd_version = "1.2.0" -cpi_version = "1.5.0" -csi_version = "1.5.0" +capvcd_version = "1.2.0" # 4.2.0 +cpi_version = "1.5.0" # 4.2.0 +csi_version = "1.5.0" # 4.2.0 rde_projector_version = "0.7.0" # Optional but recommended to avoid rate limiting when configuring the TKGm clusters. diff --git a/examples/container-service-extension/v4.2/install/step1/terraform.tfvars.example.4.2.1 b/examples/container-service-extension/v4.2/install/step1/terraform.tfvars.example.4.2.1 new file mode 100644 index 000000000..baf2a3e92 --- /dev/null +++ b/examples/container-service-extension/v4.2/install/step1/terraform.tfvars.example.4.2.1 @@ -0,0 +1,61 @@ +# Change configuration to your needs and rename to 'terraform.tfvars' +# For more details about the variables specified here, please read the guide first: +# https://registry.terraform.io/providers/vmware/vcd/latest/docs/guides/container_service_extension_4_x_install + +# ------------------------------------------------ +# VCD Provider config +# ------------------------------------------------ + +vcd_url = "https://vcd.my-awesome-corp.com" +administrator_user = "administrator" +administrator_password = "change-me" +administrator_org = "System" +insecure_login = "false" + +# ------------------------------------------------ +# CSE Server Pre-requisites +# ------------------------------------------------ + +# This user will be created by the Terraform configuration, so you can +# customise what its username and password will be. +# This user will have an API token that must be consumed by the CSE Server. +cse_admin_username = "cse_admin" +cse_admin_password = "change-me" + +# ------------------------------------------------ +# CSE Server Settings +# ------------------------------------------------ + +# These are required to create the Runtime Defined Entity that will contain the CSE Server configuration (vcdKeConfig) +# To know more about the specific versions, please refer to the CSE documentation. +# The values set here correspond to CSE 4.2.1: +vcdkeconfig_template_filepath = "../../entities/vcdkeconfig.json.template" +capvcd_version = "1.3.0" # 4.2.1 +cpi_version = "1.6.0" # 4.2.1 +csi_version = "1.6.0" # 4.2.1 +rde_projector_version = "0.7.0" + +# Optional but recommended to avoid rate limiting when configuring the TKGm clusters. +# Create this one in https://github.com/settings/tokens +github_personal_access_token = "" + +# Node will be considered unhealthy and remediated if joining the cluster takes longer than this timeout (seconds) +node_startup_timeout = "900" +# A newly joined node will be considered unhealthy and remediated if it cannot host workloads for longer than this timeout (seconds) +node_not_ready_timeout = "300" +# A healthy node will be considered unhealthy and remediated if it is unreachable for longer than this timeout (seconds) +node_unknown_timeout = "300" +# Remediation will be suspended when the number of unhealthy nodes exceeds this percentage. +# (100% means that unhealthy nodes will always be remediated, while 0% means that unhealthy nodes will never be remediated) +max_unhealthy_node_percentage = 100 + +# URL from where TKG clusters will fetch container images +container_registry_url = "projects.registry.vmware.com" + +# Certificate(s) to allow the ephemeral VM (created during cluster creation) to authenticate with. +# For example, when pulling images from a container registry. (Copy and paste .cert file contents) +k8s_cluster_certificates = [] + +# Certificate(s) to allow clusters to authenticate with. +# For example, when pulling images from a container registry. (Copy and paste .cert file contents) +bootstrap_vm_certificates = [] diff --git a/examples/container-service-extension/v4.2/install/step1/variables.tf b/examples/container-service-extension/v4.2/install/step1/variables.tf index 123d9db5f..6ffdadda2 100644 --- a/examples/container-service-extension/v4.2/install/step1/variables.tf +++ b/examples/container-service-extension/v4.2/install/step1/variables.tf @@ -59,19 +59,16 @@ variable "vcdkeconfig_template_filepath" { variable "capvcd_version" { type = string description = "Version of CAPVCD" - default = "1.2.0" } variable "cpi_version" { type = string description = "VCDKEConfig: Cloud Provider Interface version" - default = "1.5.0" } variable "csi_version" { type = string description = "VCDKEConfig: Container Storage Interface version" - default = "1.5.0" } variable "rde_projector_version" { diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index d87d4c58c..eedb76a72 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -79,12 +79,11 @@ To customise it, the [step 1 configuration][step1] asks for the following variab [the RDE template file for CSE 4.2](https://github.com/vmware/terraform-provider-vcd/tree/main/examples/container-service-extension/v4.2/entities/vcdkeconfig.json.template) used in the step 1 configuration, that can be rendered correctly with the Terraform built-in function `templatefile`. (Note: In `terraform.tfvars.example` the path for the CSE 4.2 RDE contents is already provided). -* `capvcd_version`: The version for CAPVCD. The default value is **"1.1.0"** for CSE 4.2. - (Note: Do not confuse with the version of the `capvcdCluster` [RDE Type][rde_type], - which **must be "1.3.0"** for CSE 4.2 and cannot be changed through a variable). -* `cpi_version`: The version for CPI (Cloud Provider Interface). The default value is **"1.5.0"** for CSE 4.2. -* `csi_version`: The version for CSI (Cloud Storage Interface). The default value is **"1.5.0"** for CSE 4.2. -* `rde_projector_version`: The version for the RDE Projector. The default value is **"0.7.0"** for CSE 4.2. +* `capvcd_version`: The version for CAPVCD. Must be **"1.5.0"** for CSE 4.2.0, or **"1.6.0"** for CSE 4.2.1. + (Note: Do not confuse with the version of the `capvcdCluster` [RDE Type][rde_type], which **must be "1.3.0"** for CSE 4.2, and cannot be changed through a variable). +* `cpi_version`: The version for CPI (Cloud Provider Interface). Must be **"1.5.0"** for CSE 4.2.0, or **"1.6.0"** for CSE 4.2.1. +* `csi_version`: The version for CSI (Cloud Storage Interface). Must be **"1.5.0"** for CSE 4.2.0, or **"1.6.0"** for CSE 4.2.1. +* `rde_projector_version`: The version for the RDE Projector. The default value is **"0.7.0"** for CSE 4.2.x. * `github_personal_access_token`: Create this one [here](https://github.com/settings/tokens), this will avoid installation errors caused by GitHub rate limiting, as the TKGm cluster creation process requires downloading some Kubernetes components from GitHub. @@ -338,9 +337,9 @@ The most common issues are: * Cluster creation is failing: * Please visit the [CSE documentation][cse_docs] to learn how to monitor the logs and troubleshoot possible problems. -## Upgrade from CSE 4.1 to 4.2 +## Upgrade from CSE 4.1 to 4.2.0 -In this section you can find the required steps to update from CSE 4.1 to 4.2. +In this section you can find the required steps to update from CSE 4.1 to 4.2.0. ~> This section assumes that the old CSE 4.1 installation was done with Terraform by following the 4.1 guide steps. Also, you need to meet [the pre-requisites criteria](#pre-requisites). @@ -361,6 +360,49 @@ resource "vcd_rde_type" "capvcdcluster_type_v130" { } ``` +## Upgrade from CSE 4.2.0 to 4.2.1 + +In this section you can find the required steps to update from CSE 4.2.0 to 4.2.1. + +Change the `VCDKEConfig` [RDE][rde] to update the `capvcd_version`, `cpi_version` and `csi_version` (follow [the instructions +in the section below](#upgrade-the-vcdkeconfig-rde-cse-server-configuration) to know how to upgrade this configuration): + +```hcl +resource "vcd_rde" "vcdkeconfig_instance" { + # ...omitted + input_entity = templatefile(var.vcdkeconfig_template_filepath, { + # ...omitted + capvcd_version = "1.3.0" # It was 1.3.0 in 4.2.0 + cpi_version = "1.6.0" # It was 1.5.0 in 4.2.0 + csi_version = "1.6.0" # It was 1.5.0 in 4.2.0 + }) +} +``` + +The Kubernetes Clusters Right bundle and Kubernetes Cluster Author role need to have the right to view and manage IP Spaces: + +```hcl +resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { + name = "Kubernetes Clusters Rights Bundle" + # ...omitted + rights = [ + "API Tokens: Manage", + # ...omitted + + ] +} + +resource "vcd_global_role" "k8s_cluster_author" { + name = "Kubernetes Cluster Author" + # ...omitted + rights = [ + "API Tokens: Manage", + # ...omitted + + ] +} +``` + ### Upgrade the VCDKEConfig RDE (CSE Server configuration) With the new [RDE Types][rde_type] in place, you need to perform an upgrade of the existing `VCDKEConfig` [RDE][rde], which From 80ca8687cff48d7a88cf1b2739a30313dcfda32b Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 10:00:24 +0100 Subject: [PATCH 02/28] nit Signed-off-by: abarreiro --- .../container_service_extension_4_x_install.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index eedb76a72..334610246 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -80,10 +80,10 @@ To customise it, the [step 1 configuration][step1] asks for the following variab used in the step 1 configuration, that can be rendered correctly with the Terraform built-in function `templatefile`. (Note: In `terraform.tfvars.example` the path for the CSE 4.2 RDE contents is already provided). * `capvcd_version`: The version for CAPVCD. Must be **"1.5.0"** for CSE 4.2.0, or **"1.6.0"** for CSE 4.2.1. - (Note: Do not confuse with the version of the `capvcdCluster` [RDE Type][rde_type], which **must be "1.3.0"** for CSE 4.2, and cannot be changed through a variable). + (Note: Do not confuse with the version of the `capvcdCluster` [RDE Type][rde_type], which **must be "1.3.0"** for CSE 4.2.X, and cannot be changed through a variable). * `cpi_version`: The version for CPI (Cloud Provider Interface). Must be **"1.5.0"** for CSE 4.2.0, or **"1.6.0"** for CSE 4.2.1. * `csi_version`: The version for CSI (Cloud Storage Interface). Must be **"1.5.0"** for CSE 4.2.0, or **"1.6.0"** for CSE 4.2.1. -* `rde_projector_version`: The version for the RDE Projector. The default value is **"0.7.0"** for CSE 4.2.x. +* `rde_projector_version`: The version for the RDE Projector. The default value is **"0.7.0"** for CSE 4.2.X. * `github_personal_access_token`: Create this one [here](https://github.com/settings/tokens), this will avoid installation errors caused by GitHub rate limiting, as the TKGm cluster creation process requires downloading some Kubernetes components from GitHub. From 9f9591f3b0729132232cee6cffcb53c1df9ae7d9 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 10:10:02 +0100 Subject: [PATCH 03/28] Add rights Signed-off-by: abarreiro --- .../step1/3.11-cse-install-2-cse-server-prerequisites.tf | 6 ++++++ .../container_service_extension_4_x_install.html.markdown | 8 ++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf index 1d79a488a..30c9ce305 100644 --- a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf +++ b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf @@ -140,6 +140,9 @@ resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { "Organization vDC Named Disk: Edit Properties", "Organization vDC Named Disk: View Properties", "Organization vDC Shared Named Disk: Create", + "IP Spaces: Allocate", + "Private IP Spaces: View", + "Private IP Spaces: Manage", "vApp: Allow All Extra Config", "${vcd_rde_type.vcdkeconfig_type.vendor}:${vcd_rde_type.vcdkeconfig_type.nss}: View", "${vcd_rde_type.capvcdcluster_type.vendor}:${vcd_rde_type.capvcdcluster_type.nss}: Administrator Full access", @@ -186,6 +189,9 @@ resource "vcd_global_role" "k8s_cluster_author" { "Organization vDC Shared Named Disk: Create", "Organization vDC: VM-VM Affinity Edit", "Organization: View", + "IP Spaces: Allocate", + "Private IP Spaces: View", + "Private IP Spaces: Manage", "UI Plugins: View", "VAPP_VM_METADATA_TO_VCENTER", "vApp Template / Media: Copy", diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index 334610246..a4ca20c2d 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -388,7 +388,9 @@ resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { rights = [ "API Tokens: Manage", # ...omitted - + "IP Spaces: Allocate", + "Private IP Spaces: View", + "Private IP Spaces: Manage", ] } @@ -398,7 +400,9 @@ resource "vcd_global_role" "k8s_cluster_author" { rights = [ "API Tokens: Manage", # ...omitted - + "IP Spaces: Allocate", + "Private IP Spaces: View", + "Private IP Spaces: Manage", ] } ``` From cc3d432d0f16f6c45f5c4e1d56cec6650662e103 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 10:18:07 +0100 Subject: [PATCH 04/28] nit Signed-off-by: abarreiro --- .../step1/3.11-cse-install-1-provider-config.tf | 5 +++++ ....11-cse-install-2-cse-server-prerequisites.tf | 16 ++++++---------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-1-provider-config.tf b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-1-provider-config.tf index a76207bc3..e2ac1d580 100644 --- a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-1-provider-config.tf +++ b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-1-provider-config.tf @@ -44,3 +44,8 @@ data "vcd_version" "gte_1051" { condition = ">= 10.5.1" fail_if_not_match = false } + +# There are some differences between CSE 4.2.0 and 4.2.1, like in the Kubernetes Cluster Rights Bundle and the Kubernetes Cluster Author rights. +locals { + is_cse_420 = var.capvcd_version == "1.2.0" && var.cpi_version == "1.5.0" && var.csi_version == "1.5.0" +} \ No newline at end of file diff --git a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf index 30c9ce305..2ae29486f 100644 --- a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf +++ b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf @@ -124,7 +124,7 @@ resource "vcd_org_user" "cse_admin" { resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { name = "Kubernetes Clusters Rights Bundle" description = "Rights bundle with required rights for managing Kubernetes clusters" - rights = [ + rights = concat([ "API Tokens: Manage", "Access All Organization VDCs", "Catalog: View Published Catalogs", @@ -140,9 +140,6 @@ resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { "Organization vDC Named Disk: Edit Properties", "Organization vDC Named Disk: View Properties", "Organization vDC Shared Named Disk: Create", - "IP Spaces: Allocate", - "Private IP Spaces: View", - "Private IP Spaces: Manage", "vApp: Allow All Extra Config", "${vcd_rde_type.vcdkeconfig_type.vendor}:${vcd_rde_type.vcdkeconfig_type.nss}: View", "${vcd_rde_type.capvcdcluster_type.vendor}:${vcd_rde_type.capvcdcluster_type.nss}: Administrator Full access", @@ -155,7 +152,8 @@ resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { "vmware:tkgcluster: View", "vmware:tkgcluster: Administrator View", "vmware:tkgcluster: Administrator Full access", - ] + # CSE 4.2.1 requires a few extra rights for IP Spaces + ], local.is_cse_420 ? [] : ["IP Spaces: Allocate", "Private IP Spaces: View", "Private IP Spaces: Manage"]) publish_to_all_tenants = true # This needs to be published to all the Organizations } @@ -166,7 +164,7 @@ resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { resource "vcd_global_role" "k8s_cluster_author" { name = "Kubernetes Cluster Author" description = "Role to create Kubernetes clusters" - rights = [ + rights = concat([ "API Tokens: Manage", "Access All Organization VDCs", "Catalog: Add vApp from My Cloud", @@ -189,9 +187,6 @@ resource "vcd_global_role" "k8s_cluster_author" { "Organization vDC Shared Named Disk: Create", "Organization vDC: VM-VM Affinity Edit", "Organization: View", - "IP Spaces: Allocate", - "Private IP Spaces: View", - "Private IP Spaces: Manage", "UI Plugins: View", "VAPP_VM_METADATA_TO_VCENTER", "vApp Template / Media: Copy", @@ -229,7 +224,8 @@ resource "vcd_global_role" "k8s_cluster_author" { "vmware:tkgcluster: Full Access", "vmware:tkgcluster: Modify", "vmware:tkgcluster: View", - ] + # CSE 4.2.1 requires a few extra rights for IP Spaces + ], local.is_cse_420 ? [] : ["IP Spaces: Allocate", "Private IP Spaces: View", "Private IP Spaces: Manage"]) publish_to_all_tenants = true # This needs to be published to all the Organizations From 51a669a3018ce7bcf1494799a944d60dfd6a53d2 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 11:53:46 +0100 Subject: [PATCH 05/28] Add rights Signed-off-by: abarreiro --- .../step1/3.11-cse-install-2-cse-server-prerequisites.tf | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf index 2ae29486f..ef1c11455 100644 --- a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf +++ b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-2-cse-server-prerequisites.tf @@ -94,7 +94,7 @@ resource "vcd_role" "cse_admin_role" { org = var.administrator_org name = "CSE Admin Role" description = "Used for administrative purposes" - rights = concat([ + rights = concat(concat([ "API Tokens: Manage", "${vcd_rde_type.vcdkeconfig_type.vendor}:${vcd_rde_type.vcdkeconfig_type.nss}: Administrator Full access", "${vcd_rde_type.vcdkeconfig_type.vendor}:${vcd_rde_type.vcdkeconfig_type.nss}: Administrator View", @@ -106,7 +106,9 @@ resource "vcd_role" "cse_admin_role" { "${vcd_rde_type.capvcdcluster_type.vendor}:${vcd_rde_type.capvcdcluster_type.nss}: Full Access", "${vcd_rde_type.capvcdcluster_type.vendor}:${vcd_rde_type.capvcdcluster_type.nss}: Modify", "${vcd_rde_type.capvcdcluster_type.vendor}:${vcd_rde_type.capvcdcluster_type.nss}: View" - ], data.vcd_version.gte_1051.matches_condition ? ["Organization: Traversal"] : []) + ], data.vcd_version.gte_1051.matches_condition ? ["Organization: Traversal"] : []), + # CSE 4.2.1 requires a few extra rights for IP Spaces + local.is_cse_420 ? [] : ["IP Spaces: Allocate", "Private IP Spaces: View", "Private IP Spaces: Manage"]) } # This will allow to have a user with a limited set of rights that can access the Provider area of VCD. From a473360148be08bf914111d705c3e01d4248b3a8 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 11:54:41 +0100 Subject: [PATCH 06/28] Add rights Signed-off-by: abarreiro --- ...ainer_service_extension_4_x_install.html.markdown | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index a4ca20c2d..7ea802086 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -382,6 +382,18 @@ resource "vcd_rde" "vcdkeconfig_instance" { The Kubernetes Clusters Right bundle and Kubernetes Cluster Author role need to have the right to view and manage IP Spaces: ```hcl +resource "vcd_role" "cse_admin_role" { + name = "CSE Admin Role" + # ...omitted + rights = [ + "API Tokens: Manage", + # ...omitted + "IP Spaces: Allocate", + "Private IP Spaces: View", + "Private IP Spaces: Manage", + ] +} + resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { name = "Kubernetes Clusters Rights Bundle" # ...omitted From 198eb5bf256f2dca35f8e8ec5f2319c0820d512a Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 11:54:52 +0100 Subject: [PATCH 07/28] Add rights Signed-off-by: abarreiro --- .../container_service_extension_4_x_install.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index 7ea802086..63b10d3b3 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -395,7 +395,7 @@ resource "vcd_role" "cse_admin_role" { } resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { - name = "Kubernetes Clusters Rights Bundle" + name = "Kubernetes Clusters Rights Bundle" # ...omitted rights = [ "API Tokens: Manage", From 4c31be63c1e5fc9242a5b04b4f385b2708f0242b Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 12:23:56 +0100 Subject: [PATCH 08/28] Fix certificates Signed-off-by: abarreiro --- .../install/step1/3.11-cse-install-3-cse-server-settings.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-3-cse-server-settings.tf b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-3-cse-server-settings.tf index 11ddb0e56..d0c2d6063 100644 --- a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-3-cse-server-settings.tf +++ b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-3-cse-server-settings.tf @@ -40,7 +40,7 @@ resource "vcd_rde" "vcdkeconfig_instance" { node_unknown_timeout = var.node_unknown_timeout max_unhealthy_node_percentage = var.max_unhealthy_node_percentage container_registry_url = var.container_registry_url - k8s_cluster_certificates = join(",", var.k8s_cluster_certificates) - bootstrap_vm_certificates = join(",", var.bootstrap_vm_certificates) + k8s_cluster_certificates = jsonencode(join(",", var.k8s_cluster_certificates)) + bootstrap_vm_certificates = jsonencode(join(",", var.bootstrap_vm_certificates)) }) } From 46dab2df933fca9bb446cabae4cc674f9d79a446 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 12:33:58 +0100 Subject: [PATCH 09/28] Improve test Signed-off-by: abarreiro --- ...resource_vcd_cse_kubernetes_cluster_test.go | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/vcd/resource_vcd_cse_kubernetes_cluster_test.go b/vcd/resource_vcd_cse_kubernetes_cluster_test.go index 8725ed9a4..a7c43f4b7 100644 --- a/vcd/resource_vcd_cse_kubernetes_cluster_test.go +++ b/vcd/resource_vcd_cse_kubernetes_cluster_test.go @@ -122,6 +122,7 @@ func TestAccVcdCseKubernetesCluster(t *testing.T) { t.Skip(acceptanceTestsSkipped) return } + vcdClient := createSystemTemporaryVCDConnection() cacheId := testCachedFieldValue{} clusterName := "vcd_cse_kubernetes_cluster.my_cluster" dataWithName := "data.vcd_cse_kubernetes_cluster.with_name_ds" @@ -129,15 +130,18 @@ func TestAccVcdCseKubernetesCluster(t *testing.T) { resource.Test(t, resource.TestCase{ ProviderFactories: testAccProviders, CheckDestroy: func(state *terraform.State) error { - if cacheId.fieldValue == "" { - return fmt.Errorf("cached ID '%s' is empty", cacheId.fieldValue) + org, err := vcdClient.GetOrgByName(testConfig.Cse.TenantOrg) + if err != nil { + return fmt.Errorf("could not check cluster deletion: %s", err) + } + clusters, err := org.CseGetKubernetesClustersByName(*cseVersion, strings.ToLower(t.Name())) + if err != nil && !govcd.ContainsNotFound(err) { + return fmt.Errorf("could not check cluster deletion: %s", err) } - conn := testAccProvider.Meta().(*VCDClient) - _, err := conn.GetRdeById(cacheId.fieldValue) - if err == nil { - return fmt.Errorf("cluster with ID '%s' still exists", cacheId.fieldValue) + if len(clusters) == 0 || govcd.ContainsNotFound(err) { + return nil } - return nil + return fmt.Errorf("there are still %d clusters with name '%s': %s", len(clusters), clusterName, err) }, Steps: []resource.TestStep{ // Basic scenario of cluster creation From 8714dd274c85dec34081e9b8fa3c5aa6df13e47c Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 12:40:06 +0100 Subject: [PATCH 10/28] Changelog Signed-off-by: abarreiro --- .changes/v3.12.0/1195-features.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.changes/v3.12.0/1195-features.md b/.changes/v3.12.0/1195-features.md index 6bc7f6ab4..98bdd8035 100644 --- a/.changes/v3.12.0/1195-features.md +++ b/.changes/v3.12.0/1195-features.md @@ -1,5 +1,5 @@ * **New Resource:** `vcd_cse_kubernetes_cluster` to create and manage Kubernetes clusters in a VCD with Container Service Extension - 4.2.1, 4.2.0, 4.1.1 or 4.1.0 installed and running [GH-1195, GH-1218] + 4.2.1, 4.2.0, 4.1.1 or 4.1.0 installed and running [GH-1195, GH-1218, GH-1222] * **New Data Source:** `vcd_cse_kubernetes_cluster` to read Kubernetes clusters from a VCD with Container Service Extension - 4.2.1, 4.2.0, 4.1.1 or 4.1.0 installed and running [GH-1195, GH-1218] + 4.2.1, 4.2.0, 4.1.1 or 4.1.0 installed and running [GH-1195, GH-1218, GH-1222] * **New Data Source:** `vcd_version` to get the VCD version and perform additional checks with version constraints [GH-1195, GH-1218] \ No newline at end of file From a195a45e11289a024083ec71d319d37fae51fdeb Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 12:44:01 +0100 Subject: [PATCH 11/28] self-review Signed-off-by: abarreiro --- .../v4.2/install/step1/3.11-cse-install-1-provider-config.tf | 2 +- .../container_service_extension_4_x_install.html.markdown | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-1-provider-config.tf b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-1-provider-config.tf index e2ac1d580..dd22e0910 100644 --- a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-1-provider-config.tf +++ b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-1-provider-config.tf @@ -48,4 +48,4 @@ data "vcd_version" "gte_1051" { # There are some differences between CSE 4.2.0 and 4.2.1, like in the Kubernetes Cluster Rights Bundle and the Kubernetes Cluster Author rights. locals { is_cse_420 = var.capvcd_version == "1.2.0" && var.cpi_version == "1.5.0" && var.csi_version == "1.5.0" -} \ No newline at end of file +} diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index 63b10d3b3..ab1a1ed10 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -372,7 +372,7 @@ resource "vcd_rde" "vcdkeconfig_instance" { # ...omitted input_entity = templatefile(var.vcdkeconfig_template_filepath, { # ...omitted - capvcd_version = "1.3.0" # It was 1.3.0 in 4.2.0 + capvcd_version = "1.3.0" # It was 1.2.0 in 4.2.0 cpi_version = "1.6.0" # It was 1.5.0 in 4.2.0 csi_version = "1.6.0" # It was 1.5.0 in 4.2.0 }) From 78b1d3fd72295c7ce7a1978a880b3c4f48f72982 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 12:49:33 +0100 Subject: [PATCH 12/28] self-review Signed-off-by: abarreiro --- .../container_service_extension_4_x_install.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index ab1a1ed10..9f6d30c22 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -79,7 +79,7 @@ To customise it, the [step 1 configuration][step1] asks for the following variab [the RDE template file for CSE 4.2](https://github.com/vmware/terraform-provider-vcd/tree/main/examples/container-service-extension/v4.2/entities/vcdkeconfig.json.template) used in the step 1 configuration, that can be rendered correctly with the Terraform built-in function `templatefile`. (Note: In `terraform.tfvars.example` the path for the CSE 4.2 RDE contents is already provided). -* `capvcd_version`: The version for CAPVCD. Must be **"1.5.0"** for CSE 4.2.0, or **"1.6.0"** for CSE 4.2.1. +* `capvcd_version`: The version for CAPVCD. Must be **"1.2.0"** for CSE 4.2.0, or **"1.3.0"** for CSE 4.2.1. (Note: Do not confuse with the version of the `capvcdCluster` [RDE Type][rde_type], which **must be "1.3.0"** for CSE 4.2.X, and cannot be changed through a variable). * `cpi_version`: The version for CPI (Cloud Provider Interface). Must be **"1.5.0"** for CSE 4.2.0, or **"1.6.0"** for CSE 4.2.1. * `csi_version`: The version for CSI (Cloud Storage Interface). Must be **"1.5.0"** for CSE 4.2.0, or **"1.6.0"** for CSE 4.2.1. From 5f23a25c2f9e7cc47cf7666d5aeb93a4ae183743 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 21:36:28 +0100 Subject: [PATCH 13/28] Revert fix Signed-off-by: abarreiro --- .../install/step1/3.11-cse-install-3-cse-server-settings.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-3-cse-server-settings.tf b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-3-cse-server-settings.tf index d0c2d6063..11ddb0e56 100644 --- a/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-3-cse-server-settings.tf +++ b/examples/container-service-extension/v4.2/install/step1/3.11-cse-install-3-cse-server-settings.tf @@ -40,7 +40,7 @@ resource "vcd_rde" "vcdkeconfig_instance" { node_unknown_timeout = var.node_unknown_timeout max_unhealthy_node_percentage = var.max_unhealthy_node_percentage container_registry_url = var.container_registry_url - k8s_cluster_certificates = jsonencode(join(",", var.k8s_cluster_certificates)) - bootstrap_vm_certificates = jsonencode(join(",", var.bootstrap_vm_certificates)) + k8s_cluster_certificates = join(",", var.k8s_cluster_certificates) + bootstrap_vm_certificates = join(",", var.bootstrap_vm_certificates) }) } From d041264efb6b22f2e280b46b5e5d50cf2b01e4a4 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 21:57:29 +0100 Subject: [PATCH 14/28] # Signed-off-by: abarreiro --- ...ervice_extension_4_x_install.html.markdown | 28 +++++++++++-------- 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index 9f6d30c22..1060ceec9 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -103,6 +103,10 @@ To customise it, the [step 1 configuration][step1] asks for the following variab For example, when pulling images from a container registry. Optional in the step 1 configuration. * `k8s_cluster_certificates`: Certificate(s) to allow clusters to authenticate with. For example, when pulling images from a container registry. Optional in the step 1 configuration. + Sample values for the certificates in the configuration: + ```hcl + k8s_cluster_certificates = ["\"-----BEGIN CERTIFICATE-----\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nwx9hlaXT2MoiuKcZvEVaQcNdpH2L/uGMa4F3oebnN2CBi2WRsIhOliofk2rPbn6f\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nUWsC8Umor8Zwou6wg3eg6GjyRY4LxKzpuJR0SkWxAlO5EryGtGFqtjSgWqkXTjM0\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\n6CvtoftKcCTQtACVrj7Ntr8lKSkN6kLhBYBPqOW+fkUOhrCh+S+pd8PzGz4=\n-----END CERTIFICATE-----\""] + ``` #### Rights, Roles and VM Sizing Policies @@ -386,11 +390,11 @@ resource "vcd_role" "cse_admin_role" { name = "CSE Admin Role" # ...omitted rights = [ - "API Tokens: Manage", +API Tokens: Manage", # ...omitted - "IP Spaces: Allocate", - "Private IP Spaces: View", - "Private IP Spaces: Manage", +IP Spaces: Allocate", +Private IP Spaces: View", +Private IP Spaces: Manage", ] } @@ -398,11 +402,11 @@ resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { name = "Kubernetes Clusters Rights Bundle" # ...omitted rights = [ - "API Tokens: Manage", +API Tokens: Manage", # ...omitted - "IP Spaces: Allocate", - "Private IP Spaces: View", - "Private IP Spaces: Manage", +IP Spaces: Allocate", +Private IP Spaces: View", +Private IP Spaces: Manage", ] } @@ -410,11 +414,11 @@ resource "vcd_global_role" "k8s_cluster_author" { name = "Kubernetes Cluster Author" # ...omitted rights = [ - "API Tokens: Manage", +API Tokens: Manage", # ...omitted - "IP Spaces: Allocate", - "Private IP Spaces: View", - "Private IP Spaces: Manage", +IP Spaces: Allocate", +Private IP Spaces: View", +Private IP Spaces: Manage", ] } ``` From 78d06d980fa3c5aaa7e415f98dac0b111fd62bfc Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 22:23:44 +0100 Subject: [PATCH 15/28] Certificates explanation Signed-off-by: abarreiro --- .../container_service_extension_4_x_install.html.markdown | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index 1060ceec9..ca49d4f0a 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -105,7 +105,11 @@ To customise it, the [step 1 configuration][step1] asks for the following variab For example, when pulling images from a container registry. Optional in the step 1 configuration. Sample values for the certificates in the configuration: ```hcl - k8s_cluster_certificates = ["\"-----BEGIN CERTIFICATE-----\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nwx9hlaXT2MoiuKcZvEVaQcNdpH2L/uGMa4F3oebnN2CBi2WRsIhOliofk2rPbn6f\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nUWsC8Umor8Zwou6wg3eg6GjyRY4LxKzpuJR0SkWxAlO5EryGtGFqtjSgWqkXTjM0\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\n6CvtoftKcCTQtACVrj7Ntr8lKSkN6kLhBYBPqOW+fkUOhrCh+S+pd8PzGz4=\n-----END CERTIFICATE-----\""] + k8s_cluster_certificates = [ + "\"-----BEGIN CERTIFICATE-----\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nwx9hlaXT2MoiuKcZvEVaQcNdpH2L/uGMa4F3oebnN2CBi2WRsIhOliofk2rPbn6f\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nUWsC8Umor8Zwou6wg3eg6GjyRY4LxKzpuJR0SkWxAlO5EryGtGFqtjSgWqkXTjM0\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\n6CvtoftKcCTQtACVrj7Ntr8lKSkN6kLhBYBPqOW+fkUOhrCh+S+pd8PzGz4=\\n-----END CERTIFICATE-----\"", + "\"-----BEGIN CERTIFICATE-----\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nwx9hlaXT2MoiuKcZvEVaQcNdpH2L/uGMa4F3oebnN2CBi2WRsIhOliofk2rPbn6f\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nUWsC8Umor8Zwou6wg3eg6GjyRY4LxKzpuJR0SkWxAlO5EryGtGFqtjSgWqkXTjM0\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\n6CvtoftKcCTQtACVrj7Ntr8lKSkN6kLhBYBPqOW+fkUOhrCh+S+pd8PzGz4=\\n-----END CERTIFICATE-----\"", + # ... more certificates + ] ``` #### Rights, Roles and VM Sizing Policies From 185c488cb346795a60860b4eba73cf3b073b4e84 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 22:26:20 +0100 Subject: [PATCH 16/28] Certificates explanation Signed-off-by: abarreiro --- .../container_service_extension_4_x_install.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index ca49d4f0a..9a4e08577 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -106,8 +106,8 @@ To customise it, the [step 1 configuration][step1] asks for the following variab Sample values for the certificates in the configuration: ```hcl k8s_cluster_certificates = [ - "\"-----BEGIN CERTIFICATE-----\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nwx9hlaXT2MoiuKcZvEVaQcNdpH2L/uGMa4F3oebnN2CBi2WRsIhOliofk2rPbn6f\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nUWsC8Umor8Zwou6wg3eg6GjyRY4LxKzpuJR0SkWxAlO5EryGtGFqtjSgWqkXTjM0\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\n6CvtoftKcCTQtACVrj7Ntr8lKSkN6kLhBYBPqOW+fkUOhrCh+S+pd8PzGz4=\\n-----END CERTIFICATE-----\"", - "\"-----BEGIN CERTIFICATE-----\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nwx9hlaXT2MoiuKcZvEVaQcNdpH2L/uGMa4F3oebnN2CBi2WRsIhOliofk2rPbn6f\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nUWsC8Umor8Zwou6wg3eg6GjyRY4LxKzpuJR0SkWxAlO5EryGtGFqtjSgWqkXTjM0\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\n6CvtoftKcCTQtACVrj7Ntr8lKSkN6kLhBYBPqOW+fkUOhrCh+S+pd8PzGz4=\\n-----END CERTIFICATE-----\"", + "\"-----BEGIN CERTIFICATE-----\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\n...\\n-----END CERTIFICATE-----\"", + "\"-----BEGIN CERTIFICATE-----\\n...\\n-----END CERTIFICATE-----\"", # ... more certificates ] ``` From cff7e4bad97029811252dc841f2b0a610656e476 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 22:34:36 +0100 Subject: [PATCH 17/28] Certificates explanation Signed-off-by: abarreiro --- ...ervice_extension_4_x_install.html.markdown | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index 9a4e08577..2e1a75eb4 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -394,11 +394,11 @@ resource "vcd_role" "cse_admin_role" { name = "CSE Admin Role" # ...omitted rights = [ -API Tokens: Manage", + "API Tokens: Manage", # ...omitted -IP Spaces: Allocate", -Private IP Spaces: View", -Private IP Spaces: Manage", + "IP Spaces: Allocate", + "Private IP Spaces: View", + "Private IP Spaces: Manage", ] } @@ -406,11 +406,11 @@ resource "vcd_rights_bundle" "k8s_clusters_rights_bundle" { name = "Kubernetes Clusters Rights Bundle" # ...omitted rights = [ -API Tokens: Manage", + "API Tokens: Manage", # ...omitted -IP Spaces: Allocate", -Private IP Spaces: View", -Private IP Spaces: Manage", + "IP Spaces: Allocate", + "Private IP Spaces: View", + "Private IP Spaces: Manage", ] } @@ -418,11 +418,11 @@ resource "vcd_global_role" "k8s_cluster_author" { name = "Kubernetes Cluster Author" # ...omitted rights = [ -API Tokens: Manage", + "API Tokens: Manage", # ...omitted -IP Spaces: Allocate", -Private IP Spaces: View", -Private IP Spaces: Manage", + "IP Spaces: Allocate", + "Private IP Spaces: View", + "Private IP Spaces: Manage", ] } ``` From e8e729a8f4f102b25af7f53dd738940eccaeb62d Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 22:35:40 +0100 Subject: [PATCH 18/28] Certificates explanation Signed-off-by: abarreiro --- .../container_service_extension_4_x_install.html.markdown | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index 2e1a75eb4..21d909c96 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -100,10 +100,10 @@ To customise it, the [step 1 configuration][step1] asks for the following variab (100% means that unhealthy nodes will always be remediated, while 0% means that unhealthy nodes will never be remediated). Defaults to 100 in the step 1 configuration. * `container_registry_url`: URL from where TKG clusters will fetch container images, useful for VCD appliances that are completely isolated from Internet. Defaults to "projects.registry.vmware.com" in the step 1 configuration. * `bootstrap_vm_certificates`: Certificate(s) to allow the ephemeral VM (created during cluster creation) to authenticate with. - For example, when pulling images from a container registry. Optional in the step 1 configuration. + For instance, when pulling images from a container registry. Optional in the step 1 configuration. * `k8s_cluster_certificates`: Certificate(s) to allow clusters to authenticate with. - For example, when pulling images from a container registry. Optional in the step 1 configuration. - Sample values for the certificates in the configuration: + For instance, when pulling images from a container registry. Optional in the step 1 configuration. + Here is an example value for the certificates in the configuration: ```hcl k8s_cluster_certificates = [ "\"-----BEGIN CERTIFICATE-----\\nABCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPQR\\nzYCDEDCCFkgAAhiJkgLUm+1234567aBcdEfghiJKLMNAVZyABCDEFoZIhvcNAPUs\\n...\\n-----END CERTIFICATE-----\"", From a0511b367692a96ab82303d2d3552695352d411b Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 22:42:57 +0100 Subject: [PATCH 19/28] Improve docs Signed-off-by: abarreiro --- ...ervice_extension_4_x_install.html.markdown | 103 +++++++++--------- 1 file changed, 54 insertions(+), 49 deletions(-) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index 21d909c96..16ca21c4b 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -368,12 +368,62 @@ resource "vcd_rde_type" "capvcdcluster_type_v130" { } ``` +### Upgrade the VCDKEConfig RDE (CSE Server configuration) + +With the new [RDE Types][rde_type] in place, you need to perform an upgrade of the existing `VCDKEConfig` [RDE][rde], which +stores the CSE Server configuration. By using the v3.12.0 of the VCD Terraform Provider, you can do this update without forcing +a replacement: + +```hcl +resource "vcd_rde" "vcdkeconfig_instance" { + # Same values as before, except: + input_entity = templatefile(var.vcdkeconfig_template_filepath, { + # Same values as before, except: + capvcd_version = "1.2.0" + cpi_version = "1.5.0" + csi_version = "1.5.0" + rde_projector_version = "0.7.0" + }) +} +``` + +You can find the meaning of these values in the section ["RDE (CSE Server configuration / VCDKEConfig)"](#rde-cse-server-configuration--vcdkeconfig). + +### Upload the new CSE 4.2.0 OVA + +You need to upload the new CSE 4.2.0 OVA to the `cse_catalog` that already hosts the CSE 4.1 one. +To download the required OVAs, please refer to the [CSE documentation][cse_docs]. + +```hcl +resource "vcd_catalog_vapp_template" "cse_ova_4_2_0" { + org = vcd_org.solutions_organization.name # References the Solutions Organization that already exists from 4.1 + catalog_id = vcd_catalog.cse_catalog.id # References the CSE Catalog that already exists from 4.1 + + name = "VMware_Cloud_Director_Container_Service_Extension-4.2.0" + description = "VMware_Cloud_Director_Container_Service_Extension-4.2.0" + ova_path = "VMware_Cloud_Director_Container_Service_Extension-4.2.0.ova" +} +``` + +### Update CSE Server + +To update the CSE Server, just change the referenced OVA: + +```hcl +resource "vcd_vapp_vm" "cse_server_vm" { + # All values remain the same, except: + vapp_template_id = vcd_catalog_vapp_template.cse_ova_4_2_0.id # Reference the 4.2.0 OVA +} +``` + +This will re-deploy the VM with the new CSE 4.2.0 Server. + ## Upgrade from CSE 4.2.0 to 4.2.1 In this section you can find the required steps to update from CSE 4.2.0 to 4.2.1. Change the `VCDKEConfig` [RDE][rde] to update the `capvcd_version`, `cpi_version` and `csi_version` (follow [the instructions -in the section below](#upgrade-the-vcdkeconfig-rde-cse-server-configuration) to know how to upgrade this configuration): +in the section below](#update-cse-server-configuration) to know how to upgrade this configuration): ```hcl resource "vcd_rde" "vcdkeconfig_instance" { @@ -387,7 +437,7 @@ resource "vcd_rde" "vcdkeconfig_instance" { } ``` -The Kubernetes Clusters Right bundle and Kubernetes Cluster Author role need to have the right to view and manage IP Spaces: +The **Kubernetes Clusters Rights Bundle** and **Kubernetes Cluster Author Role** need to have the Right to view and manage IP Spaces: ```hcl resource "vcd_role" "cse_admin_role" { @@ -427,53 +477,8 @@ resource "vcd_global_role" "k8s_cluster_author" { } ``` -### Upgrade the VCDKEConfig RDE (CSE Server configuration) - -With the new [RDE Types][rde_type] in place, you need to perform an upgrade of the existing `VCDKEConfig` [RDE][rde], which -stores the CSE Server configuration. By using the v3.12.0 of the VCD Terraform Provider, you can do this update without forcing -a replacement: - -```hcl -resource "vcd_rde" "vcdkeconfig_instance" { - # Same values as before, except: - input_entity = templatefile(var.vcdkeconfig_template_filepath, { - # Same values as before, except: - rde_projector_version = "0.7.0" - }) -} -``` - -You can find the meaning of these values in the section ["RDE (CSE Server configuration / VCDKEConfig)"](#rde-cse-server-configuration--vcdkeconfig). -Please notice that you need to upgrade the CAPVCD, CPI and CSI versions. The new values are stated in the same section. - -### Upload the new CSE 4.2 OVA - -You need to upload the new CSE 4.2 OVA to the `cse_catalog` that already hosts the CSE 4.1 one. -To download the required OVAs, please refer to the [CSE documentation][cse_docs]. - -```hcl -resource "vcd_catalog_vapp_template" "cse_ova_4_2" { - org = vcd_org.solutions_organization.name # References the Solutions Organization that already exists from 4.1 - catalog_id = vcd_catalog.cse_catalog.id # References the CSE Catalog that already exists from 4.1 - - name = "VMware_Cloud_Director_Container_Service_Extension-4.2.0" - description = "VMware_Cloud_Director_Container_Service_Extension-4.2.0" - ova_path = "VMware_Cloud_Director_Container_Service_Extension-4.2.0.ova" -} -``` - -### Update CSE Server - -To update the CSE Server, just change the referenced OVA: - -```hcl -resource "vcd_vapp_vm" "cse_server_vm" { - # All values remain the same, except: - vapp_template_id = vcd_catalog_vapp_template.cse_ova_4_2.id # Reference the 4.2 OVA -} -``` - -This will re-deploy the VM with the new CSE 4.2 Server. +After applying the changes with `terraform apply`, you also need to update the CSE Server OVA to 4.2.1 and restart, +like it was done [in the previous section](#update-cse-server). ## Update CSE Server Configuration From b14321ef816f9e70b464f85081a49213d6c0dfff Mon Sep 17 00:00:00 2001 From: abarreiro Date: Wed, 13 Mar 2024 23:49:36 +0100 Subject: [PATCH 20/28] Bump sdk Signed-off-by: abarreiro --- go.mod | 2 ++ go.sum | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index 4296e215d..10cfac528 100644 --- a/go.mod +++ b/go.mod @@ -66,3 +66,5 @@ require ( google.golang.org/grpc v1.60.0 // indirect google.golang.org/protobuf v1.31.0 // indirect ) + +replace github.com/vmware/go-vcloud-director/v2 => github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240313224658-4ed6bc63a953 diff --git a/go.sum b/go.sum index 0d1e0e9cb..5da62e01d 100644 --- a/go.sum +++ b/go.sum @@ -4,6 +4,8 @@ github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migc github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 h1:kkhsdkhsCvIsutKu5zLMgWtgh9YxGCNAw8Ad8hjwfYg= github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= +github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240313224658-4ed6bc63a953 h1:Fy23HWoTR614kqrjo/1914kLt7mw78XfrPD3LoVITCE= +github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240313224658-4ed6bc63a953/go.mod h1:NyNcb2ymhrzwv4GyYXyYOm1NbqRwGNxDWn90AtWniXc= github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE= github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= @@ -142,8 +144,6 @@ github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IU github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= -github.com/vmware/go-vcloud-director/v2 v2.23.0-alpha.5 h1:HL3T2EGsR8zaTbBbAPIzqQON7x9GQ+USKuz88I1N3cY= -github.com/vmware/go-vcloud-director/v2 v2.23.0-alpha.5/go.mod h1:NyNcb2ymhrzwv4GyYXyYOm1NbqRwGNxDWn90AtWniXc= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= From e5f63e52f44311cfc91988e2a3ec4f3045b8083a Mon Sep 17 00:00:00 2001 From: abarreiro Date: Thu, 14 Mar 2024 00:40:25 +0100 Subject: [PATCH 21/28] fix fmt Signed-off-by: abarreiro --- .../container_service_extension_4_x_install.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/guides/container_service_extension_4_x_install.html.markdown b/website/docs/guides/container_service_extension_4_x_install.html.markdown index 16ca21c4b..1098eeb44 100644 --- a/website/docs/guides/container_service_extension_4_x_install.html.markdown +++ b/website/docs/guides/container_service_extension_4_x_install.html.markdown @@ -379,7 +379,7 @@ resource "vcd_rde" "vcdkeconfig_instance" { # Same values as before, except: input_entity = templatefile(var.vcdkeconfig_template_filepath, { # Same values as before, except: - capvcd_version = "1.2.0" + capvcd_version = "1.2.0" cpi_version = "1.5.0" csi_version = "1.5.0" rde_projector_version = "0.7.0" From d8ac2b9b217f9f4b2023defcfbefe0042547adb4 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Thu, 14 Mar 2024 09:19:16 +0100 Subject: [PATCH 22/28] Fix version set Signed-off-by: abarreiro --- vcd/resource_vcd_cse_kubernetes_cluster.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/vcd/resource_vcd_cse_kubernetes_cluster.go b/vcd/resource_vcd_cse_kubernetes_cluster.go index 2c0059b30..28d77d760 100644 --- a/vcd/resource_vcd_cse_kubernetes_cluster.go +++ b/vcd/resource_vcd_cse_kubernetes_cluster.go @@ -664,15 +664,15 @@ func saveClusterDataToState(d *schema.ResourceData, vcdClient *VCDClient, cluste var warnings []error dSet(d, "name", cluster.Name) - dSet(d, "cse_version", cluster.CseVersion.Original()) + dSet(d, "cse_version", cluster.CseVersion.String()) dSet(d, "runtime", "tkg") // Only one supported dSet(d, "vdc_id", cluster.VdcId) dSet(d, "network_id", cluster.NetworkId) - dSet(d, "cpi_version", cluster.CpiVersion.Original()) - dSet(d, "csi_version", cluster.CsiVersion.Original()) - dSet(d, "capvcd_version", cluster.CapvcdVersion.Original()) - dSet(d, "kubernetes_version", cluster.KubernetesVersion.Original()) - dSet(d, "tkg_product_version", cluster.TkgVersion.Original()) + dSet(d, "cpi_version", cluster.CpiVersion.String()) + dSet(d, "csi_version", cluster.CsiVersion.String()) + dSet(d, "capvcd_version", cluster.CapvcdVersion.String()) + dSet(d, "kubernetes_version", cluster.KubernetesVersion.String()) + dSet(d, "tkg_product_version", cluster.TkgVersion.String()) dSet(d, "pods_cidr", cluster.PodCidr) dSet(d, "services_cidr", cluster.ServiceCidr) dSet(d, "kubernetes_template_id", cluster.KubernetesTemplateOvaId) From 50ec3af337d4ff28e1d7271bdb33ef5e68786283 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Thu, 14 Mar 2024 11:36:09 +0100 Subject: [PATCH 23/28] Fix version set Signed-off-by: abarreiro --- vcd/resource_vcd_cse_kubernetes_cluster.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/vcd/resource_vcd_cse_kubernetes_cluster.go b/vcd/resource_vcd_cse_kubernetes_cluster.go index 28d77d760..df982edce 100644 --- a/vcd/resource_vcd_cse_kubernetes_cluster.go +++ b/vcd/resource_vcd_cse_kubernetes_cluster.go @@ -668,11 +668,11 @@ func saveClusterDataToState(d *schema.ResourceData, vcdClient *VCDClient, cluste dSet(d, "runtime", "tkg") // Only one supported dSet(d, "vdc_id", cluster.VdcId) dSet(d, "network_id", cluster.NetworkId) - dSet(d, "cpi_version", cluster.CpiVersion.String()) - dSet(d, "csi_version", cluster.CsiVersion.String()) - dSet(d, "capvcd_version", cluster.CapvcdVersion.String()) - dSet(d, "kubernetes_version", cluster.KubernetesVersion.String()) - dSet(d, "tkg_product_version", cluster.TkgVersion.String()) + dSet(d, "cpi_version", cluster.CpiVersion.Original()) + dSet(d, "csi_version", cluster.CsiVersion.Original()) + dSet(d, "capvcd_version", cluster.CapvcdVersion.Original()) + dSet(d, "kubernetes_version", cluster.KubernetesVersion.Original()) + dSet(d, "tkg_product_version", cluster.TkgVersion.Original()) dSet(d, "pods_cidr", cluster.PodCidr) dSet(d, "services_cidr", cluster.ServiceCidr) dSet(d, "kubernetes_template_id", cluster.KubernetesTemplateOvaId) From da93f8ed35ec0661a3e01b3747e6aa6b87591384 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Thu, 14 Mar 2024 11:41:12 +0100 Subject: [PATCH 24/28] Fix version set Signed-off-by: abarreiro --- vcd/resource_vcd_cse_kubernetes_cluster.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vcd/resource_vcd_cse_kubernetes_cluster.go b/vcd/resource_vcd_cse_kubernetes_cluster.go index df982edce..5a642f664 100644 --- a/vcd/resource_vcd_cse_kubernetes_cluster.go +++ b/vcd/resource_vcd_cse_kubernetes_cluster.go @@ -664,8 +664,8 @@ func saveClusterDataToState(d *schema.ResourceData, vcdClient *VCDClient, cluste var warnings []error dSet(d, "name", cluster.Name) - dSet(d, "cse_version", cluster.CseVersion.String()) - dSet(d, "runtime", "tkg") // Only one supported + dSet(d, "cse_version", cluster.CseVersion.String()) // Don't use .Original() as we need to remove possible suffixes + dSet(d, "runtime", "tkg") // Only one supported dSet(d, "vdc_id", cluster.VdcId) dSet(d, "network_id", cluster.NetworkId) dSet(d, "cpi_version", cluster.CpiVersion.Original()) From af0120e53131910d42dd8547ebbc104102519fec Mon Sep 17 00:00:00 2001 From: abarreiro Date: Thu, 14 Mar 2024 13:12:56 +0100 Subject: [PATCH 25/28] Fix version set Signed-off-by: abarreiro --- vcd/resource_vcd_cse_kubernetes_cluster.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vcd/resource_vcd_cse_kubernetes_cluster.go b/vcd/resource_vcd_cse_kubernetes_cluster.go index 5a642f664..f7f50aafb 100644 --- a/vcd/resource_vcd_cse_kubernetes_cluster.go +++ b/vcd/resource_vcd_cse_kubernetes_cluster.go @@ -664,8 +664,8 @@ func saveClusterDataToState(d *schema.ResourceData, vcdClient *VCDClient, cluste var warnings []error dSet(d, "name", cluster.Name) - dSet(d, "cse_version", cluster.CseVersion.String()) // Don't use .Original() as we need to remove possible suffixes - dSet(d, "runtime", "tkg") // Only one supported + dSet(d, "cse_version", cluster.CseVersion.Core().String()) // Don't use .Original() directly as we need to remove possible suffixes + dSet(d, "runtime", "tkg") // Only one supported dSet(d, "vdc_id", cluster.VdcId) dSet(d, "network_id", cluster.NetworkId) dSet(d, "cpi_version", cluster.CpiVersion.Original()) From 5d9cb697a642f5b41da0daa87a14771ac3d13e78 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Thu, 14 Mar 2024 13:34:18 +0100 Subject: [PATCH 26/28] Revert fix Signed-off-by: abarreiro --- go.mod | 2 +- go.sum | 4 ++-- vcd/resource_vcd_cse_kubernetes_cluster.go | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 10cfac528..d169ee5ea 100644 --- a/go.mod +++ b/go.mod @@ -67,4 +67,4 @@ require ( google.golang.org/protobuf v1.31.0 // indirect ) -replace github.com/vmware/go-vcloud-director/v2 => github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240313224658-4ed6bc63a953 +replace github.com/vmware/go-vcloud-director/v2 => github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314122800-a92dcc645309 diff --git a/go.sum b/go.sum index 5da62e01d..c35768ca2 100644 --- a/go.sum +++ b/go.sum @@ -4,8 +4,8 @@ github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migc github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 h1:kkhsdkhsCvIsutKu5zLMgWtgh9YxGCNAw8Ad8hjwfYg= github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= -github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240313224658-4ed6bc63a953 h1:Fy23HWoTR614kqrjo/1914kLt7mw78XfrPD3LoVITCE= -github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240313224658-4ed6bc63a953/go.mod h1:NyNcb2ymhrzwv4GyYXyYOm1NbqRwGNxDWn90AtWniXc= +github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314122800-a92dcc645309 h1:q4kh/UxrkxKR2Op02DB2F63chkEJ2NfqXgwysFsEox8= +github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314122800-a92dcc645309/go.mod h1:NyNcb2ymhrzwv4GyYXyYOm1NbqRwGNxDWn90AtWniXc= github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE= github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= diff --git a/vcd/resource_vcd_cse_kubernetes_cluster.go b/vcd/resource_vcd_cse_kubernetes_cluster.go index f7f50aafb..2c0059b30 100644 --- a/vcd/resource_vcd_cse_kubernetes_cluster.go +++ b/vcd/resource_vcd_cse_kubernetes_cluster.go @@ -664,8 +664,8 @@ func saveClusterDataToState(d *schema.ResourceData, vcdClient *VCDClient, cluste var warnings []error dSet(d, "name", cluster.Name) - dSet(d, "cse_version", cluster.CseVersion.Core().String()) // Don't use .Original() directly as we need to remove possible suffixes - dSet(d, "runtime", "tkg") // Only one supported + dSet(d, "cse_version", cluster.CseVersion.Original()) + dSet(d, "runtime", "tkg") // Only one supported dSet(d, "vdc_id", cluster.VdcId) dSet(d, "network_id", cluster.NetworkId) dSet(d, "cpi_version", cluster.CpiVersion.Original()) From 86a9237fa7fb0ca67ef561d8ada70daabf31e776 Mon Sep 17 00:00:00 2001 From: abarreiro Date: Thu, 14 Mar 2024 14:16:27 +0100 Subject: [PATCH 27/28] Bump SDK Signed-off-by: abarreiro --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index d169ee5ea..77bfc470b 100644 --- a/go.mod +++ b/go.mod @@ -67,4 +67,4 @@ require ( google.golang.org/protobuf v1.31.0 // indirect ) -replace github.com/vmware/go-vcloud-director/v2 => github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314122800-a92dcc645309 +replace github.com/vmware/go-vcloud-director/v2 => github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314131120-9773dae4db28 diff --git a/go.sum b/go.sum index c35768ca2..e49675994 100644 --- a/go.sum +++ b/go.sum @@ -4,8 +4,8 @@ github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migc github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 h1:kkhsdkhsCvIsutKu5zLMgWtgh9YxGCNAw8Ad8hjwfYg= github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= -github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314122800-a92dcc645309 h1:q4kh/UxrkxKR2Op02DB2F63chkEJ2NfqXgwysFsEox8= -github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314122800-a92dcc645309/go.mod h1:NyNcb2ymhrzwv4GyYXyYOm1NbqRwGNxDWn90AtWniXc= +github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314131120-9773dae4db28 h1:/cTiK8U4Xx9l9kqN6PTh2GK/fng6DxqsYG2T5v0W1ew= +github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314131120-9773dae4db28/go.mod h1:NyNcb2ymhrzwv4GyYXyYOm1NbqRwGNxDWn90AtWniXc= github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE= github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= From 113011701de510a4126e58e0eeb8ce44f19783de Mon Sep 17 00:00:00 2001 From: abarreiro Date: Thu, 14 Mar 2024 16:08:50 +0100 Subject: [PATCH 28/28] Final bump before merge Signed-off-by: abarreiro --- go.mod | 4 +--- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 77bfc470b..7a3edbf0e 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/hashicorp/go-version v1.6.0 github.com/hashicorp/terraform-plugin-sdk/v2 v2.31.0 github.com/kr/pretty v0.2.1 - github.com/vmware/go-vcloud-director/v2 v2.23.0-alpha.5 + github.com/vmware/go-vcloud-director/v2 v2.23.0-alpha.6 ) require ( @@ -66,5 +66,3 @@ require ( google.golang.org/grpc v1.60.0 // indirect google.golang.org/protobuf v1.31.0 // indirect ) - -replace github.com/vmware/go-vcloud-director/v2 => github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314131120-9773dae4db28 diff --git a/go.sum b/go.sum index e49675994..0999a7946 100644 --- a/go.sum +++ b/go.sum @@ -4,8 +4,6 @@ github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migc github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 h1:kkhsdkhsCvIsutKu5zLMgWtgh9YxGCNAw8Ad8hjwfYg= github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= -github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314131120-9773dae4db28 h1:/cTiK8U4Xx9l9kqN6PTh2GK/fng6DxqsYG2T5v0W1ew= -github.com/adambarreiro/go-vcloud-director/v2 v2.17.0-alpha.1.0.20240314131120-9773dae4db28/go.mod h1:NyNcb2ymhrzwv4GyYXyYOm1NbqRwGNxDWn90AtWniXc= github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE= github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= @@ -144,6 +142,8 @@ github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IU github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= +github.com/vmware/go-vcloud-director/v2 v2.23.0-alpha.6 h1:H3wZPjF62Q1W5rdJVWcOCrFQ2PUvulj7lwdTEIwWQaY= +github.com/vmware/go-vcloud-director/v2 v2.23.0-alpha.6/go.mod h1:NyNcb2ymhrzwv4GyYXyYOm1NbqRwGNxDWn90AtWniXc= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=