Add NON_GCP_PRIVATE_IP_PORT as networkEndpointType for NetworkEndpo…

…intGroup (#5684) * Add NON_GCP_PRIVATE_IP_PORT as networkEndpointType for NetworkEndpointGroup * Fix the Network Endpoint Group non-GCP example * Make networkEndpoint instance optional, handle, and add example * Put the hybrid endpoint in the hybrid NEG
GoogleCloudPlatform · Feb 22, 2022 · 3788bd2 · 3788bd2
1 parent 9a9e319
commit 3788bd2
Show file tree

Hide file tree

Showing 6 changed files with 174 additions and 3 deletions.
diff --git a/mmv1/products/compute/api.yaml b/mmv1/products/compute/api.yaml
@@ -8066,7 +8066,6 @@ objects:
           The name for a specific VM instance that the IP address belongs to.
           This is required for network endpoints of type GCE_VM_IP_PORT.
           The instance must be in the same zone of network endpoint group.
-        required: true
       - !ruby/object:Api::Type::Integer
         name: 'port'
         description: |
@@ -8155,9 +8154,16 @@ objects:
       - !ruby/object:Api::Type::Enum
         name: 'networkEndpointType'
         description: |
-          Type of network endpoints in this network endpoint group.
+          Type of network endpoints in this network endpoint group. 
+          NON_GCP_PRIVATE_IP_PORT is used for hybrid connectivity network 
+          endpoint groups (see https://cloud.google.com/load-balancing/docs/hybrid).
+          Note that NON_GCP_PRIVATE_IP_PORT can only be used with Backend Services
+          that 1) have the following load balancing schemes: EXTERNAL, EXTERNAL_MANAGED,
+          INTERNAL_MANAGED, and INTERNAL_SELF_MANAGED and 2) support the RATE or
+          CONNECTION balancing modes.
         values:
           - :GCE_VM_IP_PORT
+          - :NON_GCP_PRIVATE_IP_PORT
         default_value: :GCE_VM_IP_PORT
       - !ruby/object:Api::Type::Integer
         name: 'size'

diff --git a/mmv1/products/compute/terraform.yaml b/mmv1/products/compute/terraform.yaml
@@ -1036,6 +1036,21 @@ overrides: !ruby/object:Overrides::ResourceOverrides
         ignore_read_extra:
           - "port_range"
           - "target"
+      - !ruby/object:Provider::Terraform::Examples
+        name: "global_forwarding_rule_hybrid"
+        primary_resource_id: "default"
+        vars:
+          forwarding_rule_name: "global-rule"
+          http_proxy_name: "target-proxy"
+          network_name: "my-network"
+          default_backend_service_name: "backend-default"
+          hybrid_backend_service_name: "backend-hybrid"
+          default_neg_name: "default-neg"
+          hybrid_neg_name: "hybrid-neg"
+          health_check_name: "health-check"
+        ignore_read_extra:
+          - "port_range"
+          - "target"
       - !ruby/object:Provider::Terraform::Examples
         name: "private_service_connect_google_apis"
         min_version: beta
@@ -1470,6 +1485,7 @@ overrides: !ruby/object:Overrides::ResourceOverrides
         ignore_read: true
     custom_code: !ruby/object:Provider::Terraform::CustomCode
       pre_delete: templates/terraform/pre_delete/compute_network_endpoint.go.erb
+      custom_import: templates/terraform/custom_import/compute_network_endpoint.go.erb
       decoder: templates/terraform/decoders/unwrap_resource.go.erb
       encoder: templates/terraform/encoders/compute_network_endpoint.go.erb
   NetworkEndpointGroup: !ruby/object:Overrides::Terraform::ResourceOverride
@@ -1481,6 +1497,12 @@ overrides: !ruby/object:Overrides::ResourceOverrides
           neg_name: "my-lb-neg"
           network_name: "neg-network"
           subnetwork_name: "neg-subnetwork"
+      - !ruby/object:Provider::Terraform::Examples
+        name: "network_endpoint_group_non_gcp"
+        primary_resource_id: "neg"
+        vars:
+          neg_name: "my-lb-neg"
+          network_name: "neg-network"
     properties:
       id: !ruby/object:Overrides::Terraform::PropertyOverride
         exclude: true

diff --git a/mmv1/templates/terraform/custom_import/compute_network_endpoint.go.erb b/mmv1/templates/terraform/custom_import/compute_network_endpoint.go.erb
@@ -0,0 +1,19 @@
+config := meta.(*Config)
+// instance is optional, so use * instead of + when reading the import id
+if err := parseImportId([]string{
+    "projects/(?P<project>[^/]+)/zones/(?P<zone>[^/]+)/networkEndpointGroups/(?P<network_endpoint_group>[^/]+)/(?P<instance>[^/]*)/(?P<ip_address>[^/]+)/(?P<port>[^/]+)",
+    "(?P<project>[^/]+)/(?P<zone>[^/]+)/(?P<network_endpoint_group>[^/]+)/(?P<instance>[^/]*)/(?P<ip_address>[^/]+)/(?P<port>[^/]+)",
+    "(?P<zone>[^/]+)/(?P<network_endpoint_group>[^/]+)/(?P<instance>[^/]*)/(?P<ip_address>[^/]+)/(?P<port>[^/]+)",
+    "(?P<network_endpoint_group>[^/]+)/(?P<instance>[^/]*)/(?P<ip_address>[^/]+)/(?P<port>[^/]+)",
+}, d, config); err != nil {
+	return nil, err
+}
+
+// Replace import id for the resource id
+id, err := replaceVars(d, config, "{{project}}/{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}")
+if err != nil {
+  return nil, fmt.Errorf("Error constructing id: %s", err)
+}
+d.SetId(id)
+
+return []*schema.ResourceData{d}, nil
diff --git a/mmv1/templates/terraform/examples/global_forwarding_rule_hybrid.tf.erb b/mmv1/templates/terraform/examples/global_forwarding_rule_hybrid.tf.erb
@@ -0,0 +1,105 @@
+// Roughly mirrors https://cloud.google.com/load-balancing/docs/https/setting-up-ext-https-hybrid
+
+resource "google_compute_network" "default" {
+  name                    = "<%= ctx[:vars]['network_name'] %>"
+}
+
+// Zonal NEG with GCE_VM_IP_PORT
+resource "google_compute_network_endpoint_group" "default" {
+  name                  = "<%= ctx[:vars]['default_neg_name'] %>"
+  network               = google_compute_network.default.id
+  default_port          = "90"
+  zone                  = "us-central1-a"
+  network_endpoint_type = "GCE_VM_IP_PORT"
+}
+
+// Hybrid connectivity NEG
+resource "google_compute_network_endpoint_group" "hybrid" {
+  name                  = "<%= ctx[:vars]['hybrid_neg_name'] %>"
+  network               = google_compute_network.default.id
+  default_port          = "90"
+  zone                  = "us-central1-a"
+  network_endpoint_type = "NON_GCP_PRIVATE_IP_PORT"
+}
+
+resource "google_compute_network_endpoint" "hybrid-endpoint" {
+  network_endpoint_group = google_compute_network_endpoint_group.hybrid.name
+  port       = google_compute_network_endpoint_group.hybrid.default_port
+  ip_address = "127.0.0.1"
+}
+
+// Backend service for Zonal NEG
+resource "google_compute_backend_service" "default" {
+  name                  = "<%= ctx[:vars]['default_backend_service_name'] %>"
+  port_name             = "http"
+  protocol              = "HTTP"
+  timeout_sec           = 10
+  backend {
+    group = google_compute_network_endpoint_group.default.id
+    balancing_mode               = "RATE"
+    max_rate_per_endpoint        = 10
+  }
+  health_checks = [google_compute_health_check.default.id]
+}
+
+// Backgend service for Hybrid NEG
+resource "google_compute_backend_service" "hybrid" {
+  name                  = "<%= ctx[:vars]['hybrid_backend_service_name'] %>"
+  port_name             = "http"
+  protocol              = "HTTP"
+  timeout_sec           = 10
+  backend {
+    group                        = google_compute_network_endpoint_group.hybrid.id
+    balancing_mode               = "RATE"
+    max_rate_per_endpoint = 10
+  }
+  health_checks = [google_compute_health_check.default.id]
+}
+
+resource "google_compute_health_check" "default" {
+  name               = "<%= ctx[:vars]['health_check_name'] %>"
+  timeout_sec        = 1
+  check_interval_sec = 1
+
+  tcp_health_check {
+    port = "80"
+  }
+}
+
+resource "google_compute_url_map" "default" {
+  name            = "url-map-<%= ctx[:vars]['http_proxy_name'] %>"
+  description     = "a description"
+  default_service = google_compute_backend_service.default.id
+
+  host_rule {
+    hosts        = ["mysite.com"]
+    path_matcher = "allpaths"
+  }
+
+  path_matcher {
+    name            = "allpaths"
+    default_service = google_compute_backend_service.default.id
+
+    path_rule {
+      paths   = ["/*"]
+      service = google_compute_backend_service.default.id
+    }
+
+    path_rule {
+      paths   = ["/hybrid"]
+      service = google_compute_backend_service.hybrid.id
+    }
+  }
+}
+
+resource "google_compute_target_http_proxy" "default" {
+  name        = "<%= ctx[:vars]['http_proxy_name'] %>"
+  description = "a description"
+  url_map     = google_compute_url_map.default.id
+}
+
+resource "google_compute_global_forwarding_rule" "default" {
+  name       = "<%= ctx[:vars]['forwarding_rule_name'] %>"
+  target     = google_compute_target_http_proxy.default.id
+  port_range = "80"
+}
diff --git a/mmv1/templates/terraform/examples/network_endpoint_group_non_gcp.tf.erb b/mmv1/templates/terraform/examples/network_endpoint_group_non_gcp.tf.erb
@@ -0,0 +1,17 @@
+resource "google_compute_network_endpoint_group" "<%= ctx[:primary_resource_id] %>" {
+  name                  = "<%= ctx[:vars]['neg_name'] %>"
+  network               = google_compute_network.default.id
+  default_port          = "90"
+  zone                  = "us-central1-a"
+  network_endpoint_type = "NON_GCP_PRIVATE_IP_PORT"
+}
+
+resource "google_compute_network_endpoint" "default-endpoint" {
+  network_endpoint_group = google_compute_network_endpoint_group.<%= ctx[:primary_resource_id] %>.name
+  port = google_compute_network_endpoint_group.<%= ctx[:primary_resource_id] %>.default_port
+  ip_address = "127.0.0.1"
+}
+
+resource "google_compute_network" "default" {
+  name = "<%= ctx[:vars]['network_name'] %>"
+}
diff --git a/mmv1/templates/terraform/pre_delete/compute_network_endpoint.go.erb b/mmv1/templates/terraform/pre_delete/compute_network_endpoint.go.erb
@@ -3,7 +3,9 @@ instanceProp, err := expandNestedComputeNetworkEndpointInstance(d.Get("instance"
 if err != nil {
 	return err
 }
-toDelete["instance"] = instanceProp
+if instanceProp != "" {
+	toDelete["instance"] = instanceProp
+}
 
 portProp, err := expandNestedComputeNetworkEndpointPort(d.Get("port"), d, config)
 if err != nil {