dynamic port allocation for cloud nat

[rabun788]

Using dynamic port allocation lets the NAT gateway allocate different numbers of ports to each VM based on usage.

fixes hashicorp/terraform-provider-google#11052

If this PR is for Terraform, I acknowledge that I have:

• Searched through the issue tracker for an open issue that this either resolves or contributes to, commented on it to claim it, and written "fixes {url}" or "part of {url}" in this PR description. If there were no relevant open issues, I opened one and commented that I would like to work on it (not necessary for very small changes).
• Generated Terraform, and ran make test and make lint to ensure it passes unit and linter tests.
• Ensured that all new fields I added that can be set by a user appear in at least one example (for generated resources) or third_party test (for handwritten resources or update tests).
• Ran relevant acceptance tests (If the acceptance tests do not yet pass or you are unable to run them, please let your reviewer know).
• Read the Release Notes Guide before writing my release note below.

Release Note Template for Downstream PRs (will be copied)

compute: supported `enable_dynamic_port_allocation` in `google_compute_router_nat` to let the NAT gateway allocate different numbers of ports to each VM based on usage.

Original commentary: hashicorp/terraform-provider-google#11214

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

For more information, open the CLA check for this pull request.

[modular-magician]

Oops! It looks like you're using an unknown release-note type in your changelog entries:

• REPLACEME

Please only use the types listed in https://github.com/GoogleCloudPlatform/magic-modules/blob/master/.ci/RELEASE_NOTES_GUIDE.md.

[modular-magician]

Hello! I am a robot who works on Magic Modules PRs.

I have detected that you are a community contributor, so your PR will be assigned to someone with a commit-bit on this repo for initial review.

Thanks for your contribution! A human will be with you soon.

@shuyama1, please review this PR or find an appropriate assignee.

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 2 files changed, 35 insertions(+))
Terraform Beta: Diff ( 2 files changed, 35 insertions(+))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[rabun788]

mention: hashicorp/terraform-provider-google#11052

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 2 files changed, 35 insertions(+))
Terraform Beta: Diff ( 2 files changed, 35 insertions(+))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[shuyama1]

Hi @rabun788 Thanks for your contribution! Would you mind adding a new test/ modifying an existing test to test this field, as we try to cover all the features tested. Please let me know if you have questions! Also, please re-request my review after you're done adding the test. Many thanks!

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 121 insertions(+), 1 deletion(-))
Terraform Beta: Diff ( 3 files changed, 121 insertions(+), 1 deletion(-))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[shuyama1]

/gcbrun

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 121 insertions(+), 1 deletion(-))
Terraform Beta: Diff ( 3 files changed, 121 insertions(+), 1 deletion(-))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

I have triggered VCR tests in RECORDING mode for the following tests that failed during VCR: TestAccDataSourceSqlDatabaseInstance_basic|TestAccBigqueryReservationAssignment_BasicHandWritten|TestAccCGCSnippet_sqlMysqlInstanceBackupExample|TestAccCGCSnippet_sqlPostgresInstanceBackupExample|TestAccCGCSnippet_sqlSqlserverInstanceBackupExample|TestAccCGCSnippet_sqlSqlserverInstanceAuthorizedNetworkExample|TestAccCloudBuildTrigger_cloudbuildTriggerPubsubConfigExample|TestAccCloudBuildTrigger_cloudbuildTriggerWebhookConfigExample|TestAccCloudBuildTrigger_cloudbuildTriggerManualExample|TestAccCloudBuildTrigger_cloudbuildTriggerFilenameExample|TestAccCloudBuildTrigger_cloudbuildTriggerBuildExample|TestAccCloudBuildTrigger_basic|TestAccCloudBuildTrigger_available_secrets_config|TestAccCloudBuildTrigger_cloudbuildTriggerServiceAccountExample|TestAccCloudBuildTrigger_disable|TestAccCloudBuildTrigger_fullStep|TestAccCloudFunctionsFunction_secretEnvVar|TestAccComputeRouterNat_withDisabledDynamicPortAllocation|TestAccComputeRouterNat_basic|TestAccComputeRouterNat_update|TestAccComputeRouterNat_removeLogConfig|TestAccComputeRouterNat_withManualIpAndSubnetConfiguration|TestAccComputeRouterNat_withDisabledIndependentEndpointMapping|TestAccComputeRouterNat_withNatIpsAndDrainNatIps|TestAccContainerCluster_withAuthenticatorGroupsConfig|TestAccDataprocCluster_nonPreemptibleSecondary|TestAccDataprocCluster_updatable|TestAccDataprocCluster_withConfigOverrides|TestAccServiceNetworkingPeeredDNSDomain_basic|TestAccVPCAccessConnector_cloudrunVPCAccessConnectorExample You can view the result here: https://ci-oss.hashicorp.engineering/viewQueued.html?itemId=265417

[FalconerTC]

When Dynamic Port Allocation is enabled for a NAT router, you can also configure the maximum ports per VM. Can something like max_ports_per_vm be added as part of this?

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 112 insertions(+))
Terraform Beta: Diff ( 3 files changed, 112 insertions(+))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 107 insertions(+))
Terraform Beta: Diff ( 3 files changed, 107 insertions(+))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 153 insertions(+))
Terraform Beta: Diff ( 3 files changed, 153 insertions(+))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[shuyama1]

/gcbrun

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 153 insertions(+))
Terraform Beta: Diff ( 3 files changed, 153 insertions(+))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[shuyama1]

/gcbrun

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 153 insertions(+))
Terraform Beta: Diff ( 3 files changed, 153 insertions(+))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[shuyama1]

/gcbrun

[modular-magician]

Hi! I'm the modular magician. Your PR generated some diffs in downstreams - here they are.

Diff report:

Terraform GA: Diff ( 3 files changed, 153 insertions(+))
Terraform Beta: Diff ( 3 files changed, 153 insertions(+))
TF Validator: Diff ( 2 files changed, 3 insertions(+), 3 deletions(-))

[shuyama1]

Would you mind adding a test on this? Simply adding this field in the existing test, such as TestAccComputeRouterNat_withDisabledDynamicPortAllocation, would be fine.

[shuyama1]

Shall we also add an update step for this test. We can simply follow the pattern of TestAccComputeRouterNat_withDisabledIndependentEndpointMapping

[shuyama1]

nit: the spacing in this resource is tabbed rather than 2 spaces

[inkel]

I really hope this gets merged and released soon!

[inkel]

You can use explicit argument indexes instead and reduce the repetition:

Suggested change

	func testAccComputeRouterNatWithDisabledDynamicPortAllocation(routerName string, disabled bool, enabled bool) string {
	return fmt.Sprintf(`
	resource "google_compute_network" "foobar" {
	name = "%s-net"
	auto_create_subnetworks = "false"
	}
	resource "google_compute_subnetwork" "foobar" {
	name = "%s-subnet"
	network = google_compute_network.foobar.self_link
	ip_cidr_range = "10.0.0.0/16"
	region = "us-central1"
	}
	resource "google_compute_address" "foobar" {
	name = "router-nat-%s-addr"
	region = google_compute_subnetwork.foobar.region
	}
	resource "google_compute_router" "foobar" {
	name = "%s"
	region = google_compute_subnetwork.foobar.region
	network = google_compute_network.foobar.self_link
	bgp {
	asn = 64514
	}
	}
	resource "google_compute_router_nat" "foobar" {
	name = "%s"
	router = google_compute_router.foobar.name
	region = google_compute_router.foobar.region
	nat_ip_allocate_option = "MANUAL_ONLY"
	nat_ips = [google_compute_address.foobar.self_link]
	source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
	subnetwork {
	name = google_compute_subnetwork.foobar.name
	source_ip_ranges_to_nat = ["ALL_IP_RANGES"]
	}
	enable_endpoint_independent_mapping = %t
	enable_dynamic_port_allocation = %t
	}
	`, routerName, routerName, routerName, routerName, routerName, disabled, enabled)
	func testAccComputeRouterNatWithDisabledDynamicPortAllocation(routerName string, disabled bool, enabled bool) string {
	return fmt.Sprintf(`
	resource "google_compute_network" "foobar" {
	name = "%[1]s-net"
	auto_create_subnetworks = "false"
	}
	resource "google_compute_subnetwork" "foobar" {
	name = "%[1]s-subnet"
	network = google_compute_network.foobar.self_link
	ip_cidr_range = "10.0.0.0/16"
	region = "us-central1"
	}
	resource "google_compute_address" "foobar" {
	name = "router-nat-%[1]s-addr"
	region = google_compute_subnetwork.foobar.region
	}
	resource "google_compute_router" "foobar" {
	name = "%[1]s"
	region = google_compute_subnetwork.foobar.region
	network = google_compute_network.foobar.self_link
	bgp {
	asn = 64514
	}
	}
	resource "google_compute_router_nat" "foobar" {
	name = "%[1]s"
	router = google_compute_router.foobar.name
	region = google_compute_router.foobar.region
	nat_ip_allocate_option = "MANUAL_ONLY"
	nat_ips = [google_compute_address.foobar.self_link]
	source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
	subnetwork {
	name = google_compute_subnetwork.foobar.name
	source_ip_ranges_to_nat = ["ALL_IP_RANGES"]
	}
	enable_endpoint_independent_mapping = %t
	enable_dynamic_port_allocation = %t
	}
	`, routerName, disabled, enabled)

Note that the %t placeholders do not use an index, as they will be indexed as one would expect. See this example.

[melinath]

I think this is now obsolete - this functionality has been implemented in the provider at this point.