added port range support for NLBs with route mode enabled

ibm/data_source_ibm_is_lb.go

@@ -291,7 +291,9 @@ func lbGetByName(d *schema.ResourceData, meta interface{}, name string) error {
 				d.Set(isLBType, "private")
 			}
 			d.Set(isLBStatus, *lb.ProvisioningStatus)
-			d.Set(isLBRouteMode, *lb.RouteMode)
+			if lb.RouteMode != nil {
+				d.Set(isLBRouteMode, *lb.RouteMode)
+			}
 			d.Set(isLBCrn, *lb.CRN)
 			d.Set(isLBOperatingStatus, *lb.OperatingStatus)
 			publicIpList := make([]string, 0)

ibm/data_source_ibm_is_lb_profiles.go

@@ -103,13 +103,19 @@ func dataSourceIBMISLbProfilesRead(d *schema.ResourceData, meta interface{}) err
 			case "*vpcv1.LoadBalancerProfileRouteModeSupportedDependent":
 				{
 					rms := routeMode.(*vpcv1.LoadBalancerProfileRouteModeSupportedDependent)
-					l["route_mode_type"] = *rms.Type
+					if rms.Type != nil {
+						l["route_mode_type"] = *rms.Type
+					}
 				}
 			case "*vpcv1.LoadBalancerProfileRouteModeSupported":
 				{
 					rms := routeMode.(*vpcv1.LoadBalancerProfileRouteModeSupported)
-					l["route_mode_type"] = *rms.Type
-					l["route_mode_supported"] = *rms.Value
+					if rms.Type != nil {
+						l["route_mode_type"] = *rms.Type
+					}
+					if rms.Value != nil {
+						l["route_mode_supported"] = *rms.Value
+					}
 				}
 			}
 		}

ibm/data_source_ibm_is_lbs.go

@@ -255,7 +255,9 @@ func getLbs(d *schema.ResourceData, meta interface{}) error {
 		//	log.Printf("******* lb ******** : (%+v)", lb)
 		lbInfo[ID] = *lb.ID
 		lbInfo[isLBName] = *lb.Name
-		lbInfo[isLBRouteMode] = *lb.RouteMode
+		if lb.RouteMode != nil {
+			lbInfo[isLBRouteMode] = *lb.RouteMode
+		}
 		lbInfo[CRN] = *lb.CRN
 		lbInfo[ProvisioningStatus] = *lb.ProvisioningStatus
 

ibm/resource_ibm_is_lb.go

@@ -402,7 +402,9 @@ func lbGet(d *schema.ResourceData, meta interface{}, id string) error {
 	} else {
 		d.Set(isLBType, "private")
 	}
-	d.Set(isLBRouteMode, *lb.RouteMode)
+	if lb.RouteMode != nil {
+		d.Set(isLBRouteMode, *lb.RouteMode)
+	}
 	d.Set(isLBStatus, *lb.ProvisioningStatus)
 	d.Set(isLBCrn, *lb.CRN)
 	d.Set(isLBOperatingStatus, *lb.OperatingStatus)

ibm/resource_ibm_is_lb_listener.go

@@ -17,6 +17,8 @@ import (
 const (
 	isLBListenerLBID                    = "lb"
 	isLBListenerPort                    = "port"
+	isLBListenerPortMin                 = "port_min"
+	isLBListenerPortMax                 = "port_max"
 	isLBListenerProtocol                = "protocol"
 	isLBListenerCertificateInstance     = "certificate_instance"
 	isLBListenerConnectionLimit         = "connection_limit"
@@ -59,9 +61,21 @@ func resourceIBMISLBListener() *schema.Resource {
 
 			isLBListenerPort: {
 				Type:         schema.TypeInt,
-				Required:     true,
+				Optional:     true,
 				ValidateFunc: validateLBListenerPort,
+				Computed:     true,
 				Description:  "Loadbalancer listener port",
+				Deprecated:   "This field will be deprecated in future and we will be using range of ports using port_min and port_max",
+			},
+			isLBListenerPortMin: {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "The inclusive lower bound of the range of ports used by this listener. Only load balancers in the `network` family support more than one port per listener.",
+			},
+			isLBListenerPortMax: {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "The inclusive upper bound of the range of ports used by this listener. Only load balancers in the `network` family support more than one port per listener",
 			},
 
 			isLBListenerProtocol: {
@@ -236,10 +250,28 @@ func lbListenerCreate(d *schema.ResourceData, meta interface{}, lbID, protocol,
 
 	options := &vpcv1.CreateLoadBalancerListenerOptions{
 		LoadBalancerID: &lbID,
-		Port:           &port,
 		Protocol:       &protocol,
 	}
 
+	getlboptions := &vpcv1.GetLoadBalancerOptions{
+		ID: &lbID,
+	}
+	lb, response, err := sess.GetLoadBalancer(getlboptions)
+
+	if err != nil || lb == nil {
+		return fmt.Errorf("Error getting Load Balancer : %s\n%s", err, response)
+	}
+
+	if lb != nil && *lb.RouteMode && lb.Profile != nil && *lb.Profile.Name == "network-fixed" {
+		portMin := int64(1)
+		portMax := int64(65535)
+
+		options.PortMin = &portMin
+		options.PortMax = &portMax
+	} else {
+		options.Port = &port
+	}
+
 	if app, ok := d.GetOk(isLBListenerAcceptProxyProtocol); ok {
 		acceptProxyProtocol := app.(bool)
 		options.AcceptProxyProtocol = &acceptProxyProtocol
@@ -368,7 +400,15 @@ func lbListenerGet(d *schema.ResourceData, meta interface{}, lbID, lbListenerID
 		return fmt.Errorf("Error Getting Load Balancer Listener : %s\n%s", err, response)
 	}
 	d.Set(isLBListenerLBID, lbID)
-	d.Set(isLBListenerPort, *lbListener.Port)
+	if lbListener.Port != nil {
+		d.Set(isLBListenerPort, *lbListener.Port)
+	}
+	if lbListener.PortMin != nil {
+		d.Set(isLBListenerPortMin, *lbListener.PortMin)
+	}
+	if lbListener.PortMax != nil {
+		d.Set(isLBListenerPortMax, *lbListener.PortMax)
+	}
 	d.Set(isLBListenerProtocol, *lbListener.Protocol)
 	d.Set(isLBListenerAcceptProxyProtocol, *lbListener.AcceptProxyProtocol)
 	d.Set(isLBListenerID, lbListenerID)

ibm/resource_ibm_is_lb_listener_test.go

@@ -65,6 +65,44 @@ func TestAccIBMISLBListener_basic(t *testing.T) {
 		},
 	})
 }
+func TestAccIBMISNLBRouteModeListener_basic(t *testing.T) {
+	var lb string
+	vpcname := fmt.Sprintf("tflblis-vpc-%d", acctest.RandIntRange(10, 100))
+	subnetname := fmt.Sprintf("tflblis-subnet-%d", acctest.RandIntRange(10, 100))
+	lbname := fmt.Sprintf("tflblis%d", acctest.RandIntRange(10, 100))
+
+	protocol1 := "tcp"
+	port1 := "1"
+	port2 := "65535"
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckIBMISLBListenerDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCheckIBMISNLBRouteModeListenerConfig(vpcname, subnetname, ISZoneName, ISCIDR, lbname, port1, protocol1),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckIBMISLBListenerExists("ibm_is_lb_listener.testacc_lb_listener", lb),
+					resource.TestCheckResourceAttr(
+						"ibm_is_lb.testacc_LB", "name", lbname),
+					resource.TestCheckResourceAttr(
+						"ibm_is_lb.testacc_LB", "type", "private"),
+					resource.TestCheckResourceAttr(
+						"ibm_is_lb.testacc_LB", "route_mode", "true"),
+					resource.TestCheckResourceAttr(
+						"ibm_is_lb_listener.testacc_lb_listener", "port", port1),
+					resource.TestCheckResourceAttr(
+						"ibm_is_lb_listener.testacc_lb_listener", "port_min", port1),
+					resource.TestCheckResourceAttr(
+						"ibm_is_lb_listener.testacc_lb_listener", "port_max", port2),
+					resource.TestCheckResourceAttr(
+						"ibm_is_lb_listener.testacc_lb_listener", "protocol", protocol1),
+				),
+			},
+		},
+	})
+}
 
 func TestAccIBMISLBListenerHttpRedirect_basic(t *testing.T) {
 	var lb string
@@ -305,6 +343,32 @@ func testAccCheckIBMISLBListenerHttpsRedirectConfigRemove(vpcname, subnetname, z
 		protocol = "http"
 	  }`, vpcname, subnetname, zone, cidr, lbname, lbListerenerCertificateInstance)
 
+}
+func testAccCheckIBMISNLBRouteModeListenerConfig(vpcname, subnetname, zone, cidr, lbname, port, protocol string) string {
+	return fmt.Sprintf(`
+	resource "ibm_is_vpc" "testacc_vpc" {
+		name = "%s"
+	}
+
+	resource "ibm_is_subnet" "testacc_subnet" {
+		name 			= "%s"
+		vpc 			= "${ibm_is_vpc.testacc_vpc.id}"
+		zone 			= "%s"
+		ipv4_cidr_block = "%s"
+	}
+	resource "ibm_is_lb" "testacc_LB" {
+		name			= "%s"
+		subnets 		= ["${ibm_is_subnet.testacc_subnet.id}"]
+		profile 		= "network-fixed"
+		route_mode 		= true
+		type 			= "private"
+	}
+	resource "ibm_is_lb_listener" "testacc_lb_listener" {
+		lb 			= "${ibm_is_lb.testacc_LB.id}"
+		port 		= %s
+		protocol 	= "%s"
+}`, vpcname, subnetname, zone, cidr, lbname, port, protocol)
+
 }
 
 func testAccCheckIBMISLBListenerConfigUpdate(vpcname, subnetname, zone, cidr, lbname, port, protocol, connLimit string) string {

website/docs/r/is_lb_listener.html.markdown

@@ -61,7 +61,7 @@ resource "ibm_is_lb_listener" "lb_listener1"{
   lb       = ibm_is_lb.lb2.id
   port     = "9086"
   protocol = "https"
-  certificate_instance="crn:v1:staging:public:cloudcerts:us-south:a2d1bace7b46e4815a81e52c6ffeba5cf:af925157-b125-4db2-b642-adacb8b9c7f5:certificate:c81627a1bf6f766379cc4b98fd2a44ed"
+  certificate_instance="crn:v1:bluemix:public:cloudcerts:us-south:a2d1bace7b46e4815a81e52c6ffeba5cf:af925157-b125-4db2-b642-adacb8b9c7f5:certificate:c81627a1bf6f766379cc4b98fd2a44ed"
 }
 
 resource "ibm_is_lb_listener" "lb_listener2"{
@@ -74,6 +74,35 @@ resource "ibm_is_lb_listener" "lb_listener2"{
 }
 ```
 
+### Sample to create a load balancer listener for a route mode enabled private network load balancer.
+
+```terraform
+
+resource "ibm_is_vpc" "vpc" {
+  name = "test-vpc"
+}
+
+resource "ibm_is_subnet" "subnet" {
+  name 			= "test-subnet"
+  vpc 			= "${ibm_is_vpc.vpc.id}"
+  zone 			= "us-south-2"
+  ipv4_cidr_block = "10.240.68.0/24"
+}
+
+resource "ibm_is_lb" "nlb" {
+  name           = "test-nlb"
+  subnets        = [ibm_is_subnet.subnet.id]
+  profile        = "network-fixed"
+  type           = "private"
+  route_mode     = "true"
+}
+
+resource "ibm_is_lb_listener" "nlbHttpListener1" {
+  lb           = ibm_is_lb.nlb.id
+  protocol     = "tcp"
+}
+```
+
 ## Timeouts
 The `ibm_is_lb_listener` resource provides the following [Timeouts](https://www.terraform.io/docs/language/resources/syntax.html) configuration options:
 
@@ -87,7 +116,12 @@ Review the argument references that you can specify for your resource.
 
 - `accept_proxy_protocol`- (Optional, Bool)  If set to **true**, listener forwards proxy protocol information that are supported by load balancers in the application family. Default value is **false**.
 - `lb` - (Required, Forces new resource, String) The load balancer unique identifier.
-- `port`- (Required, Integer) The listener port number. Valid range 1 to 65535.
+- `port`- (Optional, Deprecated Integer) The listener port number. Valid range `1` to `65535`.
+
+  **NOTE**:
+    - Private network load balancers with `route_mode` enabled don't support `port`, they support `port` range from `port_min`(1) - `port_max`(65535).
+    - Only accepted value of `port` for `route_mode` enabled private network load balancer is `1`. Any other value will show change or update-in-place and returns an error.
+
 - `protocol` - (Required, String) The listener protocol. Enumeration type are `http`, `tcp`, and `https`. Network load balancer supports only `tcp` protocol.
 - `default_pool` - (Optional, String) The load balancer pool unique identifier.
 - `certificate_instance` - (Optional, String) The CRN of the certificate instance, it is applicable(mandatory) only to https protocol.
@@ -100,6 +134,16 @@ Review the argument references that you can specify for your resource.
 In addition to all argument reference list, you can access the following attribute reference after your resource is created.
 
 - `id` - (String) The unique identifier of the load balancer listener.
+- `port_min`- (Integer) The inclusive lower bound of the range of ports used by this listener.
+
+  **NOTE**
+    - Only load balancers in the `network` family support more than one port per listener.
+    - Currently, only load balancers operating with route mode enabled support different values for `port_min` and port_max. When route mode is enabled, only a value of `1` is supported for `port_min`.
+- `port_max`- (Integer) The inclusive upper bound of the range of ports used by this listener.
+
+  **NOTE**
+    - Only load balancers in the `network` family support more than one port per listener.
+    - Currently, only load balancers operating with `route_mode` enabled support different values for `port_min` and `port_max`. When `route mode` is enabled, only a value of `65535` is supported for port_max.
 - `status` - (String) The status of load balancer listener.
 
 ## Import