Add AWS MSK cluster resource #8635
Conversation
* implement aws_msk_cluster resource with support for tags * implement acceptance tests
ghost
added
size/XXL
|
Any idea on when this will be ready/merged? |
bflad
added
new-resource
There was a problem hiding this comment.
Hi @jesseaukeman 👋 Thanks so much for this contribution! It was in great shape. I left some feedback notes below during review but in the interest of getting this resource (and potentially a new resource for managing MSK Configurations) released this week, we handled the items in a followup commit (7cb443c). Thanks again, this will make a bunch of people happy. 🚀
Output from acceptance testing:
--- PASS: TestAccAWSMskCluster_basic (987.37s)
--- PASS: TestAccAWSMskCluster_tagsUpdate (999.03s)
--- PASS: TestAccAWSMskCluster_enhancedMonitoring (1018.97s)
--- PASS: TestAccAWSMskCluster_kms (1042.61s)
--- PASS: TestAccAWSMskCluster_brokerNodes (1074.66s)
| info := v.([]interface{}) | ||
| if len(info) == 1 { | ||
| if info[0] == nil { | ||
| return fmt.Errorf("At least one item is expected inside encryption_info") |
There was a problem hiding this comment.
Instead of returning an error here, we should be able to just move the nil check up a line and only include the EncryptionInfo then. 👍
| out, err = conn.CreateCluster(input) | ||
|
|
||
| if err != nil { | ||
| if isAWSErr(err, kafka.ErrCodeTooManyRequestsException, "Too Many Requests") { |
There was a problem hiding this comment.
Rather than introducing resource.Retry() logic, which is missing a isResourceTimeoutError(err) check below (context: #7873), we should move this error code into our SDK client logic to automatically have the SDK retry these requests.
Examples of this code can be found here:
An example implementation for here:
client.kafkaconn.Handlers.Retry.PushBack(func(r *request.Request) {
if isAWSErr(r.Error, kafka.ErrCodeTooManyRequestsException, "Too Many Requests") {
r.Retryable = aws.Bool(true)
}
})We should likely also submit this upstream to the AWS Go SDK to automatically retry and throttle these as well.
| return resourceAwsMskClusterRead(d, meta) | ||
| } | ||
|
|
||
| func waitForClusterCreation(conn *kafka.Kafka, arn string) error { |
There was a problem hiding this comment.
Nit: Since this project currently uses a very flat Go package structure, we should include the service name in the function name here to delineate which type of cluster we are referring to:
| func waitForClusterCreation(conn *kafka.Kafka, arn string) error { | |
| func waitForMskClusterCreation(conn *kafka.Kafka, arn string) error { |
| return err | ||
| } | ||
|
|
||
| d.Set("tags", tagsToMapMskCluster(tags)) |
There was a problem hiding this comment.
Two notes:
- The
tagsvalue is coming from the configuration above withd.Get(), which makes this call extraneous as Terraform will automatically pass through configuration information into the Terraform state. More importantly though, this information should be read back from the API to ensure it was properly configured in the API. - Setting information into the Terraform state should preferably happen during the
Readfunction
Since the Read function does correctly call d.Set() via reading the information from the API for this attribute and the Create function correctly returns the Read function, this is extraneous. 😄
| d.Set("arn", aws.StringValue(cluster.ClusterArn)) | ||
| d.Set("bootstrap_brokers", brokerOut.BootstrapBrokerString) | ||
|
|
||
| d.Set("broker_node_group_info", flattenMskBrokerNodeGroupInfo(cluster.BrokerNodeGroupInfo)) |
There was a problem hiding this comment.
When using d.Set() with aggregate types (TypeList, TypeSet, TypeMap), we should perform error checking to prevent issues where the code is not properly able to set the Terraform state. e.g.
| d.Set("broker_node_group_info", flattenMskBrokerNodeGroupInfo(cluster.BrokerNodeGroupInfo)) | |
| if err := d.Set("broker_node_group_info", flattenMskBrokerNodeGroupInfo(cluster.BrokerNodeGroupInfo)); err != nil { | |
| return fmt.Errorf("error setting broker_node_group_info: %s", err) | |
| } |
| Terraform resource for managing an AWS Managed Streaming for Kafka cluster | ||
| --- | ||
|
|
||
| # aws_msk_cluster |
There was a problem hiding this comment.
Nit: We're now including Resource: in resource titles 👍
| # aws_msk_cluster | |
| # Resource: aws_msk_cluster |
| # aws_msk_cluster | ||
|
|
||
| Manages AWS Managed Streaming for Kafka cluster | ||
|
|
There was a problem hiding this comment.
Maintainer Note: Adding the preview callout for this resource documentation
~> NOTE: This AWS service is in Preview and may change before General Availability release. Backwards compatibility is not guaranteed between Terraform AWS Provider releases.
| @@ -1876,6 +1876,16 @@ | |||
| </ul> | |||
| </li> | |||
|
|
|||
| <li> | |||
| <a href="#">MSK Resources</a> | |||
There was a problem hiding this comment.
Nit: I'm thinking we might want to call out the full name here for folks searching for just "kafka", e.g.
| <a href="#">MSK Resources</a> | |
| <a href="#">Managed Streaming for Kafka (MSK) Resources</a> |
| MaxItems: 1, | ||
| Elem: &schema.Resource{ | ||
| Schema: map[string]*schema.Schema{ | ||
| "encryption_at_rest_kms_id": { |
There was a problem hiding this comment.
Given the API always returns the ARN, we should just require inputting the ARN here to simplify attribute handling (removing the DiffSuppressFunc) and prevent potential "inconsistent plan" errors in Terraform 0.12 (the new "diffs didn't match during apply" error from Terraform 0.11).
| "encryption_at_rest_kms_id": { | |
| "encryption_at_rest_kms_key_arn": { |
| State: schema.ImportStatePassthrough, | ||
| }, | ||
| Timeouts: &schema.ResourceTimeout{ | ||
| Create: schema.DefaultTimeout(45 * time.Minute), |
There was a problem hiding this comment.
It appears these customizable timeouts are not passed into the waiter functions (e.g. waitForMskClusterCreation) so they should be removed. 👍
Reference: #8635 Output from acceptance testing: ``` --- PASS: TestAccAWSMskCluster_basic (987.37s) --- PASS: TestAccAWSMskCluster_tagsUpdate (999.03s) --- PASS: TestAccAWSMskCluster_enhancedMonitoring (1018.97s) --- PASS: TestAccAWSMskCluster_kms (1042.61s) --- PASS: TestAccAWSMskCluster_brokerNodes (1074.66s) ```
|
This has been released in version 2.12.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
This is a new implementation of the AWS MSK cluster resource.
I realize this overlaps and duplicates #8357. This was a separate and parallel effort undertaken for the company I work for. I apologize if this is bad form, however I think this effort is a bit further along, as the other effort may be stalled on acceptance tests.
Community Note
Fixes #6653
Fixes #8429
Release note for CHANGELOG:
Output from acceptance testing: