Merge pull request #608 from ChrisdeR/feature/tcr_internal_endpoint_dns

add tcr vpc dns

Author: gailwang

CHANGELOG.md

@@ -1,4 +1,10 @@
 ## 1.54.1 (Unreleased)
+
+ENHANCEMENTS:
+
+* Resource `tencentcloud_tcr_vpc_attachment` add `enable_public_domain_dns`, `enable_vpc_domain_dns` to set whether to enable dns.
+* Data Source `tencentcloud_tcr_vpc_attachments` add `enable_public_domain_dns`, `enable_vpc_domain_dns`.
+
 ## 1.54.0 (March 22, 2021)
 
 FEATURES:

tencentcloud/data_source_tc_tcr_vpc_attachments.go

@@ -72,6 +72,16 @@ func dataSourceTencentCloudTCRVPCAttachments() *schema.Resource {
 							Computed:    true,
 							Description: "IP address of this VPC access.",
 						},
+						"enable_public_domain_dns": {
+							Type:        schema.TypeBool,
+							Computed:    true,
+							Description: "Whether to enable public domain dns.",
+						},
+						"enable_vpc_domain_dns": {
+							Type:        schema.TypeBool,
+							Computed:    true,
+							Description: "Whether to enable vpc domain dns.",
+						},
 					},
 				},
 			},
@@ -120,6 +130,19 @@ func dataSourceTencentCloudTCRVPCAttachmentsRead(d *schema.ResourceData, meta in
 			"status":    vpcAccess.Status,
 			"access_ip": vpcAccess.AccessIp,
 		}
+		if *vpcAccess.AccessIp != "" {
+			publicDomainDnsStatus, err := GetDnsStatus(ctx, tcrService, instanceId, *vpcAccess.VpcId, *vpcAccess.AccessIp, true)
+			if err != nil {
+				return err
+			}
+			mapping["enable_public_domain_dns"] = *publicDomainDnsStatus.Status == TCR_VPC_DNS_STATUS_ENABLED
+
+			vpcDomainDnsStatus, err := GetDnsStatus(ctx, tcrService, instanceId, *vpcAccess.VpcId, *vpcAccess.AccessIp, false)
+			if err != nil {
+				return err
+			}
+			mapping["enable_vpc_domain_dns"] = *vpcDomainDnsStatus.Status == TCR_VPC_DNS_STATUS_ENABLED
+		}
 
 		vpcAccessList = append(vpcAccessList, mapping)
 		ids = append(ids, instanceId+FILED_SP+*vpcAccess.VpcId+FILED_SP+*vpcAccess.SubnetId)

tencentcloud/extension_tcr.go

@@ -0,0 +1,6 @@
+package tencentcloud
+
+const (
+	TCR_VPC_DNS_STATUS_ENABLED  = "ENABLED"
+	TCR_VPC_DNS_STATUS_DISABLED = "DISABLED"
+)

tencentcloud/resource_tc_tcr_vpc_attachment.go

@@ -28,12 +28,14 @@ import (
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	tcr "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcr/v20190924"
 )
 
 func resourceTencentCloudTcrVpcAttachment() *schema.Resource {
 	return &schema.Resource{
 		Create: resourceTencentCloudTcrVpcAttachmentCreate,
 		Read:   resourceTencentCloudTcrVpcAttachmentRead,
+		Update: resourceTencentCloudTcrVpcAttachmentUpdate,
 		Delete: resourceTencentCLoudTcrVpcAttachmentDelete,
 		Importer: &schema.ResourceImporter{
 			State: schema.ImportStatePassthrough,
@@ -58,6 +60,18 @@ func resourceTencentCloudTcrVpcAttachment() *schema.Resource {
 				ForceNew:    true,
 				Description: "ID of subnet.",
 			},
+			"enable_public_domain_dns": {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     false,
+				Description: "Whether to enable public domain dns. Default value is `false`.",
+			},
+			"enable_vpc_domain_dns": {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     false,
+				Description: "Whether to enable vpc domain dns. Default value is `false`.",
+			},
 			//computed
 			"status": {
 				Type:        schema.TypeString,
@@ -120,6 +134,19 @@ func resourceTencentCloudTcrVpcAttachmentCreate(d *schema.ResourceData, meta int
 		return outErr
 	}
 
+	if enablePublicDomainDns := d.Get("enable_public_domain_dns").(bool); enablePublicDomainDns {
+		err := EnableTcrVpcDns(ctx, tcrService, instanceId, vpcId, subnetId, true)
+		if err != nil {
+			return err
+		}
+	}
+
+	if enableVpcDomainDns := d.Get("enable_vpc_domain_dns").(bool); enableVpcDomainDns {
+		err := EnableTcrVpcDns(ctx, tcrService, instanceId, vpcId, subnetId, false)
+		if err != nil {
+			return err
+		}
+	}
 	return resourceTencentCloudTcrVpcAttachmentRead(d, meta)
 }
 
@@ -165,9 +192,72 @@ func resourceTencentCloudTcrVpcAttachmentRead(d *schema.ResourceData, meta inter
 	_ = d.Set("vpc_id", vpcId)
 	_ = d.Set("subnet_id", subnetId)
 
+	if *vpcAccess.AccessIp != "" {
+		publicDomainDnsStatus, err := GetDnsStatus(ctx, tcrService, instanceId, vpcId, *vpcAccess.AccessIp, true)
+		if err != nil {
+			return err
+		}
+		_ = d.Set("enable_public_domain_dns", *publicDomainDnsStatus.Status == TCR_VPC_DNS_STATUS_ENABLED)
+
+		vpcDomainDnsStatus, err := GetDnsStatus(ctx, tcrService, instanceId, vpcId, *vpcAccess.AccessIp, false)
+		if err != nil {
+			return err
+		}
+		_ = d.Set("enable_vpc_domain_dns", *vpcDomainDnsStatus.Status == TCR_VPC_DNS_STATUS_ENABLED)
+	}
+
 	return nil
 }
 
+func resourceTencentCloudTcrVpcAttachmentUpdate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_tcr_vpc_attachment.update")()
+
+	logId := getLogId(contextNil)
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	tcrService := TCRService{client: meta.(*TencentCloudClient).apiV3Conn}
+
+	var (
+		instanceId = d.Get("instance_id").(string)
+		vpcId      = d.Get("vpc_id").(string)
+		subnetId   = d.Get("subnet_id").(string)
+	)
+
+	d.Partial(true)
+	if d.HasChange("enable_public_domain_dns") {
+		if isEnabled := d.Get("enable_public_domain_dns").(bool); isEnabled {
+			err := EnableTcrVpcDns(ctx, tcrService, instanceId, vpcId, subnetId, true)
+			if err != nil {
+				return err
+			}
+		} else {
+			err := DisableTcrVpcDns(ctx, tcrService, instanceId, vpcId, subnetId, true)
+			if err != nil {
+				return err
+			}
+		}
+		d.SetPartial("enable_public_domain_dns")
+	}
+
+	if d.HasChange("enable_vpc_domain_dns") {
+		if isEnabled := d.Get("enable_vpc_domain_dns").(bool); isEnabled {
+			err := EnableTcrVpcDns(ctx, tcrService, instanceId, vpcId, subnetId, false)
+			if err != nil {
+				return err
+			}
+		} else {
+			err := DisableTcrVpcDns(ctx, tcrService, instanceId, vpcId, subnetId, false)
+			if err != nil {
+				return err
+			}
+		}
+		d.SetPartial("enable_vpc_domain_dns")
+	}
+	d.Partial(false)
+
+	return resourceTencentCloudTcrVpcAttachmentRead(d, meta)
+}
+
 func resourceTencentCLoudTcrVpcAttachmentDelete(d *schema.ResourceData, meta interface{}) error {
 	defer logElapsed("resource.tencentcloud_tcr_vpc_attachment.delete")()
 
@@ -222,3 +312,75 @@ func resourceTencentCLoudTcrVpcAttachmentDelete(d *schema.ResourceData, meta int
 
 	return nil
 }
+
+func WaitForAccessIpExists(ctx context.Context, tcrService TCRService, instanceId string, vpcId string, subnetId string) (accessIp string, errRet error) {
+	errRet = resource.Retry(readRetryTimeout, func() *resource.RetryError {
+		result, has, inErr := tcrService.DescribeTCRVPCAttachmentById(ctx, instanceId, vpcId, subnetId)
+		if inErr != nil {
+			return retryError(inErr)
+		}
+		if !has {
+			inErr = fmt.Errorf("%s create tcr vpcAccess %s fail, vpcAccess is not exists from SDK DescribeTcrVpcAttachmentById", instanceId, vpcId)
+			return resource.RetryableError(inErr)
+		}
+
+		if *result.AccessIp == "" {
+			inErr = fmt.Errorf("%s get tcr accessIp fail, accessIp is not exists from SDK DescribeTcrVpcAttachmentById", vpcId)
+			return resource.RetryableError(inErr)
+		}
+		accessIp = *result.AccessIp
+		return nil
+	})
+	return
+}
+
+func EnableTcrVpcDns(ctx context.Context, tcrService TCRService, instanceId string, vpcId string, subnetId string, usePublicDomain bool) error {
+	accessIp, err := WaitForAccessIpExists(ctx, tcrService, instanceId, vpcId, subnetId)
+	if err != nil {
+		return err
+	}
+
+	outErr := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+		inErr := tcrService.CreateTcrVpcDns(ctx, instanceId, vpcId, accessIp, usePublicDomain)
+		if inErr != nil {
+			return retryError(inErr)
+		}
+		return nil
+	})
+
+	return outErr
+}
+
+func DisableTcrVpcDns(ctx context.Context, tcrService TCRService, instanceId string, vpcId string, subnetId string, usePublicDomain bool) error {
+	accessIp, err := WaitForAccessIpExists(ctx, tcrService, instanceId, vpcId, subnetId)
+	if err != nil {
+		return err
+	}
+
+	outErr := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+		inErr := tcrService.DeleteTcrVpcDns(ctx, instanceId, vpcId, accessIp, usePublicDomain)
+		if inErr != nil {
+			return retryError(inErr)
+		}
+		return nil
+	})
+
+	return outErr
+}
+
+func GetDnsStatus(ctx context.Context, tcrService TCRService, instanceId string, vpcId string, accessIp string, usePublicDomain bool) (status *tcr.VpcPrivateDomainStatus, err error) {
+	err = resource.Retry(readRetryTimeout, func() *resource.RetryError {
+		result, has, inErr := tcrService.DescribeTcrVpcDnsById(ctx, instanceId, vpcId, accessIp, usePublicDomain)
+		if inErr != nil {
+			return retryError(inErr)
+		}
+		if !has {
+			inErr = fmt.Errorf("%s get tcr vpc dns status fail, vpc dns is not exists from SDK DescribeTcrVpcDnsById", instanceId)
+			return resource.RetryableError(inErr)
+		}
+		status = result
+		return nil
+	})
+
+	return
+}

tencentcloud/service_tencentcloud_tcr.go

@@ -687,3 +687,89 @@ func (me *TCRService) DescribeTCRVPCAttachmentById(ctx context.Context, instance
 	has = true
 	return
 }
+
+func (me *TCRService) CreateTcrVpcDns(ctx context.Context, instanceId string, vpcId string, accessIp string, usePublicDomain bool) (errRet error) {
+	logId := getLogId(ctx)
+	request := tcr.NewCreateInternalEndpointDnsRequest()
+	defer func() {
+		if errRet != nil {
+			log.Printf("[CRITAL]%s api[%s] fail,reason[%s]", logId, request.GetAction(), errRet.Error())
+		}
+	}()
+	request.InstanceId = &instanceId
+	request.VpcId = &vpcId
+	request.EniLBIp = &accessIp
+	request.UsePublicDomain = &usePublicDomain
+
+	ratelimit.Check(request.GetAction())
+	response, err := me.client.UseTCRClient().CreateInternalEndpointDns(request)
+	if err != nil {
+		errRet = err
+		return
+	}
+	if response == nil || response.Response == nil {
+		errRet = fmt.Errorf("TencentCloud SDK return nil response, %s", request.GetAction())
+	}
+	return
+}
+
+func (me *TCRService) DeleteTcrVpcDns(ctx context.Context, instanceId string, vpcId string, accessIp string, usePublicDomain bool) (errRet error) {
+	logId := getLogId(ctx)
+	request := tcr.NewDeleteInternalEndpointDnsRequest()
+	defer func() {
+		if errRet != nil {
+			log.Printf("[CRITAL]%s api[%s] fail,reason[%s]", logId, request.GetAction(), errRet.Error())
+		}
+	}()
+	request.InstanceId = &instanceId
+	request.VpcId = &vpcId
+	request.EniLBIp = &accessIp
+	request.UsePublicDomain = &usePublicDomain
+
+	ratelimit.Check(request.GetAction())
+	response, err := me.client.UseTCRClient().DeleteInternalEndpointDns(request)
+	if err != nil {
+		errRet = err
+		return
+	}
+	if response == nil || response.Response == nil {
+		errRet = fmt.Errorf("TencentCloud SDK return nil response, %s", request.GetAction())
+	}
+	return
+}
+
+func (me *TCRService) DescribeTcrVpcDnsById(ctx context.Context, instanceId string, vpcId string, accessIp string, usePublicDomain bool) (vpcPrivateDomainStatus *tcr.VpcPrivateDomainStatus, has bool, errRet error) {
+	logId := getLogId(ctx)
+	request := tcr.NewDescribeInternalEndpointDnsStatusRequest()
+	defer func() {
+		if errRet != nil {
+			log.Printf("[CRITAL]%s api[%s] fail,reason[%s]", logId, request.GetAction(), errRet.Error())
+		}
+	}()
+	request.VpcSet = append(request.VpcSet, &tcr.VpcAndDomainInfo{
+		InstanceId:      &instanceId,
+		VpcId:           &vpcId,
+		EniLBIp:         &accessIp,
+		UsePublicDomain: &usePublicDomain,
+	})
+
+	ratelimit.Check(request.GetAction())
+	response, err := me.client.UseTCRClient().DescribeInternalEndpointDnsStatus(request)
+	if err != nil {
+		errRet = err
+		return
+	}
+	if response == nil || response.Response == nil {
+		errRet = fmt.Errorf("TencentCloud SDK return nil response, %s", request.GetAction())
+	}
+	if len(response.Response.VpcSet) == 0 {
+		return nil, has, nil
+	} else if len(response.Response.VpcSet) > 1 {
+		errRet = fmt.Errorf("TencentCloud SDK return more than 1 vpcPrivateDomainStatus, %s %s %s %t", instanceId, vpcId, accessIp, usePublicDomain)
+		return
+	}
+
+	vpcPrivateDomainStatus = response.Response.VpcSet[0]
+	has = true
+	return
+}

website/docs/d/tcr_vpc_attachments.html.markdown

@@ -34,6 +34,8 @@ In addition to all arguments above, the following attributes are exported:
 
 * `vpc_attachment_list` - Information list of the dedicated TCR namespaces.
   * `access_ip` - IP address of this VPC access.
+  * `enable_public_domain_dns` - Whether to enable public domain dns.
+  * `enable_vpc_domain_dns` - Whether to enable vpc domain dns.
   * `status` - Status of this VPC access.
   * `subnet_id` - ID of subnet.
   * `vpc_id` - ID of VPC.

website/docs/r/tcr_vpc_attachment.html.markdown

@@ -28,6 +28,8 @@ The following arguments are supported:
 * `instance_id` - (Required, ForceNew) ID of the TCR instance.
 * `subnet_id` - (Required, ForceNew) ID of subnet.
 * `vpc_id` - (Required, ForceNew) ID of VPC.
+* `enable_public_domain_dns` - (Optional) Whether to enable public domain dns. Default value is `false`.
+* `enable_vpc_domain_dns` - (Optional) Whether to enable vpc domain dns. Default value is `false`.
 
 ## Attributes Reference