feat(redis): add support for endpoints (scaleway#1263)

Co-authored-by: jaime Bernabe <[email protected]>
Co-authored-by: Jules Casteran <[email protected]>
Co-authored-by: Rémy Léone <[email protected]>

Author: 4 people

docs/resources/redis_cluster.md

@@ -47,6 +47,30 @@ resource "scaleway_redis_cluster" "main" {
   }
 }
 ```
+### With a private network
+```hcl
+resource "scaleway_vpc_private_network" "pn" { 
+  name = "private-network"
+}
+
+resource "scaleway_redis_cluster" "main" {
+  name         = "test_redis_endpoints"
+  version      = "6.2.6"
+  node_type    = "MDB-BETA-M"
+  user_name    = "my_initial_user"
+  password     = "thiZ_is_v&ry_s3cret"
+  cluster_size = 1
+  private_network {
+    id          = "${scaleway_vpc_private_network.pn.id}"
+    service_ips = [
+      "10.12.1.1/20",
+    ]
+  }
+  depends_on = [
+    scaleway_vpc_private_network.pn
+  ]
+}
+```
 
 ## Arguments Reference
 
@@ -72,21 +96,40 @@ The following arguments are supported:
 
 - `cluster_size` - (Optional) The number of nodes in the Redis Cluster.
 
-~> **Important:** You can set a bigger `cluster_size`, it will migrate the Redis Cluster, but keep in mind that you cannot downgrade a Redis Cluster so setting a smaller `cluster_size` will not have any effect.
+~> **Important:** You cannot set `cluster_size` to 2, you either have to choose Standalone mode (1 node) or Cluster mode which is minimum 3 (1 main node + 2 secondary nodes)
+
+~> **Important:** You can set a bigger `cluster_size` than you initially did, it will migrate the Redis Cluster, but keep in mind that you cannot downgrade a Redis Cluster so setting a smaller `cluster_size` will not have any effect.
 
 - `tls_enabled` - (Defaults to false) Whether TLS is enabled or not.
 
 - `project_id` - (Defaults to [provider](../index.md) `project_id`) The ID of the project the Redis Cluster is associated with.
 
 - `acl` - (Optional) List of acl rules, this is cluster's authorized IPs.
 
-The `acl` block supports:
+    ~> The `acl` block supports:
 
-- `ip` - (Required) The ip range to whitelist in [CIDR notation](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation)
-- `description` - (Optional) A text describing this rule. Default description: `Allow IP`
+  - `ip` - (Required) The ip range to whitelist in [CIDR notation](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation)
+  - `description` - (Optional) A text describing this rule. Default description: `Allow IP`
 
 - `settings` - (Optional) Map of settings for redis cluster. Available settings can be found by listing redis versions with scaleway API or CLI
 
+- `private_network` - (Optional) Describes the private network you want to connect to your cluster. If not set, a public network will be provided.
+
+  ~> The `private_network` block supports :
+  - `id` - (Required) The UUID of the private network resource.
+  - `service_ips` - (Required) Endpoint IPv4 addresses in [CIDR notation](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation). You must provide at least one IP per node.
+
+~> **Important:** The way to use private networks differs whether you are using redis in standalone or cluster mode.
+- Standalone mode (`cluster_size` = 1) : you can attach as many private networks as you want (each must be a separate block). If you detach your only private network, your cluster won't be reachable until you define a new private or public network. You can modify your private_network and its specs, you can have both a private and public network side by side.
+- Cluster mode (`cluster_size` > 1) : you can define a single private network as you create your cluster, you won't be able to edit or detach it afterwards, unless you create another cluster. Your `service_ips` must be listed as follows:
+```hcl
+  service_ips = [
+    "10.12.1.10/20", 
+    "10.12.1.11/20",
+    "10.12.1.12/20",
+  ]
+```
+
 ## Attributes Reference
 
 In addition to all arguments above, the following attributes are exported:

scaleway/helpers_redis.go

@@ -55,6 +55,33 @@ func waitForRedisCluster(ctx context.Context, api *redis.API, zone scw.Zone, id
 	}, scw.WithContext(ctx))
 }
 
+func expandRedisPrivateNetwork(data []interface{}) ([]*redis.EndpointSpec, error) {
+	if data == nil {
+		return nil, nil
+	}
+	var epSpecs []*redis.EndpointSpec
+
+	for _, rawPN := range data {
+		pn := rawPN.(map[string]interface{})
+		pnID := expandID(pn["id"].(string))
+		rawIPs := pn["service_ips"].([]interface{})
+		ips := []scw.IPNet(nil)
+		for _, rawIP := range rawIPs {
+			ip, err := expandIPNet(rawIP.(string))
+			if err != nil {
+				return epSpecs, err
+			}
+			ips = append(ips, ip)
+		}
+		spec := &redis.EndpointSpecPrivateNetworkSpec{
+			ID:         pnID,
+			ServiceIPs: ips,
+		}
+		epSpecs = append(epSpecs, &redis.EndpointSpec{PrivateNetwork: spec})
+	}
+	return epSpecs, nil
+}
+
 func expandRedisACLSpecs(i interface{}) ([]*redis.ACLRuleSpec, error) {
 	rules := []*redis.ACLRuleSpec(nil)
 
@@ -106,3 +133,45 @@ func flattenRedisSettings(settings []*redis.ClusterSetting) interface{} {
 	}
 	return rawSettings
 }
+
+func flattenRedisPrivateNetwork(endpoints []*redis.Endpoint) (interface{}, bool) {
+	pnFlat := []map[string]interface{}(nil)
+	for _, endpoint := range endpoints {
+		if endpoint.PrivateNetwork == nil {
+			continue
+		}
+		pn := endpoint.PrivateNetwork
+		pnZonedID := newZonedIDString(pn.Zone, pn.ID)
+		serviceIps := []interface{}(nil)
+		for _, ip := range pn.ServiceIPs {
+			serviceIps = append(serviceIps, ip.String())
+		}
+		pnFlat = append(pnFlat, map[string]interface{}{
+			"endpoint_id": endpoint.ID,
+			"zone":        pn.Zone,
+			"id":          pnZonedID,
+			"service_ips": serviceIps,
+		})
+	}
+	return pnFlat, len(pnFlat) != 0
+}
+
+func flattenRedisPublicNetwork(endpoints []*redis.Endpoint) interface{} {
+	pnFlat := []map[string]interface{}(nil)
+	for _, endpoint := range endpoints {
+		if endpoint.PublicNetwork == nil {
+			continue
+		}
+		ipsFlat := []interface{}(nil)
+		for _, ip := range endpoint.IPs {
+			ipsFlat = append(ipsFlat, ip.String())
+		}
+		pnFlat = append(pnFlat, map[string]interface{}{
+			"id":   endpoint.ID,
+			"port": int(endpoint.Port),
+			"ips":  ipsFlat,
+		})
+		break
+	}
+	return pnFlat
+}

scaleway/resource_redis_cluster.go

@@ -6,6 +6,7 @@ import (
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	redis "github.com/scaleway/scaleway-sdk-go/api/redis/v1alpha1"
 	"github.com/scaleway/scaleway-sdk-go/scw"
 )
@@ -74,16 +75,6 @@ func resourceScalewayRedisCluster() *schema.Resource {
 				Description: "Whether or not TLS is enabled.",
 				ForceNew:    true,
 			},
-			"created_at": {
-				Type:        schema.TypeString,
-				Computed:    true,
-				Description: "The date and time of the creation of the Redis cluster",
-			},
-			"updated_at": {
-				Type:        schema.TypeString,
-				Computed:    true,
-				Description: "The date and time of the last update of the Redis cluster",
-			},
 			"acl": {
 				Type:        schema.TypeList,
 				Description: "List of acl rules.",
@@ -117,6 +108,74 @@ func resourceScalewayRedisCluster() *schema.Resource {
 					Type: schema.TypeString,
 				},
 			},
+			"private_network": {
+				Type:        schema.TypeSet,
+				Optional:    true,
+				Description: "Private network specs details",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"endpoint_id": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "UUID of the endpoint to be connected to the cluster",
+						},
+						"id": {
+							Type:         schema.TypeString,
+							Required:     true,
+							ValidateFunc: validationUUIDorUUIDWithLocality(),
+							Description:  "UUID of the private network to be connected to the cluster",
+						},
+						"service_ips": {
+							Type:     schema.TypeList,
+							Required: true,
+							Elem: &schema.Schema{
+								Type:         schema.TypeString,
+								ValidateFunc: validation.IsCIDR,
+							},
+							Description: "List of IPv4 addresses of the private network with a CIDR notation",
+						},
+						"zone": zoneSchema(),
+					},
+				},
+			},
+			// Computed
+			"public_network": {
+				Type:        schema.TypeList,
+				Optional:    true,
+				Computed:    true,
+				MaxItems:    1,
+				Description: "Public network specs details",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"id": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"port": {
+							Type:        schema.TypeInt,
+							Computed:    true,
+							Description: "TCP port of the endpoint",
+						},
+						"ips": {
+							Type: schema.TypeList,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+							Computed: true,
+						},
+					},
+				},
+			},
+			"created_at": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The date and time of the creation of the Redis cluster",
+			},
+			"updated_at": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The date and time of the last update of the Redis cluster",
+			},
 			// Common
 			"zone":       zoneSchema(),
 			"project_id": projectIDSchema(),
@@ -165,6 +224,15 @@ func resourceScalewayRedisClusterCreate(ctx context.Context, d *schema.ResourceD
 		createReq.ClusterSettings = expandRedisSettings(settings)
 	}
 
+	privN, privNExists := d.GetOk("private_network")
+	if privNExists {
+		pnSpecs, err := expandRedisPrivateNetwork(privN.(*schema.Set).List())
+		if err != nil {
+			return diag.FromErr(err)
+		}
+		createReq.Endpoints = pnSpecs
+	}
+
 	res, err := redisAPI.CreateCluster(createReq, scw.WithContext(ctx))
 	if err != nil {
 		return diag.FromErr(err)
@@ -216,6 +284,13 @@ func resourceScalewayRedisClusterRead(ctx context.Context, d *schema.ResourceDat
 		_ = d.Set("tags", cluster.Tags)
 	}
 
+	// set endpoints
+	pnI, pnExists := flattenRedisPrivateNetwork(cluster.Endpoints)
+	if pnExists {
+		_ = d.Set("private_network", pnI)
+	}
+	_ = d.Set("public_network", flattenRedisPublicNetwork(cluster.Endpoints))
+
 	return nil
 }
 
@@ -303,6 +378,13 @@ func resourceScalewayRedisClusterUpdate(ctx context.Context, d *schema.ResourceD
 		}
 	}
 
+	if d.HasChanges("private_network") {
+		diagnostics := resourceScalewayRedisClusterUpdateEndpoints(ctx, d, redisAPI, zone, ID)
+		if diagnostics != nil {
+			return diagnostics
+		}
+	}
+
 	_, err = waitForRedisCluster(ctx, redisAPI, zone, ID, d.Timeout(schema.TimeoutUpdate))
 	if err != nil {
 		return diag.FromErr(err)
@@ -344,6 +426,42 @@ func resourceScalewayRedisClusterUpdateSettings(ctx context.Context, d *schema.R
 	return nil
 }
 
+func resourceScalewayRedisClusterUpdateEndpoints(ctx context.Context, d *schema.ResourceData, redisAPI *redis.API, zone scw.Zone, clusterID string) diag.Diagnostics {
+	// retrieve state
+	cluster, err := waitForRedisCluster(ctx, redisAPI, zone, clusterID, d.Timeout(schema.TimeoutUpdate))
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	// get new desired state of endpoints
+	rawNewEndpoints := d.Get("private_network")
+	newEndpoints, err := expandRedisPrivateNetwork(rawNewEndpoints.(*schema.Set).List())
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	if len(newEndpoints) == 0 {
+		newEndpoints = append(newEndpoints, &redis.EndpointSpec{
+			PublicNetwork: &redis.EndpointSpecPublicNetworkSpec{},
+		})
+	}
+	// send request
+	_, err = redisAPI.SetEndpoints(&redis.SetEndpointsRequest{
+		Zone:      cluster.Zone,
+		ClusterID: cluster.ID,
+		Endpoints: newEndpoints,
+	}, scw.WithContext(ctx))
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	_, err = waitForRedisCluster(ctx, redisAPI, zone, clusterID, d.Timeout(schema.TimeoutUpdate))
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	return nil
+}
+
 func resourceScalewayRedisClusterDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	redisAPI, zone, ID, err := redisAPIWithZoneAndID(meta, d.Id())
 	if err != nil {