Skip to content

Commit

Permalink
Allow to set param cluster_traffic_encryption in k8s resource (#320)
Browse files Browse the repository at this point in the history
* Add cluster_traffic_encryption option to k8s rs

* Update k8s rs docs
  • Loading branch information
nvthongswansea authored Apr 15, 2024
1 parent 0747f11 commit 0cd2fa7
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 0 deletions.
19 changes: 19 additions & 0 deletions gridscale/resource_gridscale_k8s.go
Original file line number Diff line number Diff line change
Expand Up @@ -204,6 +204,12 @@ func resourceGridscaleK8s() *schema.Resource {
Optional: true,
Computed: true,
},
"cluster_traffic_encryption": {
Type: schema.TypeBool,
Description: "Enables cluster encryption via wireguard if true. Only available for GSK version 1.29 and above. Default is false.",
Optional: true,
Default: false,
},
},
},
},
Expand Down Expand Up @@ -340,6 +346,11 @@ func resourceGridscaleK8sRead(d *schema.ResourceData, meta interface{}) error {
nodePool["surge_node"] = surgeNodeCount > 0
}

// Cluster traffic encryption feature is enabled if k8s_cluster_traffic_encryption is true
if clusterTrafficEncryption, ok := props.Parameters["k8s_cluster_traffic_encryption"].(bool); ok {
nodePool["cluster_traffic_encryption"] = clusterTrafficEncryption
}

nodePoolList = append(nodePoolList, nodePool)
if err = d.Set("node_pool", nodePoolList); err != nil {
return fmt.Errorf("%s error setting node_pool: %v", errorPrefix, err)
Expand Down Expand Up @@ -435,6 +446,10 @@ func resourceGridscaleK8sCreate(d *schema.ResourceData, meta interface{}) error
} else {
params["k8s_surge_node_count"] = 0
}
// Set cluster traffic encryption if it is set
if clusterTrafficEncryption, isSet := d.GetOk("node_pool.0.cluster_traffic_encryption"); isSet {
params["k8s_cluster_traffic_encryption"] = clusterTrafficEncryption
}
requestBody.Parameters = params

ctx, cancel := context.WithTimeout(context.Background(), d.Timeout(schema.TimeoutCreate))
Expand Down Expand Up @@ -504,6 +519,10 @@ func resourceGridscaleK8sUpdate(d *schema.ResourceData, meta interface{}) error
} else {
params["k8s_surge_node_count"] = 0
}
// Set cluster traffic encryption if it is set
if clusterTrafficEncryption, isSet := d.GetOk("node_pool.0.cluster_traffic_encryption"); isSet {
params["k8s_cluster_traffic_encryption"] = clusterTrafficEncryption
}
requestBody.Parameters = params

ctx, cancel := context.WithTimeout(context.Background(), d.Timeout(schema.TimeoutUpdate))
Expand Down
2 changes: 2 additions & 0 deletions website/docs/r/k8s.html.md
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@ The following arguments are supported:
* `rocket_storage` - Rocket storage per worker node (in GiB).
* `surge_node` - Enable surge node to avoid resources shortage during the cluster upgrade (Default: true).
* `cluster_cidr` - (Immutable) The cluster CIDR that will be used to generate the CIDR of nodes, services, and pods. The allowed CIDR prefix length is /16. If the cluster CIDR is not set, the cluster will use "10.244.0.0/16" as it default (even though the `cluster_cidr` in the k8s resource is empty).
* `cluster_traffic_encryption` - Enables cluster encryption via wireguard if true. Only available for GSK version 1.29 and above. Default is false.

## Timeouts

Expand Down Expand Up @@ -90,6 +91,7 @@ This resource exports the following attributes:
* `rocket_storage` - See Argument Reference above.
* `surge_node` - See Argument Reference above.
* `cluster_cidr` - See Argument Reference above.
* `cluster_traffic_encryption` - See Argument Reference above.
* `usage_in_minutes` - The amount of minutes the IP address has been in use.
* `create_time` - The time the object was created.
* `change_time` - Defines the date and time of the last object change.
Expand Down

0 comments on commit 0cd2fa7

Please sign in to comment.