Skip to content

Commit d874321

Browse files
xaweixawei
committed
feat: support setting tke cluster internet/intranet domain
1 parent 6b172df commit d874321

File tree

5 files changed

+204
-135
lines changed

5 files changed

+204
-135
lines changed

tencentcloud/resource_tc_kubernetes_cluster.go

Lines changed: 45 additions & 120 deletions
Original file line numberDiff line numberDiff line change
@@ -1068,6 +1068,12 @@ func resourceTencentCloudTkeCluster() *schema.Resource {
10681068
" If this field is set 'true', the field below `worker_config` must be set." +
10691069
" Because only cluster with node is allowed enable access endpoint.",
10701070
},
1071+
"cluster_internet_domain": {
1072+
Type: schema.TypeString,
1073+
Optional: true,
1074+
Description: "Domain name for cluster Kube-apiserver internet access." +
1075+
" Be careful if you modify value of this parameter, the cluster_external_endpoint value may be changed automatically too.",
1076+
},
10711077
"cluster_intranet": {
10721078
Type: schema.TypeBool,
10731079
Default: false,
@@ -1076,6 +1082,12 @@ func resourceTencentCloudTkeCluster() *schema.Resource {
10761082
" If this field is set 'true', the field below `worker_config` must be set." +
10771083
" Because only cluster with node is allowed enable access endpoint.",
10781084
},
1085+
"cluster_intranet_domain": {
1086+
Type: schema.TypeString,
1087+
Optional: true,
1088+
Description: "Domain name for cluster Kube-apiserver intranet access." +
1089+
" Be careful if you modify value of this parameter, the pgw_endpoint value may be changed automatically too.",
1090+
},
10791091
"cluster_internet_security_group": {
10801092
Type: schema.TypeString,
10811093
Optional: true,
@@ -1902,6 +1914,8 @@ func resourceTencentCloudTkeClusterCreate(d *schema.ResourceData, meta interface
19021914
clusterIntranet = d.Get("cluster_intranet").(bool)
19031915
intranetSubnetId = d.Get("cluster_intranet_subnet_id").(string)
19041916
clusterInternetSecurityGroup = d.Get("cluster_internet_security_group").(string)
1917+
clusterInternetDomain = d.Get("cluster_internet_domain").(string)
1918+
clusterIntranetDomain = d.Get("cluster_intranet_domain").(string)
19051919
)
19061920

19071921
clusterDeployType := d.Get("cluster_deploy_type").(string)
@@ -2223,7 +2237,7 @@ func resourceTencentCloudTkeClusterCreate(d *schema.ResourceData, meta interface
22232237
//intranet
22242238
if clusterIntranet {
22252239
err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
2226-
inErr := service.CreateClusterEndpoint(ctx, id, intranetSubnetId, clusterInternetSecurityGroup, false)
2240+
inErr := service.CreateClusterEndpoint(ctx, id, intranetSubnetId, clusterInternetSecurityGroup, false, clusterIntranetDomain)
22272241
if inErr != nil {
22282242
return retryError(inErr)
22292243
}
@@ -2254,7 +2268,7 @@ func resourceTencentCloudTkeClusterCreate(d *schema.ResourceData, meta interface
22542268

22552269
if clusterInternet {
22562270
err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
2257-
inErr := service.CreateClusterEndpoint(ctx, id, "", clusterInternetSecurityGroup, true)
2271+
inErr := service.CreateClusterEndpoint(ctx, id, "", clusterInternetSecurityGroup, true, clusterInternetDomain)
22582272
if inErr != nil {
22592273
return retryError(inErr)
22602274
}
@@ -2599,6 +2613,8 @@ func resourceTencentCloudTkeClusterUpdate(d *schema.ResourceData, meta interface
25992613
clusterIntranet = d.Get("cluster_intranet").(bool)
26002614
intranetSubnetId = d.Get("cluster_intranet_subnet_id").(string)
26012615
clusterInternetSecurityGroup = d.Get("cluster_internet_security_group").(string)
2616+
clusterInternetDomain = d.Get("cluster_internet_domain").(string)
2617+
clusterIntranetDomain = d.Get("cluster_intranet_domain").(string)
26022618
)
26032619

26042620
if clusterIntranet && intranetSubnetId == "" {
@@ -2619,131 +2635,40 @@ func resourceTencentCloudTkeClusterUpdate(d *schema.ResourceData, meta interface
26192635
}
26202636

26212637
if d.HasChange("cluster_intranet") {
2622-
//open intranet
2623-
if clusterIntranet {
2624-
err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
2625-
inErr := tkeService.CreateClusterEndpoint(ctx, id, intranetSubnetId, clusterInternetSecurityGroup, false)
2626-
if inErr != nil {
2627-
return retryError(inErr)
2628-
}
2629-
return nil
2630-
})
2631-
if err != nil {
2632-
return err
2633-
}
2634-
err = resource.Retry(2*readRetryTimeout, func() *resource.RetryError {
2635-
status, message, inErr := tkeService.DescribeClusterEndpointStatus(ctx, id, false)
2636-
if inErr != nil {
2637-
return retryError(inErr)
2638-
}
2639-
if status == TkeInternetStatusCreating {
2640-
return resource.RetryableError(
2641-
fmt.Errorf("%s create intranet cluster endpoint status still is %s", id, status))
2642-
}
2643-
if status == TkeInternetStatusNotfound || status == TkeInternetStatusCreated {
2644-
return nil
2645-
}
2646-
return resource.NonRetryableError(
2647-
fmt.Errorf("%s create intranet cluster endpoint error ,status is %s,message is %s", id, status, message))
2648-
})
2649-
if err != nil {
2650-
return err
2651-
}
2652-
//close
2653-
} else {
2654-
err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
2655-
inErr := tkeService.DeleteClusterEndpoint(ctx, id, false)
2656-
if inErr != nil {
2657-
return retryError(inErr)
2658-
}
2659-
return nil
2660-
})
2661-
if err != nil {
2662-
return err
2663-
}
2664-
err = resource.Retry(2*readRetryTimeout, func() *resource.RetryError {
2665-
status, message, inErr := tkeService.DescribeClusterEndpointStatus(ctx, id, false)
2666-
if inErr != nil {
2667-
return retryError(inErr)
2668-
}
2669-
if status == TkeInternetStatusDeleting {
2670-
return resource.RetryableError(
2671-
fmt.Errorf("%s close cluster internet endpoint status still is %s", id, status))
2672-
}
2673-
if status == TkeInternetStatusNotfound || status == TkeInternetStatusDeleted || status == TkeInternetStatusCreated {
2674-
return nil
2675-
}
2676-
return resource.NonRetryableError(
2677-
fmt.Errorf("%s close cluster internet endpoint error ,status is %s,message is %s", id, status, message))
2678-
})
2679-
if err != nil {
2680-
return err
2681-
}
2638+
if err := ModifyClusterInternetOrIntranetAccess(ctx, d, &tkeService, false, clusterIntranet, clusterInternetSecurityGroup, intranetSubnetId, clusterIntranetDomain); err != nil {
2639+
return err
26822640
}
26832641

26842642
d.SetPartial("cluster_intranet")
26852643
}
26862644

26872645
if d.HasChange("cluster_internet") {
2646+
if err := ModifyClusterInternetOrIntranetAccess(ctx, d, &tkeService, true, clusterInternet, clusterInternetSecurityGroup, "", clusterInternetDomain); err != nil {
2647+
return err
2648+
}
2649+
}
26882650

2689-
if clusterInternet {
2690-
err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
2691-
inErr := tkeService.CreateClusterEndpoint(ctx, id, "", clusterInternetSecurityGroup, true)
2692-
if inErr != nil {
2693-
return retryError(inErr)
2694-
}
2695-
return nil
2696-
})
2697-
if err != nil {
2698-
return err
2699-
}
2700-
err = resource.Retry(2*readRetryTimeout, func() *resource.RetryError {
2701-
status, message, inErr := tkeService.DescribeClusterEndpointStatus(ctx, id, true)
2702-
if inErr != nil {
2703-
return retryError(inErr)
2704-
}
2705-
if status == TkeInternetStatusCreating {
2706-
return resource.RetryableError(
2707-
fmt.Errorf("%s create cluster internet endpoint status still is %s", id, status))
2708-
}
2709-
if status == TkeInternetStatusNotfound || status == TkeInternetStatusCreated {
2710-
return nil
2711-
}
2712-
return resource.NonRetryableError(
2713-
fmt.Errorf("%s create cluster internet endpoint error ,status is %s,message is %s", id, status, message))
2714-
})
2715-
if err != nil {
2716-
return err
2717-
}
2718-
} else {
2719-
err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
2720-
inErr := tkeService.DeleteClusterEndpoint(ctx, id, true)
2721-
if inErr != nil {
2722-
return retryError(inErr)
2723-
}
2724-
return nil
2725-
})
2726-
if err != nil {
2727-
return err
2728-
}
2729-
err = resource.Retry(2*readRetryTimeout, func() *resource.RetryError {
2730-
status, message, inErr := tkeService.DescribeClusterEndpointStatus(ctx, id, true)
2731-
if inErr != nil {
2732-
return retryError(inErr)
2733-
}
2734-
if status == TkeInternetStatusDeleting {
2735-
return resource.RetryableError(
2736-
fmt.Errorf("%s close cluster internet endpoint status still is %s", id, status))
2737-
}
2738-
if status == TkeInternetStatusNotfound || status == TkeInternetStatusDeleted || status == TkeInternetStatusCreated {
2739-
return nil
2740-
}
2741-
return resource.NonRetryableError(
2742-
fmt.Errorf("%s close cluster internet endpoint error ,status is %s,message is %s", id, status, message))
2743-
})
2744-
if err != nil {
2745-
return err
2746-
}
2651+
// situation when only domain changed
2652+
if !d.HasChange("cluster_intranet") && clusterIntranet && d.HasChange("cluster_intranet_domain") {
2653+
// recreate the cluster intranet endpoint using new domain
2654+
// first close
2655+
if err := ModifyClusterInternetOrIntranetAccess(ctx, d, &tkeService, false, false, clusterInternetSecurityGroup, intranetSubnetId, clusterIntranetDomain); err != nil {
2656+
return err
2657+
}
2658+
// then reopen
2659+
if err := ModifyClusterInternetOrIntranetAccess(ctx, d, &tkeService, false, true, clusterInternetSecurityGroup, intranetSubnetId, clusterIntranetDomain); err != nil {
2660+
return err
2661+
}
2662+
}
2663+
if !d.HasChange("cluster_internet") && clusterInternet && d.HasChange("cluster_internet_domain") {
2664+
// recreate the cluster internet endpoint using new domain
2665+
// first close
2666+
if err := ModifyClusterInternetOrIntranetAccess(ctx, d, &tkeService, true, false, clusterInternetSecurityGroup, "", clusterInternetDomain); err != nil {
2667+
return err
2668+
}
2669+
// then reopen
2670+
if err := ModifyClusterInternetOrIntranetAccess(ctx, d, &tkeService, true, true, clusterInternetSecurityGroup, "", clusterInternetDomain); err != nil {
2671+
return err
27472672
}
27482673
}
27492674

tencentcloud/resource_tc_kubernetes_cluster_endpoint.go

Lines changed: 77 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -86,6 +86,18 @@ func resourceTencentCloudTkeClusterEndpoint() *schema.Resource {
8686
" This field can only set when field `cluster_deploy_type` is 'MANAGED_CLUSTER' and `cluster_internet` is true." +
8787
" `managed_cluster_internet_security_policies` can not delete or empty once be set.",
8888
},
89+
"cluster_internet_domain": {
90+
Type: schema.TypeString,
91+
Optional: true,
92+
Description: "Domain name for cluster Kube-apiserver internet access. " +
93+
" Be careful if you modify value of this parameter, the cluster_external_endpoint value may be changed automatically too.",
94+
},
95+
"cluster_intranet_domain": {
96+
Type: schema.TypeString,
97+
Optional: true,
98+
Description: "Domain name for cluster Kube-apiserver intranet access." +
99+
" Be careful if you modify value of this parameter, the pgw_endpoint value may be changed automatically too.",
100+
},
89101
"cluster_intranet_subnet_id": {
90102
Type: schema.TypeString,
91103
Optional: true,
@@ -201,6 +213,8 @@ func resourceTencentCloudTkeClusterEndpointCreate(d *schema.ResourceData, meta i
201213
clusterIntranet = d.Get("cluster_intranet").(bool)
202214
intranetSubnetId = d.Get("cluster_intranet_subnet_id").(string)
203215
clusterInternetSecurityGroup = d.Get("cluster_internet_security_group").(string)
216+
clusterInternetDomain = d.Get("cluster_internet_domain").(string)
217+
clusterIntranetDomain = d.Get("cluster_intranet_domain").(string)
204218
)
205219

206220
if err != nil {
@@ -220,7 +234,7 @@ func resourceTencentCloudTkeClusterEndpointCreate(d *schema.ResourceData, meta i
220234

221235
// Create Intranet(Private) Network
222236
if clusterIntranet {
223-
err := tencentCloudClusterIntranetSwitch(ctx, &service, id, intranetSubnetId, true)
237+
err := tencentCloudClusterIntranetSwitch(ctx, &service, id, intranetSubnetId, true, clusterIntranetDomain)
224238
if err != nil {
225239
return err
226240
}
@@ -232,7 +246,7 @@ func resourceTencentCloudTkeClusterEndpointCreate(d *schema.ResourceData, meta i
232246

233247
//TKE_DEPLOY_TYPE_INDEPENDENT Open the internet
234248
if clusterInternet {
235-
err := tencentCloudClusterInternetSwitch(ctx, &service, id, true, clusterInternetSecurityGroup)
249+
err := tencentCloudClusterInternetSwitch(ctx, &service, id, true, clusterInternetSecurityGroup, clusterInternetDomain)
236250
if err != nil {
237251
return err
238252
}
@@ -255,8 +269,15 @@ func resourceTencentCloudTkeClusterEndpointUpdate(d *schema.ResourceData, meta i
255269
client := meta.(*TencentCloudClient).apiV3Conn
256270
service := TkeService{client}
257271
id := d.Id()
258-
clusterInternet := d.Get("cluster_internet").(bool)
259-
clusterInternetSecurityGroup := d.Get("cluster_internet_security_group").(string)
272+
273+
var (
274+
clusterInternet = d.Get("cluster_internet").(bool)
275+
clusterIntranet = d.Get("cluster_intranet").(bool)
276+
clusterInternetSecurityGroup = d.Get("cluster_internet_security_group").(string)
277+
clusterInternetDomain = d.Get("cluster_internet_domain").(string)
278+
clusterIntranetDomain = d.Get("cluster_intranet_domain").(string)
279+
subnetId = d.Get("cluster_intranet_subnet_id").(string)
280+
)
260281

261282
var (
262283
err error
@@ -272,20 +293,62 @@ func resourceTencentCloudTkeClusterEndpointUpdate(d *schema.ResourceData, meta i
272293
}
273294

274295
if d.HasChange("cluster_internet") {
275-
err = tencentCloudClusterInternetSwitch(ctx, &service, id, clusterInternet, clusterInternetSecurityGroup)
296+
err = tencentCloudClusterInternetSwitch(ctx, &service, id, clusterInternet, clusterInternetSecurityGroup, clusterInternetDomain)
276297
if err != nil {
277298
return err
278299
}
279300
err = waitForClusterEndpointFinish(ctx, &service, id, clusterInternet, true)
280301
if err != nil {
281302
return err
282303
}
304+
} else if clusterInternet && d.HasChange("cluster_internet_domain") {
305+
// only domain changed, need to close and reopen
306+
// close
307+
err = tencentCloudClusterInternetSwitch(ctx, &service, id, false, clusterInternetSecurityGroup, clusterInternetDomain)
308+
if err != nil {
309+
return err
310+
}
311+
err = waitForClusterEndpointFinish(ctx, &service, id, false, true)
312+
if err != nil {
313+
return err
314+
}
315+
// reopen
316+
err = tencentCloudClusterInternetSwitch(ctx, &service, id, true, clusterInternetSecurityGroup, clusterInternetDomain)
317+
if err != nil {
318+
return err
319+
}
320+
err = waitForClusterEndpointFinish(ctx, &service, id, true, true)
321+
if err != nil {
322+
return err
323+
}
283324
}
284325

285326
if d.HasChange("cluster_intranet") {
286-
clusterIntranet := d.Get("cluster_intranet").(bool)
287-
subnetId := d.Get("cluster_intranet_subnet_id").(string)
288-
err = tencentCloudClusterIntranetSwitch(ctx, &service, id, subnetId, clusterIntranet)
327+
err = tencentCloudClusterIntranetSwitch(ctx, &service, id, subnetId, clusterIntranet, clusterIntranetDomain)
328+
if err != nil {
329+
return err
330+
}
331+
err = waitForClusterEndpointFinish(ctx, &service, id, clusterIntranet, false)
332+
if err != nil {
333+
return err
334+
}
335+
} else if clusterIntranet && d.HasChange("cluster_intranet_domain") {
336+
// only domain changed, need to close and reopen
337+
// close
338+
err = tencentCloudClusterIntranetSwitch(ctx, &service, id, subnetId, false, clusterIntranetDomain)
339+
if err != nil {
340+
return err
341+
}
342+
err = waitForClusterEndpointFinish(ctx, &service, id, false, false)
343+
if err != nil {
344+
return err
345+
}
346+
// reopen
347+
err = tencentCloudClusterIntranetSwitch(ctx, &service, id, subnetId, true, clusterIntranetDomain)
348+
if err != nil {
349+
return err
350+
}
351+
err = waitForClusterEndpointFinish(ctx, &service, id, true, false)
289352
if err != nil {
290353
return err
291354
}
@@ -320,7 +383,7 @@ func resourceTencentCloudTkeClusterEndpointDelete(d *schema.ResourceData, meta i
320383
)
321384

322385
if clusterInternet {
323-
err = tencentCloudClusterInternetSwitch(ctx, &service, id, false, "")
386+
err = tencentCloudClusterInternetSwitch(ctx, &service, id, false, "", "")
324387
if err != nil {
325388
errs = *multierror.Append(err)
326389
} else {
@@ -332,7 +395,7 @@ func resourceTencentCloudTkeClusterEndpointDelete(d *schema.ResourceData, meta i
332395
}
333396

334397
if clusterIntranet {
335-
err = tencentCloudClusterIntranetSwitch(ctx, &service, id, "", false)
398+
err = tencentCloudClusterIntranetSwitch(ctx, &service, id, "", false, "")
336399
if err != nil {
337400
errs = *multierror.Append(err)
338401
}
@@ -373,10 +436,10 @@ func waitForClusterEndpointFinish(ctx context.Context, service *TkeService, id s
373436
})
374437
}
375438

376-
func tencentCloudClusterInternetSwitch(ctx context.Context, service *TkeService, id string, enable bool, sg string) (err error) {
439+
func tencentCloudClusterInternetSwitch(ctx context.Context, service *TkeService, id string, enable bool, sg string, domain string) (err error) {
377440
err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
378441
if enable {
379-
err = service.CreateClusterEndpoint(ctx, id, "", sg, true)
442+
err = service.CreateClusterEndpoint(ctx, id, "", sg, true, domain)
380443
if err != nil {
381444
return retryError(err, tke.RESOURCEUNAVAILABLE_CLUSTERSTATE)
382445
}
@@ -394,10 +457,10 @@ func tencentCloudClusterInternetSwitch(ctx context.Context, service *TkeService,
394457
return nil
395458
}
396459

397-
func tencentCloudClusterIntranetSwitch(ctx context.Context, service *TkeService, id, subnetId string, enable bool) (err error) {
460+
func tencentCloudClusterIntranetSwitch(ctx context.Context, service *TkeService, id, subnetId string, enable bool, domain string) (err error) {
398461
err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
399462
if enable {
400-
err = service.CreateClusterEndpoint(ctx, id, subnetId, "", false)
463+
err = service.CreateClusterEndpoint(ctx, id, subnetId, "", false, domain)
401464
if err != nil {
402465
return retryError(err, tke.RESOURCEUNAVAILABLE_CLUSTERSTATE)
403466
}

0 commit comments

Comments
 (0)