Added - LBCP ppv2 support

oracle · Oct 9, 2024 · 4d3227c · 4d3227c
1 parent b53e55b
commit 4d3227c
Show file tree

Hide file tree

Showing 5 changed files with 55 additions and 6 deletions.
diff --git a/examples/load_balancer/lb_full/lb_full.tf b/examples/load_balancer/lb_full/lb_full.tf
@@ -65,7 +65,6 @@ variable "availability_domain" {
 }
 
 provider "oci" {
-  // version          = "6.9.0" // published on August 27, 2024.
   tenancy_ocid     = var.tenancy_ocid
   user_ocid        = var.user_ocid
   fingerprint      = var.fingerprint
@@ -74,12 +73,12 @@ provider "oci" {
 }
 
 data "oci_identity_availability_domain" "ad1" {
-  compartment_id = var.compartment_ocid // needs to be compartment_ocid if not using root compartment
+  compartment_id = var.tenancy_ocid // needs to be compartment_ocid if not using root compartment
   ad_number      = 1
 }
 
 data "oci_identity_availability_domain" "ad2" {
-  compartment_id = var.compartment_ocid // needs to be compartment_ocid if not using root compartment
+  compartment_id = var.tenancy_ocid // needs to be compartment_ocid if not using root compartment
   ad_number      = 2
 }
 
@@ -476,7 +475,8 @@ resource "oci_load_balancer_listener" "lb-listener3" {
 
   connection_configuration {
     idle_timeout_in_seconds            = "2"
-    backend_tcp_proxy_protocol_version = "1"
+    backend_tcp_proxy_protocol_version = "2"
+    backend_tcp_proxy_protocol_options = ["PP2_TYPE_AUTHORITY"]
   }
 }
 

diff --git a/internal/integrationtest/load_balancer_listener_tcp_test.go b/internal/integrationtest/load_balancer_listener_tcp_test.go
@@ -30,6 +30,7 @@ var (
 	listenerTcpConnectionConfigurationRepresentation = map[string]interface{}{
 		"idle_timeout_in_seconds":            acctest.Representation{RepType: acctest.Required, Create: `10`, Update: `11`},
 		"backend_tcp_proxy_protocol_version": acctest.Representation{RepType: acctest.Optional, Create: `1`, Update: `2`},
+		"backend_tcp_proxy_protocol_options": acctest.Representation{RepType: acctest.Optional, Update: []string{`PP2_TYPE_AUTHORITY`}},
 	}
 )
 
@@ -60,6 +61,7 @@ func TestLoadBalancerListenerTcpResource_basic(t *testing.T) {
 				Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 					resource.TestCheckResourceAttr(resourceName, "connection_configuration.#", "1"),
 					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.backend_tcp_proxy_protocol_version", "1"),
+					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.backend_tcp_proxy_protocol_options.#", "0"),
 					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.idle_timeout_in_seconds", "10"),
 					resource.TestCheckResourceAttrSet(resourceName, "load_balancer_id"),
 					resource.TestCheckResourceAttr(resourceName, "name", "mylistener"),
@@ -76,6 +78,8 @@ func TestLoadBalancerListenerTcpResource_basic(t *testing.T) {
 				Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 					resource.TestCheckResourceAttr(resourceName, "connection_configuration.#", "1"),
 					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.backend_tcp_proxy_protocol_version", "2"),
+					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.backend_tcp_proxy_protocol_options.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.backend_tcp_proxy_protocol_options.0", "PP2_TYPE_AUTHORITY"),
 					resource.TestCheckResourceAttr(resourceName, "connection_configuration.0.idle_timeout_in_seconds", "11"),
 					resource.TestCheckResourceAttrSet(resourceName, "load_balancer_id"),
 					resource.TestCheckResourceAttr(resourceName, "name", "mylistener"),

diff --git a/internal/service/load_balancer/load_balancer_listener_resource.go b/internal/service/load_balancer/load_balancer_listener_resource.go
@@ -72,6 +72,16 @@ func LoadBalancerListenerResource() *schema.Resource {
 							DiffSuppressFunc: tfresource.Int64StringDiffSuppressFunction,
 						},
 
+						// Optional
+						"backend_tcp_proxy_protocol_options": {
+							Type:     schema.TypeList,
+							Optional: true,
+							Computed: true,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+						},
+
 						// Optional
 						"backend_tcp_proxy_protocol_version": {
 							Type:     schema.TypeInt,
@@ -643,9 +653,38 @@ func parseListenerCompositeId(compositeId string) (listenerName string, loadBala
 	return
 }
 
+func toString(s []oci_load_balancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum) []string {
+	c := make([]string, len(s))
+	for i, v := range s {
+		c[i] = string(v)
+	}
+	return c
+}
+
+func toBackendTcpProxyProtocolOptionsEnum(s []string) []oci_load_balancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum {
+	c := make([]oci_load_balancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum, len(s))
+	for i, v := range s {
+		c[i] = oci_load_balancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum(v)
+	}
+	return c
+}
+
 func (s *LoadBalancerListenerResourceCrud) mapToConnectionConfiguration(fieldKeyFormat string) (oci_load_balancer.ConnectionConfiguration, error) {
 	result := oci_load_balancer.ConnectionConfiguration{}
 
+	if backendTcpProxyProtocolOptions, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "backend_tcp_proxy_protocol_options")); ok {
+		interfaces := backendTcpProxyProtocolOptions.([]interface{})
+		tmp := make([]string, len(interfaces))
+		for i := range interfaces {
+			if interfaces[i] != nil {
+				tmp[i] = interfaces[i].(string)
+			}
+		}
+		if len(tmp) != 0 || s.D.HasChange(fmt.Sprintf(fieldKeyFormat, "backend_tcp_proxy_protocol_options")) {
+			result.BackendTcpProxyProtocolOptions = toBackendTcpProxyProtocolOptionsEnum(tmp)
+		}
+	}
+
 	if backendTcpProxyProtocolVersion, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "backend_tcp_proxy_protocol_version")); ok {
 		tmp := backendTcpProxyProtocolVersion.(int)
 		// Terraform v11 will auto assign nil value to 0 which is invalid value
@@ -670,6 +709,10 @@ func (s *LoadBalancerListenerResourceCrud) mapToConnectionConfiguration(fieldKey
 func ConnectionConfigurationToMap(obj *oci_load_balancer.ConnectionConfiguration) map[string]interface{} {
 	result := map[string]interface{}{}
 
+	if obj.BackendTcpProxyProtocolOptions != nil {
+		result["backend_tcp_proxy_protocol_options"] = toString(obj.BackendTcpProxyProtocolOptions)
+	}
+
 	if obj.BackendTcpProxyProtocolVersion != nil {
 		result["backend_tcp_proxy_protocol_version"] = int(*obj.BackendTcpProxyProtocolVersion)
 	}

diff --git a/website/docs/d/load_balancer_load_balancers.html.markdown b/website/docs/d/load_balancer_load_balancers.html.markdown
@@ -127,8 +127,8 @@ The following attributes are exported:
 
 		The values must be between minimumBandwidthInMbps and 8000 (8Gbps).
 
-		Example: `1500`
-	* `minimum_bandwidth_in_mbps` - Bandwidth in Mbps that determines the total pre-provisioned bandwidth (ingress plus egress). The values must be between 10 and the maximumBandwidthInMbps.  Example: `150` 
+      Example: `1500`
+    * `minimum_bandwidth_in_mbps` - Bandwidth in Mbps that determines the total pre-provisioned bandwidth (ingress plus egress). The values must be between 0 and the maximumBandwidthInMbps in multiples of 10. The current allowed maximum value is defined in [Service Limits](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/servicelimits.htm).  Example: `150`
 * `ssl_cipher_suites` - The configuration details of an SSL cipher suite.
 
 	The algorithms that compose a cipher suite help you secure Transport Layer Security (TLS) or Secure Socket Layer (SSL) network connections. A cipher suite defines the list of security algorithms your load balancer uses to negotiate with peers while sending and receiving information. The cipher suites you use affect the security level, performance, and compatibility of your data traffic.

diff --git a/website/docs/r/load_balancer_listener.html.markdown b/website/docs/r/load_balancer_listener.html.markdown
@@ -29,6 +29,7 @@ resource "oci_load_balancer_listener" "test_listener" {
 		idle_timeout_in_seconds = var.listener_connection_configuration_idle_timeout_in_seconds
 
 		#Optional
+		backend_tcp_proxy_protocol_options = var.listener_connection_configuration_backend_tcp_proxy_protocol_options
 		backend_tcp_proxy_protocol_version = var.listener_connection_configuration_backend_tcp_proxy_protocol_version
 	}
 	hostname_names = [oci_load_balancer_hostname.test_hostname.name]
@@ -55,6 +56,7 @@ resource "oci_load_balancer_listener" "test_listener" {
 The following arguments are supported:
 
 * `connection_configuration` - (Optional) (Updatable) Configuration details for the connection between the client and backend servers. 
+	* `backend_tcp_proxy_protocol_options` - (Optional) (Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"] 
 	* `backend_tcp_proxy_protocol_version` - (Required when `protocol` = `TCP`) (Updatable) The backend TCP Proxy Protocol version.  Example: `1` 
 	* `idle_timeout_in_seconds` - (Required) (Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.