Redis cluster Multi vpc support (GoogleCloudPlatform#12548)

Co-authored-by: Nick Elliot <[email protected]>

Author: 2 people

mmv1/products/redis/Cluster.yaml

@@ -21,6 +21,10 @@ references:
   api: 'https://cloud.google.com/memorystore/docs/cluster/reference/rest/v1/projects.locations.clusters'
 docs:
   note: |
+    For [Multiple VPC Networking](https://cloud.google.com/memorystore/docs/cluster/about-multiple-vpc-networking) if you want to use
+    [User-registered PSC Connections](https://cloud.google.com/memorystore/docs/cluster/about-multiple-vpc-networking#psc_connection_types),
+    then please use `google_redis_cluster_user_created_connections` resource.
+
     For [Cross Region Replication](https://cloud.google.com/memorystore/docs/cluster/about-cross-region-replication), please follow the instructions below for performing certain update and failover (switchover and detach) operations
 
     **Cross Region Replication**
@@ -263,6 +267,7 @@ properties:
     type: NestedObject
     description: Immutable. Zone distribution config for Memorystore Redis cluster.
     immutable: true
+    default_from_api: true
     properties:
       - name: 'mode'
         type: Enum
@@ -283,7 +288,6 @@ properties:
       Required. Each PscConfig configures the consumer network where two
       network addresses will be designated to the cluster for client access.
       Currently, only one PscConfig is supported.
-    required: true
     ignore_read: true
     item_type:
       type: NestedObject
@@ -687,3 +691,25 @@ properties:
         description: |
           The last time cross cluster replication config was updated.
         output: true
+  - name: 'pscServiceAttachments'
+    type: Array
+    description: Service attachment details to configure Psc connections.
+    output: true
+    item_type:
+      type: NestedObject
+      description: |
+        Configuration of a service attachment of the cluster, for creating PSC connections.
+      properties:
+        - name: 'serviceAttachment'
+          type: String
+          output: true
+          description: |
+              Service attachment URI which your self-created PscConnection should use as
+        - name: 'connectionType'
+          type: Enum
+          output: true
+          enum_values:
+            - 'CONNECTION_TYPE_READER'
+            - 'CONNECTION_TYPE_PRIMARY'
+            - 'CONNECTION_TYPE_DISCOVERY'
+          description: Type of a PSC connection targeting this service attachment.

mmv1/products/redis/ClusterUserCreatedConnections.yaml

@@ -0,0 +1,167 @@
+# Copyright 2024 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+name: 'ClusterUserCreatedConnections'
+api_resource_type_kind: Cluster
+description: |
+  Manages user created connections for Redis cluster
+docs:
+  note: |
+    If you remove a connections item from the resource, the corresponding forwarding rule will no longer be functioning.
+    If the corresponding forwarding rule is represented in your terraform configuration it is recommended to delete that
+    `google_compute_forwarding_rule` resource at the same time.
+references:
+  guides:
+  api: 'https://cloud.google.com/memorystore/docs/cluster/reference/rest/v1/projects.locations.clusters'
+id_format: 'projects/{{project}}/locations/{{region}}/clusters/{{name}}'
+base_url: 'projects/{{project}}/locations/{{region}}/clusters'
+self_link: 'projects/{{project}}/locations/{{region}}/clusters/{{name}}'
+create_url: 'projects/{{project}}/locations/{{region}}/clusters/{{name}}?updateMask=cluster_endpoints'
+create_verb: PATCH
+update_verb: 'PATCH'
+update_url: 'projects/{{project}}/locations/{{region}}/clusters/{{name}}?updateMask=cluster_endpoints'
+update_mask: true
+custom_code:
+  custom_delete: 'templates/terraform/custom_delete/redis_cluster_user_created_connections.go.tmpl'
+timeouts:
+  insert_minutes: 60
+  update_minutes: 120
+  delete_minutes: 30
+autogen_async: true
+async:
+  actions: ['create', 'delete', 'update']
+  type: 'OpAsync'
+  operation:
+    base_url: '{{op_id}}'
+  result:
+    resource_inside_response: false
+examples:
+  - name: 'redis_cluster_user_created_connections'
+    primary_resource_id: 'cluster-user-conn'
+    vars:
+      cluster_name: 'cluster-user-conn'
+      network1_name: 'net1'
+      subnet_network1_name: 'subnet-net1'
+      ip1_network1_name: 'ip1-net1'
+      ip2_network1_name: 'ip2-net1'
+      forwarding_rule1_network1_name: 'fwd1-net1'
+      forwarding_rule2_network1_name: 'fwd2-net1'
+      network2_name: 'network2'
+      subnet_network2_name: 'subnet-net2'
+      ip1_network2_name: 'ip1-net2'
+      ip2_network2_name: 'ip2-net2'
+      forwarding_rule1_network2_name: 'fwd1-net2'
+      forwarding_rule2_network2_name: 'fwd2-net2'
+  - name: 'redis_cluster_user_and_auto_created_connections'
+    primary_resource_id: 'cluster-user-auto-conn'
+    vars:
+      cluster_name: 'cluster-user-auto-conn'
+      network1_name: 'net1'
+      subnet_network1_name: 'subnet-net1'
+      policy_name: 'scpolicy'
+      network2_name: 'network2'
+      subnet_network2_name: 'subnet-net2'
+      ip1_network2_name: 'ip1-net2'
+      ip2_network2_name: 'ip2-net2'
+      forwarding_rule1_network2_name: 'fwd1-net2'
+      forwarding_rule2_network2_name: 'fwd2-net2'
+parameters:
+  - name: 'name'
+    type: String
+    description: |
+      The name of the Redis cluster these endpoints should be added to.
+    required: true
+    url_param_only: true
+  - name: 'region'
+    type: String
+    description: |
+      The name of the region of the Redis cluster these endpoints should be added to.
+    url_param_only: true
+    required: true
+properties:
+  - name: 'clusterEndpoints'
+    type: Array
+    description: "A list of cluster endpoints"
+    item_type:
+      type: NestedObject
+      description: |
+        ClusterEndpoint consists of PSC connections that are created
+        as a group in each VPC network for accessing the cluster. In each group,
+        there shall be one connection for each service attachment in the cluster.
+      properties:
+        - name: connections
+          type: Array
+          item_type:
+            type: NestedObject
+            name: 'connections'
+            properties:
+              - name: 'pscConnection'
+                type: NestedObject
+                description: |
+                  Detailed information of a PSC connection that is created by the customer
+                  who owns the cluster.
+                properties:
+                  - name: 'pscConnectionId'
+                    type: String
+                    description:
+                      "The PSC connection id of the forwarding rule connected
+                      to the\nservice attachment."
+                    required: true
+                  - name: 'address'
+                    type: String
+                    description:
+                      "The IP allocated on the consumer network for the
+                      PSC forwarding rule. "
+                    required: true
+                  - name: 'forwardingRule'
+                    type: String
+                    description: "The URI of the consumer side forwarding rule.\nFormat:\nprojects/{project}/regions/{region}/forwardingRules/{forwarding_rule} "
+                    required: true
+                  - name: 'projectId'
+                    type: String
+                    description:
+                      "The consumer project_id where the forwarding rule is
+                      created from. "
+                    default_from_api: true
+                  - name: 'network'
+                    type: String
+                    description:
+                      "The consumer network where the IP address resides, in
+                      the form of\nprojects/{project_id}/global/networks/{network_id}. "
+                    required: true
+                  - name: 'serviceAttachment'
+                    type: String
+                    description:
+                      "The service attachment which is the target of the PSC connection, in the form of
+                      projects/{project-id}/regions/{region}/serviceAttachments/{service-attachment-id}."
+                    required: true
+                  - name: 'pscConnectionStatus'
+                    type: Enum
+                    description:
+                      "Output Only. The status of the PSC connection: whether a connection exists and ACTIVE or it no longer exists.
+                      \n Possible values:\n ACTIVE \n NOT_FOUND"
+                    output: true
+                    enum_values:
+                      - 'ACTIVE'
+                      - 'NOT_FOUND'
+                  - name: 'connectionType'
+                    type: Enum
+                    description:
+                      "Output Only. Type of a PSC Connection.
+                      \n Possible values:\n CONNECTION_TYPE_DISCOVERY \n CONNECTION_TYPE_PRIMARY \n CONNECTION_TYPE_READER"
+                    output: true
+                    enum_values:
+                      - 'CONNECTION_TYPE_READER'
+                      - 'CONNECTION_TYPE_PRIMARY'
+                      - 'CONNECTION_TYPE_DISCOVERY'

mmv1/templates/terraform/custom_delete/redis_cluster_user_created_connections.go.tmpl

@@ -0,0 +1,65 @@
+	billingProject := ""
+
+	project, err := tpgresource.GetProject(d, config)
+	if err != nil {
+		return fmt.Errorf("Error fetching project for ClusterUserCreatedConnections: %s", err)
+	}
+	billingProject = project
+
+	obj := make(map[string]interface{})
+    // not setting clusterEndpoints in obj
+
+
+	url, err := tpgresource.ReplaceVars(d, config, "{{"{{"}}RedisBasePath{{"}}"}}projects/{{"{{"}}project{{"}}"}}/locations/{{"{{"}}region{{"}}"}}/clusters/{{"{{"}}name{{"}}"}}")
+	if err != nil {
+		return err
+	}
+
+	log.Printf("[DEBUG] Updating ClusterUserCreatedConnections %q: %#v", d.Id(), obj)
+	headers := make(http.Header)
+
+	updateMask := []string{}
+	updateMask = append(updateMask, "clusterEndpoints")
+	// updateMask is a URL parameter but not present in the schema, so ReplaceVars
+	// won't set it
+	url, err = transport_tpg.AddQueryParams(url, map[string]string{"updateMask": strings.Join(updateMask, ",")})
+	if err != nil {
+		return err
+	}
+
+	// err == nil indicates that the billing_project value was found
+	if bp, err := tpgresource.GetBillingProject(d, config); err == nil {
+		billingProject = bp
+	}
+
+	obj["async_cluster_endpoints_deletion_enabled"] = true
+	
+	// if updateMask is empty we are not updating anything so skip the post
+	if len(updateMask) > 0 {
+		res, err := transport_tpg.SendRequest(transport_tpg.SendRequestOptions{
+			Config:    config,
+			Method:    "PATCH",
+			Project:   billingProject,
+			RawURL:    url,
+			UserAgent: userAgent,
+			Body:      obj,
+			Timeout:   d.Timeout(schema.TimeoutUpdate),
+			Headers:   headers,
+		})
+
+		if err != nil {
+			return fmt.Errorf("Error updating ClusterUserCreatedConnections %q: %s", d.Id(), err)
+		} else {
+			log.Printf("[DEBUG] Finished updating ClusterUserCreatedConnections %q: %#v", d.Id(), res)
+		}
+
+		err = RedisOperationWaitTime(
+			config, res, project, "Updating ClusterUserCreatedConnections", userAgent,
+			d.Timeout(schema.TimeoutUpdate))
+
+		if err != nil {
+			return err
+		}
+	}
+
+	return resourceRedisClusterUserCreatedConnectionsRead(d, meta)

mmv1/templates/terraform/examples/redis_cluster_user_and_auto_created_connections.tf.tmpl

@@ -0,0 +1,108 @@
+resource "google_redis_cluster_user_created_connections" "{{$.PrimaryResourceId}}" {
+  name = "{{index $.Vars "cluster_name"}}"
+  region = "us-central1"
+  cluster_endpoints {
+    connections {
+      psc_connection {
+        psc_connection_id = google_compute_forwarding_rule.forwarding_rule1_network2.psc_connection_id
+        address = google_compute_address.ip1_network2.address
+        forwarding_rule = google_compute_forwarding_rule.forwarding_rule1_network2.id
+        network = google_compute_network.network2.id
+        service_attachment = google_redis_cluster.{{$.PrimaryResourceId}}.psc_service_attachments[0].service_attachment
+      }
+    }
+    connections {
+      psc_connection {
+        psc_connection_id = google_compute_forwarding_rule.forwarding_rule2_network2.psc_connection_id
+        address = google_compute_address.ip2_network2.address
+        forwarding_rule = google_compute_forwarding_rule.forwarding_rule2_network2.id
+        network = google_compute_network.network2.id
+        service_attachment = google_redis_cluster.{{$.PrimaryResourceId}}.psc_service_attachments[1].service_attachment
+      }
+    }
+  }
+}
+
+resource "google_compute_forwarding_rule" "forwarding_rule1_network2" {
+  name                   = "{{index $.Vars "forwarding_rule1_network2_name"}}"
+  region                 = "us-central1"
+  ip_address             = google_compute_address.ip1_network2.id
+  load_balancing_scheme  = ""
+  network                = google_compute_network.network2.id
+  target                 = google_redis_cluster.{{$.PrimaryResourceId}}.psc_service_attachments[0].service_attachment
+}
+
+resource "google_compute_forwarding_rule" "forwarding_rule2_network2" {
+  name                   = "{{index $.Vars "forwarding_rule2_network2_name"}}"
+  region                 = "us-central1"
+  ip_address             = google_compute_address.ip2_network2.id
+  load_balancing_scheme  = ""
+  network                = google_compute_network.network2.id
+  target                 = google_redis_cluster.{{$.PrimaryResourceId}}.psc_service_attachments[1].service_attachment
+}
+
+resource "google_compute_address" "ip1_network2" {
+  name         = "{{index $.Vars "ip1_network2_name"}}"
+  region       = "us-central1"
+  subnetwork   = google_compute_subnetwork.subnet_network2.id
+  address_type = "INTERNAL"
+  purpose      = "GCE_ENDPOINT"
+}
+
+resource "google_compute_address" "ip2_network2" {
+  name         = "{{index $.Vars "ip2_network2_name"}}"
+  region       = "us-central1"
+  subnetwork   = google_compute_subnetwork.subnet_network2.id
+  address_type = "INTERNAL"
+  purpose      = "GCE_ENDPOINT"
+}
+
+resource "google_compute_subnetwork" "subnet_network2" {
+  name          = "{{index $.Vars "subnet_network2_name"}}"
+  ip_cidr_range = "10.0.0.248/29"
+  region        = "us-central1"
+  network       = google_compute_network.network2.id
+}
+
+resource "google_compute_network" "network2" {
+  name                    = "{{index $.Vars "network2_name"}}"
+  auto_create_subnetworks = false
+}
+
+// redis cluster without endpoint
+resource "google_redis_cluster" "{{$.PrimaryResourceId}}" {
+  name           = "{{index $.Vars "cluster_name"}}"
+  shard_count    = 3
+  region = "us-central1"
+  replica_count = 0
+  deletion_protection_enabled = false
+  psc_configs {
+    network = google_compute_network.network1.id
+  }
+  depends_on = [
+    google_network_connectivity_service_connection_policy.default
+  ]
+}
+
+resource "google_network_connectivity_service_connection_policy" "default" {
+  name = "{{index $.Vars "policy_name"}}"
+  location = "us-central1"
+  service_class = "gcp-memorystore-redis"
+  description   = "my basic service connection policy"
+  network = google_compute_network.network1.id
+  psc_config {
+    subnetworks = [google_compute_subnetwork.subnet_network1.id]
+  }
+}
+
+resource "google_compute_subnetwork" "subnet_network1" {
+  name          = "{{index $.Vars "subnet_network1_name"}}"
+  ip_cidr_range = "10.0.0.248/29"
+  region        = "us-central1"
+  network       = google_compute_network.network1.id
+}
+
+resource "google_compute_network" "network1" {
+  name                    = "{{index $.Vars "network1_name"}}"
+  auto_create_subnetworks = false
+}