Implement policy edge transport node RTEP

Signed-off-by: Kobi Samoray <[email protected]>

Author: ksamoray

Diff for: nsxt/provider.go

@@ -542,6 +542,7 @@ func Provider() *schema.Provider {
 			"nsxt_policy_edge_transport_node":            resourceNsxtPolicyEdgeTransportNode(),
 			"nsxt_policy_edge_high_availability_profile": resourceNsxtPolicyEdgeHighAvailabilityProfile(),
 			"nsxt_policy_edge_cluster":                   resourceNsxtPolicyEdgeCluster(),
+			"nsxt_policy_edge_transport_node_rtep":       resourceNsxtPolicyEdgeTransportNodeRTEP(),
 		},
 
 		ConfigureFunc: providerConfigure,

Diff for: nsxt/resource_nsxt_policy_edge_transport_node_rtep.go

@@ -0,0 +1,203 @@
+// © Broadcom. All Rights Reserved.
+// The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
+// SPDX-License-Identifier: MPL-2.0
+
+package nsxt
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+	"github.com/vmware/vsphere-automation-sdk-go/lib/vapi/std/errors"
+	"github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra/sites/enforcement_points"
+	"github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model"
+)
+
+var rtepAssignments = []string{
+	"static_ipv4_list",
+	"static_ipv4_pool",
+}
+
+func resourceNsxtPolicyEdgeTransportNodeRTEP() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceNsxtPolicyEdgeTransportNodeRTEPCreate,
+		Read:   resourceNsxtPolicyEdgeTransportNodeRTEPRead,
+		Update: resourceNsxtPolicyEdgeTransportNodeRTEPUpdate,
+		Delete: resourceNsxtPolicyEdgeTransportNodeRTEPDelete,
+		Importer: &schema.ResourceImporter{
+			State: resourceNsxtPolicyEdgeTransportNodeRTEPImporter,
+		},
+		Schema: map[string]*schema.Schema{
+			"edge_transport_node_path": {
+				Type:        schema.TypeString,
+				Description: "Policy path of Edge transport node to associate with remote tunnel endpoint.",
+				Required:    true,
+				ForceNew:    true,
+			},
+			"host_switch_name": {
+				Type:        schema.TypeString,
+				Description: "The host switch name to be used for the remote tunnel endpoint",
+				Required:    true,
+				ForceNew:    true,
+			},
+			"ip_assignment": getPolicyIPAssignmentSchema(false, 1, 1, rtepAssignments),
+			"named_teaming_policy": {
+				Type:        schema.TypeString,
+				Description: "The named teaming policy to be used by the remote tunnel endpoint",
+				Optional:    true,
+			},
+			"vlan": {
+				Type:         schema.TypeInt,
+				Description:  "VLAN id for remote tunnel endpoint",
+				Required:     true,
+				ValidateFunc: validation.IntBetween(0, 4094),
+			},
+		},
+	}
+}
+
+func getEdgeTransportNodeKeysFromPath(path string) (string, string, string) {
+	siteID := getResourceIDFromResourcePath(path, "sites")
+	epID := getResourceIDFromResourcePath(path, "enforcement-points")
+	id := getResourceIDFromResourcePath(path, "edge-transport-nodes")
+
+	return siteID, epID, id
+}
+
+func setNsxtPolicyEdgeTransportNodeRTEP(d *schema.ResourceData, m interface{}, op string) error {
+	connector := getPolicyConnector(m)
+
+	tnPath := d.Get("edge_transport_node_path").(string)
+	client := enforcement_points.NewEdgeTransportNodesClient(connector)
+
+	siteID, epID, edgeID := getEdgeTransportNodeKeysFromPath(tnPath)
+	obj, err := client.Get(siteID, epID, edgeID)
+	if err != nil {
+		return err
+	}
+
+	hswName := d.Get("host_switch_name").(string)
+	found := false
+
+	for i, hsw := range obj.SwitchSpec.Switches {
+		if *hsw.SwitchName == hswName {
+			{
+				found = true
+				if len(hsw.RemoteTunnelEndpoint) > 0 && op == "create" {
+					return fmt.Errorf("remote tunnel endpoint for Edge transport node %s already exists", tnPath)
+				}
+
+				var rteps []model.PolicyEdgeTransportNodeRtepConfig
+
+				if op != "delete" {
+					ipAssignments, err := getPolicyIPAssignmentsFromSchema(d.Get("ip_assignment"))
+					if err != nil {
+						return err
+					}
+					namedTeamingPolicy := d.Get("named_teaming_policy").(string)
+					vlan := int64(d.Get("vlan").(int))
+					rteps = []model.PolicyEdgeTransportNodeRtepConfig{
+						{
+							IpAssignmentSpecs:  ipAssignments,
+							NamedTeamingPolicy: &namedTeamingPolicy,
+							Vlan:               &vlan,
+						},
+					}
+				}
+
+				obj.SwitchSpec.Switches[i].RemoteTunnelEndpoint = rteps
+
+				err = client.Patch(siteID, epID, edgeID, obj)
+				if err != nil {
+					return err
+				}
+
+				if op == "create" {
+					d.SetId(fmt.Sprintf("%s:%s", tnPath, hswName))
+				}
+			}
+		}
+	}
+
+	if !found {
+		return fmt.Errorf("switch %s not found for Edge transport node %s", hswName, tnPath)
+	}
+
+	return resourceNsxtPolicyEdgeTransportNodeRTEPRead(d, m)
+}
+
+func resourceNsxtPolicyEdgeTransportNodeRTEPCreate(d *schema.ResourceData, m interface{}) error {
+	return setNsxtPolicyEdgeTransportNodeRTEP(d, m, "create")
+}
+
+func resourceNsxtPolicyEdgeTransportNodeRTEPRead(d *schema.ResourceData, m interface{}) error {
+	connector := getPolicyConnector(m)
+
+	tnPath := d.Get("edge_transport_node_path").(string)
+	client := enforcement_points.NewEdgeTransportNodesClient(connector)
+
+	siteID, epID, edgeID := getEdgeTransportNodeKeysFromPath(tnPath)
+	obj, err := client.Get(siteID, epID, edgeID)
+	if err != nil {
+		return err
+	}
+
+	hswName := d.Get("host_switch_name").(string)
+
+	for _, hsw := range obj.SwitchSpec.Switches {
+		if *hsw.SwitchName == hswName {
+			{
+				if len(hsw.RemoteTunnelEndpoint) > 0 {
+					return errors.NotFound{}
+				}
+
+				ipAssignment, err := setPolicyIPAssignmentsInSchema(obj.ManagementInterface.IpAssignmentSpecs)
+				if err != nil {
+					return err
+				}
+
+				// Only one RTEP is supported
+				d.Set("ip_assignment", ipAssignment)
+				d.Set("named_teaming_policy", hsw.RemoteTunnelEndpoint[0].NamedTeamingPolicy)
+				d.Set("vlan", hsw.RemoteTunnelEndpoint[0].Vlan)
+
+				return nil
+			}
+		}
+	}
+
+	return errors.NotFound{}
+}
+
+func resourceNsxtPolicyEdgeTransportNodeRTEPUpdate(d *schema.ResourceData, m interface{}) error {
+	return setNsxtPolicyEdgeTransportNodeRTEP(d, m, "update")
+}
+
+func resourceNsxtPolicyEdgeTransportNodeRTEPDelete(d *schema.ResourceData, m interface{}) error {
+	return setNsxtPolicyEdgeTransportNodeRTEP(d, m, "delete")
+}
+
+func resourceNsxtPolicyEdgeTransportNodeRTEPImporter(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) {
+	importID := d.Id()
+	segs := strings.Split(importID, ":")
+	if len(segs) != 2 {
+		return []*schema.ResourceData{d}, fmt.Errorf("import parameter %s should have a policy path to PolicyEdgeTransportNode and a switch_name, separated by ':'", importID)
+	}
+	tnPath := segs[0]
+
+	err := validateImportPolicyPath(tnPath)
+	if err != nil {
+		return []*schema.ResourceData{d}, err
+	}
+
+	hswName := segs[1]
+
+	d.Set("edge_transport_node_path", tnPath)
+	d.Set("host_switch_name", hswName)
+
+	d.SetId(fmt.Sprintf("%s:%s", tnPath, hswName))
+
+	return []*schema.ResourceData{d}, nil
+}

Diff for: website/docs/r/policy_edge_transport_node_rtep.html.markdown

@@ -0,0 +1,61 @@
+---
+subcategory: "Beta"
+layout: "nsxt"
+page_title: "NSXT: nsxt_policy_edge_transport_node_rtep"
+description: A resource to configure an Policy Edge Transport Node RTEP (remote tunnel endpoint).
+---
+
+# nsxt_policy_edge_transport_node_rtep
+
+This resource provides a method for the management of a Policy Edge Transport Node RTEP (remote tunnel endpoint).
+This resource is supported with NSX 9.0.0 onwards.
+
+## Example Usage
+
+```hcl
+data "nsxt_policy_node" "test_node" {
+  display_name = "edgenode1"
+}
+
+data "nsxt_policy_ip_pool" "ip_pool1" {
+  display_name = "ip-pool1"
+}
+
+resource "nsxt_policy_edge_transport_node_rtep" "test_rtep" {
+  edge_transport_node_path = data.nsxt_edge_node.test_node.path
+  host_switch_name         = "someSwitch"
+  ip_assignment {
+    static_ipv4_pool = data.nsxt_policy_ip_pool.ip_pool1.path
+  }
+  named_teaming_policy = "tp123"
+  vlan                 = 500
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `edge_transport_node_path` - (Required) Policy path for Policy Edge Transport Node to associate with remote tunnel endpoint.
+* `host_switch_name` - (Required) The host switch name to be used for the remote tunnel endpoint.
+* `ip_assignment` - (Required) - Specification for IPs to be used with host switch virtual tunnel endpoints. Should contain exatly one of the below:
+  * `static_ipv4_list` - (Optional) IP assignment specification value for Static IPv4 List.
+    * `default_gateway` - (Required) Gateway IP.
+    * `ip_addresses` - (Required) List of IPV4 addresses for edge transport node host switch virtual tunnel endpoints.
+    * `subnet_mask` - (Required) Subnet mask.
+  * `static_ipv4_pool` - (Optional) IP assignment specification for Static IPv4 Pool. Input can be MP ip pool UUID or policy path of IP pool.
+* `vlan` - (Required) VLAN id for remote tunnel endpoint.
+* `named_teaming_policy` - (Optional) The named teaming policy to be used by the remote tunnel endpoint.
+
+## Importing
+
+An existing Edge Transport Node RTEP can be [imported][docs-import] into this resource, via the following command:
+
+[docs-import]: https://www.terraform.io/cli/import
+
+```
+terraform import nsxt_policy_edge_transport_node_rtep.test POLICY_PATH:SWITCH_ID
+```
+The above command imports Policy Edge Transport Node RTEP named `test` with the NSX Policy Transport Node path `POLICY_PATH` and host_switch_name `SWITCH_ID`.
+
+**NOTE:** The Policy Edge Transport Node path and host_switch_name are separated by a colon.