diff --git a/google/resource_container_cluster.go b/google/resource_container_cluster.go index a582a0ca876..19c34f1fd0d 100644 --- a/google/resource_container_cluster.go +++ b/google/resource_container_cluster.go @@ -328,11 +328,11 @@ func resourceContainerCluster() *schema.Resource { }, "network": { - Type: schema.TypeString, - Optional: true, - Default: "default", - ForceNew: true, - StateFunc: StoreResourceName, + Type: schema.TypeString, + Optional: true, + Default: "default", + ForceNew: true, + DiffSuppressFunc: compareSelfLinkOrResourceName, }, "network_policy": { @@ -566,7 +566,7 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er if err != nil { return err } - cluster.Network = network.Name + cluster.Network = network.RelativeLink() } if v, ok := d.GetOk("network_policy"); ok && len(v.([]interface{})) > 0 { @@ -574,7 +574,11 @@ func resourceContainerClusterCreate(d *schema.ResourceData, meta interface{}) er } if v, ok := d.GetOk("subnetwork"); ok { - cluster.Subnetwork = v.(string) + subnetwork, err := ParseSubnetworkFieldValue(v.(string), d, config) + if err != nil { + return err + } + cluster.Subnetwork = subnetwork.RelativeLink() } if v, ok := d.GetOk("addons_config"); ok { @@ -747,8 +751,8 @@ func resourceContainerClusterRead(d *schema.ResourceData, meta interface{}) erro d.Set("enable_legacy_abac", cluster.LegacyAbac.Enabled) d.Set("logging_service", cluster.LoggingService) d.Set("monitoring_service", cluster.MonitoringService) - d.Set("network", cluster.Network) - d.Set("subnetwork", cluster.Subnetwork) + d.Set("network", cluster.NetworkConfig.Network) + d.Set("subnetwork", cluster.NetworkConfig.Subnetwork) if err := d.Set("node_config", flattenNodeConfig(cluster.NodeConfig)); err != nil { return err } diff --git a/google/resource_container_cluster_test.go b/google/resource_container_cluster_test.go index 390a564c551..2f4588d3e7a 100644 --- a/google/resource_container_cluster_test.go +++ b/google/resource_container_cluster_test.go @@ -1134,6 +1134,32 @@ func TestAccContainerCluster_withPodSecurityPolicy(t *testing.T) { }) } +func TestAccContainerCluster_sharedVpc(t *testing.T) { + t.Parallel() + + clusterName := fmt.Sprintf("cluster-test-%s", acctest.RandString(10)) + org := getTestOrgFromEnv(t) + billingId := getTestBillingAccountFromEnv(t) + projectName := acctest.RandomWithPrefix("tf-xpntest-") + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckContainerClusterDestroy, + Steps: []resource.TestStep{ + { + Config: testAccContainerCluster_sharedVpc(org, billingId, projectName, clusterName), + }, + { + ResourceName: "google_container_cluster.shared_vpc_cluster", + ImportStateIdPrefix: "us-central1-a/", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func testAccCheckContainerClusterDestroy(s *terraform.State) error { config := testAccProvider.Meta().(*Config) @@ -2099,3 +2125,64 @@ resource "google_container_cluster" "with_private_cluster" { } }`, clusterName, clusterName) } + +func testAccContainerCluster_sharedVpc(org, billingId, projectName, name string) string { + return fmt.Sprintf(` +resource "google_project" "host_project" { + name = "Test Project XPN Host" + project_id = "%s-host" + org_id = "%s" + billing_account = "%s" +} + +resource "google_project_service" "host_project" { + project = "${google_project.host_project.project_id}" + service = "container.googleapis.com" +} + +resource "google_compute_shared_vpc_host_project" "host_project" { + project = "${google_project_service.host_project.project}" +} + +resource "google_project" "service_project" { + name = "Test Project XPN Service" + project_id = "%s-service" + org_id = "%s" + billing_account = "%s" +} + +resource "google_project_service" "service_project" { + project = "${google_project.service_project.project_id}" + service = "container.googleapis.com" +} + +resource "google_compute_shared_vpc_service_project" "service_project" { + host_project = "${google_compute_shared_vpc_host_project.host_project.project}" + service_project = "${google_project_service.service_project.project}" +} + +resource "google_compute_network" "shared-network" { + name = "test-%s" + project = "${google_compute_shared_vpc_host_project.host_project.project}" + + auto_create_subnetworks = false +} + +resource "google_compute_subnetwork" "shared-subnetwork" { + name = "test-%s" + ip_cidr_range = "10.0.0.0/16" + region = "us-central1" + network = "${google_compute_network.shared-network.self_link}" + project = "${google_compute_shared_vpc_host_project.host_project.project}" +} + +resource "google_container_cluster" "shared_vpc_cluster" { + name = "%s" + zone = "us-central1-a" + initial_node_count = 1 + project = "${google_compute_shared_vpc_service_project.service_project.service_project}" + + network = "${google_compute_network.shared-network.self_link}" + subnetwork = "${google_compute_subnetwork.shared-subnetwork.self_link}" +}`, projectName, org, billingId, projectName, org, billingId, acctest.RandString(10), acctest.RandString(10), name) +} diff --git a/website/docs/r/container_cluster.html.markdown b/website/docs/r/container_cluster.html.markdown index 0f010bc9394..1c27e639b01 100644 --- a/website/docs/r/container_cluster.html.markdown +++ b/website/docs/r/container_cluster.html.markdown @@ -141,7 +141,8 @@ output "cluster_ca_certificate" { `monitoring.googleapis.com` * `network` - (Optional) The name or self_link of the Google Compute Engine - network to which the cluster is connected. + network to which the cluster is connected. For Shared VPC, set this to the self link of the + shared network. * `network_policy` - (Optional) Configuration options for the [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/networkpolicies/) @@ -171,7 +172,7 @@ output "cluster_ca_certificate" { * `remove_default_node_pool` - (Optional) If true, deletes the default node pool upon cluster creation. -* `subnetwork` - (Optional) The name of the Google Compute Engine subnetwork in +* `subnetwork` - (Optional) The name or self_link of the Google Compute Engine subnetwork in which the cluster's instances are launched. The `addons_config` block supports: