VMWare vCloud Director Support

builtin/bins/provider-vcd/main.go

@@ -0,0 +1,12 @@
+package main
+
+import (
+	"github.com/hashicorp/terraform/builtin/providers/vcd"
+	"github.com/hashicorp/terraform/plugin"
+)
+
+func main() {
+	plugin.Serve(&plugin.ServeOpts{
+		ProviderFunc: vcd.Provider,
+	})
+}

builtin/providers/vcd/config.go

@@ -0,0 +1,32 @@
+package vcd
+
+import (
+	"fmt"
+	"net/url"
+
+	"github.com/hmrc/vmware-govcd"
+)
+
+type Config struct {
+	User     string
+	Password string
+	Org      string
+	Href     string
+	VDC      string
+}
+
+func (c *Config) Client() (*govcd.VCDClient, error) {
+	u, err := url.ParseRequestURI(c.Href)
+	if err != nil {
+		return nil, fmt.Errorf("Something went wrong: %s", err)
+	}
+
+	vcdclient := govcd.NewVCDClient(*u)
+	org, vcd, err := vcdclient.Authenticate(c.User, c.Password, c.Org, c.VDC)
+	if err != nil {
+		return nil, fmt.Errorf("Something went wrong: %s", err)
+	}
+	vcdclient.Org = org
+	vcdclient.OrgVdc = vcd
+	return vcdclient, nil
+}

builtin/providers/vcd/provider.go

@@ -0,0 +1,69 @@
+package vcd
+
+import (
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+// Provider returns a terraform.ResourceProvider.
+func Provider() terraform.ResourceProvider {
+	return &schema.Provider{
+		Schema: map[string]*schema.Schema{
+			"user": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("VCD_USER", nil),
+				Description: "The user name for vcd API operations.",
+			},
+
+			"password": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("VCD_PASSWORD", nil),
+				Description: "The user password for vcd API operations.",
+			},
+
+			"org": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("VCD_ORG", nil),
+				Description: "The vcd org for API operations",
+			},
+
+			"url": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("VCD_URL", nil),
+				Description: "The vcd url for vcd API operations.",
+			},
+			"vdc": &schema.Schema{
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("VCD_VDC", ""),
+				Description: "The name of the VDC to run operations on",
+			},
+		},
+
+		ResourcesMap: map[string]*schema.Resource{
+			"vcd_network":        resourceVcdNetwork(),
+			"vcd_vapp":           resourceVcdVApp(),
+			"vcd_firewall_rules": resourceVcdFirewallRules(),
+			"vcd_dnat":           resourceVcdDNAT(),
+			"vcd_snat":           resourceVcdSNAT(),
+		},
+
+		ConfigureFunc: providerConfigure,
+	}
+}
+
+func providerConfigure(d *schema.ResourceData) (interface{}, error) {
+	config := Config{
+		User:     d.Get("user").(string),
+		Password: d.Get("password").(string),
+		Org:      d.Get("org").(string),
+		Href:     d.Get("url").(string),
+		VDC:      d.Get("vdc").(string),
+	}
+
+	return config.Client()
+}

builtin/providers/vcd/provider_test.go

@@ -0,0 +1,50 @@
+package vcd
+
+import (
+	"os"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+var testAccProviders map[string]terraform.ResourceProvider
+var testAccProvider *schema.Provider
+
+func init() {
+	testAccProvider = Provider().(*schema.Provider)
+	testAccProviders = map[string]terraform.ResourceProvider{
+		"vcd": testAccProvider,
+	}
+}
+
+func TestProvider(t *testing.T) {
+	if err := Provider().(*schema.Provider).InternalValidate(); err != nil {
+		t.Fatalf("err: %s", err)
+	}
+}
+
+func TestProvider_impl(t *testing.T) {
+	var _ terraform.ResourceProvider = Provider()
+}
+
+func testAccPreCheck(t *testing.T) {
+	if v := os.Getenv("VCD_USER"); v == "" {
+		t.Fatal("VCD_USER must be set for acceptance tests")
+	}
+	if v := os.Getenv("VCD_PASSWORD"); v == "" {
+		t.Fatal("VCD_PASSWORD must be set for acceptance tests")
+	}
+	if v := os.Getenv("VCD_ORG"); v == "" {
+		t.Fatal("VCD_ORG must be set for acceptance tests")
+	}
+	if v := os.Getenv("VCD_URL"); v == "" {
+		t.Fatal("VCD_URL must be set for acceptance tests")
+	}
+	if v := os.Getenv("VCD_EDGE_GATEWAY"); v == "" {
+		t.Fatal("VCD_EDGE_GATEWAY must be set for acceptance tests")
+	}
+	if v := os.Getenv("VCD_VDC"); v == "" {
+		t.Fatal("VCD_VDC must be set for acceptance tests")
+	}
+}

builtin/providers/vcd/resource_vcd_dnat.go

@@ -0,0 +1,140 @@
+package vcd
+
+import (
+	"fmt"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hmrc/vmware-govcd"
+	"strings"
+)
+
+func resourceVcdDNAT() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceVcdDNATCreate,
+		Update: resourceVcdDNATUpdate,
+		Delete: resourceVcdDNATDelete,
+		Read:   resourceVcdDNATRead,
+
+		Schema: map[string]*schema.Schema{
+			"edge_gateway": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"external_ip": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"port": &schema.Schema{
+				Type:     schema.TypeInt,
+				Required: true,
+			},
+
+			"internal_ip": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+			},
+		},
+	}
+}
+
+func resourceVcdDNATCreate(d *schema.ResourceData, meta interface{}) error {
+	vcd_client := meta.(*govcd.VCDClient)
+	// Multiple VCD components need to run operations on the Edge Gateway, as
+	// the edge gatway will throw back an error if it is already performing an
+	// operation we must wait until we can aquire a lock on the client
+	vcd_client.Mutex.Lock()
+	defer vcd_client.Mutex.Unlock()
+	portString := getPortString(d.Get("port").(int))
+
+	edgeGateway, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
+
+	if err != nil {
+		return fmt.Errorf("Unable to find edge gateway: %#v", err)
+	}
+
+	// Creating a loop to offer further protection from the edge gateway erroring
+	// due to being busy eg another person is using another client so wouldn't be
+	// constrained by out lock. If the edge gateway reurns with a busy error, wait
+	// 3 seconds and then try again. Continue until a non-busy error or success
+
+	err = retryCall(4, func() error {
+		task, err := edgeGateway.AddNATMapping("DNAT", d.Get("external_ip").(string),
+			d.Get("internal_ip").(string),
+			portString)
+		if err != nil {
+			return fmt.Errorf("Error setting DNAT rules: %#v", err)
+		}
+
+		return task.WaitTaskCompletion()
+	})
+
+	if err != nil {
+		return fmt.Errorf("Error completing tasks: %#v", err)
+	}
+
+	d.SetId(d.Get("external_ip").(string) + "_" + portString)
+	return nil
+}
+
+func resourceVcdDNATUpdate(d *schema.ResourceData, meta interface{}) error {
+	return nil
+}
+
+func resourceVcdDNATRead(d *schema.ResourceData, meta interface{}) error {
+	vcd_client := meta.(*govcd.VCDClient)
+	e, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
+
+	if err != nil {
+		return fmt.Errorf("Unable to find edge gateway: %#v", err)
+	}
+
+	idSplit := strings.Split(d.Id(), "_")
+	var found bool
+
+	for _, r := range e.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule {
+		if r.RuleType == "DNAT" &&
+			r.GatewayNatRule.OriginalIP == idSplit[0] &&
+			r.GatewayNatRule.OriginalPort == idSplit[1] {
+			found = true
+			d.Set("internal_ip", r.GatewayNatRule.TranslatedIP)
+		}
+	}
+
+	if !found {
+		d.SetId("")
+	}
+
+	return nil
+}
+
+func resourceVcdDNATDelete(d *schema.ResourceData, meta interface{}) error {
+	vcd_client := meta.(*govcd.VCDClient)
+	// Multiple VCD components need to run operations on the Edge Gateway, as
+	// the edge gatway will throw back an error if it is already performing an
+	// operation we must wait until we can aquire a lock on the client
+	vcd_client.Mutex.Lock()
+	defer vcd_client.Mutex.Unlock()
+	portString := getPortString(d.Get("port").(int))
+
+	edgeGateway, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
+
+	if err != nil {
+		return fmt.Errorf("Unable to find edge gateway: %#v", err)
+	}
+	err = retryCall(4, func() error {
+		task, err := edgeGateway.RemoveNATMapping("DNAT", d.Get("external_ip").(string),
+			d.Get("internal_ip").(string),
+			portString)
+		if err != nil {
+			return fmt.Errorf("Error setting DNAT rules: %#v", err)
+		}
+
+		return task.WaitTaskCompletion()
+	})
+	if err != nil {
+		return fmt.Errorf("Error completing tasks: %#v", err)
+	}
+	return nil
+}