This is an automated email from the ASF dual-hosted git repository.
dahn pushed a commit to branch main
in repository
https://gitbox.apache.org/repos/asf/cloudstack-terraform-provider.git
The following commit(s) were added to refs/heads/main by this push:
new a8c34cd Add `cloudstack_physicalnetwork` and some underlying
additional resources (#201)
a8c34cd is described below
commit a8c34cda5420fa74de3ed62c2e2b56bb3c1ca46d
Author: Ian <[email protected]>
AuthorDate: Sun Aug 31 02:43:46 2025 -0700
Add `cloudstack_physicalnetwork` and some underlying additional resources
(#201)
---
.../data_source_cloudstack_physicalnetwork.go | 140 ++++++++++
.../data_source_cloudstack_physicalnetwork_test.go | 67 +++++
cloudstack/provider.go | 82 +++---
...resource_cloudstack_network_service_provider.go | 305 +++++++++++++++++++++
...rce_cloudstack_network_service_provider_test.go | 236 ++++++++++++++++
cloudstack/resource_cloudstack_physicalnetwork.go | 209 ++++++++++++++
.../resource_cloudstack_physicalnetwork_test.go | 146 ++++++++++
cloudstack/resource_cloudstack_traffic_type.go | 282 +++++++++++++++++++
.../resource_cloudstack_traffic_type_test.go | 175 ++++++++++++
website/docs/d/physicalnetwork.html.markdown | 40 +++
.../docs/r/network_service_provider.html.markdown | 71 +++++
website/docs/r/physicalnetwork.html.markdown | 40 +++
website/docs/r/traffic_type.html.markdown | 65 +++++
13 files changed, 1819 insertions(+), 39 deletions(-)
diff --git a/cloudstack/data_source_cloudstack_physicalnetwork.go
b/cloudstack/data_source_cloudstack_physicalnetwork.go
new file mode 100644
index 0000000..6a43605
--- /dev/null
+++ b/cloudstack/data_source_cloudstack_physicalnetwork.go
@@ -0,0 +1,140 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package cloudstack
+
+import (
+ "encoding/json"
+ "fmt"
+ "log"
+ "regexp"
+ "strings"
+
+ "github.com/apache/cloudstack-go/v2/cloudstack"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func dataSourceCloudStackPhysicalNetwork() *schema.Resource {
+ return &schema.Resource{
+ Read: dataSourceCloudStackPhysicalNetworkRead,
+ Schema: map[string]*schema.Schema{
+ "filter": dataSourceFiltersSchema(),
+
+ //Computed values
+ "name": {
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "zone": {
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "broadcast_domain_range": {
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "isolation_methods": {
+ Type: schema.TypeList,
+ Computed: true,
+ Elem: &schema.Schema{Type:
schema.TypeString},
+ },
+ "network_speed": {
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "vlan": {
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ },
+ }
+}
+
+func dataSourceCloudStackPhysicalNetworkRead(d *schema.ResourceData, meta
interface{}) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+ p := cs.Network.NewListPhysicalNetworksParams()
+ physicalNetworks, err := cs.Network.ListPhysicalNetworks(p)
+
+ if err != nil {
+ return fmt.Errorf("Failed to list physical networks: %s", err)
+ }
+ filters := d.Get("filter")
+ var physicalNetwork *cloudstack.PhysicalNetwork
+
+ for _, pn := range physicalNetworks.PhysicalNetworks {
+ match, err := applyPhysicalNetworkFilters(pn,
filters.(*schema.Set))
+ if err != nil {
+ return err
+ }
+ if match {
+ physicalNetwork = pn
+ }
+ }
+
+ if physicalNetwork == nil {
+ return fmt.Errorf("No physical network is matching with the
specified regex")
+ }
+ log.Printf("[DEBUG] Selected physical network: %s\n",
physicalNetwork.Name)
+
+ return physicalNetworkDescriptionAttributes(d, physicalNetwork)
+}
+
+func physicalNetworkDescriptionAttributes(d *schema.ResourceData,
physicalNetwork *cloudstack.PhysicalNetwork) error {
+ d.SetId(physicalNetwork.Id)
+ d.Set("name", physicalNetwork.Name)
+ d.Set("broadcast_domain_range", physicalNetwork.Broadcastdomainrange)
+ d.Set("network_speed", physicalNetwork.Networkspeed)
+ d.Set("vlan", physicalNetwork.Vlan)
+
+ // Set isolation methods
+ if physicalNetwork.Isolationmethods != "" {
+ methods := strings.Split(physicalNetwork.Isolationmethods, ",")
+ d.Set("isolation_methods", methods)
+ }
+
+ // Set the zone
+ d.Set("zone", physicalNetwork.Zonename)
+
+ // Physical networks don't support tags in CloudStack API
+
+ return nil
+}
+
+func applyPhysicalNetworkFilters(physicalNetwork *cloudstack.PhysicalNetwork,
filters *schema.Set) (bool, error) {
+ var physicalNetworkJSON map[string]interface{}
+ k, _ := json.Marshal(physicalNetwork)
+ err := json.Unmarshal(k, &physicalNetworkJSON)
+ if err != nil {
+ return false, err
+ }
+
+ for _, f := range filters.List() {
+ m := f.(map[string]interface{})
+ r, err := regexp.Compile(m["value"].(string))
+ if err != nil {
+ return false, fmt.Errorf("Invalid regex: %s", err)
+ }
+ updatedName := strings.ReplaceAll(m["name"].(string), "_", "")
+ physicalNetworkField :=
physicalNetworkJSON[updatedName].(string)
+ if !r.MatchString(physicalNetworkField) {
+ return false, nil
+ }
+ }
+ return true, nil
+}
diff --git a/cloudstack/data_source_cloudstack_physicalnetwork_test.go
b/cloudstack/data_source_cloudstack_physicalnetwork_test.go
new file mode 100644
index 0000000..6384754
--- /dev/null
+++ b/cloudstack/data_source_cloudstack_physicalnetwork_test.go
@@ -0,0 +1,67 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package cloudstack
+
+import (
+ "testing"
+
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+func TestAccDataSourceCloudStackPhysicalNetwork_basic(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ Steps: []resource.TestStep{
+ {
+ Config:
testAccDataSourceCloudStackPhysicalNetwork_basic,
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttr(
+
"data.cloudstack_physicalnetwork.foo", "name", "terraform-physical-network"),
+ resource.TestCheckResourceAttr(
+
"data.cloudstack_physicalnetwork.foo", "broadcast_domain_range", "ZONE"),
+ ),
+ },
+ },
+ })
+}
+
+const testAccDataSourceCloudStackPhysicalNetwork_basic = `
+resource "cloudstack_zone" "foo" {
+ name = "terraform-zone-ds"
+ dns1 = "8.8.8.8"
+ internal_dns1 = "8.8.4.4"
+ network_type = "Advanced"
+}
+
+resource "cloudstack_physicalnetwork" "foo" {
+ name = "terraform-physical-network"
+ zone = cloudstack_zone.foo.name
+ broadcast_domain_range = "ZONE"
+ isolation_methods = ["VLAN"]
+}
+
+data "cloudstack_physicalnetwork" "foo" {
+ filter {
+ name = "name"
+ value = "terraform-physical-network"
+ }
+ depends_on = [cloudstack_physicalnetwork.foo]
+}`
diff --git a/cloudstack/provider.go b/cloudstack/provider.go
index a71df0e..877325e 100644
--- a/cloudstack/provider.go
+++ b/cloudstack/provider.go
@@ -90,54 +90,58 @@ func Provider() *schema.Provider {
"cloudstack_user":
dataSourceCloudstackUser(),
"cloudstack_vpn_connection":
dataSourceCloudstackVPNConnection(),
"cloudstack_pod":
dataSourceCloudstackPod(),
+ "cloudstack_physicalnetwork":
dataSourceCloudStackPhysicalNetwork(),
},
ResourcesMap: map[string]*schema.Resource{
- "cloudstack_affinity_group":
resourceCloudStackAffinityGroup(),
- "cloudstack_attach_volume":
resourceCloudStackAttachVolume(),
- "cloudstack_autoscale_vm_profile":
resourceCloudStackAutoScaleVMProfile(),
- "cloudstack_configuration":
resourceCloudStackConfiguration(),
- "cloudstack_disk":
resourceCloudStackDisk(),
- "cloudstack_egress_firewall":
resourceCloudStackEgressFirewall(),
- "cloudstack_firewall":
resourceCloudStackFirewall(),
- "cloudstack_host":
resourceCloudStackHost(),
- "cloudstack_instance":
resourceCloudStackInstance(),
- "cloudstack_ipaddress":
resourceCloudStackIPAddress(),
- "cloudstack_kubernetes_cluster":
resourceCloudStackKubernetesCluster(),
- "cloudstack_kubernetes_version":
resourceCloudStackKubernetesVersion(),
- "cloudstack_loadbalancer_rule":
resourceCloudStackLoadBalancerRule(),
- "cloudstack_network":
resourceCloudStackNetwork(),
- "cloudstack_network_acl":
resourceCloudStackNetworkACL(),
- "cloudstack_network_acl_rule":
resourceCloudStackNetworkACLRule(),
- "cloudstack_nic":
resourceCloudStackNIC(),
- "cloudstack_port_forward":
resourceCloudStackPortForward(),
- "cloudstack_private_gateway":
resourceCloudStackPrivateGateway(),
- "cloudstack_secondary_ipaddress":
resourceCloudStackSecondaryIPAddress(),
- "cloudstack_security_group":
resourceCloudStackSecurityGroup(),
- "cloudstack_security_group_rule":
resourceCloudStackSecurityGroupRule(),
- "cloudstack_ssh_keypair":
resourceCloudStackSSHKeyPair(),
- "cloudstack_static_nat":
resourceCloudStackStaticNAT(),
- "cloudstack_static_route":
resourceCloudStackStaticRoute(),
- "cloudstack_template":
resourceCloudStackTemplate(),
- "cloudstack_vpc":
resourceCloudStackVPC(),
- "cloudstack_vpn_connection":
resourceCloudStackVPNConnection(),
- "cloudstack_vpn_customer_gateway":
resourceCloudStackVPNCustomerGateway(),
- "cloudstack_vpn_gateway":
resourceCloudStackVPNGateway(),
- "cloudstack_network_offering":
resourceCloudStackNetworkOffering(),
- "cloudstack_disk_offering":
resourceCloudStackDiskOffering(),
- "cloudstack_volume":
resourceCloudStackVolume(),
- "cloudstack_zone":
resourceCloudStackZone(),
- "cloudstack_service_offering":
resourceCloudStackServiceOffering(),
- "cloudstack_account":
resourceCloudStackAccount(),
- "cloudstack_user":
resourceCloudStackUser(),
- "cloudstack_domain":
resourceCloudStackDomain(),
+ "cloudstack_affinity_group":
resourceCloudStackAffinityGroup(),
+ "cloudstack_attach_volume":
resourceCloudStackAttachVolume(),
+ "cloudstack_autoscale_vm_profile":
resourceCloudStackAutoScaleVMProfile(),
+ "cloudstack_configuration":
resourceCloudStackConfiguration(),
+ "cloudstack_disk":
resourceCloudStackDisk(),
+ "cloudstack_egress_firewall":
resourceCloudStackEgressFirewall(),
+ "cloudstack_firewall":
resourceCloudStackFirewall(),
+ "cloudstack_host":
resourceCloudStackHost(),
+ "cloudstack_instance":
resourceCloudStackInstance(),
+ "cloudstack_ipaddress":
resourceCloudStackIPAddress(),
+ "cloudstack_kubernetes_cluster":
resourceCloudStackKubernetesCluster(),
+ "cloudstack_kubernetes_version":
resourceCloudStackKubernetesVersion(),
+ "cloudstack_loadbalancer_rule":
resourceCloudStackLoadBalancerRule(),
+ "cloudstack_network":
resourceCloudStackNetwork(),
+ "cloudstack_network_acl":
resourceCloudStackNetworkACL(),
+ "cloudstack_network_acl_rule":
resourceCloudStackNetworkACLRule(),
+ "cloudstack_nic":
resourceCloudStackNIC(),
+ "cloudstack_port_forward":
resourceCloudStackPortForward(),
+ "cloudstack_private_gateway":
resourceCloudStackPrivateGateway(),
+ "cloudstack_secondary_ipaddress":
resourceCloudStackSecondaryIPAddress(),
+ "cloudstack_security_group":
resourceCloudStackSecurityGroup(),
+ "cloudstack_security_group_rule":
resourceCloudStackSecurityGroupRule(),
+ "cloudstack_ssh_keypair":
resourceCloudStackSSHKeyPair(),
+ "cloudstack_static_nat":
resourceCloudStackStaticNAT(),
+ "cloudstack_static_route":
resourceCloudStackStaticRoute(),
+ "cloudstack_template":
resourceCloudStackTemplate(),
+ "cloudstack_vpc":
resourceCloudStackVPC(),
+ "cloudstack_vpn_connection":
resourceCloudStackVPNConnection(),
+ "cloudstack_vpn_customer_gateway":
resourceCloudStackVPNCustomerGateway(),
+ "cloudstack_vpn_gateway":
resourceCloudStackVPNGateway(),
+ "cloudstack_network_offering":
resourceCloudStackNetworkOffering(),
+ "cloudstack_disk_offering":
resourceCloudStackDiskOffering(),
+ "cloudstack_volume":
resourceCloudStackVolume(),
+ "cloudstack_zone":
resourceCloudStackZone(),
+ "cloudstack_service_offering":
resourceCloudStackServiceOffering(),
+ "cloudstack_account":
resourceCloudStackAccount(),
+ "cloudstack_user":
resourceCloudStackUser(),
+ "cloudstack_domain":
resourceCloudStackDomain(),
+ "cloudstack_physicalnetwork":
resourceCloudStackPhysicalNetwork(),
+ "cloudstack_traffic_type":
resourceCloudStackTrafficType(),
+ "cloudstack_network_service_provider":
resourceCloudStackNetworkServiceProvider(),
},
ConfigureFunc: providerConfigure,
}
}
-func providerConfigure(d *schema.ResourceData) (interface{}, error) {
+func providerConfigure(d *schema.ResourceData) (any, error) {
apiURL, apiURLOK := d.GetOk("api_url")
apiKey, apiKeyOK := d.GetOk("api_key")
secretKey, secretKeyOK := d.GetOk("secret_key")
diff --git a/cloudstack/resource_cloudstack_network_service_provider.go
b/cloudstack/resource_cloudstack_network_service_provider.go
new file mode 100644
index 0000000..a4f0e40
--- /dev/null
+++ b/cloudstack/resource_cloudstack_network_service_provider.go
@@ -0,0 +1,305 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package cloudstack
+
+import (
+ "fmt"
+ "log"
+ "strings"
+
+ "github.com/apache/cloudstack-go/v2/cloudstack"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func resourceCloudStackNetworkServiceProvider() *schema.Resource {
+ return &schema.Resource{
+ Create: resourceCloudStackNetworkServiceProviderCreate,
+ Read: resourceCloudStackNetworkServiceProviderRead,
+ Update: resourceCloudStackNetworkServiceProviderUpdate,
+ Delete: resourceCloudStackNetworkServiceProviderDelete,
+ Importer: &schema.ResourceImporter{
+ State: resourceCloudStackNetworkServiceProviderImport,
+ },
+
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ ForceNew: true,
+ },
+
+ "physical_network_id": {
+ Type: schema.TypeString,
+ Required: true,
+ ForceNew: true,
+ },
+
+ "destination_physical_network_id": {
+ Type: schema.TypeString,
+ Optional: true,
+ ForceNew: true,
+ },
+
+ "service_list": {
+ Type: schema.TypeList,
+ Optional: true,
+ Elem: &schema.Schema{Type:
schema.TypeString},
+ },
+
+ "state": {
+ Type: schema.TypeString,
+ Optional: true,
+ Computed: true,
+ ValidateFunc: func(val any, key string) (warns
[]string, errs []error) {
+ v := val.(string)
+ if v != "Enabled" && v != "Disabled" {
+ errs = append(errs,
fmt.Errorf("%q must be either 'Enabled' or 'Disabled', got: %s", key, v))
+ }
+ return
+ },
+ },
+ },
+ }
+}
+
+func resourceCloudStackNetworkServiceProviderCreate(d *schema.ResourceData,
meta any) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ name := d.Get("name").(string)
+ physicalNetworkID := d.Get("physical_network_id").(string)
+
+ // Check if the provider already exists
+ p := cs.Network.NewListNetworkServiceProvidersParams()
+ p.SetPhysicalnetworkid(physicalNetworkID)
+ p.SetName(name)
+
+ l, err := cs.Network.ListNetworkServiceProviders(p)
+ if err != nil {
+ return fmt.Errorf("Error checking for existing network service
provider %s: %s", name, err)
+ }
+
+ if l.Count > 0 {
+ // Provider already exists, use its ID
+ d.SetId(l.NetworkServiceProviders[0].Id)
+
+ // Update the provider if needed
+ needsUpdate := false
+ up := cs.Network.NewUpdateNetworkServiceProviderParams(d.Id())
+
+ // Update service list if provided and not SecurityGroupProvider
+ if serviceList, ok := d.GetOk("service_list"); ok && name !=
"SecurityGroupProvider" {
+ services := make([]string, len(serviceList.([]any)))
+ for i, v := range serviceList.([]any) {
+ services[i] = v.(string)
+ }
+ up.SetServicelist(services)
+ needsUpdate = true
+ }
+
+ // Update state if provided
+ if state, ok := d.GetOk("state"); ok {
+ up.SetState(state.(string))
+ needsUpdate = true
+ }
+
+ // Perform the update if needed
+ if needsUpdate {
+ _, err := cs.Network.UpdateNetworkServiceProvider(up)
+ if err != nil {
+ return fmt.Errorf("Error updating network
service provider %s: %s", name, err)
+ }
+ }
+ } else {
+ // Provider doesn't exist, create a new one
+ cp := cs.Network.NewAddNetworkServiceProviderParams(name,
physicalNetworkID)
+
+ // Set optional parameters
+ if destinationPhysicalNetworkID, ok :=
d.GetOk("destination_physical_network_id"); ok {
+
cp.SetDestinationphysicalnetworkid(destinationPhysicalNetworkID.(string))
+ }
+
+ if serviceList, ok := d.GetOk("service_list"); ok {
+ services := make([]string, len(serviceList.([]any)))
+ for i, v := range serviceList.([]any) {
+ services[i] = v.(string)
+ }
+ cp.SetServicelist(services)
+ }
+
+ // Create the network service provider
+ r, err := cs.Network.AddNetworkServiceProvider(cp)
+ if err != nil {
+ return fmt.Errorf("Error creating network service
provider %s: %s", name, err)
+ }
+
+ d.SetId(r.Id)
+ }
+
+ return resourceCloudStackNetworkServiceProviderRead(d, meta)
+}
+
+func resourceCloudStackNetworkServiceProviderRead(d *schema.ResourceData, meta
any) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // Get the network service provider details
+ p := cs.Network.NewListNetworkServiceProvidersParams()
+ p.SetPhysicalnetworkid(d.Get("physical_network_id").(string))
+
+ l, err := cs.Network.ListNetworkServiceProviders(p)
+ if err != nil {
+ return err
+ }
+
+ // Find the network service provider with the matching ID
+ var provider *cloudstack.NetworkServiceProvider
+ for _, p := range l.NetworkServiceProviders {
+ if p.Id == d.Id() {
+ provider = p
+ break
+ }
+ }
+
+ if provider == nil {
+ log.Printf("[DEBUG] Network service provider %s does no longer
exist", d.Get("name").(string))
+ d.SetId("")
+ return nil
+ }
+
+ d.Set("name", provider.Name)
+ d.Set("physical_network_id", provider.Physicalnetworkid)
+ d.Set("state", provider.State)
+
+ // Special handling for SecurityGroupProvider - don't set service_list
to avoid drift
+ if provider.Name == "SecurityGroupProvider" {
+ // For SecurityGroupProvider, we don't manage the service list
+ // as it's predefined and can't be modified
+ if _, ok := d.GetOk("service_list"); ok {
+ // If service_list was explicitly set in config, keep
it for consistency
+ // but don't update it from the API response
+ } else {
+ // If service_list wasn't in config, don't set it to
avoid drift
+ }
+ } else {
+ // For other providers, set service list if available
+ if len(provider.Servicelist) > 0 {
+ d.Set("service_list", provider.Servicelist)
+ }
+ }
+
+ return nil
+}
+
+func resourceCloudStackNetworkServiceProviderUpdate(d *schema.ResourceData,
meta any) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // Check if we need to update the provider
+ if d.HasChange("service_list") || d.HasChange("state") {
+ // Create a new parameter struct
+ p := cs.Network.NewUpdateNetworkServiceProviderParams(d.Id())
+
+ // Update service list if changed and not SecurityGroupProvider
+ if d.HasChange("service_list") && d.Get("name").(string) !=
"SecurityGroupProvider" {
+ if serviceList, ok := d.GetOk("service_list"); ok {
+ services := make([]string,
len(serviceList.([]any)))
+ for i, v := range serviceList.([]any) {
+ services[i] = v.(string)
+ }
+ p.SetServicelist(services)
+ }
+ }
+
+ // Update state if changed
+ if d.HasChange("state") {
+ state := d.Get("state").(string)
+ p.SetState(state)
+ }
+
+ // Update the network service provider
+ _, err := cs.Network.UpdateNetworkServiceProvider(p)
+ if err != nil {
+ return fmt.Errorf("Error updating network service
provider %s: %s", d.Get("name").(string), err)
+ }
+ }
+
+ return resourceCloudStackNetworkServiceProviderRead(d, meta)
+}
+
+func resourceCloudStackNetworkServiceProviderDelete(d *schema.ResourceData,
meta any) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // Create a new parameter struct
+ p := cs.Network.NewDeleteNetworkServiceProviderParams(d.Id())
+
+ // Delete the network service provider
+ _, err := cs.Network.DeleteNetworkServiceProvider(p)
+ if err != nil {
+ // This is a very poor way to be told the ID does no longer
exist :(
+ if strings.Contains(err.Error(), fmt.Sprintf(
+ "Invalid parameter id value=%s due to incorrect long
value format, "+
+ "or entity does not exist", d.Id())) {
+ return nil
+ }
+
+ return fmt.Errorf("Error deleting network service provider %s:
%s", d.Get("name").(string), err)
+ }
+
+ return nil
+}
+
+func resourceCloudStackNetworkServiceProviderImport(d *schema.ResourceData,
meta any) ([]*schema.ResourceData, error) {
+ // Import is expected to receive the network service provider ID
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // We need to determine the physical_network_id by listing all physical
networks and their service providers
+ p := cs.Network.NewListPhysicalNetworksParams()
+ physicalNetworks, err := cs.Network.ListPhysicalNetworks(p)
+ if err != nil {
+ return nil, err
+ }
+
+ // For each physical network, list its service providers
+ for _, pn := range physicalNetworks.PhysicalNetworks {
+ sp := cs.Network.NewListNetworkServiceProvidersParams()
+ sp.SetPhysicalnetworkid(pn.Id)
+ serviceProviders, err :=
cs.Network.ListNetworkServiceProviders(sp)
+ if err != nil {
+ continue
+ }
+
+ // Check if our service provider ID is in this physical network
+ for _, provider := range
serviceProviders.NetworkServiceProviders {
+ if provider.Id == d.Id() {
+ // Found the physical network that contains our
service provider
+ d.Set("physical_network_id", pn.Id)
+ d.Set("name", provider.Name)
+ d.Set("state", provider.State)
+
+ // Set service list if available
+ if len(provider.Servicelist) > 0 {
+ d.Set("service_list",
provider.Servicelist)
+ }
+
+ return []*schema.ResourceData{d}, nil
+ }
+ }
+ }
+
+ return nil, fmt.Errorf("could not find physical network for network
service provider %s", d.Id())
+}
diff --git a/cloudstack/resource_cloudstack_network_service_provider_test.go
b/cloudstack/resource_cloudstack_network_service_provider_test.go
new file mode 100644
index 0000000..5b438d3
--- /dev/null
+++ b/cloudstack/resource_cloudstack_network_service_provider_test.go
@@ -0,0 +1,236 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package cloudstack
+
+import (
+ "fmt"
+ "testing"
+
+ "github.com/apache/cloudstack-go/v2/cloudstack"
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+ "github.com/hashicorp/terraform-plugin-testing/terraform"
+)
+
+func TestAccCloudStackNetworkServiceProvider_basic(t *testing.T) {
+ var provider cloudstack.NetworkServiceProvider
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy:
testAccCheckCloudStackNetworkServiceProviderDestroy,
+ Steps: []resource.TestStep{
+ {
+ Config:
testAccCloudStackNetworkServiceProvider_basic,
+ Check: resource.ComposeTestCheckFunc(
+
testAccCheckCloudStackNetworkServiceProviderExists(
+
"cloudstack_network_service_provider.foo", &provider),
+
testAccCheckCloudStackNetworkServiceProviderBasicAttributes(&provider),
+ resource.TestCheckResourceAttr(
+
"cloudstack_network_service_provider.foo", "name", "VirtualRouter"),
+ ),
+ },
+ },
+ })
+}
+
+func TestAccCloudStackNetworkServiceProvider_securityGroup(t *testing.T) {
+ var provider cloudstack.NetworkServiceProvider
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy:
testAccCheckCloudStackNetworkServiceProviderDestroy,
+ Steps: []resource.TestStep{
+ {
+ Config:
testAccCloudStackNetworkServiceProvider_securityGroup,
+ Check: resource.ComposeTestCheckFunc(
+
testAccCheckCloudStackNetworkServiceProviderExists(
+
"cloudstack_network_service_provider.security_group", &provider),
+
testAccCheckCloudStackNetworkServiceProviderSecurityGroupAttributes(&provider),
+ resource.TestCheckResourceAttr(
+
"cloudstack_network_service_provider.security_group", "name",
"SecurityGroupProvider"),
+ ),
+ },
+ },
+ })
+}
+
+func TestAccCloudStackNetworkServiceProvider_import(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy:
testAccCheckCloudStackNetworkServiceProviderDestroy,
+ Steps: []resource.TestStep{
+ {
+ Config:
testAccCloudStackNetworkServiceProvider_basic,
+ },
+ {
+ ResourceName:
"cloudstack_network_service_provider.foo",
+ ImportState: true,
+ ImportStateVerify: true,
+ },
+ },
+ })
+}
+
+func testAccCheckCloudStackNetworkServiceProviderExists(
+ n string, provider *cloudstack.NetworkServiceProvider)
resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+ rs, ok := s.RootModule().Resources[n]
+ if !ok {
+ return fmt.Errorf("Not found: %s", n)
+ }
+
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("No network service provider ID is
set")
+ }
+
+ cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
+ p := cs.Network.NewListNetworkServiceProvidersParams()
+
p.SetPhysicalnetworkid(rs.Primary.Attributes["physical_network_id"])
+
+ l, err := cs.Network.ListNetworkServiceProviders(p)
+ if err != nil {
+ return err
+ }
+
+ // Find the network service provider with the matching ID
+ var found bool
+ for _, p := range l.NetworkServiceProviders {
+ if p.Id == rs.Primary.ID {
+ *provider = *p
+ found = true
+ break
+ }
+ }
+
+ if !found {
+ return fmt.Errorf("Network service provider not found")
+ }
+
+ return nil
+ }
+}
+
+func testAccCheckCloudStackNetworkServiceProviderBasicAttributes(
+ provider *cloudstack.NetworkServiceProvider) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+ if provider.Name != "VirtualRouter" {
+ return fmt.Errorf("Bad name: %s", provider.Name)
+ }
+
+ // We don't check the state for VirtualRouter as it requires
configuration first
+
+ return nil
+ }
+}
+
+func testAccCheckCloudStackNetworkServiceProviderSecurityGroupAttributes(
+ provider *cloudstack.NetworkServiceProvider) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+ if provider.Name != "SecurityGroupProvider" {
+ return fmt.Errorf("Bad name: %s", provider.Name)
+ }
+
+ // We don't check the service list for SecurityGroupProvider as
it's predefined
+ // and can't be modified
+
+ return nil
+ }
+}
+
+func testAccCheckCloudStackNetworkServiceProviderDestroy(s *terraform.State)
error {
+ cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
+
+ for _, rs := range s.RootModule().Resources {
+ if rs.Type != "cloudstack_network_service_provider" {
+ continue
+ }
+
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("No network service provider ID is
set")
+ }
+
+ // Get the physical network ID from the state
+ physicalNetworkID :=
rs.Primary.Attributes["physical_network_id"]
+ if physicalNetworkID == "" {
+ continue // If the resource is gone, that's okay
+ }
+
+ p := cs.Network.NewListNetworkServiceProvidersParams()
+ p.SetPhysicalnetworkid(physicalNetworkID)
+ l, err := cs.Network.ListNetworkServiceProviders(p)
+ if err != nil {
+ return nil
+ }
+
+ // Check if the network service provider still exists
+ for _, p := range l.NetworkServiceProviders {
+ if p.Id == rs.Primary.ID {
+ return fmt.Errorf("Network service provider %s
still exists", rs.Primary.ID)
+ }
+ }
+ }
+
+ return nil
+}
+
+const testAccCloudStackNetworkServiceProvider_basic = `
+resource "cloudstack_zone" "foo" {
+ name = "terraform-zone"
+ dns1 = "8.8.8.8"
+ internal_dns1 = "8.8.4.4"
+ network_type = "Advanced"
+}
+
+resource "cloudstack_physicalnetwork" "foo" {
+ name = "terraform-physical-network"
+ zone = cloudstack_zone.foo.name
+ broadcast_domain_range = "ZONE"
+ isolation_methods = ["VLAN"]
+}
+
+resource "cloudstack_network_service_provider" "foo" {
+ name = "VirtualRouter"
+ physical_network_id = cloudstack_physicalnetwork.foo.id
+ service_list = ["Dhcp", "Dns"]
+ # Note: We don't set state for VirtualRouter as it requires configuration
first
+}`
+
+const testAccCloudStackNetworkServiceProvider_securityGroup = `
+resource "cloudstack_zone" "foo" {
+ name = "terraform-zone"
+ dns1 = "8.8.8.8"
+ internal_dns1 = "8.8.4.4"
+ network_type = "Advanced"
+}
+
+resource "cloudstack_physicalnetwork" "foo" {
+ name = "terraform-physical-network"
+ zone = cloudstack_zone.foo.name
+ broadcast_domain_range = "ZONE"
+ isolation_methods = ["VLAN"]
+}
+
+resource "cloudstack_network_service_provider" "security_group" {
+ name = "SecurityGroupProvider"
+ physical_network_id = cloudstack_physicalnetwork.foo.id
+ # Note: We don't set service_list for SecurityGroupProvider as it doesn't
support updating
+}`
diff --git a/cloudstack/resource_cloudstack_physicalnetwork.go
b/cloudstack/resource_cloudstack_physicalnetwork.go
new file mode 100644
index 0000000..993f09f
--- /dev/null
+++ b/cloudstack/resource_cloudstack_physicalnetwork.go
@@ -0,0 +1,209 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package cloudstack
+
+import (
+ "fmt"
+ "log"
+ "strings"
+
+ "github.com/apache/cloudstack-go/v2/cloudstack"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func resourceCloudStackPhysicalNetwork() *schema.Resource {
+ return &schema.Resource{
+ Create: resourceCloudStackPhysicalNetworkCreate,
+ Read: resourceCloudStackPhysicalNetworkRead,
+ Update: resourceCloudStackPhysicalNetworkUpdate,
+ Delete: resourceCloudStackPhysicalNetworkDelete,
+ Importer: &schema.ResourceImporter{
+ State: importStatePassthrough,
+ },
+
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ },
+
+ "zone": {
+ Type: schema.TypeString,
+ Required: true,
+ ForceNew: true,
+ },
+
+ "broadcast_domain_range": {
+ Type: schema.TypeString,
+ Optional: true,
+ Default: "ZONE",
+ ForceNew: true,
+ },
+
+ "isolation_methods": {
+ Type: schema.TypeList,
+ Optional: true,
+ Elem: &schema.Schema{Type:
schema.TypeString},
+ },
+
+ "network_speed": {
+ Type: schema.TypeString,
+ Optional: true,
+ },
+
+ "vlan": {
+ Type: schema.TypeString,
+ Optional: true,
+ },
+ },
+ }
+}
+
+func resourceCloudStackPhysicalNetworkCreate(d *schema.ResourceData, meta
interface{}) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ name := d.Get("name").(string)
+
+ // Retrieve the zone ID
+ zoneid, e := retrieveID(cs, "zone", d.Get("zone").(string))
+ if e != nil {
+ return e.Error()
+ }
+
+ // Create a new parameter struct
+ p := cs.Network.NewCreatePhysicalNetworkParams(name, zoneid)
+
+ // Set optional parameters
+ if broadcastDomainRange, ok := d.GetOk("broadcast_domain_range"); ok {
+ p.SetBroadcastdomainrange(broadcastDomainRange.(string))
+ }
+
+ if isolationMethods, ok := d.GetOk("isolation_methods"); ok {
+ methods := make([]string, len(isolationMethods.([]interface{})))
+ for i, v := range isolationMethods.([]interface{}) {
+ methods[i] = v.(string)
+ }
+ p.SetIsolationmethods(methods)
+ }
+
+ if networkSpeed, ok := d.GetOk("network_speed"); ok {
+ p.SetNetworkspeed(networkSpeed.(string))
+ }
+
+ if vlan, ok := d.GetOk("vlan"); ok {
+ p.SetVlan(vlan.(string))
+ }
+
+ // Create the physical network
+ r, err := cs.Network.CreatePhysicalNetwork(p)
+ if err != nil {
+ return fmt.Errorf("Error creating physical network %s: %s",
name, err)
+ }
+
+ d.SetId(r.Id)
+
+ // Physical networks don't support tags in CloudStack API
+
+ return resourceCloudStackPhysicalNetworkRead(d, meta)
+}
+
+func resourceCloudStackPhysicalNetworkRead(d *schema.ResourceData, meta
interface{}) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // Get the physical network details
+ p, count, err := cs.Network.GetPhysicalNetworkByID(d.Id())
+ if err != nil {
+ if count == 0 {
+ log.Printf("[DEBUG] Physical network %s does no longer
exist", d.Get("name").(string))
+ d.SetId("")
+ return nil
+ }
+
+ return err
+ }
+
+ d.Set("name", p.Name)
+ d.Set("broadcast_domain_range", p.Broadcastdomainrange)
+ d.Set("network_speed", p.Networkspeed)
+ d.Set("vlan", p.Vlan)
+
+ // Set isolation methods
+ if p.Isolationmethods != "" {
+ methods := strings.Split(p.Isolationmethods, ",")
+ d.Set("isolation_methods", methods)
+ }
+
+ // Set the zone
+ setValueOrID(d, "zone", p.Zonename, p.Zoneid)
+
+ // Physical networks don't support tags in CloudStack API
+
+ return nil
+}
+
+func resourceCloudStackPhysicalNetworkUpdate(d *schema.ResourceData, meta
interface{}) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // Create a new parameter struct
+ p := cs.Network.NewUpdatePhysicalNetworkParams(d.Id())
+
+ // The UpdatePhysicalNetworkParams struct doesn't have a SetName method
+ // so we can't update the name
+
+ if d.HasChange("network_speed") {
+ p.SetNetworkspeed(d.Get("network_speed").(string))
+ }
+
+ if d.HasChange("vlan") {
+ p.SetVlan(d.Get("vlan").(string))
+ }
+
+ // Update the physical network
+ _, err := cs.Network.UpdatePhysicalNetwork(p)
+ if err != nil {
+ return fmt.Errorf("Error updating physical network %s: %s",
d.Get("name").(string), err)
+ }
+
+ // Physical networks don't support tags in CloudStack API
+
+ return resourceCloudStackPhysicalNetworkRead(d, meta)
+}
+
+func resourceCloudStackPhysicalNetworkDelete(d *schema.ResourceData, meta
interface{}) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // Create a new parameter struct
+ p := cs.Network.NewDeletePhysicalNetworkParams(d.Id())
+
+ // Delete the physical network
+ _, err := cs.Network.DeletePhysicalNetwork(p)
+ if err != nil {
+ // This is a very poor way to be told the ID does no longer
exist :(
+ if strings.Contains(err.Error(), fmt.Sprintf(
+ "Invalid parameter id value=%s due to incorrect long
value format, "+
+ "or entity does not exist", d.Id())) {
+ return nil
+ }
+
+ return fmt.Errorf("Error deleting physical network %s: %s",
d.Get("name").(string), err)
+ }
+
+ return nil
+}
diff --git a/cloudstack/resource_cloudstack_physicalnetwork_test.go
b/cloudstack/resource_cloudstack_physicalnetwork_test.go
new file mode 100644
index 0000000..89156c5
--- /dev/null
+++ b/cloudstack/resource_cloudstack_physicalnetwork_test.go
@@ -0,0 +1,146 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package cloudstack
+
+import (
+ "fmt"
+ "testing"
+
+ "github.com/apache/cloudstack-go/v2/cloudstack"
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+ "github.com/hashicorp/terraform-plugin-testing/terraform"
+)
+
+func TestAccCloudStackPhysicalNetwork_basic(t *testing.T) {
+ var physicalNetwork cloudstack.PhysicalNetwork
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckCloudStackPhysicalNetworkDestroy,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccCloudStackPhysicalNetwork_basic,
+ Check: resource.ComposeTestCheckFunc(
+
testAccCheckCloudStackPhysicalNetworkExists(
+
"cloudstack_physicalnetwork.foo", &physicalNetwork),
+
testAccCheckCloudStackPhysicalNetworkBasicAttributes(&physicalNetwork),
+ ),
+ },
+ },
+ })
+}
+
+func TestAccCloudStackPhysicalNetwork_import(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckCloudStackPhysicalNetworkDestroy,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccCloudStackPhysicalNetwork_basic,
+ },
+ {
+ ResourceName:
"cloudstack_physicalnetwork.foo",
+ ImportState: true,
+ ImportStateVerify: true,
+ },
+ },
+ })
+}
+
+func testAccCheckCloudStackPhysicalNetworkExists(
+ n string, physicalNetwork *cloudstack.PhysicalNetwork)
resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+ rs, ok := s.RootModule().Resources[n]
+ if !ok {
+ return fmt.Errorf("Not found: %s", n)
+ }
+
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("No physical network ID is set")
+ }
+
+ cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
+ p, _, err := cs.Network.GetPhysicalNetworkByID(rs.Primary.ID)
+ if err != nil {
+ return err
+ }
+
+ if p.Id != rs.Primary.ID {
+ return fmt.Errorf("Physical network not found")
+ }
+
+ *physicalNetwork = *p
+
+ return nil
+ }
+}
+
+func testAccCheckCloudStackPhysicalNetworkBasicAttributes(
+ physicalNetwork *cloudstack.PhysicalNetwork) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+ if physicalNetwork.Name != "terraform-physical-network" {
+ return fmt.Errorf("Bad name: %s", physicalNetwork.Name)
+ }
+
+ if physicalNetwork.Broadcastdomainrange != "ZONE" {
+ return fmt.Errorf("Bad broadcast domain range: %s",
physicalNetwork.Broadcastdomainrange)
+ }
+
+ return nil
+ }
+}
+
+func testAccCheckCloudStackPhysicalNetworkDestroy(s *terraform.State) error {
+ cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
+
+ for _, rs := range s.RootModule().Resources {
+ if rs.Type != "cloudstack_physicalnetwork" {
+ continue
+ }
+
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("No physical network ID is set")
+ }
+
+ _, _, err := cs.Network.GetPhysicalNetworkByID(rs.Primary.ID)
+ if err == nil {
+ return fmt.Errorf("Physical network %s still exists",
rs.Primary.ID)
+ }
+ }
+
+ return nil
+}
+
+const testAccCloudStackPhysicalNetwork_basic = `
+resource "cloudstack_zone" "foo" {
+ name = "terraform-zone"
+ dns1 = "8.8.8.8"
+ internal_dns1 = "8.8.4.4"
+ network_type = "Advanced"
+}
+
+resource "cloudstack_physicalnetwork" "foo" {
+ name = "terraform-physical-network"
+ zone = cloudstack_zone.foo.name
+ broadcast_domain_range = "ZONE"
+ isolation_methods = ["VLAN"]
+}`
diff --git a/cloudstack/resource_cloudstack_traffic_type.go
b/cloudstack/resource_cloudstack_traffic_type.go
new file mode 100644
index 0000000..5117f72
--- /dev/null
+++ b/cloudstack/resource_cloudstack_traffic_type.go
@@ -0,0 +1,282 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package cloudstack
+
+import (
+ "fmt"
+ "log"
+ "strings"
+
+ "github.com/apache/cloudstack-go/v2/cloudstack"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func resourceCloudStackTrafficType() *schema.Resource {
+ return &schema.Resource{
+ Create: resourceCloudStackTrafficTypeCreate,
+ Read: resourceCloudStackTrafficTypeRead,
+ Update: resourceCloudStackTrafficTypeUpdate,
+ Delete: resourceCloudStackTrafficTypeDelete,
+ Importer: &schema.ResourceImporter{
+ State: resourceCloudStackTrafficTypeImport,
+ },
+
+ Schema: map[string]*schema.Schema{
+ "physical_network_id": {
+ Type: schema.TypeString,
+ Required: true,
+ ForceNew: true,
+ },
+
+ "type": {
+ Type: schema.TypeString,
+ Required: true,
+ ForceNew: true,
+ },
+
+ "kvm_network_label": {
+ Type: schema.TypeString,
+ Optional: true,
+ },
+
+ "vlan": {
+ Type: schema.TypeString,
+ Optional: true,
+ },
+
+ "xen_network_label": {
+ Type: schema.TypeString,
+ Optional: true,
+ },
+
+ "vmware_network_label": {
+ Type: schema.TypeString,
+ Optional: true,
+ },
+
+ "hyperv_network_label": {
+ Type: schema.TypeString,
+ Optional: true,
+ },
+
+ "ovm3_network_label": {
+ Type: schema.TypeString,
+ Optional: true,
+ },
+ },
+ }
+}
+
+func resourceCloudStackTrafficTypeCreate(d *schema.ResourceData, meta
interface{}) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ physicalNetworkID := d.Get("physical_network_id").(string)
+ trafficType := d.Get("type").(string)
+
+ // Create a new parameter struct
+ p := cs.Usage.NewAddTrafficTypeParams(physicalNetworkID, trafficType)
+
+ // Set optional parameters
+ if kvmNetworkLabel, ok := d.GetOk("kvm_network_label"); ok {
+ p.SetKvmnetworklabel(kvmNetworkLabel.(string))
+ }
+
+ if vlan, ok := d.GetOk("vlan"); ok {
+ p.SetVlan(vlan.(string))
+ }
+
+ if xenNetworkLabel, ok := d.GetOk("xen_network_label"); ok {
+ p.SetXennetworklabel(xenNetworkLabel.(string))
+ }
+
+ if vmwareNetworkLabel, ok := d.GetOk("vmware_network_label"); ok {
+ p.SetVmwarenetworklabel(vmwareNetworkLabel.(string))
+ }
+
+ if hypervNetworkLabel, ok := d.GetOk("hyperv_network_label"); ok {
+ p.SetHypervnetworklabel(hypervNetworkLabel.(string))
+ }
+
+ if ovm3NetworkLabel, ok := d.GetOk("ovm3_network_label"); ok {
+ p.SetOvm3networklabel(ovm3NetworkLabel.(string))
+ }
+
+ // Create the traffic type
+ r, err := cs.Usage.AddTrafficType(p)
+ if err != nil {
+ return fmt.Errorf("Error creating traffic type %s: %s",
trafficType, err)
+ }
+
+ d.SetId(r.Id)
+
+ return resourceCloudStackTrafficTypeRead(d, meta)
+}
+
+func resourceCloudStackTrafficTypeRead(d *schema.ResourceData, meta
interface{}) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // Get the traffic type details
+ p :=
cs.Usage.NewListTrafficTypesParams(d.Get("physical_network_id").(string))
+
+ l, err := cs.Usage.ListTrafficTypes(p)
+ if err != nil {
+ return err
+ }
+
+ // Find the traffic type with the matching ID
+ var trafficType *cloudstack.TrafficType
+ for _, t := range l.TrafficTypes {
+ if t.Id == d.Id() {
+ trafficType = t
+ break
+ }
+ }
+
+ if trafficType == nil {
+ log.Printf("[DEBUG] Traffic type %s does no longer exist",
d.Get("type").(string))
+ d.SetId("")
+ return nil
+ }
+
+ // The TrafficType struct has a Name field which contains the traffic
type
+ // But in some cases it might be empty, so we'll keep the original
value from the state
+ if trafficType.Name != "" {
+ d.Set("type", trafficType.Name)
+ }
+
+ // Note: The TrafficType struct doesn't have fields for network labels
or VLAN
+ // We'll need to rely on what we store in the state
+
+ return nil
+}
+
+func resourceCloudStackTrafficTypeUpdate(d *schema.ResourceData, meta
interface{}) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // Create a new parameter struct
+ p := cs.Usage.NewUpdateTrafficTypeParams(d.Id())
+
+ // Only set the parameters that have changed and are supported by the
API
+ if d.HasChange("kvm_network_label") {
+ p.SetKvmnetworklabel(d.Get("kvm_network_label").(string))
+ }
+
+ if d.HasChange("xen_network_label") {
+ p.SetXennetworklabel(d.Get("xen_network_label").(string))
+ }
+
+ if d.HasChange("vmware_network_label") {
+ p.SetVmwarenetworklabel(d.Get("vmware_network_label").(string))
+ }
+
+ if d.HasChange("hyperv_network_label") {
+ p.SetHypervnetworklabel(d.Get("hyperv_network_label").(string))
+ }
+
+ if d.HasChange("ovm3_network_label") {
+ p.SetOvm3networklabel(d.Get("ovm3_network_label").(string))
+ }
+
+ // Note: The UpdateTrafficTypeParams struct doesn't have a SetVlan
method
+ // so we can't update the VLAN
+
+ // Update the traffic type
+ _, err := cs.Usage.UpdateTrafficType(p)
+ if err != nil {
+ return fmt.Errorf("Error updating traffic type %s: %s",
d.Get("type").(string), err)
+ }
+
+ return resourceCloudStackTrafficTypeRead(d, meta)
+}
+
+func resourceCloudStackTrafficTypeDelete(d *schema.ResourceData, meta
interface{}) error {
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // Create a new parameter struct
+ p := cs.Usage.NewDeleteTrafficTypeParams(d.Id())
+
+ // Delete the traffic type
+ _, err := cs.Usage.DeleteTrafficType(p)
+ if err != nil {
+ // This is a very poor way to be told the ID does no longer
exist :(
+ if strings.Contains(err.Error(), fmt.Sprintf(
+ "Invalid parameter id value=%s due to incorrect long
value format, "+
+ "or entity does not exist", d.Id())) {
+ return nil
+ }
+
+ return fmt.Errorf("Error deleting traffic type %s: %s",
d.Get("type").(string), err)
+ }
+
+ return nil
+}
+
+func resourceCloudStackTrafficTypeImport(d *schema.ResourceData, meta
interface{}) ([]*schema.ResourceData, error) {
+ // Import is expected to receive the traffic type ID
+ cs := meta.(*cloudstack.CloudStackClient)
+
+ // We need to determine the physical_network_id by listing all physical
networks and their traffic types
+ p := cs.Network.NewListPhysicalNetworksParams()
+ physicalNetworks, err := cs.Network.ListPhysicalNetworks(p)
+ if err != nil {
+ return nil, err
+ }
+
+ // For each physical network, list its traffic types
+ for _, pn := range physicalNetworks.PhysicalNetworks {
+ tp := cs.Usage.NewListTrafficTypesParams(pn.Id)
+ trafficTypes, err := cs.Usage.ListTrafficTypes(tp)
+ if err != nil {
+ continue
+ }
+
+ // Check if our traffic type ID is in this physical network
+ for _, tt := range trafficTypes.TrafficTypes {
+ if tt.Id == d.Id() {
+ // Found the physical network that contains our
traffic type
+ d.Set("physical_network_id", pn.Id)
+
+ // Set the type attribute - use the original
value from the API call
+ // If the Name field is empty, use a default
value based on the traffic type ID
+ if tt.Name != "" {
+ d.Set("type", tt.Name)
+ } else {
+ // Use a default value based on common
traffic types
+ // This is a fallback and might not be
accurate
+ d.Set("type", "Management")
+ }
+
+ // For import to work correctly, we need to set
default values for network labels
+ // These will be overridden by the user if
needed
+ if d.Get("kvm_network_label") == "" {
+ d.Set("kvm_network_label", "cloudbr0")
+ }
+
+ if d.Get("xen_network_label") == "" {
+ d.Set("xen_network_label", "xenbr0")
+ }
+
+ return []*schema.ResourceData{d}, nil
+ }
+ }
+ }
+
+ return nil, fmt.Errorf("could not find physical network for traffic
type %s", d.Id())
+}
diff --git a/cloudstack/resource_cloudstack_traffic_type_test.go
b/cloudstack/resource_cloudstack_traffic_type_test.go
new file mode 100644
index 0000000..3cb8389
--- /dev/null
+++ b/cloudstack/resource_cloudstack_traffic_type_test.go
@@ -0,0 +1,175 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package cloudstack
+
+import (
+ "fmt"
+ "testing"
+
+ "github.com/apache/cloudstack-go/v2/cloudstack"
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+ "github.com/hashicorp/terraform-plugin-testing/terraform"
+)
+
+func TestAccCloudStackTrafficType_basic(t *testing.T) {
+ var trafficType cloudstack.TrafficType
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckCloudStackTrafficTypeDestroy,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccCloudStackTrafficType_basic,
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCloudStackTrafficTypeExists(
+ "cloudstack_traffic_type.foo",
&trafficType),
+
testAccCheckCloudStackTrafficTypeBasicAttributes(&trafficType),
+ resource.TestCheckResourceAttrSet(
+ "cloudstack_traffic_type.foo",
"type"),
+ resource.TestCheckResourceAttr(
+ "cloudstack_traffic_type.foo",
"kvm_network_label", "cloudbr0"),
+ ),
+ },
+ },
+ })
+}
+
+func TestAccCloudStackTrafficType_import(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckCloudStackTrafficTypeDestroy,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccCloudStackTrafficType_basic,
+ },
+ {
+ ResourceName:
"cloudstack_traffic_type.foo",
+ ImportState: true,
+ ImportStateVerify: true,
+ },
+ },
+ })
+}
+
+func testAccCheckCloudStackTrafficTypeExists(
+ n string, trafficType *cloudstack.TrafficType) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+ rs, ok := s.RootModule().Resources[n]
+ if !ok {
+ return fmt.Errorf("Not found: %s", n)
+ }
+
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("No traffic type ID is set")
+ }
+
+ cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
+ p :=
cs.Usage.NewListTrafficTypesParams(rs.Primary.Attributes["physical_network_id"])
+
+ l, err := cs.Usage.ListTrafficTypes(p)
+ if err != nil {
+ return err
+ }
+
+ // Find the traffic type with the matching ID
+ var found bool
+ for _, t := range l.TrafficTypes {
+ if t.Id == rs.Primary.ID {
+ *trafficType = *t
+ found = true
+ break
+ }
+ }
+
+ if !found {
+ return fmt.Errorf("Traffic type not found")
+ }
+
+ return nil
+ }
+}
+
+func testAccCheckCloudStackTrafficTypeBasicAttributes(
+ trafficType *cloudstack.TrafficType) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+ // The TrafficType struct doesn't have a field that directly
maps to the 'type' attribute
+ // Instead, we'll rely on the resource attribute checks in the
test
+ return nil
+ }
+}
+
+func testAccCheckCloudStackTrafficTypeDestroy(s *terraform.State) error {
+ cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
+
+ for _, rs := range s.RootModule().Resources {
+ if rs.Type != "cloudstack_traffic_type" {
+ continue
+ }
+
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("No traffic type ID is set")
+ }
+
+ // Get the physical network ID from the state
+ physicalNetworkID :=
rs.Primary.Attributes["physical_network_id"]
+ if physicalNetworkID == "" {
+ continue // If the resource is gone, that's okay
+ }
+
+ p := cs.Usage.NewListTrafficTypesParams(physicalNetworkID)
+ l, err := cs.Usage.ListTrafficTypes(p)
+ if err != nil {
+ return nil
+ }
+
+ // Check if the traffic type still exists
+ for _, t := range l.TrafficTypes {
+ if t.Id == rs.Primary.ID {
+ return fmt.Errorf("Traffic type %s still
exists", rs.Primary.ID)
+ }
+ }
+ }
+
+ return nil
+}
+
+const testAccCloudStackTrafficType_basic = `
+resource "cloudstack_zone" "foo" {
+ name = "terraform-zone"
+ dns1 = "8.8.8.8"
+ internal_dns1 = "8.8.4.4"
+ network_type = "Advanced"
+}
+
+resource "cloudstack_physicalnetwork" "foo" {
+ name = "terraform-physical-network"
+ zone = cloudstack_zone.foo.name
+ broadcast_domain_range = "ZONE"
+ isolation_methods = ["VLAN"]
+}
+
+resource "cloudstack_traffic_type" "foo" {
+ physical_network_id = cloudstack_physicalnetwork.foo.id
+ type = "Management"
+ kvm_network_label = "cloudbr0"
+ xen_network_label = "xenbr0"
+}`
diff --git a/website/docs/d/physicalnetwork.html.markdown
b/website/docs/d/physicalnetwork.html.markdown
new file mode 100644
index 0000000..1846fae
--- /dev/null
+++ b/website/docs/d/physicalnetwork.html.markdown
@@ -0,0 +1,40 @@
+---
+layout: "cloudstack"
+page_title: "CloudStack: cloudstack_physicalnetwork"
+sidebar_current: "docs-cloudstack-datasource-physicalnetwork"
+description: |-
+ Gets information about a physical network.
+---
+
+# cloudstack_physicalnetwork
+
+Use this data source to get information about a physical network.
+
+## Example Usage
+
+```hcl
+data "cloudstack_physicalnetwork" "default" {
+ filter {
+ name = "name"
+ value = "test-physical-network"
+ }
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `filter` - (Optional) One or more name/value pairs to filter off of.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `id` - The ID of the physical network.
+* `name` - The name of the physical network.
+* `zone` - The name of the zone where the physical network belongs to.
+* `broadcast_domain_range` - The broadcast domain range for the physical
network.
+* `isolation_methods` - The isolation method for the physical network.
+* `network_speed` - The speed for the physical network.
+* `vlan` - The VLAN for the physical network.
\ No newline at end of file
diff --git a/website/docs/r/network_service_provider.html.markdown
b/website/docs/r/network_service_provider.html.markdown
new file mode 100644
index 0000000..b11ed7c
--- /dev/null
+++ b/website/docs/r/network_service_provider.html.markdown
@@ -0,0 +1,71 @@
+---
+layout: "cloudstack"
+page_title: "CloudStack: cloudstack_network_service_provider"
+sidebar_current: "docs-cloudstack-resource-network-service-provider"
+description: |-
+ Adds a network service provider to a physical network.
+---
+
+# cloudstack_network_service_provider
+
+Adds or updates a network service provider on a physical network.
+
+~> **NOTE:** Network service providers are often created automatically when a
physical network is created. This resource can be used to manage those existing
providers or create new ones.
+
+~> **NOTE:** Some providers like SecurityGroupProvider don't allow updating
the service list. For these providers, the service list specified in the
configuration will be used only during creation.
+
+~> **NOTE:** Network service providers are created in a "Disabled" state by
default. You can set `state = "Enabled"` to enable them. Note that some
providers like VirtualRouter require configuration before they can be enabled.
+
+## Example Usage
+
+```hcl
+resource "cloudstack_physicalnetwork" "default" {
+ name = "test-physical-network"
+ zone = "zone-name"
+}
+
+resource "cloudstack_network_service_provider" "virtualrouter" {
+ name = "VirtualRouter"
+ physical_network_id = cloudstack_physicalnetwork.default.id
+ service_list = ["Dhcp", "Dns", "Firewall", "LoadBalancer",
"SourceNat", "StaticNat", "PortForwarding", "Vpn"]
+ state = "Enabled"
+}
+
+resource "cloudstack_network_service_provider" "vpcvirtualrouter" {
+ name = "VpcVirtualRouter"
+ physical_network_id = cloudstack_physicalnetwork.default.id
+ service_list = ["Dhcp", "Dns", "SourceNat", "StaticNat",
"NetworkACL", "PortForwarding", "Lb", "UserData", "Vpn"]
+}
+
+resource "cloudstack_network_service_provider" "securitygroup" {
+ name = "SecurityGroupProvider"
+ physical_network_id = cloudstack_physicalnetwork.default.id
+ # Note: service_list is predefined for SecurityGroupProvider
+ state = "Enabled" # Optional: providers are created in
"Disabled" state by default
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) The name of the network service provider. Possible
values include: VirtualRouter, VpcVirtualRouter, InternalLbVm, ConfigDrive, etc.
+* `physical_network_id` - (Required) The ID of the physical network to which
to add the network service provider.
+* `destination_physical_network_id` - (Optional) The destination physical
network ID.
+* `service_list` - (Optional) The list of services to be enabled for this
service provider. Possible values include: Dhcp, Dns, Firewall, Gateway,
LoadBalancer, NetworkACL, PortForwarding, SourceNat, StaticNat, UserData, Vpn,
etc.
+* `state` - (Optional) The state of the network service provider. Possible
values are "Enabled" and "Disabled". This can be used to enable or disable the
provider.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `id` - The ID of the network service provider.
+* `state` - The state of the network service provider.
+
+## Import
+
+Network service providers can be imported using the network service provider
ID, e.g.
+
+```shell
+terraform import cloudstack_network_service_provider.virtualrouter
5fb307e2-0e11-11ee-be56-0242ac120002
+```
diff --git a/website/docs/r/physicalnetwork.html.markdown
b/website/docs/r/physicalnetwork.html.markdown
new file mode 100644
index 0000000..15248bc
--- /dev/null
+++ b/website/docs/r/physicalnetwork.html.markdown
@@ -0,0 +1,40 @@
+---
+layout: "cloudstack"
+page_title: "CloudStack: cloudstack_physicalnetwork"
+sidebar_current: "docs-cloudstack-resource-physicalnetwork"
+description: |-
+ Creates a physical network.
+---
+
+# cloudstack_physicalnetwork
+
+Creates a physical network.
+
+## Example Usage
+
+```hcl
+resource "cloudstack_physicalnetwork" "default" {
+ name = "test-physical-network"
+ zone = "zone-name"
+
+ broadcast_domain_range = "ZONE"
+ isolation_methods = ["VLAN"]
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) The name of the physical network.
+* `zone` - (Required) The name or ID of the zone where the physical network
belongs to.
+* `broadcast_domain_range` - (Optional) The broadcast domain range for the
physical network. Defaults to `ZONE`.
+* `isolation_methods` - (Optional) The isolation method for the physical
network.
+* `network_speed` - (Optional) The speed for the physical network.
+* `vlan` - (Optional) The VLAN for the physical network.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `id` - The ID of the physical network.
\ No newline at end of file
diff --git a/website/docs/r/traffic_type.html.markdown
b/website/docs/r/traffic_type.html.markdown
new file mode 100644
index 0000000..5bfd38d
--- /dev/null
+++ b/website/docs/r/traffic_type.html.markdown
@@ -0,0 +1,65 @@
+---
+layout: "cloudstack"
+page_title: "CloudStack: cloudstack_traffic_type"
+sidebar_current: "docs-cloudstack-resource-traffic-type"
+description: |-
+ Adds a traffic type to a physical network.
+---
+
+# cloudstack_traffic_type
+
+Adds a traffic type to a physical network.
+
+## Example Usage
+
+```hcl
+resource "cloudstack_physicalnetwork" "default" {
+ name = "test-physical-network"
+ zone = "zone-name"
+}
+
+resource "cloudstack_traffic_type" "management" {
+ physical_network_id = cloudstack_physicalnetwork.default.id
+ type = "Management"
+
+ kvm_network_label = "cloudbr0"
+ xen_network_label = "xenbr0"
+ vmware_network_label = "VM Network"
+}
+
+resource "cloudstack_traffic_type" "guest" {
+ physical_network_id = cloudstack_physicalnetwork.default.id
+ type = "Guest"
+
+ kvm_network_label = "cloudbr1"
+ xen_network_label = "xenbr1"
+ vmware_network_label = "VM Guest Network"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `physical_network_id` - (Required) The ID of the physical network to which
the traffic type is being added.
+* `type` - (Required) The type of traffic (e.g., Management, Guest, Public,
Storage).
+* `kvm_network_label` - (Optional) The network name label of the physical
device dedicated to this traffic on a KVM host.
+* `vlan` - (Optional) The VLAN ID to be used for Management traffic by VMware
host.
+* `xen_network_label` - (Optional) The network name label of the physical
device dedicated to this traffic on a XenServer host.
+* `vmware_network_label` - (Optional) The network name label of the physical
device dedicated to this traffic on a VMware host.
+* `hyperv_network_label` - (Optional) The network name label of the physical
device dedicated to this traffic on a HyperV host.
+* `ovm3_network_label` - (Optional) The network name label of the physical
device dedicated to this traffic on an OVM3 host.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `id` - The ID of the traffic type.
+
+## Import
+
+Traffic types can be imported using the traffic type ID, e.g.
+
+```shell
+terraform import cloudstack_traffic_type.management
5fb307e2-0e11-11ee-be56-0242ac120002
+```
