From b8de2d5c4ffe505203baa11af8139e48fcee8d2d Mon Sep 17 00:00:00 2001 From: kpdhulipala <84343462+kpdhulipala@users.noreply.github.com> Date: Wed, 10 Jul 2024 15:14:03 -0700 Subject: [PATCH] feat: PA-VM Integration with Panorama Server --- docs/resources/network_device.md | 97 +++++++++++++++++++++++++++ equinix/data_source_network_device.go | 13 ++++ equinix/resource_network_device.go | 51 +++++++++++--- 3 files changed, 150 insertions(+), 11 deletions(-) diff --git a/docs/resources/network_device.md b/docs/resources/network_device.md index be406f5ed..b3df8a843 100644 --- a/docs/resources/network_device.md +++ b/docs/resources/network_device.md @@ -99,6 +99,103 @@ resource "equinix_network_device" "panw-cluster" { } ``` +```terraform +# Create self configured PANW cluster with Panorama Server Integration + +data "equinix_network_account" "sv" { + metro_code = "SV" +} + +resource "equinix_network_device" "panw-cluster" { + name = "tf-panw" + metro_code = data.equinix_network_account.sv.metro_code + type_code = "PA-VM" + self_managed = true + byol = true + package_code = "VM100" + notifications = ["john@equinix.com", "marry@equinix.com", "fred@equinix.com"] + term_length = 12 + account_number = data.equinix_network_account.sv.number + version = "11.1.3" + interface_count = 10 + core_count = 2 + ssh_key { + username = "test" + key_name = "test-key" + } + acl_template_id = "0bff6e05-f0e7-44cd-804a-25b92b835f8b" + cluster_details { + cluster_name = "tf-panw-cluster" + node0 { + vendor_configuration { + hostname = "panw-node0" + panorama_ip_address = "x.x.x.x" + panorama_auth_key = "xxxxxxxxxxx" + } + license_token = "licenseToken" + } + node1 { + vendor_configuration { + hostname = "panw-node1" + panorama_ip_address = "x.x.x.x" + panorama_auth_key = "xxxxxxxxxxx" + } + license_token = "licenseToken" + } + } +} +``` + +```terraform +# Create self configured PANW HA device with Panorama Server Integration + +data "equinix_network_account" "sv" { + metro_code = "SV" +} + +resource "equinix_network_device" "panw-ha" { + name = "tf-panw-panorama-pri" + project_id = "3e548c02-9164-4197-aa23-05b1f644883c" + metro_code = data.equinix_network_account.sy.metro_code + type_code = "PA-VM" + self_managed = true + byol = true + hostname = "test" + package_code = "VM100" + notifications = ["test@eq.com"] + account_number = data.equinix_network_account.sy.number + acl_template_id = "3e548c02-9164-4197-aa23-05b1f644883c" + version = "11.1.3" + core_count = 2 + term_length = 1 + connectivity ="INTERNET-ACCESS" + ssh_key { + username = "test" + key_name = "test" + } + vendor_configuration = { + panorama_ip_address = "x.x.x.x" + panorama_auth_key = "xxxxxxxxxxxxxxx" + } + secondary_device { + name = "tf-panw-panorama-sec" + hostname = "test" + metro_code = data.equinix_network_account.sy.metro_code + notifications = ["john@equinix.com", "marry@equinix.com"] + account_number = data.equinix_network_account.sy.number + acl_template_id = "3e548c02-9164-4197-aa23-05b1f644883c" + ssh_key { + username = "test" + key_name = "test" + } + vendor_configuration = { + panorama_ip_address = "x.x.x.x" + panorama_auth_key = "xxxxxxxxxxxxxxx" + } + } +} +``` + ```terraform # Create self configured single Aviatrix device with cloud init file diff --git a/equinix/data_source_network_device.go b/equinix/data_source_network_device.go index 0c154d999..0c9bd8172 100644 --- a/equinix/data_source_network_device.go +++ b/equinix/data_source_network_device.go @@ -661,6 +661,19 @@ func createDataSourceVendorConfigurationSchema() map[string]*schema.Schema { Sensitive: true, Description: neDeviceVendorConfigDescriptions["LicenseID"], }, + neDeviceVendorConfigSchemaNames["PanoramaIPAddress"]: { + Type: schema.TypeString, + ForceNew: true, + Computed: true, + Description: neDeviceVendorConfigDescriptions["PanoramaIPAddress"], + }, + neDeviceVendorConfigSchemaNames["PanoramaAuthKey"]: { + Type: schema.TypeString, + Sensitive: true, + ForceNew: true, + Computed: true, + Description: neDeviceVendorConfigDescriptions["PanoramaAuthKey"], + }, } } diff --git a/equinix/resource_network_device.go b/equinix/resource_network_device.go index 8733287b4..ef5aacfdf 100644 --- a/equinix/resource_network_device.go +++ b/equinix/resource_network_device.go @@ -186,17 +186,19 @@ var neDeviceClusterNodeDescriptions = map[string]string{ } var neDeviceVendorConfigSchemaNames = map[string]string{ - "Hostname": "hostname", - "AdminPassword": "admin_password", - "Controller1": "controller1", - "ActivationKey": "activation_key", - "ControllerFqdn": "controller_fqdn", - "RootPassword": "root_password", - "PrivateAddress": "private_address", - "PrivateCIDRMask": "private_cidr_mask", - "PrivateGateway": "private_gateway", - "LicenseKey": "license_key", - "LicenseID": "license_id", + "Hostname": "hostname", + "AdminPassword": "admin_password", + "Controller1": "controller1", + "ActivationKey": "activation_key", + "ControllerFqdn": "controller_fqdn", + "RootPassword": "root_password", + "PrivateAddress": "private_address", + "PrivateCIDRMask": "private_cidr_mask", + "PrivateGateway": "private_gateway", + "LicenseKey": "license_key", + "LicenseID": "license_id", + "PanoramaIPAddress": "panorama_ip_address", + "PanoramaAuthKey": "panorama_auth_key", } var neDeviceVendorConfigDescriptions = map[string]string{ @@ -212,6 +214,8 @@ var neDeviceVendorConfigDescriptions = map[string]string{ "PrivateGateway": "Private gateway. This field is relevant only for the BlueCat DNS and DHCP Server", "LicenseKey": "License key. This field is relevant only for the BlueCat DNS and DHCP Server", "LicenseID": "License id. This field is relevant only for the BlueCat DNS and DHCP Server", + "PanoramaIPAddress": "Panorama Server IP Address. This field is relevant only for Palo Alto Networks Firewall devices", + "PanoramaAuthKey": "Panorama Server Auth Key. This field is relevant only for Palo Alto Networks Firewall devices", } func resourceNetworkDevice() *schema.Resource { @@ -950,6 +954,19 @@ func createVendorConfigurationSchema() map[string]*schema.Schema { ForceNew: true, Description: neDeviceVendorConfigDescriptions["LicenseID"], }, + neDeviceVendorConfigSchemaNames["PanoramaIPAddress"]: { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Description: neDeviceVendorConfigDescriptions["PanoramaIPAddress"], + }, + neDeviceVendorConfigSchemaNames["PanoramaAuthKey"]: { + Type: schema.TypeString, + Optional: true, + Sensitive: true, + ForceNew: true, + Description: neDeviceVendorConfigDescriptions["PanoramaAuthKey"], + }, } } @@ -1541,6 +1558,12 @@ func flattenVendorConfiguration(vendorConfig map[string]string) interface{} { if v, ok := vendorConfig["licenseId"]; ok { transformed[neDeviceVendorConfigSchemaNames["LicenseID"]] = v } + if v, ok := vendorConfig["panoramaIpAddress"]; ok { + transformed[neDeviceVendorConfigSchemaNames["PanoramaIPAddress"]] = v + } + if v, ok := vendorConfig["panoramaAuthKey"]; ok { + transformed[neDeviceVendorConfigSchemaNames["PanoramaAuthKey"]] = v + } return []interface{}{transformed} } @@ -1622,6 +1645,12 @@ func expandVendorConfiguration(vendorConfigs []interface{}) map[string]string { if v, ok := vendorConfig[neDeviceVendorConfigSchemaNames["PrivateGateway"]]; ok && !isEmpty(v) { transformed["privateGateway"] = v.(string) } + if v, ok := vendorConfig[neDeviceVendorConfigSchemaNames["PanoramaIPAddress"]]; ok && !isEmpty(v) { + transformed["panoramaIpAddress"] = v.(string) + } + if v, ok := vendorConfig[neDeviceVendorConfigSchemaNames["PanoramaAuthKey"]]; ok && !isEmpty(v) { + transformed["panoramaAuthKey"] = v.(string) + } return transformed }