-
Notifications
You must be signed in to change notification settings - Fork 9.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add AWS direct connect virtual interface resources #5212
Conversation
I should be able to help test this as I have an existing direct connect already up and in service. |
@pixitha Did you get a chance to test it ? |
I'd be available to assist in testing as well, we have a direct connect in several environment that we could work with. |
@williamrhancock Please check out the documentation included in the PR as it contains examples for usage. |
Any update on this? I have a need to connect an existing VGW to our DirectConnect after destroy/apply of our VPC. |
@mcraig88 I personally use it without any issues in a custom version. I haven't got back any feedback and it doesn't seem to be a priority at the moment to merge. Please vote for the PR and/or open a feature request mentioning the PR. It should help move things faster. |
I actually found another way to accomplish what I needed. propagating_vgws = ["${var.direct_connect_vgw}"] Thank you. On Wed, Jun 15, 2016 at 3:31 AM, mhlias notifications@github.com wrote:
|
+1 |
…t and intra accounts.
Rebased but it seems something fails in the tests. Need to get up to date with what has changed. |
@stack72 Any comments on the PR please ? |
Hi @mhlias Will get this on my list to review this week - sorry for the delay! Paul |
Great thanks! No worries, just found some time myself to rebase and fix some issues. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @mhlias
Thanks for the work here - I belive there are some changes needed. I have gone through and left some general styling comments WRT to the Read funcs and deref - please have a look at rolling those across how all resources in the PR are
Apart from that, the only other file that needs updated is:
website/source/layouts/aws.erb
As this will add the links to the DC pages. I suggest a section of it's own
Please can you include an output of the acceptance tests in the fix up?
Thanks
Paul
}) | ||
|
||
if err != nil { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a chance that someone can delete the VirtualInterface from the AWS Console? If so, this will error out. We should handle the case of 404 and then remove from state if necessary
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, a VirtualInterface can be deleted from the AWS Console.
|
||
} | ||
|
||
if len(resp.VirtualInterfaces) != 1 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we error on > 1 VirtualInterfaces?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@stack72 Because the DescribeVirtualInterfaces request is done with filter on VirtualInterfaceId and according to SDK documentation: "If a virtual interface ID is included then only a single virtual interface will be returned." which should be unique and return at most 1 VIF. so if we get 0 we didn't find it and if we get more than 1 something is terribly wrong.
} | ||
|
||
if len(resp.VirtualInterfaces) != 1 { | ||
return fmt.Errorf("[ERROR] Error finding DirectConnect PrivateVirtualInterface: %s", d.Id()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Misleading error message - we have found a list of VirtualInterfaces
return fmt.Errorf("[ERROR] Error finding DirectConnect PrivateVirtualInterface: %s", d.Id()) | ||
} | ||
|
||
virtualInterface := resp.VirtualInterfaces[0] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we guarantee that [0] VirtualInterface is the one we want? Shouldn't we range the list here?
virtualInterface := resp.VirtualInterfaces[0] | ||
|
||
// Set attributes under the user's control. | ||
d.Set("connection_id", *virtualInterface.ConnectionId) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
d.Set takes care of pointer dereference in a safe way - you shouldn't need to deref before passing in - it's safer without it
return fmt.Errorf("[ERROR] Error finding DirectConnect PrivateVirtualInterface: %s", d.Id()) | ||
} | ||
|
||
virtualInterface := resp.VirtualInterfaces[0] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we guarantee that the first found is the correct one?
d.Set("vlan", *virtualInterface.Vlan) | ||
d.Set("amazon_address", *virtualInterface.AmazonAddress) | ||
d.Set("customer_address", *virtualInterface.CustomerAddress) | ||
// d.Set("auth_key", *virtualInterface.AuthKey) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we not want to set an auth_key?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't remember why I made that choice back then... it has been a while, but I suspect it was because I was trying to avoid printing the AuthKey. Since any change to a VIF forces a recreate as there is no update method it should not matter, unless I am mistaken and causes an issue with detecting a change in the AuthKey.
"github.com/hashicorp/terraform/terraform" | ||
) | ||
|
||
func TestAccAWSDCINTRAVIRTUALINTERFACECONFIRM_basic(t *testing.T) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Casing is not consistent - we use CamelCase rather than UPPERCASE :)
var err error | ||
var resp *directconnect.VirtualInterface | ||
|
||
if v, ok := d.GetOk("interface_type"); ok && v == "public" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
v.(string)
Asn: aws.Int64(int64(d.Get("asn").(int))), | ||
VirtualInterfaceName: aws.String(d.Get("virtual_interface_name").(string)), | ||
Vlan: aws.Int64(int64(d.Get("vlan").(int))), | ||
RouteFilterPrefixes: []*directconnect.RouteFilterPrefix{}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we pass an empty slice here?
@stack72 I made some changes based on your comments. In some cases I will need some more feedback. Please refer to the review comments replies above. |
Hi @mhlias ok, 1 last request, please can you standardise the names of your tests? Right now I have tests like this:
and this
Thanks Paul |
also, FYI:
|
@stack72 I fixed the naming on the tests. On the acceptance testing it is a bit of a tricky situation. You need a direct connect connection to create VIFs and those are not a resource that can be automated as it requires manual work on the Datacenter to get it up and running. I also no longer have access to a direct connect connection for testing. I don't know if I could use https://docs.aws.amazon.com/sdk-for-go/api/service/directconnect/directconnectiface/ this to mock it instead. |
What is the current status on this one? I have an upcoming project which will involve AWS Direct Connect it would be great to use Terraform to manage this resource. What is required to get this one over the line? |
@mubeta06 Testing remains as I don't currently have access to non-production-critical directconnect I can't test it and also the direct connect connection is a part that needs to be set up offline so not easy to create/expect one to be there for testing use. I found out the mocking interface provided in the AWS SDK but I didn't manage to find time to mock all those calls + missing sample data to return for success/failure scenarios. |
I have a use case for this whereby a 3rd party we use for DirectConnect services handle most of the heavy lifting and just expose the VIF in our account so I just need to be able to confirm the VIF creation and then use the exposed attributes to create a CGW resource, etc. |
@AndHei It would be great if someone could modify the tests with their direct connect info and run them to get outputs. Right now I don't have access to a direct connect connection for testing so it is impossible for me to do. |
We would also very much like to see this. As we will be creating DC's "real soon" and don't have anything in production yet, there will be a window for testing. Our plans include LACP, VLANs and VIFs in multiple accounts. |
Is DC support available yet? |
@@ -214,6 +214,9 @@ func Provider() terraform.ResourceProvider { | |||
"aws_db_parameter_group": resourceAwsDbParameterGroup(), | |||
"aws_db_security_group": resourceAwsDbSecurityGroup(), | |||
"aws_db_subnet_group": resourceAwsDbSubnetGroup(), | |||
"aws_dc_virtual_interface": resourceAwsDirectConnectVirtualInterface(), | |||
"aws_dc_intra_virtual_interface": resourceAwsDirectConnectIntraVirtualInterface(), | |||
"aws_dc_intra_virtual_interface_confirm": resourceAwsDirectConnectIntraVirtualInterfaceConfirm(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AWS refer to direct connects as 'dx' is a fair amount of their documentation (see: https://aws.amazon.com/directconnect/faqs/)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It'd be great if this used the same shorthand that AWS use themselves (i.e. 'dx' rather than 'dc').
Obviously needs rebase (and, potentially, extracting with the forthcoming 0.10.x changes) and further testing.
}) | ||
|
||
if err != nil { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, a VirtualInterface can be deleted from the AWS Console.
Is there any update on this? I'm planing to create some vifs and I can help to test. |
If someone commits to testing with a DC connection I can rebase and bring
it up to date with AWS API in the next 2 weeks.
…On 17 July 2017 at 20:05, Jesus Rafael Carrillo ***@***.***> wrote:
Is there any update on this?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#5212 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AJ9EIXyabjq9xHMyUgLwMyttd7LEu9Pzks5sO7BogaJpZM4Hd1Gl>
.
|
I might be able to test it, I have a DC and we are in the process of creating more vpcs /accounts. |
i work with Jesus Carrillo and part of the network team. We're in the process of working on a solution to automate direct connect deployments via terraform. I would love to commit to testing. let me know |
Closing in favor of hashicorp/terraform-provider-aws#876 which is against the newly split out provider |
@catsby The one you mention only has support for a single resource to confirm a VIF and nothing else so it is not a replacement. If you want to move the PR to the new external structure just let me know. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Hello,
This PR is adding support for DirectConnect virtual interfaces as seen in the documentation here: http://docs.aws.amazon.com/directconnect/latest/UserGuide/createhostedvirtualinterface.html
I decided to not create separate resources for public and private virtual interfaces as they only have minor differences at creation time and from there they are described as the same resource by the API. So I am handling them with parameters instead. I am not sure if that is a good way of doing it or not, so any feedback on that would be welcome.
I also have two types of resources. One for interfaces that will be created on the same AWS account where the direct connect connection has been created and one for when the virtual interface will be created for usage on a separate AWS account to the one that has the direct connect connection.
I provide an example in the documentation on how to use the latter case.
I wasn't sure how to handle some metaparameters that are used for internal logic and not directly for the resource itself. Also how to have required parameters or not based on another parameter's value. e.g. interface_type private or public require 2 different things, the former requires a virtual_gateway_id and the latter requires a route_filter_prefixes. I would appreciate some feedback on that.
I added some testing but it is not easy to run as it requires a pre-existing direct connect connection which requires an offline procedure to get it set up. Please provide some feedback on how testing should be for this kind of resource.
Best,
Ilias.