Merge pull request #17229 from flopib/gce-tf-regional-backend-service

Make GCE backend service regional for the Terraform target

Author: k8s-ci-robot

tests/integration/update_cluster/minimal_gce_dns-none/kubernetes.tf

@@ -169,16 +169,6 @@ resource "google_compute_address" "api-us-test1-minimal-gce-example-com" {
   subnetwork   = google_compute_subnetwork.us-test1-minimal-gce-example-com.name
 }
 
-resource "google_compute_backend_service" "api-minimal-gce-example-com" {
-  backend {
-    group = google_compute_instance_group_manager.a-master-us-test1-a-minimal-gce-example-com.instance_group
-  }
-  health_checks         = [google_compute_health_check.api-minimal-gce-example-com.id]
-  load_balancing_scheme = "INTERNAL_SELF_MANAGED"
-  name                  = "api-minimal-gce-example-com"
-  protocol              = "TCP"
-}
-
 resource "google_compute_disk" "a-etcd-events-minimal-gce-example-com" {
   labels = {
     "k8s-io-cluster-name" = "minimal-gce-example-com"
@@ -441,7 +431,7 @@ resource "google_compute_firewall" "ssh-external-to-node-minimal-gce-example-com
 }
 
 resource "google_compute_forwarding_rule" "api-us-test1-minimal-gce-example-com" {
-  backend_service = google_compute_backend_service.api-minimal-gce-example-com.id
+  backend_service = google_compute_region_backend_service.api-minimal-gce-example-com.id
   ip_address      = google_compute_address.api-us-test1-minimal-gce-example-com.address
   ip_protocol     = "TCP"
   labels = {
@@ -456,7 +446,7 @@ resource "google_compute_forwarding_rule" "api-us-test1-minimal-gce-example-com"
 }
 
 resource "google_compute_forwarding_rule" "kops-controller-us-test1-minimal-gce-example-com" {
-  backend_service = google_compute_backend_service.api-minimal-gce-example-com.id
+  backend_service = google_compute_region_backend_service.api-minimal-gce-example-com.id
   ip_address      = google_compute_address.api-us-test1-minimal-gce-example-com.address
   ip_protocol     = "TCP"
   labels = {
@@ -470,13 +460,6 @@ resource "google_compute_forwarding_rule" "kops-controller-us-test1-minimal-gce-
   subnetwork            = google_compute_subnetwork.us-test1-minimal-gce-example-com.name
 }
 
-resource "google_compute_health_check" "api-minimal-gce-example-com" {
-  name = "api-minimal-gce-example-com"
-  tcp_health_check {
-    port = 443
-  }
-}
-
 resource "google_compute_instance_group_manager" "a-master-us-test1-a-minimal-gce-example-com" {
   base_instance_name             = "master-us-test1-a"
   list_managed_instances_results = "PAGINATED"
@@ -604,6 +587,24 @@ resource "google_compute_network" "minimal-gce-example-com" {
   name                    = "minimal-gce-example-com"
 }
 
+resource "google_compute_region_backend_service" "api-minimal-gce-example-com" {
+  backend {
+    balancing_mode = "CONNECTION"
+    group          = google_compute_instance_group_manager.a-master-us-test1-a-minimal-gce-example-com.instance_group
+  }
+  health_checks         = [google_compute_region_health_check.api-minimal-gce-example-com.id]
+  load_balancing_scheme = "INTERNAL"
+  name                  = "api-minimal-gce-example-com"
+  protocol              = "TCP"
+}
+
+resource "google_compute_region_health_check" "api-minimal-gce-example-com" {
+  name = "api-minimal-gce-example-com"
+  tcp_health_check {
+    port = 443
+  }
+}
+
 resource "google_compute_router" "nat-minimal-gce-example-com" {
   name    = "nat-minimal-gce-example-com"
   network = google_compute_network.minimal-gce-example-com.name

tests/integration/update_cluster/minimal_gce_ilb/kubernetes.tf

@@ -177,16 +177,6 @@ resource "google_compute_address" "api-us-test1-minimal-gce-ilb-example-com" {
   subnetwork   = google_compute_subnetwork.us-test1-minimal-gce-ilb-example-com.name
 }
 
-resource "google_compute_backend_service" "api-minimal-gce-ilb-example-com" {
-  backend {
-    group = google_compute_instance_group_manager.a-master-us-test1-a-minimal-gce-ilb-example-com.instance_group
-  }
-  health_checks         = [google_compute_health_check.api-minimal-gce-ilb-example-com.id]
-  load_balancing_scheme = "INTERNAL_SELF_MANAGED"
-  name                  = "api-minimal-gce-ilb-example-com"
-  protocol              = "TCP"
-}
-
 resource "google_compute_disk" "a-etcd-events-minimal-gce-ilb-example-com" {
   labels = {
     "k8s-io-cluster-name" = "minimal-gce-ilb-example-com"
@@ -425,7 +415,7 @@ resource "google_compute_firewall" "ssh-external-to-node-minimal-gce-ilb-example
 }
 
 resource "google_compute_forwarding_rule" "api-us-test1-minimal-gce-ilb-example-com" {
-  backend_service = google_compute_backend_service.api-minimal-gce-ilb-example-com.id
+  backend_service = google_compute_region_backend_service.api-minimal-gce-ilb-example-com.id
   ip_address      = google_compute_address.api-us-test1-minimal-gce-ilb-example-com.address
   ip_protocol     = "TCP"
   labels = {
@@ -439,13 +429,6 @@ resource "google_compute_forwarding_rule" "api-us-test1-minimal-gce-ilb-example-
   subnetwork            = google_compute_subnetwork.us-test1-minimal-gce-ilb-example-com.name
 }
 
-resource "google_compute_health_check" "api-minimal-gce-ilb-example-com" {
-  name = "api-minimal-gce-ilb-example-com"
-  tcp_health_check {
-    port = 443
-  }
-}
-
 resource "google_compute_instance_group_manager" "a-master-us-test1-a-minimal-gce-ilb-example-com" {
   base_instance_name             = "master-us-test1-a"
   list_managed_instances_results = "PAGINATED"
@@ -573,6 +556,24 @@ resource "google_compute_network" "minimal-gce-ilb-example-com" {
   name                    = "minimal-gce-ilb-example-com"
 }
 
+resource "google_compute_region_backend_service" "api-minimal-gce-ilb-example-com" {
+  backend {
+    balancing_mode = "CONNECTION"
+    group          = google_compute_instance_group_manager.a-master-us-test1-a-minimal-gce-ilb-example-com.instance_group
+  }
+  health_checks         = [google_compute_region_health_check.api-minimal-gce-ilb-example-com.id]
+  load_balancing_scheme = "INTERNAL"
+  name                  = "api-minimal-gce-ilb-example-com"
+  protocol              = "TCP"
+}
+
+resource "google_compute_region_health_check" "api-minimal-gce-ilb-example-com" {
+  name = "api-minimal-gce-ilb-example-com"
+  tcp_health_check {
+    port = 443
+  }
+}
+
 resource "google_compute_router" "nat-minimal-gce-ilb-example-com" {
   name    = "nat-minimal-gce-ilb-example-com"
   network = google_compute_network.minimal-gce-ilb-example-com.name

tests/integration/update_cluster/minimal_gce_ilb_longclustername/kubernetes.tf

@@ -177,16 +177,6 @@ resource "google_compute_address" "api-us-test1-minimal-gce-with-a-very-very-ver
   subnetwork   = google_compute_subnetwork.us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi.name
 }
 
-resource "google_compute_backend_service" "api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi" {
-  backend {
-    group = google_compute_instance_group_manager.a-master-us-test1-a-minimal-gce-with-a-very-very-very-ve-j0fh8f.instance_group
-  }
-  health_checks         = [google_compute_health_check.api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi.id]
-  load_balancing_scheme = "INTERNAL_SELF_MANAGED"
-  name                  = "api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi"
-  protocol              = "TCP"
-}
-
 resource "google_compute_disk" "a-etcd-events-minimal-gce-with-a-very-very-very-very-ver-96dqvi" {
   labels = {
     "k8s-io-cluster-name" = "minimal-gce-with-a-very-very-very-very-very-long-name-example-com"
@@ -425,7 +415,7 @@ resource "google_compute_firewall" "ssh-external-to-node-minimal-gce-with-a-very
 }
 
 resource "google_compute_forwarding_rule" "api-us-test1-minimal-gce-with-a-very-very-very-very-very-96dqvi" {
-  backend_service = google_compute_backend_service.api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi.id
+  backend_service = google_compute_region_backend_service.api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi.id
   ip_address      = google_compute_address.api-us-test1-minimal-gce-with-a-very-very-very-very-very-96dqvi.address
   ip_protocol     = "TCP"
   labels = {
@@ -439,13 +429,6 @@ resource "google_compute_forwarding_rule" "api-us-test1-minimal-gce-with-a-very-
   subnetwork            = google_compute_subnetwork.us-test1-minimal-gce-with-a-very-very-very-very-very-lon-96dqvi.name
 }
 
-resource "google_compute_health_check" "api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi" {
-  name = "api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi"
-  tcp_health_check {
-    port = 443
-  }
-}
-
 resource "google_compute_instance_group_manager" "a-master-us-test1-a-minimal-gce-with-a-very-very-very-ve-j0fh8f" {
   base_instance_name             = "master-us-test1-a"
   list_managed_instances_results = "PAGINATED"
@@ -573,6 +556,24 @@ resource "google_compute_network" "minimal-gce-with-a-very-very-very-very-very-l
   name                    = "minimal-gce-with-a-very-very-very-very-very-long-name-ex-96dqvi"
 }
 
+resource "google_compute_region_backend_service" "api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi" {
+  backend {
+    balancing_mode = "CONNECTION"
+    group          = google_compute_instance_group_manager.a-master-us-test1-a-minimal-gce-with-a-very-very-very-ve-j0fh8f.instance_group
+  }
+  health_checks         = [google_compute_region_health_check.api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi.id]
+  load_balancing_scheme = "INTERNAL"
+  name                  = "api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi"
+  protocol              = "TCP"
+}
+
+resource "google_compute_region_health_check" "api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi" {
+  name = "api-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi"
+  tcp_health_check {
+    port = 443
+  }
+}
+
 resource "google_compute_router" "nat-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi" {
   name    = "nat-minimal-gce-with-a-very-very-very-very-very-long-nam-96dqvi"
   network = google_compute_network.minimal-gce-with-a-very-very-very-very-very-long-name-ex-96dqvi.name

tests/integration/update_cluster/minimal_gce_plb/kubernetes.tf

@@ -181,16 +181,6 @@ resource "google_compute_address" "api-us-test1-minimal-gce-plb-example-com" {
   subnetwork   = google_compute_subnetwork.us-test1-minimal-gce-plb-example-com.name
 }
 
-resource "google_compute_backend_service" "api-minimal-gce-plb-example-com" {
-  backend {
-    group = google_compute_instance_group_manager.a-master-us-test1-a-minimal-gce-plb-example-com.instance_group
-  }
-  health_checks         = [google_compute_health_check.api-minimal-gce-plb-example-com.id]
-  load_balancing_scheme = "INTERNAL_SELF_MANAGED"
-  name                  = "api-minimal-gce-plb-example-com"
-  protocol              = "TCP"
-}
-
 resource "google_compute_disk" "a-etcd-events-minimal-gce-plb-example-com" {
   labels = {
     "k8s-io-cluster-name" = "minimal-gce-plb-example-com"
@@ -442,7 +432,7 @@ resource "google_compute_forwarding_rule" "api-minimal-gce-plb-example-com" {
 }
 
 resource "google_compute_forwarding_rule" "api-us-test1-minimal-gce-plb-example-com" {
-  backend_service = google_compute_backend_service.api-minimal-gce-plb-example-com.id
+  backend_service = google_compute_region_backend_service.api-minimal-gce-plb-example-com.id
   ip_address      = google_compute_address.api-us-test1-minimal-gce-plb-example-com.address
   ip_protocol     = "TCP"
   labels = {
@@ -456,13 +446,6 @@ resource "google_compute_forwarding_rule" "api-us-test1-minimal-gce-plb-example-
   subnetwork            = google_compute_subnetwork.us-test1-minimal-gce-plb-example-com.name
 }
 
-resource "google_compute_health_check" "api-minimal-gce-plb-example-com" {
-  name = "api-minimal-gce-plb-example-com"
-  tcp_health_check {
-    port = 443
-  }
-}
-
 resource "google_compute_http_health_check" "api-minimal-gce-plb-example-com" {
   name         = "api-minimal-gce-plb-example-com"
   port         = 3990
@@ -597,6 +580,24 @@ resource "google_compute_network" "minimal-gce-plb-example-com" {
   name                    = "minimal-gce-plb-example-com"
 }
 
+resource "google_compute_region_backend_service" "api-minimal-gce-plb-example-com" {
+  backend {
+    balancing_mode = "CONNECTION"
+    group          = google_compute_instance_group_manager.a-master-us-test1-a-minimal-gce-plb-example-com.instance_group
+  }
+  health_checks         = [google_compute_region_health_check.api-minimal-gce-plb-example-com.id]
+  load_balancing_scheme = "INTERNAL"
+  name                  = "api-minimal-gce-plb-example-com"
+  protocol              = "TCP"
+}
+
+resource "google_compute_region_health_check" "api-minimal-gce-plb-example-com" {
+  name = "api-minimal-gce-plb-example-com"
+  tcp_health_check {
+    port = 443
+  }
+}
+
 resource "google_compute_router" "nat-minimal-gce-plb-example-com" {
   name    = "nat-minimal-gce-plb-example-com"
   network = google_compute_network.minimal-gce-plb-example-com.name

upup/pkg/fi/cloudup/gcetasks/backend_service.go

@@ -149,7 +149,8 @@ func (a *BackendService) URL(cloud gce.GCECloud) string {
 }
 
 type terraformBackend struct {
-	Group *terraformWriter.Literal `cty:"group"`
+	BalancingMode *terraformWriter.Literal `cty:"balancing_mode"`
+	Group         *terraformWriter.Literal `cty:"group"`
 }
 
 type terraformBackendService struct {
@@ -166,30 +167,27 @@ func (_ *BackendService) RenderTerraform(t *terraform.TerraformTarget, a, e, cha
 		LoadBalancingScheme: e.LoadBalancingScheme,
 		Protocol:            e.Protocol,
 	}
-	// Terraform has a different name for this scheme:
-	if tf.LoadBalancingScheme != nil && *tf.LoadBalancingScheme == "INTERNAL" {
-		sm := "INTERNAL_SELF_MANAGED"
-		tf.LoadBalancingScheme = &sm
-	}
+
 	var igms []terraformBackend
 	for _, ig := range e.InstanceGroupManagers {
 		igms = append(igms, terraformBackend{
-			Group: terraformWriter.LiteralProperty("google_compute_instance_group_manager", *ig.Name, "instance_group"),
+			BalancingMode: terraformWriter.LiteralFromStringValue("CONNECTION"),
+			Group:         terraformWriter.LiteralProperty("google_compute_instance_group_manager", *ig.Name, "instance_group"),
 		})
 	}
 	tf.Backend = igms
 
 	var hcs []*terraformWriter.Literal
 	for _, hc := range e.HealthChecks {
-		hcs = append(hcs, terraformWriter.LiteralProperty("google_compute_health_check", *hc.Name, "id"))
+		hcs = append(hcs, terraformWriter.LiteralProperty("google_compute_region_health_check", *hc.Name, "id"))
 	}
 	tf.HealthChecks = hcs
 
-	return t.RenderResource("google_compute_backend_service", *e.Name, tf)
+	return t.RenderResource("google_compute_region_backend_service", *e.Name, tf)
 }
 
 func (e *BackendService) TerraformAddress() *terraformWriter.Literal {
 	name := fi.ValueOf(e.Name)
 
-	return terraformWriter.LiteralProperty("google_compute_backend_service", name, "id")
+	return terraformWriter.LiteralProperty("google_compute_region_backend_service", name, "id")
 }

upup/pkg/fi/cloudup/gcetasks/healthcheck.go

@@ -141,9 +141,9 @@ func (_ *HealthCheck) RenderTerraform(t *terraform.TerraformTarget, a, e, change
 			Port: e.Port,
 		},
 	}
-	return t.RenderResource("google_compute_health_check", *e.Name, tf)
+	return t.RenderResource("google_compute_region_health_check", *e.Name, tf)
 }
 
 func (e *HealthCheck) TerraformAddress() *terraformWriter.Literal {
-	return terraformWriter.LiteralProperty("google_compute_health_check", *e.Name, "id")
+	return terraformWriter.LiteralProperty("google_compute_region_health_check", *e.Name, "id")
 }