Terraform provider VCD 3.7.0 is here and is now certified for VCD 10.4 and CDS.
Container Service Extension (CSE) 3.1.x automation
This version contains updates in resources like vcd_catalog_item to provide the required elements to support the setup of CSE in VCD.
Users can find a comprehensive guide that will lead them throughout the setup process of CSE components in VCD. The result is that they will have their VCD appliance ready to deploy and manage Tanzu Kubernetes Grid Multi-cloud (TKGm) clusters.
There’s also a new example that contains ready-to-use HCL code that will help customers to ramp-up and even prepare their own to setup CSE on their VCD appliance.
Dynamic Security Groups
Previous versions of VCD provider already had support for Static Security Groups, but the missing
part was Dynamic Security Groups and we’re happy to have them in 3.7.
Here is a tiny snippet of Tags and Dynamic Security Groups in action:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
resource "vcd_security_tag" "api" { name = "api-servers" # Referenced VM resources are not in this snippet vm_ids = [vcd_vm.my-vm-one.id, vcd_vm.my-vm-two.id] } resource "vcd_security_tag" "web" { name = "web-servers" # Referenced VM resources are not in this snippet vm_ids = [data.vcd_vm.web1.id] } data "vcd_vdc_group" "group1" { org = "cloud" name = "vdc-group-cloud" } resource "vcd_nsxt_dynamic_security_group" "internet-facing" { org = "cloud" vdc_group_id = data.vcd_vdc_group.group1.id name = "IFE" description = "Internet facing servers" criteria { # Boolean "OR" rule { # Boolean "AND" type = "VM_TAG" operator = "EQUALS" value = "web-servers" } } criteria { # Boolean "OR" rule { # Boolean "AND" type = "VM_TAG" operator = "EQUALS" value = "api-servers" } } } |
NSX-T Edge Gateway BGP Configuration
Three more new resources (and respective data sources) that should cover all needs for NSX-T Edge
Gateway BGP configuration:
- vcd_nsxt_edgegateway_bgp_configuration
- vcd_nsxt_edgegateway_bgp_neighbor
- vcd_nsxt_edgegateway_bgp_ip_prefix_list
ALB licensing model changes
The release of VCD 10.4.0 comes with a lot of new features and changes, and the VCD provider has been adapted to support them. One of the most important additions is about the ALB licensing model:
- vcd_nsxt_alb_controller resource doesn’t need the Licensing attribute in VCD 10.4.0, as it was transferred to the ALB Service Engine Group and the ALB Settings of the Edge Gateways. Therefore,
license_type
is now optional. - vcd_nsxt_alb_service_engine_group resource and data source can handle the “Supported feature set” which replaces the mentioned Licensing in VCD 10.4.0. Therefore, it has a new
supported_feature_set
attribute. - vcd_nsxt_alb_settings resource and data source can handle the “Supported feature set” which replaces the mentioned Licensing in VCD 10.4.0. Therefore, it has a new
supported_feature_set
attribute.
Other bits
- Deprecate
vdc
field in NSX-T Edge Gateway child entities to better align with VDC Group support.
Parent VDC or VDC Group is now inherited fromedge_gateway_id
field. - A new VDC sharing resource
vcd_org_vdc_access_control. - Improved VDC Group compatibility for some NSX-T Edge Gateway resources and data sources
- DNS server support for
vcd_nsxt_network_dhcp - Improved metadata performance for all resources that support it
More information
- A new guide page
focused on Container Service Extension (CSE) - Complete changelog
with all improvements - Documentation in Hashicorp registry
- Improved Guest customization guide page
with CloudInit examples
And a related release – underlying Go SDK for VMware Cloud Director has got a new version
v2.16
Authors and credit to: Dainius Serplis, Adam Barreiro, Linas Virbalas