Terraform VMware Cloud Director Provider v3.11.0

Terraform VMware Cloud Director Provider v3.11.0 is available now, adding support for VMware Cloud Director 10.5.1 and dropping compatibility with 10.3, as well as introducing many new features and improvements.

Adding support for Container Service Extension (CSE) 4.1

This new version of the provider updates both the installation guide and the cluster management guide to reflect the new elements that are required for customers to start using CSE 4.1, such as the new data source vcd_rde_behavior_invocation.
This data source is used to invoke the Runtime Defined Entity Behavior that allows to retrieve the Kubeconfig of the provisioned Kubernetes clusters.

All the examples that were provided in previous releases have been upgraded with the new information and resources from v3.11.0.

Extending the Runtime Defined Entity (RDE) framework with new capabilities

This release includes a new data source and several improvements of the existing RDE resources and data sources:

• Users can now automate RDE Behavior invocation with the new vcd_rde_behavior_invocation data source, which invokes an existing Behavior (defined with either vcd_rde_interface_behavior or vcd_rde_type_behavior) and saves the result into Terraform state.
• The existing rde_type resource and data source now support Behavior hooks with the new hook blocks, that allow to automatically invoke Behaviors on certain RDE lifecycle events.
• The vcd_rde resource and data source now support metadata with the new metadata_entry blocks.

This release also includes several improvements on RDE resources and data sources that you can check in the project’s changelog.

NSX-T Segment Profiles get full support in v3.11.0

Terraform VCD Provider v3.11 gets a bundle of resources and data sources to manage NSX-T Segment Profiles. Here is a complete layout of what is available:

5 new rich data sources that not only allow users to lookup IDs for referencing purposes, but also expose every configuration aspect for each type of Segment Profile:

• vcd_nsxt_segment_ip_discovery_profile
• vcd_nsxt_segment_mac_discovery_profile
• vcd_nsxt_segment_spoof_guard_profile
• vcd_nsxt_segment_qos_profile
• vcd_nsxt_segment_security_profile

Going further, a new resource vcd_nsxt_segment_profile_template is available to build VCD Segment Profile Templates using the above mentioned data sources.

And finally, 3 new resources that can set default Segment Profiles at different layers of VCD infrastructure:

• vcd_nsxt_global_default_segment_profile_template (global default for VCD)
• vcd_org_vdc_nsxt_network_profile (default for particular VDC)
• vcd_nsxt_network_segment_profile (default Segment Profile for individual segment)

Note: each of the lower-level resource can override the higher-level configuration.

NSX-T Edge Gateway gets support for Segment Backed Uplinks

Resource and data source vcd_nsxt_edgegateway continue to grow and this release adds support for Segment Backed External Network configuration via new configuration block
external_network

IP Space support improvements

• Resource and data source vcd_ip_space now support NAT and Firewall creation configuration using fields default_firewall_rule_creation_enabled,
  default_no_snat_rule_creation_enabled, default_snat_rule_creation_enabled.
• vcd_ip_space_ip_allocation adds new field value for allocating a user specified IP or Prefix on VCD 10.4.2+.

New experimental features: vGPU Policies and improved Terraform Imports

This release adds a new resource, vcd_vm_vgpu_policy, and two data sources, vcd_vm_vgpu_policy and vcd_vgpu_profile, to create, manage and consume vGPU Policies.

It also adds support for the experimental Config-driven Import feature. This substantially eases importing of existing VCD environments into Terraform management by automating generation of HCL configuration files. There is a new guide on how to use this feature preview (requires Terraform v1.5.0+).

Provider-side enhancements

Terraform VCD Provider v3.11 adds new improvements to the Provider tooling set:

• A new resource and data source vcd_network_pool to manage Network Pools.
• The existing vcd_provider_vdc supports metadata management with the metadata_entry blocks.

vApp and VM enhancements

This release also introduces new features to the already existing vcd_vm and vcd_vapp_vm resources and data sources:

• Added support for the metadata that is auto-generated in standalone VMs and vApp VMs in VCD 10.5.1+, with the new inherited_metadata map. The entries
  stored there give information about the origin of the VM.
• Added option to specify Boot Firmware (BIOS/EFI) and Secure Boot (VCD 10.4.1+) in the boot_options block of these resources.
• Added Lease settings for vcd_catalog_vapp_template with the lease block, where users can specify how long the vApp Template is available before being automatically deleted or marked as expired.

List of new resources and data sources

• 8 new resources:
  • vcd_nsxt_edgegateway_l2_vpn_tunnel
  • vcd_nsxt_segment_profile_template
  • vcd_nsxt_global_default_segment_profile_template
  • vcd_org_vdc_nsxt_network_profile
  • vcd_nsxt_network_segment_profile
  • vcd_network_pool
  • vcd_nsxt_edgegateway_dns
  • vcd_vm_vgpu_policy
• 14 new data sources:
  • vcd_nsxt_edgegateway_l2_vpn_tunnel
  • vcd_rde_behavior_invocation
  • vcd_nsxt_segment_ip_discovery_profile
  • vcd_nsxt_segment_mac_discovery_profile
  • vcd_nsxt_segment_spoof_guard_profile
  • vcd_nsxt_segment_qos_profile
  • vcd_nsxt_segment_security_profile
  • vcd_nsxt_segment_profile_template
  • vcd_nsxt_global_default_segment_profile_template
  • vcd_org_vdc_nsxt_network_profile
  • vcd_nsxt_network_segment_profile
  • vcd_nsxt_edgegateway_dns
  • vcd_vgpu_profile
  • vcd_vm_vgpu_policy

There are more features and enhancements, which you can see in the project’s changelog.
And, as always, we are awaiting your feedback and suggestions in GitHub Issues and #vcd-terraform-dev Slack channel (vmwarecode.slack.com).