[Feat.] CCE: availability zone specification for opentelekomcloud_cce_cluster_v3

docs/resources/cce_cluster_v3.md

@@ -127,6 +127,31 @@ resource "opentelekomcloud_cce_cluster_v3" "cluster_1" {
 }
 ```
 
+### CCE HA cluster
+
+```hcl
+variable "vpc_id" {}
+variable "subnet_id" {}
+
+resource "opentelekomcloud_cce_cluster_v3" "cluster" {
+  name                   = "cluster"
+  flavor_id              = "cce.s2.small"
+  vpc_id                 = var.vpc_id
+  subnet_id              = var.subnet_id
+  container_network_type = "overlay_l2"
+
+  masters {
+    availability_zone = "eu-de-01"
+  }
+  masters {
+    availability_zone = "eu-de-02"
+  }
+  masters {
+    availability_zone = "eu-de-03"
+  }
+}
+```
+
 ## Argument Reference
 
 The following arguments are supported:
@@ -205,6 +230,11 @@ The following arguments are supported:
   The private key used by the Kubernetes cluster does not support password encryption. Use an unencrypted private key.
 
 * `multi_az` - (Optional) Enable multiple AZs for the cluster, only when using HA flavors. Changing this parameter will create a new cluster resource.
+  This parameter and `masters` are alternative.
+
+* `masters` - (Optional, List, ForceNew) Specifies the advanced configuration of master nodes.
+  The [object](#cce_cluster_masters) structure is documented below.
+  This parameter and `multi_az` are alternative. Changing this parameter will create a new cluster resource.
 
 * `eip` - (Optional) EIP address of the cluster.
 
@@ -252,6 +282,12 @@ The following arguments are supported:
 * `delete_all_network` - (Optional) Specified whether to delete all associated network resources when deleting the CCE
   cluster. valid values are **true**, **try** and **false**. Default is **false**.
 
+<a name="cce_cluster_masters"></a>
+The `masters` block supports:
+
+* `availability_zone` - (Optional, String, ForceNew) Specifies the availability zone of the master node.
+  Changing this parameter will create a new cluster resource.
+
 -> Note: Cluster custom deletion info and properties can be checked here:
   [Deleting a Specified Cluster.](https://docs.otc.t-systems.com/cloud-container-engine/api-ref/apis/cluster_management/deleting_a_specified_cluster.html)
 

go.mod

@@ -17,7 +17,7 @@ require (
 	github.com/jmespath/go-jmespath v0.4.0
 	github.com/keybase/go-crypto v0.0.0-20200123153347-de78d2cb44f4
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20250117142924-89e7b723fcc7
+	github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20250123103327-869bcd243cf2
 	github.com/unknwon/com v1.0.1
 	golang.org/x/crypto v0.31.0
 	golang.org/x/sync v0.10.0

go.sum

@@ -156,8 +156,8 @@ github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLA
 github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce h1:RPclfga2SEJmgMmz2k+Mg7cowZ8yv4Trqw9UsJby758=
 github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
-github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20250117142924-89e7b723fcc7 h1:MGGtjRYekil3cch//l2gQBZWv32d/4ztF9GlO6FfCBI=
-github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20250117142924-89e7b723fcc7/go.mod h1:la8cQVYopRoEbNe2L7HlGTdLxUQOwIqHp1VHtjE/5qA=
+github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20250123103327-869bcd243cf2 h1:G3i67iIu8UQiCnW606Ew9Ir67rSld8SIJ9FAubzSEcc=
+github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20250123103327-869bcd243cf2/go.mod h1:la8cQVYopRoEbNe2L7HlGTdLxUQOwIqHp1VHtjE/5qA=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=

opentelekomcloud/acceptance/cce/resource_opentelekomcloud_cce_cluster_v3_test.go

@@ -62,6 +62,7 @@ func TestAccCCEClusterV3_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceClusterName, "certificate_users.#", "1"),
 					resource.TestCheckResourceAttr(resourceClusterName, "certificate_users.0.name", "user"),
 					resource.TestCheckResourceAttr(resourceClusterName, "enable_volume_encryption", "true"),
+					resource.TestCheckResourceAttr(resourceClusterName, "masters.0.availability_zone", "eu-de-01"),
 				),
 			},
 			{
@@ -70,6 +71,7 @@ func TestAccCCEClusterV3_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceClusterName, "description", "new description"),
 					resource.TestCheckResourceAttr(resourceClusterName, "kube_proxy_mode", "ipvs"),
 					resource.TestCheckResourceAttr(resourceClusterName, "enable_volume_encryption", "true"),
+					resource.TestCheckResourceAttr(resourceClusterName, "masters.0.availability_zone", "eu-de-01"),
 				),
 			},
 		},
@@ -328,6 +330,9 @@ resource "opentelekomcloud_cce_cluster_v3" "cluster_1" {
   ignore_addons            = true
   kube_proxy_mode          = "ipvs"
   enable_volume_encryption = true
+  masters {
+    availability_zone = "eu-de-01"
+  }
 }
 `, common.DataSourceSubnet, clusterName)
 }
@@ -395,6 +400,9 @@ resource "opentelekomcloud_cce_cluster_v3" "cluster_1" {
   delete_all_storage       = "true"
   delete_all_network       = "true"
   enable_volume_encryption = true
+  masters {
+    availability_zone = "eu-de-01"
+  }
 }
 `, common.DataSourceSubnet, clusterName)
 }

opentelekomcloud/services/cce/resource_opentelekomcloud_cce_cluster_v3.go

@@ -167,6 +167,24 @@ func ResourceCCEClusterV3() *schema.Resource {
 				ForceNew: true,
 				Default:  "x509",
 			},
+			"masters": {
+				Type:          schema.TypeList,
+				Optional:      true,
+				ForceNew:      true,
+				Computed:      true,
+				MaxItems:      3,
+				ConflictsWith: []string{"multi_az"},
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"availability_zone": {
+							Type:     schema.TypeString,
+							Optional: true,
+							ForceNew: true,
+							Computed: true,
+						},
+					},
+				},
+			},
 			"authenticating_proxy": {
 				Type:     schema.TypeList,
 				Optional: true,
@@ -213,9 +231,10 @@ func ResourceCCEClusterV3() *schema.Resource {
 					"ipvs", "iptables"}, true),
 			},
 			"multi_az": {
-				Type:     schema.TypeBool,
-				Optional: true,
-				ForceNew: true,
+				Type:          schema.TypeBool,
+				Optional:      true,
+				ForceNew:      true,
+				ConflictsWith: []string{"masters"},
 			},
 			"eip": {
 				Type:         schema.TypeString,
@@ -349,6 +368,31 @@ var associateDeleteSchema *schema.Schema = &schema.Schema{
 	ConflictsWith: []string{"delete_all_storage", "delete_all_network"},
 }
 
+func resourceClusterMasters(d *schema.ResourceData) ([]clusters.MasterSpec, error) {
+	if v, ok := d.GetOk("masters"); ok {
+		flavorId := d.Get("flavor_id").(string)
+		mastersRaw := v.([]interface{})
+		if strings.Contains(flavorId, "s1") && len(mastersRaw) != 1 {
+			return nil, fmt.Errorf("error creating CCE cluster: "+
+				"single-master cluster need 1 az for master node, but got %d", len(mastersRaw))
+		}
+		if strings.Contains(flavorId, "s2") && len(mastersRaw) != 3 {
+			return nil, fmt.Errorf("error creating CCE cluster: "+
+				"high-availability cluster need 3 az for master nodes, but got %d", len(mastersRaw))
+		}
+		masters := make([]clusters.MasterSpec, len(mastersRaw))
+		for i, raw := range mastersRaw {
+			rawMap := raw.(map[string]interface{})
+			masters[i] = clusters.MasterSpec{
+				AvailabilityZone: rawMap["availability_zone"].(string),
+			}
+		}
+		return masters, nil
+	}
+
+	return nil, nil
+}
+
 func resourceClusterLabelsV3(d *schema.ResourceData) map[string]string {
 	m := make(map[string]string)
 	for key, val := range d.Get("labels").(map[string]interface{}) {
@@ -448,6 +492,12 @@ func resourceCCEClusterV3Create(ctx context.Context, d *schema.ResourceData, met
 		createOpts.Spec.EniNetwork = &eniNetwork
 	}
 
+	masters, err := resourceClusterMasters(d)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	createOpts.Spec.Masters = masters
+
 	create, err := clusters.Create(client, createOpts)
 
 	if err != nil {
@@ -629,6 +679,16 @@ func resourceCCEClusterV3Read(ctx context.Context, d *schema.ResourceData, meta
 		}
 	}
 
+	// Set masters
+	var masterList []map[string]interface{}
+	for _, masterObj := range cluster.Spec.Masters {
+		master := make(map[string]interface{})
+		master["availability_zone"] = masterObj.AvailabilityZone
+		masterList = append(masterList, master)
+	}
+	if err := d.Set("masters", masterList); err != nil {
+		return diag.FromErr(err)
+	}
 	if err := d.Set("security_group_control", controlSecGroupID); err != nil {
 		return diag.FromErr(err)
 	}

releasenotes/notes/cce_cluster_az-3835c1c4de7601a7.yaml

@@ -0,0 +1,4 @@
+---
+enhancements:
+  - |
+    **[CCE]** Add possibility to specify `availability_zone` for ``resource/opentelekomcloud_cce_custer_v3`` (`#2800 <https://github.com/opentelekomcloud/terraform-provider-opentelekomcloud/pull/2800>`_)