[Feature]: Support adding VPC/VLAN config on a per node pool basis

Question

[Feature]: Support adding VPC/VLAN config on a per node pool basis

marvin-w opened this issue a year ago · 4 comments

Description

Hey, thank you for the terraform provider!
We are currently looking to migrate over from AWS to Akamai (Linode) and are wondering how we would achieve the following setup:

We will have 3 LKE clusters with node pools of varying sizes due to autoscaling. Now, as it stands with this terraform integration you can easily adjust the configuration of a single linode by using the exported node ids from the LKE cluster, but how can we make sure all our nodes in the node pool always have the same config, even if they were created at a later stage through autoscaling?

In AWS, networking config is defined directly on the node pool which imho would make sense here too. Am I missing something or is this a shortcoming that has not yet been adressed? I did already see that there is a plan to support a new linode_lke_node_pool resource but as it stands it also will not support this.

Would you mind guiding me in the right direction on how we can make sure all our linodes in a node pool will have the same firewall rules, vlans and potentially VPCs?

New or Affected Terraform Resources

linode_lke_node_pool

Potential Terraform Configuration

resource "linode_firewall" "my_firewall" {
  label = "my_firewall"

  inbound {
    label    = "allow-http"
    action   = "ACCEPT"
    protocol = "TCP"
    ports    = "80"
    ipv4     = ["0.0.0.0/0"]
    ipv6     = ["::/0"]
  }

  inbound {
    label    = "allow-https"
    action   = "ACCEPT"
    protocol = "TCP"
    ports    = "443"
    ipv4     = ["0.0.0.0/0"]
    ipv6     = ["::/0"]
  }

  inbound_policy = "DROP"

  outbound {
    label    = "reject-http"
    action   = "DROP"
    protocol = "TCP"
    ports    = "80"
    ipv4     = ["0.0.0.0/0"]
    ipv6     = ["::/0"]
  }

  outbound {
    label    = "reject-https"
    action   = "DROP"
    protocol = "TCP"
    ports    = "443"
    ipv4     = ["0.0.0.0/0"]
    ipv6     = ["::/0"]
  }

  outbound_policy = "ACCEPT"
}

resource "linode_lke_node_pool" "my-new-node-pool"{
        cluster = linode_lke_cluster.my-cluster
        labels = [label1, label2] # ideally the labels will be synced in k8s as node labels (not sure if they do)
        type  = "g6-standard-2"
        count = 3 # count is currently required, I think this should also be changed to state.current_count || autoscaler.min (if autoscaler is provided)
        autoscaler {
          min = 3
          max = 10
        }
        firewall_id = linode_firewall.my_firewall.id
       # same for VLAN and VPC
}

Answer 1 · 2023-12-14T03:23:27.000Z

Hey @marvin-w, thanks for putting up this feature request! We will track this feature request internally and let you know once we have a progress on it.

Answer 2 · 2024-01-14T00:15:41.000Z

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days

Answer 3 · 2024-04-11T15:43:25.000Z

Closing this issue out because it is a platform feature rather than a Terraform provider feature, but it is being tracked internally.

Answer 4 · 2024-05-29T02:21:53.000Z

Any plans or ETA on this?