added gateway feature for v1 cluster

go.mod

@@ -4,7 +4,7 @@ go 1.12
 
 require (
 	github.com/Bowery/prompt v0.0.0-20190916142128-fa8279994f75 // indirect
-	github.com/IBM-Cloud/bluemix-go v0.0.0-20200131101958-825d126550e4
+	github.com/IBM-Cloud/bluemix-go v0.0.0-20200221095222-69e3682d6f5b
 	github.com/IBM-Cloud/power-go-client v0.0.0-00010101000000-000000000000
 	github.com/IBM/ibm-cos-sdk-go v1.2.0
 	github.com/IBM/keyprotect-go-client v0.3.2

go.sum

@@ -37,6 +37,8 @@ github.com/IBM-Cloud/bluemix-go v0.0.0-20200131055858-778531c8c923 h1:ZVA8uE2ca3
 github.com/IBM-Cloud/bluemix-go v0.0.0-20200131055858-778531c8c923/go.mod h1:gPJbH1etcDj7qS/hBRiLuYW9CY0bRcostSKusa51xR0=
 github.com/IBM-Cloud/bluemix-go v0.0.0-20200131101958-825d126550e4 h1:SvzuJKIreVsYR7aYhj1LAmigp8CK/XgxCLVI+bB+nAM=
 github.com/IBM-Cloud/bluemix-go v0.0.0-20200131101958-825d126550e4/go.mod h1:gPJbH1etcDj7qS/hBRiLuYW9CY0bRcostSKusa51xR0=
+github.com/IBM-Cloud/bluemix-go v0.0.0-20200221095222-69e3682d6f5b h1:nqvojaTNFdlpNxI9UnKP1GAkcaLgLCx2E59c1UkYOck=
+github.com/IBM-Cloud/bluemix-go v0.0.0-20200221095222-69e3682d6f5b/go.mod h1:gPJbH1etcDj7qS/hBRiLuYW9CY0bRcostSKusa51xR0=
 github.com/IBM/ibm-cos-sdk-go v1.2.0 h1:oJG2eWmAhmz3XAkQLsmQweT7hmxoM3jKQkwLBZz6b5o=
 github.com/IBM/ibm-cos-sdk-go v1.2.0/go.mod h1:YLBAYobEA8bD27P7xpMwSQeNQu6W3DNBtBComXrRzRY=
 github.com/IBM/keyprotect-go-client v0.3.2 h1:JmGkHQEAJ9VWsKglc474Ahg/f0FZaRZ0X+3clDdTX6A=
@@ -64,6 +66,7 @@ github.com/apache/incubator-openwhisk-client-go v0.0.0-20171128215515-ad814bc98c
 github.com/apparentlymart/go-cidr v1.0.1 h1:NmIwLZ/KdsjIUlhf+/Np40atNXm/+lZ5txfTJ/SpF+U=
 github.com/apparentlymart/go-cidr v1.0.1/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc=
 github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM=
+github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0 h1:MzVXffFUye+ZcSR6opIgz9Co7WcDx6ZcY+RjfFHoA0I=
 github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM=
 github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0=
 github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk=
@@ -149,6 +152,7 @@ github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho=
 github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
+github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20180513044358-24b0969c4cb7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
@@ -171,6 +175,7 @@ github.com/google/go-cmp v0.3.1 h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk=
 github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
+github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no=
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
 github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
 github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
@@ -295,6 +300,7 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k=
+github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lusis/go-artifactory v0.0.0-20160115162124-7e4ce345df82/go.mod h1:y54tfGmO3NKssKveTEFFzH8C/akrSOy/iW9qEAUDV84=
@@ -393,6 +399,7 @@ github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6So
 github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww=
 github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
 github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
+github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=

ibm/resource_ibm_container_cluster.go

@@ -35,6 +35,8 @@ const (
 	isolationPrivate  = "private"
 
 	defaultWorkerPool = "default"
+	computeWorkerPool = "compute"
+	gatewayWorkerpool = "gateway"
 )
 
 const PUBLIC_SUBNET_TYPE = "public"
@@ -205,12 +207,11 @@ func resourceIBMContainerCluster() *schema.Resource {
 			},
 
 			"billing": {
-				Type:     schema.TypeString,
-				ForceNew: true,
-				Optional: true,
-				Default:  "hourly",
+				Type:       schema.TypeString,
+				ForceNew:   true,
+				Optional:   true,
+				Deprecated: "This field is deprecated",
 			},
-
 			"public_vlan_id": {
 				Type:     schema.TypeString,
 				Optional: true,
@@ -258,10 +259,10 @@ func resourceIBMContainerCluster() *schema.Resource {
 				Default:  false,
 			},
 			"is_trusted": {
-				Type:     schema.TypeBool,
-				Optional: true,
-				ForceNew: true,
-				Default:  false,
+				Type:       schema.TypeBool,
+				Optional:   true,
+				ForceNew:   true,
+				Deprecated: "This field is deprecated",
 			},
 			"server_url": {
 				Type:     schema.TypeString,
@@ -465,7 +466,13 @@ func resourceIBMContainerCluster() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-
+			"gateway_enabled": {
+				Type:             schema.TypeBool,
+				Optional:         true,
+				DiffSuppressFunc: applyOnce,
+				Default:          false,
+				Description:      "Set true for gateway enabled clusters",
+			},
 			"crn": {
 				Type:        schema.TypeString,
 				Computed:    true,
@@ -513,14 +520,13 @@ func resourceIBMContainerClusterCreate(d *schema.ResourceData, meta interface{})
 
 	name := d.Get("name").(string)
 	datacenter := d.Get("datacenter").(string)
-	billing := d.Get("billing").(string)
 	machineType := d.Get("machine_type").(string)
 	publicVlanID := d.Get("public_vlan_id").(string)
 	privateVlanID := d.Get("private_vlan_id").(string)
 	noSubnet := d.Get("no_subnet").(bool)
-	enableTrusted := d.Get("is_trusted").(bool)
 	diskEncryption := d.Get("disk_encryption").(bool)
 	defaultPoolSize := d.Get("default_pool_size").(int)
+	gatewayEnabled := d.Get("gateway_enabled").(bool)
 
 	hardware := d.Get("hardware").(string)
 	switch strings.ToLower(hardware) {
@@ -534,16 +540,26 @@ func resourceIBMContainerClusterCreate(d *schema.ResourceData, meta interface{})
 		Name:           name,
 		Datacenter:     datacenter,
 		WorkerNum:      defaultPoolSize,
-		Billing:        billing,
 		MachineType:    machineType,
 		PublicVlan:     publicVlanID,
 		PrivateVlan:    privateVlanID,
 		NoSubnet:       noSubnet,
 		Isolation:      hardware,
 		DiskEncryption: diskEncryption,
-		EnableTrusted:  enableTrusted,
 	}
 
+	if gatewayEnabled {
+		if v, ok := d.GetOkExists("private_service_endpoint"); ok {
+			if v.(bool) {
+				params.PrivateEndpointEnabled = v.(bool)
+				params.GatewayEnabled = gatewayEnabled
+			} else {
+				return fmt.Errorf("set private_service_endpoint to true for gateway_enabled clusters")
+			}
+		} else {
+			return fmt.Errorf("set private_service_endpoint to true for gateway_enabled clusters")
+		}
+	}
 	if v, ok := d.GetOk("kube_version"); ok {
 		params.MasterVersion = v.(string)
 	}
@@ -618,8 +634,18 @@ func resourceIBMContainerClusterRead(d *schema.ResourceData, meta interface{}) e
 	if err != nil {
 		return err
 	}
+	var poolName string
+	var poolContains bool
+
 	if len(workerPools) > 0 && workerPoolContains(workerPools, defaultWorkerPool) {
-		workersByPool, err := wrkAPI.ListByWorkerPool(clusterID, defaultWorkerPool, false, targetEnv)
+		poolName = defaultWorkerPool
+		poolContains = true
+	} else if len(workerPools) > 0 && workerPoolContains(workerPools, computeWorkerPool) && workerPoolContains(workerPools, gatewayWorkerpool) {
+		poolName = computeWorkerPool
+		poolContains = true
+	}
+	if poolContains {
+		workersByPool, err := wrkAPI.ListByWorkerPool(clusterID, poolName, false, targetEnv)
 		if err != nil {
 			return fmt.Errorf("Error retrieving workers of default worker pool for cluster: %s", err)
 		}
@@ -648,7 +674,7 @@ func resourceIBMContainerClusterRead(d *schema.ResourceData, meta interface{}) e
 			d.Set("hardware", hardware)
 		}
 
-		defaultWorkerPool, err := workerPoolsAPI.GetWorkerPool(clusterID, defaultWorkerPool, targetEnv)
+		defaultWorkerPool, err := workerPoolsAPI.GetWorkerPool(clusterID, poolName, targetEnv)
 		if err != nil {
 			return err
 		}
@@ -680,7 +706,6 @@ func resourceIBMContainerClusterRead(d *schema.ResourceData, meta interface{}) e
 		d.Set("kube_version", strings.Split(cls.MasterKubeVersion, "_")[0])
 
 	}
-	d.Set("is_trusted", cls.IsTrusted)
 	d.Set("albs", flattenAlbs(albs, "all"))
 	d.Set("resource_group_id", cls.ResourceGroupID)
 	d.Set("public_service_endpoint", cls.PublicServiceEndpointEnabled)
@@ -788,9 +813,20 @@ func resourceIBMContainerClusterUpdate(d *schema.ResourceData, meta interface{})
 		if err != nil {
 			return err
 		}
+		var poolName string
+		var poolContains bool
+
 		if len(workerPools) > 0 && workerPoolContains(workerPools, defaultWorkerPool) {
+			poolName = defaultWorkerPool
+
+			poolContains = true
+		} else if len(workerPools) > 0 && workerPoolContains(workerPools, computeWorkerPool) && workerPoolContains(workerPools, gatewayWorkerpool) {
+			poolName = computeWorkerPool
+			poolContains = true
+		}
+		if poolContains {
 			poolSize := d.Get("default_pool_size").(int)
-			err = workerPoolsAPI.ResizeWorkerPool(clusterID, defaultWorkerPool, poolSize, targetEnv)
+			err = workerPoolsAPI.ResizeWorkerPool(clusterID, poolName, poolSize, targetEnv)
 			if err != nil {
 				return fmt.Errorf(
 					"Error updating the default_pool_size %d: %s", poolSize, err)

website/docs/r/container_cluster.html.markdown

@@ -64,6 +64,21 @@ resource "ibm_container_cluster" "testacc_cluster" {
 }
 ```
 
+Create a Gateway Enabled Kubernetes cluster:
+
+```hcl
+resource "ibm_container_cluster" "testacc_cluster" {
+  name            = "testgate"
+  gateway_enabled = true 
+  datacenter      = "dal10"
+  machine_type    = "b3c.4x16"
+  hardware        = "shared"
+  private_vlan_id = "2709721"
+  private_service_endpoint = true
+  no_subnet = false
+}
+```
+
 ## Timeouts
 
 ibm_container_alb provides the following [Timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) configuration options:
@@ -98,7 +113,7 @@ The following arguments are supported:
 	* `version` - worker version. 
 * `default_pool_size` - (Optional,int) The number of workers created under the default worker pool which support Multi-AZ. 
 * `machine_type` - (Optional, Forces new resource, string) The machine type of the worker nodes. You can retrieve the value by running the `ibmcloud ks machine-types <data-center>` command in the IBM Cloud CLI.
-* `billing` - (Optional, Forces new resource, string) The billing type for the instance. Accepted values are `hourly` or `monthly`.
+* `billing` - (Deprecated, Optional, Forces new resource, string) The billing type for the instance. Accepted values are `hourly` or `monthly`.
 * `isolation` - (Removed, Forces new resource) Accepted values are `public` or `private`. Use `private` if you want to have available physical resources dedicated to you only or `public` to allow physical resources to be shared with other IBM customers. Use hardware instead.
 * `hardware` - (Optional, Forces new resource, string) The level of hardware isolation for your worker node. Use `dedicated` to have available physical resources dedicated to you only, or `shared` to allow physical resources to be shared with other IBM customers. For IBM Cloud Public accounts, it can be shared or dedicated. For IBM Cloud Dedicated accounts, dedicated is the only available option.
 * `public_vlan_id`- (Optional, Forces new resource, string) The public VLAN ID for the worker node. You can retrieve the value by running the ibmcloud ks vlans <data-center> command in the IBM Cloud CLI.
@@ -114,7 +129,8 @@ The following arguments are supported:
     (b) If you do not have a private VLAN in your account, do not specify this option. IBM Cloud Kubernetes Service will automatically create a private VLAN for you.
 * `subnet_id` - (Optional, string) The existing subnet ID that you want to add to the cluster. You can retrieve the value by running the `ibmcloud ks subnets` command in the IBM Cloud CLI.
 * `no_subnet` - (Optional, Forces new resource, boolean) Set to `true` if you do not want to automatically create a portable subnet.
-* `is_trusted` - (Optional, Forces new resource, boolean) Set to `true` to  enable trusted cluster feature. Default is false.
+* `is_trusted` - (Deprecated, Optional, Forces new resource, boolean) Set to `true` to  enable trusted cluster feature. Default is false.
+* `gateway_enabled` - (Optional, boolean) Set to `true` if you want to automatically create a gateway enabled cluster. If gateway_enabled is true then private_service_endpoint is also required to be set as true.
 * `disk_encryption` - (Optional, Forces new resource, boolean) Set to `false` to disable encryption on a worker.
 * `webhook` - (Optional, string) The webhook that you want to add to the cluster.
 * `public_service_endpoint` - (Optional, Forces new resource,bool) Enable the public service endpoint to make the master publicly accessible.