fill in RenderTerraform methods for private topology

upup/models/cloudup/_aws/topologies/_topology_private/network.yaml

@@ -190,6 +190,12 @@ loadBalancer/api.{{ ClusterName }}:
   {{ end }}
   listeners:
     443: { instancePort: 443 }
+  healthCheck:
+    target: TCP:443
+    healthyThreshold: 2
+    unhealthyThreshold: 2
+    interval: 10
+    timeout: 5
 
 # ---------------------------------------------------------------
 # Kube-Proxy - Healthz - 10249

upup/pkg/fi/cloudup/apply_cluster.go

@@ -302,6 +302,7 @@ func (c *ApplyClusterCmd) Run() error {
 				// ELB
 				"loadBalancer":                       &awstasks.LoadBalancer{},
 				"loadBalancerAttachment":             &awstasks.LoadBalancerAttachment{},
+				"loadBalancerHealthCheck":            &awstasks.LoadBalancerHealthCheck{},
 				"loadBalancerHealthChecks":           &awstasks.LoadBalancerHealthChecks{},
 				"loadBalancerAccessLog":              &awstasks.LoadBalancerAccessLog{},
 				"loadBalancerAdditionalAttribute":    &awstasks.LoadBalancerAdditionalAttribute{},

upup/pkg/fi/cloudup/awstasks/dnsname.go

@@ -19,13 +19,14 @@ package awstasks
 import (
 	"fmt"
 
+	"strings"
+
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/route53"
 	"github.com/golang/glog"
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
 	"k8s.io/kops/upup/pkg/fi/cloudup/terraform"
-	"strings"
 )
 
 //go:generate fitask -type=DNSName
@@ -170,17 +171,17 @@ func (_ *DNSName) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *DNSName) error
 type terraformRoute53Record struct {
 	Name    *string  `json:"name"`
 	Type    *string  `json:"type"`
-	TTL     *string  `json:"ttl"`
-	Records []string `json:"records"`
+	TTL     *string  `json:"ttl,omitempty"`
+	Records []string `json:"records,omitempty"`
 
-	Alias  *terraformAlias    `json:"alias"`
+	Alias  *terraformAlias    `json:"alias,omitempty"`
 	ZoneID *terraform.Literal `json:"zone_id"`
 }
 
 type terraformAlias struct {
-	Name                 *string `json:"name"`
-	HostedZoneId         *string `json:"zone_id"`
-	EvaluateTargetHealth *bool   `json:"evaluate_target_health"`
+	Name                 *terraform.Literal `json:"name"`
+	ZoneID               *terraform.Literal `json:"zone_id"`
+	EvaluateTargetHealth *bool              `json:"evaluate_target_health"`
 }
 
 func (_ *DNSName) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *DNSName) error {
@@ -192,9 +193,9 @@ func (_ *DNSName) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *D
 
 	if e.TargetLoadBalancer != nil {
 		tf.Alias = &terraformAlias{
-			Name:                 e.TargetLoadBalancer.DNSName,
+			Name:                 e.TargetLoadBalancer.TerraformLink("dns_name"),
 			EvaluateTargetHealth: aws.Bool(false),
-			HostedZoneId:         e.TargetLoadBalancer.HostedZoneId,
+			ZoneID:               e.TargetLoadBalancer.TerraformLink("zone_id"),
 		}
 	}
 

upup/pkg/fi/cloudup/awstasks/elastic_ip.go

@@ -210,4 +210,18 @@ func (_ *ElasticIP) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *ElasticIP) e
 	return nil
 }
 
-// TODO Kris - We need to support EIP for Terraform
+type terraformElasticIP struct {
+	VPC *bool `json:"vpc"`
+}
+
+func (_ *ElasticIP) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *ElasticIP) error {
+	tf := &terraformElasticIP{
+		VPC: aws.Bool(true),
+	}
+
+	return t.RenderResource("aws_eip", *e.Name, tf)
+}
+
+func (e *ElasticIP) TerraformLink() *terraform.Literal {
+	return terraform.LiteralProperty("aws_eip", *e.Name, "id")
+}

upup/pkg/fi/cloudup/awstasks/load_balancer.go

@@ -21,6 +21,8 @@ import (
 
 	"strconv"
 
+	"strings"
+
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/service/elb"
@@ -28,7 +30,7 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
-	"strings"
+	"k8s.io/kops/upup/pkg/fi/cloudup/terraform"
 )
 
 //go:generate fitask -type=LoadBalancer
@@ -46,6 +48,8 @@ type LoadBalancer struct {
 	SecurityGroups []*SecurityGroup
 
 	Listeners map[string]*LoadBalancerListener
+
+	HealthCheck LoadBalancerHealthCheck
 }
 
 var _ fi.CompareWithID = &LoadBalancer{}
@@ -186,6 +190,7 @@ func (e *LoadBalancer) Find(c *fi.Context) (*LoadBalancer, error) {
 	actual.ID = lb.LoadBalancerName
 	actual.DNSName = lb.DNSName
 	actual.HostedZoneId = lb.CanonicalHostedZoneNameID
+
 	for _, subnet := range lb.Subnets {
 		actual.Subnets = append(actual.Subnets, &Subnet{ID: subnet})
 	}
@@ -323,3 +328,77 @@ func (_ *LoadBalancer) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *LoadBalan
 
 	return t.AddELBTags(*e.ID, t.Cloud.BuildTags(e.Name))
 }
+
+type terraformLoadBalancer struct {
+	Name           *string                           `json:"name"`
+	Listener       []*terraformLoadBalancerListener  `json:"listener"`
+	SecurityGroups []*terraform.Literal              `json:"security_groups"`
+	Subnets        []*terraform.Literal              `json:"subnets"`
+	HealthCheck    *terraformLoadBalancerHealthCheck `json:"health_check"`
+}
+
+type terraformLoadBalancerListener struct {
+	InstancePort     int    `json:"instance_port"`
+	InstanceProtocol string `json:"instance_protocol"`
+	LBPort           int64  `json:"lb_port"`
+	LBProtocol       string `json:"lb_protocol"`
+}
+
+type terraformLoadBalancerHealthCheck struct {
+	Target             *string `json:"target"`
+	HealthyThreshold   *int64  `json:"healthy_threshold"`
+	UnhealthyThreshold *int64  `json:"unhealthy_threshold"`
+	Interval           *int64  `json:"interval"`
+	Timeout            *int64  `json:"timeout"`
+}
+
+func (_ *LoadBalancer) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *LoadBalancer) error {
+	elbName := e.ID
+	if elbName == nil {
+		elbName = e.Name
+	}
+
+	tf := &terraformLoadBalancer{
+		Name: elbName,
+	}
+
+	for _, subnet := range e.Subnets {
+		tf.Subnets = append(tf.Subnets, subnet.TerraformLink())
+	}
+
+	for _, sg := range e.SecurityGroups {
+		tf.SecurityGroups = append(tf.SecurityGroups, sg.TerraformLink())
+	}
+
+	for loadBalancerPort, listener := range e.Listeners {
+		loadBalancerPortInt, err := strconv.ParseInt(loadBalancerPort, 10, 64)
+		if err != nil {
+			return fmt.Errorf("error parsing load balancer listener port: %q", loadBalancerPort)
+		}
+
+		tf.Listener = append(tf.Listener, &terraformLoadBalancerListener{
+			InstanceProtocol: "TCP",
+			InstancePort:     listener.InstancePort,
+			LBPort:           loadBalancerPortInt,
+			LBProtocol:       "TCP",
+		})
+	}
+
+	tf.HealthCheck = &terraformLoadBalancerHealthCheck{
+		Target:             e.HealthCheck.Target,
+		HealthyThreshold:   e.HealthCheck.HealthyThreshold,
+		UnhealthyThreshold: e.HealthCheck.UnhealthyThreshold,
+		Interval:           e.HealthCheck.Interval,
+		Timeout:            e.HealthCheck.Timeout,
+	}
+
+	return t.RenderResource("aws_elb", *e.Name, tf)
+}
+
+func (e *LoadBalancer) TerraformLink(params ...string) *terraform.Literal {
+	prop := "id"
+	if len(params) > 0 {
+		prop = params[0]
+	}
+	return terraform.LiteralProperty("aws_elb", *e.Name, prop)
+}

upup/pkg/fi/cloudup/awstasks/load_balancer_attachment.go

@@ -25,6 +25,7 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
+	"k8s.io/kops/upup/pkg/fi/cloudup/terraform"
 )
 
 type LoadBalancerAttachment struct {
@@ -125,3 +126,33 @@ func (_ *LoadBalancerAttachment) RenderAWS(t *awsup.AWSAPITarget, a, e, changes
 	}
 	return nil
 }
+
+type terraformLoadBalancerAttachment struct {
+	ELB              *terraform.Literal `json:"elb"`
+	Instance         *terraform.Literal `json:"instance,omitempty"`
+	AutoscalingGroup *terraform.Literal `json:"autoscaling_group_name,omitempty"`
+}
+
+func (_ *LoadBalancerAttachment) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *LoadBalancerAttachment) error {
+	tf := &terraformLoadBalancerAttachment{
+		ELB: e.LoadBalancer.TerraformLink(),
+	}
+
+	if e.AutoscalingGroup != nil && e.Instance == nil {
+		tf.AutoscalingGroup = e.AutoscalingGroup.TerraformLink()
+		return t.RenderResource("aws_autoscaling_attachment", *e.AutoscalingGroup.Name, tf)
+	} else if e.AutoscalingGroup == nil && e.Instance != nil {
+		tf.Instance = e.Instance.TerraformLink()
+		return t.RenderResource("aws_elb_attachment", *e.LoadBalancer.Name, tf)
+	}
+	return nil
+}
+
+func (e *LoadBalancerAttachment) TerraformLink() *terraform.Literal {
+	if e.AutoscalingGroup != nil && e.Instance == nil {
+		return terraform.LiteralProperty("aws_autoscaling_attachment", *e.AutoscalingGroup.Name, "id")
+	} else if e.AutoscalingGroup == nil && e.Instance != nil {
+		return terraform.LiteralProperty("aws_elb_attachment", *e.LoadBalancer.Name, "id")
+	}
+	return nil
+}

upup/pkg/fi/cloudup/awstasks/loadbalancer_connsettings.go

@@ -19,6 +19,7 @@ package awstasks
 import (
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
+	"k8s.io/kops/upup/pkg/fi/cloudup/terraform"
 )
 
 //go:generate fitask -type=LoadBalancerConnectionSettings
@@ -82,3 +83,7 @@ func (s *LoadBalancerConnectionSettings) CheckChanges(a, e, changes *LoadBalance
 func (_ *LoadBalancerConnectionSettings) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *LoadBalancerConnectionSettings) error {
 	return nil
 }
+
+func (_ *LoadBalancerConnectionSettings) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *LoadBalancerConnectionSettings) error {
+	return nil
+}

upup/pkg/fi/cloudup/awstasks/loadbalancer_healthchecks.go

@@ -23,11 +23,10 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
+	"k8s.io/kops/upup/pkg/fi/cloudup/terraform"
 )
 
-type LoadBalancerHealthChecks struct {
-	LoadBalancer *LoadBalancer
-
+type LoadBalancerHealthCheck struct {
 	Target *string
 
 	HealthyThreshold   *int64
@@ -37,6 +36,18 @@ type LoadBalancerHealthChecks struct {
 	Timeout  *int64
 }
 
+var _ fi.HasDependencies = &LoadBalancerHealthCheck{}
+
+func (e *LoadBalancerHealthCheck) GetDependencies(tasks map[string]fi.Task) []fi.Task {
+	return nil
+}
+
+type LoadBalancerHealthChecks struct {
+	LoadBalancerHealthCheck
+
+	LoadBalancer *LoadBalancer
+}
+
 func (e *LoadBalancerHealthChecks) String() string {
 	return fi.TaskAsString(e)
 }
@@ -104,3 +115,8 @@ func (_ *LoadBalancerHealthChecks) RenderAWS(t *awsup.AWSAPITarget, a, e, change
 
 	return nil
 }
+
+func (_ *LoadBalancerHealthChecks) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *LoadBalancerHealthChecks) error {
+	// This happens in the load balancer definition
+	return nil
+}

upup/pkg/fi/cloudup/awstasks/natgateway.go

@@ -18,11 +18,13 @@ package awstasks
 
 import (
 	"fmt"
+
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/ec2"
 	"github.com/golang/glog"
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
+	"k8s.io/kops/upup/pkg/fi/cloudup/terraform"
 )
 
 //go:generate fitask -type=NatGateway
@@ -203,24 +205,20 @@ func (_ *NatGateway) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *NatGateway)
 	return nil
 }
 
-// TODO Kris - We need to support NGW for Terraform
+type terraformNATGateway struct {
+	AllocationID *terraform.Literal `json:"allocation_id,omitempty"`
+	SubnetID     *terraform.Literal `json:"subnet_id,omitempty"`
+}
 
-//type terraformNATGateway struct {
-//	AllocationId *string           `json:"AllocationID,omitempty"`
-//	SubnetID     *bool             `json:"SubnetID,omitempty"`
-//}
-//
-//func (_ *NATGateway) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *NATGateway) error {
-//	//	cloud := t.Cloud.(awsup.AWSCloud)
-//
-//	tf := &terraformNatGateway{
-//		AllocationId:  e.AllocationID,
-//		//SubnetID:      e.SubnetID,
-//	}
-//
-//	return t.RenderResource("aws_natgateway", *e.AllocationID, tf)
-//}
-//
-//func (e *NATGateway) TerraformLink() *terraform.Literal {
-//	return terraform.LiteralProperty("aws_natgateway", *e.AllocationID, "id")
-//}
+func (_ *NatGateway) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *NatGateway) error {
+	tf := &terraformNATGateway{
+		AllocationID: e.ElasticIp.TerraformLink(),
+		SubnetID:     e.Subnet.TerraformLink(),
+	}
+
+	return t.RenderResource("aws_nat_gateway", *e.Name, tf)
+}
+
+func (e *NatGateway) TerraformLink() *terraform.Literal {
+	return terraform.LiteralProperty("aws_nat_gateway", *e.Name, "id")
+}

upup/pkg/fi/cloudup/awstasks/route.go

@@ -219,6 +219,7 @@ type terraformRoute struct {
 	RouteTableID      *terraform.Literal `json:"route_table_id"`
 	CIDR              *string            `json:"destination_cidr_block,omitempty"`
 	InternetGatewayID *terraform.Literal `json:"gateway_id,omitempty"`
+	NATGatewayID      *terraform.Literal `json:"nat_gateway_id,omitempty"`
 	InstanceID        *terraform.Literal `json:"instance_id,omitempty"`
 	// TODO Kris - Add terraform support for NAT Gateway routes
 }
@@ -229,8 +230,12 @@ func (_ *Route) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *Rou
 		RouteTableID: e.RouteTable.TerraformLink(),
 	}
 
-	if e.InternetGateway != nil {
+	if e.InternetGateway == nil && e.NatGateway == nil {
+		return fmt.Errorf("missing target for route")
+	} else if e.InternetGateway != nil {
 		tf.InternetGatewayID = e.InternetGateway.TerraformLink()
+	} else if e.NatGateway != nil {
+		tf.NATGatewayID = e.NatGateway.TerraformLink()
 	}
 
 	if e.Instance != nil {