feat: Added support to provision VSI on a given dedicated host using …

…new inputs `enable_dedicated_host` and `dedicated_host_id`<br>updated required terrform version to `>= 1.9.0` (#780)

README.md

@@ -153,7 +153,7 @@ You need the following permissions to run this module.
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.9.0 |
 | <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.65.0, < 2.0.0 |
 | <a name="requirement_time"></a> [time](#requirement\_time) | >= 0.9.1, < 1.0.0 |
 
@@ -198,6 +198,8 @@ No modules.
 | <a name="input_boot_volume_encryption_key"></a> [boot\_volume\_encryption\_key](#input\_boot\_volume\_encryption\_key) | CRN of boot volume encryption key | `string` | `null` | no |
 | <a name="input_boot_volume_snapshot_id"></a> [boot\_volume\_snapshot\_id](#input\_boot\_volume\_snapshot\_id) | The snapshot id of the volume to be used for creating boot volume attachment (if specified, the `image_id` parameter will not be used) | `string` | `null` | no |
 | <a name="input_create_security_group"></a> [create\_security\_group](#input\_create\_security\_group) | Create security group for VSI. If this is passed as false, the default will be used | `bool` | n/a | yes |
+| <a name="input_dedicated_host_id"></a> [dedicated\_host\_id](#input\_dedicated\_host\_id) | ID of the dedicated host for hosting the VSI's. The enable\_dedicated\_host input shoud be set to true if passing a dedicated host ID | `string` | `null` | no |
+| <a name="input_enable_dedicated_host"></a> [enable\_dedicated\_host](#input\_enable\_dedicated\_host) | Enabling this option will activate dedicated hosts for the VSIs. When enabled, the dedicated\_host\_id input is required. The default value is set to false. Refer [Understanding Dedicated Hosts](https://cloud.ibm.com/docs/vpc?topic=vpc-creating-dedicated-hosts-instances&interface=ui#about-dedicated-hosts) for more details | `bool` | `false` | no |
 | <a name="input_enable_floating_ip"></a> [enable\_floating\_ip](#input\_enable\_floating\_ip) | Create a floating IP for each virtual server created | `bool` | `false` | no |
 | <a name="input_existing_kms_instance_guid"></a> [existing\_kms\_instance\_guid](#input\_existing\_kms\_instance\_guid) | The GUID of the Hyper Protect Crypto Services instance in which the key specified in var.boot\_volume\_encryption\_key is coming from. | `string` | `null` | no |
 | <a name="input_image_id"></a> [image\_id](#input\_image\_id) | Image ID used for VSI. Run 'ibmcloud is images' to find available images in a region | `string` | n/a | yes |

examples/basic/version.tf

@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.3.0"
+  required_version = ">= 1.9.0"
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"

examples/complete/README.md

@@ -5,8 +5,10 @@ It will provision the following:
 - A new resource group if one is not passed in.
 - A new public SSH key if one is not passed in.
 - A new VPC with 3 subnets.
-- A new placement group.
+- A new placement group for 3 VSI's
 - A VSI in each subnet placed in the placement group.
 - A floating IP for each virtual server created.
 - A secondary VSI with secondary subnets and secondary security group.
+- A dedicated host and a dedicated host group.
+- A VSI will be created on the dedicated host.
 - A new Application Load Balancer and Network Load Balancer to balance traffic between all virtual servers that are created by this example.

examples/complete/main.tf

@@ -38,6 +38,15 @@ module "key_protect_all_inclusive" {
           force_delete = true
         }
       ]
+    },
+    {
+      key_ring_name = "slz-vsidh"
+      keys = [
+        {
+          key_name     = "${var.prefix}-vsidh"
+          force_delete = true
+        }
+      ]
     }
   ]
 }
@@ -159,6 +168,10 @@ locals {
   ]
 }
 
+#############################################################################
+# VSI with Placement Group
+#############################################################################
+
 module "slz_vsi" {
   source                          = "../../"
   resource_group_id               = module.resource_group.resource_group_id
@@ -226,3 +239,65 @@ module "slz_vsi" {
     }
   ]
 }
+
+#############################################################################
+# Dedicated Host
+#############################################################################
+
+module "dedicated_host" {
+  source  = "terraform-ibm-modules/dedicated-host/ibm"
+  version = "1.1.0"
+  dedicated_hosts = [
+    {
+      host_group_name     = "${var.prefix}-dhgroup"
+      existing_host_group = false
+      resource_group_id   = module.resource_group.resource_group_id
+      class               = "bx2"
+      family              = "balanced"
+      zone                = "${var.region}-1"
+      dedicated_host = [
+        {
+          name    = "${var.prefix}-dhhost"
+          profile = "bx2-host-152x608"
+        }
+      ]
+    }
+  ]
+}
+
+#############################################################################
+# VSI with Dedicated Host
+#############################################################################
+
+module "slz_vsi_dh" {
+  source                          = "../../"
+  resource_group_id               = module.resource_group.resource_group_id
+  image_id                        = var.image_id
+  create_security_group           = false
+  tags                            = var.resource_tags
+  access_tags                     = var.access_tags
+  subnets                         = [for subnet in module.slz_vpc.subnet_zone_list : subnet if subnet.zone == "${var.region}-1"]
+  vpc_id                          = module.slz_vpc.vpc_id
+  prefix                          = "${var.prefix}-dh"
+  dedicated_host_id               = module.dedicated_host.dedicated_host_ids[0]
+  machine_type                    = "bx2-2x8"
+  user_data                       = null
+  boot_volume_encryption_key      = module.key_protect_all_inclusive.keys["slz-vsidh.${var.prefix}-vsidh"].crn
+  kms_encryption_enabled          = true
+  existing_kms_instance_guid      = module.key_protect_all_inclusive.kms_guid
+  vsi_per_subnet                  = 1
+  primary_vni_additional_ip_count = 2
+  ssh_key_ids                     = [local.ssh_key_id]
+
+  # Create a floating IP for each virtual server created
+  enable_floating_ip               = false
+  secondary_use_vsi_security_group = var.secondary_use_vsi_security_group
+  # Add 1 additional data volume to each VSI
+  block_storage_volumes = [
+    {
+      name    = "${var.prefix}-dh"
+      profile = "10iops-tier"
+  }]
+  skip_iam_authorization_policy = true
+  depends_on                    = [module.dedicated_host]
+}

examples/complete/outputs.tf

@@ -8,6 +8,11 @@ output "slz_vsi" {
   description = "VSI module values"
 }
 
+output "slz_vsi_dh" {
+  value       = module.slz_vsi_dh
+  description = "VSI module values"
+}
+
 output "secondary_subnets" {
   description = "Secondary subnets created"
   value       = local.secondary_subnet_zone_list

examples/complete/version.tf

@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.3.0"
+  required_version = ">= 1.9.0"
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"

examples/fscloud/version.tf

@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.3.0"
+  required_version = ">= 1.9.0"
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"

examples/snapshot/version.tf

@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.3.0"
+  required_version = ">= 1.9.0"
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"

main.tf

@@ -238,6 +238,7 @@ resource "ibm_is_instance" "vsi" {
   user_data       = var.user_data
   keys            = var.ssh_key_ids
   placement_group = var.placement_group_id
+  dedicated_host  = var.enable_dedicated_host ? var.dedicated_host_id : null
   tags            = var.tags
   access_tags     = var.access_tags
   lifecycle {

modules/fscloud/README.md

@@ -9,7 +9,7 @@ The default values in this profile were scanned by [IBM Code Risk Analyzer (CRA)
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.9.0 |
 
 ### Modules
 
@@ -31,6 +31,8 @@ No resources.
 | <a name="input_boot_volume_encryption_key"></a> [boot\_volume\_encryption\_key](#input\_boot\_volume\_encryption\_key) | CRN of boot volume encryption key | `string` | n/a | yes |
 | <a name="input_boot_volume_snapshot_id"></a> [boot\_volume\_snapshot\_id](#input\_boot\_volume\_snapshot\_id) | The snapshot id of the volume to be used for creating boot volume attachment (if specified, the `image_id` parameter will not be used) | `string` | `null` | no |
 | <a name="input_create_security_group"></a> [create\_security\_group](#input\_create\_security\_group) | Create security group for VSI. If this is passed as false, the default will be used | `bool` | n/a | yes |
+| <a name="input_dedicated_host_id"></a> [dedicated\_host\_id](#input\_dedicated\_host\_id) | ID of the dedicated host for hosting the VSI's. The enable\_dedicated\_host input shoud be set to true if passing a dedicated host ID | `string` | `null` | no |
+| <a name="input_enable_dedicated_host"></a> [enable\_dedicated\_host](#input\_enable\_dedicated\_host) | Enabling this option will activate dedicated hosts for the VSIs. When enabled, the dedicated\_host\_id input is required. The default value is set to false. Refer [Understanding Dedicated Hosts](https://cloud.ibm.com/docs/vpc?topic=vpc-creating-dedicated-hosts-instances&interface=ui#about-dedicated-hosts) for more details | `bool` | `false` | no |
 | <a name="input_enable_floating_ip"></a> [enable\_floating\_ip](#input\_enable\_floating\_ip) | Create a floating IP for each virtual server created | `bool` | `false` | no |
 | <a name="input_existing_kms_instance_guid"></a> [existing\_kms\_instance\_guid](#input\_existing\_kms\_instance\_guid) | The GUID of the Hyper Protect Crypto Services or Key Protect instance in which the key specified in var.kms\_key\_crn and var.backup\_encryption\_key\_crn is coming from. Required only if var.skip\_iam\_authorization\_policy is set to false. | `string` | `null` | no |
 | <a name="input_image_id"></a> [image\_id](#input\_image\_id) | Image ID used for VSI. Run 'ibmcloud is images' to find available images in a region | `string` | n/a | yes |

modules/fscloud/main.tf

@@ -27,4 +27,6 @@ module "fscloud_vsi" {
   access_tags                    = var.access_tags
   snapshot_consistency_group_id  = var.snapshot_consistency_group_id
   boot_volume_snapshot_id        = var.boot_volume_snapshot_id
+  enable_dedicated_host          = var.enable_dedicated_host
+  dedicated_host_id              = var.dedicated_host_id
 }

modules/fscloud/variables.tf

@@ -261,3 +261,22 @@ variable "snapshot_consistency_group_id" {
 }
 
 ##############################################################################
+
+##############################################################################
+# Dedicated Host Variables
+##############################################################################
+
+variable "enable_dedicated_host" {
+  type        = bool
+  default     = false
+  nullable    = false
+  description = "Enabling this option will activate dedicated hosts for the VSIs. When enabled, the dedicated_host_id input is required. The default value is set to false. Refer [Understanding Dedicated Hosts](https://cloud.ibm.com/docs/vpc?topic=vpc-creating-dedicated-hosts-instances&interface=ui#about-dedicated-hosts) for more details"
+}
+
+variable "dedicated_host_id" {
+  type        = string
+  default     = null
+  description = "ID of the dedicated host for hosting the VSI's. The enable_dedicated_host input shoud be set to true if passing a dedicated host ID"
+}
+
+##############################################################################

modules/fscloud/version.tf

@@ -1,3 +1,3 @@
 terraform {
-  required_version = ">= 1.3.0"
+  required_version = ">= 1.9.0"
 }

tests/pr_test.go

@@ -71,7 +71,6 @@ func TestRunCompleteExample(t *testing.T) {
 }
 
 func TestRunCompleteUpgradeExample(t *testing.T) {
-	t.Parallel()
 
 	options := setupOptions(t, completeExampleTerraformDir, "slz-vsi-com-upg")
 

variables.tf

@@ -502,3 +502,27 @@ variable "use_legacy_network_interface" {
   nullable    = false
   default     = false
 }
+
+##############################################################################
+# Dedicated Host Variables
+##############################################################################
+
+variable "enable_dedicated_host" {
+  type        = bool
+  default     = false
+  nullable    = false
+  description = "Enabling this option will activate dedicated hosts for the VSIs. When enabled, the dedicated_host_id input is required. The default value is set to false. Refer [Understanding Dedicated Hosts](https://cloud.ibm.com/docs/vpc?topic=vpc-creating-dedicated-hosts-instances&interface=ui#about-dedicated-hosts) for more details"
+}
+
+variable "dedicated_host_id" {
+  type        = string
+  default     = null
+  description = "ID of the dedicated host for hosting the VSI's. The enable_dedicated_host input shoud be set to true if passing a dedicated host ID"
+
+  validation {
+    condition     = var.enable_dedicated_host == false || (var.enable_dedicated_host == true && var.dedicated_host_id != null)
+    error_message = "When enable_dedicated_host is set to true, provide a valid dedicated_host_id."
+  }
+}
+
+##############################################################################

version.tf

@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.3.0"
+  required_version = ">= 1.9.0"
   required_providers {
     # Use "greater than or equal to" range in modules
     ibm = {