hashicorp · sheneska · Jul 22, 2024 · Nov 20, 2024 · Nov 20, 2024 · Dec 3, 2024
@@ -45,6 +45,7 @@ Read-Only:
 
 
 
+
 ~> **Note:** All arguments including the config map data will be stored in the raw state as plain-text. [Read more about sensitive data in state](/docs/state/sensitive-data.html).
 
 ## Example Usage

@@ -1623,12 +1623,6 @@ Read-Only:
 
 
 
-* `type` - Indicates which kind of seccomp profile will be applied. Valid options are:
-* `Localhost` - a profile defined in a file on the node should be used.
-* `RuntimeDefault` - the container runtime default profile should be used.
-* `Unconfined` - (Default) no profile should be applied.
-* `localhost_profile` - Indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if `type` is `Localhost`.
-
 
 <a id="nestedobjatt--spec--volume--empty_dir"></a>
 ### Nested Schema for `spec.volume.empty_dir`

@@ -1623,12 +1623,6 @@ Read-Only:
 
 
 
-* `type` - Indicates which kind of seccomp profile will be applied. Valid options are:
-* `Localhost` - a profile defined in a file on the node should be used.
-* `RuntimeDefault` - the container runtime default profile should be used.
-* `Unconfined` - (Default) no profile should be applied.
-* `localhost_profile` - Indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if `type` is `Localhost`.
-
 
 <a id="nestedobjatt--spec--volume--empty_dir"></a>
 ### Nested Schema for `spec.volume.empty_dir`

@@ -1,5 +1,5 @@
 ---
-subcategory: ""
+layout: "kubernetes"
 page_title: "Migrating `kubernetes_manifest` resources from the kubernetes-alpha provider"
 description: |-
   This guide covers adopting `kubernetes_manifest` resources created using the kubernetes-alpha provider.

@@ -1,5 +1,5 @@
 ---
-subcategory: ""
+layout: "kubernetes"
 page_title: "Kubernetes: Getting Started with Kubernetes provider"
 description: |-
   This guide focuses on configuring authentication to your existing Kubernetes

@@ -1,5 +1,5 @@
 ---
-subcategory: ""
+layout: "kubernetes"
 page_title: "Kubernetes: Upgrade Guide for Kubernetes Provider v2.0.0"
 description: |-
   This guide covers the changes introduced in v2.0.0 of the Kubernetes provider and what you may need to do to upgrade your configuration.

@@ -1,5 +1,5 @@
 ---
-subcategory: ""
+layout: "kubernetes"
 page_title: "Versioned resource names"
 description: |-
   This guide explains the naming conventions for resources and data sources in the Kubernetes provider. 

@@ -195,9 +195,9 @@ The following arguments are supported:
 * `token` - (Optional) Token of your service account. Can be sourced from `KUBE_TOKEN`.
 * `proxy_url` - (Optional) URL to the proxy to be used for all API requests. URLs with "http", "https", and "socks5" schemes are supported. Can be sourced from `KUBE_PROXY_URL`.
 * `exec` - (Optional) Configuration block to use an [exec-based credential plugin] (https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins), e.g. call an external command to receive user credentials.
-* `api_version` - (Required) API version to use when decoding the ExecCredentials resource, e.g. `client.authentication.k8s.io/v1beta1`.
-* `command` - (Required) Command to execute.
-* `args` - (Optional) List of arguments to pass when executing the plugin.
-* `env` - (Optional) Map of environment variables to set when executing the plugin.
+  * `api_version` - (Required) API version to use when decoding the ExecCredentials resource, e.g. `client.authentication.k8s.io/v1beta1`.
+  * `command` - (Required) Command to execute.
+  * `args` - (Optional) List of arguments to pass when executing the plugin.
+  * `env` - (Optional) Map of environment variables to set when executing the plugin.
 * `ignore_annotations` - (Optional) List of Kubernetes metadata annotations to ignore across all resources handled by this provider for situations where external systems are managing certain resource annotations. This option does not affect annotations within a template block. Each item is a regular expression.
 * `ignore_labels` - (Optional) List of Kubernetes metadata labels to ignore across all resources handled by this provider for situations where external systems are managing certain resource labels. This option does not affect annotations within a template block. Each item is a regular expression.
@@ -2388,5 +2388,5 @@ resource "kubernetes_cron_job" "demo" {
 ## Import 
 
 ```
-$ terraform import kubernetes_cron_job_v1/example default/example
+$ terraform import kubernetes_corn_job_v1/example default/example
 ```
@@ -138,6 +138,7 @@ Read-Only:
 Read-Only:
 
 - `hostname` (String)
+- `ip_mode` (String)
 - `ip` (String)
 
 

@@ -212,6 +212,7 @@ Read-Only:
 Read-Only:
 
 - `hostname` (String)
+- `ip_mode` (String)
 - `ip` (String)
 
 

@@ -85,6 +85,7 @@ Optional:
 
 Optional:
 
+- `end_port` (Number) endPort indicates that the range of ports from port to endPort if set, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port.
 - `port` (String) port represents the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.
 - `protocol` (String) protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.
 
@@ -225,9 +226,9 @@ Optional:
 
 Optional:
 
+- `end_port` (Number) endPort indicates that the range of ports from port to endPort if set, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port.
 - `port` (String) port represents the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.
 - `protocol` (String) protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.
-- `end_port` - (Optional) The end_port indicates that the range of ports from port to endPort if set, inclusive, should be allowed by the policy. Cannot be defined if port is undefined or if port is defined as a named (string) port.
 
 
 

@@ -85,6 +85,7 @@ Optional:
 
 Optional:
 
+- `end_port` (Number) endPort indicates that the range of ports from port to endPort if set, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port.
 - `port` (String) port represents the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.
 - `protocol` (String) protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.
 
@@ -225,9 +226,9 @@ Optional:
 
 Optional:
 
+- `end_port` (Number) endPort indicates that the range of ports from port to endPort if set, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port.
 - `port` (String) port represents the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.
 - `protocol` (String) protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.
-- `end_port` - (Optional) The end_port indicates that the range of ports from port to endPort if set, inclusive, should be allowed by the policy. Cannot be defined if port is undefined or if port is defined as a named (string) port.
 
 
 
@@ -288,7 +289,6 @@ resource "kubernetes_network_policy_v1" "example" {
 }
 ```
 
-
 ## Import
 
 Network policies can be imported using their identifier consisting of `<namespace-name>/<network-policy-name>`, e.g.:

@@ -132,6 +132,7 @@ Read-Only:
 
 - `hostname` (String)
 - `ip` (String)
+- `ip_mode` (String)
 
 
 

@@ -132,6 +132,7 @@ Read-Only:
 
 - `hostname` (String)
 - `ip` (String)
+- `ip_mode` (String)
 
 
 

@@ -316,6 +316,10 @@ func resourceKubernetesServiceSchemaV1() map[string]*schema.Schema {
 												Type:     schema.TypeString,
 												Computed: true,
 											},
+											"ip_mode": {
+												Type:     schema.TypeString,
+												Computed: true,
+											},
 											"hostname": {
 												Type:     schema.TypeString,
 												Computed: true,

@@ -337,6 +337,49 @@ func TestAccKubernetesServiceV1_loadBalancer_healthcheck(t *testing.T) {
 	})
 }
 
+func TestAccKubernetesServiceV1_loadBalancer_ipMode(t *testing.T) {
+	var conf corev1.Service
+	name := acctest.RandomWithPrefix("tf-acc-test")
+	resourceName := "kubernetes_service_v1.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t); skipIfNoLoadBalancersAvailable(t) },
+		IDRefreshIgnore:   []string{"metadata.0.resource_version"},
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckKubernetesServiceV1Destroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccKubernetesConfig_ignoreAnnotations() +
+					testAccKubernetesServiceV1Config_loadBalancer_ipMode(name, "VIP"),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccCheckKubernetesServiceV1Exists(resourceName, &conf),
+					resource.TestCheckResourceAttr(resourceName, "metadata.0.name", name),
+					resource.TestCheckResourceAttr(resourceName, "spec.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "spec.0.type", "LoadBalancer"),
+					resource.TestCheckResourceAttr(resourceName, "status.0.load_balancer.0.ingress.0.ip_mode", "VIP"),
+				),
+			},
+			{
+				ResourceName:            resourceName,
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"metadata.0.resource_version", "wait_for_load_balancer"},
+			},
+			{
+				Config: testAccKubernetesConfig_ignoreAnnotations() +
+					testAccKubernetesServiceV1Config_loadBalancer_ipMode(name, "Proxy"),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccCheckKubernetesServiceV1Exists(resourceName, &conf),
+					resource.TestCheckResourceAttr(resourceName, "metadata.0.name", name),
+					resource.TestCheckResourceAttr(resourceName, "spec.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "spec.0.type", "LoadBalancer"),
+					resource.TestCheckResourceAttr(resourceName, "status.0.load_balancer.0.ingress.0.ip_mode", "Proxy"),
+				),
+			},
+		},
+	})
+}
+
 func TestAccKubernetesServiceV1_headless(t *testing.T) {
 	var conf corev1.Service
 	name := acctest.RandomWithPrefix("tf-acc-test")
@@ -1104,6 +1147,23 @@ func testAccKubernetesServiceV1Config_loadBalancer_annotations_aws_modified(name
 }
 `, name)
 }
+func testAccKubernetesServiceV1Config_loadBalancer_ipMode(name, ipMode string) string {
+	return fmt.Sprintf(`
+resource "kubernetes_service_v1" "test" {
+  metadata {
+    name = "%s"
+  }
+
+  spec {
+    type = "LoadBalancer"
+    port {
+      port        = 80
+      target_port = 8080
+    }
+  }
+}
+`, name)
+}
 
 func testAccKubernetesServiceV1Config_headless(name string) string {
 	return fmt.Sprintf(`resource "kubernetes_service_v1" "test" {

@@ -129,6 +129,7 @@ func flattenLoadBalancerStatus(in v1.LoadBalancerStatus) []interface{} {
 
 		att["ip"] = ingress.IP
 		att["hostname"] = ingress.Hostname
+		att["ip_mode"] = ingress.IPMode
 
 		out[i] = att
 	}
Original file line number	Diff line number	Diff line change
Expand Up		@@ -45,6 +45,7 @@ Read-Only:




Copy link Contributor BBBmau Jan 9, 2025 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. tests are passing but there's some clean-up needed since this PR has some changes that are unrelated to the new `ipMode` field. Might have to do a `rebase -i` to remove the changes made by `4ffbdec`
		~> Note: All arguments including the config map data will be stored in the raw state as plain-text. [Read more about sensitive data in state](/docs/state/sensitive-data.html).

		## Example Usage
Expand Down
Original file line number	Diff line number	Diff line change
Expand Up		@@ -132,6 +132,7 @@ Read-Only:

		- `hostname` (String)
		- `ip` (String)
		- `ip_mode` (String)



Expand Down