VPN for VPC: Customer should be able to recover their gateway or server from an unhealthy status

[SunithaGudisagarIBM1]

Community Note

• Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Relates OR Closes #0000

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccXXX'

resource "ibm_is_vpc" "testacc_vpc2" {
  name = "tfp-vpc-sunitha"
}

resource "ibm_is_subnet" "testacc_subnet2" {
  name            = "tfp-subnet-sunitha"
  vpc             = ibm_is_vpc.testacc_vpc2.id
  zone            = "us-south-1"
  ipv4_cidr_block = "10.240.0.0/24"
}

resource "ibm_is_vpc" "testacc_vpc1" {
  name = "tfp-vpc-sunitha-1"
}

resource "ibm_is_subnet" "testacc_subnet1" {
  name            = "tfp-subnet-sunitha-2"
  vpc             = ibm_is_vpc.testacc_vpc1.id
  zone            = "us-south-1"
  ipv4_cidr_block = "10.240.0.0/24"
}

resource "ibm_is_vpn_gateway" "testacc_VPNGateway2" {
  name   = "tfp-vpn-gateway-sunitha"
  subnet = ibm_is_subnet.testacc_subnet2.id
  mode   = "policy"
}
resource "ibm_is_vpn_gateway_connection" "testacc_VPNGatewayConnection2" {
  name          = "tfp-vpn-gateway-connection-sunitha"
  vpn_gateway   = ibm_is_vpn_gateway.testacc_VPNGateway2.id
  peer_address  = ibm_is_vpn_gateway.testacc_VPNGateway2.public_ip_address
  preshared_key = "VPNDemoPassword"
  local_cidrs   = ["${ibm_is_subnet.testacc_subnet2.ipv4_cidr_block}"]
  peer_cidrs    = ["${ibm_is_subnet.testacc_subnet1.ipv4_cidr_block}"]

}

data "ibm_is_vpn_gateway_connections" "test1" {
  vpn_gateway = ibm_is_vpn_gateway.testacc_VPNGateway2.id
}

data "ibm_is_vpn_gateway_connection" "example3" {
  vpn_gateway_name            = ibm_is_vpn_gateway.testacc_VPNGateway2.name
  vpn_gateway_connection_name = ibm_is_vpn_gateway_connection.testacc_VPNGatewayConnection2.name
}

data "ibm_is_vpn_gateway" "example-name" {
  depends_on = [
    ibm_is_vpn_gateway_connection.testacc_VPNGatewayConnection2
  ]
  vpn_gateway_name = ibm_is_vpn_gateway.testacc_VPNGateway2.name
}

data "ibm_is_vpn_gateways" "ibm_is_vpn_gateway_all" {

}

resource "ibm_is_vpc" "testacc_vpc" {
  name = "tfp-vpc-sunitha"
}

resource "ibm_is_subnet" "testacc_subnet-1" {
  name            = "tfp-subnet-sunitha"
  vpc             = ibm_is_vpc.testacc_vpc.id
  zone            = "us-south-1"
  ipv4_cidr_block = "10.240.0.0/24"
}

resource "ibm_is_vpn_server" "is_vpn_server" {
  certificate_crn = "crn:v1:bluemix:public:secrets-manager:us-south:a/1431ea2a7958ad20f0fee592ff85f746:2f504783-548b-4a8e-85ba-6a8df9c62a1f:secret:02e468cc-4d04-a489-fee7-321076e1edd5"
  client_authentication {
    method        = "certificate"
    client_ca_crn = "crn:v1:bluemix:public:secrets-manager:us-south:a/1431ea2a7958ad20f0fee592ff85f746:2f504783-548b-4a8e-85ba-6a8df9c62a1f:secret:a4d68b7c-cb92-6b35-f1d4-c7b6c339e3ff"
  }
  client_ip_pool         = "10.5.0.0/21"
  subnets                = [ibm_is_subnet.testacc_subnet-1.id]
  client_dns_server_ips  = ["192.168.3.4"]
  client_idle_timeout    = 600
  enable_split_tunneling = true
  name                   = "tfp-vpn-server-sunitha"
  port                   = 8082
  protocol               = "udp"
}

resource "ibm_is_vpn_server_route" "is_vpn_server_route" {
  vpn_server  = ibm_is_vpn_server.is_vpn_server.id
  destination = "172.16.0.0/16"
  action      = "translate"
  name        = "tfp-sunitha-vpn-server-route"
}

data "ibm_is_vpn_server_route" "is_vpn_server_route" {
  vpn_server = ibm_is_vpn_server_route.is_vpn_server_route.vpn_server
  identifier = ibm_is_vpn_server_route.is_vpn_server_route.vpn_route
}
data "ibm_is_vpn_server_routes" "is_vpn_server_routes" {
  vpn_server = ibm_is_vpn_server_route.is_vpn_server_route.vpn_server
}
data "ibm_is_vpn_server" "is_vpn_server" {
  identifier = ibm_is_vpn_server.is_vpn_server.id
}
data "ibm_is_vpn_servers" "is_vpn_servers" {
}

[hkantare]

Can we add one test scenario provision with old version of binary the resource and upgrade to new binary and run plan (to check if it shows any diff)

[SunithaGudisagarIBM1]

Can we add one test scenario provision with old version of binary the resource and upgrade to new binary and run plan (to check if it shows any diff)
@hkantare
No issues found with replacing binary