diff --git a/docs/modules/lke_cluster.md b/docs/modules/lke_cluster.md
index cf84cf04..2d11a3e0 100644
--- a/docs/modules/lke_cluster.md
+++ b/docs/modules/lke_cluster.md
@@ -93,6 +93,7 @@ Manage Linode LKE clusters.
| [`autoscaler` (sub-options)](#autoscaler) | `dict` | Optional | When enabled, the number of nodes autoscales within the defined minimum and maximum values. **(Updatable)** |
| `labels` | `dict` | Optional | Key-value pairs added as labels to nodes in the node pool. Labels help classify your nodes and to easily select subsets of objects. **(Updatable)** |
| [`taints` (sub-options)](#taints) | `list` | Optional | Kubernetes taints to add to node pool nodes. Taints help control how pods are scheduled onto nodes, specifically allowing them to repel certain pods. **(Updatable)** |
+| `firewall_id` | `int` | Optional | Firewall ID for the Node Pool. **(Updatable)** |
### autoscaler
diff --git a/docs/modules/lke_node_pool.md b/docs/modules/lke_node_pool.md
index a24df30d..70791b21 100644
--- a/docs/modules/lke_node_pool.md
+++ b/docs/modules/lke_node_pool.md
@@ -66,6 +66,7 @@ Manage Linode LKE cluster node pools.
| [`taints` (sub-options)](#taints) | `list` | Optional | Kubernetes taints to add to node pool nodes. Taints help control how pods are scheduled onto nodes, specifically allowing them to repel certain pods. **(Updatable)** |
| `k8s_version` | `str` | Optional | The desired Kubernetes version for this Kubernetes Node Pool in the format of ., and the latest supported patch version. NOTE: Only available for LKE Enterprise to support node pool upgrades. This field may not currently be available to all users and is under v4beta. **(Updatable)** |
| `update_strategy` | `str` | Optional | Upgrade strategy describes the available upgrade strategies. NOTE: Only available for LKE Enterprise to support node pool upgrades. This field may not currently be available to all users and is under v4beta. **(Choices: `rolling_update`, `on_recycle`; Updatable)** |
+| `firewall_id` | `int` | Optional | Firewall ID for the Node Pool. **(Updatable)** |
### autoscaler
diff --git a/plugins/modules/lke_cluster.py b/plugins/modules/lke_cluster.py
index 534123af..31acc2e1 100644
--- a/plugins/modules/lke_cluster.py
+++ b/plugins/modules/lke_cluster.py
@@ -177,6 +177,12 @@
],
suboptions=linode_lke_cluster_taint,
),
+ "firewall_id": SpecField(
+ type=FieldType.integer,
+ editable=True,
+ description=["Firewall ID for the Node Pool."],
+ required=False,
+ ),
}
linode_lke_cluster_spec = {
@@ -583,6 +589,16 @@ def _update_cluster(self, cluster: LKECluster) -> None:
current_pool.label = pool.get("label")
current_pool.save()
+ if "firewall_id" in pool and current_pool.firewall_id != pool["firewall_id"]:
+ self.register_action(
+ "Updated firewall_id for Node Pool {}".format(
+ current_pool.id
+ )
+ )
+
+ current_pool.firewall_id = pool.get("firewall_id")
+ current_pool.save()
+
pools_handled[k] = True
should_keep[i] = True
break
@@ -661,6 +677,16 @@ def _update_cluster(self, cluster: LKECluster) -> None:
existing_pool.label = pool["label"]
should_update = True
+ if "firewall_id" in pool and existing_pool.firewall_id != pool["firewall_id"]:
+ self.register_action(
+ "Updated firewall_id for Node Pool {}".format(
+ existing_pool.id
+ )
+ )
+
+ existing_pool.firewall_id = pool.get("firewall_id")
+ existing_pool.save()
+
if should_update:
existing_pool.save()
diff --git a/plugins/modules/lke_node_pool.py b/plugins/modules/lke_node_pool.py
index 4a063465..50f00408 100644
--- a/plugins/modules/lke_node_pool.py
+++ b/plugins/modules/lke_node_pool.py
@@ -205,6 +205,12 @@
],
choices=["rolling_update", "on_recycle"],
),
+ "firewall_id": SpecField(
+ type=FieldType.integer,
+ editable=True,
+ description=["Firewall ID for the Node Pool."],
+ required=False,
+ ),
}
SPECDOC_META = SpecDocMeta(
@@ -326,6 +332,7 @@ def _update_pool(self, pool: LKENodePool) -> LKENodePool:
new_taints = params.pop("taints") if "taints" in params else None
new_labels = params.pop("labels") if "labels" in params else None
new_label = params.pop("label") if "label" in params else None
+ new_firewall_id = params.pop("firewall_id") if "firewall_id" in params else None
new_k8s_version = (
params.pop("k8s_version") if "k8s_version" in params else None
)
@@ -374,6 +381,11 @@ def _update_pool(self, pool: LKENodePool) -> LKENodePool:
pool.label = new_label
should_update = True
+ if new_firewall_id is not None and pool.firewall_id != new_firewall_id:
+ self.register_action("Updated firewall_id for Node Pool")
+ pool.firewall_id = new_firewall_id
+ should_update = True
+
if new_k8s_version is not None and pool.k8s_version != new_k8s_version:
self.register_action("Updated k8s version for Node Pool")
pool.k8s_version = new_k8s_version
diff --git a/requirements.txt b/requirements.txt
index 6a2f3ecc..85c35e1a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,3 +1,3 @@
-linode-api4>=5.37.0
+linode-api4>=5.38.0
polling==0.3.2
ansible-specdoc>=0.0.19
diff --git a/tests/integration/targets/lke_cluster_basic/tasks/main.yaml b/tests/integration/targets/lke_cluster_basic/tasks/main.yaml
index e097e66f..8ccd7b65 100644
--- a/tests/integration/targets/lke_cluster_basic/tasks/main.yaml
+++ b/tests/integration/targets/lke_cluster_basic/tasks/main.yaml
@@ -29,6 +29,7 @@
k8s_version: '{{ old_kube_version }}'
node_pools:
- type: g6-standard-1
+ firewall_id: 123456
count: 3
labels:
foo.example.com/test: bar
@@ -53,6 +54,7 @@
that:
- create_cluster.cluster.k8s_version == old_kube_version
- create_cluster.cluster.region == 'us-southeast'
+ - create_cluster.node_pools[0].firewall_id == 123456
- create_cluster.node_pools[0].type == 'g6-standard-1'
- create_cluster.node_pools[0].count == 3
- create_cluster.node_pools[1].label == 'pool-with-autoscaler'
@@ -75,6 +77,7 @@
- type: g6-standard-1
count: 2
label: updated-pool-label
+ firewall_id: 654321
labels:
foo.example.com/update: updated
foo.example.com/test2: foo
@@ -99,6 +102,7 @@
- update_pools.node_pools[0].type == 'g6-standard-1'
- update_pools.node_pools[0].count == 2
+ - update_pools.node_pools[0].firewall_id == 654321
- update_pools.node_pools[0].label == 'updated-pool-label'
- update_pools.node_pools[0].id == create_cluster.node_pools[0].id
diff --git a/tests/integration/targets/lke_node_pool_basic/tasks/main.yaml b/tests/integration/targets/lke_node_pool_basic/tasks/main.yaml
index 7c229d27..8420b1f3 100644
--- a/tests/integration/targets/lke_node_pool_basic/tasks/main.yaml
+++ b/tests/integration/targets/lke_node_pool_basic/tasks/main.yaml
@@ -44,6 +44,7 @@
tags: ['my-pool']
type: g6-standard-1
count: 2
+ firewall_id: {{ firewall_id }}
label: new-pool-label
labels:
foo.example.com/test: bar
@@ -59,6 +60,7 @@
assert:
that:
- new_pool.node_pool.count == 2
+ - new_pool.node_pool.firewall_id == {{ firewall_id }}
- new_pool.node_pool.label == 'new-pool-label'
- new_pool.node_pool.type == 'g6-standard-1'
- new_pool.node_pool.nodes[0].status == 'ready'
@@ -80,10 +82,20 @@
register: update_pool_fail
failed_when: '"failed to update" not in update_pool_fail.msg'
+ - name: Ensure firewall exists
+ linode.cloud.firewall:
+ api_token: "{{ api_token }}"
+ label: "update-firewall-{{ r }}"
+ state: present
+ rules:
+ inbound_policy: ACCEPT
+ outbound_policy: ACCEPT
+ register: update_firewall
+
- name: Update the node pool
linode.cloud.lke_node_pool:
cluster_id: '{{ create_cluster.cluster.id }}'
-
+ firewall_id: {{ update_firewall.firewall.id }}
tags: ['my-pool']
type: g6-standard-1
count: 1
@@ -107,6 +119,7 @@
assert:
that:
- update_pool.node_pool.count == 1
+ - update_pool.node_pool.firewall_id == {{ update_firewall.firewall.id }}
- update_pool.node_pool.label == 'updated-pool-label'
- update_pool.node_pool.type == 'g6-standard-1'
- update_pool.node_pool.autoscaler.enabled