fix(clb): [121638233] tencentcloud_clb_listener support snat_enable (#3076)

SevenEarth · web-flow · commit a180ca5c02a5 · 2025-01-14T19:50:33.000+08:00
* add

* add
diff --git a/.changelog/3076.txt b/.changelog/3076.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/tencentcloud_clb_listener: support `snat_enable`
+```
diff --git a/tencentcloud/services/clb/resource_tc_clb_listener.go b/tencentcloud/services/clb/resource_tc_clb_listener.go
@@ -249,6 +249,12 @@ func ResourceTencentCloudClbListener() *schema.Resource {
 				Optional:    true,
 				Description: "Enable H2C switch for intranet HTTP listener.",
 			},
+			"snat_enable": {
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Optional:    true,
+				Description: "Whether to enable SNAT.",
+			},
 			//computed
 			"listener_id": {
 				Type:        schema.TypeString,
@@ -361,6 +367,10 @@ func resourceTencentCloudClbListenerCreate(d *schema.ResourceData, meta interfac
 		request.H2cSwitch = helper.Bool(v.(bool))
 	}
 
+	if v, ok := d.GetOkExists("snat_enable"); ok {
+		request.SnatEnable = helper.Bool(v.(bool))
+	}
+
 	var response *clb.CreateListenerResponse
 	err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
 		result, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseClbClient().CreateListener(request)
@@ -369,20 +379,26 @@ func resourceTencentCloudClbListenerCreate(d *schema.ResourceData, meta interfac
 		} else {
 			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n",
 				logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+
+			if result == nil || result.Response == nil || result.Response.RequestId == nil {
+				return resource.NonRetryableError(fmt.Errorf("Create CLB listener failed, Response si nil."))
+			}
+
 			requestId := *result.Response.RequestId
 			retryErr := waitForTaskFinish(requestId, meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseClbClient())
 			if retryErr != nil {
 				return resource.NonRetryableError(errors.WithStack(retryErr))
 			}
 		}
+
 		response = result
 		return nil
 	})
 	if err != nil {
 		log.Printf("[CRITAL]%s create CLB listener failed, reason:%+v", logId, err)
 		return err
 	}
-	if len(response.Response.ListenerIds) < 1 {
+	if response.Response.ListenerIds == nil || len(response.Response.ListenerIds) < 1 {
 		return fmt.Errorf("[CHECK][CLB listener][Create] check: Response error, listener id is null")
 	}
 	listenerId := *response.Response.ListenerIds[0]
@@ -529,26 +545,21 @@ func resourceTencentCloudClbListenerRead(d *schema.ResourceData, meta interface{
 		_ = d.Set("end_port", instance.EndPort)
 	}
 
-	var clbIns *clb.LoadBalancer
-	err = resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError {
-		result, e := clbService.DescribeLoadBalancerById(ctx, clbId)
-		if e != nil {
-			return tccommon.RetryError(e)
+	if instance.AttrFlags != nil && len(instance.AttrFlags) > 0 {
+		if tccommon.IsContains(helper.PStrings(instance.AttrFlags), "H2cSwitch") {
+			_ = d.Set("h2c_switch", true)
+		} else {
+			_ = d.Set("h2c_switch", false)
 		}
 
-		clbIns = result
-		return nil
-	})
-
-	if err != nil {
-		log.Printf("[CRITAL]%s read CLB instance failed, reason:%+v", logId, err)
-		return err
-	}
-
-	if clbIns.AttributeFlags != nil && len(clbIns.AttributeFlags) != 0 {
-		_ = d.Set("h2c_switch", true)
+		if tccommon.IsContains(helper.PStrings(instance.AttrFlags), "SnatEnable") {
+			_ = d.Set("snat_enable", true)
+		} else {
+			_ = d.Set("snat_enable", false)
+		}
 	} else {
 		_ = d.Set("h2c_switch", false)
+		_ = d.Set("snat_enable", false)
 	}
 
 	return nil
@@ -644,6 +655,13 @@ func resourceTencentCloudClbListenerUpdate(d *schema.ResourceData, meta interfac
 		request.KeepaliveEnable = helper.IntInt64(keepaliveEnable)
 	}
 
+	if d.HasChange("snat_enable") {
+		changed = true
+		if v, ok := d.GetOkExists("snat_enable"); ok {
+			request.SnatEnable = helper.Bool(v.(bool))
+		}
+	}
+
 	if changed {
 		err := resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
 			response, e := meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseClbClient().ModifyListener(request)
@@ -652,6 +670,11 @@ func resourceTencentCloudClbListenerUpdate(d *schema.ResourceData, meta interfac
 			} else {
 				log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n",
 					logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+				if response == nil || response.Response == nil || response.Response.RequestId == nil {
+					return resource.NonRetryableError(fmt.Errorf("Modify CLB listener failed, Response si nil."))
+				}
+
 				requestId := *response.Response.RequestId
 				retryErr := waitForTaskFinish(requestId, meta.(tccommon.ProviderMeta).GetAPIV3Conn().UseClbClient())
 				if retryErr != nil {
diff --git a/tencentcloud/services/clb/resource_tc_clb_listener.md b/tencentcloud/services/clb/resource_tc_clb_listener.md
@@ -37,6 +37,7 @@ resource "tencentcloud_clb_listener" "TCP_listener" {
 ```
 
 TCP/UDP Listener with tcp health check
+
 ```hcl
 resource "tencentcloud_clb_listener" "listener_tcp" {
   clb_id                     = tencentcloud_clb_instance.clb_basic.id
@@ -56,6 +57,7 @@ resource "tencentcloud_clb_listener" "listener_tcp" {
 ```
 
 TCP/UDP Listener with http health check
+
 ```hcl
 resource "tencentcloud_clb_listener" "listener_tcp" {
   clb_id                     = tencentcloud_clb_instance.clb_basic.id
@@ -79,6 +81,7 @@ resource "tencentcloud_clb_listener" "listener_tcp" {
 ```
 
 TCP/UDP Listener with customer health check
+
 ```hcl
 resource "tencentcloud_clb_listener" "listener_tcp"{
   clb_id                     = tencentcloud_clb_instance.clb_basic.id
diff --git a/website/docs/r/clb_listener.html.markdown b/website/docs/r/clb_listener.html.markdown
@@ -203,6 +203,7 @@ The following arguments are supported:
 * `scheduler` - (Optional, String) Scheduling method of the CLB listener, and available values are 'WRR' and 'LEAST_CONN'. The default is 'WRR'. NOTES: The listener of `HTTP` and `HTTPS` protocol additionally supports the `IP Hash` method. NOTES: TCP/UDP/TCP_SSL listener allows direct configuration, HTTP/HTTPS listener needs to be configured in `tencentcloud_clb_listener_rule`.
 * `session_expire_time` - (Optional, Int) Time of session persistence within the CLB listener. NOTES: Available when scheduler is specified as `WRR`, and not available when listener protocol is `TCP_SSL`. NOTES: TCP/UDP/TCP_SSL listener allows direct configuration, HTTP/HTTPS listener needs to be configured in `tencentcloud_clb_listener_rule`.
 * `session_type` - (Optional, String) Session persistence type. Valid values: `NORMAL`: the default session persistence type; `QUIC_CID`: session persistence by QUIC connection ID. The `QUIC_CID` value can only be configured in UDP listeners. If this field is not specified, the default session persistence type will be used.
+* `snat_enable` - (Optional, Bool) Whether to enable SNAT.
 * `sni_switch` - (Optional, Bool, ForceNew) Indicates whether SNI is enabled, and only supported with protocol `HTTPS`. If enabled, you can set a certificate for each rule in `tencentcloud_clb_listener_rule`, otherwise all rules have a certificate.
 * `target_type` - (Optional, String) Backend target type. Valid values: `NODE`, `TARGETGROUP`. `NODE` means to bind ordinary nodes, `TARGETGROUP` means to bind target group. NOTES: TCP/UDP/TCP_SSL listener must configuration, HTTP/HTTPS listener needs to be configured in tencentcloud_clb_listener_rule.
 

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	+```release-note:enhancement
	`2`	+resource/tencentcloud_clb_listener: support `snat_enable`
	`3`	+```