From b407034bc7455b0270e5488d63397e143ef7708c Mon Sep 17 00:00:00 2001
From: Jim Enright <jenright@cloudera.com>
Date: Tue, 14 Nov 2023 15:06:33 +0000
Subject: [PATCH 1/3] Add private_cluster parameter to ML workspace module

Signed-off-by: Jim Enright <jenright@cloudera.com>
---
 plugins/modules/ml.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/plugins/modules/ml.py b/plugins/modules/ml.py
index 2eb620cf..f1644301 100644
--- a/plugins/modules/ml.py
+++ b/plugins/modules/ml.py
@@ -272,6 +272,14 @@
     default: False
     aliases:
       - enable_public_loadbalancer
+  private_cluster:
+    description:
+      - Flag to specify if a private cluster should be created.
+    type: bool
+    required: False
+    default: False
+    aliases:
+      - enable_private_cluster
   force:
     description:
       - Flag to force delete a workspace even if errors occur during deletion.
@@ -586,6 +594,7 @@ def __init__(self, module):
         self.nfs_version = self._get_param('nfs_version')
         self.ip_addresses = self._get_param('ip_addresses')
         self.public_loadbalancer = self._get_param('public_loadbalancer')
+        self.private_cluster = self._get_param('private_cluster')
         self.k8s_request = self._get_param('k8s_request')
 
         self.force = self._get_param('force')
@@ -665,6 +674,7 @@ def process(self):
                         nfsVersion=self.nfs_version,
                         loadBalancerIPWhitelists=self.ip_addresses,
                         usePublicLoadBalancer=self.public_loadbalancer,
+                        privateCluster=self.private_cluster,
                         provisionK8sRequest=self.k8s_request
                     )
                     if self.k8s_request and self.k8s_request['tags'] is not None:
@@ -775,6 +785,8 @@ def main():
                               'loadbalancer_access_ips']),
             public_loadbalancer=dict(required=False, type='bool', default=False, aliases=[
                                      'enable_public_loadbalancer']),
+            private_cluster=dict(required=False, type='bool', default=False, aliases=[
+                                     'enable_private_cluster']),
             force=dict(required=False, type='bool',
                        default=False, aliases=['force_delete']),
             storage=dict(required=False, type='bool',

From 2f9ef6d9f2aa475bfe451f27c009e0f66cfc1aac Mon Sep 17 00:00:00 2001
From: Jim Enright <jenright@cloudera.com>
Date: Fri, 17 Nov 2023 14:05:10 +0000
Subject: [PATCH 2/3] Add enable_private_network parameter to CDE service
 module

Signed-off-by: Jim Enright <jenright@cloudera.com>
---
 plugins/modules/de.py | 8 ++++++++
 plugins/modules/ml.py | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/plugins/modules/de.py b/plugins/modules/de.py
index 398b82c0..1e78f1c0 100644
--- a/plugins/modules/de.py
+++ b/plugins/modules/de.py
@@ -91,6 +91,11 @@
     - Creates a CDE endpoint (Load Balancer) in a publicly accessible subnet
     type: bool
     required: False
+  enable_private_network:
+    description:
+    - Create a fully private CDE instance
+    type: bool
+    required: False
   loadbalancer_ips:
     description:
     - List of CIDRs allowed to access the load balancer.
@@ -346,6 +351,7 @@ def __init__(self, module):
         self.maximum_spot_instances = self._get_param('maximum_spot_instances')
         self.chart_value_overrides = self._get_param('chart_value_overrides')
         self.enable_public_endpoint = self._get_param('enable_public_endpoint')
+        self.enable_private_network = self._get_param('enable_private_network')
         self.enable_workload_analytics = self._get_param('enable_workload_analytics')
         self.initial_instances = self._get_param('initial_instances')
         self.initial_spot_instances = self._get_param('initial_spot_instances')
@@ -448,6 +454,7 @@ def _enable_service(self):
             maximum_spot_instances=self.maximum_spot_instances,
             chart_value_overrides=self.chart_value_overrides,
             enable_public_endpoint=self.enable_public_endpoint,
+            enable_private_network=self.enable_private_network,
             loadbalancer_allowlist=self.loadbalancer_ips,
             enable_workload_analytics=self.enable_workload_analytics,
             initial_instances=self.initial_instances,
@@ -502,6 +509,7 @@ def main():
             maximum_spot_instances=dict(required=False, type='int', default=0),
             chart_value_overrides=dict(required=False, type='list', default=None),
             enable_public_endpoint=dict(required=False, type='bool', default=True),
+            enable_private_network=dict(required=False, type='bool', default=False),
             loadbalancer_ips=dict(required=False, type='list', elements='str', default=None),
             enable_workload_analytics=dict(required=False, type='bool', default=True),
             initial_instances=dict(required=False, type='int', default=1),
diff --git a/plugins/modules/ml.py b/plugins/modules/ml.py
index f1644301..5fa0dade 100644
--- a/plugins/modules/ml.py
+++ b/plugins/modules/ml.py
@@ -274,7 +274,7 @@
       - enable_public_loadbalancer
   private_cluster:
     description:
-      - Flag to specify if a private cluster should be created.
+      - Flag to specify if a private K8s cluster should be created.
     type: bool
     required: False
     default: False

From a1f2cd74b550f8cd3db0047cf5cbda743a611a0b Mon Sep 17 00:00:00 2001
From: Jim Enright <jenright@cloudera.com>
Date: Fri, 17 Nov 2023 18:04:10 +0000
Subject: [PATCH 3/3] Add private_cluster parameter to DF service module

Signed-off-by: Jim Enright <jenright@cloudera.com>
---
 plugins/modules/df_service.py | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/plugins/modules/df_service.py b/plugins/modules/df_service.py
index 6d09a4e1..931a4e1d 100644
--- a/plugins/modules/df_service.py
+++ b/plugins/modules/df_service.py
@@ -79,6 +79,14 @@
     required: False
     aliases:
       - use_public_load_balancer
+  private_cluster:
+    description:
+      - Flag to specify if a private K8s cluster should be created.
+    type: bool
+    required: False
+    default: False
+    aliases:
+      - enable_private_cluster
   loadbalancer_ip_ranges:
     description: The IP ranges authorized to connect to the load balancer
     type: list
@@ -295,6 +303,7 @@ def __init__(self, module):
         self.nodes_min = self._get_param('nodes_min')
         self.nodes_max = self._get_param('nodes_max')
         self.public_loadbalancer = self._get_param('public_loadbalancer')
+        self.private_cluster = self._get_param('private_cluster')
         self.lb_ip_ranges = self._get_param('loadbalancer_ip_ranges')
         self.k8s_ip_ranges = self._get_param('k8s_ip_ranges')
         self.cluster_subnets = self._get_param('cluster_subnets')
@@ -378,6 +387,7 @@ def process(self):
                             min_nodes=self.nodes_min,
                             max_nodes=self.nodes_max,
                             enable_public_ip=self.public_loadbalancer,
+                            private_cluster=self.private_cluster,
                             lb_ips=self.lb_ip_ranges,
                             kube_ips=self.k8s_ip_ranges,
                             # tags=self.tags,  # Currently overstrict blocking of values
@@ -472,6 +482,7 @@ def main():
             nodes_min=dict(type='int', default=3, aliases=['min_k8s_node_count']),
             nodes_max=dict(type='int', default=3, aliases=['max_k8s_node_count']),
             public_loadbalancer=dict(type='bool', default=False, aliases=['use_public_load_balancer']),
+            private_cluster=dict(type='bool', default=False, aliases=['enable_private_cluster']),
             loadbalancer_ip_ranges=dict(type='list', elements='str', default=None),
             k8s_ip_ranges=dict(type='list', elements='str', default=None),
             cluster_subnets=dict(type='list', elements='str', default=None),