GoogleCloudPlatform · mr0re1 · Jan 11, 2025 · Dec 16, 2024 · Dec 16, 2024 · Dec 16, 2024
@@ -53,7 +53,7 @@ creation will fail when you run `terraform apply`.
 
 [tiers]: https://cloud.google.com/filestore/docs/service-tiers
 
-### Filestore mount options
+### Filestore protocols and mount options
 After Filestore instance is created, you can mount this to the compute node
 using different mount options. Toolkit uses [default mount options](https://linux.die.net/man/8/mount)
 for all tier services. Filestore has recommended mount options for different
@@ -71,6 +71,22 @@ mentioned below.
     mount_options: defaults,hard,timeo=600,retrans=3,_netdev
 ```
 
+Filestore supports NFS protocols `NFS_V3` (default) and `NFS_V4_1`. Protocol support depends on the selected tier:
+- `NFS_V3`: Supported on all tiers (`BASIC_HDD`, `BASIC_SSD`, `HIGH_SCALE_SSD`, `ZONAL`, `ENTERPRISE`).
+- `NFS_V4_1`: Supported only on `HIGH_SCALE_SSD`, `ZONAL`, `REGIONAL`, and `ENTERPRISE`.
+This can be specified at creation time via the `protocol` variable. By default, `NFS_V3` is used for compatibility.
+See the example below and [this page](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/filestore_instance#protocol-1) for more information.
+
+```yaml
+- id: homefs
+  source: modules/file-system/filestore
+  use: [network1]
+  settings:
+    local_mount: /homefs
+    protocol: NFS_V4_1
+    filestore_tier: ZONAL
+```
+
 ### Filestore quota
 
 Your project must have unused quota for Cloud Filestore in the region you will
@@ -212,6 +228,7 @@ No modules.
 | <a name="input_network_id"></a> [network\_id](#input\_network\_id) | The ID of the GCE VPC network to which the instance is connected given in the format:<br/>`projects/<project_id>/global/networks/<network_name>`" | `string` | n/a | yes |
 | <a name="input_nfs_export_options"></a> [nfs\_export\_options](#input\_nfs\_export\_options) | Define NFS export options. | <pre>list(object({<br/>    access_mode = optional(string)<br/>    ip_ranges   = optional(list(string))<br/>    squash_mode = optional(string)<br/>  }))</pre> | `[]` | no |
 | <a name="input_project_id"></a> [project\_id](#input\_project\_id) | ID of project in which Filestore instance will be created. | `string` | n/a | yes |
+| <a name="input_protocol"></a> [protocol](#input\_protocol) | NFS protocol version. Default is NFS\_V3. NFS\_V4\_1 is only supported with HIGH\_SCALE\_SSD, ZONAL, REGIONAL, and ENTERPRISE tiers. | `string` | `"NFS_V3"` | no |
 | <a name="input_region"></a> [region](#input\_region) | Location for Filestore instances at Enterprise tier. | `string` | n/a | yes |
 | <a name="input_reserved_ip_range"></a> [reserved\_ip\_range](#input\_reserved\_ip\_range) | Reserved IP range for Filestore instance. Users are encouraged to set to null<br/>for automatic selection. If supplied, it must be:<br/><br/>CIDR format when var.connect\_mode == "DIRECT\_PEERING"<br/>Named IP Range when var.connect\_mode == "PRIVATE\_SERVICE\_ACCESS"<br/><br/>See Cloud documentation for more details:<br/><br/>https://cloud.google.com/filestore/docs/creating-instances#configure_a_reserved_ip_address_range | `string` | `null` | no |
 | <a name="input_size_gb"></a> [size\_gb](#input\_size\_gb) | Storage size of the filestore instance in GB. | `number` | `1024` | no |

@@ -55,6 +55,7 @@ resource "google_filestore_instance" "filestore_instance" {
   name     = var.name != null ? var.name : "${var.deployment_name}-${random_id.resource_name_suffix.hex}"
   location = var.filestore_tier == "ENTERPRISE" ? var.region : var.zone
   tier     = var.filestore_tier
+  protocol = var.protocol
 
   deletion_protection_enabled = var.deletion_protection.enabled
   deletion_protection_reason  = var.deletion_protection.reason

@@ -96,6 +96,10 @@ variable "filestore_tier" {
     ], var.filestore_tier)
     error_message = "Allowed values for filestore_tier are 'BASIC_HDD','BASIC_SSD','HIGH_SCALE_SSD','ZONAL','ENTERPRISE'.\nhttps://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/filestore_instance#tier\nhttps://cloud.google.com/filestore/docs/reference/rest/v1beta1/Tier."
   }
+  validation {
+    condition     = !(var.protocol == "NFS_V4_1" && !contains(["HIGH_SCALE_SSD", "ZONAL", "REGIONAL", "ENTERPRISE"], var.filestore_tier))
+    error_message = "NFS_V4_1 is only supported with HIGH_SCALE_SSD, ZONAL, REGIONAL, or ENTERPRISE tiers."
+  }
 }
 
 variable "labels" {
@@ -164,3 +168,13 @@ variable "deletion_protection" {
     error_message = "Cannot set Filestore var.deletion_protection.reason unless var.deletion_protection.enabled is true"
   }
 }
+
+variable "protocol" {
+  description = "NFS protocol version. Default is NFS_V3. NFS_V4_1 is only supported with HIGH_SCALE_SSD, ZONAL, REGIONAL, and ENTERPRISE tiers."
+  type        = string
+  default     = "NFS_V3"
+  validation {
+    condition     = contains(["NFS_V3", "NFS_V4_1"], var.protocol)
+    error_message = "Allowed values for protocol are 'NFS_V3' or 'NFS_V4_1'."
+  }
+}