From 4f21330db1c5949a2e203376a1ed5a57256699f2 Mon Sep 17 00:00:00 2001
From: Tim Stoop <github@timstoop.nl>
Date: Mon, 14 Feb 2022 22:05:15 +0100
Subject: [PATCH] feat: Add advanced machine feature options for enabling
 virtualization and setting threads per core (#236)

---
 examples/instance_template/simple/README.md    |  2 ++
 examples/instance_template/simple/main.tf      | 18 ++++++++++--------
 examples/instance_template/simple/variables.tf | 11 +++++++++++
 modules/instance_template/README.md            |  2 ++
 modules/instance_template/main.tf              |  5 +++++
 modules/instance_template/variables.tf         | 11 +++++++++++
 6 files changed, 41 insertions(+), 8 deletions(-)

diff --git a/examples/instance_template/simple/README.md b/examples/instance_template/simple/README.md
index 82cfe298..e25a93d8 100644
--- a/examples/instance_template/simple/README.md
+++ b/examples/instance_template/simple/README.md
@@ -7,12 +7,14 @@ This is a simple, minimal example of how to use the instance_template module.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| enable\_nested\_virtualization | Defines whether the instance should have nested virtualization enabled. | `bool` | `false` | no |
 | labels | Labels, provided as a map | `map(string)` | n/a | yes |
 | project\_id | The GCP project to use for integration tests | `string` | n/a | yes |
 | region | The GCP region to create and test resources in | `string` | `"us-central1"` | no |
 | service\_account | Service account to attach to the instance. See https://www.terraform.io/docs/providers/google/r/compute_instance_template.html#service_account. | <pre>object({<br>    email  = string<br>    scopes = set(string)<br>  })</pre> | `null` | no |
 | subnetwork | The name of the subnetwork create this instance in. | `string` | `""` | no |
 | tags | Network tags, provided as a list | `list(string)` | n/a | yes |
+| threads\_per\_core | The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. | `string` | `null` | no |
 
 ## Outputs
 
diff --git a/examples/instance_template/simple/main.tf b/examples/instance_template/simple/main.tf
index 252c1f7b..52d7b1d1 100644
--- a/examples/instance_template/simple/main.tf
+++ b/examples/instance_template/simple/main.tf
@@ -32,12 +32,14 @@ locals {
 }
 
 module "instance_template" {
-  source          = "../../../modules/instance_template"
-  project_id      = var.project_id
-  subnetwork      = var.subnetwork
-  service_account = var.service_account
-  name_prefix     = "simple"
-  tags            = var.tags
-  labels          = var.labels
-  access_config   = [local.access_config]
+  source                       = "../../../modules/instance_template"
+  project_id                   = var.project_id
+  subnetwork                   = var.subnetwork
+  service_account              = var.service_account
+  name_prefix                  = "simple"
+  tags                         = var.tags
+  labels                       = var.labels
+  access_config                = [local.access_config]
+  enable_nested_virtualization = var.enable_nested_virtualization
+  threads_per_core             = var.threads_per_core
 }
diff --git a/examples/instance_template/simple/variables.tf b/examples/instance_template/simple/variables.tf
index 091255a1..97120339 100644
--- a/examples/instance_template/simple/variables.tf
+++ b/examples/instance_template/simple/variables.tf
@@ -51,3 +51,14 @@ variable "labels" {
   description = "Labels, provided as a map"
 }
 
+variable "enable_nested_virtualization" {
+  type        = bool
+  description = "Defines whether the instance should have nested virtualization enabled."
+  default     = false
+}
+
+variable "threads_per_core" {
+  type        = string
+  description = "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1."
+  default     = null
+}
diff --git a/modules/instance_template/README.md b/modules/instance_template/README.md
index d619987f..1e56f547 100644
--- a/modules/instance_template/README.md
+++ b/modules/instance_template/README.md
@@ -24,6 +24,7 @@ See the [simple](../../examples/instance_template/simple) for a usage example.
 | disk\_size\_gb | Boot disk size in GB | `string` | `"100"` | no |
 | disk\_type | Boot disk type, can be either pd-ssd, local-ssd, or pd-standard | `string` | `"pd-standard"` | no |
 | enable\_confidential\_vm | Whether to enable the Confidential VM configuration on the instance. Note that the instance image must support Confidential VMs. See https://cloud.google.com/compute/docs/images | `bool` | `false` | no |
+| enable\_nested\_virtualization | Defines whether the instance should have nested virtualization enabled. | `bool` | `false` | no |
 | enable\_shielded\_vm | Whether to enable the Shielded VM configuration on the instance. Note that the instance image must support Shielded VMs. See https://cloud.google.com/compute/docs/images | `bool` | `false` | no |
 | gpu | GPU information. Type and count of GPU to attach to the instance template. See https://cloud.google.com/compute/docs/gpus more details | <pre>object({<br>    type  = string<br>    count = number<br>  })</pre> | `null` | no |
 | labels | Labels, provided as a map | `map(string)` | `{}` | no |
@@ -46,6 +47,7 @@ See the [simple](../../examples/instance_template/simple) for a usage example.
 | subnetwork | The name of the subnetwork to attach this interface to. The subnetwork must exist in the same region this instance will be created in. Either network or subnetwork must be provided. | `string` | `""` | no |
 | subnetwork\_project | The ID of the project in which the subnetwork belongs. If it is not provided, the provider project is used. | `string` | `""` | no |
 | tags | Network tags, provided as a list | `list(string)` | `[]` | no |
+| threads\_per\_core | The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. | `any` | `null` | no |
 
 ## Outputs
 
diff --git a/modules/instance_template/main.tf b/modules/instance_template/main.tf
index 1b25d609..40ff3bd3 100644
--- a/modules/instance_template/main.tf
+++ b/modules/instance_template/main.tf
@@ -148,6 +148,11 @@ resource "google_compute_instance_template" "tpl" {
     on_host_maintenance = local.on_host_maintenance
   }
 
+  advanced_machine_features {
+    enable_nested_virtualization = var.enable_nested_virtualization
+    threads_per_core             = var.threads_per_core
+  }
+
   dynamic "shielded_instance_config" {
     for_each = local.shielded_vm_configs
     content {
diff --git a/modules/instance_template/variables.tf b/modules/instance_template/variables.tf
index 1bd1602f..2750747f 100644
--- a/modules/instance_template/variables.tf
+++ b/modules/instance_template/variables.tf
@@ -71,6 +71,17 @@ variable "region" {
   default     = null
 }
 
+variable "enable_nested_virtualization" {
+  type        = bool
+  description = "Defines whether the instance should have nested virtualization enabled."
+  default     = false
+}
+
+variable "threads_per_core" {
+  description = "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1."
+  default     = null
+}
+
 #######
 # disk
 #######