module GClouder::Resources::Compute::BGPVPNs::BGPVPN

Public Class Methods

create(region, vpn) click to toggle source
# File lib/gclouder/resources/compute/bgp-vpns.rb, line 125
def self.create(region, vpn)
  network = vpn['network']

  info "#{vpn['name']} (bgp-vpn-#{vpn['name']})", indent: 3

  # check to see if router exists, if it doesn't then assume we need to create interface and bgp peer
  configure_router = !Resource.resource?("compute routers", "bgp-vpn-#{vpn['name']}", silent: true)

  # router
  Resource.ensure :"compute routers",
                  "bgp-vpn-#{vpn['name']}",
                  "--region #{region} \
                  --network #{network} \
                  --asn #{vpn['bgp']['local_asn']}",
                  extra_info: "(router)",
                  indent: 4

  # VPN gateway
  Resource.ensure :"compute target-vpn-gateways",
                  "bgp-vpn-#{vpn["name"]}",
                  "--network #{network} \
                  --region #{region}",
                  extra_info: "(gateway)",
                  indent: 4

  address = cli_args[:dry_run] ? "<automatic>" : vpn_address(region, vpn)

  # forwarding rules
  Resource.ensure :"compute forwarding-rules",
                  "bgp-vpn-#{vpn['name']}-esp",
                  "--region #{region} \
                  --ip-protocol ESP \
                  --address #{address} \
                  --target-vpn-gateway bgp-vpn-#{vpn['name']}",
                  extra_info: "(forwarding-rule)",
                  indent: 4

  Resource.ensure :"compute forwarding-rules",
                  "bgp-vpn-#{vpn['name']}-udp500",
                  "--region #{region} \
                  --ip-protocol UDP \
                  --ports 500 \
                  --address #{address} \
                  --target-vpn-gateway bgp-vpn-#{vpn['name']}",
                  extra_info: "(forwarding-rule)",
                  indent: 4

  Resource.ensure :"compute forwarding-rules",
                  "bgp-vpn-#{vpn['name']}-udp4500",
                  "--region #{region} --ip-protocol UDP --ports 4500 --address #{address} \
                  --target-vpn-gateway bgp-vpn-#{vpn['name']}",
                  extra_info: "(forwarding-rule)",
                  indent: 4

  # tunnel
  Resource.ensure :"compute vpn-tunnels", "bgp-vpn-#{vpn['name']}",
                  "--region #{region} \
                  --peer-address #{vpn['peer_address']} \
                  --ike-version #{vpn['ike_version']} \
                  --router bgp-vpn-#{vpn['name']} \
                  --target-vpn-gateway bgp-vpn-#{vpn['name']} \
                  --shared-secret #{vpn['shared_secret']}",
                  extra_info: "(tunnel)",
                  indent: 4

  if configure_router
    # router interface
    gcloud("compute routers add-interface bgp-vpn-#{vpn['name']} \
           --region #{region} \
           --interface-name bgp-vpn-interface-#{vpn['name']} \
           --vpn-tunnel bgp-vpn-#{vpn['name']} \
           --mask-length #{vpn['bgp']['mask']} \
           --ip-address #{vpn['bgp']['local_address']}",
           failure: false)
    add "bgp-vpn-#{vpn['name']} (router interface)", indent: 4

    # bgp peer
    gcloud("compute routers add-bgp-peer bgp-vpn-#{vpn['name']} \
           --region #{region} \
           --interface bgp-vpn-interface-#{vpn['name']} \
           --advertised-route-priority #{vpn['bgp']['priority']} \
           --peer-asn #{vpn['bgp']['peer_asn']} \
           --peer-ip-address #{vpn['bgp']['peer_address']} \
           --peer-name #{vpn['name']}",
           failure: false)
    add "bgp-vpn-#{vpn['name']} (bgp peer)", indent: 4
  else
    good "bgp-vpn-#{vpn['name']} (router interface)", indent: 4
    good "bgp-vpn-#{vpn['name']} (bgp peer)", indent: 4
  end
end
vpn_address(region, vpn) click to toggle source
# File lib/gclouder/resources/compute/bgp-vpns.rb, line 115
def self.vpn_address(region, vpn)
  response = gcloud("--format json compute addresses describe #{vpn['address']} --region=#{region}", force: true)

  unless response.key?("address")
    fatal "could not find address for static ip with key: #{vpn['address']} (is key allocated in project config?)"
  end

  response["address"]
end