module GClouder::Resources::Compute::BGPVPNs::BGPVPN
Public Class Methods
create(region, vpn)
click to toggle source
# File lib/gclouder/resources/compute/bgp-vpns.rb, line 125 def self.create(region, vpn) network = vpn['network'] info "#{vpn['name']} (bgp-vpn-#{vpn['name']})", indent: 3 # check to see if router exists, if it doesn't then assume we need to create interface and bgp peer configure_router = !Resource.resource?("compute routers", "bgp-vpn-#{vpn['name']}", silent: true) # router Resource.ensure :"compute routers", "bgp-vpn-#{vpn['name']}", "--region #{region} \ --network #{network} \ --asn #{vpn['bgp']['local_asn']}", extra_info: "(router)", indent: 4 # VPN gateway Resource.ensure :"compute target-vpn-gateways", "bgp-vpn-#{vpn["name"]}", "--network #{network} \ --region #{region}", extra_info: "(gateway)", indent: 4 address = cli_args[:dry_run] ? "<automatic>" : vpn_address(region, vpn) # forwarding rules Resource.ensure :"compute forwarding-rules", "bgp-vpn-#{vpn['name']}-esp", "--region #{region} \ --ip-protocol ESP \ --address #{address} \ --target-vpn-gateway bgp-vpn-#{vpn['name']}", extra_info: "(forwarding-rule)", indent: 4 Resource.ensure :"compute forwarding-rules", "bgp-vpn-#{vpn['name']}-udp500", "--region #{region} \ --ip-protocol UDP \ --ports 500 \ --address #{address} \ --target-vpn-gateway bgp-vpn-#{vpn['name']}", extra_info: "(forwarding-rule)", indent: 4 Resource.ensure :"compute forwarding-rules", "bgp-vpn-#{vpn['name']}-udp4500", "--region #{region} --ip-protocol UDP --ports 4500 --address #{address} \ --target-vpn-gateway bgp-vpn-#{vpn['name']}", extra_info: "(forwarding-rule)", indent: 4 # tunnel Resource.ensure :"compute vpn-tunnels", "bgp-vpn-#{vpn['name']}", "--region #{region} \ --peer-address #{vpn['peer_address']} \ --ike-version #{vpn['ike_version']} \ --router bgp-vpn-#{vpn['name']} \ --target-vpn-gateway bgp-vpn-#{vpn['name']} \ --shared-secret #{vpn['shared_secret']}", extra_info: "(tunnel)", indent: 4 if configure_router # router interface gcloud("compute routers add-interface bgp-vpn-#{vpn['name']} \ --region #{region} \ --interface-name bgp-vpn-interface-#{vpn['name']} \ --vpn-tunnel bgp-vpn-#{vpn['name']} \ --mask-length #{vpn['bgp']['mask']} \ --ip-address #{vpn['bgp']['local_address']}", failure: false) add "bgp-vpn-#{vpn['name']} (router interface)", indent: 4 # bgp peer gcloud("compute routers add-bgp-peer bgp-vpn-#{vpn['name']} \ --region #{region} \ --interface bgp-vpn-interface-#{vpn['name']} \ --advertised-route-priority #{vpn['bgp']['priority']} \ --peer-asn #{vpn['bgp']['peer_asn']} \ --peer-ip-address #{vpn['bgp']['peer_address']} \ --peer-name #{vpn['name']}", failure: false) add "bgp-vpn-#{vpn['name']} (bgp peer)", indent: 4 else good "bgp-vpn-#{vpn['name']} (router interface)", indent: 4 good "bgp-vpn-#{vpn['name']} (bgp peer)", indent: 4 end end
vpn_address(region, vpn)
click to toggle source
# File lib/gclouder/resources/compute/bgp-vpns.rb, line 115 def self.vpn_address(region, vpn) response = gcloud("--format json compute addresses describe #{vpn['address']} --region=#{region}", force: true) unless response.key?("address") fatal "could not find address for static ip with key: #{vpn['address']} (is key allocated in project config?)" end response["address"] end