functional-tests/networking/Vagrantfile.advanced_networking
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = '2'
Vagrant.require_version '>= 1.5.0'
networks = {
VR: {
network_name: ENV['VR_NETWORK_NAME'],
public_ip: ENV['VR_PUBLIC_IP']
},
VPC: {
network_name: ENV['VPC_TIER_NAME'],
public_ip: ENV['VPC_PUBLIC_IP']
}
}
machines = {}
networks.each_pair do |net_name, net_options|
box_number = 0
machines["#{net_name}box#{box_number+=1}"] = {
# Test fixed public port
pf_public_port: ENV['PUBLIC_SSH_PORT'],
# Test fixed private port
pf_private_port: ENV['PRIVATE_SSH_PORT'],
#
pf_ip_address: net_options[:public_ip],
network_name: net_options[:network_name],
firewall_rules: [
# Full Firewall rule
{:ipaddress => net_options[:public_ip], :protocol => 'tcp', :startport => 1111, :endport => 1111},
# Firewall rule without ':ipaddress' which defaults to 'cloudstack_pf_ip_address'
{:protocol => 'tcp', :startport => 1122, :endport => 1122},
# Firewall rule without ':protocol', which defaults to 'tcp'
{:startport => 1133, :endport => 1133},
# Firewall rule without ':endport', which defaults to ':startport' if present
{:startport => 1144},
# Firewall rule without ':start', which defaults to ':endport' if present
{:endport => 22}
],
port_forwarding_rules: [
# Full portforwarding rule
{:ipaddress => net_options[:public_ip], :protocol => "tcp", :publicport => 1111, :privateport => 22, :openfirewall => false},
# Portforwarding rule without ':ipaddress' which defaults to 'cloudstack_pf_ip_address'
{:protocol => "tcp", :publicport => 1122, :privateport => 22, :openfirewall => false},
# Portforwarding rule without ':protocol', which defaults to 'tcp'
{:publicport => 1133, :privateport => 22, :openfirewall => false},
# Portforwarding rule without ':openfirewall', which defaults to 'cloudstack.pf_open_firewall'
{:publicport => 1144, :privateport => 22},
# Portforwarding rule without ':publicport', which defaults to ':privateport'
{:privateport => 22},
# Portforwarding rule with ':generate_firewall', which generates an apropriate
# Firewall rule based ':publicport' => ':startport', and other defaults
{:publicport => 1155, :privateport => 22, :generate_firewall => true},
# Portforwarding rule which instructs CloudStack to create a Firewall rule
{:publicport => 1166, :privateport => 22, :openfirewall => true},
],
# Trusted network as array, instead of string. Add some networks to make sure it's an (multi element) Array
pf_trusted_networks: [ENV['SOURCE_CIDR'], ',172.31.1.172/32', '172.31.1.173/32'],
# Ignore security groups
security_groups: [{
:name => "Awesome_security_group",
:description => "Created from the Vagrantfile",
:rules => [{:type => "ingress", :protocol => "TCP", :startport => 22, :endport => 22, :cidrlist => "0.0.0.0/0"}]
}],
# Ignore security groups
security_group_names: ['default', 'Awesome_security_group'],
}
machines["#{net_name}box#{box_number+=1}"] = {
network_name: net_options[:network_name],
pf_ip_address: net_options[:public_ip],
# NO pf_public_port; test auto generated public port
# NO pf_private_port; test detection of Communicator port (SSH/Winrm)
# NO firewall rules for Communicator (SSH/WinRM), test auto generation
# Trusted networks as string instead of array. Add some networks to make sure it supports multiple network-string
pf_trusted_networks: ENV['SOURCE_CIDR'] + ',172.31.1.172/32,172.31.1.173/32'
}
end
Vagrant.configure(VAGRANTFILE_API_VERSION) do |global_config|
machines.each_pair do |name, options|
global_config.vm.define name do |config|
config.vm.box = ENV['LINUX_TEMPLATE_NAME']
config.vm.synced_folder ".", "/vagrant", type: "rsync",
rsync__exclude: [".git/", "vendor"], disabled: true
config.vm.provider :cloudstack do |cloudstack, override|
cloudstack.display_name = "#{name}-#{ENV['TEST_NAME']}"
cloudstack.host = ENV['CLOUDSTACK_HOST']
# Use default path, port and scheme
cloudstack.api_key = ENV['CLOUDSTACK_API_KEY']
cloudstack.secret_key = ENV['CLOUDSTACK_SECRET_KEY']
cloudstack.zone_name = ENV['ZONE_NAME']
cloudstack.network_name = options[:network_name]
cloudstack.service_offering_name = ENV['SERVICE_OFFERING_NAME']
cloudstack.ssh_key = ENV['SSH_KEY'] unless ENV['SSH_KEY'].nil?
cloudstack.ssh_user = ENV['SSH_USER'] unless ENV['SSH_USER'].nil?
cloudstack.expunge_on_destroy = ENV['EXPUNGE_ON_DESTROY']=="true"
cloudstack.pf_ip_address = options[:pf_ip_address]
cloudstack.pf_public_port = options[:pf_public_port] unless options[:pf_public_port].nil?
cloudstack.pf_private_port = options[:pf_private_port] unless options[:pf_private_port].nil?
cloudstack.pf_open_firewall = false
# With Advanced networking, following Basic networking features should be ignored
cloudstack.security_groups = options[:security_groups] unless options[:security_groups].nil?
cloudstack.security_group_names = options[:security_group_names] unless options[:security_group_names].nil?
# With Advanced networking, following Basic networking features should be ignored
cloudstack.pf_trusted_networks = options[:pf_trusted_networks] unless options[:pf_trusted_networks].nil?
cloudstack.firewall_rules = options[:firewall_rules] unless options[:firewall_rules].nil?
cloudstack.port_forwarding_rules = options[:port_forwarding_rules] unless options[:port_forwarding_rules].nil?
end
end
end
end