# -*- mode: ruby -*- # vi: set ft=ruby : # Vagrantfile API/syntax version. Don't touch unless you know what you're doing! VAGRANTFILE_API_VERSION = '2' Vagrant.require_version '>= 1.5.0' networks = { VR: { network_name: ENV['VR_NETWORK_NAME'], public_ip: ENV['VR_PUBLIC_IP'] }, VPC: { network_name: ENV['VPC_TIER_NAME'], public_ip: ENV['VPC_PUBLIC_IP'] } } machines = {} networks.each_pair do |net_name, net_options| box_number = 0 machines["#{net_name}box#{box_number+=1}"] = { # Test fixed public port pf_public_port: ENV['PUBLIC_SSH_PORT'], # Test fixed private port pf_private_port: ENV['PRIVATE_SSH_PORT'], # pf_ip_address: net_options[:public_ip], network_name: net_options[:network_name], firewall_rules: [ # Full Firewall rule {:ipaddress => net_options[:public_ip], :protocol => 'tcp', :startport => 1111, :endport => 1111}, # Firewall rule without ':ipaddress' which defaults to 'cloudstack_pf_ip_address' {:protocol => 'tcp', :startport => 1122, :endport => 1122}, # Firewall rule without ':protocol', which defaults to 'tcp' {:startport => 1133, :endport => 1133}, # Firewall rule without ':endport', which defaults to ':startport' if present {:startport => 1144}, # Firewall rule without ':start', which defaults to ':endport' if present {:endport => 22} ], port_forwarding_rules: [ # Full portforwarding rule {:ipaddress => net_options[:public_ip], :protocol => "tcp", :publicport => 1111, :privateport => 22, :openfirewall => false}, # Portforwarding rule without ':ipaddress' which defaults to 'cloudstack_pf_ip_address' {:protocol => "tcp", :publicport => 1122, :privateport => 22, :openfirewall => false}, # Portforwarding rule without ':protocol', which defaults to 'tcp' {:publicport => 1133, :privateport => 22, :openfirewall => false}, # Portforwarding rule without ':openfirewall', which defaults to 'cloudstack.pf_open_firewall' {:publicport => 1144, :privateport => 22}, # Portforwarding rule without ':publicport', which defaults to ':privateport' {:privateport => 22}, # Portforwarding rule with ':generate_firewall', which generates an apropriate # Firewall rule based ':publicport' => ':startport', and other defaults {:publicport => 1155, :privateport => 22, :generate_firewall => true}, # Portforwarding rule which instructs CloudStack to create a Firewall rule {:publicport => 1166, :privateport => 22, :openfirewall => true}, ], # Trusted network as array, instead of string. Add some networks to make sure it's an (multi element) Array pf_trusted_networks: [ENV['SOURCE_CIDR'], ',172.31.1.172/32', '172.31.1.173/32'], # Ignore security groups security_groups: [{ :name => "Awesome_security_group", :description => "Created from the Vagrantfile", :rules => [{:type => "ingress", :protocol => "TCP", :startport => 22, :endport => 22, :cidrlist => "0.0.0.0/0"}] }], # Ignore security groups security_group_names: ['default', 'Awesome_security_group'], } machines["#{net_name}box#{box_number+=1}"] = { network_name: net_options[:network_name], pf_ip_address: net_options[:public_ip], # NO pf_public_port; test auto generated public port # NO pf_private_port; test detection of Communicator port (SSH/Winrm) # NO firewall rules for Communicator (SSH/WinRM), test auto generation # Trusted networks as string instead of array. Add some networks to make sure it supports multiple network-string pf_trusted_networks: ENV['SOURCE_CIDR'] + ',172.31.1.172/32,172.31.1.173/32' } end Vagrant.configure(VAGRANTFILE_API_VERSION) do |global_config| machines.each_pair do |name, options| global_config.vm.define name do |config| config.vm.box = ENV['LINUX_TEMPLATE_NAME'] config.vm.synced_folder ".", "/vagrant", type: "rsync", rsync__exclude: [".git/", "vendor"], disabled: true config.vm.provider :cloudstack do |cloudstack, override| cloudstack.display_name = "#{name}-#{ENV['TEST_NAME']}" cloudstack.host = ENV['CLOUDSTACK_HOST'] # Use default path, port and scheme cloudstack.api_key = ENV['CLOUDSTACK_API_KEY'] cloudstack.secret_key = ENV['CLOUDSTACK_SECRET_KEY'] cloudstack.zone_name = ENV['ZONE_NAME'] cloudstack.network_name = options[:network_name] cloudstack.service_offering_name = ENV['SERVICE_OFFERING_NAME'] cloudstack.ssh_key = ENV['SSH_KEY'] unless ENV['SSH_KEY'].nil? cloudstack.ssh_user = ENV['SSH_USER'] unless ENV['SSH_USER'].nil? cloudstack.expunge_on_destroy = ENV['EXPUNGE_ON_DESTROY']=="true" cloudstack.pf_ip_address = options[:pf_ip_address] cloudstack.pf_public_port = options[:pf_public_port] unless options[:pf_public_port].nil? cloudstack.pf_private_port = options[:pf_private_port] unless options[:pf_private_port].nil? cloudstack.pf_open_firewall = false # With Advanced networking, following Basic networking features should be ignored cloudstack.security_groups = options[:security_groups] unless options[:security_groups].nil? cloudstack.security_group_names = options[:security_group_names] unless options[:security_group_names].nil? # With Advanced networking, following Basic networking features should be ignored cloudstack.pf_trusted_networks = options[:pf_trusted_networks] unless options[:pf_trusted_networks].nil? cloudstack.firewall_rules = options[:firewall_rules] unless options[:firewall_rules].nil? cloudstack.port_forwarding_rules = options[:port_forwarding_rules] unless options[:port_forwarding_rules].nil? end end end end