module GClouder::Resources::Compute::VPNs::VPN
Public Class Methods
create(region, vpn, vpn_config)
click to toggle source
# File lib/gclouder/resources/compute/vpns.rb, line 137 def self.create(region, vpn, vpn_config) network = vpn_config['network'] Resource.ensure :"compute target-vpn-gateways", vpn_config["target_vpn_gateway"], "--network #{network} --region #{region}" vpn_config.delete("network") return if cli_args[:dry_run] ip_data = gcloud("--format json compute addresses describe vpn-#{vpn} --region=#{region}", force: true) unless ip_data.key?("address") fatal "could not find address for static ip with key: vpn-#{vpn} (is key allocated in project config?)" end address = ip_data["address"] Resource.ensure :"compute forwarding-rules", "#{vpn}-esp", "--region #{region} \ --ip-protocol ESP \ --address #{address} \ --target-vpn-gateway=#{vpn_config['target_vpn_gateway']}", silent: true Resource.ensure :"compute forwarding-rules", "#{vpn}-udp500", "--region #{region} \ --ip-protocol UDP \ --ports 500 \ --address #{address} \ --target-vpn-gateway=#{vpn_config['target_vpn_gateway']}", silent: true Resource.ensure :"compute forwarding-rules", "#{vpn}-udp4500", "--region #{region} --ip-protocol UDP --ports 4500 --address #{address} \ --target-vpn-gateway=#{vpn_config['target_vpn_gateway']}", silent: true Resource.ensure :"compute vpn-tunnels", vpn, "--region=#{region} #{hash_to_args(vpn_config)}", silent: true vpn_config["remote_traffic_selector"].each_with_index do |range, index| Resource.ensure :"compute routes", "route-#{vpn}-#{index}", "--network=#{network} --next-hop-vpn-tunnel=#{vpn} \ --next-hop-vpn-tunnel-region=#{region} --destination-range=#{range}", silent: true end GClouder::Resources::Compute::FirewallRules::Rule.ensure("vpn-#{vpn}-icmp", { "network" => network, "source-ranges" => vpn_config["remote_traffic_selector"], "allow" => "icmp" }, silent: true) end