vcloud-edge_gateway 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG.md +7 -1
- data/README.md +185 -145
- data/lib/vcloud/edge_gateway/configuration_generator/load_balancer_service.rb +9 -17
- data/lib/vcloud/edge_gateway/edge_gateway_configuration.rb +1 -1
- data/lib/vcloud/edge_gateway/version.rb +1 -1
- data/lib/vcloud/schema/load_balancer_service.rb +2 -0
- data/spec/integration/edge_gateway/load_balancer_service_spec.rb +1 -1
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_http-input.yaml +1 -1
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_http-output.yaml +3 -3
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_https-input.yaml +1 -1
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_https-output.yaml +3 -3
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_mixed_complex-input.yaml +1 -1
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_mixed_complex-output.yaml +3 -3
- data/spec/vcloud/edge_gateway/configuration_generator/load_balancer_service_spec.rb +22 -23
- data/spec/vcloud/edge_gateway/edge_gateway_configuration_spec.rb +9 -18
- data/spec/vcloud/edge_gateway/load_balancer_schema_validation_spec.rb +42 -0
- metadata +3 -3
data/CHANGELOG.md
CHANGED
|
@@ -1,8 +1,14 @@
|
|
|
1
|
+
## 0.2.2 (2014-03-05)
|
|
2
|
+
|
|
3
|
+
Bugfixes:
|
|
4
|
+
|
|
5
|
+
- Default healthcheck URI is now '/'. Previous default caused incorrect 'OPTIONS *' query [#66941992]
|
|
6
|
+
|
|
1
7
|
## 0.2.1 (2014-02-27)
|
|
2
8
|
|
|
3
9
|
Bugfixes:
|
|
4
10
|
|
|
5
|
-
-
|
|
11
|
+
- Now handles firewall rules with 'protocol: any' correctly [#66591522]
|
|
6
12
|
|
|
7
13
|
## 0.2.0 (2014-02-21)
|
|
8
14
|
|
data/README.md
CHANGED
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
# vCloud Edge Gateway
|
|
2
2
|
|
|
3
|
-
vCloud Edge Gateway is a tool
|
|
3
|
+
vCloud Edge Gateway is a CLI tool and Ruby library that supports automated
|
|
4
|
+
provisiong of a VMware vCloud Director Edge Gateway appliance. It depends on
|
|
5
|
+
[vCloud Core](https://rubygems.org/gems/vcloud-core) and uses
|
|
6
|
+
[Fog](http://fog.io) under the hood.
|
|
4
7
|
|
|
5
8
|
## Installation
|
|
6
9
|
|
|
@@ -22,6 +25,7 @@ To configure an Edge Gateway:
|
|
|
22
25
|
|
|
23
26
|
$ vcloud-configure-edge input.yaml
|
|
24
27
|
|
|
28
|
+
|
|
25
29
|
## Contributing
|
|
26
30
|
|
|
27
31
|
1. Fork it
|
|
@@ -30,160 +34,196 @@ To configure an Edge Gateway:
|
|
|
30
34
|
4. Push to the branch (`git push origin my-new-feature`)
|
|
31
35
|
5. Create new Pull Request
|
|
32
36
|
|
|
33
|
-
#Below here, rules are out of date - they will be updated shortly
|
|
34
37
|
|
|
35
|
-
###Configure edge gateway services
|
|
38
|
+
### Configure edge gateway services
|
|
39
|
+
|
|
40
|
+
You can configure the following services on an existing edgegateway using
|
|
41
|
+
`vcloud-configure-edge`.
|
|
42
|
+
|
|
43
|
+
- firewall_service
|
|
44
|
+
- nat_service
|
|
45
|
+
- load_balancer_service
|
|
46
|
+
|
|
47
|
+
NB: DHCP and VPN Services are not yet supported by the Fog platform underneath.
|
|
48
|
+
Support for these is being considered.
|
|
49
|
+
|
|
50
|
+
The `vcloud-configure-edge` tool takes an input YAML file describing one
|
|
51
|
+
or more of these services and updates the edge gateway configuration to match,
|
|
52
|
+
obeying the following rules:
|
|
53
|
+
|
|
54
|
+
* A given service will not be reconfigured if its input configuration matches
|
|
55
|
+
the live configuration - to prevent unneccessary service reloads.
|
|
56
|
+
* If a service is not defined in the input config, it will not be updated on
|
|
57
|
+
the remote edge gateway - to permit per-service configurations.
|
|
58
|
+
* If more than one service is defined and have changed, then all changed
|
|
59
|
+
services will be updated in the same API request.
|
|
60
|
+
|
|
61
|
+
#### firewall_service
|
|
62
|
+
|
|
63
|
+
The edge gateway firewall service offers basic inbound and outbound
|
|
64
|
+
IPv4 firewall rules, applied on top of a default policy.
|
|
65
|
+
|
|
66
|
+
We default to the global firewall policy being 'drop', and each individual
|
|
67
|
+
rule to be 'allow'. Rules are applied in order, with the last match winning.
|
|
68
|
+
|
|
69
|
+
Each rule has the following form:
|
|
70
|
+
|
|
71
|
+
```
|
|
72
|
+
- description: "Description of your rule"
|
|
73
|
+
destination_port_range: "53" # defaults to 'Any'
|
|
74
|
+
destination_ip: "192.0.2.15"
|
|
75
|
+
source_ip: "Any"
|
|
76
|
+
source_port_range: "1024-65535" # defaults to 'Any'
|
|
77
|
+
protocol: 'udp' # defaults to 'tcp'
|
|
78
|
+
policy: 'allow' # defaults to 'drop'
|
|
79
|
+
```
|
|
80
|
+
|
|
81
|
+
Rule fields have the following behaviour
|
|
82
|
+
|
|
83
|
+
* `policy` defaults to 'allow', can also be 'drop'.
|
|
84
|
+
* `protocol` defaults to 'tcp'. Can be 'icmp', 'udp', 'tcp+udp' or 'any'
|
|
85
|
+
* `source_port_range` and `destination_port_range` can be `Any` (default),
|
|
86
|
+
a single port number (eg '443'), or a port range such as '10000-20000'
|
|
87
|
+
* `source_ip` and `destination_ip` *must* be specified.
|
|
88
|
+
* `source_ip` and `destination_ip` can be one of:
|
|
89
|
+
* `Any` to match any address.
|
|
90
|
+
* `external`, or `internal` to refer to addresses on the respective 'sides'
|
|
91
|
+
of the edge gateway.
|
|
92
|
+
* A single IP address, such as `192.0.2.44`
|
|
93
|
+
* A CIDR range, eg `192.0.2.0/24`
|
|
94
|
+
* A hyphened range, such as `192.0.2.50-192.0.2.60`
|
|
95
|
+
|
|
96
|
+
#### nat_service
|
|
97
|
+
|
|
98
|
+
The edge gateway NAT service offers simple stateful Source-NAT and
|
|
99
|
+
Destination-NAT rules.
|
|
100
|
+
|
|
101
|
+
SNAT rules take a source IP address range and 'Translated IP address'. The translated
|
|
102
|
+
address is generally the public address that you wish traffic to appear to be
|
|
103
|
+
coming from. SNAT rules are typically used to enable outbound connectivity from
|
|
104
|
+
a private address range behind the edge. The UUID of the external network that
|
|
105
|
+
the traffic should appear to come from must also be specified, as per the
|
|
106
|
+
`network_id` field below.
|
|
107
|
+
|
|
108
|
+
A SNAT rule has the following form:
|
|
109
|
+
|
|
110
|
+
```
|
|
111
|
+
- rule_type: 'SNAT'
|
|
112
|
+
network_id: '12345678-1234-1234-1234-1234567890bb' # id of EdgeGateway external network
|
|
113
|
+
original_ip: "10.10.10.0/24" # internal IP range
|
|
114
|
+
translated_ip: "192.0.2.100
|
|
115
|
+
```
|
|
116
|
+
|
|
117
|
+
* `original_ip` can be a single IP address, a CIDR range, or a hyphenated
|
|
118
|
+
IP range.
|
|
119
|
+
* `network_id` must be the UUID of the network on which the `translated_ip` sits.
|
|
120
|
+
Instructions are in the [finding external network
|
|
121
|
+
details](#finding-external-network-details-from-vcloud-walk) section below.
|
|
122
|
+
* `translated_ip` must be an available address on the network specified by
|
|
123
|
+
`network_id`
|
|
124
|
+
|
|
36
125
|
|
|
37
|
-
|
|
38
|
-
-
|
|
39
|
-
|
|
40
|
-
|
|
126
|
+
DNAT rules translate packets addressed to a particular destination IP (and
|
|
127
|
+
typically port) and translate it to an internal address - they are usually
|
|
128
|
+
defined to allow external hosts to connect to services on hosts with private IP
|
|
129
|
+
addresses.
|
|
41
130
|
|
|
42
|
-
|
|
131
|
+
A DNAT rule has the following form, and translates packets going to the
|
|
132
|
+
`original_ip` (and `original_port`) to the `translated_ip` and
|
|
133
|
+
`translated_port` values.
|
|
43
134
|
|
|
44
|
-
```ruby
|
|
45
|
-
require 'fog'
|
|
46
|
-
vcloud = Fog::Compute::VcloudDirector.new
|
|
47
|
-
vcloud.post_configure_edge_gateway_services edge_gateway_id, configuration
|
|
48
|
-
vcloud.process_task(task.body)
|
|
49
135
|
```
|
|
136
|
+
- rule_type: 'DNAT'
|
|
137
|
+
network_id: '12345678-1234-1234-1234-1234567890bb' # id of EdgeGateway external network
|
|
138
|
+
original_ip: "192.0.2.98" # Useable address on external network
|
|
139
|
+
original_port: "22" # external port
|
|
140
|
+
translated_ip: "10.10.10.10" # internal address to DNAT to
|
|
141
|
+
translated_port: "22"
|
|
142
|
+
```
|
|
143
|
+
|
|
144
|
+
* `network_id` specifies the UUID of the external network that packets are
|
|
145
|
+
translated from.
|
|
146
|
+
* `original_ip` is an IP address on the external network above.
|
|
147
|
+
|
|
148
|
+
#### load_balancer_service
|
|
149
|
+
|
|
150
|
+
The load balancer service comprises two sets of configurations: 'pools' and
|
|
151
|
+
'virtual_servers'. These are coupled together to form a load balanced service:
|
|
152
|
+
|
|
153
|
+
* A virtual_server provides the front-end of a load balancer - the port and
|
|
154
|
+
IP that clients connect to.
|
|
155
|
+
* A pool is a collection of one or more back-end nodes (IP+port combination)
|
|
156
|
+
that traffic is balanced across.
|
|
157
|
+
* Each virtual_server entry specifies a pool that serves requests destined to
|
|
158
|
+
it.
|
|
159
|
+
* Multiple virtual_servers can specify the same pool (to run the same service
|
|
160
|
+
on different FQDNs, for example)
|
|
161
|
+
|
|
162
|
+
A typical load balancer configuration (for one service) would look something like:
|
|
50
163
|
|
|
51
|
-
The Configuration contain definitions of any of the services listed.Details of service configurations may vary,
|
|
52
|
-
but the mechanism is the same for updating any Edge Gateway service.<br/>You can include one or more services when you configure an Edge Gateway.
|
|
53
|
-
|
|
54
|
-
###Examples:
|
|
55
|
-
|
|
56
|
-
Service examples, to be used in place of the `configuration` object above.
|
|
57
|
-
|
|
58
|
-
Firewall:
|
|
59
|
-
```ruby
|
|
60
|
-
configuration = {
|
|
61
|
-
:FirewallService => {
|
|
62
|
-
:IsEnabled => true,
|
|
63
|
-
:DefaultAction => 'allow',
|
|
64
|
-
:LogDefaultAction => false,
|
|
65
|
-
:FirewallRule => [
|
|
66
|
-
{
|
|
67
|
-
:Policy => 'allow',
|
|
68
|
-
:Description => 'description',
|
|
69
|
-
:Protocols => {:Tcp => true},
|
|
70
|
-
:Port => 22,
|
|
71
|
-
:DestinationPortRange => 22,
|
|
72
|
-
:DestinationIp => 'Internal',
|
|
73
|
-
:SourcePort => 22,
|
|
74
|
-
:SourceIp => 'External',
|
|
75
|
-
:SourcePortRange => '22'
|
|
76
|
-
}
|
|
77
|
-
]
|
|
78
|
-
}
|
|
79
|
-
}
|
|
80
164
|
```
|
|
165
|
+
load_balancer_service:
|
|
166
|
+
|
|
167
|
+
pools:
|
|
168
|
+
- name: 'example-pool-1'
|
|
169
|
+
description: 'A pool balancing traffic across backend nodes on port 8080'
|
|
170
|
+
service:
|
|
171
|
+
http:
|
|
172
|
+
port: 8080
|
|
173
|
+
members:
|
|
174
|
+
- ip_address: 10.10.10.11
|
|
175
|
+
- ip_address: 10.10.10.12
|
|
176
|
+
- ip_address: 10.10.10.13
|
|
177
|
+
|
|
178
|
+
virtual_servers:
|
|
179
|
+
- name: 'example-virtual-server-1'
|
|
180
|
+
description: 'A virtual server connecting to example-pool-1'
|
|
181
|
+
ip_address: 192.0.2.10
|
|
182
|
+
network: '12345678-1234-1234-1234-123456789012' # id of external network
|
|
183
|
+
pool: 'example-pool-1' # must refer to a pool name detailed above
|
|
184
|
+
service_profiles:
|
|
185
|
+
http: # protocol to balance, can be tcp/http/https.
|
|
186
|
+
port: '80' # external port
|
|
187
|
+
```
|
|
188
|
+
|
|
189
|
+
### Finding external network details from vcloud-walk
|
|
81
190
|
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
:ServicePort => [
|
|
91
|
-
{
|
|
92
|
-
:IsEnabled => "true",
|
|
93
|
-
:Protocol => "HTTP",
|
|
94
|
-
:Algorithm => "ROUND_ROBIN",
|
|
95
|
-
:Port => 80,
|
|
96
|
-
:HealthCheckPort => 80,
|
|
97
|
-
:HealthCheck => {
|
|
98
|
-
:Mode => "HTTP", :HealthThreshold => 1, :UnhealthThreshold => 6, :Interval => 20, :Timeout => 25
|
|
99
|
-
}
|
|
100
|
-
},
|
|
101
|
-
{
|
|
102
|
-
:IsEnabled => true,
|
|
103
|
-
:Protocol => "HTTPS",
|
|
104
|
-
:Algorithm => "ROUND_ROBIN",
|
|
105
|
-
:Port => 443,
|
|
106
|
-
:HealthCheckPort => 443,
|
|
107
|
-
:HealthCheck => {
|
|
108
|
-
:Mode => "SSL", :HealthThreshold => 1, :UnhealthThreshold => 6, :Interval => 20, :Timeout => 25
|
|
109
|
-
}
|
|
110
|
-
}
|
|
111
|
-
],
|
|
112
|
-
:Member => [
|
|
113
|
-
{
|
|
114
|
-
:IpAddress => "192.0.2.0",
|
|
115
|
-
:Weight => 1,
|
|
116
|
-
:ServicePort => [
|
|
117
|
-
{:Protocol => "HTTP", :Port => 80, :HealthCheckPort => 80}
|
|
118
|
-
]
|
|
119
|
-
}
|
|
120
|
-
]
|
|
121
|
-
}
|
|
122
|
-
],
|
|
123
|
-
:VirtualServer => [
|
|
124
|
-
{
|
|
125
|
-
:IsEnabled => "true",
|
|
126
|
-
:Name => "app1",
|
|
127
|
-
:Description => "app1",
|
|
128
|
-
:Interface => {:name => "Default", :href => "https://vmware.api.net/api/admin/network/2ad93597-7b54-43dd-9eb1-631dd337e5a7"},
|
|
129
|
-
:IpAddress => '192.0.2.0',
|
|
130
|
-
:ServiceProfile => [
|
|
131
|
-
{:IsEnabled => "true", :Protocol => "HTTP", :Port => 80, :Persistence => {:Method => ""}},
|
|
132
|
-
{:IsEnabled => "true", :Protocol => "HTTPS", :Port => 443, :Persistence => {:Method => ""}}
|
|
133
|
-
],
|
|
134
|
-
:Logging => false,
|
|
135
|
-
:Pool => 'web-app'
|
|
136
|
-
}
|
|
137
|
-
]
|
|
138
|
-
}
|
|
139
|
-
}
|
|
191
|
+
You can find the network UUID and external address allocations using [vCloud
|
|
192
|
+
Walker](https://rubygems.org/gems/vcloud-walker):
|
|
193
|
+
|
|
194
|
+
To do this, do:
|
|
195
|
+
|
|
196
|
+
```
|
|
197
|
+
export FOG_CREDENTIAL={crediental-tag-for-your-organization}
|
|
198
|
+
vcloud-walk edgegateways > edges.out
|
|
140
199
|
```
|
|
141
200
|
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
:IsEnabled => true,
|
|
154
|
-
:Id => '65538',
|
|
155
|
-
:GatewayNatRule => {
|
|
156
|
-
:Interface => {
|
|
157
|
-
:name => 'nft00001',
|
|
158
|
-
:href => 'https://vmware.api.net/api/admin/network/44265cc3-6d63-4ea9-ac72-4905b5aa6111'
|
|
159
|
-
},
|
|
160
|
-
:OriginalIp => "192.0.2.0",
|
|
161
|
-
:TranslatedIp => "203.0.113.10"
|
|
162
|
-
}
|
|
163
|
-
},
|
|
164
|
-
{
|
|
165
|
-
:Description => 'a dnat rule',
|
|
166
|
-
:RuleType => 'DNAT',
|
|
167
|
-
:IsEnabled => true,
|
|
168
|
-
:Id => '65539',
|
|
169
|
-
:GatewayNatRule =>
|
|
170
|
-
{
|
|
171
|
-
:Interface => {
|
|
172
|
-
:name => 'nft00001',
|
|
173
|
-
:href => 'https://vmware.api.net/api/admin/network/44265cc3-6d63-4ea9-ac72-4905b5aa6111'
|
|
174
|
-
},
|
|
175
|
-
:Protocol => 'tcp',
|
|
176
|
-
:OriginalIp => "203.0.113.10",
|
|
177
|
-
:OriginalPort => 22,
|
|
178
|
-
:TranslatedIp => "192.0.2.0",
|
|
179
|
-
:TranslatedPort => 22
|
|
180
|
-
},
|
|
181
|
-
}
|
|
182
|
-
]
|
|
183
|
-
}
|
|
184
|
-
}
|
|
201
|
+
`edges.out` will contain the complete configuration of all edge gateways in
|
|
202
|
+
your organization. Find the edge gateway you are interested in by searching for
|
|
203
|
+
its name, then look for a GatewayInterface section that has an InterfaceType of
|
|
204
|
+
'uplink'. This should define:
|
|
205
|
+
|
|
206
|
+
* a 'href' element in a Network section. The UUID at the end of this href is
|
|
207
|
+
what you need.
|
|
208
|
+
* an IpRange section with a StartAddress and EndAddress -- these define the
|
|
209
|
+
addresses that you can use for services on this external network.
|
|
210
|
+
|
|
211
|
+
You can use [jq](http://stedolan.github.io/jq/) to make this easier:
|
|
185
212
|
```
|
|
213
|
+
cat edges.out | jq '
|
|
214
|
+
.[] | select(.name == "NAME_OF_YOUR_EDGE_GATEWAY")
|
|
215
|
+
| .Configuration.GatewayInterfaces.GatewayInterface[]
|
|
216
|
+
| select(.InterfaceType == "uplink")
|
|
217
|
+
| ( .Network.href, .SubnetParticipation )
|
|
218
|
+
'
|
|
219
|
+
```
|
|
220
|
+
|
|
221
|
+
|
|
222
|
+
|
|
223
|
+
### Debug output
|
|
224
|
+
|
|
225
|
+
Set environment variable `DEBUG=true` and/or `EXCON_DEBUG=true` to see Fog debug info.
|
|
186
226
|
|
|
187
|
-
###
|
|
227
|
+
### References
|
|
188
228
|
|
|
189
|
-
|
|
229
|
+
* [vCloud Director Edge Gateway documentation](http://pubs.vmware.com/vcd-51/topic/com.vmware.vcloud.admin.doc_51/GUID-ADE1DCAB-874F-45A9-9337-1E971DAC0F7D.html)
|
|
@@ -3,8 +3,8 @@ module Vcloud
|
|
|
3
3
|
module ConfigurationGenerator
|
|
4
4
|
class LoadBalancerService
|
|
5
5
|
|
|
6
|
-
def initialize
|
|
7
|
-
@
|
|
6
|
+
def initialize(edge_gateway_interfaces)
|
|
7
|
+
@edge_gateway_interfaces = edge_gateway_interfaces
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
def generate_fog_config(load_balancer_input_config)
|
|
@@ -51,25 +51,17 @@ module Vcloud
|
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
def generate_virtual_server_interface_section(network_id)
|
|
54
|
+
edge_gw_interface = @edge_gateway_interfaces.find do |interface|
|
|
55
|
+
interface.network_id == network_id
|
|
56
|
+
end
|
|
57
|
+
raise "unable to find gateway network interface with id #{network_id}" unless edge_gw_interface
|
|
54
58
|
vcloud_virtual_server_interface = {}
|
|
55
59
|
vcloud_virtual_server_interface[:type] = 'application/vnd.vmware.vcloud.orgVdcNetwork+xml'
|
|
56
|
-
vcloud_virtual_server_interface[:name] =
|
|
57
|
-
vcloud_virtual_server_interface[:href] =
|
|
60
|
+
vcloud_virtual_server_interface[:name] = edge_gw_interface.network_name
|
|
61
|
+
vcloud_virtual_server_interface[:href] = edge_gw_interface.network_href
|
|
58
62
|
vcloud_virtual_server_interface
|
|
59
63
|
end
|
|
60
64
|
|
|
61
|
-
def look_up_network_name(network_id)
|
|
62
|
-
gateway_interface = @edge_gateway.vcloud_gateway_interface_by_id(network_id)
|
|
63
|
-
raise "Could not find network #{network_id}" unless gateway_interface
|
|
64
|
-
gateway_interface[:Network][:name]
|
|
65
|
-
end
|
|
66
|
-
|
|
67
|
-
def look_up_network_href(network_id)
|
|
68
|
-
gateway_interface = @edge_gateway.vcloud_gateway_interface_by_id(network_id)
|
|
69
|
-
raise "Could not find network #{network_id}" unless gateway_interface
|
|
70
|
-
gateway_interface[:Network][:href]
|
|
71
|
-
end
|
|
72
|
-
|
|
73
65
|
def generate_virtual_server_service_profile_section(input_service_profile)
|
|
74
66
|
input_service_profile = {} if input_service_profile.nil?
|
|
75
67
|
vcloud_service_profiles = []
|
|
@@ -197,7 +189,7 @@ module Vcloud
|
|
|
197
189
|
vcloud_pool_healthcheck_entry = {
|
|
198
190
|
Mode: default_mode,
|
|
199
191
|
}
|
|
200
|
-
vcloud_pool_healthcheck_entry[:Uri] = ''
|
|
192
|
+
vcloud_pool_healthcheck_entry[:Uri] = '/'
|
|
201
193
|
vcloud_pool_healthcheck_entry[:HealthThreshold] = '2'
|
|
202
194
|
vcloud_pool_healthcheck_entry[:UnhealthThreshold] = '3'
|
|
203
195
|
vcloud_pool_healthcheck_entry[:Interval] = '5'
|
|
@@ -37,7 +37,7 @@ module Vcloud
|
|
|
37
37
|
|
|
38
38
|
load_balancer_service_config =
|
|
39
39
|
EdgeGateway::ConfigurationGenerator::LoadBalancerService.new(
|
|
40
|
-
@
|
|
40
|
+
@edge_gateway_interfaces
|
|
41
41
|
).generate_fog_config(@local_config[:load_balancer_service])
|
|
42
42
|
|
|
43
43
|
unless load_balancer_service_config.nil?
|
|
@@ -30,6 +30,7 @@ module Vcloud
|
|
|
30
30
|
POOL_SERVICE_SECTION = {
|
|
31
31
|
type: Hash,
|
|
32
32
|
required: false,
|
|
33
|
+
allowed_empty: true,
|
|
33
34
|
internals: {
|
|
34
35
|
enabled: { type: 'boolean', required: false },
|
|
35
36
|
port: { type: 'string_or_number', required: false },
|
|
@@ -78,6 +79,7 @@ module Vcloud
|
|
|
78
79
|
VIRTUAL_SERVER_SERVICE_PROFILE_ENTRY = {
|
|
79
80
|
type: Hash,
|
|
80
81
|
required: false,
|
|
82
|
+
allowed_empty: true,
|
|
81
83
|
internals: {
|
|
82
84
|
enabled: { type: 'boolean', required: false },
|
|
83
85
|
port: { type: 'string_or_number', required: false },
|
|
@@ -49,7 +49,7 @@ module Vcloud
|
|
|
49
49
|
Vcloud::Schema::EDGE_GATEWAY_SERVICES
|
|
50
50
|
)
|
|
51
51
|
@local_vcloud_config = EdgeGateway::ConfigurationGenerator::LoadBalancerService.new(
|
|
52
|
-
@
|
|
52
|
+
@edge_gateway.interfaces
|
|
53
53
|
).generate_fog_config(local_config[:load_balancer_service])
|
|
54
54
|
end
|
|
55
55
|
|
|
@@ -30,7 +30,7 @@
|
|
|
30
30
|
name: 'router', #req
|
|
31
31
|
description: 'describe it', #opt
|
|
32
32
|
ip_address: '192.2.0.55', #req
|
|
33
|
-
network: '
|
|
33
|
+
network: '12345678-1234-1234-1234-123456789012', #req
|
|
34
34
|
pool: 'web-app', #req
|
|
35
35
|
logging: 'false', #opt, default false
|
|
36
36
|
service_profiles: {
|
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
HealthCheckPort: '80',
|
|
14
14
|
HealthCheck:
|
|
15
15
|
{
|
|
16
|
-
Mode: "HTTP", Uri: '', HealthThreshold: '1', UnhealthThreshold: '6', Interval: '20', Timeout: '25'
|
|
16
|
+
Mode: "HTTP", Uri: '/', HealthThreshold: '1', UnhealthThreshold: '6', Interval: '20', Timeout: '25'
|
|
17
17
|
}
|
|
18
18
|
},
|
|
19
19
|
{
|
|
@@ -24,7 +24,7 @@
|
|
|
24
24
|
HealthCheckPort: '',
|
|
25
25
|
HealthCheck:
|
|
26
26
|
{
|
|
27
|
-
Mode: "SSL", Uri: '', HealthThreshold: '2', UnhealthThreshold: '3', Interval: '5', Timeout: '15'
|
|
27
|
+
Mode: "SSL", Uri: '/', HealthThreshold: '2', UnhealthThreshold: '3', Interval: '5', Timeout: '15'
|
|
28
28
|
}
|
|
29
29
|
},
|
|
30
30
|
{
|
|
@@ -35,7 +35,7 @@
|
|
|
35
35
|
HealthCheckPort: '',
|
|
36
36
|
HealthCheck:
|
|
37
37
|
{
|
|
38
|
-
Mode: "TCP", Uri: '', HealthThreshold: '2', UnhealthThreshold: '3', Interval: '5', Timeout: '15'
|
|
38
|
+
Mode: "TCP", Uri: '/', HealthThreshold: '2', UnhealthThreshold: '3', Interval: '5', Timeout: '15'
|
|
39
39
|
}
|
|
40
40
|
}
|
|
41
41
|
],
|
|
@@ -11,7 +11,7 @@
|
|
|
11
11
|
:HealthCheckPort: ''
|
|
12
12
|
:HealthCheck:
|
|
13
13
|
:Mode: HTTP
|
|
14
|
-
:Uri: ''
|
|
14
|
+
:Uri: '/'
|
|
15
15
|
:HealthThreshold: '2'
|
|
16
16
|
:UnhealthThreshold: '3'
|
|
17
17
|
:Interval: '5'
|
|
@@ -23,7 +23,7 @@
|
|
|
23
23
|
:HealthCheckPort: ''
|
|
24
24
|
:HealthCheck:
|
|
25
25
|
:Mode: SSL
|
|
26
|
-
:Uri: ''
|
|
26
|
+
:Uri: '/'
|
|
27
27
|
:HealthThreshold: '2'
|
|
28
28
|
:UnhealthThreshold: '3'
|
|
29
29
|
:Interval: '5'
|
|
@@ -35,7 +35,7 @@
|
|
|
35
35
|
:HealthCheckPort: ''
|
|
36
36
|
:HealthCheck:
|
|
37
37
|
:Mode: TCP
|
|
38
|
-
:Uri: ''
|
|
38
|
+
:Uri: '/'
|
|
39
39
|
:HealthThreshold: '2'
|
|
40
40
|
:UnhealthThreshold: '3'
|
|
41
41
|
:Interval: '5'
|
data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_mixed_complex-output.yaml
CHANGED
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
:HealthCheckPort: '8081'
|
|
11
11
|
:HealthCheck:
|
|
12
12
|
:Mode: TCP
|
|
13
|
-
:Uri: ''
|
|
13
|
+
:Uri: '/'
|
|
14
14
|
:HealthThreshold: '2'
|
|
15
15
|
:UnhealthThreshold: '3'
|
|
16
16
|
:Interval: '5'
|
|
@@ -22,7 +22,7 @@
|
|
|
22
22
|
:HealthCheckPort: '443'
|
|
23
23
|
:HealthCheck:
|
|
24
24
|
:Mode: TCP
|
|
25
|
-
:Uri: ''
|
|
25
|
+
:Uri: '/'
|
|
26
26
|
:HealthThreshold: '2'
|
|
27
27
|
:UnhealthThreshold: '3'
|
|
28
28
|
:Interval: '5'
|
|
@@ -34,7 +34,7 @@
|
|
|
34
34
|
:HealthCheckPort: ''
|
|
35
35
|
:HealthCheck:
|
|
36
36
|
:Mode: TCP
|
|
37
|
-
:Uri: ''
|
|
37
|
+
:Uri: '/'
|
|
38
38
|
:HealthThreshold: '2'
|
|
39
39
|
:UnhealthThreshold: '3'
|
|
40
40
|
:Interval: '5'
|
|
@@ -6,27 +6,26 @@ module Vcloud
|
|
|
6
6
|
describe LoadBalancerService do
|
|
7
7
|
|
|
8
8
|
before(:each) do
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
:
|
|
13
|
-
|
|
14
|
-
:name => 'ExternalNetwork',
|
|
15
|
-
:href => 'https://example.com/api/admin/network/12345678-1234-1234-1234-123456789012'
|
|
16
|
-
}
|
|
17
|
-
}
|
|
9
|
+
mock_uplink_interface = double(
|
|
10
|
+
:mock_uplink,
|
|
11
|
+
:network_name => "ExternalNetwork",
|
|
12
|
+
:network_id => "12345678-1234-1234-1234-123456789012",
|
|
13
|
+
:network_href => 'https://example.com/api/admin/network/12345678-1234-1234-1234-123456789012',
|
|
18
14
|
)
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
15
|
+
mock_internal_interface = double(
|
|
16
|
+
:mock_uplink,
|
|
17
|
+
:network_name => "InternalNetwork",
|
|
18
|
+
:network_id => "12346788-1234-1234-1234-123456789000",
|
|
19
|
+
:network_href => "https://example.com/api/admin/network/12346788-1234-1234-1234-123456789000",
|
|
20
|
+
)
|
|
21
|
+
@edge_gw_interface_list = [ mock_internal_interface, mock_uplink_interface ]
|
|
23
22
|
end
|
|
24
23
|
|
|
25
24
|
context "top level LoadBalancer configuration defaults" do
|
|
26
25
|
|
|
27
26
|
before(:each) do
|
|
28
27
|
input = { } # minimum configuration
|
|
29
|
-
@output = LoadBalancerService.new(@
|
|
28
|
+
@output = LoadBalancerService.new(@edge_gw_interface_list).generate_fog_config(input)
|
|
30
29
|
end
|
|
31
30
|
|
|
32
31
|
it 'should default to LoadBalancerService enabled' do
|
|
@@ -47,10 +46,10 @@ module Vcloud
|
|
|
47
46
|
input = { virtual_servers: [{
|
|
48
47
|
name: "virtual-server-1",
|
|
49
48
|
ip_address: '192.2.0.1',
|
|
50
|
-
network: "12345678-1234-1234-1234-
|
|
49
|
+
network: "12345678-1234-1234-1234-123456789012",
|
|
51
50
|
pool: "pool-1",
|
|
52
51
|
}]}
|
|
53
|
-
output = LoadBalancerService.new(@
|
|
52
|
+
output = LoadBalancerService.new(@edge_gw_interface_list).generate_fog_config(input)
|
|
54
53
|
@rule = output[:VirtualServer].first
|
|
55
54
|
end
|
|
56
55
|
|
|
@@ -107,7 +106,7 @@ module Vcloud
|
|
|
107
106
|
name: "pool-1",
|
|
108
107
|
members: [ { ip_address: '10.10.10.10' } ],
|
|
109
108
|
}]}
|
|
110
|
-
output = LoadBalancerService.new(@
|
|
109
|
+
output = LoadBalancerService.new(@edge_gw_interface_list).generate_fog_config(input)
|
|
111
110
|
@rule = output[:Pool].first
|
|
112
111
|
end
|
|
113
112
|
|
|
@@ -127,7 +126,7 @@ module Vcloud
|
|
|
127
126
|
:HealthCheckPort=>"",
|
|
128
127
|
:HealthCheck=>{
|
|
129
128
|
:Mode=>"HTTP",
|
|
130
|
-
:Uri=>"",
|
|
129
|
+
:Uri=>"/",
|
|
131
130
|
:HealthThreshold=>"2",
|
|
132
131
|
:UnhealthThreshold=>"3",
|
|
133
132
|
:Interval=>"5",
|
|
@@ -142,7 +141,7 @@ module Vcloud
|
|
|
142
141
|
:HealthCheckPort=>"",
|
|
143
142
|
:HealthCheck=>{
|
|
144
143
|
:Mode=>"SSL",
|
|
145
|
-
:Uri=>"",
|
|
144
|
+
:Uri=>"/",
|
|
146
145
|
:HealthThreshold=>"2",
|
|
147
146
|
:UnhealthThreshold=>"3",
|
|
148
147
|
:Interval=>"5",
|
|
@@ -157,7 +156,7 @@ module Vcloud
|
|
|
157
156
|
:HealthCheckPort=>"",
|
|
158
157
|
:HealthCheck=>{
|
|
159
158
|
:Mode=>"TCP",
|
|
160
|
-
:Uri=>"",
|
|
159
|
+
:Uri=>"/",
|
|
161
160
|
:HealthThreshold=>"2",
|
|
162
161
|
:UnhealthThreshold=>"3",
|
|
163
162
|
:Interval=>"5",
|
|
@@ -190,7 +189,7 @@ module Vcloud
|
|
|
190
189
|
it 'should expand out input config into Fog expected input' do
|
|
191
190
|
input = read_data_file('load_balancer_http-input.yaml')
|
|
192
191
|
expected_output = read_data_file('load_balancer_http-output.yaml')
|
|
193
|
-
generated_config = LoadBalancerService.new(@
|
|
192
|
+
generated_config = LoadBalancerService.new(@edge_gw_interface_list).
|
|
194
193
|
generate_fog_config input
|
|
195
194
|
expect(generated_config).to eq(expected_output)
|
|
196
195
|
end
|
|
@@ -202,7 +201,7 @@ module Vcloud
|
|
|
202
201
|
it 'should expand out input config into Fog expected input' do
|
|
203
202
|
input = read_data_file('load_balancer_https-input.yaml')
|
|
204
203
|
expected_output = read_data_file('load_balancer_https-output.yaml')
|
|
205
|
-
generated_config = LoadBalancerService.new(@
|
|
204
|
+
generated_config = LoadBalancerService.new(@edge_gw_interface_list).
|
|
206
205
|
generate_fog_config input
|
|
207
206
|
expect(generated_config).to eq(expected_output)
|
|
208
207
|
end
|
|
@@ -214,7 +213,7 @@ module Vcloud
|
|
|
214
213
|
it 'should expand out input config into Fog expected input' do
|
|
215
214
|
input = read_data_file('load_balancer_mixed_complex-input.yaml')
|
|
216
215
|
expected_output = read_data_file('load_balancer_mixed_complex-output.yaml')
|
|
217
|
-
generated_config = LoadBalancerService.new(@
|
|
216
|
+
generated_config = LoadBalancerService.new(@edge_gw_interface_list).
|
|
218
217
|
generate_fog_config input
|
|
219
218
|
expect(generated_config).to eq(expected_output)
|
|
220
219
|
end
|
|
@@ -6,15 +6,6 @@ module Vcloud
|
|
|
6
6
|
|
|
7
7
|
before(:each) do
|
|
8
8
|
@edge_gateway_id = "1111111-7b54-43dd-9eb1-631dd337e5a7"
|
|
9
|
-
@edge_gateway = double(:edge_gateway,
|
|
10
|
-
:vcloud_gateway_interface_by_id => {
|
|
11
|
-
Network: {
|
|
12
|
-
:type => "application/vnd.vmware.admin.network+xml",
|
|
13
|
-
:name => 'ane012345',
|
|
14
|
-
:href => 'https://vmware.example.com/api/admin/network/01234567-1234-1234-1234-0123456789aa'
|
|
15
|
-
}
|
|
16
|
-
})
|
|
17
|
-
Vcloud::Core::EdgeGateway.stub(:get_by_name).with(@edge_gateway_id).and_return(@edge_gateway)
|
|
18
9
|
mock_edge_gateway_interface = double(
|
|
19
10
|
:mock_edge_gateway_interface,
|
|
20
11
|
:network_name => "ane012345",
|
|
@@ -654,7 +645,7 @@ module Vcloud
|
|
|
654
645
|
:HealthCheckPort=>"",
|
|
655
646
|
:HealthCheck=>{
|
|
656
647
|
:Mode=>"HTTP",
|
|
657
|
-
:Uri=>"",
|
|
648
|
+
:Uri=>"/",
|
|
658
649
|
:HealthThreshold=>"2",
|
|
659
650
|
:UnhealthThreshold=>"3",
|
|
660
651
|
:Interval=>"5",
|
|
@@ -668,7 +659,7 @@ module Vcloud
|
|
|
668
659
|
:HealthCheckPort=>"",
|
|
669
660
|
:HealthCheck=>{
|
|
670
661
|
:Mode=>"SSL",
|
|
671
|
-
:Uri=>"",
|
|
662
|
+
:Uri=>"/",
|
|
672
663
|
:HealthThreshold=>"2",
|
|
673
664
|
:UnhealthThreshold=>"3",
|
|
674
665
|
:Interval=>"5",
|
|
@@ -682,7 +673,7 @@ module Vcloud
|
|
|
682
673
|
:HealthCheckPort=>"",
|
|
683
674
|
:HealthCheck=>{
|
|
684
675
|
:Mode=>"TCP",
|
|
685
|
-
:Uri=>"",
|
|
676
|
+
:Uri=>"/",
|
|
686
677
|
:HealthThreshold=>"2",
|
|
687
678
|
:UnhealthThreshold=>"3",
|
|
688
679
|
:Interval=>"5",
|
|
@@ -839,7 +830,7 @@ module Vcloud
|
|
|
839
830
|
:HealthCheckPort=>"",
|
|
840
831
|
:HealthCheck=>{
|
|
841
832
|
:Mode=>"HTTP",
|
|
842
|
-
:Uri=>"",
|
|
833
|
+
:Uri=>"/",
|
|
843
834
|
:HealthThreshold=>"2",
|
|
844
835
|
:UnhealthThreshold=>"3",
|
|
845
836
|
:Interval=>"5",
|
|
@@ -853,7 +844,7 @@ module Vcloud
|
|
|
853
844
|
:HealthCheckPort=>"",
|
|
854
845
|
:HealthCheck=>{
|
|
855
846
|
:Mode=>"SSL",
|
|
856
|
-
:Uri=>"",
|
|
847
|
+
:Uri=>"/",
|
|
857
848
|
:HealthThreshold=>"2",
|
|
858
849
|
:UnhealthThreshold=>"3",
|
|
859
850
|
:Interval=>"5",
|
|
@@ -867,7 +858,7 @@ module Vcloud
|
|
|
867
858
|
:HealthCheckPort=>"",
|
|
868
859
|
:HealthCheck=>{
|
|
869
860
|
:Mode=>"TCP",
|
|
870
|
-
:Uri=>"",
|
|
861
|
+
:Uri=>"/",
|
|
871
862
|
:HealthThreshold=>"2",
|
|
872
863
|
:UnhealthThreshold=>"3",
|
|
873
864
|
:Interval=>"5",
|
|
@@ -1025,7 +1016,7 @@ module Vcloud
|
|
|
1025
1016
|
:HealthCheckPort=>"",
|
|
1026
1017
|
:HealthCheck=>{
|
|
1027
1018
|
:Mode=>"HTTP",
|
|
1028
|
-
:Uri=>"",
|
|
1019
|
+
:Uri=>"/",
|
|
1029
1020
|
:HealthThreshold=>"2",
|
|
1030
1021
|
:UnhealthThreshold=>"3",
|
|
1031
1022
|
:Interval=>"5",
|
|
@@ -1039,7 +1030,7 @@ module Vcloud
|
|
|
1039
1030
|
:HealthCheckPort=>"",
|
|
1040
1031
|
:HealthCheck=>{
|
|
1041
1032
|
:Mode=>"SSL",
|
|
1042
|
-
:Uri=>"",
|
|
1033
|
+
:Uri=>"/",
|
|
1043
1034
|
:HealthThreshold=>"2",
|
|
1044
1035
|
:UnhealthThreshold=>"3",
|
|
1045
1036
|
:Interval=>"5",
|
|
@@ -1053,7 +1044,7 @@ module Vcloud
|
|
|
1053
1044
|
:HealthCheckPort=>"",
|
|
1054
1045
|
:HealthCheck=>{
|
|
1055
1046
|
:Mode=>"TCP",
|
|
1056
|
-
:Uri=>"",
|
|
1047
|
+
:Uri=>"/",
|
|
1057
1048
|
:HealthThreshold=>"2",
|
|
1058
1049
|
:UnhealthThreshold=>"3",
|
|
1059
1050
|
:Interval=>"5",
|
|
@@ -129,6 +129,48 @@ module Vcloud
|
|
|
129
129
|
expect(validator.valid?).to be_true
|
|
130
130
|
end
|
|
131
131
|
|
|
132
|
+
it "should validate ok if an empty pool service section is provided" do
|
|
133
|
+
input = {
|
|
134
|
+
pools: [
|
|
135
|
+
{
|
|
136
|
+
name: 'pool entry 1',
|
|
137
|
+
service: {
|
|
138
|
+
http: {},
|
|
139
|
+
},
|
|
140
|
+
members: [
|
|
141
|
+
{ ip_address: "192.2.0.40" },
|
|
142
|
+
{ ip_address: "192.2.0.41" },
|
|
143
|
+
]
|
|
144
|
+
},
|
|
145
|
+
],
|
|
146
|
+
}
|
|
147
|
+
validator = ConfigValidator.validate(:base, input, Vcloud::Schema::LOAD_BALANCER_SERVICE)
|
|
148
|
+
expect(validator.errors).to eq([])
|
|
149
|
+
expect(validator.valid?).to be_true
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
it "should validate ok if an empty virtual_server service_profile section is provided" do
|
|
153
|
+
input = {
|
|
154
|
+
pools: [{
|
|
155
|
+
name: 'pool-1',
|
|
156
|
+
service: { http: {} },
|
|
157
|
+
members: [ { ip_address: '10.10.10.10' } ],
|
|
158
|
+
}],
|
|
159
|
+
virtual_servers: [
|
|
160
|
+
{
|
|
161
|
+
name: 'virtual_server entry 1',
|
|
162
|
+
ip_address: "192.2.0.40",
|
|
163
|
+
network: "TestNetwork",
|
|
164
|
+
service_profiles: { http: {} },
|
|
165
|
+
pool: "pool-1",
|
|
166
|
+
},
|
|
167
|
+
],
|
|
168
|
+
}
|
|
169
|
+
validator = ConfigValidator.validate(:base, input, Vcloud::Schema::LOAD_BALANCER_SERVICE)
|
|
170
|
+
expect(validator.errors).to eq([])
|
|
171
|
+
expect(validator.valid?).to be_true
|
|
172
|
+
end
|
|
173
|
+
|
|
132
174
|
it "should be ok if no pools are specified" do
|
|
133
175
|
input = {
|
|
134
176
|
virtual_servers: []
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: vcloud-edge_gateway
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.2
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2014-
|
|
12
|
+
date: 2014-03-07 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: fog
|
|
@@ -220,7 +220,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
220
220
|
version: '0'
|
|
221
221
|
segments:
|
|
222
222
|
- 0
|
|
223
|
-
hash:
|
|
223
|
+
hash: 4166614673467124064
|
|
224
224
|
requirements: []
|
|
225
225
|
rubyforge_project:
|
|
226
226
|
rubygems_version: 1.8.23
|