201 lines
5.1 KiB
YAML
201 lines
5.1 KiB
YAML
|
---
|
||
|
- name: setup vpc
|
||
|
cs_vpc:
|
||
|
name: my_vpc
|
||
|
display_text: my_vpc
|
||
|
cidr: 10.10.1.0/16
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
register: vpc
|
||
|
- name: verify setup vpc
|
||
|
assert:
|
||
|
that:
|
||
|
- vpc is successful
|
||
|
|
||
|
- name: setup customer gateway
|
||
|
cs_vpn_customer_gateway:
|
||
|
name: my_vpn_customer_gateway
|
||
|
cidr: 192.168.123.0/24
|
||
|
esp_policy: aes256-sha1;modp1536
|
||
|
gateway: 10.11.1.1
|
||
|
ike_policy: aes256-sha1;modp1536
|
||
|
ipsec_psk: ~S3¢r3Tk3Y¼
|
||
|
esp_lifetime: 3600
|
||
|
register: vcg
|
||
|
- name: setup customer gateway
|
||
|
assert:
|
||
|
that:
|
||
|
- vcg is successful
|
||
|
|
||
|
- name: setup remove vpn connection
|
||
|
cs_vpn_connection:
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
state: absent
|
||
|
register: vpn_conn
|
||
|
- name: verify setup remove vpn connection
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is successful
|
||
|
|
||
|
- name: setup vpn gateway absent
|
||
|
cs_vpn_gateway:
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
state: absent
|
||
|
register: vpn_gateway
|
||
|
- name: verify setup vpn gateway absent
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_gateway is successful
|
||
|
|
||
|
- name: test fail create vpn connection without gateway and force
|
||
|
cs_vpn_connection:
|
||
|
vpn_customer_gateway: my_vpn_customer_gateway
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
ignore_errors: yes
|
||
|
register: vpn_conn
|
||
|
- name: verify test fail create vpn connection without gateway and force
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is failed
|
||
|
- vpn_conn.msg == "VPN gateway not found and not forced to create one"
|
||
|
|
||
|
- name: test create vpn connection with force in check mode
|
||
|
cs_vpn_connection:
|
||
|
vpn_customer_gateway: my_vpn_customer_gateway
|
||
|
vpc: my_vpc
|
||
|
force: yes
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
check_mode: yes
|
||
|
register: vpn_conn
|
||
|
- name: verify test create vpn connection with force in check mode
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is changed
|
||
|
|
||
|
- name: test create vpn connection with force
|
||
|
cs_vpn_connection:
|
||
|
vpn_customer_gateway: my_vpn_customer_gateway
|
||
|
vpc: my_vpc
|
||
|
force: yes
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
register: vpn_conn
|
||
|
- name: verify test create vpn connection with force
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is changed
|
||
|
- vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway"
|
||
|
- vpn_conn.vpc == "my_vpc"
|
||
|
|
||
|
- name: test create vpn connection with force idempotence
|
||
|
cs_vpn_connection:
|
||
|
vpn_customer_gateway: my_vpn_customer_gateway
|
||
|
vpc: my_vpc
|
||
|
force: yes
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
register: vpn_conn
|
||
|
- name: verify test create vpn connection with force idempotence
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is not changed
|
||
|
- vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway"
|
||
|
- vpn_conn.vpc == "my_vpc"
|
||
|
|
||
|
- name: test remove vpn connection in check mode
|
||
|
cs_vpn_connection:
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
state: absent
|
||
|
check_mode: yes
|
||
|
register: vpn_conn
|
||
|
- name: verify test remove vpn connection in check mode
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is changed
|
||
|
- vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway"
|
||
|
- vpn_conn.vpc == "my_vpc"
|
||
|
|
||
|
- name: test remove vpn connection
|
||
|
cs_vpn_connection:
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
state: absent
|
||
|
register: vpn_conn
|
||
|
- name: verify test remove vpn connection
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is changed
|
||
|
- vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway"
|
||
|
- vpn_conn.vpc == "my_vpc"
|
||
|
|
||
|
- name: test remove vpn connection idempotence
|
||
|
cs_vpn_connection:
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
state: absent
|
||
|
register: vpn_conn
|
||
|
- name: verify test remove vpn connection idempotence
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is not changed
|
||
|
|
||
|
- name: setup create vpn gateway
|
||
|
cs_vpn_gateway:
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
register: vpn_gateway
|
||
|
- name: verify setup create vpn gateway
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_gateway is success
|
||
|
|
||
|
- name: test create vpn connection without force in check mode
|
||
|
cs_vpn_connection:
|
||
|
vpn_customer_gateway: my_vpn_customer_gateway
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
check_mode: yes
|
||
|
register: vpn_conn
|
||
|
- name: verify test create vpn connection without force in check mode
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is changed
|
||
|
|
||
|
- name: test create vpn connection without force
|
||
|
cs_vpn_connection:
|
||
|
vpn_customer_gateway: my_vpn_customer_gateway
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
register: vpn_conn
|
||
|
- name: verify test create vpn connection without force
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is changed
|
||
|
- vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway"
|
||
|
- vpn_conn.vpc == "my_vpc"
|
||
|
|
||
|
- name: test create vpn connection without force
|
||
|
cs_vpn_connection:
|
||
|
vpn_customer_gateway: my_vpn_customer_gateway
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
register: vpn_conn
|
||
|
- name: verify test create vpn connection without force
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is not changed
|
||
|
- vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway"
|
||
|
- vpn_conn.vpc == "my_vpc"
|
||
|
|
||
|
- name: cleanup remove vpn connection
|
||
|
cs_vpn_connection:
|
||
|
vpc: my_vpc
|
||
|
zone: "{{ cs_common_zone_adv }}"
|
||
|
state: absent
|
||
|
register: vpn_conn
|
||
|
- name: verify cleanup remove vpn connection idempotence
|
||
|
assert:
|
||
|
that:
|
||
|
- vpn_conn is successful
|