Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VPN for VPC: Customer should be able to recover their gateway or server from an unhealthy status #200

Closed
wants to merge 3 commits into from
Closed

VPN for VPC: Customer should be able to recover their gateway or server from an unhealthy status #200

wants to merge 3 commits into from

Conversation

deepaksibm
Copy link
Collaborator

@deepaksibm deepaksibm commented Nov 17, 2022
edited by SunithaGudisagarIBM1
Loading

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Relates OR Closes #0000

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccXXX'

...

resource "ibm_is_vpc" "testacc_vpc2" {
  name = "tfp-vpc-sunitha"
}

resource "ibm_is_subnet" "testacc_subnet2" {
  name            = "tfp-subnet-sunitha"
  vpc             = ibm_is_vpc.testacc_vpc2.id
  zone            = "us-south-1"
  ipv4_cidr_block = "10.240.0.0/24"
}

resource "ibm_is_vpc" "testacc_vpc1" {
  name = "tfp-vpc-sunitha-1"
}

resource "ibm_is_subnet" "testacc_subnet1" {
  name            = "tfp-subnet-sunitha-2"
  vpc             = ibm_is_vpc.testacc_vpc1.id
  zone            = "us-south-1"
  ipv4_cidr_block = "10.240.0.0/24"
}

resource "ibm_is_vpn_gateway" "testacc_VPNGateway2" {
  name   = "tfp-vpn-gateway-sunitha"
  subnet = ibm_is_subnet.testacc_subnet2.id
  mode   = "policy"
}
resource "ibm_is_vpn_gateway_connection" "testacc_VPNGatewayConnection2" {
  name          = "tfp-vpn-gateway-connection-sunitha"
  vpn_gateway   = ibm_is_vpn_gateway.testacc_VPNGateway2.id
  peer_address  = ibm_is_vpn_gateway.testacc_VPNGateway2.public_ip_address
  preshared_key = "VPNDemoPassword"
  local_cidrs   = ["${ibm_is_subnet.testacc_subnet2.ipv4_cidr_block}"]
  peer_cidrs    = ["${ibm_is_subnet.testacc_subnet1.ipv4_cidr_block}"]

}

data "ibm_is_vpn_gateway_connections" "test1" {
  vpn_gateway = ibm_is_vpn_gateway.testacc_VPNGateway2.id
}

data "ibm_is_vpn_gateway_connection" "example3" {
  vpn_gateway_name            = ibm_is_vpn_gateway.testacc_VPNGateway2.name
  vpn_gateway_connection_name = ibm_is_vpn_gateway_connection.testacc_VPNGatewayConnection2.name
}

data "ibm_is_vpn_gateway" "example-name" {
  depends_on = [
    ibm_is_vpn_gateway_connection.testacc_VPNGatewayConnection2
  ]
  vpn_gateway_name = ibm_is_vpn_gateway.testacc_VPNGateway2.name
}

data "ibm_is_vpn_gateways" "ibm_is_vpn_gateway_all" {

}

@deepaksibm deepaksibm marked this pull request as ready for review November 30, 2022 04:19
@deepaksibm deepaksibm changed the title Vpn server action VPN for VPC: Customer should be able to recover their gateway or server from an unhealthy status Dec 16, 2022
@SunithaGudisagarIBM1
Copy link
Collaborator

Screenshot 2023-06-14 at 8 43 38 PM Screenshot 2023-06-14 at 8 43 56 PM Screenshot 2023-06-14 at 8 45 06 PM Screenshot 2023-06-14 at 8 45 18 PM Screenshot 2023-06-14 at 8 45 29 PM Screenshot 2023-06-14 at 8 45 42 PM

@SunithaGudisagarIBM1
Copy link
Collaborator

Tested in "ibm_is_vpn_gateway" PROD ENV as well with the below configuration..


resource "ibm_is_vpc" "testacc_vpc2" {
  name = "tfp-vpc-sunitha"
}

resource "ibm_is_subnet" "testacc_subnet2" {
  name            = "tfp-subnet-sunitha"
  vpc             = ibm_is_vpc.testacc_vpc2.id
  zone            = "us-south-1"
  ipv4_cidr_block = "10.240.0.0/24"
}

resource "ibm_is_vpc" "testacc_vpc1" {
  name = "tfp-vpc-sunitha-1"
}

resource "ibm_is_subnet" "testacc_subnet1" {
  name            = "tfp-subnet-sunitha-2"
  vpc             = ibm_is_vpc.testacc_vpc1.id
  zone            = "us-south-1"
  ipv4_cidr_block = "10.240.0.0/24"
}

resource "ibm_is_vpn_gateway" "testacc_VPNGateway2" {
  name   = "tfp-vpn-gateway-sunitha"
  subnet = ibm_is_subnet.testacc_subnet2.id
  mode   = "policy"
}
resource "ibm_is_vpn_gateway_connection" "testacc_VPNGatewayConnection2" {
  name          = "tfp-vpn-gateway-connection-sunitha"
  vpn_gateway   = ibm_is_vpn_gateway.testacc_VPNGateway2.id
  peer_address  = ibm_is_vpn_gateway.testacc_VPNGateway2.public_ip_address
  preshared_key = "VPNDemoPassword"
  local_cidrs   = ["${ibm_is_subnet.testacc_subnet2.ipv4_cidr_block}"]
  peer_cidrs    = ["${ibm_is_subnet.testacc_subnet1.ipv4_cidr_block}"]

}

data "ibm_is_vpn_gateway_connections" "test1" {
  vpn_gateway = ibm_is_vpn_gateway.testacc_VPNGateway2.id
}

data "ibm_is_vpn_gateway_connection" "example3" {
  vpn_gateway_name            = ibm_is_vpn_gateway.testacc_VPNGateway2.name
  vpn_gateway_connection_name = ibm_is_vpn_gateway_connection.testacc_VPNGatewayConnection2.name
}

data "ibm_is_vpn_gateway" "example-name" {
  depends_on = [
    ibm_is_vpn_gateway_connection.testacc_VPNGatewayConnection2
  ]
  vpn_gateway_name = ibm_is_vpn_gateway.testacc_VPNGateway2.name
}

data "ibm_is_vpn_gateways" "ibm_is_vpn_gateway_all" {

}

@SunithaGudisagarIBM1
Copy link
Collaborator

Tested VPN Server in prod env

resource "ibm_is_vpc" "testacc_vpc" {
  name = "tfp-vpc-sunitha"
}

resource "ibm_is_subnet" "testacc_subnet-1" {
  name            = "tfp-subnet-sunitha"
  vpc             = ibm_is_vpc.testacc_vpc.id
  zone            = "us-south-1"
  ipv4_cidr_block = "10.240.0.0/24"
}

resource "ibm_is_vpn_server" "is_vpn_server" {
  certificate_crn = "crn:v1:bluemix:public:secrets-manager:us-south:a/1431ea2a7958ad20f0fee592ff85f746:2f504783-548b-4a8e-85ba-6a8df9c62a1f:secret:02e468cc-4d04-a489-fee7-321076e1edd5"
  client_authentication {
    method        = "certificate"
    client_ca_crn = "crn:v1:bluemix:public:secrets-manager:us-south:a/1431ea2a7958ad20f0fee592ff85f746:2f504783-548b-4a8e-85ba-6a8df9c62a1f:secret:a4d68b7c-cb92-6b35-f1d4-c7b6c339e3ff"
  }
  client_ip_pool         = "10.5.0.0/21"
  subnets                = [ibm_is_subnet.testacc_subnet-1.id]
  client_dns_server_ips  = ["192.168.3.4"]
  client_idle_timeout    = 600
  enable_split_tunneling = true
  name                   = "tfp-vpn-server-sunitha"
  port                   = 8082
  protocol               = "udp"
}

resource "ibm_is_vpn_server_route" "is_vpn_server_route" {
  vpn_server  = ibm_is_vpn_server.is_vpn_server.id
  destination = "172.16.0.0/16"
  action      = "translate"
  name        = "tfp-sunitha-vpn-server-route"
}

data "ibm_is_vpn_server_route" "is_vpn_server_route" {
  vpn_server = ibm_is_vpn_server_route.is_vpn_server_route.vpn_server
  identifier = ibm_is_vpn_server_route.is_vpn_server_route.vpn_route
}
data "ibm_is_vpn_server_routes" "is_vpn_server_routes" {
  vpn_server = ibm_is_vpn_server_route.is_vpn_server_route.vpn_server
}
data "ibm_is_vpn_server" "is_vpn_server" {
  identifier = ibm_is_vpn_server.is_vpn_server.id
}
data "ibm_is_vpn_servers" "is_vpn_servers" {
}
Screenshot 2023-06-15 at 7 10 43 PM Screenshot 2023-06-15 at 7 13 26 PM Screenshot 2023-06-15 at 7 41 08 PM Screenshot 2023-06-15 at 7 41 33 PM Screenshot 2023-06-15 at 7 41 39 PM Screenshot 2023-06-15 at 7 41 47 PM

@SunithaGudisagarIBM1
Copy link
Collaborator

Creating upstream PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@deepaksibm @SunithaGudisagarIBM1