Setup gateway host in cloud provider (only DigitalOcean supported for the moment) with ipsec
(libreswan) and openvpn
(pritunl).
IPsec configuration sample could be found here.
Pritunl should be configured manually (because of API documentation absence).
Pritunl server adds NAT masquerading for routes by default, this can be disabled by direct MongoDB update:
use pritunl
db.servers.updateOne(
{ _id : ObjectId("<ID>") },
{ $set : { "routes.<INDEX>.nat" : false } }
)
ansible-galaxy install -r requirements.yaml
pip install -r requirements.txt
ansible-playbook -i <inventory> site.yaml
Only IPsec/BGP connectivity is testing.
- Install Vagrant: https://www.vagrantup.com/docs/installation;
- Install VirtualBox: https://www.virtualbox.org/wiki/Downloads;
- Run tests:
./tests/start
; - Play with created IPsec configuration;
- Destroy test environment:
./tests/stop
.
Vagrant | Ansible (Core) | VirtualBox | CentOS |
---|---|---|---|
2.2.15 | 4.2.0 (2.11.5) | 6.1.26 | 7.8.2003 |
2.2.3 | 2.7.5 | 5.2.22 | 7.6.1810 |