17fcf7d946
* cloudstack: new module cs_vpn_customer_gateway * fix example is not a yaml * add missing alias * use case insensitve for name
208 lines
5.9 KiB
YAML
208 lines
5.9 KiB
YAML
---
|
|
- name: setup vpn customer gateway absent
|
|
cs_vpn_customer_gateway:
|
|
name: ansible_vpn_customer_gw
|
|
state: absent
|
|
register: vcg
|
|
- name: verify setup vpn customer gateway absent
|
|
assert:
|
|
that:
|
|
- vcg is successful
|
|
|
|
- name: test create vpn customer gateway in check mode
|
|
cs_vpn_customer_gateway:
|
|
name: ansible_vpn_customer_gw
|
|
cidr: 192.168.123.0/24
|
|
esp_policy: aes256-sha1;modp1536
|
|
gateway: 10.10.0.1
|
|
ike_policy: aes256-sha1;modp1536
|
|
ipsec_psk: ~S3¢r3Tk3Y¼
|
|
esp_lifetime: 3600
|
|
check_mode: true
|
|
register: vcg
|
|
- name: verify test create vpn customer gateway in check mode
|
|
assert:
|
|
that:
|
|
- vcg is changed
|
|
|
|
- name: test create vpn customer gateway
|
|
cs_vpn_customer_gateway:
|
|
name: ansible_vpn_customer_gw
|
|
cidr: 192.168.123.0/24
|
|
esp_policy: aes256-sha1;modp1536
|
|
gateway: 10.10.0.1
|
|
ike_policy: aes256-sha1;modp1536
|
|
ipsec_psk: ~S3¢r3Tk3Y¼
|
|
esp_lifetime: 3600
|
|
register: vcg
|
|
- name: verify test create vpn customer gateway
|
|
assert:
|
|
that:
|
|
- vcg is changed
|
|
- "vcg.cidrs == ['192.168.123.0/24']"
|
|
- vcg.dpd == false
|
|
- vcg.esp_lifetime == 3600
|
|
- vcg.esp_policy == 'aes256-sha1;modp1536'
|
|
- vcg.force_encap == false
|
|
- vcg.ike_policy == 'aes256-sha1;modp1536'
|
|
- vcg.gateway == '10.10.0.1'
|
|
- vcg.name == 'ansible_vpn_customer_gw'
|
|
- vcg.ike_lifetime == 86400
|
|
|
|
- name: test create vpn customer gateway idempotency
|
|
cs_vpn_customer_gateway:
|
|
name: ansible_vpn_customer_gw
|
|
cidr: 192.168.123.0/24
|
|
esp_policy: aes256-sha1;modp1536
|
|
gateway: 10.10.0.1
|
|
ike_policy: aes256-sha1;modp1536
|
|
ipsec_psk: ~S3¢r3Tk3Y¼
|
|
esp_lifetime: 3600
|
|
register: vcg
|
|
- name: verify test create vpn customer gateway idempotency
|
|
assert:
|
|
that:
|
|
- vcg is not changed
|
|
- "vcg.cidrs == ['192.168.123.0/24']"
|
|
- vcg.dpd == false
|
|
- vcg.esp_lifetime == 3600
|
|
- vcg.esp_policy == 'aes256-sha1;modp1536'
|
|
- vcg.force_encap == false
|
|
- vcg.ike_policy == 'aes256-sha1;modp1536'
|
|
- vcg.gateway == '10.10.0.1'
|
|
- vcg.name == 'ansible_vpn_customer_gw'
|
|
- vcg.ike_lifetime == 86400
|
|
|
|
- name: test update vpn customer gateway in check mode
|
|
cs_vpn_customer_gateway:
|
|
name: ansible_vpn_customer_gw
|
|
cidrs:
|
|
- 192.168.123.0/24
|
|
- 192.168.124.0/24
|
|
esp_policy: aes256-sha1;modp1536
|
|
gateway: 10.10.1.1
|
|
ike_policy: aes256-sha1;modp1536
|
|
ipsec_psk: ~S3¢r3Tk3Y@
|
|
esp_lifetime: 1800
|
|
ike_lifetime: 23200
|
|
force_encap: true
|
|
check_mode: true
|
|
register: vcg
|
|
- name: verify test update vpn customer gateway in check mode
|
|
assert:
|
|
that:
|
|
- vcg is changed
|
|
- "vcg.cidrs == ['192.168.123.0/24']"
|
|
- vcg.dpd == false
|
|
- vcg.esp_lifetime == 3600
|
|
- vcg.esp_policy == 'aes256-sha1;modp1536'
|
|
- vcg.force_encap == false
|
|
- vcg.ike_policy == 'aes256-sha1;modp1536'
|
|
- vcg.gateway == '10.10.0.1'
|
|
- vcg.name == 'ansible_vpn_customer_gw'
|
|
- vcg.ike_lifetime == 86400
|
|
|
|
- name: test update vpn customer gateway
|
|
cs_vpn_customer_gateway:
|
|
name: ansible_vpn_customer_gw
|
|
cidrs:
|
|
- 192.168.123.0/24
|
|
- 192.168.124.0/24
|
|
esp_policy: aes256-sha1;modp1536
|
|
gateway: 10.10.1.1
|
|
ike_policy: aes256-sha1;modp1536
|
|
ipsec_psk: ~S3¢r3Tk3Y@
|
|
esp_lifetime: 1800
|
|
ike_lifetime: 23200
|
|
force_encap: true
|
|
register: vcg
|
|
- name: verify test update vpn customer gateway
|
|
assert:
|
|
that:
|
|
- vcg is changed
|
|
- "vcg.cidrs == ['192.168.123.0/24', '192.168.124.0/24']"
|
|
- vcg.dpd == false
|
|
- vcg.esp_lifetime == 1800
|
|
- vcg.esp_policy == 'aes256-sha1;modp1536'
|
|
- vcg.force_encap == true
|
|
- vcg.ike_policy == 'aes256-sha1;modp1536'
|
|
- vcg.gateway == '10.10.1.1'
|
|
- vcg.name == 'ansible_vpn_customer_gw'
|
|
- vcg.ike_lifetime == 23200
|
|
|
|
- name: test update vpn customer gateway idempotence
|
|
cs_vpn_customer_gateway:
|
|
name: ansible_vpn_customer_gw
|
|
cidrs:
|
|
- 192.168.123.0/24
|
|
- 192.168.124.0/24
|
|
esp_policy: aes256-sha1;modp1536
|
|
gateway: 10.10.1.1
|
|
ike_policy: aes256-sha1;modp1536
|
|
ipsec_psk: ~S3¢r3Tk3Y@
|
|
esp_lifetime: 1800
|
|
ike_lifetime: 23200
|
|
force_encap: true
|
|
register: vcg
|
|
- name: verify test update vpn customer gateway idempotence
|
|
assert:
|
|
that:
|
|
- vcg is not changed
|
|
- "vcg.cidrs == ['192.168.123.0/24', '192.168.124.0/24']"
|
|
- vcg.dpd == false
|
|
- vcg.esp_lifetime == 1800
|
|
- vcg.esp_policy == 'aes256-sha1;modp1536'
|
|
- vcg.force_encap == true
|
|
- vcg.ike_policy == 'aes256-sha1;modp1536'
|
|
- vcg.gateway == '10.10.1.1'
|
|
- vcg.name == 'ansible_vpn_customer_gw'
|
|
- vcg.ike_lifetime == 23200
|
|
|
|
- name: test remove vpn customer gateway in check mode
|
|
cs_vpn_customer_gateway:
|
|
name: ansible_vpn_customer_gw
|
|
state: absent
|
|
check_mode: true
|
|
register: vcg
|
|
- name: verify test remove vpn customer gateway in check mode
|
|
assert:
|
|
that:
|
|
- vcg is changed
|
|
- "vcg.cidrs == ['192.168.123.0/24', '192.168.124.0/24']"
|
|
- vcg.dpd == false
|
|
- vcg.esp_lifetime == 1800
|
|
- vcg.esp_policy == 'aes256-sha1;modp1536'
|
|
- vcg.force_encap == true
|
|
- vcg.ike_policy == 'aes256-sha1;modp1536'
|
|
- vcg.gateway == '10.10.1.1'
|
|
- vcg.name == 'ansible_vpn_customer_gw'
|
|
- vcg.ike_lifetime == 23200
|
|
|
|
- name: test remove vpn customer gateway
|
|
cs_vpn_customer_gateway:
|
|
name: ansible_vpn_customer_gw
|
|
state: absent
|
|
register: vcg
|
|
- name: verify test remove vpn customer gateway
|
|
assert:
|
|
that:
|
|
- vcg is changed
|
|
- "vcg.cidrs == ['192.168.123.0/24', '192.168.124.0/24']"
|
|
- vcg.dpd == false
|
|
- vcg.esp_lifetime == 1800
|
|
- vcg.esp_policy == 'aes256-sha1;modp1536'
|
|
- vcg.force_encap == true
|
|
- vcg.ike_policy == 'aes256-sha1;modp1536'
|
|
- vcg.gateway == '10.10.1.1'
|
|
- vcg.name == 'ansible_vpn_customer_gw'
|
|
- vcg.ike_lifetime == 23200
|
|
|
|
- name: test remove vpn customer gateway idempotence
|
|
cs_vpn_customer_gateway:
|
|
name: ansible_vpn_customer_gw
|
|
state: absent
|
|
register: vcg
|
|
- name: verify test remove vpn customer gateway idempotence
|
|
assert:
|
|
that:
|
|
- vcg is not changed
|