Merge pull request #277 from calcium-machine/develop-catapult

Enable private networking for all droplets and split out ip and ip_pr…
devopsgroup-io · Sep 15, 2015 · 8077bc2 · 8077bc2
2 parents 422caab + 9673ede
commit 8077bc2
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 9 deletions.
diff --git a/VERSION.yml b/VERSION.yml
@@ -1 +1 @@
-version: 1.7.3
+version: 1.7.4
diff --git a/Vagrantfile b/Vagrantfile
@@ -636,13 +636,22 @@ configuration["environments"].each do |environment,data|
     droplet = @api_digitalocean["droplets"].find { |element| element['name'] == "#{configuration["company"]["name"].downcase}-#{environment}-redhat" }
     # if redhat digitalocean droplet has been created
     if droplet != nil
+      droplet_ip = droplet["networks"]["v4"].find { |element| element["type"] == "public" }
+      droplet_ip_private = droplet["networks"]["v4"].find { |element| element["type"] == "private" }
       puts " * DigitalOcean droplet #{configuration["company"]["name"].downcase}-#{environment}-redhat has been found."
       puts "   - [status] #{droplet["status"]} [memory] #{droplet["size"]["memory"]} [vcpus] #{droplet["size"]["vcpus"]} [disk] #{droplet["size"]["disk"]} [$/month] $#{droplet["size"]["price_monthly"]}"
       puts "   - [created] #{droplet["created_at"]} [slug] #{droplet["size"]["slug"]} [region] #{droplet["region"]["name"]} [kernel] #{droplet["kernel"]["name"]}"
-      puts "   - [ipv4] #{droplet["networks"]["v4"].first["ip_address"]} [ipv6] #{droplet["networks"]["v6"].first["ip_address"]}"
-      # get ip address and write to secrets/configuration.yml
-      unless configuration["environments"]["#{environment}"]["servers"]["redhat"]["ip"] == droplet["networks"]["v4"].first["ip_address"]
-        configuration["environments"]["#{environment}"]["servers"]["redhat"]["ip"] = droplet["networks"]["v4"].first["ip_address"]
+      puts "   - [ipv4_public] #{droplet_ip["ip_address"]} [ipv4_private] #{droplet_ip_private["ip_address"]}"
+      # get public ip address and write to secrets/configuration.yml
+      unless configuration["environments"]["#{environment}"]["servers"]["redhat"]["ip"] == "#{droplet_ip["ip_address"]}"
+        configuration["environments"]["#{environment}"]["servers"]["redhat"]["ip"] = "#{droplet_ip["ip_address"]}"
+        `gpg --verbose --batch --yes --passphrase "#{configuration_user["settings"]["gpg_key"]}" --output secrets/configuration.yml --decrypt secrets/configuration.yml.gpg`
+        File.open('secrets/configuration.yml', 'w') {|f| f.write configuration.to_yaml }
+        `gpg --verbose --batch --yes --passphrase "#{configuration_user["settings"]["gpg_key"]}" --output secrets/configuration.yml.gpg --armor --cipher-algo AES256 --symmetric secrets/configuration.yml`
+      end
+      # get private ip address and write to secrets/configuration.yml
+      unless configuration["environments"]["#{environment}"]["servers"]["redhat"]["ip_private"] == "#{droplet_ip_private["ip_address"]}"
+        configuration["environments"]["#{environment}"]["servers"]["redhat"]["ip_private"] = "#{droplet_ip_private["ip_address"]}"
         `gpg --verbose --batch --yes --passphrase "#{configuration_user["settings"]["gpg_key"]}" --output secrets/configuration.yml --decrypt secrets/configuration.yml.gpg`
         File.open('secrets/configuration.yml', 'w') {|f| f.write configuration.to_yaml }
         `gpg --verbose --batch --yes --passphrase "#{configuration_user["settings"]["gpg_key"]}" --output secrets/configuration.yml.gpg --armor --cipher-algo AES256 --symmetric secrets/configuration.yml`
@@ -667,13 +676,22 @@ configuration["environments"].each do |environment,data|
     droplet = @api_digitalocean["droplets"].find { |element| element['name'] == "#{configuration["company"]["name"].downcase}-#{environment}-redhat-mysql" }
     # if redhat_mysql digitalocean droplet has been created
     if droplet != nil
+      droplet_ip = droplet["networks"]["v4"].find { |element| element["type"] == "public" }
+      droplet_ip_private = droplet["networks"]["v4"].find { |element| element["type"] == "private" }
       puts " * DigitalOcean droplet #{configuration["company"]["name"].downcase}-#{environment}-redhat_mysql has been found."
       puts "   - [status] #{droplet["status"]} [memory] #{droplet["size"]["memory"]} [vcpus] #{droplet["size"]["vcpus"]} [disk] #{droplet["size"]["disk"]} [$/month] $#{droplet["size"]["price_monthly"]}"
       puts "   - [created] #{droplet["created_at"]} [slug] #{droplet["size"]["slug"]} [region] #{droplet["region"]["name"]} [kernel] #{droplet["kernel"]["name"]}"
-      puts "   - [ipv4] #{droplet["networks"]["v4"].first["ip_address"]} [ipv6] #{droplet["networks"]["v6"].first["ip_address"]}"
-      # get ip address and write to secrets/configuration.yml
-      unless configuration["environments"]["#{environment}"]["servers"]["redhat_mysql"]["ip"] == droplet["networks"]["v4"].first["ip_address"]
-        configuration["environments"]["#{environment}"]["servers"]["redhat_mysql"]["ip"] = droplet["networks"]["v4"].first["ip_address"]
+      puts "   - [ipv4_public] #{droplet_ip["ip_address"]} [ipv4_private] #{droplet_ip_private["ip_address"]}"
+      # get public ip address and write to secrets/configuration.yml
+      unless configuration["environments"]["#{environment}"]["servers"]["redhat_mysql"]["ip"] == "#{droplet_ip["ip_address"]}"
+        configuration["environments"]["#{environment}"]["servers"]["redhat_mysql"]["ip"] = "#{droplet_ip["ip_address"]}"
+        `gpg --verbose --batch --yes --passphrase "#{configuration_user["settings"]["gpg_key"]}" --output secrets/configuration.yml --decrypt secrets/configuration.yml.gpg`
+        File.open('secrets/configuration.yml', 'w') {|f| f.write configuration.to_yaml }
+        `gpg --verbose --batch --yes --passphrase "#{configuration_user["settings"]["gpg_key"]}" --output secrets/configuration.yml.gpg --armor --cipher-algo AES256 --symmetric secrets/configuration.yml`
+      end
+      # get private ip address and write to secrets/configuration.yml
+      unless configuration["environments"]["#{environment}"]["servers"]["redhat_mysql"]["ip_private"] == "#{droplet_ip_private["ip_address"]}"
+        configuration["environments"]["#{environment}"]["servers"]["redhat_mysql"]["ip_private"] = "#{droplet_ip_private["ip_address"]}"
         `gpg --verbose --batch --yes --passphrase "#{configuration_user["settings"]["gpg_key"]}" --output secrets/configuration.yml --decrypt secrets/configuration.yml.gpg`
         File.open('secrets/configuration.yml', 'w') {|f| f.write configuration.to_yaml }
         `gpg --verbose --batch --yes --passphrase "#{configuration_user["settings"]["gpg_key"]}" --output secrets/configuration.yml.gpg --armor --cipher-algo AES256 --symmetric secrets/configuration.yml`
@@ -1429,6 +1447,7 @@ Vagrant.configure("2") do |config|
       provider.region = "nyc3"
       provider.size = "#{configuration["environments"]["test"]["servers"]["redhat"]["slug"]}"
       provider.ipv6 = true
+      provider.private_networking = true
       provider.backups_enabled = true
     end
     config.vm.synced_folder ".", "/vagrant", disabled: true
@@ -1462,6 +1481,7 @@ Vagrant.configure("2") do |config|
       provider.region = "nyc3"
       provider.size = "#{configuration["environments"]["qc"]["servers"]["redhat"]["slug"]}"
       provider.ipv6 = true
+      provider.private_networking = true
       provider.backups_enabled = true
     end
     config.vm.synced_folder ".", "/vagrant", disabled: true
@@ -1495,6 +1515,7 @@ Vagrant.configure("2") do |config|
       provider.region = "nyc3"
       provider.size = "#{configuration["environments"]["production"]["servers"]["redhat"]["slug"]}"
       provider.ipv6 = true
+      provider.private_networking = true
       provider.backups_enabled = true
     end
     config.vm.synced_folder ".", "/vagrant", disabled: true

diff --git a/secrets/configuration.yml.template b/secrets/configuration.yml.template
@@ -47,9 +47,11 @@ environments:
     servers:
       redhat:
         ip:
+        ip_private:
         slug: 512mb
       redhat_mysql:
         ip:
+        ip_private:
         slug: 512mb
         mysql:
           user: test
@@ -65,9 +67,11 @@ environments:
     servers:
       redhat:
         ip:
+        ip_private:
         slug: 512mb
       redhat_mysql:
         ip:
+        ip_private:
         slug: 512mb
         mysql:
           user: qc
@@ -83,9 +87,11 @@ environments:
     servers:
       redhat:
         ip:
+        ip_private:
         slug: 512mb
       redhat_mysql:
         ip:
+        ip_private:
         slug: 512mb
         mysql:
           user: production