Vagrant - Workflow création de 2 boxs

Contexte :

Nous allons créer 2 boxs avec un réseau publique pour que les boxs soient joignables sur le réseau.

Création des boxs :

Création de l’environnement :

mkdir ~/.my_vagrant/demo2box
cd ~/.my_vagrant/demo2box

Création du Vagrantfile :

$ vi Vagrantfile 
# Script systeme pour avoir des infos des boxs
# il est variabilisé pour être réutilisé
$systemcmd = <<-SCRIPT
	echo "Infos machine :"
	hostname
	ip -4 addr sh eth1
	date
SCRIPT

Vagrant.configure("2") do |config|
#Déclaration de la box 1
	config.vm.define "vm1" do |vm1|
		vm1.vm.box = "centos/7"
		vm1.vm.hostname = 'vm1'
		vm1.vm.box_url = "centos/7"
		vm1.vm.network "public_network", bridge: "en0: Wi-Fi (AirPort)", auto_config: false
		vm1.vm.provision "shell", inline: $systemcmd
	end


#Déclaration de la box 2
	config.vm.define "vm2" do |vm2|
		vm2.vm.box = "centos/7"
		vm2.vm.hostname = 'vm2'
		vm2.vm.box_url = "centos/7"
		vm2.vm.network "public_network", bridge: "en0: Wi-Fi (AirPort)", auto_config: false
		vm2.vm.provision "shell", inline: $systemcmd    
	end
end

On a définit :

le type box : centos 7
le hostname de la VM
le pont entre le réseau publique Vagrant et l’interface réseau de l’hôte
un script post déploiement pour personnaliser la machine (ici donner des infos)

Déploiement des boxs :

$ vagrant up
Bringing machine 'vm1' up with 'virtualbox' provider...
Bringing machine 'vm2' up with 'virtualbox' provider...
==> vm1: Importing base box 'centos/7'...
==> vm1: Matching MAC address for NAT networking...
==> vm1: Checking if box 'centos/7' version '2004.01' is up to date...
==> vm1: Setting the name of the VM: demo2boxs_vm1_1627908909528_61845
==> vm1: Clearing any previously set network interfaces...
==> vm1: Preparing network interfaces based on configuration...
    vm1: Adapter 1: nat
    vm1: Adapter 2: bridged
==> vm1: Forwarding ports...
    vm1: 22 (guest) => 2222 (host) (adapter 1)
==> vm1: Booting VM...
==> vm1: Waiting for machine to boot. This may take a few minutes...
    vm1: SSH address: 127.0.0.1:2222
    vm1: SSH username: vagrant
    vm1: SSH auth method: private key
    vm1: 
    vm1: Vagrant insecure key detected. Vagrant will automatically replace
    vm1: this with a newly generated keypair for better security.
    vm1: 
    vm1: Inserting generated public key within guest...
    vm1: Removing insecure key from the guest if it's present...
    vm1: Key inserted! Disconnecting and reconnecting using new SSH key...
==> vm1: Machine booted and ready!
==> vm1: Checking for guest additions in VM...
    vm1: No guest additions were detected on the base box for this VM! Guest
    vm1: additions are required for forwarded ports, shared folders, host only
    vm1: networking, and more. If SSH fails on this machine, please install
    vm1: the guest additions and repackage the box to continue.
    vm1: 
    vm1: This is not an error message; everything may continue to work properly,
    vm1: in which case you may ignore this message.
==> vm1: Setting hostname...
==> vm1: Rsyncing folder: /home/alasta/.my_vagrant/demo2boxs/ => /vagrant
==> vm1: Running provisioner: shell...
    vm1: Running: inline script
    vm1: Infos machine :
    vm1: vm1
    vm1: 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    vm1:     inet 192.168.139.166/24 brd 192.168.139.255 scope global noprefixroute dynamic eth1
    vm1:        valid_lft 3597sec preferred_lft 3597sec
    vm1: Mon Aug  2 12:52:17 UTC 2021
==> vm2: Importing base box 'centos/7'...
==> vm2: Matching MAC address for NAT networking...
==> vm2: Checking if box 'centos/7' version '2004.01' is up to date...
==> vm2: Setting the name of the VM: demo2boxs_vm2_1627908942769_30142
==> vm2: Fixed port collision for 22 => 2222. Now on port 2200.
==> vm2: Clearing any previously set network interfaces...
==> vm2: Preparing network interfaces based on configuration...
    vm2: Adapter 1: nat
    vm2: Adapter 2: bridged
==> vm2: Forwarding ports...
    vm2: 22 (guest) => 2200 (host) (adapter 1)
==> vm2: Booting VM...
==> vm2: Waiting for machine to boot. This may take a few minutes...
    vm2: SSH address: 127.0.0.1:2200
    vm2: SSH username: vagrant
    vm2: SSH auth method: private key
    vm2: 
    vm2: Vagrant insecure key detected. Vagrant will automatically replace
    vm2: this with a newly generated keypair for better security.
    vm2: 
    vm2: Inserting generated public key within guest...
    vm2: Removing insecure key from the guest if it's present...
    vm2: Key inserted! Disconnecting and reconnecting using new SSH key...
==> vm2: Machine booted and ready!
==> vm2: Checking for guest additions in VM...
    vm2: No guest additions were detected on the base box for this VM! Guest
    vm2: additions are required for forwarded ports, shared folders, host only
    vm2: networking, and more. If SSH fails on this machine, please install
    vm2: the guest additions and repackage the box to continue.
    vm2: 
    vm2: This is not an error message; everything may continue to work properly,
    vm2: in which case you may ignore this message.
==> vm2: Setting hostname...
==> vm2: Rsyncing folder: /home/alasta/.my_vagrant/demo2boxs/ => /vagrant
==> vm2: Running provisioner: shell...
    vm2: Running: inline script
    vm2: Infos machine :
    vm2: vm2
    vm2: 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    vm2:     inet 192.168.139.241/24 brd 192.168.139.255 scope global noprefixroute dynamic eth1
    vm2:        valid_lft 3597sec preferred_lft 3597sec
    vm2: Mon Aug  2 12:52:51 UTC 2021

Note :

si une des boxs est déjà deployée, il ne déploiera que l’autre.
on aurait pu lancer un vagrant up vm2 pour ne lancer que le débploiement de vm2.

Afficher les boxs de notre environnement :

$ vagrant status
Current machine states:

vm1                       running (virtualbox)
vm2                       running (virtualbox)

This environment represents multiple VMs. The VMs are all listed
above with their current state. For more information about a specific
VM, run 'vagrant status NAME'.

Dans le cas d’une box arrêtée :

$ vagrant halt vm1
==> vm1: Attempting graceful shutdown of VM...


 $ vagrant status
Current machine states:

vm1                       poweroff (virtualbox)
vm2                       running (virtualbox)

This environment represents multiple VMs. The VMs are all listed
above with their current state. For more information about a specific
VM, run 'vagrant status NAME'.

Connexion shell à une box

$ vagrant ssh vm1

Note : quand il y a plusieurs boxs il faut précéiser la box sur laquelle on souhaite se connecter.

$ vagrant ssh-config > lab_ssh_config

$ ssh -F lab_ssh_config vm1
Last login: Mon Aug  2 14:05:12 2021 from 192.168.139.105
[vagrant@vm1 ~]$

Note : il est possible de modifier les IP et port dans le fichier de sortie du vagrant ssh-config pour utiliser l’IP de sont réseau publique (par défaut l’IP est localhost et le port > 2200).

Tests de connexions :

Récupération de l’IP de la box :

$ vagrant ssh vm1
Last login: Mon Aug  2 14:07:42 2021 from 10.0.2.2
[vagrant@vm1 ~]$ ip addr sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:00:4d:77:d3 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global noprefixroute dynamic eth0
       valid_lft 85152sec preferred_lft 85152sec
    inet6 fe80::5054:ff:fe4d:77d3/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:60:f2:25 brd ff:ff:ff:ff:ff:ff
    inet 192.168.139.166/24 brd 192.168.139.255 scope global noprefixroute dynamic eth1
       valid_lft 2353sec preferred_lft 2353sec
    inet6 fe80::47c3:3077:2ed0:74aa/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

Ici :

10.0.2.15 est l’IP privée, joignable qu’entre les 2 boxs
192.168.139.166 est l’IP publique joignable par “tout le monde”

Test de ping depuis vm2 :

[vagrant@vm2 ~]$ ping -c 2 10.0.2.15
PING 10.0.2.15 (10.0.2.15) 56(84) bytes of data.
64 bytes from 10.0.2.15: icmp_seq=1 ttl=64 time=0.022 ms
64 bytes from 10.0.2.15: icmp_seq=2 ttl=64 time=0.048 ms

--- 10.0.2.15 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.022/0.035/0.048/0.013 ms
[vagrant@vm2 ~]$ ping -c 2 192.168.139.166
PING 192.168.139.166 (192.168.139.166) 56(84) bytes of data.
64 bytes from 192.168.139.166: icmp_seq=1 ttl=64 time=0.881 ms
64 bytes from 192.168.139.166: icmp_seq=2 ttl=64 time=0.787 ms

--- 192.168.139.166 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.787/0.834/0.881/0.047 ms

Test de ping depuis la machine hôte

$ ping -c2 10.0.2.15
PING 10.0.2.15 (10.0.2.15): 56 data bytes
Request timeout for icmp_seq 0

--- 10.0.2.15 ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss

$ ping -c 2 192.168.139.166
PING 192.168.139.166 (192.168.139.166): 56 data bytes
64 bytes from 192.168.139.166: icmp_seq=0 ttl=64 time=0.497 ms
64 bytes from 192.168.139.166: icmp_seq=1 ttl=64 time=0.519 ms

--- 192.168.139.166 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.497/0.508/0.519/0.011 ms