Contexte :

Nous allons créer 2 boxs avec un réseau publique pour que les boxs soient joignables sur le réseau.

Création des boxs :

Création de l’environnement :

mkdir ~/.my_vagrant/demo2box
cd ~/.my_vagrant/demo2box

Création du Vagrantfile :

$ vi Vagrantfile 
# Script systeme pour avoir des infos des boxs
# il est variabilisé pour être réutilisé
$systemcmd = <<-SCRIPT
	echo "Infos machine :"
	hostname
	ip -4 addr sh eth1
	date
SCRIPT

Vagrant.configure("2") do |config|
#Déclaration de la box 1
	config.vm.define "vm1" do |vm1|
		vm1.vm.box = "centos/7"
		vm1.vm.hostname = 'vm1'
		vm1.vm.box_url = "centos/7"
		vm1.vm.network "public_network", bridge: "en0: Wi-Fi (AirPort)", auto_config: false
		vm1.vm.provision "shell", inline: $systemcmd
	end


#Déclaration de la box 2
	config.vm.define "vm2" do |vm2|
		vm2.vm.box = "centos/7"
		vm2.vm.hostname = 'vm2'
		vm2.vm.box_url = "centos/7"
		vm2.vm.network "public_network", bridge: "en0: Wi-Fi (AirPort)", auto_config: false
		vm2.vm.provision "shell", inline: $systemcmd    
	end
end

On a définit :

  • le type box : centos 7
  • le hostname de la VM
  • le pont entre le réseau publique Vagrant et l’interface réseau de l’hôte
  • un script post déploiement pour personnaliser la machine (ici donner des infos)

Déploiement des boxs :

$ vagrant up
Bringing machine 'vm1' up with 'virtualbox' provider...
Bringing machine 'vm2' up with 'virtualbox' provider...
==> vm1: Importing base box 'centos/7'...
==> vm1: Matching MAC address for NAT networking...
==> vm1: Checking if box 'centos/7' version '2004.01' is up to date...
==> vm1: Setting the name of the VM: demo2boxs_vm1_1627908909528_61845
==> vm1: Clearing any previously set network interfaces...
==> vm1: Preparing network interfaces based on configuration...
    vm1: Adapter 1: nat
    vm1: Adapter 2: bridged
==> vm1: Forwarding ports...
    vm1: 22 (guest) => 2222 (host) (adapter 1)
==> vm1: Booting VM...
==> vm1: Waiting for machine to boot. This may take a few minutes...
    vm1: SSH address: 127.0.0.1:2222
    vm1: SSH username: vagrant
    vm1: SSH auth method: private key
    vm1: 
    vm1: Vagrant insecure key detected. Vagrant will automatically replace
    vm1: this with a newly generated keypair for better security.
    vm1: 
    vm1: Inserting generated public key within guest...
    vm1: Removing insecure key from the guest if it's present...
    vm1: Key inserted! Disconnecting and reconnecting using new SSH key...
==> vm1: Machine booted and ready!
==> vm1: Checking for guest additions in VM...
    vm1: No guest additions were detected on the base box for this VM! Guest
    vm1: additions are required for forwarded ports, shared folders, host only
    vm1: networking, and more. If SSH fails on this machine, please install
    vm1: the guest additions and repackage the box to continue.
    vm1: 
    vm1: This is not an error message; everything may continue to work properly,
    vm1: in which case you may ignore this message.
==> vm1: Setting hostname...
==> vm1: Rsyncing folder: /home/alasta/.my_vagrant/demo2boxs/ => /vagrant
==> vm1: Running provisioner: shell...
    vm1: Running: inline script
    vm1: Infos machine :
    vm1: vm1
    vm1: 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    vm1:     inet 192.168.139.166/24 brd 192.168.139.255 scope global noprefixroute dynamic eth1
    vm1:        valid_lft 3597sec preferred_lft 3597sec
    vm1: Mon Aug  2 12:52:17 UTC 2021
==> vm2: Importing base box 'centos/7'...
==> vm2: Matching MAC address for NAT networking...
==> vm2: Checking if box 'centos/7' version '2004.01' is up to date...
==> vm2: Setting the name of the VM: demo2boxs_vm2_1627908942769_30142
==> vm2: Fixed port collision for 22 => 2222. Now on port 2200.
==> vm2: Clearing any previously set network interfaces...
==> vm2: Preparing network interfaces based on configuration...
    vm2: Adapter 1: nat
    vm2: Adapter 2: bridged
==> vm2: Forwarding ports...
    vm2: 22 (guest) => 2200 (host) (adapter 1)
==> vm2: Booting VM...
==> vm2: Waiting for machine to boot. This may take a few minutes...
    vm2: SSH address: 127.0.0.1:2200
    vm2: SSH username: vagrant
    vm2: SSH auth method: private key
    vm2: 
    vm2: Vagrant insecure key detected. Vagrant will automatically replace
    vm2: this with a newly generated keypair for better security.
    vm2: 
    vm2: Inserting generated public key within guest...
    vm2: Removing insecure key from the guest if it's present...
    vm2: Key inserted! Disconnecting and reconnecting using new SSH key...
==> vm2: Machine booted and ready!
==> vm2: Checking for guest additions in VM...
    vm2: No guest additions were detected on the base box for this VM! Guest
    vm2: additions are required for forwarded ports, shared folders, host only
    vm2: networking, and more. If SSH fails on this machine, please install
    vm2: the guest additions and repackage the box to continue.
    vm2: 
    vm2: This is not an error message; everything may continue to work properly,
    vm2: in which case you may ignore this message.
==> vm2: Setting hostname...
==> vm2: Rsyncing folder: /home/alasta/.my_vagrant/demo2boxs/ => /vagrant
==> vm2: Running provisioner: shell...
    vm2: Running: inline script
    vm2: Infos machine :
    vm2: vm2
    vm2: 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    vm2:     inet 192.168.139.241/24 brd 192.168.139.255 scope global noprefixroute dynamic eth1
    vm2:        valid_lft 3597sec preferred_lft 3597sec
    vm2: Mon Aug  2 12:52:51 UTC 2021

Note :

  • si une des boxs est déjà deployée, il ne déploiera que l’autre.
  • on aurait pu lancer un vagrant up vm2 pour ne lancer que le débploiement de vm2.

Afficher les boxs de notre environnement :

$ vagrant status
Current machine states:

vm1                       running (virtualbox)
vm2                       running (virtualbox)

This environment represents multiple VMs. The VMs are all listed
above with their current state. For more information about a specific
VM, run 'vagrant status NAME'.

Dans le cas d’une box arrêtée :

$ vagrant halt vm1
==> vm1: Attempting graceful shutdown of VM...


 $ vagrant status
Current machine states:

vm1                       poweroff (virtualbox)
vm2                       running (virtualbox)

This environment represents multiple VMs. The VMs are all listed
above with their current state. For more information about a specific
VM, run 'vagrant status NAME'.

Connexion shell à une box

$ vagrant ssh vm1

Note : quand il y a plusieurs boxs il faut précéiser la box sur laquelle on souhaite se connecter.

ou

$ vagrant ssh-config > lab_ssh_config

$ ssh -F lab_ssh_config vm1
Last login: Mon Aug  2 14:05:12 2021 from 192.168.139.105
[vagrant@vm1 ~]$

Note : il est possible de modifier les IP et port dans le fichier de sortie du vagrant ssh-config pour utiliser l’IP de sont réseau publique (par défaut l’IP est localhost et le port > 2200).

Tests de connexions :

Récupération de l’IP de la box :

$ vagrant ssh vm1
Last login: Mon Aug  2 14:07:42 2021 from 10.0.2.2
[vagrant@vm1 ~]$ ip addr sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:00:4d:77:d3 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global noprefixroute dynamic eth0
       valid_lft 85152sec preferred_lft 85152sec
    inet6 fe80::5054:ff:fe4d:77d3/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:60:f2:25 brd ff:ff:ff:ff:ff:ff
    inet 192.168.139.166/24 brd 192.168.139.255 scope global noprefixroute dynamic eth1
       valid_lft 2353sec preferred_lft 2353sec
    inet6 fe80::47c3:3077:2ed0:74aa/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

Ici :

  • 10.0.2.15 est l’IP privée, joignable qu’entre les 2 boxs
  • 192.168.139.166 est l’IP publique joignable par “tout le monde”

Test de ping depuis vm2 :

[vagrant@vm2 ~]$ ping -c 2 10.0.2.15
PING 10.0.2.15 (10.0.2.15) 56(84) bytes of data.
64 bytes from 10.0.2.15: icmp_seq=1 ttl=64 time=0.022 ms
64 bytes from 10.0.2.15: icmp_seq=2 ttl=64 time=0.048 ms

--- 10.0.2.15 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.022/0.035/0.048/0.013 ms
[vagrant@vm2 ~]$ ping -c 2 192.168.139.166
PING 192.168.139.166 (192.168.139.166) 56(84) bytes of data.
64 bytes from 192.168.139.166: icmp_seq=1 ttl=64 time=0.881 ms
64 bytes from 192.168.139.166: icmp_seq=2 ttl=64 time=0.787 ms

--- 192.168.139.166 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.787/0.834/0.881/0.047 ms

Test de ping depuis la machine hôte

$ ping -c2 10.0.2.15
PING 10.0.2.15 (10.0.2.15): 56 data bytes
Request timeout for icmp_seq 0

--- 10.0.2.15 ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss

$ ping -c 2 192.168.139.166
PING 192.168.139.166 (192.168.139.166): 56 data bytes
64 bytes from 192.168.139.166: icmp_seq=0 ttl=64 time=0.497 ms
64 bytes from 192.168.139.166: icmp_seq=1 ttl=64 time=0.519 ms

--- 192.168.139.166 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.497/0.508/0.519/0.011 ms