Automate the Creation of VPC Mesh Networks

Introduction

Creating a mesh network across multiple Virtual Private Clouds (VPCs) is a powerful way to ensure seamless communication between your cloud resources while maintaining isolation and security. A VPC mesh network is a network topology where every VPC is connected to every other VPC, creating direct paths between all of them. This kind of setup is ideal for complex architectures, where you need high availability, fault tolerance, and low-latency communication across multiple VPCs.

In this tutorial, we will walk you through using a Bash script to automate the process of creating a VPC mesh network on DigitalOcean. The script simplifies the management of VPCs and peerings, which will allow you to:

• Build a VPC Mesh Network: Establish a network of interconnected VPCs for secure and isolated communication.
• Automate Peering Management: Easily create and manage multiple VPC peerings without manually interacting with the DigitalOcean API.
• Monitor Existing VPC Peerings: View the current state of VPC peerings to ensure proper network configuration.

Prerequisites

• DigitalOcean Account: You must have an active DigitalOcean account with access to one or more VPCs.
• DigitalOcean API Token: A valid DigitalOcean API token is required to authenticate and interact with the DigitalOcean API. You can generate an API token in the DigitalOcean API dashboard.
• jq: The script uses jq to parse JSON responses from the DigitalOcean API. Ensure it’s installed on your machine.

You can install jq using the following commands:

On Ubuntu/Debian:

sudo apt-get install jq

On CentOS/RedHat:

sudo yum install jq

Installing and Using the Bash Script

To use the script, first download the script to your server or local machine using the following command:

wget https://solutions-files.ams3.cdn.digitaloceanspaces.com/VPC-Mesh/manage-peering.sh

Then, grant execution permissions and run the script

chmod +x manage-peering.sh

./manage-peering.sh

When prompted, enter your DigitalOcean API token to authenticate the script.

Enter your DigitalOcean API token: 

You’ll be presented a menu with the following options:

Select an option:
1. List the VPCs
2. List the VPC peerings
3. Create new VPC peerings
4. Exit
Enter your choice: 

• List the VPCs: View all VPCs in your DigitalOcean account.
• List the VPC Peerings: View existing peerings between VPCs.
• Create New VPC Peerings: Select VPCs and create peerings to establish a mesh network.
• Exit: Exit the script.

Script Functions

Check API Token Validity

The script first checks if the provided DigitalOcean API token is valid by querying the DigitalOcean API for the list of VPCs. If the token is invalid, the script will terminate with an error message.

List VPCs

This function retrieves and lists all VPCs associated with your DigitalOcean account. It displays the following details:

• VPC ID: The unique identifier for the VPC.
• Name: The name of the VPC.
• Region: The region in which the VPC is located.

The list is formatted into a clean, dynamic table with columns that adjust based on the length of VPC IDs and names.

List VPC Peerings

This function retrieves and displays all existing VPC peerings in your account. The output includes:

• Peering Name: The name of the VPC peering connection.
• Status: The current status of the peering.

This helps you track which VPCs are already connected and avoid creating duplicate peerings.

Create VPC Peerings

This is the main function of the script, allowing you to create new VPC peerings between selected VPCs. The script performs the following steps:

• Prompts you to optionally list existing VPC peerings.
• Displays all available VPCs and allows you to select which ones you wish to peer.
• Automatically generates all possible combinations of selected VPCs and attempts to create peerings between them.
• If a peering already exists, the script will notify you.
• The script outputs the status of each peering attempt, letting you know whether it was successful or if it already exists.

After creating the peerings, the script will clean up any temporary files and return to the main menu.

Example Workflow

1. List VPCs: When you select option 1 to list VPCs, the output might look like this:

    Available VPCs:
    No   VPC ID                           Name          Region
    ---- --------------------------------  ------------  -------
    1    vpc-123456789abcdef               VPC-1         NYC1
    2    vpc-abcdef123456789               VPC-2         SFO2
    3    vpc-987654321abcdef               VPC-3         NYC1
   

2. List VPC Peerings: Selecting option 2 to view existing peerings will display something like this:

   Existing VPC Peerings:
   No   Peering Name                    Status
   ---- --------------------------------  --------
   1    peering-VPC-1-VPC-2              active
   2    peering-VPC-2-VPC-3              active
   

3. Create VPC Peerings: Selecting option 3 will prompt you to select VPCs for peering. For example:

   Select VPCs to create peerings (e.g., 1 3):
   1    vpc-123456789abcdef               VPC-1         NYC1
   2    vpc-abcdef123456789               VPC-2         SFO2
   
   Enter the numbers of the VPCs you want to peer (space-separated): 1 2
   Creating peering: peering-VPC-1-VPC-2 between VPC-1 and VPC-2
   VPC peering between VPC-1 and VPC-2 has been created.
   

Troubleshooting

• Invalid API Token: If the API token is invalid, the script will notify you and exit. Ensure that you have generated the correct token and that it has sufficient permissions to access your VPCs.
• Peerings Already Exist: If you attempt to create a peering that already exists, the script will alert you that the peering is already established.
• Missing jq: If jq is not installed, the script will fail when attempting to parse JSON. Install jq using the appropriate package manager for your system.

Conclusion

This script provides a simple and efficient way to manage VPC peerings within your DigitalOcean infrastructure, making it easier to build and maintain a mesh network of interconnected VPCs. By automating the process of listing, managing, and creating VPC peerings, the script helps streamline VPC configuration tasks, saving you time and reducing the likelihood of errors.

With this tool, you can:

• Seamlessly interconnect multiple VPCs, enabling secure communication across different regions and projects.
• Quickly list your existing VPCs and peerings, ensuring that you have full visibility into your network topology.
• Effortlessly create and manage VPC peerings to expand your network without manual intervention.