Hello community, here is the log from the commit of package aws-vpc-move-ip for openSUSE:Factory checked in at 2017-11-14 13:01:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/aws-vpc-move-ip (Old) and /work/SRC/openSUSE:Factory/.aws-vpc-move-ip.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "aws-vpc-move-ip" Tue Nov 14 13:01:44 2017 rev:2 rq:541544 version:0.2.20171113 Changes: -------- --- /work/SRC/openSUSE:Factory/aws-vpc-move-ip/aws-vpc-move-ip.changes 2017-09-04 12:31:49.217494855 +0200 +++ /work/SRC/openSUSE:Factory/.aws-vpc-move-ip.new/aws-vpc-move-ip.changes 2017-11-14 13:02:05.504265384 +0100 @@ -1,0 +2,12 @@ +Mon Nov 13 16:40:10 UTC 2017 - [email protected] + +- Update to version from resource-agents#ac94d575 (bsc#1059165) + * Monitoring via AWS API call can be turned on/off + * New parameter monapi (bool – true/false) enables + or disables Enhanced monitoring using AWS API + call to check route table content + * ocf_log / debugger: only relevant output for + each level is sent to log + * now correctly checks return code of “ip addr delete” (bsc#1053193) + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ aws-vpc-move-ip.spec ++++++ --- /var/tmp/diff_new_pack.1ct7vX/_old 2017-11-14 13:02:08.200166809 +0100 +++ /var/tmp/diff_new_pack.1ct7vX/_new 2017-11-14 13:02:08.200166809 +0100 @@ -1,7 +1,7 @@ # # spec file for package aws-vpc-move-ip # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: aws-vpc-move-ip -Version: 0.1.20151002 +Version: 0.2.20171113 Release: 0 Summary: Resource agent for implementing floating IP in AWS VPC License: GPL-2.0 ++++++ aws-vpc-move-ip ++++++ --- /var/tmp/diff_new_pack.1ct7vX/_old 2017-11-14 13:02:08.224165932 +0100 +++ /var/tmp/diff_new_pack.1ct7vX/_new 2017-11-14 13:02:08.224165932 +0100 @@ -1,30 +1,50 @@ -#!/bin/bash +#!/bin/sh +# # # OCF resource agent to move an IP address within a VPC in the AWS -# Written by Markus Guertler (SUSE) +# +# Copyright (c) 2017 Markus Guertler (SUSE) # Based on code of Adam Gandelman (GitHub ec2-resource-agents/elasticip) +# All Rights Reserved. # - -############################################################################### -# For testing purposes delete OCF_ROOT after testing -OCF_ROOT=/usr/lib/ocf/ +# This program is free software; you can redistribute it and/or modify +# it under the terms of version 2 of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it would be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # -# INIT -#: ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/resource.d/heartbeat} -#if [ -f ${OCF_FUNCTIONS_DIR}/.ocf-shellfuncs ]; then -# . ${OCF_FUNCTIONS_DIR}/.ocf-shellfuncs -#fi +# Further, this software is distributed without any warranty that it is +# free of the rightful claim of any third person regarding infringement +# or the like. Any license provided herein, whether implied or +# otherwise, applies only to this software file. Patent licenses, if +# any, provided herein do not apply to combinations of this program with +# other software, or any other product whatsoever. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write the Free Software Foundation, +# Inc., 59 Temple Place - Suite 330, Boston MA 02111-1307, USA. +# + ####################################################################### # Initialization: -: ${OCF_FUNCTIONS=${OCF_ROOT}/resource.d/heartbeat/.ocf-shellfuncs} -. ${OCF_FUNCTIONS} -: ${__OCF_ACTION=$1} +: ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} +. ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs +# Defaults +OCF_RESKEY_awscli_default="/usr/bin/aws" +OCF_RESKEY_profile_default="default" +OCF_RESKEY_monapi_default="false" + +: ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}} +: ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}} +: ${OCF_RESKEY_monapi=${OCF_RESKEY_monapi_default}} ####################################################################### - + USAGE="usage: $0 {start|stop|status|meta-data}"; ############################################################################### @@ -47,14 +67,32 @@ by changing an entry in an specific routing table </longdesc> <shortdesc lang="en">Move IP within a APC of the AWS EC2</shortdesc> + <parameters> +<parameter name="awscli"> +<longdesc lang="en"> +Path to command line tools for AWS +</longdesc> +<shortdesc lang="en">Path to AWS CLI tools</shortdesc> +<content type="string" default="${OCF_RESKEY_awscli_default}" /> +</parameter> + +<parameter name="profile"> +<longdesc lang="en"> +Valid AWS CLI profile name (see ~/.aws/config and 'aws configure') +</longdesc> +<shortdesc lang="en">profile name</shortdesc> +<content type="string" default="${OCF_RESKEY_profile_default}" /> +</parameter> + <parameter name="address" required="1"> <longdesc lang="en"> VPC private IP address </longdesc> -<shortdesc lang="en">vpc ip</shortdesc> +<shortdesc lang="en">VPC private IP Address</shortdesc> <content type="string" default="" /> </parameter> + <parameter name="routing_table" required="1"> <longdesc lang="en"> Name of the routing table, where the route for the IP address should be changed, i.e. rtb-... @@ -62,25 +100,28 @@ <shortdesc lang="en">routing table name</shortdesc> <content type="string" default="" /> </parameter> + <parameter name="interface" required="1"> <longdesc lang="en"> -Name of the network interfacen, i.e. eth0 +Name of the network interface, i.e. eth0 </longdesc> <shortdesc lang="en">network interface name</shortdesc> <content type="string" default="eth0" /> </parameter> -<parameter name="profile" required="0"> + +<parameter name="monapi"> <longdesc lang="en"> -Valid AWS CLI profile name (see ~/.aws/config and 'aws configure') +Enable enhanced monitoring using AWS API calls to check route table entry </longdesc> -<shortdesc lang="en">profile name</shortdesc> -<content type="string" default="default" /> -</parameter> +<shortdesc lang="en">Enhanced Monitoring</shortdesc> +<content type="boolean" default="${OCF_RESKEY_monapi_default}" /> +</parameter> </parameters> + <actions> <action name="start" timeout="180" /> <action name="stop" timeout="180" /> -<action name="monitor" depth="0" timeout="30" interval="30" /> +<action name="monitor" depth="0" timeout="30" interval="60" /> <action name="validate-all" timeout="5" /> <action name="meta-data" timeout="5" /> </actions> @@ -88,121 +129,141 @@ END } -debugger() { - ocf_log info "DEBUG: $1" -} - ec2ip_validate() { - debugger "function: validate" - - # IP address - [[ -z "$OCF_RESKEY_address" ]] && ocf_log error "IP address parameter not set $OCF_RESKEY_ADDRESS!" && exit $OCF_ERR_CONFIGURED - - # Network Interface - [[ -z "$OCF_RESKEY_interface" ]] && ocf_log error "Network interface parameter not set $OCF_RESKEY_INTERFACE!" && exit $OCF_ERR_CONFIGURED - - # Routing Table - [[ -z "$OCF_RESKEY_routing_table" ]] && ocf_log error "Routing table parameter not set $OCF_RESKEY_ROUTING_TABLE!" && exit $OCF_ERR_CONFIGURED - - COMMANDS="ec2metadata aws ip" - - for i in $COMMANDS ; do - debugger "Locating command: $i" - [[ ! -x $(which $i) ]] && ocf_log error "Command $i not found or exectuable" && exit $OCF_ERR_INSTALLED - debugger "Command $i found" + for cmd in aws ip curl; do + check_binary "$cmd" done - - debugger "Testing aws command" - aws --version 2>&1 - if [ "$?" -gt 0 ]; then - error "Error while executing aws command as user root! Please check if AWS CLI tools (Python flavor) are properly installed and configured." && exit $OCF_ERR_INSTALLED + + if [ -z "$OCF_RESKEY_profile" ]; then + ocf_exit_reason "profile parameter not set" + return $OCF_ERR_CONFIGURED fi - debugger "ok" - - EC2_INSTANCE_ID=$(ec2metadata --instance-id) - - if [ -n "$OCF_RESKEY_profile" ]; then - AWS_PROFILE_OPT="--profile $OCF_RESKEY_profile" - else - AWS_PROFILE_OPT="--profile default" + + EC2_INSTANCE_ID="$(curl -s http://169.254.169.254/latest/meta-data/instance-id)" + + if [ -z "${EC2_INSTANCE_ID}" ]; then + ocf_exit_reason "Instance ID not found. Is this a EC2 instance?" + return $OCF_ERR_GENERIC fi - + return $OCF_SUCCESS } ec2ip_monitor() { - ec2ip_validate - debugger "function: ec2ip_monitor: check routing table" - cmd="aws $AWS_PROFILE_OPT ec2 describe-route-tables --route-table-ids $OCF_RESKEY_routing_table" - debugger "executing command: $cmd" - ROUTE_TO_INSTANCE="$($cmd |grep $OCF_RESKEY_address | awk '{ print $3 }')" - if [ -z "$ROUTE_TO_INSTANCE" ]; then - ROUTE_TO_INSTANCE="<unknown>" + if ocf_is_true ${OCF_RESKEY_monapi} || [ "$__OCF_ACTION" = "start" ]; then + ocf_log info "monitor: check routing table (API call)" + cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile --output text ec2 describe-route-tables --route-table-ids $OCF_RESKEY_routing_table" + ocf_log debug "executing command: $cmd" + ROUTE_TO_INSTANCE="$($cmd | grep $OCF_RESKEY_address | awk '{ print $3 }')" + if [ -z "$ROUTE_TO_INSTANCE" ]; then + ROUTE_TO_INSTANCE="<unknown>" + fi + + if [ "$EC2_INSTANCE_ID" != "$ROUTE_TO_INSTANCE" ];then + ocf_log warn "not routed to this instance ($EC2_INSTANCE_ID) but to instance $ROUTE_TO_INSTANCE" + return $OCF_NOT_RUNNING + fi + else + ocf_log debug "monitor: Enhanced Monitoring disabled - omitting API call" fi - - [[ "$EC2_INSTANCE_ID" != "$ROUTE_TO_INSTANCE" ]] && debugger "not routed to this instance ($EC2_INSTANCE_ID) but to instance $ROUTE_TO_INSTANCE" && return $OCF_NOT_RUNNING + cmd="ping -W 1 -c 1 $OCF_RESKEY_address" - debugger "executing command: $cmd" + ocf_log debug "executing command: $cmd" $cmd > /dev/null - [[ $? -gt 0 ]] && debugger "IP $OCF_RESKEY_address not locally reachable via ping on this system" && return $OCF_NOT_RUNNING - debugger "routed in VPC and locally reachable" - return $OCF_SUCCESS + if [ "$?" -gt 0 ]; then + ocf_log warn "IP $OCF_RESKEY_address not locally reachable via ping on this system" + return $OCF_NOT_RUNNING + fi + + ocf_log debug "route in VPC and locally reachable" + return $OCF_SUCCESS } ec2ip_drop() { - debugger "function: ec2ip_drop" cmd="ip addr delete ${OCF_RESKEY_address}/32 dev $OCF_RESKEY_interface" - debugger "executing command: $cmd" + ocf_log debug "executing command: $cmd" $cmd rc=$? - [[ $rc -gt 2 ]] && debugger "command failed, rc $rc" && return $OCF_ERR_GENERIC - debugger "command succeeded" + if [ "$rc" -gt 0 ]; then + ocf_log warn "command failed, rc $rc" + return $OCF_ERR_GENERIC + fi + return $OCF_SUCCESS } ec2ip_get_and_configure() { - debugger "function: ec2ip_get_and_configure" # Adjusting the routing table - cmd="aws $AWS_PROFILE_OPT ec2 replace-route --route-table-id $OCF_RESKEY_routing_table --destination-cidr-block ${OCF_RESKEY_address}/32 --instance-id $EC2_INSTANCE_ID" - debugger "executing command: $cmd" + cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile ec2 replace-route --route-table-id $OCF_RESKEY_routing_table --destination-cidr-block ${OCF_RESKEY_address}/32 --instance-id $EC2_INSTANCE_ID" + ocf_log debug "executing command: $cmd" $cmd rc=$? - [[ $rc != 0 ]] && debugger "command failed, rc: $rc" && return $OCF_ERR_GENERIC + if [ "$rc" != 0 ]; then + ocf_log warn "command failed, rc: $rc" + return $OCF_ERR_GENERIC + fi + # Reconfigure the local ip address ec2ip_drop ip addr add "${OCF_RESKEY_address}/32" dev $OCF_RESKEY_interface rc=$? - [[ $rc != 0 ]] && debugger "command failed, rc: $rc" && return $OCF_ERR_GENERIC - debugger "-success" + if [ $rc != 0 ]; then + ocf_log warn "command failed, rc: $rc" + return $OCF_ERR_GENERIC + fi + return $OCF_SUCCESS } ec2ip_stop() { ocf_log info "EC2: Bringing down IP address $OCF_RESKEY_address" - ec2ip_validate + ec2ip_monitor - [[ $? == $OCF_NOT_RUNNING ]] && ocf_log info "EC2: Address $OCF_RESKEY_address already down" && return $OCF_SUCCESS + if [ $? = $OCF_NOT_RUNNING ]; then + ocf_log info "EC2: Address $OCF_RESKEY_address already down" + return $OCF_SUCCESS + fi + ec2ip_drop - [[ $? != $OCF_SUCCESS ]] && return $OCF_ERR_GENERIC + if [ $? != $OCF_SUCCESS ]; then + return $OCF_ERR_GENERIC + fi + ec2ip_monitor - [[ $? == $OCF_NOT_RUNNING ]] && ocf_log info "EC2: Successfully brought down $OCF_RESKEY_address" && return $OCF_SUCCESS - ocf_log error "EC2: Couldn't bring down IP address $OCF_RESKEY_address on interface $OCF_RESKEY_interface." - return $OCF_ERR_GENERIC + if [ $? != $OCF_NOT_RUNNING ]; then + ocf_log error "EC2: Couldn't bring down IP address $OCF_RESKEY_address on interface $OCF_RESKEY_interface." + return $OCF_ERR_GENERIC + fi + + ocf_log info "EC2: Successfully brought down $OCF_RESKEY_address" + return $OCF_SUCCESS } ec2ip_start() { ocf_log info "EC2: Moving IP address $OCF_RESKEY_address to this host by adjusting routing table $OCF_RESKEY_routing_table" - ec2ip_validate + ec2ip_monitor - [[ $? == $OCF_SUCCESS ]] && ocf_log info "EC2: $OCF_RESKEY_address already started" && return $OCF_SUCCESS + if [ $? = $OCF_SUCCESS ]; then + ocf_log info "EC2: $OCF_RESKEY_address already started" + return $OCF_SUCCESS + fi + ocf_log info "EC2: Adjusting routing table and locally configuring IP address" - ec2ip_get_and_configure - [[ $? != 0 ]] && ocf_log error "Received $? from 'aws'" && return $OCF_ERR_GENERIC + ec2ip_get_and_configure + rc=$? + if [ $rc != $OCF_SUCCESS ]; then + ocf_log error "Received $rc from 'aws'" + return $OCF_ERR_GENERIC + fi + ec2ip_monitor - [[ $? == $OCF_SUCCESS ]] && return $? - ocf_log error "EC2: IP address couldn't be configured on this host (IP: $OCF_RESKEY_address, Interface: $OCF_RESKEY_interface)" - return $OCF_ERR_GENERIC + if [ $? != $OCF_SUCCESS ]; then + ocf_log error "EC2: IP address couldn't be configured on this host (IP: $OCF_RESKEY_address, Interface: $OCF_RESKEY_interface)" + return $OCF_ERR_GENERIC + fi + + return $OCF_SUCCESS } ############################################################################### @@ -211,15 +272,35 @@ # ############################################################################### -case $__OCF_ACTION in - meta-data) metadata - exit $OCF_SUCCESS;; - monitor) - ec2ip_monitor;; - stop) - ec2ip_stop;; - validate-all) ec2ip_validate;; +case $__OCF_ACTION in + meta-data) + metadata + exit $OCF_SUCCESS + ;; + usage|help) + echo $USAGE + exit $OCF_SUCCESS + ;; +esac + +if ! ocf_is_root; then + ocf_log err "You must be root for $__OCF_ACTION operation." + exit $OCF_ERR_PERM +fi + +ec2ip_validate + +case $__OCF_ACTION in start) ec2ip_start;; - *) exit $OCF_ERR_UNIMPLEMENTED;; -esac \ No newline at end of file + stop) + ec2ip_stop;; + monitor) + ec2ip_monitor;; + validate-all) + exit $?;; + *) + echo $USAGE + exit $OCF_ERR_UNIMPLEMENTED + ;; +esac
