From b727fe4e2a0f4c88fca0ed9f90f57e570253c961 Mon Sep 17 00:00:00 2001 From: Costas Tyfoxylos Date: Wed, 26 Aug 2020 15:18:00 +0300 Subject: [PATCH 1/2] aws-vpc-move-ip: Implemented optional eni lookup instead of the default instance id. In a shared network pattern where the cluster resides in shared subnets the instance ids of the nodes are not retrievable but the eni ids are and this optional feature gives transparent support in that situation. --- heartbeat/aws-vpc-move-ip | 41 +++++++++++++++++++++++++++++++-------- 1 file changed, 33 insertions(+), 8 deletions(-) diff --git a/heartbeat/aws-vpc-move-ip b/heartbeat/aws-vpc-move-ip index 1b540caec..bc82428e5 100755 --- a/heartbeat/aws-vpc-move-ip +++ b/heartbeat/aws-vpc-move-ip @@ -44,6 +44,7 @@ OCF_RESKEY_routing_table_default="" OCF_RESKEY_routing_table_role_default="" OCF_RESKEY_interface_default="eth0" OCF_RESKEY_monapi_default="false" +OCF_RESKEY_lookup_type_default="InstanceId" : ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}} : ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}} @@ -54,6 +55,7 @@ OCF_RESKEY_monapi_default="false" : ${OCF_RESKEY_routing_table_role=${OCF_RESKEY_routing_table_role_default}} : ${OCF_RESKEY_interface=${OCF_RESKEY_interface_default}} : ${OCF_RESKEY_monapi=${OCF_RESKEY_monapi_default}} +: ${OCF_RESKEY_lookup_type=${OCF_RESKEY_lookup_type_default}} [ -n "$OCF_RESKEY_region" ] && region_opt="--region $OCF_RESKEY_region" ####################################################################### @@ -154,6 +156,17 @@ Enable enhanced monitoring using AWS API calls to check route table entry Enhanced Monitoring + + + +Name of resource type to lookup in route table. +"InstanceId" : EC2 instance ID. (default) +"NetworkInterfaceId" : ENI ID. (useful in shared VPC setups). + +lookup type for route table resource + + + @@ -187,7 +200,7 @@ execute_cmd_as_role(){ ec2ip_set_address_param_compat(){ # Include backward compatibility for the deprecated address parameter - if [ -z "$OCF_RESKEY_ip" ] && [ -n "$OCF_RESKEY_address" ]; then + if [ -z "$OCF_RESKEY_ip" ] && [ -n "$OCF_RESKEY_address" ]; then OCF_RESKEY_ip="$OCF_RESKEY_address" fi } @@ -213,16 +226,24 @@ ec2ip_validate() { } ec2ip_monitor() { - MON_RES="" + MON_RES="" + if [ "${OCF_RESKEY_lookup_type}" = "NetworkInterfaceId" ]; then + EC2_ID="$(ec2ip_get_instance_eni)" + RESOURCE_TYPE="interface" + else + EC2_ID="$EC2_INSTANCE_ID" + RESOURCE_TYPE="instance" + fi + if ocf_is_true ${OCF_RESKEY_monapi} || [ "$__OCF_ACTION" = "start" ] || ocf_is_probe; then for rtb in $(echo $OCF_RESKEY_routing_table | sed -e 's/,/ /g'); do ocf_log info "monitor: check routing table (API call) - $rtb" if [[ -z "${OCF_RESKEY_routing_table_role}" ]]; then - cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId" + cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].$OCF_RESKEY_lookup_type" ocf_log debug "executing command: $cmd" ROUTE_TO_INSTANCE="$($cmd)" else - cmd="$OCF_RESKEY_awscli $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].InstanceId" + cmd="$OCF_RESKEY_awscli $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].$OCF_RESKEY_lookup_type" ROUTE_TO_INSTANCE="$(execute_cmd_as_role "$cmd" $OCF_RESKEY_routing_table_role)" fi ocf_log debug "Overlay IP is currently routed to ${ROUTE_TO_INSTANCE}" @@ -230,8 +251,8 @@ ec2ip_monitor() { ROUTE_TO_INSTANCE="" fi - if [ "$EC2_INSTANCE_ID" != "$ROUTE_TO_INSTANCE" ]; then - ocf_log warn "not routed to this instance ($EC2_INSTANCE_ID) but to instance $ROUTE_TO_INSTANCE on $rtb" + if [ "$EC2_ID" != "$ROUTE_TO_INSTANCE" ]; then + ocf_log warn "not routed to this $RESOURCE_TYPE ($EC2_ID) but to $RESOURCE_TYPE $ROUTE_TO_INSTANCE on $rtb" MON_RES="$MON_RES $rtb" fi sleep 1 @@ -275,7 +296,7 @@ ec2ip_drop() { return $OCF_SUCCESS } -ec2ip_get_and_configure() { +ec2ip_get_instance_eni() { MAC_FILE="/sys/class/net/${OCF_RESKEY_interface}/address" if [ -f $MAC_FILE ]; then cmd="cat ${MAC_FILE}" @@ -300,7 +321,11 @@ ec2ip_get_and_configure() { return $OCF_ERR_GENERIC fi ocf_log debug "network interface id associated MAC address ${MAC_ADDR}: ${EC2_NETWORK_INTERFACE_ID}" + echo $EC2_NETWORK_INTERFACE_ID +} +ec2ip_get_and_configure() { + EC2_NETWORK_INTERFACE_ID="$(ec2ip_get_instance_eni)" for rtb in $(echo $OCF_RESKEY_routing_table | sed -e 's/,/ /g'); do if [ -z "${OCF_RESKEY_routing_table_role}" ]; then cmd="$OCF_RESKEY_awscli --profile $OCF_RESKEY_profile $region_opt --output text ec2 replace-route --route-table-id $rtb --destination-cidr-block ${OCF_RESKEY_ip}/32 --network-interface-id $EC2_NETWORK_INTERFACE_ID" From f4c8daae098dd33bdd5136ca4846eb505110e006 Mon Sep 17 00:00:00 2001 From: Sander Botman Date: Fri, 28 Aug 2020 22:01:03 +0200 Subject: [PATCH 2/2] aws-vpc-move-ip: Fix the region option --- heartbeat/aws-vpc-move-ip | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/heartbeat/aws-vpc-move-ip b/heartbeat/aws-vpc-move-ip index bc82428e5..a5b28ad92 100755 --- a/heartbeat/aws-vpc-move-ip +++ b/heartbeat/aws-vpc-move-ip @@ -243,7 +243,7 @@ ec2ip_monitor() { ocf_log debug "executing command: $cmd" ROUTE_TO_INSTANCE="$($cmd)" else - cmd="$OCF_RESKEY_awscli $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].$OCF_RESKEY_lookup_type" + cmd="$OCF_RESKEY_awscli $region_opt --output text ec2 describe-route-tables --route-table-ids $rtb --query RouteTables[*].Routes[?DestinationCidrBlock=='$OCF_RESKEY_ip/32'].$OCF_RESKEY_lookup_type" ROUTE_TO_INSTANCE="$(execute_cmd_as_role "$cmd" $OCF_RESKEY_routing_table_role)" fi ocf_log debug "Overlay IP is currently routed to ${ROUTE_TO_INSTANCE}"