rpms / resource-agents

Clone
Source Code
GIT

Blame SOURCES/bz1759115-aws-vpc-route53-3-awscli-property.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s c9 c9-beta
  1.   bcdf71ec11a5119dd3058c96df3ea91e61b220f4
  2.   SOURCES
  3.   bz1759115-aws-vpc-route53-3-awscli-property.patch
Blob History Raw
d42a06 
From 01d3e07ec6c5240633633cb56d1bc915190f40a5 Mon Sep 17 00:00:00 2001
d42a06 
From: Brandon Perkins <bperkins@redhat.com>
d42a06 
Date: Fri, 24 Apr 2020 18:19:19 -0400
d42a06 
Subject: [PATCH 1/4] Replace aws command line with OCF_RESKEY_awscli property.
d42a06
d42a06 
---
d42a06 
 heartbeat/aws-vpc-move-ip | 6 +++---
d42a06 
 1 file changed, 3 insertions(+), 3 deletions(-)
d42a06
d42a06 
diff --git a/heartbeat/aws-vpc-move-ip b/heartbeat/aws-vpc-move-ip
d42a06 
index 26ca6007d..af697adbe 100755
d42a06 
--- a/heartbeat/aws-vpc-move-ip
d42a06 
+++ b/heartbeat/aws-vpc-move-ip
d42a06 
@@ -159,14 +159,14 @@ END
d42a06 
 execute_cmd_as_role(){
d42a06 
 	cmd=$1
d42a06 
 	role=$2
d42a06 
-	output="$(aws sts assume-role --role-arn $role --role-session-name AWSCLI-RouteTableUpdate --profile $OCF_RESKEY_profile --output=text)"
d42a06 
+	output="$($OCF_RESKEY_awscli sts assume-role --role-arn $role --role-session-name AWSCLI-RouteTableUpdate --profile $OCF_RESKEY_profile --output=text)"
d42a06 
 	export AWS_ACCESS_KEY_ID="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $5}')"
d42a06 
 	export AWS_SECRET_ACCESS_KEY="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $7}')"
d42a06 
 	export AWS_SESSION_TOKEN="$(echo $output | awk -F" " '$4=="CREDENTIALS" {print $8}')"
d42a06
d42a06 
 	#Execute command
d42a06 
 	ocf_log debug "Assumed Role ${role}"
d42a06 
-	ocf_log debug "$(aws sts get-caller-identity)"
d42a06 
+	ocf_log debug "$($OCF_RESKEY_awscli sts get-caller-identity)"
d42a06 
 	ocf_log debug "executing command: $cmd"
d42a06 
 	response="$($cmd)"
d42a06 
 	unset output AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
d42a06 
@@ -181,7 +181,7 @@ ec2ip_set_address_param_compat(){
d42a06 
 }
d42a06
d42a06 
 ec2ip_validate() {
d42a06 
-	for cmd in aws ip curl; do
d42a06 
+	for cmd in $OCF_RESKEY_awscli ip curl; do
d42a06 
 		check_binary "$cmd"
d42a06 
 	done
d42a06
d42a06
d42a06 
From 20466ba91c21a489303774ac9a1f5f5fd7b86f12 Mon Sep 17 00:00:00 2001
d42a06 
From: Brandon Perkins <bperkins@redhat.com>
d42a06 
Date: Fri, 24 Apr 2020 18:20:17 -0400
d42a06 
Subject: [PATCH 2/4] - Replace aws command line with OCF_RESKEY_awscli
d42a06 
 property. - Add OCF_RESKEY_awscli and OCF_RESKEY_profile default variables. -
d42a06 
 Add awscli (Path to AWS CLI tools) parameter. - Remove required attribute on
d42a06 
 profile parameter. - Replace --profile $OCF_RESKEY_profile with
d42a06 
 AWS_PROFILE_OPT.
d42a06
d42a06 
---
d42a06 
 heartbeat/aws-vpc-route53.in | 71 ++++++++++++++++++++++--------------
d42a06 
 1 file changed, 43 insertions(+), 28 deletions(-)
d42a06
d42a06 
diff --git a/heartbeat/aws-vpc-route53.in b/heartbeat/aws-vpc-route53.in
d42a06 
index ca6556951..3042b345b 100644
d42a06 
--- a/heartbeat/aws-vpc-route53.in
d42a06 
+++ b/heartbeat/aws-vpc-route53.in
d42a06 
@@ -43,11 +43,16 @@
d42a06 
 : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat}
d42a06 
 . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs
d42a06
d42a06 
+# Defaults
d42a06 
+OCF_RESKEY_awscli_default="/usr/bin/aws"
d42a06 
+OCF_RESKEY_profile_default="default"
d42a06 
 OCF_RESKEY_hostedzoneid_default=""
d42a06 
 OCF_RESKEY_fullname_default=""
d42a06 
 OCF_RESKEY_ip_default="local"
d42a06 
 OCF_RESKEY_ttl_default=10
d42a06
d42a06 
+: ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}}
d42a06 
+: ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}}
d42a06 
 : ${OCF_RESKEY_hostedzoneid:=${OCF_RESKEY_hostedzoneid_default}}
d42a06 
 : ${OCF_RESKEY_fullname:=${OCF_RESKEY_fullname_default}}
d42a06 
 : ${OCF_RESKEY_ip:=${OCF_RESKEY_ip_default}}
d42a06 
@@ -103,7 +108,35 @@ primitive res_route53 ocf:heartbeat:aws-vpc-route53 \
d42a06 
 		meta target-role=Started
d42a06 
 </longdesc>
d42a06 
 <shortdesc lang="en">Update Route53 VPC record for AWS EC2</shortdesc>
d42a06 
+
d42a06 
 <parameters>
d42a06 
+<parameter name="awscli">
d42a06 
+<longdesc lang="en">
d42a06 
+Path to command line tools for AWS
d42a06 
+</longdesc>
d42a06 
+<shortdesc lang="en">Path to AWS CLI tools</shortdesc>
d42a06 
+<content type="string" default="${OCF_RESKEY_awscli_default}" />
d42a06 
+</parameter>
d42a06 
+
d42a06 
+<parameter name="profile">
d42a06 
+<longdesc lang="en">
d42a06 
+The name of the AWS CLI profile of the root account. This
d42a06 
+profile will have to use the "text" format for CLI output.
d42a06 
+The file /root/.aws/config should have an entry which looks
d42a06 
+like:
d42a06 
+
d42a06 
+  [profile cluster]
d42a06 
+	region = us-east-1
d42a06 
+	output = text
d42a06 
+
d42a06 
+"cluster" is the name which has to be used in the cluster
d42a06 
+configuration. The region has to be the current one. The
d42a06 
+output has to be "text".
d42a06 
+</longdesc>
d42a06 
+<shortdesc lang="en">AWS Profile Name</shortdesc>
d42a06 
+<content type="string" default="${OCF_RESKEY_profile_default}" />
d42a06 
+</parameter>
d42a06 
+
d42a06 
 <parameter name="hostedzoneid" required="1">
d42a06 
 <longdesc lang="en">
d42a06 
 Hosted zone ID of Route 53. This is the table of
d42a06 
@@ -112,6 +145,7 @@ the Route 53 record.
d42a06 
 <shortdesc lang="en">AWS hosted zone ID</shortdesc>
d42a06 
 <content type="string" default="${OCF_RESKEY_hostedzoneid_default}" />
d42a06 
 </parameter>
d42a06 
+
d42a06 
 <parameter name="fullname" required="1">
d42a06 
 <longdesc lang="en">
d42a06 
 The full name of the service which will host the IP address.
d42a06 
@@ -121,6 +155,7 @@ Note: The trailing dot is important to Route53!
d42a06 
 <shortdesc lang="en">Full service name</shortdesc>
d42a06 
 <content type="string" default="${OCF_RESKEY_fullname_default}" />
d42a06 
 </parameter>
d42a06 
+
d42a06 
 <parameter name="ip" required="0">
d42a06 
 <longdesc lang="en">
d42a06 
 IP (local (default), public or secondary private IP address (e.g. 10.0.0.1).
d42a06 
@@ -130,6 +165,7 @@ A secondary private IP can be setup with the awsvip agent.
d42a06 
 <shortdesc lang="en">Type of IP or secondary private IP address (local, public or e.g. 10.0.0.1)</shortdesc>
d42a06 
 <content type="string" default="${OCF_RESKEY_ip_default}" />
d42a06 
 </parameter>
d42a06 
+
d42a06 
 <parameter name="ttl" required="0">
d42a06 
 <longdesc lang="en">
d42a06 
 Time to live for Route53 ARECORD
d42a06 
@@ -137,25 +173,8 @@ Time to live for Route53 ARECORD
d42a06 
 <shortdesc lang="en">ARECORD TTL</shortdesc>
d42a06 
 <content type="string" default="${OCF_RESKEY_ttl_default}" />
d42a06 
 </parameter>
d42a06 
-<parameter name="profile" required="1">
d42a06 
-<longdesc lang="en">
d42a06 
-The name of the AWS CLI profile of the root account. This
d42a06 
-profile will have to use the "text" format for CLI output.
d42a06 
-The file /root/.aws/config should have an entry which looks
d42a06 
-like:
d42a06 
-
d42a06 
-  [profile cluster]
d42a06 
-	region = us-east-1
d42a06 
-	output = text
d42a06 
-
d42a06 
-"cluster" is the name which has to be used in the cluster
d42a06 
-configuration. The region has to be the current one. The
d42a06 
-output has to be "text".
d42a06 
-</longdesc>
d42a06 
-<shortdesc lang="en">AWS Profile Name</shortdesc>
d42a06 
-<content type="string" default="" />
d42a06 
-</parameter>
d42a06 
 </parameters>
d42a06 
+
d42a06 
 <actions>
d42a06 
 <action name="start" timeout="180s" />
d42a06 
 <action name="stop" timeout="180s" />
d42a06 
@@ -198,17 +217,13 @@ r53_validate() {
d42a06 
 	[[ -z "$OCF_RESKEY_ttl" ]] && ocf_log error "TTL not set $OCF_RESKEY_ttl!" && exit $OCF_ERR_CONFIGURED
d42a06
d42a06 
 	ocf_log debug "Testing aws command"
d42a06 
-	aws --version 2>&1
d42a06 
+	$OCF_RESKEY_awscli --version 2>&1
d42a06 
 	if [ "$?" -gt 0 ]; then
d42a06 
 		ocf_log error "Error while executing aws command as user root! Please check if AWS CLI tools (Python flavor) are properly installed and configured." && exit $OCF_ERR_INSTALLED
d42a06 
 	fi
d42a06 
 	ocf_log debug "ok"
d42a06
d42a06 
-	if [ -n "$OCF_RESKEY_profile" ]; then
d42a06 
-		AWS_PROFILE_OPT="--profile $OCF_RESKEY_profile --cli-connect-timeout 10"
d42a06 
-	else
d42a06 
-		AWS_PROFILE_OPT="--profile default --cli-connect-timeout 10"
d42a06 
-	fi
d42a06 
+	AWS_PROFILE_OPT="--profile $OCF_RESKEY_profile --cli-connect-timeout 10"
d42a06
d42a06 
 	return $OCF_SUCCESS
d42a06 
 }
d42a06 
@@ -261,7 +276,7 @@ r53_monitor() {
d42a06 
 	#
d42a06 
 	if [ "$__OCF_ACTION" = "start" ] || ocf_is_probe ; then
d42a06 
 		#
d42a06 
-		cmd="aws $AWS_PROFILE_OPT route53 list-resource-record-sets --hosted-zone-id $OCF_RESKEY_hostedzoneid --query ResourceRecordSets[?Name=='$OCF_RESKEY_fullname']"
d42a06 
+		cmd="$OCF_RESKEY_awscli $AWS_PROFILE_OPT route53 list-resource-record-sets --hosted-zone-id $OCF_RESKEY_hostedzoneid --query ResourceRecordSets[?Name=='$OCF_RESKEY_fullname']"
d42a06 
 		ocf_log info "Route53 Agent Starting or probing - executing monitoring API call: $cmd"
d42a06 
 		CLIRES="$($cmd 2>&1)"
d42a06 
 		rc=$?
d42a06 
@@ -293,7 +308,7 @@ r53_monitor() {
d42a06 
 		#
d42a06 
 		if  [[ ! $ARECORD =~ $IPREGEX ]] || [ $rc -ne 0 ]; then
d42a06 
 			ocf_log info "Fallback to Route53 API query due to DNS resolution failure"
d42a06 
-			cmd="aws $AWS_PROFILE_OPT route53 list-resource-record-sets --hosted-zone-id $OCF_RESKEY_hostedzoneid --query ResourceRecordSets[?Name=='$OCF_RESKEY_fullname']"
d42a06 
+			cmd="$OCF_RESKEY_awscli $AWS_PROFILE_OPT route53 list-resource-record-sets --hosted-zone-id $OCF_RESKEY_hostedzoneid --query ResourceRecordSets[?Name=='$OCF_RESKEY_fullname']"
d42a06 
 			ocf_log debug "executing monitoring API call: $cmd"
d42a06 
 			CLIRES="$($cmd 2>&1)"
d42a06 
 			rc=$?
d42a06 
@@ -372,7 +387,7 @@ _update_record() {
d42a06 
 		  ]
d42a06 
 	}
d42a06 
 	EOF
d42a06 
-	cmd="aws --profile $OCF_RESKEY_profile route53 change-resource-record-sets --hosted-zone-id $OCF_RESKEY_hostedzoneid --change-batch file://$ROUTE53RECORD "
d42a06 
+	cmd="$OCF_RESKEY_awscli $AWS_PROFILE_OPT route53 change-resource-record-sets --hosted-zone-id $OCF_RESKEY_hostedzoneid --change-batch file://$ROUTE53RECORD "
d42a06 
 	ocf_log debug "Executing command: $cmd"
d42a06 
 	CLIRES="$($cmd 2>&1)"
d42a06 
 	rc=$?
d42a06 
@@ -392,7 +407,7 @@ _update_record() {
d42a06 
 	MYSECONDS=20
d42a06 
 	while [ "$STATUS" = 'PENDING' ]; do
d42a06 
 		sleep $MYSECONDS
d42a06 
-		STATUS="$(aws --profile $OCF_RESKEY_profile route53 get-change --id $CHANGEID | grep CHANGEINFO | awk -F'\t' '{ print $4 }' |cut -d'"' -f 2 )"
d42a06 
+		STATUS="$($OCF_RESKEY_awscli $AWS_PROFILE_OPT route53 get-change --id $CHANGEID | grep CHANGEINFO | awk -F'\t' '{ print $4 }' |cut -d'"' -f 2 )"
d42a06 
 		ocf_log debug "Waited for $MYSECONDS seconds and checked execution of Route 53 update status: $STATUS "
d42a06 
 	done
d42a06 
 }
d42a06
d42a06 
From 113bee3ae17a8d610edc0e3879b56e96efbe8b31 Mon Sep 17 00:00:00 2001
d42a06 
From: Brandon Perkins <bperkins@redhat.com>
d42a06 
Date: Mon, 27 Apr 2020 11:08:27 -0400
d42a06 
Subject: [PATCH 3/4] Move AWS_PROFILE_OPT before the start/stop/etc and after
d42a06 
 the usage/meta-data case statements.
d42a06
d42a06 
---
d42a06 
 heartbeat/aws-vpc-route53.in | 7 +++++--
d42a06 
 1 file changed, 5 insertions(+), 2 deletions(-)
d42a06
d42a06 
diff --git a/heartbeat/aws-vpc-route53.in b/heartbeat/aws-vpc-route53.in
d42a06 
index 3042b345b..ee4f8afcb 100644
d42a06 
--- a/heartbeat/aws-vpc-route53.in
d42a06 
+++ b/heartbeat/aws-vpc-route53.in
d42a06 
@@ -223,8 +223,6 @@ r53_validate() {
d42a06 
 	fi
d42a06 
 	ocf_log debug "ok"
d42a06
d42a06 
-	AWS_PROFILE_OPT="--profile $OCF_RESKEY_profile --cli-connect-timeout 10"
d42a06 
-
d42a06 
 	return $OCF_SUCCESS
d42a06 
 }
d42a06
d42a06 
@@ -423,6 +421,11 @@ case $__OCF_ACTION in
d42a06 
 		metadata
d42a06 
 		exit $OCF_SUCCESS
d42a06 
 		;;
d42a06 
+esac
d42a06 
+
d42a06 
+AWS_PROFILE_OPT="--profile $OCF_RESKEY_profile --cli-connect-timeout 10"
d42a06 
+
d42a06 
+case $__OCF_ACTION in
d42a06 
 	start)
d42a06 
 		r53_validate || exit $?
d42a06 
 		r53_start
d42a06
d42a06 
From 8f46c90a73731be0c8f99adcd718f7cfc2d52002 Mon Sep 17 00:00:00 2001
d42a06 
From: Brandon Perkins <bperkins@redhat.com>
d42a06 
Date: Mon, 27 Apr 2020 11:54:22 -0400
d42a06 
Subject: [PATCH 4/4] Move AWS_PROFILE_OPT before functions and after
d42a06 
 initialization.
d42a06
d42a06 
---
d42a06 
 heartbeat/aws-vpc-route53.in | 10 +++++-----
d42a06 
 1 file changed, 5 insertions(+), 5 deletions(-)
d42a06
d42a06 
diff --git a/heartbeat/aws-vpc-route53.in b/heartbeat/aws-vpc-route53.in
d42a06 
index ee4f8afcb..b06b93726 100644
d42a06 
--- a/heartbeat/aws-vpc-route53.in
d42a06 
+++ b/heartbeat/aws-vpc-route53.in
d42a06 
@@ -37,6 +37,7 @@
d42a06 
 #
d42a06 
 # Mar. 15, 2017, vers 1.0.2
d42a06
d42a06 
+
d42a06 
 #######################################################################
d42a06 
 # Initialization:
d42a06
d42a06 
@@ -57,9 +58,13 @@ OCF_RESKEY_ttl_default=10
d42a06 
 : ${OCF_RESKEY_fullname:=${OCF_RESKEY_fullname_default}}
d42a06 
 : ${OCF_RESKEY_ip:=${OCF_RESKEY_ip_default}}
d42a06 
 : ${OCF_RESKEY_ttl:=${OCF_RESKEY_ttl_default}}
d42a06 
+#######################################################################
d42a06 
+
d42a06
d42a06 
+AWS_PROFILE_OPT="--profile $OCF_RESKEY_profile --cli-connect-timeout 10"
d42a06 
 #######################################################################
d42a06
d42a06 
+
d42a06 
 usage() {
d42a06 
 	cat <<-EOT
d42a06 
 	usage: $0 {start|stop|status|monitor|validate-all|meta-data}
d42a06 
@@ -421,11 +426,6 @@ case $__OCF_ACTION in
d42a06 
 		metadata
d42a06 
 		exit $OCF_SUCCESS
d42a06 
 		;;
d42a06 
-esac
d42a06 
-
d42a06 
-AWS_PROFILE_OPT="--profile $OCF_RESKEY_profile --cli-connect-timeout 10"
d42a06 
-
d42a06 
-case $__OCF_ACTION in
d42a06 
 	start)
d42a06 
 		r53_validate || exit $?
d42a06 
 		r53_start

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation