#!/bin/sh # # # Manage Secondary Private IP with Pacemaker # # # Copyright 2016-2018 guessi # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # # # Prerequisites: # # - preconfigured AWS CLI running environment (AccessKey, SecretAccessKey, etc.) or # (AWSRole) Setup up relevant AWS Policies to allow agent related functions to be executed. # - a reserved secondary private IP address for EC2 instances high availablity # - IAM user role with the following permissions: # * DescribeInstances # * AssignPrivateIpAddresses # * UnassignPrivateIpAddresses # ####################################################################### # Initialization: : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs ####################################################################### # # Defaults # OCF_RESKEY_awscli_default="/usr/bin/aws" OCF_RESKEY_auth_type_default="key" OCF_RESKEY_profile_default="default" OCF_RESKEY_region_default="" OCF_RESKEY_api_delay_default="3" OCF_RESKEY_curl_retries_default="3" OCF_RESKEY_curl_sleep_default="1" : ${OCF_RESKEY_awscli=${OCF_RESKEY_awscli_default}} : ${OCF_RESKEY_auth_type=${OCF_RESKEY_auth_type_default}} : ${OCF_RESKEY_profile=${OCF_RESKEY_profile_default}} : ${OCF_RESKEY_region=${OCF_RESKEY_region_default}} : ${OCF_RESKEY_api_delay=${OCF_RESKEY_api_delay_default}} : ${OCF_RESKEY_curl_retries=${OCF_RESKEY_curl_retries_default}} : ${OCF_RESKEY_curl_sleep=${OCF_RESKEY_curl_sleep_default}} meta_data() { cat < 1.0 Resource Agent for Amazon AWS Secondary Private IP Addresses. It manages AWS Secondary Private IP Addresses with awscli. Credentials needs to be setup by running "aws configure", or by using AWS Policies. See https://aws.amazon.com/cli/ for more information about awscli. Amazon AWS Secondary Private IP Address Resource Agent command line tools for aws services aws cli tools Authentication type "key" for AccessKey and SecretAccessKey set via "aws configure", or "role" to use AWS Policies. Authentication type Valid AWS CLI profile name (see ~/.aws/config and 'aws configure') profile name reserved secondary private ip for ec2 instance reserved secondary private ip for ec2 instance Region for AWS resource (required for role-based authentication) Region a short delay between API calls, to avoid sending API too quick a short delay between API calls curl retries before failing curl retries curl sleep between tries curl sleep END } ####################################################################### awsvip_usage() { cat <