cookbook 'aws_ipsec_monitor', '~> 1.0.0', :supermarket
aws_ipsec_monitor (2) Versions 1.0.0 Follow0
Installs/Configures aws_ipsec_monitor
cookbook 'aws_ipsec_monitor', '~> 1.0.0'
knife supermarket install aws_ipsec_monitor
knife supermarket download aws_ipsec_monitor
aws_ipsec_monitor Cookbook
Creates an IPSec monitoring server specific to AWS VPC
Monitors one active and one failover IPSec node with a remote tunnel endpoint.
Requirements
- VPC with at least one subnet to be routed
- EIP for pair of IPSec instances
- Two IPSec instances, built via Chef with some defined IPSec Chef role assigned to each
- Monitor server will require IAM role with permissions necessary to stop/start instances, modify routing tables, and move an EIP
- Must define a region attribute via recipe or on the node itself.
Attributes
default["aws_ipsec_monitor"]["cli_extract_dir"] = "/usr/local/ec2"
default["aws_ipsec_monitor"]["dir"] = "/usr/local/bin"
#The tag assigned to the two local IPSec servers
default["aws_ipsec_monitor"]["ipsec_tag"] = "ipsec_tunnel"
#EC2 (VPC) specific attributes that must be defined via role.
# The ID of the route tables for which VPC will direct remote subnet traffic
default["aws_ipsec_monitor"]["route_ids"] = []
#The local Elastic IP to be managed for the pair of IPSec servers
default["aws_ipsec_monitor"]["eip_id"] = nil
#The remote Elastic IP to which the local IPSec instances are connecting
default["aws_ipsec_monitor"]["remote_eip"] = nil
#A remote internal IP to ping for health checking the tunnel.
# If you have a failover pair on the remote end, DON'T use one of the instance
# IPs as a failure on the remote will cause a local failure
default["aws_ipsec_monitor"]["remote_ip"] = nil
#Remote subnets that we have VPC routing entries. These need to line up exactly.
default["aws_ipsec_monitor"]["remote_subnets"] = []
#How many time to ping the remote endpoint
default["aws_ipsec_monitor"]["num_pings"] = 20
default["aws_ipsec_monitor"]["ping_timeout"] = 3
#How long between each iteration of pings
default["aws_ipsec_monitor"]["wait_between_pings"] = 30
#How long to wait for a failed instance to be stopped
default["aws_ipsec_monitor"]["wait_for_instance_stop"] = 60
#How long to wait for a failed instance to be started
default["aws_ipsec_monitor"]["wait_for_instance_start"] = 300
Usage
aws_ipsec_monitor::default
Create a role with the following attributes. Do yourself a favor and have IPSec, Elastic IPs, routing tables all set up before defining the role.
Requires exactly two nodes to be tagged with the value of node["aws_ipsec_monitor"]["ipsec_tag"] attribute
name "ipsec_monitor"
description "The IPSec tunnel monitor for our VPC"
run_list(
"recipe[aws_ipsec_monitor]"
)
default_attributes({
"aws_ipsec_monitor" => {
"route_ids" => [ "rtb-xxxxxxxx", "rtb-xxxxxxxx" ],
"eip_id" => "eipalloc-xxxxxxxx",
"remote_eip" => "xx.xx.xx.xx",
"remote_ip" => "10.0.5.5",
"remote_subnets" => [ "10.0.0.0/16" ]
}
})
License and Authors
Authors: Matt Williams
Dependent cookbooks
This cookbook has no specified dependencies.
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
Collaborator Number Metric
1.0.0 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
1.0.0 failed this metric
FC064: Ensure issues_url is set in metadata: aws_ipsec_monitor/metadata.rb:1
FC065: Ensure source_url is set in metadata: aws_ipsec_monitor/metadata.rb:1
FC066: Ensure chef_version is set in metadata: aws_ipsec_monitor/metadata.rb:1
FC067: Ensure at least one platform supported in metadata: aws_ipsec_monitor/metadata.rb:1
FC069: Ensure standardized license defined in metadata: aws_ipsec_monitor/metadata.rb:1
Run with Foodcritic Version 14.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
No Binaries Metric
1.0.0 passed this metric
Publish Metric
1.0.0 passed this metric
Supported Platforms Metric
1.0.0 failed this metric
aws_ipsec_monitor should declare what platform(s) it supports.
Testing File Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
1.0.0 failed this metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
1.0.0 failed this metric
FC064: Ensure issues_url is set in metadata: aws_ipsec_monitor/metadata.rb:1
FC065: Ensure source_url is set in metadata: aws_ipsec_monitor/metadata.rb:1
FC066: Ensure chef_version is set in metadata: aws_ipsec_monitor/metadata.rb:1
FC067: Ensure at least one platform supported in metadata: aws_ipsec_monitor/metadata.rb:1
FC069: Ensure standardized license defined in metadata: aws_ipsec_monitor/metadata.rb:1
Run with Foodcritic Version 14.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
No Binaries Metric
1.0.0 passed this metric
Publish Metric
1.0.0 passed this metric
Supported Platforms Metric
1.0.0 failed this metric
aws_ipsec_monitor should declare what platform(s) it supports.
Testing File Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
1.0.0 failed this metric
FC065: Ensure source_url is set in metadata: aws_ipsec_monitor/metadata.rb:1
FC066: Ensure chef_version is set in metadata: aws_ipsec_monitor/metadata.rb:1
FC067: Ensure at least one platform supported in metadata: aws_ipsec_monitor/metadata.rb:1
FC069: Ensure standardized license defined in metadata: aws_ipsec_monitor/metadata.rb:1
Run with Foodcritic Version 14.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
1.0.0 passed this metric
Publish Metric
1.0.0 passed this metric
Supported Platforms Metric
1.0.0 failed this metric
aws_ipsec_monitor should declare what platform(s) it supports.
Testing File Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
1.0.0 passed this metric
1.0.0 failed this metric
aws_ipsec_monitor should declare what platform(s) it supports.
Testing File Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
1.0.0 failed this metric
1.0.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number