Bug fixes, and improvements.
This includes a bug fix found in the ipv6 agent for AWS SG's, along with better IPv6 detection to get the current active source IPv6 address.
This commit is contained in:
parent
744be856b0
commit
402420472e
3 changed files with 40 additions and 29 deletions
|
@ -15,19 +15,24 @@ if [[ -z "$agent_aws_sg_id" ]]; then
|
|||
exit 99
|
||||
fi
|
||||
|
||||
if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
|
||||
if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
|
||||
logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
|
||||
exit 99
|
||||
elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
|
||||
logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
|
||||
exit 99
|
||||
else
|
||||
export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
|
||||
export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
|
||||
fi
|
||||
else
|
||||
logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
|
||||
#if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
|
||||
# if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
|
||||
# logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
|
||||
# exit 99
|
||||
# elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
|
||||
# logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
|
||||
# exit 99
|
||||
# else
|
||||
# export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
|
||||
# export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
|
||||
# fi
|
||||
#else
|
||||
# logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
|
||||
# exit 99
|
||||
#fi
|
||||
|
||||
if [[ -z "$AWS_ACCESS_KEY_ID" || -z "$AWS_SECRET_ACCESS_KEY" || -z "$AWS_DEFAULT_REGION" ]]; then
|
||||
echo "ERROR: AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY need to be set"
|
||||
exit 99
|
||||
fi
|
||||
|
||||
|
@ -57,7 +62,7 @@ if valid_ipv6 "$DIP_CUR_IP"; then
|
|||
log "No changes required."
|
||||
else
|
||||
log "Updating Security Group IPv6"
|
||||
aws ec2 revoke-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${existingprefix}\"}]}]"
|
||||
aws ec2 authorize-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${currentprefix}\"}]}]"
|
||||
aws ec2 revoke-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${existingprefix}\"}]}]"
|
||||
aws ec2 authorize-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${currentprefix}\"}]}]"
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -17,19 +17,24 @@ if [[ -z "$agent_update_dns_r53_id" ]]; then
|
|||
exit 99
|
||||
fi
|
||||
|
||||
if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
|
||||
if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
|
||||
logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
|
||||
exit 99
|
||||
elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
|
||||
logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
|
||||
exit 99
|
||||
else
|
||||
export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
|
||||
export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
|
||||
fi
|
||||
else
|
||||
logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
|
||||
#if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
|
||||
# if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
|
||||
# logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
|
||||
# exit 99
|
||||
# elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
|
||||
# logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
|
||||
# exit 99
|
||||
# else
|
||||
# export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
|
||||
# export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
|
||||
# fi
|
||||
#else
|
||||
# logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
|
||||
# exit 99
|
||||
#fi
|
||||
|
||||
if [[ -z "$AWS_ACCESS_KEY_ID" || -z "$AWS_SECRET_ACCESS_KEY" ]]; then
|
||||
echo "ERROR: AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY need to be set"
|
||||
exit 99
|
||||
fi
|
||||
|
||||
|
|
|
@ -113,7 +113,8 @@ getIPv4() {
|
|||
getIPv6() {
|
||||
local result
|
||||
|
||||
result=$(/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^fe80) || return 1
|
||||
#result=$(/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^fe80) || return 1
|
||||
result=$(ip -6 route get to 2001:4860:4860::8888 | sed 's/^.*src \([^ ]*\).*$/\1/;q') || return 1
|
||||
|
||||
if valid_ipv6 "$result"; then
|
||||
echo "$result"
|
||||
|
|
Loading…
Reference in a new issue