From 1bd1d30ad1eb3e488bde5c01252cf7049b8e3f12 Mon Sep 17 00:00:00 2001 From: olgami Date: Wed, 10 Apr 2024 11:24:26 +0300 Subject: [PATCH 1/3] Added support to deploy GCP HA without public IPs --- .../ha-byol/check-point-cluster--byol.py | 92 +++++++++++-------- .../check-point-cluster--byol.py.schema | 3 + gcp/deployment-packages/ha-byol/config.yaml | 1 + .../ha-payg/check-point-cluster--payg.py | 92 +++++++++++-------- .../check-point-cluster--payg.py.schema | 3 + gcp/deployment-packages/ha-payg/config.yaml | 1 + 6 files changed, 114 insertions(+), 78 deletions(-) diff --git a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py index 1fc434fd..28fdc64a 100755 --- a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py +++ b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py @@ -31,6 +31,8 @@ MGMT_NIC = 1 +NO_PUBLIC_IP = 'no-public-ip' + startup_script = ''' #cloud-config runcmd: @@ -149,39 +151,44 @@ def make_static_address(prop, name): return address -def create_external_addresses(prop, resources, member_a_nics, member_b_nics): - member_a_address_name = common.set_name_and_truncate( - prop['deployment'], '-member-a-address') - member_b_address_name = common.set_name_and_truncate( - prop['deployment'], '-member-b-address') +def create_external_addresses_if_needed( + prop, resources, member_a_nics, member_b_nics): + if prop['deployWithoutPublicIPs']: + prop['primary_cluster_address_name'] = NO_PUBLIC_IP + prop['secondary_cluster_address_name'] = NO_PUBLIC_IP + else: + member_a_address_name = common.set_name_and_truncate( + prop['deployment'], '-member-a-address') + member_b_address_name = common.set_name_and_truncate( + prop['deployment'], '-member-b-address') - prop['member_a_address_name'] = member_a_address_name - prop['member_b_address_name'] = member_b_address_name + prop['member_a_address_name'] = member_a_address_name + prop['member_b_address_name'] = member_b_address_name - member_a_address = make_static_address(prop, member_a_address_name) - member_b_address = make_static_address(prop, member_b_address_name) + member_a_address = make_static_address(prop, member_a_address_name) + member_b_address = make_static_address(prop, member_b_address_name) - resources += [member_a_address, member_b_address] + resources += [member_a_address, member_b_address] - member_a_nics[MGMT_NIC]['accessConfigs'] = [make_access_config( - '$(ref.{}.address)'.format(member_a_address_name))] - member_b_nics[MGMT_NIC]['accessConfigs'] = [make_access_config( - '$(ref.{}.address)'.format(member_b_address_name))] + member_a_nics[MGMT_NIC]['accessConfigs'] = [make_access_config( + '$(ref.{}.address)'.format(member_a_address_name))] + member_b_nics[MGMT_NIC]['accessConfigs'] = [make_access_config( + '$(ref.{}.address)'.format(member_b_address_name))] - primary_cluster_address_name = common.set_name_and_truncate( - prop['deployment'], '-primary-cluster-address') - secondary_cluster_address_name = common.set_name_and_truncate( - prop['deployment'], '-secondary-cluster-address') + primary_cluster_address_name = common.set_name_and_truncate( + prop['deployment'], '-primary-cluster-address') + secondary_cluster_address_name = common.set_name_and_truncate( + prop['deployment'], '-secondary-cluster-address') - primary_cluster_address = make_static_address( - prop, primary_cluster_address_name) - secondary_cluster_address = make_static_address( - prop, secondary_cluster_address_name) + primary_cluster_address = make_static_address( + prop, primary_cluster_address_name) + secondary_cluster_address = make_static_address( + prop, secondary_cluster_address_name) - resources += [primary_cluster_address, secondary_cluster_address] + resources += [primary_cluster_address, secondary_cluster_address] - prop['primary_cluster_address_name'] = primary_cluster_address_name - prop['secondary_cluster_address_name'] = secondary_cluster_address_name + prop['primary_cluster_address_name'] = primary_cluster_address_name + prop['secondary_cluster_address_name'] = secondary_cluster_address_name def make_nic(prop, net_name, subnet_name): @@ -412,7 +419,8 @@ def generate_config(context): member_b_nics = copy.deepcopy(member_a_nics) - create_external_addresses(prop, resources, member_a_nics, member_b_nics) + create_external_addresses_if_needed( + prop, resources, member_a_nics, member_b_nics) member_a_name = common.set_name_and_truncate( prop['deployment'], '-member-a') @@ -442,19 +450,10 @@ def generate_config(context): 'name': 'project', 'value': prop['project'] }, - { - 'name': 'clusterIP', - 'value': '$(ref.{}.address)'.format( - prop['primary_cluster_address_name']) - }, { 'name': 'vmAName', 'value': member_a_name, }, - { - 'name': 'vmAExternalIP', - 'value': '$(ref.{}.address)'.format(prop['member_a_address_name']) - }, { 'name': 'vmASelfLink', 'value': '$(ref.{}.selfLink)'.format(member_a_name), @@ -463,10 +462,6 @@ def generate_config(context): 'name': 'vmBName', 'value': member_b_name, }, - { - 'name': 'vmBExternalIP', - 'value': '$(ref.{}.address)'.format(prop['member_b_address_name']) - }, { 'name': 'vmBSelfLink', 'value': '$(ref.{}.selfLink)'.format(member_b_name), @@ -477,4 +472,23 @@ def generate_config(context): } ] + if not prop['deployWithoutPublicIPs']: + outputs += [ + { + 'name': 'clusterIP', + 'value': '$(ref.{}.address)'.format( + prop['primary_cluster_address_name']) + }, + { + 'name': 'vmAExternalIP', + 'value': '$(ref.{}.address)'.format( + prop['member_a_address_name']) + }, + { + 'name': 'vmBExternalIP', + 'value': '$(ref.{}.address)'.format( + prop['member_b_address_name']) + } + ] + return common.MakeResource(resources, outputs) diff --git a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema index 477ca252..a9e28781 100755 --- a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema +++ b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema @@ -39,6 +39,9 @@ properties: gceMachineType: minCpu: 2 minRamGb: 1.843000054359436 + deployWithoutPublicIPs: + type: boolean + default: False instanceSSHKey: type: string pattern: ^([0-9a-z\-]+ +[0-9A-Za-z/\+=]+( .*)?|)$ diff --git a/gcp/deployment-packages/ha-byol/config.yaml b/gcp/deployment-packages/ha-byol/config.yaml index 16c4a3b9..06084868 100644 --- a/gcp/deployment-packages/ha-byol/config.yaml +++ b/gcp/deployment-packages/ha-byol/config.yaml @@ -25,6 +25,7 @@ resources: generatePassword: "PLEASE ENTER true or false" allowUploadDownload: "PLEASE ENTER true or false" shell: "PLEASE ENTER A SHELL" + deployWithoutPublicIPs: "PLEASE ENTER true or false" cluster-network-cidr: "PLEASE ENTER CLUSTER NETWORK CIDR" cluster-network-name: "PLEASE ENTER CLUSTER NETWORK ID" cluster-network-subnetwork-name: "PLEASE ENTER CLUSTER SUBNETWORK ID" diff --git a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py index 20afe462..c3f454b9 100755 --- a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py +++ b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py @@ -31,6 +31,8 @@ MGMT_NIC = 1 +NO_PUBLIC_IP = 'no-public-ip' + startup_script = ''' #cloud-config runcmd: @@ -149,39 +151,44 @@ def make_static_address(prop, name): return address -def create_external_addresses(prop, resources, member_a_nics, member_b_nics): - member_a_address_name = common.set_name_and_truncate( - prop['deployment'], '-member-a-address') - member_b_address_name = common.set_name_and_truncate( - prop['deployment'], '-member-b-address') +def create_external_addresses_if_needed( + prop, resources, member_a_nics, member_b_nics): + if prop['deployWithoutPublicIPs']: + prop['primary_cluster_address_name'] = NO_PUBLIC_IP + prop['secondary_cluster_address_name'] = NO_PUBLIC_IP + else: + member_a_address_name = common.set_name_and_truncate( + prop['deployment'], '-member-a-address') + member_b_address_name = common.set_name_and_truncate( + prop['deployment'], '-member-b-address') - prop['member_a_address_name'] = member_a_address_name - prop['member_b_address_name'] = member_b_address_name + prop['member_a_address_name'] = member_a_address_name + prop['member_b_address_name'] = member_b_address_name - member_a_address = make_static_address(prop, member_a_address_name) - member_b_address = make_static_address(prop, member_b_address_name) + member_a_address = make_static_address(prop, member_a_address_name) + member_b_address = make_static_address(prop, member_b_address_name) - resources += [member_a_address, member_b_address] + resources += [member_a_address, member_b_address] - member_a_nics[MGMT_NIC]['accessConfigs'] = [make_access_config( - '$(ref.{}.address)'.format(member_a_address_name))] - member_b_nics[MGMT_NIC]['accessConfigs'] = [make_access_config( - '$(ref.{}.address)'.format(member_b_address_name))] + member_a_nics[MGMT_NIC]['accessConfigs'] = [make_access_config( + '$(ref.{}.address)'.format(member_a_address_name))] + member_b_nics[MGMT_NIC]['accessConfigs'] = [make_access_config( + '$(ref.{}.address)'.format(member_b_address_name))] - primary_cluster_address_name = common.set_name_and_truncate( - prop['deployment'], '-primary-cluster-address') - secondary_cluster_address_name = common.set_name_and_truncate( - prop['deployment'], '-secondary-cluster-address') + primary_cluster_address_name = common.set_name_and_truncate( + prop['deployment'], '-primary-cluster-address') + secondary_cluster_address_name = common.set_name_and_truncate( + prop['deployment'], '-secondary-cluster-address') - primary_cluster_address = make_static_address( - prop, primary_cluster_address_name) - secondary_cluster_address = make_static_address( - prop, secondary_cluster_address_name) + primary_cluster_address = make_static_address( + prop, primary_cluster_address_name) + secondary_cluster_address = make_static_address( + prop, secondary_cluster_address_name) - resources += [primary_cluster_address, secondary_cluster_address] + resources += [primary_cluster_address, secondary_cluster_address] - prop['primary_cluster_address_name'] = primary_cluster_address_name - prop['secondary_cluster_address_name'] = secondary_cluster_address_name + prop['primary_cluster_address_name'] = primary_cluster_address_name + prop['secondary_cluster_address_name'] = secondary_cluster_address_name def make_nic(prop, net_name, subnet_name): @@ -412,7 +419,8 @@ def generate_config(context): member_b_nics = copy.deepcopy(member_a_nics) - create_external_addresses(prop, resources, member_a_nics, member_b_nics) + create_external_addresses_if_needed( + prop, resources, member_a_nics, member_b_nics) member_a_name = common.set_name_and_truncate( prop['deployment'], '-member-a') @@ -442,19 +450,10 @@ def generate_config(context): 'name': 'project', 'value': prop['project'] }, - { - 'name': 'clusterIP', - 'value': '$(ref.{}.address)'.format( - prop['primary_cluster_address_name']) - }, { 'name': 'vmAName', 'value': member_a_name, }, - { - 'name': 'vmAExternalIP', - 'value': '$(ref.{}.address)'.format(prop['member_a_address_name']) - }, { 'name': 'vmASelfLink', 'value': '$(ref.{}.selfLink)'.format(member_a_name), @@ -463,10 +462,6 @@ def generate_config(context): 'name': 'vmBName', 'value': member_b_name, }, - { - 'name': 'vmBExternalIP', - 'value': '$(ref.{}.address)'.format(prop['member_b_address_name']) - }, { 'name': 'vmBSelfLink', 'value': '$(ref.{}.selfLink)'.format(member_b_name), @@ -477,4 +472,23 @@ def generate_config(context): } ] + if not prop['deployWithoutPublicIPs']: + outputs += [ + { + 'name': 'clusterIP', + 'value': '$(ref.{}.address)'.format( + prop['primary_cluster_address_name']) + }, + { + 'name': 'vmAExternalIP', + 'value': '$(ref.{}.address)'.format( + prop['member_a_address_name']) + }, + { + 'name': 'vmBExternalIP', + 'value': '$(ref.{}.address)'.format( + prop['member_b_address_name']) + } + ] + return common.MakeResource(resources, outputs) diff --git a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema index ce314af2..9a3efd6c 100755 --- a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema +++ b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema @@ -39,6 +39,9 @@ properties: gceMachineType: minCpu: 2 minRamGb: 1.843000054359436 + deployWithoutPublicIPs: + type: boolean + default: False instanceSSHKey: type: string pattern: ^([0-9a-z\-]+ +[0-9A-Za-z/\+=]+( .*)?|)$ diff --git a/gcp/deployment-packages/ha-payg/config.yaml b/gcp/deployment-packages/ha-payg/config.yaml index 1aa1aab3..8a0b095f 100644 --- a/gcp/deployment-packages/ha-payg/config.yaml +++ b/gcp/deployment-packages/ha-payg/config.yaml @@ -25,6 +25,7 @@ resources: generatePassword: "PLEASE ENTER true or false" allowUploadDownload: "PLEASE ENTER true or false" shell: "PLEASE ENTER A SHELL" + deployWithoutPublicIPs: "PLEASE ENTER true or false" cluster-network-cidr: "PLEASE ENTER CLUSTER NETWORK CIDR" cluster-network-name: "PLEASE ENTER CLUSTER NETWORK ID" cluster-network-subnetwork-name: "PLEASE ENTER CLUSTER SUBNETWORK ID" From 96d11a89d7bbb9dc871df877f05d435b4e4a483b Mon Sep 17 00:00:00 2001 From: olgami Date: Wed, 10 Apr 2024 13:15:56 +0300 Subject: [PATCH 2/3] Updated readme --- gcp/deployment-packages/ha-byol/README.md | 3 +++ gcp/deployment-packages/ha-payg/README.md | 3 +++ 2 files changed, 6 insertions(+) diff --git a/gcp/deployment-packages/ha-byol/README.md b/gcp/deployment-packages/ha-byol/README.md index f37d3b7d..c48b090c 100644 --- a/gcp/deployment-packages/ha-byol/README.md +++ b/gcp/deployment-packages/ha-byol/README.md @@ -117,6 +117,8 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke | | | | | | | **shell** | Admin shell | string | /etc/cli.sh;
/bin/bash;
/bin/csh;
/bin/tcsh;
| | | | | | | +| **deployWithoutPublicIPs** | Deploy HA without public IPs | boolean | true;
false; | +| | | | | | | **instanceSSHKey** | Public SSH key for the user 'admin' | string | A valid public ssh key | | | | | | | | **smart1CloudTokenA** | Smart-1 Cloud token to connect ***member A*** to Check Point's Security Management as a Service.

Follow these instructions to quickly connect this member to Smart-1 Cloud - [SK180501](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk180501) | string | A valid token copied from the Connect Gateway screen in Smart-1 Cloud portal.| @@ -149,6 +151,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke generatePassword: false allowUploadDownload: false shell: "/bin/bash" + deployWithoutPublicIPs: true cluster-network-cidr: "10.0.1.0/24" cluster-network-name: "external-vpc" cluster-network-subnetwork-name: "frontend" diff --git a/gcp/deployment-packages/ha-payg/README.md b/gcp/deployment-packages/ha-payg/README.md index 686c236c..31ba108a 100644 --- a/gcp/deployment-packages/ha-payg/README.md +++ b/gcp/deployment-packages/ha-payg/README.md @@ -117,6 +117,8 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke | | | | | | | **shell** | Admin shell | string | /etc/cli.sh;
/bin/bash;
/bin/csh;
/bin/tcsh;
| | | | | | | +| **deployWithoutPublicIPs** | Deploy HA without public IPs | boolean | true;
false; | +| | | | | | | **instanceSSHKey** | Public SSH key for the user 'admin' | string | A valid public ssh key | | | | | | | | **smart1CloudTokenA** | Smart-1 Cloud token to connect ***member A*** to Check Point's Security Management as a Service.

Follow these instructions to quickly connect this member to Smart-1 Cloud - [SK180501](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk180501) | string | A valid token copied from the Connect Gateway screen in Smart-1 Cloud portal.| @@ -149,6 +151,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke generatePassword: false allowUploadDownload: false shell: "/bin/bash" + deployWithoutPublicIPs: true cluster-network-cidr: "10.0.1.0/24" cluster-network-name: "external-vpc" cluster-network-subnetwork-name: "frontend" From c819e6fc51d073b5975751a9c0e315694ab4ab3b Mon Sep 17 00:00:00 2001 From: olgami Date: Wed, 10 Apr 2024 16:13:15 +0300 Subject: [PATCH 3/3] Updated deployWithPublicIPs property --- gcp/deployment-packages/ha-byol/README.md | 4 ++-- gcp/deployment-packages/ha-byol/check-point-cluster--byol.py | 4 ++-- .../ha-byol/check-point-cluster--byol.py.schema | 4 ++-- gcp/deployment-packages/ha-byol/config.yaml | 2 +- gcp/deployment-packages/ha-payg/README.md | 4 ++-- gcp/deployment-packages/ha-payg/check-point-cluster--payg.py | 4 ++-- .../ha-payg/check-point-cluster--payg.py.schema | 4 ++-- gcp/deployment-packages/ha-payg/config.yaml | 2 +- 8 files changed, 14 insertions(+), 14 deletions(-) diff --git a/gcp/deployment-packages/ha-byol/README.md b/gcp/deployment-packages/ha-byol/README.md index c48b090c..f915c4b4 100644 --- a/gcp/deployment-packages/ha-byol/README.md +++ b/gcp/deployment-packages/ha-byol/README.md @@ -117,7 +117,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke | | | | | | | **shell** | Admin shell | string | /etc/cli.sh;
/bin/bash;
/bin/csh;
/bin/tcsh;
| | | | | | | -| **deployWithoutPublicIPs** | Deploy HA without public IPs | boolean | true;
false; | +| **deployWithPublicIPs** | Deploy HA with public IPs | boolean | true;
false; | | | | | | | | **instanceSSHKey** | Public SSH key for the user 'admin' | string | A valid public ssh key | | | | | | | @@ -151,7 +151,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke generatePassword: false allowUploadDownload: false shell: "/bin/bash" - deployWithoutPublicIPs: true + deployWithPublicIPs: true cluster-network-cidr: "10.0.1.0/24" cluster-network-name: "external-vpc" cluster-network-subnetwork-name: "frontend" diff --git a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py index 28fdc64a..61a2e521 100755 --- a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py +++ b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py @@ -153,7 +153,7 @@ def make_static_address(prop, name): def create_external_addresses_if_needed( prop, resources, member_a_nics, member_b_nics): - if prop['deployWithoutPublicIPs']: + if not prop['deployWithPublicIPs']: prop['primary_cluster_address_name'] = NO_PUBLIC_IP prop['secondary_cluster_address_name'] = NO_PUBLIC_IP else: @@ -472,7 +472,7 @@ def generate_config(context): } ] - if not prop['deployWithoutPublicIPs']: + if prop['deployWithPublicIPs']: outputs += [ { 'name': 'clusterIP', diff --git a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema index a9e28781..fcc01058 100755 --- a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema +++ b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema @@ -39,9 +39,9 @@ properties: gceMachineType: minCpu: 2 minRamGb: 1.843000054359436 - deployWithoutPublicIPs: + deployWithPublicIPs: type: boolean - default: False + default: True instanceSSHKey: type: string pattern: ^([0-9a-z\-]+ +[0-9A-Za-z/\+=]+( .*)?|)$ diff --git a/gcp/deployment-packages/ha-byol/config.yaml b/gcp/deployment-packages/ha-byol/config.yaml index 06084868..e8012a71 100644 --- a/gcp/deployment-packages/ha-byol/config.yaml +++ b/gcp/deployment-packages/ha-byol/config.yaml @@ -25,7 +25,7 @@ resources: generatePassword: "PLEASE ENTER true or false" allowUploadDownload: "PLEASE ENTER true or false" shell: "PLEASE ENTER A SHELL" - deployWithoutPublicIPs: "PLEASE ENTER true or false" + deployWithPublicIPs: "PLEASE ENTER true or false" cluster-network-cidr: "PLEASE ENTER CLUSTER NETWORK CIDR" cluster-network-name: "PLEASE ENTER CLUSTER NETWORK ID" cluster-network-subnetwork-name: "PLEASE ENTER CLUSTER SUBNETWORK ID" diff --git a/gcp/deployment-packages/ha-payg/README.md b/gcp/deployment-packages/ha-payg/README.md index 31ba108a..4f8405cd 100644 --- a/gcp/deployment-packages/ha-payg/README.md +++ b/gcp/deployment-packages/ha-payg/README.md @@ -117,7 +117,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke | | | | | | | **shell** | Admin shell | string | /etc/cli.sh;
/bin/bash;
/bin/csh;
/bin/tcsh;
| | | | | | | -| **deployWithoutPublicIPs** | Deploy HA without public IPs | boolean | true;
false; | +| **deployWithPublicIPs** | Deploy HA with public IPs | boolean | true;
false; | | | | | | | | **instanceSSHKey** | Public SSH key for the user 'admin' | string | A valid public ssh key | | | | | | | @@ -151,7 +151,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke generatePassword: false allowUploadDownload: false shell: "/bin/bash" - deployWithoutPublicIPs: true + deployWithPublicIPs: true cluster-network-cidr: "10.0.1.0/24" cluster-network-name: "external-vpc" cluster-network-subnetwork-name: "frontend" diff --git a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py index c3f454b9..6c554aac 100755 --- a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py +++ b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py @@ -153,7 +153,7 @@ def make_static_address(prop, name): def create_external_addresses_if_needed( prop, resources, member_a_nics, member_b_nics): - if prop['deployWithoutPublicIPs']: + if not prop['deployWithPublicIPs']: prop['primary_cluster_address_name'] = NO_PUBLIC_IP prop['secondary_cluster_address_name'] = NO_PUBLIC_IP else: @@ -472,7 +472,7 @@ def generate_config(context): } ] - if not prop['deployWithoutPublicIPs']: + if prop['deployWithPublicIPs']: outputs += [ { 'name': 'clusterIP', diff --git a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema index 9a3efd6c..9c674034 100755 --- a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema +++ b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema @@ -39,9 +39,9 @@ properties: gceMachineType: minCpu: 2 minRamGb: 1.843000054359436 - deployWithoutPublicIPs: + deployWithPublicIPs: type: boolean - default: False + default: True instanceSSHKey: type: string pattern: ^([0-9a-z\-]+ +[0-9A-Za-z/\+=]+( .*)?|)$ diff --git a/gcp/deployment-packages/ha-payg/config.yaml b/gcp/deployment-packages/ha-payg/config.yaml index 8a0b095f..de203447 100644 --- a/gcp/deployment-packages/ha-payg/config.yaml +++ b/gcp/deployment-packages/ha-payg/config.yaml @@ -25,7 +25,7 @@ resources: generatePassword: "PLEASE ENTER true or false" allowUploadDownload: "PLEASE ENTER true or false" shell: "PLEASE ENTER A SHELL" - deployWithoutPublicIPs: "PLEASE ENTER true or false" + deployWithPublicIPs: "PLEASE ENTER true or false" cluster-network-cidr: "PLEASE ENTER CLUSTER NETWORK CIDR" cluster-network-name: "PLEASE ENTER CLUSTER NETWORK ID" cluster-network-subnetwork-name: "PLEASE ENTER CLUSTER SUBNETWORK ID"