Skip to content

Commit

Permalink
Added support to deploy GCP HA without public IPs
Browse files Browse the repository at this point in the history
  • Loading branch information
@chkp-olgami
chkp-olgami committed Apr 10, 2024
1 parent d753212 commit 1bd1d30
Show file tree
Hide file tree
Showing 6 changed files with 114 additions and 78 deletions.
92 changes: 53 additions & 39 deletions gcp/deployment-packages/ha-byol/check-point-cluster--byol.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@

MGMT_NIC = 1

NO_PUBLIC_IP = 'no-public-ip'

startup_script = '''
#cloud-config
runcmd:
Expand Down Expand Up @@ -149,39 +151,44 @@ def make_static_address(prop, name):
return address


def create_external_addresses(prop, resources, member_a_nics, member_b_nics):
member_a_address_name = common.set_name_and_truncate(
prop['deployment'], '-member-a-address')
member_b_address_name = common.set_name_and_truncate(
prop['deployment'], '-member-b-address')
def create_external_addresses_if_needed(
prop, resources, member_a_nics, member_b_nics):
if prop['deployWithoutPublicIPs']:
prop['primary_cluster_address_name'] = NO_PUBLIC_IP
prop['secondary_cluster_address_name'] = NO_PUBLIC_IP
else:
member_a_address_name = common.set_name_and_truncate(
prop['deployment'], '-member-a-address')
member_b_address_name = common.set_name_and_truncate(
prop['deployment'], '-member-b-address')

prop['member_a_address_name'] = member_a_address_name
prop['member_b_address_name'] = member_b_address_name
prop['member_a_address_name'] = member_a_address_name
prop['member_b_address_name'] = member_b_address_name

member_a_address = make_static_address(prop, member_a_address_name)
member_b_address = make_static_address(prop, member_b_address_name)
member_a_address = make_static_address(prop, member_a_address_name)
member_b_address = make_static_address(prop, member_b_address_name)

resources += [member_a_address, member_b_address]
resources += [member_a_address, member_b_address]

member_a_nics[MGMT_NIC]['accessConfigs'] = [make_access_config(
'$(ref.{}.address)'.format(member_a_address_name))]
member_b_nics[MGMT_NIC]['accessConfigs'] = [make_access_config(
'$(ref.{}.address)'.format(member_b_address_name))]
member_a_nics[MGMT_NIC]['accessConfigs'] = [make_access_config(
'$(ref.{}.address)'.format(member_a_address_name))]
member_b_nics[MGMT_NIC]['accessConfigs'] = [make_access_config(
'$(ref.{}.address)'.format(member_b_address_name))]

primary_cluster_address_name = common.set_name_and_truncate(
prop['deployment'], '-primary-cluster-address')
secondary_cluster_address_name = common.set_name_and_truncate(
prop['deployment'], '-secondary-cluster-address')
primary_cluster_address_name = common.set_name_and_truncate(
prop['deployment'], '-primary-cluster-address')
secondary_cluster_address_name = common.set_name_and_truncate(
prop['deployment'], '-secondary-cluster-address')

primary_cluster_address = make_static_address(
prop, primary_cluster_address_name)
secondary_cluster_address = make_static_address(
prop, secondary_cluster_address_name)
primary_cluster_address = make_static_address(
prop, primary_cluster_address_name)
secondary_cluster_address = make_static_address(
prop, secondary_cluster_address_name)

resources += [primary_cluster_address, secondary_cluster_address]
resources += [primary_cluster_address, secondary_cluster_address]

prop['primary_cluster_address_name'] = primary_cluster_address_name
prop['secondary_cluster_address_name'] = secondary_cluster_address_name
prop['primary_cluster_address_name'] = primary_cluster_address_name
prop['secondary_cluster_address_name'] = secondary_cluster_address_name


def make_nic(prop, net_name, subnet_name):
Expand Down Expand Up @@ -412,7 +419,8 @@ def generate_config(context):

member_b_nics = copy.deepcopy(member_a_nics)

create_external_addresses(prop, resources, member_a_nics, member_b_nics)
create_external_addresses_if_needed(
prop, resources, member_a_nics, member_b_nics)

member_a_name = common.set_name_and_truncate(
prop['deployment'], '-member-a')
Expand Down Expand Up @@ -442,19 +450,10 @@ def generate_config(context):
'name': 'project',
'value': prop['project']
},
{
'name': 'clusterIP',
'value': '$(ref.{}.address)'.format(
prop['primary_cluster_address_name'])
},
{
'name': 'vmAName',
'value': member_a_name,
},
{
'name': 'vmAExternalIP',
'value': '$(ref.{}.address)'.format(prop['member_a_address_name'])
},
{
'name': 'vmASelfLink',
'value': '$(ref.{}.selfLink)'.format(member_a_name),
Expand All @@ -463,10 +462,6 @@ def generate_config(context):
'name': 'vmBName',
'value': member_b_name,
},
{
'name': 'vmBExternalIP',
'value': '$(ref.{}.address)'.format(prop['member_b_address_name'])
},
{
'name': 'vmBSelfLink',
'value': '$(ref.{}.selfLink)'.format(member_b_name),
Expand All @@ -477,4 +472,23 @@ def generate_config(context):
}
]

if not prop['deployWithoutPublicIPs']:
outputs += [
{
'name': 'clusterIP',
'value': '$(ref.{}.address)'.format(
prop['primary_cluster_address_name'])
},
{
'name': 'vmAExternalIP',
'value': '$(ref.{}.address)'.format(
prop['member_a_address_name'])
},
{
'name': 'vmBExternalIP',
'value': '$(ref.{}.address)'.format(
prop['member_b_address_name'])
}
]

return common.MakeResource(resources, outputs)
3 changes: 3 additions & 0 deletions gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,9 @@ properties:
gceMachineType:
minCpu: 2
minRamGb: 1.843000054359436
deployWithoutPublicIPs:
type: boolean
default: False
instanceSSHKey:
type: string
pattern: ^([0-9a-z\-]+ +[0-9A-Za-z/\+=]+( .*)?|)$
Expand Down
1 change: 1 addition & 0 deletions gcp/deployment-packages/ha-byol/config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ resources:
generatePassword: "PLEASE ENTER true or false"
allowUploadDownload: "PLEASE ENTER true or false"
shell: "PLEASE ENTER A SHELL"
deployWithoutPublicIPs: "PLEASE ENTER true or false"
cluster-network-cidr: "PLEASE ENTER CLUSTER NETWORK CIDR"
cluster-network-name: "PLEASE ENTER CLUSTER NETWORK ID"
cluster-network-subnetwork-name: "PLEASE ENTER CLUSTER SUBNETWORK ID"
Expand Down
92 changes: 53 additions & 39 deletions gcp/deployment-packages/ha-payg/check-point-cluster--payg.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@

MGMT_NIC = 1

NO_PUBLIC_IP = 'no-public-ip'

startup_script = '''
#cloud-config
runcmd:
Expand Down Expand Up @@ -149,39 +151,44 @@ def make_static_address(prop, name):
return address


def create_external_addresses(prop, resources, member_a_nics, member_b_nics):
member_a_address_name = common.set_name_and_truncate(
prop['deployment'], '-member-a-address')
member_b_address_name = common.set_name_and_truncate(
prop['deployment'], '-member-b-address')
def create_external_addresses_if_needed(
prop, resources, member_a_nics, member_b_nics):
if prop['deployWithoutPublicIPs']:
prop['primary_cluster_address_name'] = NO_PUBLIC_IP
prop['secondary_cluster_address_name'] = NO_PUBLIC_IP
else:
member_a_address_name = common.set_name_and_truncate(
prop['deployment'], '-member-a-address')
member_b_address_name = common.set_name_and_truncate(
prop['deployment'], '-member-b-address')

prop['member_a_address_name'] = member_a_address_name
prop['member_b_address_name'] = member_b_address_name
prop['member_a_address_name'] = member_a_address_name
prop['member_b_address_name'] = member_b_address_name

member_a_address = make_static_address(prop, member_a_address_name)
member_b_address = make_static_address(prop, member_b_address_name)
member_a_address = make_static_address(prop, member_a_address_name)
member_b_address = make_static_address(prop, member_b_address_name)

resources += [member_a_address, member_b_address]
resources += [member_a_address, member_b_address]

member_a_nics[MGMT_NIC]['accessConfigs'] = [make_access_config(
'$(ref.{}.address)'.format(member_a_address_name))]
member_b_nics[MGMT_NIC]['accessConfigs'] = [make_access_config(
'$(ref.{}.address)'.format(member_b_address_name))]
member_a_nics[MGMT_NIC]['accessConfigs'] = [make_access_config(
'$(ref.{}.address)'.format(member_a_address_name))]
member_b_nics[MGMT_NIC]['accessConfigs'] = [make_access_config(
'$(ref.{}.address)'.format(member_b_address_name))]

primary_cluster_address_name = common.set_name_and_truncate(
prop['deployment'], '-primary-cluster-address')
secondary_cluster_address_name = common.set_name_and_truncate(
prop['deployment'], '-secondary-cluster-address')
primary_cluster_address_name = common.set_name_and_truncate(
prop['deployment'], '-primary-cluster-address')
secondary_cluster_address_name = common.set_name_and_truncate(
prop['deployment'], '-secondary-cluster-address')

primary_cluster_address = make_static_address(
prop, primary_cluster_address_name)
secondary_cluster_address = make_static_address(
prop, secondary_cluster_address_name)
primary_cluster_address = make_static_address(
prop, primary_cluster_address_name)
secondary_cluster_address = make_static_address(
prop, secondary_cluster_address_name)

resources += [primary_cluster_address, secondary_cluster_address]
resources += [primary_cluster_address, secondary_cluster_address]

prop['primary_cluster_address_name'] = primary_cluster_address_name
prop['secondary_cluster_address_name'] = secondary_cluster_address_name
prop['primary_cluster_address_name'] = primary_cluster_address_name
prop['secondary_cluster_address_name'] = secondary_cluster_address_name


def make_nic(prop, net_name, subnet_name):
Expand Down Expand Up @@ -412,7 +419,8 @@ def generate_config(context):

member_b_nics = copy.deepcopy(member_a_nics)

create_external_addresses(prop, resources, member_a_nics, member_b_nics)
create_external_addresses_if_needed(
prop, resources, member_a_nics, member_b_nics)

member_a_name = common.set_name_and_truncate(
prop['deployment'], '-member-a')
Expand Down Expand Up @@ -442,19 +450,10 @@ def generate_config(context):
'name': 'project',
'value': prop['project']
},
{
'name': 'clusterIP',
'value': '$(ref.{}.address)'.format(
prop['primary_cluster_address_name'])
},
{
'name': 'vmAName',
'value': member_a_name,
},
{
'name': 'vmAExternalIP',
'value': '$(ref.{}.address)'.format(prop['member_a_address_name'])
},
{
'name': 'vmASelfLink',
'value': '$(ref.{}.selfLink)'.format(member_a_name),
Expand All @@ -463,10 +462,6 @@ def generate_config(context):
'name': 'vmBName',
'value': member_b_name,
},
{
'name': 'vmBExternalIP',
'value': '$(ref.{}.address)'.format(prop['member_b_address_name'])
},
{
'name': 'vmBSelfLink',
'value': '$(ref.{}.selfLink)'.format(member_b_name),
Expand All @@ -477,4 +472,23 @@ def generate_config(context):
}
]

if not prop['deployWithoutPublicIPs']:
outputs += [
{
'name': 'clusterIP',
'value': '$(ref.{}.address)'.format(
prop['primary_cluster_address_name'])
},
{
'name': 'vmAExternalIP',
'value': '$(ref.{}.address)'.format(
prop['member_a_address_name'])
},
{
'name': 'vmBExternalIP',
'value': '$(ref.{}.address)'.format(
prop['member_b_address_name'])
}
]

return common.MakeResource(resources, outputs)
3 changes: 3 additions & 0 deletions gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,9 @@ properties:
gceMachineType:
minCpu: 2
minRamGb: 1.843000054359436
deployWithoutPublicIPs:
type: boolean
default: False
instanceSSHKey:
type: string
pattern: ^([0-9a-z\-]+ +[0-9A-Za-z/\+=]+( .*)?|)$
Expand Down
1 change: 1 addition & 0 deletions gcp/deployment-packages/ha-payg/config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ resources:
generatePassword: "PLEASE ENTER true or false"
allowUploadDownload: "PLEASE ENTER true or false"
shell: "PLEASE ENTER A SHELL"
deployWithoutPublicIPs: "PLEASE ENTER true or false"
cluster-network-cidr: "PLEASE ENTER CLUSTER NETWORK CIDR"
cluster-network-name: "PLEASE ENTER CLUSTER NETWORK ID"
cluster-network-subnetwork-name: "PLEASE ENTER CLUSTER SUBNETWORK ID"
Expand Down

0 comments on commit 1bd1d30

Please sign in to comment.