Search <book_title>...

Cluster Server 8.0 Bundled Agents Reference Guide - Windows

Last Published: 2021-12-21

Product(s): InfoScale & Storage Foundation (8.0)

Platform: Windows

AWSIP agent

The AWSIP agent manages the networking resources in an Amazon Web Services (AWS) cloud environment. The following are the networking resources:

Private IP - Private IP is a private numerical address that networked devices use to communicate with one another.
Elastic IP - An Elastic IP address is a static IPv4 public address designed for dynamic cloud computing. An Elastic IP address is associated with your AWS account.
Overlay IP - AWS allows you to redirect IP address traffic to an Elastic Compute Cloud (EC2) instance in a Virtual Private Network (VPC) no matter which subnet or availability zone (AZ) it is in. Overlay IP provides IP failover functionality for nodes spread across subnets or availability zones. Overlay IP must be outside of the VPC Classless Inter-Domain Routing (CIDR) block.

The agent uses AWS CLIs to associate IP resources in an AWS cloud environment. The agent does the following:

Assigns and unassigns private IP address
Associates and disassociates Elastic IP address and assigns/unassigns private IP
Manages route table entries of overlay IP for failing over across subnets

Prerequisites

Install the AWS CLI package.
Go to EC2 instance > Networking > Change Source/Dest. Check and disable Change Source/Dest. Check for overlay IP.

Create an IAM role with requisite permissions and attach the roles to the EC2 cluster instances.

Go to IAM > Create Policy > Role and create the role.

The following is a sample of the policy.json file:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "ec2:AssignPrivateIpAddresses",
                "ec2:DescribeAddresses",
                "ec2:DisassociateAddress",
                "ec2:AssociateAddress",
                "ec2:UnassignPrivateIpAddresses",
                "ec2:AssignPrivateIpAddresses",
																"ec2:AssignIpv6Addresses",
                "ec2:UnassignIpv6Addresses", 
                "ec2:DescribeInstances",
                "ec2:DescribeNetworkInterfaces",
                "ec2:DescribeRouteTables",
                "ec2:CreateRoute",
                "ec2:DeleteRoute",
                "ec2:ReplaceRoute"
              ],
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}

Ensure that all outgoing traffic goes through network address translation (NAT) gateways. The agent uses AWS CLIs and requires access to the Amazon EC2 API endpoints.
Ensure that the subnets in which the EC2 exists are associated with the route table.

Dependency

AWSIP resources depend on IP resources.

Agent functions

Online	Private IP: Assigns the private IP to a NIC Elastic Network Interface (ENI). Elastic IP: Works only if a private IP is defined in the configuration. Associates the private IP with an elastic IP. Agent automatically detects the ENI based on the Device attribute. Overlay IP: Creates a route in the route table given in the RouteTableIds attribute with destination as the OverlayIP and target as the ENI on which the entry point is running.
Offline	Private IP: Unassigns from the ENI. Elastic IP: Disassociates the elastic IP. Overlay IP: Deletes the route from the route table.
Monitor	Private IP: Monitors the assignment of the private IP to the ENI. Elastic IP: Monitors the association between private IP and elastic IP. Overlay IP: Monitors the routing information and checks whether the route table entry exists for the overlay IP.
Clean	Private IP: Unassigns the private IP. Elastic IP: Disassociates the elastic IP and unassigns the private IP address. Overlay IP: Deletes the route from the route table.

State definitions

ONLINE	Private IP: Private IP is assigned to the ENI. Elastic IP: Private IP is assigned and elastic IP is associated with the private IP. Overlay IP: Route table entry exists for the overlay IP.
OFFLINE	Private IP: Private IP is not assigned to the ENI. Elastic IP: Private IP is not assigned or elastic IP is not associated with the private IP. Overlay IP: Route table entry does not exist for the overlay IP.
UNKNOWN	If private IP, elastic IP, or overlay IP is in UNKNOWN state, one of the following could be true: AWS CLI is not installed. AWSBinDir attribute is not configured correctly. That is, the AWSBinDir attribute is not set to the location where AWS CLI is installed. For example, `C:\Program Files\Amazon\AWSCLI`. Roles are not configured correctly or attached to the instance. The EC2 instance metadata is not accessible, for example, via the following command: curl "http://169.254.169.254/latest/meta-data/"
FAULTED	Indicates that the IP resources could not be brought online or abruptly stopped outside of VCS control.

Resource type definition

type AWSIP (
	   static i18nstr ArgList[] = { PrivateIP, OverlayIP, ElasticIP, 
 	    Device, RouteTableIds, AWSBinDir }
   	str PrivateIP
   	str OverlayIP
   	str ElasticIP
   	str Device
   	keylist RouteTableIds
   	str AWSBinDir
)

Attribute definitions

Table: Required attributes

Attribute	Description
PrivateIP	Secondary private IP address of the EC2 instance. Type and dimension: string-scalar
OverlayIP	Overlay IP provides IP failover functionality for nodes spread across subnets or availability zones. Overlay IP must be outside of the VPC CIDR block in which the nodes are present. Type and dimension: string-scalar

Attribute

Description

PrivateIP

Secondary private IP address of the EC2 instance.

Type and dimension: string-scalar

OverlayIP

Overlay IP provides IP failover functionality for nodes spread across subnets or availability zones. Overlay IP must be outside of the VPC CIDR block in which the nodes are present.

Type and dimension: string-scalar

Table: Optional attributes

Attribute	Description
ElasticIP	An Elastic IP address is a static IPv4 address designed for dynamic cloud computing. An Elastic IP address is associated with your AWS account. You can map the Elastic IP address to a secondary private IP address. Note: IPv6 addresses are not supported with this attribute. Type and dimension: string-scalar
Device	The physical address of the interface or the interface name of the NIC to which the virtual IP address to be monitored is assigned. Note that this attribute is always local, that is, it is different for each system. If you change the interface name, you must update the attribute value to specify the new name. When you edit the MACAddress attribute of the IP or the NIC agent to specify the interface name, you must specify the name of only one interface. For more details on modifying the default value of the attribute, refer to the Cluster Server Administrator's Guide. Note: Use the ipconfig -all command to retrieve the physical address of a NIC. Type and Dimension: string-scalar
RouteTableIds	Describes all the route tables. It can be one or more route table IDs. Type and dimension: string-list
AWSBinDir	Location of AWS EC2 commands and binaries. Type and dimension: string-scalar

Sample configurations

Private IP

AWSIP privateip (
 	PrivateIP = "10.239.3.97"
	 Device@WIN-38PNEVJSR2K = "12-7F-CE-5B-E2-6E"
 	Device@WIN-75PQEVSRV2K = "13-7F-CE-6B-E2-6E"
)

Elastic IP

AWSIP elasticip (
 	PrivateIP = "10.239.3.95"
	 ElasticIP = "34.193.196.156"
 	Device @WIN-38PNEVJSR2K = "12-7F-CE-5B-E2-6E"
 	Device @WIN-42PNEVXYR5K = "18-6F-BE-9B-E2-6E"
)

Overlay IP

AWSIP overlayip (
 	OverlayIP = "172.16.8.55/32"
	 Device @WIN-38PNEVJSR2K = "12-7F-CE-5B-E2-6E"
 	Device @WIN-45ABCVJSR2K = "14-7E-DE-6B-E2-8E"
	 RouteTableIds = { rtb-c5272ca3, rtb-fb97ac9d }
)

Private IP in IPv6 environment

AWSIP privateip (
 	PrivateIP = "2600:1f18:63c7:3819:1ce4:8b87:4499:712"
 	Device @WIN-38PNEVJSR2K = "12-7F-CE-5B-E2-6E"
 	Device @WIN-45ABCVJSR2K = "14-7E-DE-6B-E2-8E"
)

Overlay IP in IPv6 environment

AWSIP overlayip (
 	OverlayIP = "2001:db8:0:1::/128"
	 Device @WIN-38PNEVJSR2K = "12-7F-CE-5B-E2-6E"
 	Device @WIN-45ABCVJSR2K = "14-7E-DE-6B-E2-8E"
)