Skip to content
This repository has been archived by the owner on May 13, 2021. It is now read-only.

Add support for multiple HUB's (one HUB per region) #14

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add support for multiple HUB's (one HUB per region) #14

wants to merge 1 commit into from

Conversation

andyfase
Copy link

@andyfase andyfase commented Jul 31, 2017
edited
Loading

The current poller script contains several race conditions in the use case where a hub is required in different regions. If the Transit VPC stack is created in multiple regions currently then it is not possible to control (for a given VPC/VGW) which hub in which region the VPN connection will be created for.

This pull request makes modifications to the poller script to remove these race conditions by extending the use of the value of HUB_TAG beyond the default "true" setting.

With this PR the HUB_TAG value can now be:

  1. HUB_TAG_VALUE (current behaviour)
  2. A valid AWS region code i.e. us-east-1, us-west-2, ca-central-1 etc

If the the value of HUB_TAG is a AWS region then the poller function will ONLY operate on the found VGW is its tagged with the same AWS region that the lambda function is working on. This allows VGW's to be targeted towards specific hub's by the value of the tag.

If the VGW is tagged with HUB_TAG_VALUE then the behavior of the lambda function is unchanged.

The lambda function has been modified in the following ways

  1. Function isValidRegion added to determine if a given string is a valid AWS region
  2. Modification to detection of a spoke vgw to include comparison of the value of HUB_TAG against current lambda region (AWS_DEFAULT_REGION)
  3. Modification to updateConfigXML function to set "create" mode if value of HUB_TAG is a valid AWS region
  4. Modification in deletion detection to only start deletion loop if tag value is also not a valid AWS region
  5. Added a further check in the deletion loop to only process deletion if configuration of the spoke VPN actually exists in the S3 bucket. This avoids a deletion attempt from a region which did not originally setup the spoke in the first place.

Testing performed

  1. Setup of single stack in single AWS region and used default tag value true on separate VGW's across multiple regions to confirm behavior unchanged in this use-case
  2. Setup of dual stack in two AWS regions and used new tag values of different region codes across multiple VGW's to confirm that only the targetted hub lambda functions pick up the connections
  3. As per point 2 confirmed the same for deletions (only targeted regions process the deletions)

Add support for multiple HUB's (one HUB per region) by allowing the t…
751af04 
…ag value of the VGW to specify the HUB region that the VPN connection should be established too.

Fixes race condition where whichever regions lambda function is triggered first will pick up the tagged VGW and claim it.
@hvital
Copy link

hvital commented Jun 28, 2019

Thanks for your contribution. This PR will be evaluated for the next version and we'll update to this thread once we have more information.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@andyfase @hvital