Pre go-live Health checks for auto deployed VMs in AWS

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Pre go-live Health checks for auto deployed VMs in AWS

L3 Networker

Not sure how to post in the automation section anymore as it now has been moved to read only.

 

Anyways.. need some insight please.

so we recently did a POC to use Terrarorm to autoscale / deploy VMs in AWS cloud. all good and working.

However we need to do a use case for health checks to verify a VM is setup correctly before it goes into production.

question.. can this be done and if so.. what are the processes to use?

in short, when a VM is trigger to deploy, it will auto deploy the VM, auto register to Panorama, pull down config and policies defined in the panorama template stack incl IP addressing(dhcp) routing etc etc.

 

what we are trying to achieve is to do a basic health check on the VM once deployed to verify that the routing table is in place, the Interfaces are UP and has IPs assigned, VM license in place, registered to Panorama, essentially that the VM will work before go live..

this should then be an indicator whether the VM can be placed into production or not.

 

Is this achievable and if so.. any ideas what tools etc.. perhaps API integration or scripts that will initiate out of Terraform to do these?

unless there is a plugin or similar in Panorama that can be utilized perhaps?

 

thanks in adv

2 REPLIES 2

Cyber Elite
Cyber Elite

@PA_nts,

Assuming that you won't have a test node behind the VM to actually test everything with prior to it being validated, you can utilize the API to validate preset test criteria to ensure that routing is in place and that basic connectivity through your rulebase and any required NAT will properly match traffic.

 

https://<Firewall>/php/rest/browse.php/op::test

 

 

L3 Networker

Thanks BPry,

I did the API keygen on our panorama and was able to run some api calls against the panorama which is good..Issue might be for VMs being auto spun up as we need to do a api keygen for each and every new VM  before we can run api calls. so prob will need to run an api call for 'show devices connected' info against panorama, extract IP of new VM devices, then  run an api keygen against these new IPs, extract  the api key, use that then to do the basic checks against the vm.. bit of a process 🙂

 

unless i am missing something?

 

rgds

 

 

 

  • 508 Views
  • 2 replies
  • 0 Likes
  • 101 Subscriptions
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!