Closed kaushikmaji closed 4 years ago
Hi kaushikmaji, It seems like publish script failed to run and your changes didn't publish. On success, it prints "published successfully". API server is using configured port or the default API port (e.g 443)?
Hello, we first perform publish and then perform install_policy. In both cases it says "Apply Completed". Surprising thing is that when we go to smartconsole->open user sessions, it shows around 11 changes to be published. Then upon right click on that session, if we select "publish and discard" option, all objects we tried to push using terraform get published as per requirement. So we are not able to understand what is missing.
API server is running on default port 443. We are just doing PoC, so we have created new PAYG gateway and management servers direct from the marketplace in Azure.
Hi kaushikmaji, I think something went wrong during publish script that fail and the session with all terraform changes is not published. Authentication method in both publish and install policy scripts must be via environment variables: CHECKPOINT_SERVER, CHECKPOINT_USERNAME, CHECKPOINT_PASSWORD. Please make sure you set them correctly. If this issue still happen to you please let me know.
Thanks, Roy
Hello Roy, thanks for your response. Yes, we are using environment variables only, as per documentation. So, as I said, using those environment variables, Terraform plan & Terraform apply with publish and install_policy are all seemingly working fine and giving no errors on my PC. When we check the user session in Smart Console's open user sessions, it shows that changes have gone through upto the session (count under changes column in a user session), but somehow they are not being published into the firewall.
I am using Windows 10 as my PC and thus I am building the publish.go and install_policy.go on my windows machine, before using the compiled executable in Terraform commands. Does that make any difference? Should I use some additional steps? If that does not clarify my position, may be I could upload a short video here of what we are doing and the challenge.
Hi kaushikmaji, The script publish.go is responsible to publish the changes done in terraform into the management server. In your case, changes are not being published at all, so I assume publish.go script fails during his run and your changes keep on the private session as you describe. Please make sure you build the publish.go script as mentioned in the documentation: https://www.terraform.io/docs/providers/checkpoint/index.html#publish Moreover, you can try to run script without terraform apply. This will publish your last session as long as it still "alive".
It Worked !!
When I ran publish and install_policy separately i.e. without terraform apply. Its really good. Thanks for your assistance. But this also means that the documentation https://www.terraform.io/docs/providers/checkpoint/index.html#publish which has && operator to chain the terraform apply with publish and install_policy was not working on Windows? So it should be replaced with pipe ( | ) etc?
Thanks again for your input. I would appreciate if the thread is kept open for 1-2 days as we would perform some more testing and in case of any related issue, we will report here.
Thanks for your assistance with this case.
We are try to start using Terraform for checkpoint related daily tasks e.g. port openings. We have followed below steps:
terraform init
terraform plan
terraform apply && ./publish.exe &&
./install_policy.exe -policy-package "Standard" -target "gatewayfw"
Final out put shows "Apply complete! Resources: 11 added, 0 changed, 0 destroyed."
But when we go into the smart console of Management Server, no network objects/service or rules were created as defined in Terraform main.tf file.
Please assist!!
main.tf >>>>>>>