search

CiscoISE / ciscoise-terraform-automation-aws-nodes

CiscoISE End to End deployment and configuration via Terraform for AWS
Apache License 2.0
3 stars 1 forks source link

Pan and PSN parameters not set #15

Closed bando483 closed 1 month ago

bando483 commented 1 month ago

Is there an existing issue for this?

Terraform Version

1.7.0

AWS Provider Version

5.45.0

Affected Resource(s)/Data Source(s)

NEW

Terraform Configuration Files

terraform.tvars is populated with all the requested parameters and EC2 instances are created

Expected Behaviour

set DNS and NTP on terraform.tfvars.. and hostname

Actual Behaviour

DEV-ISE-022/iseadmin#show run interface GigabitEthernet 0 ip address 10.56.35.114 255.255.255.0 ipv6 enable ipv6 address autoconfig ! ntp server 10.210.38.240 hostname DEV-ISE-022 icmp echo on ip domain-name demo.local ip default-gateway 10.56.35.1 ip name-server 10.210.38.240

Steps to Reproduce

No response

bando483 commented 1 month ago

no parameter is set on machines (neither the NTP, nor the DNS and nor the hostname)

EC2 instances are reachable in SSH but the configuration is wrong

bando483 commented 1 month ago

it is strange since the iseadmin password is set and working, via aws console

bando483 commented 1 month ago

even the UTC+1 is not set.

once the deploy worked for me, and what I changed has been the instance type of PAN from m5.4xlarge to c5.4xlarge.

bando483 commented 1 month ago

another change I did has been on permissions, when the deploy worked I add full admin rights, now I'm working with a user with specific privileges but which let me to complete the terraform deploy successfully

bando483 commented 1 month ago

tested again with full admin rights and the issue is still there

bando483 commented 1 month ago

I tested rolling back to m5.4xlarge but nothing changed... those parameters are not applied to configuration. honestly I'm stuck and I was near to deploy it in production, but I can't now. thanks for help

bando483 commented 1 month ago

I might have found the issue...

time_zone = "UTC+1" # Enter a timezone

with

time_zone = "UTC" # Enter a timezone the deploy works properly.

which is the correct syntax for time_zone?

sudhanss commented 1 month ago

time_zone = "UTC" --> This is the right format to enter time_zone.

sudhanss commented 1 month ago

Please ensure to double check terraform.tvars file is edited properly with right parameter and Deployment shall work. Also Please note terraform execution shows success upon creation of the all resources, For deployment formation we need to monitor state machine for successful execution.

Thanks for using the scripts, We will be happy to help in case of any issue while using the script and will also ensure the feedback and suggestions are implemented in upcoming release.

sudhanss commented 1 month ago

Hi Alessio (@bando483) - Could you please confirm if we can close this issue as not a bug? As you have pointed out that after correcting time_zone variable in terraform.tfvar file, deployment worked as expected.

bando483 commented 1 month ago

Sorry I explained my need wrongly. I need to set up UTC+1.. which is the correct syntax to do that? Inviato da iPhone

Il giorno 26 lug 2024, alle ore 18:49, Sudhanshu Sharma @.***> ha scritto:

 CAUTION! This message was sent from OUTSIDE of the company. Please do not provide any confidential information or click on any link and attachment unless you recognize the sender.

time_zone = "UTC" --> This is the right format to enter time_zone.

— Reply to this email directly, view it on GitHubhttps://github.com/CiscoISE/ciscoise-terraform-automation-aws-nodes/issues/15#issuecomment-2253129949, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASRQW2KN7X7XUGURKAXF3Q3ZOJ42BAVCNFSM6AAAAABLO5CJGSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDENJTGEZDSOJUHE. You are receiving this because you authored the thread.Message ID: @.***>

bando483 commented 1 month ago

Hi

If you can address my question on UTC+1 correct syntax, then you can close the issue…

It is not a bug but a parameter set on terraform.tfvars Inviato da iPhone

Il giorno 28 lug 2024, alle ore 22:16, Sudhanshu Sharma @.***> ha scritto:

 CAUTION! This message was sent from OUTSIDE of the company. Please do not provide any confidential information or click on any link and attachment unless you recognize the sender.

Hi Alessio @.***https://github.com/bando483) - Could you please confirm if we can close this issue as not a bug? As you have pointed out that after correcting time_zone variable in terraform.tfvar file, deployment worked as expected.

— Reply to this email directly, view it on GitHubhttps://github.com/CiscoISE/ciscoise-terraform-automation-aws-nodes/issues/15#issuecomment-2254632704, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASRQW2ON7O2N3VIH3RCIJ53ZOVGSJAVCNFSM6AAAAABLO5CJGSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDENJUGYZTENZQGQ. You are receiving this because you were mentioned.Message ID: @.***>

sudhanss commented 1 month ago

for UTC+1 you can mention --> CET Central European Time (CET) is UTC+1.

Please refer to below reference Cisco ISE guide for allowed time-zones - https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/cli_guide/b_ise_CLI_Reference_Guide_33/b_ise_CLIReferenceGuide_33_chapter_011.html?bookSearch=true#wp2884933107

bando483 commented 1 month ago

I'm going to test it today

bando483 commented 1 month ago

you can close this topic... with CET it is fine

sudhanss commented 1 month ago

Thanks for the confirmation. I am closing the ticket.