Open dbadola opened 5 years ago
@frankshen01 any idea about this one ?
Hi, @dbadola thanks for the issue, your configuration should be fine except for that _ in key should be - and "priority" : "255" shoule be "priority" : 255. Now the problem may be on hbdev, we are helping to locate and try to solve the problem!
@dbadola There is a bug in FortiAPI for setting the hbdev param, such as "hbdev": "\"port4\" 0", our FortiAPI team is fixing it. Maybe it will be supported in the next FortiOS release. Thanks!
Status update ~ the lastest work around:
provider "fortios" {
hostname = "192.168.52.177"
insecure = "true"
token = "GNH7r40H65GNb46kd4rG8rtrmn0fr1"
}
variable groupname {
default = "HA-CURL"
}
resource "fortios_system_autoscript" "trname1" {
interval = 1
name = join("_", ["ha", var.groupname, "script"])
output_size = 10
repeat = 1
script = <<EOF
config system ha
set group-name ${var.groupname}
set hbdev "port4" 0
set session-pickup enable
set session-pickup-connectionless enable
set session-pickup-expectation enable
set session-pickup-nat enable
set override disable
set priority 255
set mode a-p
end
EOF
start = "auto"
}
# terraform apply
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# fortios_system_autoscript.trname1 will be created
+ resource "fortios_system_autoscript" "trname1" {
+ id = (known after apply)
+ interval = 1
+ name = "ha_HA-CURL_script"
+ output_size = 10
+ repeat = 1
+ script = <<~EOT
config system ha
set group-name HA-CURL
set hbdev "port4" 0
set session-pickup enable
set session-pickup-connectionless enable
set session-pickup-expectation enable
set session-pickup-nat enable
set override disable
set priority 255
set mode a-p
end
EOT
+ start = "auto"
+ timeout = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
fortios_system_autoscript.trname1: Creating...
fortios_system_autoscript.trname1: Creation complete after 0s [id=ha_HA-CURL_script]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Validation:
labfirewall # config system ha
labfirewall (ha) # show
config system ha
set group-name "HA-CURL"
set mode a-p
set hbdev "port4" 0
set session-pickup enable
set session-pickup-connectionless enable
set session-pickup-expectation enable
set override disable
set priority 255
end
Thanks!
Hi Team,
I was trying to add support for HA for terrraform, I got stuck with "hbdev" which takes "string" as input.
So i tried to use curl command to configure but I was not able to do. Can someone please confirm if this is the right curl command to configure Fortinet System HA
curl -k -X PUT -H "Content-type: application/json" -H "Accept: application/json" https://x.x.x.x/api/v2/cmdb/system/ha/?access_token=YOUR_TOKEN -d '{"group-id":0, "group-name":"HA-CURL", "mode": "a-p", "hbdev": "port4", "session_pickup": "enable", "session_pickup_connectionless": "enable", "priority" : "255" }'