Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Paul_Warnagiris
Advisor

WaitCondition timed out. Received 0 conditions when expecting 1

Didn't see much on this in the support portal.  This occurs 45-60 minutes after I kick off a cloudformation template for r80.10 management into a pre-existing VPC. Template #6 from sk111013 (top section -- first #6).  Any recommendations on next steps?

Physical ID:arn:aws:cloudformation:us-east-1:709709569732:stack/Check-Point-Management/cefceab0-b9aa-11e7-b989-50a686e4bbe3/ReadyHandle
Client Request Token:Console-CreateStack-262cdf0a-5109-4f76-ba24-39e5272c7a4a

0 Kudos
8 Replies
Paul_Warnagiris
Advisor

If you look in the template, there is a wait condition of 3600 seconds, waiting for the instance to come up. In the boot script of the instance, there is a curl command that is supposed to trigger the wait condition to be released.  There is no internet connected to any of these subnets yet as this is a highly secured environment.  We will be connecting to the management and the gateways via an on-prem VPN and during the cut window we will allow access which will be ultimately guarded by the Check Point.  Until that time however, no Internet access is available.  Is Internet access a mandatory requirement?   My guess is that since there is no Internet this wait thing requires public internet access.  Is my only option allowing Internet access to this box?

0 Kudos
PhoneBoy
Admin
Admin

The wait condition appears to be the act of allocating a Public IP address:

 "ReadyCondition": {
"Type": "AWS::CloudFormation::WaitCondition",
"Condition": "AllocatePublicAddress",
"DependsOn": [
"Instance"
],
"Properties": {
"Handle": {
"Ref": "ReadyHandle"
},
"Timeout": "3600"
}
},

My guess is that you will need to modify the template so that it doesn't do this.

Also, choose a different wait condition Smiley Happy

0 Kudos
Paul_Warnagiris
Advisor

Just to let you know I removed the wait condition and the device provisioned as expected.  Not sure what was going on with that particular AWS cloud or the template, but simply removing the wait allowed it to provision properly...  Odd...

0 Kudos
LostBoY
Advisor

I have come across the same problem... how did you manage to remove the wait condition.. how to edit the template ?
0 Kudos
Nir_Shamir
Employee Employee
Employee

the issue is usually with internet connectivity or DNS resolve.

check it on the Gateways after deployment.

0 Kudos
LostBoY
Advisor

Stack roll backs and deletes all the GWs or Management Server due to this WaitCondition

0 Kudos
LostBoY
Advisor

Can you please share how did you delete the wait condition ..did you remove the entire "Type" or just deleted "Condition" ?

0 Kudos
Edan_Leventhal
Employee
Employee

Hi LostBoY,
Don't know if this is still relevant for you, but to answer your questions:
1. How to edit the template-
You can find the method to manually load a template in our GitHub page. you will need to edit the relevant .yaml file.
CloudGuardIaaS/aws/templates at master · CheckPointSW/CloudGuardIaaS · GitHub

2. The section you need to delete from the yaml file to bypass the wait condition:

 ManagementReadyCondition:
    Type: AWS::CloudFormation::WaitCondition
    Condition: EIP
    DependsOn: ManagementInstance
    Properties:
      Handle: !Ref ManagementReadyHandle
      Timeout: 1800
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.