Hi Tal,
Sure.
There could be a CloudGuard topic in the Test area (under Gaia, System, Cluster etc.).
Capturing the *-ha.json files can show the relevant details in the hcp output. For example, the Tenant ID, RG, cluster-vip, templateName etc.
Maybe they can be checked for some of that content (presence).
Capture these files and any other files of interest in /etc/
/etc/cloud-version/etc/cloud-version.json
Display Template version and refer to https://support.checkpoint.com/results/sk/sk173705
Checking that the relevant HAD is up and running e.g. AZURE_HAD;
Example: Check that /etc/fw/scripts/azure_had.py is running
- cpwd_admin getpid -name AZURE_HAD
- cpwd_admin list | grep AZURE_HAD
Capturing public IP addresses could improve visibility in the HCP Topology view.
HCP connectivity tests could include public cloud dependent URLs and/or IPs e.g. 168.63.129.16
Health probe checks (?)
Check or capture proxy settings.
IAM permissions checks.
Maybe run the *ha_test.py scripts to capture output.
That could be enough to cover many of the CloudGuard Network Security/Gateway tests and capture output for HCP.
Maybe a CloudGuard test could be added to the list: hcp -r CloudGuard
I don't see anything like that in the list ( hcp --cli-list-tests)
References:
https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CloudGuard_Network_for_AWS_Single_AZ_Clu...
https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CloudGuard_for_AWS_Cross_AZ_Cluster/C...
From sk175023 - ATRG: CloudGuard Network for Azure - High Availability (HA)
- How can I know that my cluster is well configured?
- Make sure that the tester (
$FWDIR/scripts/azure_ha_test.py)passes and there are no errors in $FWDIR/log/azure_had.log on each member.
- Ensure that the cluster members use a Jumbo Hotfix that contains fixes of the relevant limitation mentioned above.
- Make sure that the daemon in charge of communicating with Azure runs on each cluster member by running:
cpwd_admin getpid -name AZURE_HAD and ensuring the output is different from 0.
Thanks,
Don
