Permalink
Browse files

Use new Route53 API, implement http retries, improved logging, securi…

…ty and much more.

Full Changelog:
+ Update to newer Route53 API: switch from "2010-10-01" to "2012-02-29"
+ Implement HTTP retries (applies to webserver probe as well as API communication)
+ Switch from wget & lynx to curl, which is more robust and less error-prone.
+ Improve logging on multi-line output (requires GNU awk)
+ Validate AWS credentials once per hour. This ensures our credentials are always working, even if we rarely send an update to Route53.
+ Security: Enforce strict file permission to avoid leaking AWS credentials (detect if script is chmod'ed to 700)
+ Security: Switch from SHA1 to SHA256 when submitting updates to AWS
+ Improve detection of DNS resolution problems
+ Improve AWS signature generation on non-Linux platforms (use 'printf' instead of 'echo', which was causing problems on OSX)
+ "base64" is no longer required (switched to "openssl enc -base64")
+ Improve detection of status changes and avoid sending API updates when not needed (also added a "--force" argument to force an update at any time).
+ Lots of logging improvements: show current production hosts when updating Route53, show how many hosts are up/down/disabled when no update is needed, show http code returned by the API, and more.
+ Initial work on email notifications (see documentation on the "mailNotification" function)
+ Initial work on multi-site probing (see "proberesult" file)
  • Loading branch information...
1 parent 93b06ae commit ba211e410339b205c7ceb23c5f55d75db592b2be @raineralves raineralves committed Nov 19, 2012
Showing with 329 additions and 117 deletions.
  1. +329 −117 route53-failover.sh
Oops, something went wrong.

0 comments on commit ba211e4

Please sign in to comment.