def vpc_exists(module, vpc, name, cidr_block, multi):
"""Returns None or a vpc object depending on the existence of a VPC. When supplied
with a CIDR, it will check for matching tags to determine if it is a match
otherwise it will assume the VPC does not exist and thus return None.
"""
matched_vpc = None
try:
matching_vpcs = vpc.get_all_vpcs(filters={
'tag:Name': name,
'cidr-block': cidr_block
})
except Exception as e:
e_msg = boto_exception(e)
module.fail_json(msg=e_msg)
if multi:
return None
elif len(matching_vpcs) == 1:
matched_vpc = matching_vpcs[0]
elif len(matching_vpcs) > 1:
module.fail_json(
msg='Currently there are %d VPCs that have the same name and '
'CIDR block you specified. If you would like to create '
'the VPC anyway please pass True to the multi_ok param.' %
len(matching_vpcs))
return matched_vpc
def vpc_needs_update(module, vpc, vpc_id, dns_support, dns_hostnames, dhcp_id,
tags):
"""This returns True or False. Intended to run after vpc_exists.
It will check all the characteristics of the parameters passed and compare them
to the active VPC. If any discrepancy is found, it will report true, meaning that
the VPC needs to be update in order to match the specified state in the params.
"""
update_dhcp = False
update_tags = False
dhcp_match = False
try:
dhcp_list = vpc.get_all_dhcp_options()
if dhcp_id is not None:
has_default = vpc.get_all_vpcs(filters={
'dhcp-options-id': 'default',
'vpc-id': vpc_id
})
for opts in dhcp_list:
if (str(opts).split(':')[1] == dhcp_id) or has_default:
dhcp_match = True
break
else:
pass
except Exception, e:
e_msg = boto_exception(e)
module.fail_json(msg=e_msg)
if not dhcp_match or (has_default and dhcp_id != 'default'):
update_dhcp = True
def provision_vpc(env, vpc):
dryRun = True
if env != "test":
dryRun = False
print "Availability zones: " + str(vpc.get_all_zones())
existing_vpcs = [v for v in vpc.get_all_vpcs() if v.id == my_vpc['id']]
existing_subnets = [s.id for s in vpc.get_all_subnets()]
print "Info: Existing VPCs: " + str(vpc.get_all_vpcs())
print "Info: Existing Subnets: " + str(existing_subnets)
#print my_vpc['id']
vpc_to_prov = existing_vpcs[0] if existing_vpcs else None
if not vpc_to_prov:
print "Starting new VPC provisioning process.."
new_vpc = vpc.create_vpc(my_vpc['cidr_block'], dry_run=dryRun)
print "New VPC provisioned, please update its ID: " + str(new_vpc.id)
provision_subnets(env, vpc, new_vpc.id, existing_subnets)
else:
print "vpc already exists, nothing to do here, moving on to subnets.."
provision_subnets(env, vpc, my_vpc['id'], existing_subnets)
def provision_vpc(env, vpc): dryRun = True if env != "test": dryRun = False print "Availability zones: " + str( vpc.get_all_zones() ) existing_vpcs = [v for v in vpc.get_all_vpcs() if v.id == my_vpc['id'] ] existing_subnets = [s.id for s in vpc.get_all_subnets() ] print "Info: Existing VPCs: " + str(vpc.get_all_vpcs()) print "Info: Existing Subnets: " + str(existing_subnets) #print my_vpc['id'] vpc_to_prov = existing_vpcs[0] if existing_vpcs else None if not vpc_to_prov: print "Starting new VPC provisioning process.." new_vpc = vpc.create_vpc(my_vpc['cidr_block'], dry_run = dryRun) print "New VPC provisioned, please update its ID: " +str(new_vpc.id) provision_subnets(env, vpc, new_vpc.id, existing_subnets) else: print "vpc already exists, nothing to do here, moving on to subnets.." provision_subnets(env, vpc, my_vpc['id'], existing_subnets)
def vpc_exists(module, vpc, name, cidr_block, multi):
"""Returns True or False in regards to the existence of a VPC. When supplied
with a CIDR, it will check for matching tags to determine if it is a match
otherwise it will assume the VPC does not exist and thus return false.
"""
matched_vpc = None
try:
matching_vpcs=vpc.get_all_vpcs(filters={'tag:Name' : name, 'cidr-block' : cidr_block})
except Exception, e:
e_msg=boto_exception(e)
module.fail_json(msg=e_msg)
def vpc_exists(module, vpc, name, cidr_block, multi):
"""Returns True or False in regards to the existence of a VPC. When supplied
with a CIDR, it will check for matching tags to determine if it is a match
otherwise it will assume the VPC does not exist and thus return false.
"""
matched_vpc = None
try:
matching_vpcs = vpc.get_all_vpcs(filters={
'tag:Name': name,
'cidr-block': cidr_block
})
except Exception, e:
e_msg = boto_exception(e)
module.fail_json(msg=e_msg)
def map_vpc_name_to_id(command_line_options, vpc):
# Map the VPC-Name to a VpcId if provided
if 'vpc-' not in command_line_options.vpc:
log.info('Mapping VPC named [{0}] to VpcId'.format(
command_line_options.vpc))
vpcs = vpc.get_all_vpcs()
for v in vpcs:
try:
name = v.tags['Name']
if name.lower() == command_line_options.vpc.lower():
log.info('Matched {0} to VpcId {1}'.format(name, v.id))
return v.id
except KeyError:
log.warning('Found a VPC [{0}] with no Name tag'.format(v.id))
continue
else:
return command_line_options.vpc
def vpc_exists(module, vpc, name, cidr_block, multi):
"""Returns True or False in regards to the existence of a VPC. When supplied
with a CIDR, it will check for matching tags to determine if it is a match
otherwise it will assume the VPC does not exist and thus return false.
"""
matched_vpc = None
try:
matching_vpcs=vpc.get_all_vpcs(filters={'tag:Name' : name, 'cidr-block' : cidr_block})
except Exception as e:
e_msg=boto_exception(e)
module.fail_json(msg=e_msg)
if len(matching_vpcs) == 1:
matched_vpc = matching_vpcs[0]
elif len(matching_vpcs) > 1:
if multi:
module.fail_json(msg='Currently there are %d VPCs that have the same name and '
'CIDR block you specified. If you would like to create '
'the VPC anyway please pass True to the multi_ok param.' % len(matching_vpcs))
return matched_vpc
def validate_provider_data(self, serializer_attrs, all_data):
attrs = super(AWSCloudProvider, self).validate_provider_data(serializer_attrs, all_data)
region = attrs[self.REGION].slug
access_key = all_data[self.ACCESS_KEY]
secret_key = all_data[self.SECRET_KEY]
keypair = all_data[self.KEYPAIR]
errors = {}
from stackdio.api.cloud.models import CloudAccount
# Check for duplicates
accounts = CloudAccount.objects.filter(provider__name=self.SHORT_NAME)
for account in accounts:
account_yaml = yaml.safe_load(account.yaml)
if account.region.slug == region and account_yaml[account.slug]['id'] == access_key:
err_msg = ('You may not have multiple cloud accounts with the same access key '
'in the same region. Please generate a new access key if you would '
'like to have 2 cloud accounts in the same AWS account.')
errors.setdefault(self.REGION, []).append(err_msg)
if errors:
raise ValidationError(errors)
# check authentication credentials
ec2 = None
try:
ec2 = boto.ec2.connect_to_region(
region,
aws_access_key_id=access_key,
aws_secret_access_key=secret_key,
)
ec2.get_all_zones()
except boto.exception.EC2ResponseError:
err_msg = 'Unable to authenticate to AWS with the provided keys.'
errors.setdefault(self.ACCESS_KEY, []).append(err_msg)
errors.setdefault(self.SECRET_KEY, []).append(err_msg)
if errors:
raise ValidationError(errors)
# check keypair
try:
ec2.get_all_key_pairs(keypair)
except boto.exception.EC2ResponseError:
errors.setdefault(self.KEYPAIR, []).append(
'The keypair \'{0}\' does not exist in this account.'.format(keypair)
)
# check route 53 domain
domain = all_data[self.ROUTE53_DOMAIN]
if domain:
try:
# connect to route53 and check that the domain is available
r53 = boto.connect_route53(access_key, secret_key)
found_domain = False
hosted_zones = r53.get_all_hosted_zones()
hosted_zones = hosted_zones['ListHostedZonesResponse']['HostedZones']
for hosted_zone in hosted_zones:
if hosted_zone['Name'].startswith(domain):
found_domain = True
break
if not found_domain:
err = 'The Route53 domain \'{0}\' does not exist in ' \
'this account.'.format(domain)
errors.setdefault(self.ROUTE53_DOMAIN, []).append(err)
# except boto.exception.DNSServerError as e:
except Exception as e:
logger.exception('Route53 issue?')
errors.setdefault(self.ROUTE53_DOMAIN, []).append(str(e))
# check VPC required fields
vpc_id = attrs[self.VPC_ID]
if vpc_id:
vpc = None
try:
vpc = boto.vpc.connect_to_region(
region,
aws_access_key_id=access_key,
aws_secret_access_key=secret_key,
)
except boto.exception.EC2ResponseError:
err_msg = ('Unable to authenticate to AWS VPC with the '
'provided keys.')
errors.setdefault(self.ACCESS_KEY, []).append(err_msg)
errors.setdefault(self.SECRET_KEY, []).append(err_msg)
if not errors:
try:
vpc.get_all_vpcs([vpc_id])
except boto.exception.EC2ResponseError:
errors.setdefault(self.VPC_ID, []).append(
'The VPC \'{0}\' does not exist in this account.'
.format(vpc_id)
)
if errors:
raise ValidationError(errors)
return attrs
def validate_provider_data(self, serializer_attrs, all_data):
attrs = super(AWSCloudProvider,
self).validate_provider_data(serializer_attrs, all_data)
region = attrs[self.REGION].slug
access_key = all_data[self.ACCESS_KEY]
secret_key = all_data[self.SECRET_KEY]
keypair = all_data[self.KEYPAIR]
errors = {}
from stackdio.api.cloud.models import CloudAccount
# Check for duplicates
accounts = CloudAccount.objects.filter(provider__name=self.SHORT_NAME)
for account in accounts:
account_yaml = yaml.safe_load(account.yaml)
if account.region.slug == region and account_yaml[
account.slug]['id'] == access_key:
err_msg = (
'You may not have multiple cloud accounts with the same access key '
'in the same region. Please generate a new access key if you would '
'like to have 2 cloud accounts in the same AWS account.')
errors.setdefault(self.REGION, []).append(err_msg)
if errors:
raise ValidationError(errors)
# check authentication credentials
ec2 = None
try:
ec2 = boto.ec2.connect_to_region(
region,
aws_access_key_id=access_key,
aws_secret_access_key=secret_key,
)
ec2.get_all_zones()
except boto.exception.EC2ResponseError:
err_msg = 'Unable to authenticate to AWS with the provided keys.'
errors.setdefault(self.ACCESS_KEY, []).append(err_msg)
errors.setdefault(self.SECRET_KEY, []).append(err_msg)
if errors:
raise ValidationError(errors)
# check keypair
try:
ec2.get_all_key_pairs(keypair)
except boto.exception.EC2ResponseError:
errors.setdefault(self.KEYPAIR, []).append(
'The keypair \'{0}\' does not exist in this account.'.format(
keypair))
# check route 53 domain
domain = all_data[self.ROUTE53_DOMAIN]
if domain:
try:
# connect to route53 and check that the domain is available
r53 = boto.connect_route53(access_key, secret_key)
found_domain = False
hosted_zones = r53.get_all_hosted_zones()
hosted_zones = hosted_zones['ListHostedZonesResponse'][
'HostedZones']
for hosted_zone in hosted_zones:
if hosted_zone['Name'].startswith(domain):
found_domain = True
break
if not found_domain:
err = 'The Route53 domain \'{0}\' does not exist in ' \
'this account.'.format(domain)
errors.setdefault(self.ROUTE53_DOMAIN, []).append(err)
# except boto.exception.DNSServerError as e:
except Exception as e:
logger.exception('Route53 issue?')
errors.setdefault(self.ROUTE53_DOMAIN, []).append(str(e))
# check VPC required fields
vpc_id = attrs[self.VPC_ID]
if vpc_id:
vpc = None
try:
vpc = boto.vpc.connect_to_region(
region,
aws_access_key_id=access_key,
aws_secret_access_key=secret_key,
)
except boto.exception.EC2ResponseError:
err_msg = ('Unable to authenticate to AWS VPC with the '
'provided keys.')
errors.setdefault(self.ACCESS_KEY, []).append(err_msg)
errors.setdefault(self.SECRET_KEY, []).append(err_msg)
if not errors:
try:
vpc.get_all_vpcs([vpc_id])
except boto.exception.EC2ResponseError:
errors.setdefault(self.VPC_ID, []).append(
'The VPC \'{0}\' does not exist in this account.'.
format(vpc_id))
if errors:
raise ValidationError(errors)
return attrs
vpc_id = data[self.VPC_ID]
try:
vpc = boto.vpc.connect_to_region(
data[self.REGION],
aws_access_key_id=data[self.ACCESS_KEY],
aws_secret_access_key=data[self.SECRET_KEY])
except boto.exception.EC2ResponseError, e:
err_msg = ('Unable to authenticate to AWS VPC with the '
'provided keys.')
errors.setdefault(self.ACCESS_KEY, []).append(err_msg)
errors.setdefault(self.SECRET_KEY, []).append(err_msg)
if not errors:
try:
vpc.get_all_vpcs([vpc_id])
except boto.exception.EC2ResponseError, e:
errors.setdefault(self.VPC_ID, []).append(
'The VPC \'{0}\' does not exist in this account.'
.format(vpc_id)
)
return errors
def validate_image_id(self, image_id):
ec2 = self.connect_ec2()
try:
ec2.get_all_images(image_ids=[image_id])
return True, ''
except boto.exception.EC2ResponseError, e:
return False, e.error_message
module.fail_json(msg=e_msg)
return updated_tags
def update_dhcp_opts(module, vpc, vpc_id, dhcp_id):
try:
vpc.associate_dhcp_options(dhcp_id, vpc_id)
dhcp_list = vpc.get_all_dhcp_options()
except Exception, e:
e_msg = boto_exception(e)
module.fail_json(msg=e_msg)
for opts in dhcp_list:
vpc_dhcp = vpc.get_all_vpcs(filters={
'dhcp-options-id': opts,
'vpc-id': vpc_id
})
matched = False
if opts == dhcp_id:
matched = True
return opts
if matched == False:
return dhcp_id
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(name=dict(type='str', default=None, required=True),
cidr_block=dict(type='str', default=None, required=True),