Beispiel #1
0
def create_subnet(vpc_id, cidr, availability_zone):
    subnets = run_out("aws", "ec2", "describe-subnets",
                      "--filters", "Name=cidr-block,Values={0}".format(cidr))["Subnets"]
    if not subnets:
        return run_out("aws", "ec2", "create-subnet", "--cidr-block", cidr,
                       "--vpc-id", vpc_id, "--availability-zone", availability_zone)["Subnet"]["SubnetId"]
    return subnets[0]["SubnetId"]
Beispiel #2
0
 def get_cluster_info(self):
     return run_out("aws",
                    "eks",
                    "describe-cluster",
                    name=self.name,
                    region=self.region,
                    output="json")
Beispiel #3
0
 def get_subnets_by_ids(self):
     return run_out(
         "aws",
         "ec2",
         "describe-subnets",
         "--subnet-ids",
         *self.clusterInfo['cluster']['resourcesVpcConfig']['subnetIds'],
         region=self.region)
Beispiel #4
0
def wait_for_interface_ready(interface_id):
    for i in range(0, 10):
        time.sleep(10)
        interfaces = run_out("aws", "ec2", "describe-network-interfaces", "--network-interface-ids", interface_id,
                             "--filters", "Name=status,Values=in-use")["NetworkInterfaces"]
        if len(interfaces) > 0:
            print interfaces
            return
Beispiel #5
0
def create_ec2(key_name, image_id, instance_type, sec_group, network_interfaces, data):
    data = run_out("aws", "ec2", "run-instances",
                   "--key-name", key_name,
                   "--user-data", data,
                   "--image-id", image_id,
                   "--instance-type", instance_type,
                   "--security-group-ids", sec_group,
                   "--network-interfaces", network_interfaces)["Instances"][0]
    instance_id = data["InstanceId"]
    for i in range(0, 10):
        try:
            status = run_out("aws", "ec2", "describe-instance-status",
                             "--instance-id", instance_id)["InstanceStatuses"][0]["InstanceState"]["Name"]
            if status == "running":
                break
        except IndexError:
            pass
        time.sleep(10)
    return data
Beispiel #6
0
    def get_security_group_id(self):
        res = run_out(
            "aws", "ec2", "describe-security-groups", "--region", self.region,
            "--filters", "Name=tag:aws:cloudformation:logical-id,Values=SG",
            "Name=tag:alpha.eksctl.io/cluster-name,Values=" + self.name)

        sgs = res['SecurityGroups']
        if len(sgs) < 1:
            raise Exception(
                "no security group found for cluster {0} nodegroup".format(
                    self.name))
        return sgs[0]["GroupId"]
Beispiel #7
0
def open_security_groups(cluster_name, region):
    res = run_out(
        "aws", "ec2", "describe-security-groups", "--region", region,
        "--filters", "Name=tag:aws:cloudformation:logical-id,Values=SG",
        "Name=tag:alpha.eksctl.io/cluster-name,Values=" + cluster_name)

    sg = res['SecurityGroups']
    if len(sg) < 1:
        raise Exception(
            "no security group found for cluster {0} nodegroup".format(
                cluster_name))

    subprocess.check_call([
        "aws", "ec2", "authorize-security-group-ingress", "--group-id",
        sg[0]['GroupId'], "--protocol", "-1", "--port", "-1", "--cidr",
        "0.0.0.0/0", "--region", region
    ])
Beispiel #8
0
def open_security_groups(cluster_name, region, private_subnets_cidrs,
                         public_subnets_cidrs):
    res = run_out(
        "aws", "ec2", "describe-security-groups", "--region", region,
        "--filters", "Name=tag:aws:cloudformation:logical-id,Values=SG",
        "Name=tag:alpha.eksctl.io/cluster-name,Values=" + cluster_name)

    sg = res['SecurityGroups']
    if len(sg) < 1:
        raise Exception(
            "no security group found for cluster {0} nodegroup".format(
                cluster_name))

    sg_id = sg[0]['GroupId']

    # TODO: Open only the required ports
    # for now port 3389 was skipped
    if public_subnets_cidrs:
        for cidr in public_subnets_cidrs:
            for protocol in ['tcp', 'udp']:
                authorize_security_group_ingress(
                    sg_id=sg_id,
                    protocol=protocol,
                    port_range="1025-3388",
                    cidr=cidr,
                    region=region,
                )
                authorize_security_group_ingress(
                    sg_id=sg_id,
                    protocol=protocol,
                    port_range="3390-65535",
                    cidr=cidr,
                    region=region,
                )

    if private_subnets_cidrs:
        for cidr in private_subnets_cidrs:
            # opening all the ports for private subnets
            authorize_security_group_ingress(
                sg_id=sg_id,
                protocol="-1",
                port_range="-1",
                cidr=cidr,
                region=region,
            )
Beispiel #9
0
def associate_interface(interface_id, allocation_id):
    wait_for_interface_ready(interface_id)
    run_out("aws", "ec2", "associate-address",
            "--allocation-id", allocation_id,
            "--network-interface-id", interface_id)
Beispiel #10
0
def create_elastic_allocation(vpc_id):
    return run_out("aws", "ec2", "allocate-address", "--domain", vpc_id)["AllocationId"]