def configure_instance_security(self, parameters):
"""
Setup EC2 security keys and groups. Required input values are read from
the parameters dictionary. More specifically, this method expects to
find a 'keyname' parameter and a 'group' parameter in the parameters
dictionary. Using these provided values, this method will create a new
EC2 key-pair and a security group. Security group will be granted permission
to access any port on the instantiated VMs. (Also see documentation for the
BaseAgent class)
Args:
parameters: A dictionary of parameters.
"""
keyname = parameters[self.PARAM_KEYNAME]
group = parameters[self.PARAM_GROUP]
AppScaleLogger.log("Verifying that keyname {0}".format(keyname) + \
" is not already registered.")
conn = self.open_connection(parameters)
if conn.get_key_pair(keyname):
self.handle_failure("SSH keyname {0} is already registered. Please " \
"change the 'keyname' specified in your AppScalefile to a different " \
"value, or erase it to have one automatically generated for you." \
.format(keyname))
security_groups = conn.get_all_security_groups()
for security_group in security_groups:
if security_group.name == group:
self.handle_failure("Security group {0} is already registered. Please" \
" change the 'group' specified in your AppScalefile to a different " \
"value, or erase it to have one automatically generated for you." \
.format(group))
AppScaleLogger.log("Creating key pair: {0}".format(keyname))
key_pair = conn.create_key_pair(keyname)
ssh_key = '{0}{1}.key'.format(LocalState.LOCAL_APPSCALE_PATH, keyname)
LocalState.write_key_file(ssh_key, key_pair.material)
self.create_security_group(parameters, group)
self.authorize_security_group(parameters,
group,
from_port=1,
to_port=65535,
ip_protocol='udp',
cidr_ip='0.0.0.0/0')
self.authorize_security_group(parameters,
group,
from_port=1,
to_port=65535,
ip_protocol='tcp',
cidr_ip='0.0.0.0/0')
self.authorize_security_group(parameters,
group,
from_port=-1,
to_port=-1,
ip_protocol='icmp',
cidr_ip='0.0.0.0/0')
return True
def configure_instance_security(self, parameters):
"""
Setup EC2 security keys and groups. Required input values are read from
the parameters dictionary. More specifically, this method expects to
find a 'keyname' parameter and a 'group' parameter in the parameters
dictionary. Using these provided values, this method will create a new
EC2 key-pair and a security group. Security group will be granted permission
to access any port on the instantiated VMs. (Also see documentation for the
BaseAgent class)
Args:
parameters: A dictionary of parameters.
"""
keyname = parameters[self.PARAM_KEYNAME]
group = parameters[self.PARAM_GROUP]
is_autoscale = parameters['autoscale_agent']
AppScaleLogger.log("Verifying that keyname {0}".format(keyname) + \
" is not already registered.")
conn = self.open_connection(parameters)
# While creating instances during autoscaling, we do not need to create a
# new keypair or a security group. We just make use of the existing one.
if is_autoscale in ['True', True]:
return
if conn.get_key_pair(keyname):
self.handle_failure("SSH keyname {0} is already registered. Please " \
"change the 'keyname' specified in your AppScalefile to a different " \
"value, or erase it to have one automatically generated for you." \
.format(keyname))
security_groups = conn.get_all_security_groups()
for security_group in security_groups:
if security_group.name == group:
self.handle_failure("Security group {0} is already registered. Please" \
" change the 'group' specified in your AppScalefile to a different " \
"value, or erase it to have one automatically generated for you." \
.format(group))
AppScaleLogger.log("Creating key pair: {0}".format(keyname))
key_pair = conn.create_key_pair(keyname)
ssh_key = '{0}{1}.key'.format(LocalState.LOCAL_APPSCALE_PATH, keyname)
LocalState.write_key_file(ssh_key, key_pair.material)
self.create_security_group(parameters, group)
self.authorize_security_group(parameters, group, from_port=1, to_port=65535,
ip_protocol='udp', cidr_ip='0.0.0.0/0')
self.authorize_security_group(parameters, group, from_port=1, to_port=65535,
ip_protocol='tcp', cidr_ip='0.0.0.0/0')
self.authorize_security_group(parameters, group, from_port=-1, to_port=-1,
ip_protocol='icmp', cidr_ip='0.0.0.0/0')
return True
def configure_instance_security(self, parameters):
"""
Setup EC2 security keys and groups. Required input values are read from
the parameters dictionary. More specifically, this method expects to
find a 'keyname' parameter and a 'group' parameter in the parameters
dictionary. Using these provided values, this method will create a new
EC2 key-pair and a security group. Security group will be granted permission
to access any port on the instantiated VMs. (Also see documentation for the
BaseAgent class)
Args:
parameters: A dictionary of parameters.
"""
keyname = parameters[self.PARAM_KEYNAME]
group = parameters[self.PARAM_GROUP]
is_autoscale = parameters[self.PARAM_AUTOSCALE_AGENT]
AppScaleLogger.log("Verifying that keyname {0}".format(keyname) + \
" is not already registered.")
conn = self.open_connection(parameters)
# While creating instances during autoscaling, we do not need to create a
# new keypair or a security group. We just make use of the existing one.
if is_autoscale in ['True', True]:
return
if conn.get_key_pair(keyname):
self.handle_failure("SSH keyname {0} is already registered. Please " \
"change the 'keyname' specified in your AppScalefile to a different " \
"value, or erase it to have one automatically generated for you." \
.format(keyname))
try:
self.get_security_group_by_name(conn, group,
parameters.get(self.PARAM_VPC_ID))
except SecurityGroupNotFoundException:
# If this is raised, the group does not exist.
pass
else:
self.handle_failure(
"Security group {0} is already registered. Please "
"change the 'group' specified in your AppScalefile "
"to a different value, or erase it to have one "
"automatically generated for you.".format(group))
AppScaleLogger.log("Creating key pair: {0}".format(keyname))
key_pair = conn.create_key_pair(keyname)
ssh_key = '{0}{1}.key'.format(LocalState.LOCAL_APPSCALE_PATH, keyname)
LocalState.write_key_file(ssh_key, key_pair.material)
sg = self.create_security_group(parameters, group)
self.authorize_security_group(parameters,
sg.id,
from_port=1,
to_port=65535,
ip_protocol='udp',
cidr_ip='0.0.0.0/0')
self.authorize_security_group(parameters,
sg.id,
from_port=1,
to_port=65535,
ip_protocol='tcp',
cidr_ip='0.0.0.0/0')
self.authorize_security_group(parameters,
sg.id,
from_port=-1,
to_port=-1,
ip_protocol='icmp',
cidr_ip='0.0.0.0/0')
return True
