def rolespec_validate(self, **kwargs):
"""
Validates correct cross-account Role setup by attempting to assume one or more
specified rolespec(s) in target account.
"""
import yaml
print "In command: account rolespec validate"
cli = Command.get_cli(kwargs)
role_playbook = self.get_command_playbook("validate_credentials.yml")
roleFound = False
roleSucceeded = False
customer = ""
command = kwargs.get("commandname", None)
try:
if not command is None:
cli.get_nucleator_command(command)
except Exception, e:
print "No command with that name. Run \"nucleator --help\" to see a list of available commands"
return
def keypair_sync(self, **kwargs):
"""
Synchronizing the keypair files locally to/from nucleator-ui, nucleator.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars={
"cage_name": cage,
"customer_name": customer,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
command_list = []
command_list.append("builder")
inventory_manager_rolename = "NucleatorBuilderInventoryManager"
cli.obtain_credentials(commands = command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None), debug_credentials=kwargs.get("debug_credentials", None)) # pushes credentials into environment
return cli.safe_playbook(
self.get_command_playbook("rsync_pem.yml"),
inventory_manager_rolename,
**extra_vars
)
def rolespec_list(self, **kwargs):
"""
This command lists the names and descriptions of rolespecs currently available
within Nucleator config (i.e., rolespecs for core plus all contrib installed
modules)
Implements the account rolespec list subsubcommand
"""
import yaml
print "In command: account rolespec list"
roleName = kwargs.get("rolename", None)
command = kwargs.get("commandname", None)
cli = Command.get_cli(kwargs)
roleFound = False
try:
if not command is None:
cli.get_nucleator_command(command)
except Exception, e:
print "No command with that name. Run \"nucleator --help\" to see a list of available commands"
return
def rolespec_provision(self, **kwargs):
"""
This command adds IAM Roles and/or Instance Profiles within the AWS Account
consistent with the specified rolespecs available in Nucleator config. Specify
a single rolespec to provision, or provision all rolespecs.
"""
import yaml
print "In command: account rolespec provision"
cli = Command.get_cli(kwargs)
playbooks = cli.ansible_path_list("role_provision.yml")
roleFound = False
firstRun = True
command = kwargs.get("commandname", None)
try:
if not command is None:
cli.get_nucleator_command(command)
except Exception, e:
print "No command with that name. Run \"nucleator --help\" to see a list of available commands"
return
def orchestrate(self, **kwargs):
"""
Provisions an S3 bucket and an SQS queue within specified Account for specified Customer.
"""
cli = Command.get_cli(kwargs)
queue_name = kwargs.get("queue_name", None)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
extra_vars = {
"cage_name": cage,
"customer_name": customer,
"queue_name": queue_name,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
playbook = "orchestrate.yml"
command_list = []
command_list.append("bucketandq")
cli.obtain_credentials(commands=command_list,
cage=cage,
customer=customer,
verbosity=kwargs.get("verbosity", None),
debug_credentials=kwargs.get(
"debug_credentials", None))
return cli.safe_playbook(
self.get_command_playbook(playbook),
is_static=
True, # do not use dynamic inventory script, credentials may not be available
**extra_vars)
def provision(self, **kwargs):
"""
Provisions a Stackset that includes Nucleator, Jenkins and Artifactory instances
that can be used to implement a build / test / deploy workflow for one or more
applications.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars={
"cage_name": cage,
"customer_name": customer,
"cli_stackset_name": "builder",
"cli_stackset_instance_name": "singleton",
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
extra_vars["builder_deleting"]=kwargs.get("builder_deleting", False)
command_list = []
command_list.append("account")
command_list.append("cage")
command_list.append("builder")
cli.obtain_credentials(commands = command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None), debug_credentials=kwargs.get("debug_credentials", None))
return cli.safe_playbook(self.get_command_playbook("builder_provision.yml"),
is_static=True, # dynamic inventory not required
**extra_vars
)
def configure(self, **kwargs):
"""
Configures the Nucleator, Jenkins and Artifactory instances deployed by the
Builder Provision command.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars={
"cage_name": cage,
"customer_name": customer,
"cli_stackset_name": "builder",
"cli_stackset_instance_name": "singleton",
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
command_list = []
command_list.append("builder")
inventory_manager_rolename = "NucleatorBuilderInventoryManager"
cli.obtain_credentials(commands = command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None), debug_credentials=kwargs.get("debug_credentials", None)) # pushes credentials into environment
return cli.safe_playbook(
self.get_command_playbook("builder_configure.yml"),
inventory_manager_rolename,
**extra_vars
)
def provision(self, **kwargs):
"""
Provisions a Nucleator Cage within specified Account for specified Customer.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
create_bucket = kwargs.get("create_bucket", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
if create_bucket is None:
raise ValueError("Internal Error: create_bucket is None but should have been set by parser")
extra_vars={
"cage_name": cage,
"customer_name": customer,
"create_bucket": create_bucket,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
extra_vars["cage_deleting"]=kwargs.get("cage_deleting", False)
command_list = []
command_list.append("account")
command_list.append("cage")
cli.obtain_credentials(commands = command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None), debug_credentials=kwargs.get("debug_credentials", None))
return cli.safe_playbook(self.get_command_playbook("cage_provision.yml"),
is_static=True, # do not use dynamic inventory script, credentials may not be available
**extra_vars
)
def provision(self, **kwargs):
"""
Provisions an S3 bucket and an SQS queue within specified Account for specified Customer.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
app_name = kwargs.get("app_name", "pipeline")
extra_vars={
"cage_name": cage,
"customer_name": customer,
"app_name": app_name,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
"rs_url": kwargs.get("redshift_url", None),
}
command_list = []
command_list.append("account")
command_list.append("cage") # because stackset/ansible/roles/instan... depends on cage_provision
command_list.append("bucketandq")
cli.obtain_credentials(commands = command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None), debug_credentials=kwargs.get("debug_credentials", None))
return cli.safe_playbook(self.get_command_playbook("bucketandq-provision.yml"),
is_static=True, # do not use dynamic inventory script, credentials may not be available
**extra_vars
)
def configure(self, **kwargs):
"""
This command configures a new Redshift cluster in the indicated Customer Cage.
It installs users on the bastion host to enable tunnelling to the Redshift Cluster.
TODO: install users on the cluster.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars = {
"cage_name": cage,
"customer_name": customer,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
command_list = []
command_list.append("redshift")
cli.obtain_credentials(commands=command_list,
cage=cage,
customer=customer,
verbosity=kwargs.get("verbosity", None),
debug_credentials=kwargs.get(
"debug_credentials", None))
return cli.safe_playbook(
self.get_command_playbook("redshift_configure.yml"),
is_static=True, # dynamic inventory not required
**extra_vars)
def orchestrate(self, **kwargs):
"""
Provisions an S3 bucket and an SQS queue within specified Account for specified Customer.
"""
cli = Command.get_cli(kwargs)
queue_name = kwargs.get("queue_name", None)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
extra_vars={
"cage_name": cage,
"customer_name": customer,
"queue_name": queue_name,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
playbook = "orchestrate.yml"
command_list = []
command_list.append("bucketandq")
cli.obtain_credentials(commands = command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None), debug_credentials=kwargs.get("debug_credentials", None))
return cli.safe_playbook(self.get_command_playbook(playbook),
is_static=True, # do not use dynamic inventory script, credentials may not be available
**extra_vars
)
def publish(self, **kwargs):
"""
This command publishes the instance to an AMI
"""
cli = Command.get_cli(kwargs)
customer = kwargs.get("customer", None)
if customer is None:
raise ValueError("customer must be specified")
cage = kwargs.get("cage", None)
if cage is None:
raise ValueError("Internal Error: cage should be specified but is not")
stackset_instance_name = kwargs.get("name", None)
if stackset_instance_name is None:
raise ValueError("Internal Eror: name should be specified but is not")
bakery_group = kwargs.get("group", None)
if customer is None:
raise ValueError("group must be specified")
ami_name = kwargs.get("ami_name", None)
if ami_name is None:
raise ValueError("An ami name must be specified")
ami_region = kwargs.get("ami_region", None)
extra_vars={
"cage_name": cage,
"customer_name": customer,
"bakery_group": bakery_group,
"ami_name": ami_name,
"ami_region": ami_region,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
extra_vars["service_name"] = bakery_group
namespaced_service_name="{0}-{1}-{2}-{3}".format(self.name, stackset_instance_name, cage, customer)
namespaced_service_name = self.safe_hashed_name(namespaced_service_name, 100)
extra_vars["cli_stackset_name"] = self.name
extra_vars["cli_stackset_instance_name"] = namespaced_service_name
command_list = []
command_list.append(self.name)
inventory_manager_rolename = "NucleatorBakeryPublisher"
playbook = "%s_publish.yml" % self.name
cli.obtain_credentials(commands = command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None), debug_credentials=kwargs.get("debug_credentials", None)) # pushes credentials into environment
return cli.safe_playbook(
self.get_command_playbook(playbook),
inventory_manager_rolename,
**extra_vars
)
def configure(self, **kwargs):
"""
Configure instances within a provisioned Apache, potentially including all of
its provisioned Stacksets. Configure instances across all Stacksets, or
limit to to specified Stackset types
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
restart_nat = kwargs.get("restart_nat", False)
limit_stackset = kwargs.get("limit_stackset", None)
limit_stackset_instance = kwargs.get("limit_stackset_instance", None)
list_hosts = kwargs.get("list_hosts", None)
verbosity = kwargs.get("verbosity", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars = {
"cage_name": cage,
"customer_name": customer,
"limit_stackset": limit_stackset,
"limit_stackset_instance": limit_stackset_instance,
"list_hosts": list_hosts,
"verbosity": verbosity,
"restart_nat": restart_nat,
}
command_list = []
command_list.append("account")
command_list.append("cage")
command_list.append("apache")
inventory_manager_rolename = "NucleatorApacheInventoryManager"
cli.obtain_credentials(
commands=command_list,
cage=cage,
customer=customer,
verbosity=kwargs.get("verbosity",
None)) # pushes credentials into environment
return cli.safe_playbook(
self.get_command_playbook("apache_configure.yml"),
inventory_manager_rolename, **extra_vars)
def configure(self, **kwargs):
"""
This command configures the specified openvpn stackset in the indicated Customer Cage.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars = {
"cage_name": cage,
"customer_name": customer,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
name = kwargs.get("name", None)
if name is None:
raise ValueError("name must be specified")
self.validate_name(name)
extra_vars["name"] = name
extra_vars["cli_stackset_name"] = "openvpn"
extra_vars["cli_stackset_instance_name"] = name
# Used by the openvpn-2fa role
extra_vars["EASYRSA_REQ_ORG"] = kwargs.get("rsa_org", customer)
extra_vars["EASYRSA_REQ_EMAIL"] = kwargs.get("rsa_email", "{0}@{1}".format(cage, customer))
extra_vars["EASYRSA_REQ_OU"] = kwargs.get("rsa_ou", "{0} {0} cage".format(customer, cage))
command_list = []
command_list.append("account")
command_list.append("cage")
command_list.append("openvpn")
inventory_manager_rolename = "NucleatorOpenvpnInventoryManager"
cli.obtain_credentials(commands=command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None), debug_credentials=kwargs.get("debug_credentials", None))
return cli.safe_playbook(
self.get_command_playbook("openvpn_configure.yml"),
inventory_manager_rolename,
**extra_vars
)
def configure(self, **kwargs):
"""
Configure instances within a provisioned Apache, potentially including all of
its provisioned Stacksets. Configure instances across all Stacksets, or
limit to to specified Stackset types
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
restart_nat = kwargs.get("restart_nat", False)
limit_stackset = kwargs.get("limit_stackset", None)
limit_stackset_instance = kwargs.get("limit_stackset_instance", None)
list_hosts = kwargs.get("list_hosts", None)
verbosity = kwargs.get("verbosity", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars={
"cage_name": cage,
"customer_name": customer,
"limit_stackset": limit_stackset,
"limit_stackset_instance": limit_stackset_instance,
"list_hosts": list_hosts,
"verbosity": verbosity,
"restart_nat": restart_nat,
}
command_list = []
command_list.append("account")
command_list.append("cage")
command_list.append("apache")
inventory_manager_rolename = "NucleatorApacheInventoryManager"
cli.obtain_credentials(commands = command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None)) # pushes credentials into environment
return cli.safe_playbook(
self.get_command_playbook("apache_configure.yml"),
inventory_manager_rolename,
**extra_vars
)
def provision(self, **kwargs):
"""
This command provisions a new openvpn compute instance in the indicated Customer Cage.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars = {
"cage_name": cage,
"customer_name": customer,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
extra_vars["openvpn_deleting"] = kwargs.get("openvpn_deleting", False)
name = kwargs.get("name", None)
if name is None:
raise ValueError("name must be specified")
self.validate_name(name)
extra_vars["name"] = name
extra_vars["cli_stackset_name"] = "openvpn"
extra_vars["cli_stackset_instance_name"] = name
instance_type = kwargs.get("instance_type", None)
extra_vars["openvpn_instance_type"] = instance_type
command_list = []
command_list.append("account")
command_list.append("cage")
command_list.append("openvpn")
cli.obtain_credentials(commands=command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None), debug_credentials=kwargs.get("debug_credentials", None))
return cli.safe_playbook(self.get_command_playbook("openvpn_provision.yml"),
is_static=True, # dynamic inventory not required
**extra_vars
)
def provision(self, **kwargs):
"""
Provisions a Nucleator Apache Stackset at specied cage / customer.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars = {
"cage_name": cage,
"customer_name": customer,
"verbosity": kwargs.get("verbosity", None),
}
extra_vars["apache_deleting"] = kwargs.get("apache_deleting", False)
name = kwargs.get("name", None)
if name is None:
raise ValueError("name must be specified")
extra_vars["cluster_name"] = name
extra_vars["cli_stackset_name"] = "apache"
extra_vars["cli_stackset_instance_name"] = name
command_list = []
command_list.append("account")
command_list.append("cage")
command_list.append("apache")
cli.obtain_credentials(commands=command_list,
cage=cage,
customer=customer,
verbosity=kwargs.get("verbosity", None))
return cli.safe_playbook(
self.get_command_playbook("apache_provision.yml"),
is_static=
True, # do not use dynamic inventory script, credentials may not be available
**extra_vars)
def update_roles(self, **kwargs):
"""
Use ansible-galaxy to install Ansible roles and any role dependencies
specified in ansible/roles/roles.yml for any installed Nucleator Stackset.
"""
utils.write("\nUpdating ansible roles specified in installed Nucleator Stacksets using ansible-galaxy.\n")
cli=Command.get_cli(kwargs)
cli.import_commands(os.path.join(properties.NUCLEATOR_CONFIG_DIR,"contrib"))
path_list = cli.ansible_path_list("roles", isdir=True)
for roles_path in path_list:
sources = os.path.join(roles_path, "roles.yml")
if os.path.isfile(sources):
# import roles using ansible galaxy
update_command = [
"ansible-galaxy", "install",
"--force",
"--role-file", sources,
"--roles-path", roles_path,
]
utils.write(" ".join(update_command) + "\n")
os.environ["PYTHONUNBUFFERED"]="1"
try:
update_process=usp.Popen(
update_command,
shell=False,
stdout=usp.PIPE,
stderr=usp.PIPE
)
update_out, update_err = update_process.communicate()
update_rc = update_process.returncode
except Exception, e:
utils.write_err("Exception while updating ansible roles from specified sources:\n{0}".format(e), False)
raise e
if update_rc != 0:
utils.write_err("Received non-zero return code {0} while attempting to update ansible roles from specified sources using command: {1}\n\ncaptured stderr:\n{2}\n\n exiting with return code 1...".format(update_rc, " ".join(update_command), update_err))
def provision(self, **kwargs):
"""
Provisions an S3 bucket and an SQS queue within specified Account for specified Customer.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
app_name = kwargs.get("app_name", "pipeline")
extra_vars = {
"cage_name": cage,
"customer_name": customer,
"app_name": app_name,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
"rs_url": kwargs.get("redshift_url", None),
}
command_list = []
command_list.append("account")
command_list.append(
"cage"
) # because stackset/ansible/roles/instan... depends on cage_provision
command_list.append("bucketandq")
cli.obtain_credentials(commands=command_list,
cage=cage,
customer=customer,
verbosity=kwargs.get("verbosity", None),
debug_credentials=kwargs.get(
"debug_credentials", None))
return cli.safe_playbook(
self.get_command_playbook("bucketandq-provision.yml"),
is_static=
True, # do not use dynamic inventory script, credentials may not be available
**extra_vars)
def provision(self, **kwargs):
"""
Provisions a Nucleator Apache Stackset at specied cage / customer.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars={
"cage_name": cage,
"customer_name": customer,
"verbosity": kwargs.get("verbosity", None),
}
extra_vars["apache_deleting"]=kwargs.get("apache_deleting", False)
name = kwargs.get("name", None)
if name is None:
raise ValueError("name must be specified")
extra_vars["cluster_name"] = name
extra_vars["cli_stackset_name"] = "apache"
extra_vars["cli_stackset_instance_name"] = name
command_list = []
command_list.append("account")
command_list.append("cage")
command_list.append("apache")
cli.obtain_credentials(commands = command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None))
return cli.safe_playbook(self.get_command_playbook("apache_provision.yml"),
is_static=True, # do not use dynamic inventory script, credentials may not be available
**extra_vars
)
def setup(self, **kwargs):
"""
The account setup command prepares a new Account for creation of Cages specified
in the customer configuration. It creates a hosted zone for each Cage in the Account,
creates an S3 bucket for CloudFormation template storage used by all Nucleator
modules within the Account and sets up the Account to conform with Nucleator operations
best practices.
"""
cli = Command.get_cli(kwargs)
account = kwargs.get("account", None)
customer = kwargs.get("customer", None)
if account is None or customer is None:
raise ValueError("account and customer must be specified")
command_list = []
command_list.append("account")
cli.obtain_credentials(commands=command_list,
account=account,
customer=customer,
verbosity=kwargs.get("verbosity", None),
debug_credentials=kwargs.get(
"debug_credentials", None))
extra_vars = {
"account_name": account,
"customer_name": customer,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
return cli.safe_playbook(
self.get_command_playbook("account_setup.yml"),
is_static=
True, # do not use dynamic inventory script, credentials may not be available
**extra_vars)
def provision(self, **kwargs):
"""
This command provisions instances that provide the foundation for required AMIs.
"""
cli = Command.get_cli(kwargs)
customer = kwargs.get("customer", None)
if customer is None:
raise ValueError("customer must be specified")
cage = kwargs.get("cage", None)
if cage is None:
raise ValueError("Internal Error: cage should be specified but is not")
ami_id = kwargs.get("ami_id", "None")
ami_name = kwargs.get("ami_name", "None")
keypair_name = kwargs.get("keypair_name", "None")
stackset_instance_name = kwargs.get("name", None)
if stackset_instance_name is None:
raise ValueError("Internal Eror: name should be specified but is not")
bakery_group = kwargs.get("group", None)
if customer is None:
raise ValueError("group must be specified")
extra_vars={
"cage_name": cage,
"customer_name": customer,
"ami_id": ami_id,
"ami_name": ami_name,
"bakery_group": bakery_group,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
"keypair_name": keypair_name
}
extra_vars["service_name"] = bakery_group
namespaced_service_name="{0}-{1}-{2}-{3}".format(self.name, stackset_instance_name, cage, customer)
namespaced_service_name = self.safe_hashed_name(namespaced_service_name, 100)
extra_vars["cli_stackset_name"] = self.name
extra_vars["cli_stackset_instance_name"] = namespaced_service_name
extra_vars["bakery_deleting"]=kwargs.get("bakery_deleting", False)
command_list = []
command_list.append("account")
command_list.append("cage")
command_list.append(self.name)
rolename = self.im_role_name
playbook = "%s_provision.yml" % self.name
if extra_vars["bakery_deleting"]:
playbook = "bakery_delete.yml"
rolename = self.deleter_role_name
cli.obtain_credentials(commands = command_list, cage=cage, customer=customer, verbosity=kwargs.get("verbosity", None), debug_credentials=kwargs.get("debug_credentials", None))
rc = cli.safe_playbook(self.get_command_playbook(playbook),
rolename,
is_static=True, # dynamic inventory not required
**extra_vars
)
# It would be nice at some point to run a configure on what we just provisioned
# result=dict(stdout=playbook_out, stderr=playbook_err, rc=rc, fatal=FOUND_FATAL)
# {'fatal': False, 'rc': 0, 'stderr': '', 'stdout': '\nPLAY [....'}
# if rc.rc != 0:
# return rc
# get instance id back from playbook
# parse from rc.stdout?
# extra_vars["instance_id"] = ""
# playbook = "%s_configure.yml" % self.name
# rc = cli.safe_playbook(self.get_command_playbook(playbook),
# inventory_manager_rolename,
# is_static=True, # dynamic inventory not required
# **extra_vars
# )
return rc
def provision(self, **kwargs):
"""
This command provisions a new Redshift cluster in the indicated Customer Cage.
"""
cli = Command.get_cli(kwargs)
cage = kwargs.get("cage", None)
customer = kwargs.get("customer", None)
if cage is None or customer is None:
raise ValueError("cage and customer must be specified")
extra_vars = {
"cage_name": cage,
"customer_name": customer,
"verbosity": kwargs.get("verbosity", None),
"debug_credentials": kwargs.get("debug_credentials", None),
}
extra_vars["redshift_deleting"] = kwargs.get("redshift_deleting",
False)
cluster_name = kwargs.get("cluster_name", None)
if cluster_name is None:
raise ValueError("cluster_name must be specified")
self.validate_cluster_name(cluster_name)
extra_vars["cluster_name"] = cluster_name
extra_vars["cli_stackset_name"] = "redshift"
extra_vars["cli_stackset_instance_name"] = cluster_name
cluster_type = kwargs.get("cluster_type", None)
if cluster_type is None:
cluster_type = "single-node"
if not cluster_type in self.cluster_types:
raise ValueError("unsupported redshift cluster type")
extra_vars["cluster_type"] = cluster_type
node_type = kwargs.get("node_type", None)
if node_type is None:
node_type = "dw2.large"
if not node_type in self.node_types:
raise ValueError("invalid value for node_type")
extra_vars["node_type"] = node_type
node_limits = self.limits_map.get(node_type)
default_num_nodes = node_limits[0]
num_nodes = kwargs.get("num_nodes", None)
if num_nodes is None:
num_nodes = default_num_nodes
try:
num_nodes = int(num_nodes)
except ValueError:
raise ValueError("invalid value for num_nodes")
if num_nodes < node_limits[0] or num_nodes > node_limits[1]:
raise ValueError(
"value given for num_nodes exceeds limits for selected node_type (%s)"
% node_type)
extra_vars["num_nodes"] = num_nodes
database_name = kwargs.get("database_name", None)
if database_name is None:
database_name = "defaultdb"
self.validate_database_name(database_name)
extra_vars["database_name"] = database_name
master_username = kwargs.get("username", None)
if master_username is None:
raise ValueError("username must be provided")
self.validate_master_username(master_username)
extra_vars["master_username"] = master_username
master_password = kwargs.get("password", None)
if master_password is None:
raise ValueError("password must be provided")
self.validate_master_password(master_password)
extra_vars["master_password"] = master_password
is_encrypted = kwargs.get("encrypted", None)
if is_encrypted is None:
is_encrypted = "false"
is_encrypted = self.booleanize(is_encrypted)
extra_vars["is_encrypted"] = is_encrypted
is_public = kwargs.get("public", None)
if is_public is None:
is_public = "false"
is_public = self.booleanize(is_public)
extra_vars["is_public"] = is_public
port_number = kwargs.get("port", None)
if port_number is None:
port_number = "5439"
extra_vars["port_number"] = port_number
snapshot_id = kwargs.get("snapshot_id", None)
if snapshot_id is None:
snapshot_id = ""
else:
extra_vars["snapshot_id"] = snapshot_id
command_list = []
command_list.append("account")
command_list.append("cage")
command_list.append("redshift")
cli.obtain_credentials(commands=command_list,
cage=cage,
customer=customer,
verbosity=kwargs.get("verbosity", None),
debug_credentials=kwargs.get(
"debug_credentials", None))
return cli.safe_playbook(
self.get_command_playbook("redshift_provision.yml"),
is_static=True, # dynamic inventory not required
**extra_vars)
