def _get_lb_sg(self):
elb_conn = get_ec2_connection(server_type='elb')
elb = elb_conn.get_all_load_balancers()
if elb:
conn = get_ec2_connection(server_type='ec2')
sg = elb[0].source_security_group
groups = conn.get_all_security_groups(groupnames=[sg.name])
self._groups['load-balancer'] = groups[0]
return self._groups['load-balancer']
return None
def _get_lb_sg(self):
elb_conn = get_ec2_connection(server_type='elb')
elb = elb_conn.get_all_load_balancers()
if elb:
conn = get_ec2_connection(server_type='ec2')
sg = elb[0].source_security_group
groups = conn.get_all_security_groups(groupnames=[sg.name])
self._groups['load-balancer'] = groups[0]
return self._groups['load-balancer']
return None
def get_security_group(self, section):
if not section in self._groups:
if section == 'load-balancer':
self._groups[section] = self._get_lb_sg()
else:
conn = get_ec2_connection(server_type='ec2')
self._groups[section] = get_security_group(conn, section)
return self._groups[section]
def get_security_group(self, section):
if not section in self._groups:
if section == 'load-balancer':
self._groups[section] = self._get_lb_sg()
else:
conn = get_ec2_connection(server_type='ec2')
self._groups[section] = get_security_group(conn, section)
return self._groups[section]
def _update_server(self, **kwargs):
conn = get_ec2_connection(server_type='ec2', **kwargs)
elb_conn = get_ec2_connection(server_type='elb', **kwargs)
zones = [ z.name for z in conn.get_all_zones()]
context = self.get_context()
lb_name = context.get('lb_name')
listeners = context.get('listeners')
connections = env.config_object.get_list('app-server',
env.config_object.CONNECTIONS)
instances = set(self.get_instance_id_by_connections(connections))
if len(instances) == 0:
print "Cannot find any ec2 instances match your connections"
sys.exit(1)
elb = self._get_elb(elb_conn, lb_name)
print "find load balancer %s" %lb_name
if not elb:
elb = elb_conn.create_load_balancer(lb_name, zones, listeners)
print "load balancer %s successfully created" %lb_name
elb_instances = set([x.id for x in elb.instances])
to_remove = elb_instances - instances
to_add = instances - elb_instances
if to_add:
elb.register_instances(to_add)
print "register instances into load balancer"
print to_add
if to_remove:
print "remove instances from load balancer"
print to_remove
elb.deregister_instances(list(to_remove))
hc_policy = context.get('hc_policy')
if not hc_policy:
hc_policy = self.hc_policy
print "Configure load balancer health check policy"
hc = HealthCheck(**hc_policy)
elb.configure_health_check(hc)
def _update_server(self, **kwargs):
conn = get_ec2_connection(server_type='ec2', **kwargs)
elb_conn = get_ec2_connection(server_type='elb', **kwargs)
zones = [z.name for z in conn.get_all_zones()]
context = self.get_context()
lb_name = context.get('lb_name')
listeners = context.get('listeners')
connections = env.config_object.get_list('app-server',
env.config_object.CONNECTIONS)
instances = set(self.get_instance_id_by_connections(connections))
if len(instances) == 0:
print "Cannot find any ec2 instances match your connections"
sys.exit(1)
elb = self._get_elb(elb_conn, lb_name)
print "find load balancer %s" % lb_name
if not elb:
elb = elb_conn.create_load_balancer(lb_name, zones, listeners)
print "load balancer %s successfully created" % lb_name
elb_instances = set([x.id for x in elb.instances])
to_remove = elb_instances - instances
to_add = instances - elb_instances
if to_add:
elb.register_instances(to_add)
print "register instances into load balancer"
print to_add
if to_remove:
print "remove instances from load balancer"
print to_remove
elb.deregister_instances(list(to_remove))
hc_policy = context.get('hc_policy')
if not hc_policy:
hc_policy = self.hc_policy
print "Configure load balancer health check policy"
hc = HealthCheck(**hc_policy)
elb.configure_health_check(hc)
def run(self, section, **kwargs):
conn = get_ec2_connection(server_type='ec2', **kwargs)
elb_conn = get_ec2_connection(server_type='elb', **kwargs)
zones = [z.name for z in conn.get_all_zones()]
lb_name = env.get('lb_name')
if not lb_name:
lb_name = env.project_name
listeners = env.get('listeners')
if not listeners:
listeners = self.listeners
connections = env.config_object.get_list(section,
env.config_object.CONNECTIONS)
ips = [ip.split('@')[-1] for ip in connections]
for ip in ips:
instances = self.get_instance_id_by_ip(ip, **kwargs)
if len(instances) == 0:
print "Cannot find any ec2 instances match your connections"
sys.exit(1)
elb = self._get_elb(elb_conn, lb_name)
print "find load balancer %s" % lb_name
if not elb:
elb = elb_conn.create_load_balancer(lb_name,
zones,
listeners,
security_groups=['lb_sg'])
print "load balancer %s successfully created" % lb_name
elb.register_instances(instances)
print "register instances into load balancer"
print instances
hc_policy = env.get('hc_policy')
if not hc_policy:
hc_policy = self.hc_policy
print "Configure load balancer health check policy"
print hc
hc = HealthCheck(**hc_policy)
elb.configure_health_check(hc)
def run(self, section, **kwargs):
conn = get_ec2_connection(server_type='ec2', **kwargs)
elb_conn = get_ec2_connection(server_type='elb', **kwargs)
zones = [ z.name for z in conn.get_all_zones()]
lb_name = env.get('lb_name')
if not lb_name:
lb_name = env.project_name
listeners = env.get('listeners')
if not listeners:
listeners = self.listeners
connections = env.config_object.get_list(section,
env.config_object.CONNECTIONS)
ips = [ ip.split('@')[-1] for ip in connections]
for ip in ips:
instances = self.get_instance_id_by_ip(ip, **kwargs)
if len(instances) == 0:
print "Cannot find any ec2 instances match your connections"
sys.exit(1)
elb = self._get_elb(elb_conn, lb_name)
print "find load balancer %s" %lb_name
if not elb:
elb = elb_conn.create_load_balancer(lb_name, zones, listeners,
security_groups=['lb_sg'])
print "load balancer %s successfully created" %lb_name
elb.register_instances(instances)
print "register instances into load balancer"
print instances
hc_policy = env.get('hc_policy')
if not hc_policy:
hc_policy = self.hc_policy
print "Configure load balancer health check policy"
print hc
hc = HealthCheck(**hc_policy)
elb.configure_health_check(hc)
def get_instance_id_by_ip(self, ip, **kwargs):
"""
get ec2 instance id based on ip address
"""
instances = []
conn = get_ec2_connection(server_type='ec2', **kwargs)
reservations = conn.get_all_instances()
for resv in reservations:
for instance in resv.instances:
if instance.ip_address == ip or instance.public_dns_name == ip:
instances.append(instance.id)
return instances
def get_instance_id_by_ip(self, ip, **kwargs):
"""
get ec2 instance id based on ip address
"""
instances = []
conn = get_ec2_connection(server_type='ec2', **kwargs)
reservations = conn.get_all_instances()
for resv in reservations:
for instance in resv.instances:
if instance.ip_address == ip:
instances.append(instance.id)
return instances
def run(self, section=None, **kwargs):
conf = env.config_object
conn = get_ec2_connection(server_type='ec2', **kwargs)
if section:
sections = [section]
else:
sections = conf.server_sections()
for section in sections:
open_ports = conf.get_list(section, conf.OPEN_PORTS)
restricted_ports = conf.get_list(section, conf.RESTRICTED_PORTS)
if (not open_ports and not restricted_ports
or section == 'load-balancer'):
continue
host_sg = get_security_group(conn, section)
if open_ports:
for port in open_ports:
try:
host_sg.authorize('tcp', port, port, '0.0.0.0/0')
except:
pass
if restricted_ports:
for s in conf.get_list(section, conf.ALLOWED_SECTIONS):
if s == 'load-balancer':
guest_sg = self._get_lb_sg(**kwargs)
else:
guest_sg = get_security_group(conn, s)
if guest_sg:
for port in restricted_ports:
try:
if s == 'load-balancer':
conn.authorize_security_group(
host_sg.name,
src_security_group_name='amazon-elb-sg',
src_security_group_owner_id=
'amazon-elb',
from_port=port,
to_port=port,
ip_protocol='tcp')
else:
host_sg.authorize('tcp',
port,
port,
src_group=guest_sg)
except:
pass
def get_instance_id_by_connections(self, connections, **kwargs):
"""
get ec2 instance id based on ip address
"""
ips = set([ ip.split('@')[-1] for ip in connections])
instances = []
conn = get_ec2_connection(server_type='ec2', **kwargs)
reservations = conn.get_all_instances()
for resv in reservations:
for instance in resv.instances:
if instance.ip_address in ips or instance.public_dns_name in ips:
instances.append(instance.id)
return instances
def get_instance_id_by_connections(self, connections, **kwargs):
"""
get ec2 instance id based on ip address
"""
ips = set([ip.split('@')[-1] for ip in connections])
instances = []
conn = get_ec2_connection(server_type='ec2', **kwargs)
reservations = conn.get_all_instances()
for resv in reservations:
for instance in resv.instances:
if instance.ip_address in ips or instance.public_dns_name in ips:
instances.append(instance.id)
return instances
def run(self, section=None, **kwargs):
conf = env.config_object
conn = get_ec2_connection(server_type='ec2', **kwargs)
if section:
sections = [section]
else:
sections = conf.server_sections()
for section in sections:
open_ports = conf.get_list(section, conf.OPEN_PORTS)
restricted_ports = conf.get_list(section, conf.RESTRICTED_PORTS)
if (not open_ports and not restricted_ports
or section == 'load-balancer'):
continue
host_sg = get_security_group(conn, section)
if open_ports:
for port in open_ports:
try:
host_sg.authorize('tcp', port, port, '0.0.0.0/0')
except:
pass
if restricted_ports:
for s in conf.get_list(section, conf.ALLOWED_SECTIONS):
if s == 'load-balancer':
guest_sg = self._get_lb_sg(**kwargs)
else:
guest_sg = get_security_group(conn, s)
if guest_sg:
for port in restricted_ports:
try:
if s == 'load-balancer':
conn.authorize_security_group(host_sg.name,
src_security_group_name='amazon-elb-sg',
src_security_group_owner_id='amazon-elb',
from_port=port, to_port=port,
ip_protocol='tcp')
else:
host_sg.authorize('tcp', port, port,
src_group=guest_sg)
except:
pass
def _get_lb_sg(self, **kwargs):
elb_conn = get_ec2_connection(server_type='elb', **kwargs)
elb = elb_conn.get_all_load_balancers()
if elb:
return elb[0].source_security_group
return None
def _get_lb_sg(self, **kwargs):
elb_conn = get_ec2_connection(server_type='elb', **kwargs)
elb = elb_conn.get_all_load_balancers()
if elb:
return elb[0].source_security_group
return None
