def setup_route(vpc_id, nat_id, ig_id, gw_subnet_id, vpc_tag_name=None): logger = logging.getLogger(__name__) try: logger.info("get default route table") vpc = resource.Vpc(vpc_id) for default_rt in vpc.route_tables.all(): default_rt.create_route(DestinationCidrBlock="0.0.0.0/0", InstanceId=nat_id) if vpc_tag_name is not None: logger.info("create tag Name : 'main_%s_route_table' of default gateway" % vpc_tag_name) default_rt.create_tags(Tags=[{"Key": "Name", "Value": "main_%s_route_table" % vpc_tag_name}]) logger.info("create customer route table") result = client.create_route_table(VpcId=vpc_id) customer_rt_id = result.get("RouteTable").get("RouteTableId") logger.info("customer route table id : %s" % customer_rt_id) logger.info("create route to internet") client.create_route(RouteTableId=customer_rt_id, DestinationCidrBlock="0.0.0.0/0", GatewayId=ig_id) if vpc_tag_name is not None: logger.info("create tag Name : 'GW_%s_route_table' of customer gateway" % vpc_tag_name) client.create_tags(Resources=[customer_rt_id], Tags=[{"Key": "Name", "Value": "GW_%s_route_table" % vpc_tag_name}]) logger.info("associate route table to GW subnet") client.associate_route_table(SubnetId=gw_subnet_id, RouteTableId=customer_rt_id) except Exception, e: logger.error(e)
def create_vpc(vpc_cidr, tag_name=None): logger = logging.getLogger(__name__) try: result = client.create_vpc(CidrBlock=vpc_cidr) vpc_id = result.get("Vpc").get("VpcId") logger.info("vpc id : %s" % vpc_id) logger.info("modify DNS setting") client.modify_vpc_attribute(VpcId=vpc_id, EnableDnsHostnames={'Value': True}) if tag_name is not None: logger.info("create tag Name : %s" % tag_name) client.create_tags(Resources=[vpc_id], Tags=[{"Key": "Name", "Value": tag_name}]) logger.info("create internet gateway") result = client.create_internet_gateway() ig_id = result.get("InternetGateway").get("InternetGatewayId") logger.info("attach ig %s to VPC" % ig_id) client.attach_internet_gateway(InternetGatewayId=ig_id, VpcId=vpc_id) if tag_name is not None: logger.info("create tag Name : %s_GW" % tag_name) client.create_tags(Resources=[ig_id], Tags=[{"Key": "Name", "Value": "%s_GW" % tag_name}]) return vpc_id, ig_id except Exception, e: logger.error(e)
def create_instances(conf_name): logger = logging.getLogger(__name__) #try: ''' dynamic loading configs based on input ''' sys.path.append(os.path.join(os.path.dirname(__file__), "../config")) _module = importlib.import_module(conf_name) logger.info("config file %s loaded" % conf_name) logger.info("retrieve group info") subnet_id = _module.GROUP.subnet_id logger.info("subnet id : %s" % subnet_id) security_group_ids = _module.GROUP.security_group_ids logger.info("security group ids : %s" % security_group_ids) key_name = _module.GROUP.key_name logger.info("key name : %s" % key_name) logger.info("retrieve instances info") _instance_ids = [] _dns_mapping = {} for instance in _module.GROUP.instances: ami_id = instance.ami_id logger.info("ami id : %s" % ami_id) instance_type = instance.type logger.info("instance type : %s" % instance_type) disks = instance.disks logger.info("disks info : %s" % disks) name = instance.name count = instance.count from_name = name % 1 to_name = name % count logger.info("launching instances %s to %s " % (from_name, to_name)) kargs = instance.kargs result = client.run_instances(ImageId=ami_id, MinCount=count, MaxCount=count, KeyName=key_name, SecurityGroupIds=security_group_ids, InstanceType=instance_type, SubnetId=subnet_id, BlockDeviceMappings=disks, **kargs) instance_ids = [Instance.get("InstanceId") for Instance in result.get("Instances")] _instance_ids.extend(instance_ids) private_ips = [Instance.get("PrivateIpAddress") for Instance in result.get("Instances")] logger.info("instance ids : %s" % instance_ids) logger.info("private ips : %s" % private_ips) for serial in range(0, count): _dns_mapping[name % (serial+1)] = private_ips[serial] logger.info("create tag Name of instance: %s" % instance_ids[serial]) client.create_tags(Resources=[instance_ids[serial]], Tags=[{"Key": "Name", "Value": name % (serial+1)}]) ''' to do add records to r53''' logger.info(_dns_mapping) return _instance_ids
def create_security_group(vpc_id): logger = logging.getLogger(__name__) _security_group = {} try: # create security groups base on config file for security_group in SECURITY_GROUPS: result = client.create_security_group( GroupName=security_group.security_group_name, Description=security_group.description, VpcId=vpc_id) sg_id = result.get("GroupId") logger.info("%s security group id : %s" % (security_group.security_group_name, sg_id)) logger.info("create tag Name : %s" % security_group.security_group_name) client.create_tags(Resources=[sg_id], Tags=[{ "Key": "Name", "Value": security_group.security_group_name }]) sg = resource.SecurityGroup(sg_id) # setup inbound rule for rule in security_group.rules_in: sg.authorize_ingress(GroupId=sg_id, IpProtocol=rule.ip_protocol, FromPort=rule.from_port, ToPort=rule.to_port, CidrIp=rule.cidr_ip) logger.debug("%s rules_in is done" % security_group.security_group_name) # ----AWS bug egress rule can't be setup # # remove default outbound rule # client.revoke_security_group_egress(GroupId=sg_id, # IpProtocol=u"-1", # CidrIp=u"0.0.0.0/0") # # setup outbound rule # for rule in security_group.rules_out: # sg.authorize_egress(GroupId=sg_id, # IpProtocol=rule.ip_protocol, # FromPort=rule.from_port, # ToPort=rule.to_port, # CidrIp=rule.cidr_ip) # logger.debug("%s rules_in is done" % security_group.security_group_name) _security_group[security_group.security_group_name] = sg_id return _security_group except Exception, e: logger.error(e)
def create_subnet(vpc_id, subnet_cidr, tag_name=None): logger = logging.getLogger(__name__) try: result = client.create_subnet(VpcId=vpc_id, CidrBlock=subnet_cidr) subnet_id = result.get("Subnet").get("SubnetId") logger.info("subnet id : %s" % subnet_id) if tag_name is not None: logger.info("create tag Name : %s" % tag_name) client.create_tags(Resources=[subnet_id], Tags=[{"Key": "Name", "Value": tag_name}]) return subnet_id except Exception, e: logger.error(e)
def create_security_group(vpc_id): logger = logging.getLogger(__name__) _security_group = {} try: # create security groups base on config file for security_group in SECURITY_GROUPS: result = client.create_security_group(GroupName=security_group.security_group_name, Description=security_group.description, VpcId=vpc_id) sg_id = result.get("GroupId") logger.info("%s security group id : %s" % (security_group.security_group_name, sg_id)) logger.info("create tag Name : %s" % security_group.security_group_name) client.create_tags(Resources=[sg_id], Tags=[{"Key": "Name", "Value": security_group.security_group_name}]) sg = resource.SecurityGroup(sg_id) # setup inbound rule for rule in security_group.rules_in: sg.authorize_ingress(GroupId=sg_id, IpProtocol=rule.ip_protocol, FromPort=rule.from_port, ToPort=rule.to_port, CidrIp=rule.cidr_ip) logger.debug("%s rules_in is done" % security_group.security_group_name) # ----AWS bug egress rule can't be setup # # remove default outbound rule # client.revoke_security_group_egress(GroupId=sg_id, # IpProtocol=u"-1", # CidrIp=u"0.0.0.0/0") # # setup outbound rule # for rule in security_group.rules_out: # sg.authorize_egress(GroupId=sg_id, # IpProtocol=rule.ip_protocol, # FromPort=rule.from_port, # ToPort=rule.to_port, # CidrIp=rule.cidr_ip) # logger.debug("%s rules_in is done" % security_group.security_group_name) _security_group[security_group.security_group_name] = sg_id return _security_group except Exception, e: logger.error(e)
def create_nat(ami_id, key_name, instance_type, security_group_ids, subnet_id, tag_name=None): logger = logging.getLogger(__name__) try: logger.info("creating NAT instance") result = client.run_instances(ImageId=ami_id, MinCount=1, MaxCount=1, KeyName=key_name, SecurityGroupIds=security_group_ids, InstanceType=instance_type, SubnetId=subnet_id) nat_id = result.get("Instances")[0].get("InstanceId") logger.info("instance id : %s" % nat_id) if tag_name is not None: logger.info("create tag Name : %s" % tag_name) client.create_tags(Resources=[nat_id], Tags=[{"Key": "Name", "Value": tag_name}]) logger.debug("set sourceDestCheck false") client.modify_instance_attribute(InstanceId=nat_id, SourceDestCheck={'Value': False}) # allocate Elastic IP logger.debug("allocate new EIP") result = client.allocate_address() eip = result.get("PublicIp") logger.debug("associate EIP") nat = resource.Instance(nat_id) while nat.state.get("Name") == "pending": logger.info(nat.state) time.sleep(5) nat = resource.Instance(nat_id) client.associate_address(InstanceId=nat_id, PublicIp=eip) logger.info("EIP of this NAT : %s" % eip) return nat_id except Exception, e: logger.error(e)