def setup_route(vpc_id, nat_id, ig_id, gw_subnet_id, vpc_tag_name=None):
logger = logging.getLogger(__name__)
try:
logger.info("get default route table")
vpc = resource.Vpc(vpc_id)
for default_rt in vpc.route_tables.all():
default_rt.create_route(DestinationCidrBlock="0.0.0.0/0",
InstanceId=nat_id)
if vpc_tag_name is not None:
logger.info("create tag Name : 'main_%s_route_table' of default gateway" % vpc_tag_name)
default_rt.create_tags(Tags=[{"Key": "Name",
"Value": "main_%s_route_table" % vpc_tag_name}])
logger.info("create customer route table")
result = client.create_route_table(VpcId=vpc_id)
customer_rt_id = result.get("RouteTable").get("RouteTableId")
logger.info("customer route table id : %s" % customer_rt_id)
logger.info("create route to internet")
client.create_route(RouteTableId=customer_rt_id,
DestinationCidrBlock="0.0.0.0/0",
GatewayId=ig_id)
if vpc_tag_name is not None:
logger.info("create tag Name : 'GW_%s_route_table' of customer gateway" % vpc_tag_name)
client.create_tags(Resources=[customer_rt_id],
Tags=[{"Key": "Name",
"Value": "GW_%s_route_table" % vpc_tag_name}])
logger.info("associate route table to GW subnet")
client.associate_route_table(SubnetId=gw_subnet_id,
RouteTableId=customer_rt_id)
except Exception, e:
logger.error(e)
def create_vpc(vpc_cidr, tag_name=None):
logger = logging.getLogger(__name__)
try:
result = client.create_vpc(CidrBlock=vpc_cidr)
vpc_id = result.get("Vpc").get("VpcId")
logger.info("vpc id : %s" % vpc_id)
logger.info("modify DNS setting")
client.modify_vpc_attribute(VpcId=vpc_id,
EnableDnsHostnames={'Value': True})
if tag_name is not None:
logger.info("create tag Name : %s" % tag_name)
client.create_tags(Resources=[vpc_id],
Tags=[{"Key": "Name",
"Value": tag_name}])
logger.info("create internet gateway")
result = client.create_internet_gateway()
ig_id = result.get("InternetGateway").get("InternetGatewayId")
logger.info("attach ig %s to VPC" % ig_id)
client.attach_internet_gateway(InternetGatewayId=ig_id,
VpcId=vpc_id)
if tag_name is not None:
logger.info("create tag Name : %s_GW" % tag_name)
client.create_tags(Resources=[ig_id],
Tags=[{"Key": "Name",
"Value": "%s_GW" % tag_name}])
return vpc_id, ig_id
except Exception, e:
logger.error(e)
def create_instances(conf_name):
logger = logging.getLogger(__name__)
#try:
''' dynamic loading configs based on input '''
sys.path.append(os.path.join(os.path.dirname(__file__), "../config"))
_module = importlib.import_module(conf_name)
logger.info("config file %s loaded" % conf_name)
logger.info("retrieve group info")
subnet_id = _module.GROUP.subnet_id
logger.info("subnet id : %s" % subnet_id)
security_group_ids = _module.GROUP.security_group_ids
logger.info("security group ids : %s" % security_group_ids)
key_name = _module.GROUP.key_name
logger.info("key name : %s" % key_name)
logger.info("retrieve instances info")
_instance_ids = []
_dns_mapping = {}
for instance in _module.GROUP.instances:
ami_id = instance.ami_id
logger.info("ami id : %s" % ami_id)
instance_type = instance.type
logger.info("instance type : %s" % instance_type)
disks = instance.disks
logger.info("disks info : %s" % disks)
name = instance.name
count = instance.count
from_name = name % 1
to_name = name % count
logger.info("launching instances %s to %s " % (from_name, to_name))
kargs = instance.kargs
result = client.run_instances(ImageId=ami_id,
MinCount=count,
MaxCount=count,
KeyName=key_name,
SecurityGroupIds=security_group_ids,
InstanceType=instance_type,
SubnetId=subnet_id,
BlockDeviceMappings=disks,
**kargs)
instance_ids = [Instance.get("InstanceId") for Instance in result.get("Instances")]
_instance_ids.extend(instance_ids)
private_ips = [Instance.get("PrivateIpAddress") for Instance in result.get("Instances")]
logger.info("instance ids : %s" % instance_ids)
logger.info("private ips : %s" % private_ips)
for serial in range(0, count):
_dns_mapping[name % (serial+1)] = private_ips[serial]
logger.info("create tag Name of instance: %s" % instance_ids[serial])
client.create_tags(Resources=[instance_ids[serial]],
Tags=[{"Key": "Name",
"Value": name % (serial+1)}])
''' to do add records to r53'''
logger.info(_dns_mapping)
return _instance_ids
def create_security_group(vpc_id):
logger = logging.getLogger(__name__)
_security_group = {}
try:
# create security groups base on config file
for security_group in SECURITY_GROUPS:
result = client.create_security_group(
GroupName=security_group.security_group_name,
Description=security_group.description,
VpcId=vpc_id)
sg_id = result.get("GroupId")
logger.info("%s security group id : %s" %
(security_group.security_group_name, sg_id))
logger.info("create tag Name : %s" %
security_group.security_group_name)
client.create_tags(Resources=[sg_id],
Tags=[{
"Key":
"Name",
"Value":
security_group.security_group_name
}])
sg = resource.SecurityGroup(sg_id)
# setup inbound rule
for rule in security_group.rules_in:
sg.authorize_ingress(GroupId=sg_id,
IpProtocol=rule.ip_protocol,
FromPort=rule.from_port,
ToPort=rule.to_port,
CidrIp=rule.cidr_ip)
logger.debug("%s rules_in is done" %
security_group.security_group_name)
# ----AWS bug egress rule can't be setup
# # remove default outbound rule
# client.revoke_security_group_egress(GroupId=sg_id,
# IpProtocol=u"-1",
# CidrIp=u"0.0.0.0/0")
# # setup outbound rule
# for rule in security_group.rules_out:
# sg.authorize_egress(GroupId=sg_id,
# IpProtocol=rule.ip_protocol,
# FromPort=rule.from_port,
# ToPort=rule.to_port,
# CidrIp=rule.cidr_ip)
# logger.debug("%s rules_in is done" % security_group.security_group_name)
_security_group[security_group.security_group_name] = sg_id
return _security_group
except Exception, e:
logger.error(e)
def create_subnet(vpc_id, subnet_cidr, tag_name=None):
logger = logging.getLogger(__name__)
try:
result = client.create_subnet(VpcId=vpc_id,
CidrBlock=subnet_cidr)
subnet_id = result.get("Subnet").get("SubnetId")
logger.info("subnet id : %s" % subnet_id)
if tag_name is not None:
logger.info("create tag Name : %s" % tag_name)
client.create_tags(Resources=[subnet_id],
Tags=[{"Key": "Name",
"Value": tag_name}])
return subnet_id
except Exception, e:
logger.error(e)
def create_security_group(vpc_id):
logger = logging.getLogger(__name__)
_security_group = {}
try:
# create security groups base on config file
for security_group in SECURITY_GROUPS:
result = client.create_security_group(GroupName=security_group.security_group_name,
Description=security_group.description,
VpcId=vpc_id)
sg_id = result.get("GroupId")
logger.info("%s security group id : %s" % (security_group.security_group_name, sg_id))
logger.info("create tag Name : %s" % security_group.security_group_name)
client.create_tags(Resources=[sg_id],
Tags=[{"Key": "Name",
"Value": security_group.security_group_name}])
sg = resource.SecurityGroup(sg_id)
# setup inbound rule
for rule in security_group.rules_in:
sg.authorize_ingress(GroupId=sg_id,
IpProtocol=rule.ip_protocol,
FromPort=rule.from_port,
ToPort=rule.to_port,
CidrIp=rule.cidr_ip)
logger.debug("%s rules_in is done" % security_group.security_group_name)
# ----AWS bug egress rule can't be setup
# # remove default outbound rule
# client.revoke_security_group_egress(GroupId=sg_id,
# IpProtocol=u"-1",
# CidrIp=u"0.0.0.0/0")
# # setup outbound rule
# for rule in security_group.rules_out:
# sg.authorize_egress(GroupId=sg_id,
# IpProtocol=rule.ip_protocol,
# FromPort=rule.from_port,
# ToPort=rule.to_port,
# CidrIp=rule.cidr_ip)
# logger.debug("%s rules_in is done" % security_group.security_group_name)
_security_group[security_group.security_group_name] = sg_id
return _security_group
except Exception, e:
logger.error(e)
def create_nat(ami_id, key_name, instance_type, security_group_ids, subnet_id, tag_name=None):
logger = logging.getLogger(__name__)
try:
logger.info("creating NAT instance")
result = client.run_instances(ImageId=ami_id,
MinCount=1,
MaxCount=1,
KeyName=key_name,
SecurityGroupIds=security_group_ids,
InstanceType=instance_type,
SubnetId=subnet_id)
nat_id = result.get("Instances")[0].get("InstanceId")
logger.info("instance id : %s" % nat_id)
if tag_name is not None:
logger.info("create tag Name : %s" % tag_name)
client.create_tags(Resources=[nat_id],
Tags=[{"Key": "Name",
"Value": tag_name}])
logger.debug("set sourceDestCheck false")
client.modify_instance_attribute(InstanceId=nat_id,
SourceDestCheck={'Value': False})
# allocate Elastic IP
logger.debug("allocate new EIP")
result = client.allocate_address()
eip = result.get("PublicIp")
logger.debug("associate EIP")
nat = resource.Instance(nat_id)
while nat.state.get("Name") == "pending":
logger.info(nat.state)
time.sleep(5)
nat = resource.Instance(nat_id)
client.associate_address(InstanceId=nat_id,
PublicIp=eip)
logger.info("EIP of this NAT : %s" % eip)
return nat_id
except Exception, e:
logger.error(e)
