def resolve_host(hostname): ips = dns.resolver.query(hostname, "A") # sort these so that we deterministically set up the same route # resources (until DNS changes) ips = sorted([i.to_text() for i in ips]) return ips # VPC cft = CloudFormationTemplate(description="Release Engineering network configuration") cft.resources.add(Resource( 'RelengVPC', 'AWS::EC2::VPC', Properties({ 'CidrBlock': subnet_cidr('0.0', 16), 'Tags': [nametag('Releng Network')], }) )) # DHCP options cft.resources.add(Resource( 'DHCPOptions', 'AWS::EC2::DHCPOptions', Properties({ # point to the onsite, IT-managed DNS servers 'DomainNameServers': [ "10.26.75.40", "10.26.75.41" ], 'Tags': [nametag('Releng Network Options')], })
from cfn_pyplates.core import CloudFormationTemplate, Resource from cfn_pyplates.core import Properties, options from utils import nametag cft = CloudFormationTemplate(description="Tooltool Infrastructure") rgn = options['region'] # production cft.resources.add(Resource( 'FileBucket', 'AWS::S3::Bucket', Properties({ "AccessControl": "Private", "BucketName": "mozilla-releng-%s-tooltool" % (rgn,), 'Tags': [nametag('Tooltool File Storage - %s' % (rgn,))], }) )) # staging cft.resources.add(Resource( 'StagingFileBucket', 'AWS::S3::Bucket', Properties({ "AccessControl": "Private", "BucketName": "mozilla-releng-staging-%s-tooltool" % (rgn,), 'Tags': [nametag('Tooltool File Storage - Staging - %s' % (rgn,))], }) ))
# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. from cfn_pyplates.core import CloudFormationTemplate, Resource from cfn_pyplates.core import Properties, options from utils import nametag from utils import sgcidr cft = CloudFormationTemplate(description="IT Resources") cft.resources.add(Resource( 'NagiosSG', 'AWS::EC2::SecurityGroup', Properties({ 'GroupDescription': 'Nagios Servers', 'Tags': [nametag('nagios')], 'VpcId': options['vpcid'], 'SecurityGroupIngress': [ sgcidr('10.22.8.128/32', -1, -1), sgcidr('10.22.20.0/25', -1, -1), sgcidr('10.22.72.136/32', -1, -1), sgcidr('10.22.72.155/32', -1, -1), sgcidr('10.22.72.158/32', -1, -1), sgcidr('10.22.72.159/32', -1, -1), sgcidr('10.22.75.5/32', -1, -1), sgcidr('10.22.75.6/31', -1, -1), sgcidr('10.22.240.0/20', -1, -1), sgcidr('10.22.74.22/32', -1, -1), sgcidr('10.22.75.30/32', -1, -1), sgcidr('10.22.75.36/32', 'tcp', 22), sgcidr('10.22.75.136/32', 'udp', 161),
from cfn_pyplates.core import CloudFormationTemplate, Resource from cfn_pyplates.core import Properties, options from utils import nametag from utils import sgcidr cft = CloudFormationTemplate(description="IT Resources") cft.resources.add( Resource( "NagiosSG", "AWS::EC2::SecurityGroup", Properties( { "GroupDescription": "Nagios Servers", "Tags": [nametag("nagios")], "VpcId": options["vpcid"], "SecurityGroupIngress": [ sgcidr("10.22.8.128/32", -1, -1), sgcidr("10.22.20.0/25", -1, -1), sgcidr("10.22.72.136/32", -1, -1), sgcidr("10.22.72.155/32", -1, -1), sgcidr("10.22.72.158/32", -1, -1), sgcidr("10.22.72.159/32", -1, -1), sgcidr("10.22.75.5/32", -1, -1), sgcidr("10.22.75.6/31", -1, -1), sgcidr("10.22.240.0/20", -1, -1), sgcidr("10.22.74.22/32", -1, -1), sgcidr("10.22.75.30/32", -1, -1), sgcidr("10.22.75.36/32", "tcp", 22), sgcidr("10.22.75.136/32", "udp", 161),
from cfn_pyplates.core import CloudFormationTemplate, Resource from cfn_pyplates.core import Properties, options from utils import nametag cft = CloudFormationTemplate(description="Archiver Infrastructure") rgn = options['region'] # production cft.resources.add(Resource( 'FileBucket', 'AWS::S3::Bucket', Properties({ "AccessControl": "Private", "BucketName": "mozilla-releng-%s-archiver" % (rgn,), 'Tags': [nametag('Archiver Archive Storage - %s' % (rgn,))], }) )) # staging cft.resources.add(Resource( 'StagingFileBucket', 'AWS::S3::Bucket', Properties({ "AccessControl": "Private", "BucketName": "mozilla-releng-staging-%s-archiver" % (rgn,), 'Tags': [nametag('Archiver Archive Storage - Staging - %s' % (rgn,))], }) ))