Exemple #1
0
 def create_vpc(self, cidr_block='10.0.0.0/16'):
     if 'Vpc' in self:
         return 0
     k, d = self.execute(ec2().create_vpc(CidrBlock=cidr_block))
     self[k] = d
     self.waiter(ec2().describe_vpcs(VpcIds=[d['VpcId']]), k)
     self.save()
Exemple #2
0
 def delete_vpc(self):
     try:
         ec2().delete_vpc(VpcId=self['Vpc']['VpcId'])
         del (self['Vpc'])
         self.save()
     except KeyError:
         return 0
Exemple #3
0
 def delete_ip_allocations(self):
     try:
         for eipalloc_id in self['eipalloc']:
             ec2().release_address(AllocationId=eipalloc_id)
         del (self['eipalloc'])
         self.save()
     except KeyError:
         return 0
Exemple #4
0
 def create_route_table(self, affinity_group=0):
     rt_tags = [{'Key': 'affinity_group', 'Value': str(affinity_group)}]
     k, d = self.execute(ec2().create_route_table(VpcId=self.get_vpc_id()))
     k = 'RouteTables'
     self.append_to_objs(k, d)
     self.waiter(
         ec2().describe_route_tables(RouteTableIds=[d['RouteTableId']]), k)
     self.tag_resources([d['RouteTableId']], rt_tags)
     self.save()
Exemple #5
0
 def delete_internet_gateway(self):
     try:
         igw_id = self['igw']
         vpc_id = self['vpc']
         ec2().detach_internet_gateway(InternetGatewayId=igw_id,
                                       VpcId=vpc_id)
         ec2().delete_internet_gateway(InternetGatewayId=igw_id)
         del (self['igw'])
         self.save()
     except KeyError:
         return 0
Exemple #6
0
 def delete_route_tables(self):
     try:
         for rt in self['RouteTables']:
             for association in rt['Associations']:
                 ec2().disassociate_route_table(
                     AssociationId=association['RouteTableAssociationId'])
             ec2().delete_route_table(RouteTableId=rt['RouteTableId'])
         del (self['RouteTables'])
         self.save()
     except KeyError:
         return 0
Exemple #7
0
 def create_subnet(self, affinity_group=0):
     subnet_tags = [{'Key': 'affinity_group', 'Value': str(affinity_group)}]
     az = self.get_next_az(affinity_group)
     cidr = self.get_available_cidr_block()
     k, d = self.execute(ec2().create_subnet(AvailabilityZone=az,
                                             CidrBlock=cidr,
                                             VpcId=self.get_vpc_id()))
     k = 'Subnets'
     self.append_to_objs(k, d)
     self.waiter(ec2().describe_subnets(SubnetIds=[d['SubnetId']]), k)
     self.tag_resources([d['SubnetId']], subnet_tags)
     self.save()
Exemple #8
0
 def delete_nat_gateways(self):
     try:
         for ngw_id in self['nat_gateways']:
             ec2().delete_nat_gateway(NatGatewayId=ngw_id)
         print("Waiting for NAT Gateways to delete.")
         while all(n != 'deleted' for n in [ngw['State'] for ngw in \
             ec2().describe_nat_gateways(NatGatewayIds=self['nat_gateways'])\
             ['NatGateways']]):
             pass
         del (self['ngw'])
         self.save()
     except KeyError:
         return 0
Exemple #9
0
 def get_next_az(self, affinity_group=0):
     az_dict = {a['ZoneName']: 0 for a in \
         ec2().describe_availability_zones()['AvailabilityZones']}
     for az in [
             a['AvailabilityZone'] for a in ec2().describe_subnets(
                 Filters=[{
                     'Name': 'vpc-id',
                     'Values': [self.get_vpc_id()]
                 }])['Subnets']
     ]:
         az_dict[az] = az_dict[az] + 1
     min_value = min(az_dict.values())
     return next(k for k, v in az_dict.items() if v == min_value)
Exemple #10
0
 def revoke_security_group_policies(self):
     control_sg_id, worker_sg_id, bastion_sg_id, alb_sg_id = self._get_security_groups(
     )
     for sg in [(control_sg_id, CONTROL_PLANE_INGRESS),
                (worker_sg_id, WORKER_NODE_INGRESS),
                (bastion_sg_id, BASTION_HOST_INGRESS),
                (alb_sg_id, ALB_INGRESS)]:
         with open(sg[1]) as f:
             data = f.read()
         ec2().revoke_security_group_ingress(
             GroupId=sg[0],
             IpPermissions=json.loads(
                 Template(data).render(bastion_sg_id=bastion_sg_id,
                                       worker_sg_id=worker_sg_id,
                                       control_sg_id=control_sg_id,
                                       alb_sg_id=alb_sg_id)))
Exemple #11
0
 def delete_subnets(self):
     try:
         [
             ec2().delete_subnet(SubnetId=s['SubnetId'])
             for s in self['Subnets']
         ]
         del (self['Subnets'])
         self.save()
     except KeyError:
         return 0
Exemple #12
0
 def create_security_groups(self):
     vpc_id = self.objs['vpc']
     control_sg_id = ec2().create_security_group(
         Description="EKSControlPlaneSecurityGroup",
         GroupName="EKSControlPlaneSecurityGroup",
         VpcId=vpc_id)['GroupId']
     worker_sg_id = ec2().create_security_group(
         Description="EKSWorkerNodeSecurityGroup",
         GroupName="EKSWorkerNodeSecurityGroup",
         VpcId=vpc_id)['GroupId']
     bastion_sg_id = ec2().create_security_group(
         Description='EKSBastionHostSecurityGroup',
         GroupName='EKSBastionHostSecurityGroup',
         VpcId=vpc_id)['GroupId']
     alb_sg_id = ec2().create_security_group(
         Description='EKSApplicationLoadBalancer',
         GroupName='EKSApplicationLoadBalancerSecurityGroup',
         VpcId=vpc_id)['GroupId']
     for sg in [control_sg_id, worker_sg_id, bastion_sg_id, alb_sg_id]:
         self._append_to_objs('sg', sg)
Exemple #13
0
 def create_nat_gateway(self, affinity_group=0):
     eipalloc_id = self.create_ip_allocation()
     subnet_id = self.get_af_subnets(affinity_group)[0]
     ngw_id = ec2().create_nat_gateway(
         AllocationId=eipalloc_id,
         SubnetId=subnet_id)['NatGateway']['NatGatewayId']
     self.save()
     print("Waiting for Nat Gateway to become available.")
     while ec2().describe_nat_gateways(NatGatewayIds=[ngw_id])\
         ['NatGateways'][0]['State'] != 'available':
         pass
     self.save()
     self.append_to_objs('ngw', ngw_id)
     self.tag_resources([subnet_id], [{
         'Key': 'ngw_id',
         'Value': ngw_id
     }, {
         'Key': 'ip_allocation_id',
         'Value': eipalloc_id
     }])
Exemple #14
0
 def _get_security_groups(self):
     sgs = ec2().describe_security_groups(
         GroupIds=self.objs['sg'])['SecurityGroups']
     control_sg_id = next(sg['GroupId'] for sg in sgs \
         if sg['GroupName'] == 'EKSControlPlaneSecurityGroup')
     worker_sg_id = next(sg['GroupId'] for sg in sgs \
         if sg['GroupName'] == 'EKSWorkerNodeSecurityGroup')
     bastion_sg_id = next(sg['GroupId'] for sg in sgs \
         if sg['GroupName'] == 'EKSBastionHostSecurityGroup')
     alb_sg_id = next(sg['GroupId'] for sg in sgs \
         if sg['GroupName'] == 'EKSApplicationLoadBalancerSecurityGroup')
     return control_sg_id, worker_sg_id, bastion_sg_id, alb_sg_id
Exemple #15
0
 def create_internet_gateway(self, affinity_group=0):
     igw_tags = [{'Key': 'affinity_group', 'Value': str(affinity_group)}]
     k, d = self.execute(ec2().create_internet_gateway())
     self[k] = d
     waiter(
         ec2().describe_internet_gateways(
             InternetGatewayIds=[d[k]['InternetGatewayId']]), k)
     ec2().attach_internet_gateway(InternetGatewayId=self['igw'],
                                   VpcId=self.get_vpc_id())
     rtb_id = self.get_af_rtb(affinity_group)
     subnet_ids = [s['SubnetId'] for s in \
         ec2().describe_subnets(SubnetIds=self['subnet'],
             Filters=[{'Name': 'tag:affinity_group', 'Values': [str(affinity_group)]}])\
             ['Subnets']]
     ec2().create_route(DestinationCidrBlock='0.0.0.0/0',
                        GatewayId=self['igw'],
                        RouteTableId=rtb_id)
     self.save()
Exemple #16
0
 def associate_rt_subnet(self, affinity_group=0):
     rtb_id = self.get_af_rtb(affinity_group)
     for s in self.get_af_subnets(affinity_group):
         ec2().associate_route_table(RouteTableId=rtb_id, SubnetId=s)
Exemple #17
0
 def tag_resources(self, resource_ids, tags):
     r = ec2().create_tags(Resources=resource_ids, Tags=tags)
     print(r)
Exemple #18
0
 def create_ip_allocation(self):
     eipalloc_id = ec2().allocate_address(Domain='vpc')['AllocationId']
     self.append_to_objs('eipalloc', eipalloc_id)
     self.save()
     return eipalloc_id
Exemple #19
0
 def delete_security_groups(self):
     for sg in self.objs['sg']:
         ec2().delete_security_group(GroupId=sg)
     del (self.objs['sg'])