def update_elb_rds_dns(zone):
"""
Creates elb and rds CNAME records
in a zone for args.stack_name.
Uses the tags of the instances attached
to the ELBs to create the dns name
"""
dns_records = set()
vpc_id = vpc_for_stack_name(args.stack_name, args.aws_id, args.aws_secret)
if not zone and args.noop:
# use a placeholder for zone name
# if it doesn't exist
zone_name = "<zone name>"
else:
zone_name = zone.Name[:-1]
stack_elbs = [elb for elb in elb_con.get_all_load_balancers()
if elb.vpc_id == vpc_id]
for elb in stack_elbs:
env_tag, deployment_tag, play_tag = get_dns_from_instances(elb)
# Override the play tag if a substring of the elb name
# is in ELB_PLAY_MAPPINGS
for key in ELB_PLAY_MAPPINGS.keys():
if key in elb.name:
play_tag = ELB_PLAY_MAPPINGS[key]
break
fqdn = f"{env_tag}-{deployment_tag}-{play_tag}.{zone_name}"
# Skip over ELBs if a substring of the ELB name is in
# the ELB_BAN_LIST
if any(name in elb.name for name in ELB_BAN_LIST):
print(f"Skipping {elb.name} because it is on the ELB ban list")
continue
dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600, [elb.dns_name]))
stack_rdss = [rds for rds in rds_con.get_all_dbinstances()
if hasattr(rds.subnet_group, 'vpc_id') and
rds.subnet_group.vpc_id == vpc_id]
# TODO the current version of the RDS API doesn't support
# looking up RDS instance tags. Hence, we are using the
# env_tag and deployment_tag that was set via the loop over instances above.
rds_endpoints = set()
for rds in stack_rdss:
endpoint = stack_rdss[0].endpoint[0]
fqdn = "{}-{}-{}.{}".format(env_tag, deployment_tag, 'rds', zone_name)
# filter out rds instances with the same endpoints (multi-AZ)
if endpoint not in rds_endpoints:
dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600, [endpoint]))
rds_endpoints.add(endpoint)
add_or_update_record(dns_records)
def update_elb_rds_dns(zone):
"""
Creates elb and rds CNAME records
in a zone for args.stack_name.
Uses the tags of the instances attached
to the ELBs to create the dns name
"""
dns_records = set()
vpc_id = vpc_for_stack_name(args.stack_name, args.aws_id, args.aws_secret)
if not zone and args.noop:
# use a placeholder for zone name
# if it doesn't exist
zone_name = "<zone name>"
else:
zone_name = zone.Name[:-1]
stack_elbs = [elb for elb in elb_con.get_all_load_balancers()
if elb.vpc_id == vpc_id]
for elb in stack_elbs:
env_tag, deployment_tag, play_tag = get_dns_from_instances(elb)
# Override the play tag if a substring of the elb name
# is in ELB_PLAY_MAPPINGS
for key in ELB_PLAY_MAPPINGS.keys():
if key in elb.name:
play_tag = ELB_PLAY_MAPPINGS[key]
break
fqdn = "{}-{}-{}.{}".format(env_tag, deployment_tag, play_tag, zone_name)
# Skip over ELBs if a substring of the ELB name is in
# the ELB_BAN_LIST
if any(name in elb.name for name in ELB_BAN_LIST):
print("Skipping {} because it is on the ELB ban list".format(elb.name))
continue
dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600, [elb.dns_name]))
stack_rdss = [rds for rds in rds_con.get_all_dbinstances()
if hasattr(rds.subnet_group, 'vpc_id') and
rds.subnet_group.vpc_id == vpc_id]
# TODO the current version of the RDS API doesn't support
# looking up RDS instance tags. Hence, we are using the
# env_tag and deployment_tag that was set via the loop over instances above.
rds_endpoints = set()
for rds in stack_rdss:
endpoint = stack_rdss[0].endpoint[0]
fqdn = "{}-{}-{}.{}".format(env_tag, deployment_tag, 'rds', zone_name)
# filter out rds instances with the same endpoints (multi-AZ)
if endpoint not in rds_endpoints:
dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600, [endpoint]))
rds_endpoints.add(endpoint)
add_or_update_record(dns_records)
def update_elb_rds_dns(zone):
"""
Creates elb and rds CNAME records
in a zone for args.stack_name.
Uses the tags of the instances attached
to the ELBs to create the dns name
"""
elb_con = boto.connect_elb()
ec2_con = boto.connect_ec2()
rds_con = boto.connect_rds()
vpc_id = vpc_for_stack_name(args.stack_name)
if not zone and args.noop:
# use a placeholder for zone name
# if it doesn't exist
zone_name = "<zone name>"
else:
zone_name = zone.Name[:-1]
stack_rdss = [rds for rds in rds_con.get_all_dbinstances()
if hasattr(rds.subnet_group, 'vpc_id') and
rds.subnet_group.vpc_id == vpc_id]
for rds in stack_rdss:
fqdn = "{}.{}".format('rds', zone_name)
add_or_update_record(zone, fqdn, 'CNAME', 600,
[stack_rdss[0].endpoint[0]])
stack_elbs = [elb for elb in elb_con.get_all_load_balancers()
if elb.vpc_id == vpc_id]
for elb in stack_elbs:
for inst in elb.instances:
instance = ec2_con.get_all_instances(
instance_ids=[inst.id])[0].instances[0]
try:
env_tag = instance.tags['environment']
if 'play' in instance.tags:
play_tag = instance.tags['play']
else:
# deprecated, for backwards compatibility
play_tag = instance.tags['role']
play_tag = instance.tags['role']
fqdn = "{}-{}.{}".format(env_tag, play_tag, zone_name)
add_or_update_record(zone, fqdn, 'CNAME', 600, [elb.dns_name])
if play_tag == 'edxapp':
# create courses and studio CNAME records for edxapp
for name in ['courses', 'studio']:
fqdn = "{}.{}".format(name, zone_name)
add_or_update_record(zone, fqdn, 'CNAME',
600, [elb.dns_name])
break # only need the first instance for tag info
except KeyError:
print("Instance {}, attached to elb {} does not "
"have tags for environment and play".format(elb, inst))
raise
def update_elb_rds_dns(zone):
"""
Creates elb and rds CNAME records
in a zone for args.stack_name.
Uses the tags of the instances attached
to the ELBs to create the dns name
"""
dns_records = set()
elb_con = boto.connect_elb()
rds_con = boto.connect_rds()
vpc_id = vpc_for_stack_name(args.stack_name)
if not zone and args.noop:
# use a placeholder for zone name
# if it doesn't exist
zone_name = "<zone name>"
else:
zone_name = zone.Name[:-1]
stack_elbs = [elb for elb in elb_con.get_all_load_balancers()
if elb.vpc_id == vpc_id]
for elb in stack_elbs:
if "RabbitMQ" in elb.source_security_group.name or "ElasticSearch" in elb.source_security_group.name:
env_tag,deployment,play_tag = get_security_group_dns(elb.source_security_group.name)
fqdn = "{}-{}.{}".format(env_tag, play_tag, zone_name)
dns_records.add(DNSRecord(zone,fqdn,'CNAME',600,[elb.dns_name]))
else:
env_tag,play_tag = get_dns_from_instances(elb)
fqdn = "{}-{}.{}".format(env_tag, play_tag, zone_name)
dns_records.add(DNSRecord(zone,fqdn,'CNAME',600,[elb.dns_name]))
if extra_play_dns.has_key(play_tag):
for name in extra_play_dns.get(play_tag):
fqdn = "{}-{}.{}".format(env_tag, name, zone_name)
dns_records.add(DNSRecord(zone,fqdn,'CNAME',600,[elb.dns_name]))
stack_rdss = [rds for rds in rds_con.get_all_dbinstances()
if hasattr(rds.subnet_group, 'vpc_id') and
rds.subnet_group.vpc_id == vpc_id]
# TODO the current version of the RDS API doesn't support
# looking up RDS instance tags. Hence, we are using the
# env_tag that was set via the loop over instances above.
for rds in stack_rdss:
fqdn = "{}-{}.{}".format(env_tag,'rds', zone_name)
dns_records.add(DNSRecord(zone,fqdn,'CNAME',600,[stack_rdss[0].endpoint[0]]))
add_or_update_record(dns_records)
def dispatch(args):
if args.get("vpc"):
vpc_id = args.get("<vpc_id>")
elif args.get("stack-name"):
stack_name = args.get("<stack_name>")
vpc_id = vpc_for_stack_name(stack_name)
else:
raise Exception("No vpc_id or stack_name provided.")
c = VPCDns(vpc_id=vpc_id)
if args.get("create-zone"):
c.create_zone(vpc_id)
def _ssh_config(args):
if args.get("vpc"):
vpc_id = args.get("<vpc_id>")
stack_name = stack_name_for_vpc(vpc_id)
elif args.get("stack-name"):
stack_name = args.get("<stack_name>")
vpc_id = vpc_for_stack_name(stack_name)
else:
raise Exception("No vpc_id or stack_name provided.")
vpc = boto.connect_vpc()
identity_file = args.get("<identity_file>")
user = args.get("<user>")
config_file = args.get("<config_file>")
strict_host_check = args.get("<strict_host_check>")
if not user:
user = DEFAULT_USER
if not strict_host_check:
strict_host_check = DEFAULT_HOST_CHECK
if config_file:
config_file = "-F {}".format(config_file)
else:
config_file = ""
jump_box = "{stack_name}-jumpbox".format(stack_name=stack_name)
friendly = "{stack_name}-{logical_id}-{instance_number}"
id_type_counter = defaultdict(int)
reservations = vpc.get_all_instances(filters={'vpc-id': vpc_id})
for reservation in reservations:
for instance in reservation.instances:
if 'group' in instance.tags:
logical_id = instance.tags['group']
else:
logical_id = instance.tags['aws:cloudformation:logical-id']
instance_number = id_type_counter[logical_id]
id_type_counter[logical_id] += 1
if logical_id == "BastionHost" or logical_id == 'bastion':
print JUMPBOX_CONFIG.format(
jump_box=jump_box,
ip=instance.ip_address,
user=user,
identity_file=identity_file,
strict_host_check=strict_host_check)
# Print host config even for the bastion box because that is how
# ansible accesses it.
print HOST_CONFIG.format(name=instance.private_ip_address,
jump_box=jump_box,
ip=instance.private_ip_address,
user=user,
identity_file=identity_file,
config_file=config_file,
strict_host_check=strict_host_check,
instance_id=instance.id)
#duplicating for convenience with ansible
name = friendly.format(stack_name=stack_name,
logical_id=logical_id,
instance_number=instance_number)
print HOST_CONFIG.format(name=name,
jump_box=jump_box,
ip=instance.private_ip_address,
user=user,
identity_file=identity_file,
config_file=config_file,
strict_host_check=strict_host_check,
instance_id=instance.id)
def _ssh_config(args):
if args.get("vpc"):
vpc_id = args.get("<vpc_id>")
stack_name = stack_name_for_vpc(vpc_id)
elif args.get("stack-name"):
stack_name = args.get("<stack_name>")
vpc_id = vpc_for_stack_name(stack_name)
else:
raise Exception("No vpc_id or stack_name provided.")
vpc = boto.connect_vpc()
identity_file = args.get("<identity_file>")
user = args.get("<user>")
config_file = args.get("<config_file>")
strict_host_check = args.get("<strict_host_check>")
if not user:
user = DEFAULT_USER
if not strict_host_check:
strict_host_check = DEFAULT_HOST_CHECK
if config_file:
config_file = "-F {}".format(config_file)
else:
config_file = ""
jump_box = "{stack_name}-jumpbox".format(stack_name=stack_name)
friendly = "{stack_name}-{logical_id}-{instance_number}"
id_type_counter = defaultdict(int)
reservations = vpc.get_all_instances(filters={'vpc-id' : vpc_id})
for reservation in reservations:
for instance in reservation.instances:
if 'play' in instance.tags:
logical_id = instance.tags['play']
elif 'role' in instance.tags:
# deprecated, use "play" instead
logical_id = instance.tags['role']
elif 'group' in instance.tags:
logical_id = instance.tags['group']
elif 'aws:cloudformation:logical-id' in instance.tags:
logical_id = instance.tags['aws:cloudformation:logical-id']
else:
continue
instance_number = id_type_counter[logical_id]
id_type_counter[logical_id] += 1
if logical_id == "BastionHost" or logical_id == 'bastion':
print JUMPBOX_CONFIG.format(
jump_box=jump_box,
ip=instance.ip_address,
user=user,
identity_file=identity_file,
strict_host_check=strict_host_check)
# Print host config even for the bastion box because that is how
# ansible accesses it.
print HOST_CONFIG.format(
name=instance.private_ip_address,
jump_box=jump_box,
ip=instance.private_ip_address,
user=user,
identity_file=identity_file,
config_file=config_file,
strict_host_check=strict_host_check,
instance_id=instance.id)
#duplicating for convenience with ansible
name = friendly.format(stack_name=stack_name,
logical_id=logical_id,
instance_number=instance_number)
print HOST_CONFIG.format(
name=name,
jump_box=jump_box,
ip=instance.private_ip_address,
user=user,
identity_file=identity_file,
config_file=config_file,
strict_host_check=strict_host_check,
instance_id=instance.id)
def rdss_for_stack_name(stack_name):
vpc_id = vpc_for_stack_name(stack_name)
rds = boto.connect_rds()
for instance in rds.get_all_dbinstances():
if hasattr(instance, 'VpcId') and instance.VpcId == vpc_id:
yield instance
def elbs_for_stack_name(stack_name):
vpc_id = vpc_for_stack_name(stack_name)
elbs = boto.connect_elb()
for elb in elbs.get_all_load_balancers():
if elb.vpc_id == vpc_id:
yield elb
def elbs_for_stack_name(stack_name):
vpc_id = vpc_for_stack_name(stack_name)
elbs = boto.connect_elb()
for elb in elbs.get_all_load_balancers():
if elb.vpc_id == vpc_id:
yield elb
def _ssh_config(args):
if args.get("vpc"):
vpc_id = args.get("<vpc_id>")
elif args.get("stack-name"):
stack_name = args.get("<stack_name>")
vpc_id = vpc_for_stack_name(stack_name)
else:
raise Exception("No vpc_id or stack_name provided.")
vpc = boto.connect_vpc()
identity_file = args.get("<identity_file>")
user = args.get("<user>")
config_file = args.get("<config_file>")
strict_host_check = args.get("<strict_host_check>")
if not user:
user = DEFAULT_USER
if not strict_host_check:
strict_host_check = DEFAULT_HOST_CHECK
if config_file:
config_file = "-F {}".format(config_file)
else:
config_file = ""
jump_box = "{vpc_id}-jumpbox".format(vpc_id=vpc_id)
friendly = "{vpc_id}-{logical_id}-{instance_id}"
reservations = vpc.get_all_instances(filters={'vpc-id' : vpc_id})
for reservation in reservations:
for instance in reservation.instances:
logical_id = instance.__dict__['tags']['aws:cloudformation:logical-id']
if logical_id == "BastionHost":
print JUMPBOX_CONFIG.format(
jump_box=jump_box,
ip=instance.ip_address,
user=user,
identity_file=identity_file,
strict_host_check=strict_host_check)
else:
print HOST_CONFIG.format(
name=instance.private_ip_address,
vpc_id=vpc_id,
jump_box=jump_box,
ip=instance.private_ip_address,
user=user,
logical_id=logical_id,
identity_file=identity_file,
config_file=config_file,
strict_host_check=strict_host_check)
#duplicating for convenience with ansible
name = friendly.format(vpc_id=vpc_id,
logical_id=logical_id,
instance_id=instance.id)
print HOST_CONFIG.format(
name=name,
vpc_id=vpc_id,
jump_box=jump_box,
ip=instance.private_ip_address,
user=user,
logical_id=logical_id,
identity_file=identity_file,
config_file=config_file,
strict_host_check=strict_host_check)
def rdss_for_stack_name(stack_name):
vpc_id = vpc_for_stack_name(stack_name)
rds = boto.connect_rds()
for instance in rds.get_all_dbinstances():
if hasattr(instance, 'VpcId') and instance.VpcId == vpc_id:
yield instance
def update_elb_rds_dns(zone):
"""
Creates elb and rds CNAME records
in a zone for args.stack_name.
Uses the tags of the instances attached
to the ELBs to create the dns name
"""
dns_records = set()
elb_con = boto.connect_elb()
rds_con = boto.connect_rds()
vpc_id = vpc_for_stack_name(args.stack_name)
if not zone and args.noop:
# use a placeholder for zone name
# if it doesn't exist
zone_name = "<zone name>"
else:
zone_name = zone.Name[:-1]
stack_elbs = [
elb for elb in elb_con.get_all_load_balancers() if elb.vpc_id == vpc_id
]
for elb in stack_elbs:
if "RabbitMQ" in elb.source_security_group.name or "ElasticSearch" in elb.source_security_group.name:
env_tag, deployment, play_tag = get_security_group_dns(
elb.source_security_group.name)
fqdn = "{}-{}.{}".format(env_tag, play_tag, zone_name)
dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600,
[elb.dns_name]))
else:
env_tag, play_tag = get_dns_from_instances(elb)
fqdn = "{}-{}.{}".format(env_tag, play_tag, zone_name)
dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600,
[elb.dns_name]))
if extra_play_dns.has_key(play_tag):
for name in extra_play_dns.get(play_tag):
fqdn = "{}-{}.{}".format(env_tag, name, zone_name)
dns_records.add(
DNSRecord(zone, fqdn, 'CNAME', 600, [elb.dns_name]))
stack_rdss = [
rds for rds in rds_con.get_all_dbinstances()
if hasattr(rds.subnet_group, 'vpc_id')
and rds.subnet_group.vpc_id == vpc_id
]
# TODO the current version of the RDS API doesn't support
# looking up RDS instance tags. Hence, we are using the
# env_tag that was set via the loop over instances above.
for rds in stack_rdss:
fqdn = "{}-{}.{}".format(env_tag, 'rds', zone_name)
dns_records.add(
DNSRecord(zone, fqdn, 'CNAME', 600, [stack_rdss[0].endpoint[0]]))
add_or_update_record(dns_records)
