Esempio n. 1
0
    def handle_state_master_resources_in_progress(self, spot_master_item ):
        """ Verify the SG, KP and Role/InstanceProfile are created

        :param spot_master_item: 

        """
        logger.info( fmt_master_item_msg_hdr( spot_master_item ) + 'handle_state_master_resources_in_progress')
        kp_name = spot_master_item[ TableSpotMaster.kp_name ]
        ec2_conn = awsext.ec2.connect_to_region( self.region_name, profile_name=self.profile_name )
        key_pair = ec2_conn.find_key_pair( kp_name )
        if key_pair == None: return
        logger.info( fmt_master_item_msg_hdr( spot_master_item ) + 'handle_state_master_resources_in_progress: kp_name ready')
        
        vpc_id = spot_master_item[ TableSpotMaster.cheapest_vpc_id ]
        sg_id = spot_master_item[ TableSpotMaster.sg_id ]
        vpc_conn = awsext.vpc.connect_to_region( self.region_name, profile_name=self.profile_name )
        group_id, is_group_exists = vpc_conn.is_security_group_exists( vpc_id, group_id=sg_id )
        if not is_group_exists: return
        logger.info( fmt_master_item_msg_hdr( spot_master_item ) + 'handle_state_master_resources_in_progress: sg_id ready')
        
        iam_conn = awsext.iam.connect_to_region( self.region_name, profile_name=self.profile_name )
        role_name = spot_master_item[ TableSpotMaster.role_name ]
        if not iam_conn.is_role_exists( role_name ): return
        logger.info( fmt_master_item_msg_hdr( spot_master_item ) + 'handle_state_master_resources_in_progress: role_name ready')
        if not iam_conn.is_instance_profile_exists( role_name ): return
        logger.info( fmt_master_item_msg_hdr( spot_master_item ) + 'handle_state_master_resources_in_progress: instance_profile_name ready')
        
        batch_job_parm = get_batch_job_parm_item( spot_master_item[ TableSpotMaster.spot_master_uuid ], 
                                                  self.spot_batch_job_parm_table_name, self.region_name, self.profile_name,
                                                  attributes=[TableSpotBatchJobParm.raw_batch_job_parm_item] )
        raw_batch_job_parm_item = batch_job_parm[ TableSpotBatchJobParm.raw_batch_job_parm_item ]
        batch_job_parm_item = BatchJobParmItem( stringParmFile=raw_batch_job_parm_item )
        # At this point, all resources have been created - some require additional steps after creation completes
        # Update the SG with any inbound rules
        inbound_rule_items_serialized = batch_job_parm_item.serialized_inbound_rule_items
        if inbound_rule_items_serialized != None:
            inbound_rule_items = deserialize_inbound_rule_items( inbound_rule_items_serialized )
            security_group = vpc_conn.get_security_group( vpc_id, group_id )
            vpc_conn.authorize_inbound_rules( security_group, inbound_rule_items )
        
        # Create base policy (queue, buckets) and extend with user policy from batch_job_parm_item
        policy = create_policy( batch_job_parm_item )
        policy_json = json.dumps( policy )
        iam_conn.add_role_instance_profile_policy( role_name=spot_master_item[ TableSpotMaster.role_name ], 
                                                   policy_name=spot_master_item[ TableSpotMaster.policy_name ], 
                                                   policy=policy_json
                                                  )
        spot_master_row_partial_save( self.spot_master_table_name, spot_master_item, 
                                      {TableSpotMaster.spot_master_state_code:SpotMasterStateCode.master_role_policy_in_progress},
                                      region_name=self.region_name, profile_name=self.profile_name )

        return
Esempio n. 2
0
def main():
    """ """
    path_parm_file = '/home/pete.zybrick/Development/Workspaces/Python/awsspotbatch/parm/spot_batch_job_ipc-training.json'
    batch_job_parm_item = BatchJobParmItem( path_parm_file )
    policy = create_policy( batch_job_parm_item )
    print str(policy)