def update_elb_rds_dns(zone): """ Creates elb and rds CNAME records in a zone for args.stack_name. Uses the tags of the instances attached to the ELBs to create the dns name """ dns_records = set() vpc_id = vpc_for_stack_name(args.stack_name, args.aws_id, args.aws_secret) if not zone and args.noop: # use a placeholder for zone name # if it doesn't exist zone_name = "<zone name>" else: zone_name = zone.Name[:-1] stack_elbs = [elb for elb in elb_con.get_all_load_balancers() if elb.vpc_id == vpc_id] for elb in stack_elbs: env_tag, deployment_tag, play_tag = get_dns_from_instances(elb) # Override the play tag if a substring of the elb name # is in ELB_PLAY_MAPPINGS for key in ELB_PLAY_MAPPINGS.keys(): if key in elb.name: play_tag = ELB_PLAY_MAPPINGS[key] break fqdn = f"{env_tag}-{deployment_tag}-{play_tag}.{zone_name}" # Skip over ELBs if a substring of the ELB name is in # the ELB_BAN_LIST if any(name in elb.name for name in ELB_BAN_LIST): print(f"Skipping {elb.name} because it is on the ELB ban list") continue dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600, [elb.dns_name])) stack_rdss = [rds for rds in rds_con.get_all_dbinstances() if hasattr(rds.subnet_group, 'vpc_id') and rds.subnet_group.vpc_id == vpc_id] # TODO the current version of the RDS API doesn't support # looking up RDS instance tags. Hence, we are using the # env_tag and deployment_tag that was set via the loop over instances above. rds_endpoints = set() for rds in stack_rdss: endpoint = stack_rdss[0].endpoint[0] fqdn = "{}-{}-{}.{}".format(env_tag, deployment_tag, 'rds', zone_name) # filter out rds instances with the same endpoints (multi-AZ) if endpoint not in rds_endpoints: dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600, [endpoint])) rds_endpoints.add(endpoint) add_or_update_record(dns_records)
def update_elb_rds_dns(zone): """ Creates elb and rds CNAME records in a zone for args.stack_name. Uses the tags of the instances attached to the ELBs to create the dns name """ dns_records = set() vpc_id = vpc_for_stack_name(args.stack_name, args.aws_id, args.aws_secret) if not zone and args.noop: # use a placeholder for zone name # if it doesn't exist zone_name = "<zone name>" else: zone_name = zone.Name[:-1] stack_elbs = [elb for elb in elb_con.get_all_load_balancers() if elb.vpc_id == vpc_id] for elb in stack_elbs: env_tag, deployment_tag, play_tag = get_dns_from_instances(elb) # Override the play tag if a substring of the elb name # is in ELB_PLAY_MAPPINGS for key in ELB_PLAY_MAPPINGS.keys(): if key in elb.name: play_tag = ELB_PLAY_MAPPINGS[key] break fqdn = "{}-{}-{}.{}".format(env_tag, deployment_tag, play_tag, zone_name) # Skip over ELBs if a substring of the ELB name is in # the ELB_BAN_LIST if any(name in elb.name for name in ELB_BAN_LIST): print("Skipping {} because it is on the ELB ban list".format(elb.name)) continue dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600, [elb.dns_name])) stack_rdss = [rds for rds in rds_con.get_all_dbinstances() if hasattr(rds.subnet_group, 'vpc_id') and rds.subnet_group.vpc_id == vpc_id] # TODO the current version of the RDS API doesn't support # looking up RDS instance tags. Hence, we are using the # env_tag and deployment_tag that was set via the loop over instances above. rds_endpoints = set() for rds in stack_rdss: endpoint = stack_rdss[0].endpoint[0] fqdn = "{}-{}-{}.{}".format(env_tag, deployment_tag, 'rds', zone_name) # filter out rds instances with the same endpoints (multi-AZ) if endpoint not in rds_endpoints: dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600, [endpoint])) rds_endpoints.add(endpoint) add_or_update_record(dns_records)
def update_elb_rds_dns(zone): """ Creates elb and rds CNAME records in a zone for args.stack_name. Uses the tags of the instances attached to the ELBs to create the dns name """ elb_con = boto.connect_elb() ec2_con = boto.connect_ec2() rds_con = boto.connect_rds() vpc_id = vpc_for_stack_name(args.stack_name) if not zone and args.noop: # use a placeholder for zone name # if it doesn't exist zone_name = "<zone name>" else: zone_name = zone.Name[:-1] stack_rdss = [rds for rds in rds_con.get_all_dbinstances() if hasattr(rds.subnet_group, 'vpc_id') and rds.subnet_group.vpc_id == vpc_id] for rds in stack_rdss: fqdn = "{}.{}".format('rds', zone_name) add_or_update_record(zone, fqdn, 'CNAME', 600, [stack_rdss[0].endpoint[0]]) stack_elbs = [elb for elb in elb_con.get_all_load_balancers() if elb.vpc_id == vpc_id] for elb in stack_elbs: for inst in elb.instances: instance = ec2_con.get_all_instances( instance_ids=[inst.id])[0].instances[0] try: env_tag = instance.tags['environment'] if 'play' in instance.tags: play_tag = instance.tags['play'] else: # deprecated, for backwards compatibility play_tag = instance.tags['role'] play_tag = instance.tags['role'] fqdn = "{}-{}.{}".format(env_tag, play_tag, zone_name) add_or_update_record(zone, fqdn, 'CNAME', 600, [elb.dns_name]) if play_tag == 'edxapp': # create courses and studio CNAME records for edxapp for name in ['courses', 'studio']: fqdn = "{}.{}".format(name, zone_name) add_or_update_record(zone, fqdn, 'CNAME', 600, [elb.dns_name]) break # only need the first instance for tag info except KeyError: print("Instance {}, attached to elb {} does not " "have tags for environment and play".format(elb, inst)) raise
def update_elb_rds_dns(zone): """ Creates elb and rds CNAME records in a zone for args.stack_name. Uses the tags of the instances attached to the ELBs to create the dns name """ dns_records = set() elb_con = boto.connect_elb() rds_con = boto.connect_rds() vpc_id = vpc_for_stack_name(args.stack_name) if not zone and args.noop: # use a placeholder for zone name # if it doesn't exist zone_name = "<zone name>" else: zone_name = zone.Name[:-1] stack_elbs = [elb for elb in elb_con.get_all_load_balancers() if elb.vpc_id == vpc_id] for elb in stack_elbs: if "RabbitMQ" in elb.source_security_group.name or "ElasticSearch" in elb.source_security_group.name: env_tag,deployment,play_tag = get_security_group_dns(elb.source_security_group.name) fqdn = "{}-{}.{}".format(env_tag, play_tag, zone_name) dns_records.add(DNSRecord(zone,fqdn,'CNAME',600,[elb.dns_name])) else: env_tag,play_tag = get_dns_from_instances(elb) fqdn = "{}-{}.{}".format(env_tag, play_tag, zone_name) dns_records.add(DNSRecord(zone,fqdn,'CNAME',600,[elb.dns_name])) if extra_play_dns.has_key(play_tag): for name in extra_play_dns.get(play_tag): fqdn = "{}-{}.{}".format(env_tag, name, zone_name) dns_records.add(DNSRecord(zone,fqdn,'CNAME',600,[elb.dns_name])) stack_rdss = [rds for rds in rds_con.get_all_dbinstances() if hasattr(rds.subnet_group, 'vpc_id') and rds.subnet_group.vpc_id == vpc_id] # TODO the current version of the RDS API doesn't support # looking up RDS instance tags. Hence, we are using the # env_tag that was set via the loop over instances above. for rds in stack_rdss: fqdn = "{}-{}.{}".format(env_tag,'rds', zone_name) dns_records.add(DNSRecord(zone,fqdn,'CNAME',600,[stack_rdss[0].endpoint[0]])) add_or_update_record(dns_records)
def dispatch(args): if args.get("vpc"): vpc_id = args.get("<vpc_id>") elif args.get("stack-name"): stack_name = args.get("<stack_name>") vpc_id = vpc_for_stack_name(stack_name) else: raise Exception("No vpc_id or stack_name provided.") c = VPCDns(vpc_id=vpc_id) if args.get("create-zone"): c.create_zone(vpc_id)
def _ssh_config(args): if args.get("vpc"): vpc_id = args.get("<vpc_id>") stack_name = stack_name_for_vpc(vpc_id) elif args.get("stack-name"): stack_name = args.get("<stack_name>") vpc_id = vpc_for_stack_name(stack_name) else: raise Exception("No vpc_id or stack_name provided.") vpc = boto.connect_vpc() identity_file = args.get("<identity_file>") user = args.get("<user>") config_file = args.get("<config_file>") strict_host_check = args.get("<strict_host_check>") if not user: user = DEFAULT_USER if not strict_host_check: strict_host_check = DEFAULT_HOST_CHECK if config_file: config_file = "-F {}".format(config_file) else: config_file = "" jump_box = "{stack_name}-jumpbox".format(stack_name=stack_name) friendly = "{stack_name}-{logical_id}-{instance_number}" id_type_counter = defaultdict(int) reservations = vpc.get_all_instances(filters={'vpc-id': vpc_id}) for reservation in reservations: for instance in reservation.instances: if 'group' in instance.tags: logical_id = instance.tags['group'] else: logical_id = instance.tags['aws:cloudformation:logical-id'] instance_number = id_type_counter[logical_id] id_type_counter[logical_id] += 1 if logical_id == "BastionHost" or logical_id == 'bastion': print JUMPBOX_CONFIG.format( jump_box=jump_box, ip=instance.ip_address, user=user, identity_file=identity_file, strict_host_check=strict_host_check) # Print host config even for the bastion box because that is how # ansible accesses it. print HOST_CONFIG.format(name=instance.private_ip_address, jump_box=jump_box, ip=instance.private_ip_address, user=user, identity_file=identity_file, config_file=config_file, strict_host_check=strict_host_check, instance_id=instance.id) #duplicating for convenience with ansible name = friendly.format(stack_name=stack_name, logical_id=logical_id, instance_number=instance_number) print HOST_CONFIG.format(name=name, jump_box=jump_box, ip=instance.private_ip_address, user=user, identity_file=identity_file, config_file=config_file, strict_host_check=strict_host_check, instance_id=instance.id)
def _ssh_config(args): if args.get("vpc"): vpc_id = args.get("<vpc_id>") stack_name = stack_name_for_vpc(vpc_id) elif args.get("stack-name"): stack_name = args.get("<stack_name>") vpc_id = vpc_for_stack_name(stack_name) else: raise Exception("No vpc_id or stack_name provided.") vpc = boto.connect_vpc() identity_file = args.get("<identity_file>") user = args.get("<user>") config_file = args.get("<config_file>") strict_host_check = args.get("<strict_host_check>") if not user: user = DEFAULT_USER if not strict_host_check: strict_host_check = DEFAULT_HOST_CHECK if config_file: config_file = "-F {}".format(config_file) else: config_file = "" jump_box = "{stack_name}-jumpbox".format(stack_name=stack_name) friendly = "{stack_name}-{logical_id}-{instance_number}" id_type_counter = defaultdict(int) reservations = vpc.get_all_instances(filters={'vpc-id' : vpc_id}) for reservation in reservations: for instance in reservation.instances: if 'play' in instance.tags: logical_id = instance.tags['play'] elif 'role' in instance.tags: # deprecated, use "play" instead logical_id = instance.tags['role'] elif 'group' in instance.tags: logical_id = instance.tags['group'] elif 'aws:cloudformation:logical-id' in instance.tags: logical_id = instance.tags['aws:cloudformation:logical-id'] else: continue instance_number = id_type_counter[logical_id] id_type_counter[logical_id] += 1 if logical_id == "BastionHost" or logical_id == 'bastion': print JUMPBOX_CONFIG.format( jump_box=jump_box, ip=instance.ip_address, user=user, identity_file=identity_file, strict_host_check=strict_host_check) # Print host config even for the bastion box because that is how # ansible accesses it. print HOST_CONFIG.format( name=instance.private_ip_address, jump_box=jump_box, ip=instance.private_ip_address, user=user, identity_file=identity_file, config_file=config_file, strict_host_check=strict_host_check, instance_id=instance.id) #duplicating for convenience with ansible name = friendly.format(stack_name=stack_name, logical_id=logical_id, instance_number=instance_number) print HOST_CONFIG.format( name=name, jump_box=jump_box, ip=instance.private_ip_address, user=user, identity_file=identity_file, config_file=config_file, strict_host_check=strict_host_check, instance_id=instance.id)
def rdss_for_stack_name(stack_name): vpc_id = vpc_for_stack_name(stack_name) rds = boto.connect_rds() for instance in rds.get_all_dbinstances(): if hasattr(instance, 'VpcId') and instance.VpcId == vpc_id: yield instance
def elbs_for_stack_name(stack_name): vpc_id = vpc_for_stack_name(stack_name) elbs = boto.connect_elb() for elb in elbs.get_all_load_balancers(): if elb.vpc_id == vpc_id: yield elb
def _ssh_config(args): if args.get("vpc"): vpc_id = args.get("<vpc_id>") elif args.get("stack-name"): stack_name = args.get("<stack_name>") vpc_id = vpc_for_stack_name(stack_name) else: raise Exception("No vpc_id or stack_name provided.") vpc = boto.connect_vpc() identity_file = args.get("<identity_file>") user = args.get("<user>") config_file = args.get("<config_file>") strict_host_check = args.get("<strict_host_check>") if not user: user = DEFAULT_USER if not strict_host_check: strict_host_check = DEFAULT_HOST_CHECK if config_file: config_file = "-F {}".format(config_file) else: config_file = "" jump_box = "{vpc_id}-jumpbox".format(vpc_id=vpc_id) friendly = "{vpc_id}-{logical_id}-{instance_id}" reservations = vpc.get_all_instances(filters={'vpc-id' : vpc_id}) for reservation in reservations: for instance in reservation.instances: logical_id = instance.__dict__['tags']['aws:cloudformation:logical-id'] if logical_id == "BastionHost": print JUMPBOX_CONFIG.format( jump_box=jump_box, ip=instance.ip_address, user=user, identity_file=identity_file, strict_host_check=strict_host_check) else: print HOST_CONFIG.format( name=instance.private_ip_address, vpc_id=vpc_id, jump_box=jump_box, ip=instance.private_ip_address, user=user, logical_id=logical_id, identity_file=identity_file, config_file=config_file, strict_host_check=strict_host_check) #duplicating for convenience with ansible name = friendly.format(vpc_id=vpc_id, logical_id=logical_id, instance_id=instance.id) print HOST_CONFIG.format( name=name, vpc_id=vpc_id, jump_box=jump_box, ip=instance.private_ip_address, user=user, logical_id=logical_id, identity_file=identity_file, config_file=config_file, strict_host_check=strict_host_check)
def update_elb_rds_dns(zone): """ Creates elb and rds CNAME records in a zone for args.stack_name. Uses the tags of the instances attached to the ELBs to create the dns name """ dns_records = set() elb_con = boto.connect_elb() rds_con = boto.connect_rds() vpc_id = vpc_for_stack_name(args.stack_name) if not zone and args.noop: # use a placeholder for zone name # if it doesn't exist zone_name = "<zone name>" else: zone_name = zone.Name[:-1] stack_elbs = [ elb for elb in elb_con.get_all_load_balancers() if elb.vpc_id == vpc_id ] for elb in stack_elbs: if "RabbitMQ" in elb.source_security_group.name or "ElasticSearch" in elb.source_security_group.name: env_tag, deployment, play_tag = get_security_group_dns( elb.source_security_group.name) fqdn = "{}-{}.{}".format(env_tag, play_tag, zone_name) dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600, [elb.dns_name])) else: env_tag, play_tag = get_dns_from_instances(elb) fqdn = "{}-{}.{}".format(env_tag, play_tag, zone_name) dns_records.add(DNSRecord(zone, fqdn, 'CNAME', 600, [elb.dns_name])) if extra_play_dns.has_key(play_tag): for name in extra_play_dns.get(play_tag): fqdn = "{}-{}.{}".format(env_tag, name, zone_name) dns_records.add( DNSRecord(zone, fqdn, 'CNAME', 600, [elb.dns_name])) stack_rdss = [ rds for rds in rds_con.get_all_dbinstances() if hasattr(rds.subnet_group, 'vpc_id') and rds.subnet_group.vpc_id == vpc_id ] # TODO the current version of the RDS API doesn't support # looking up RDS instance tags. Hence, we are using the # env_tag that was set via the loop over instances above. for rds in stack_rdss: fqdn = "{}-{}.{}".format(env_tag, 'rds', zone_name) dns_records.add( DNSRecord(zone, fqdn, 'CNAME', 600, [stack_rdss[0].endpoint[0]])) add_or_update_record(dns_records)