def test_cloud_remote_set():
driver = DummyNodeDriver('')
set_ = CloudRemoteSet(driver)
assert len(set_) == 2
assert set_['dummy-1'] == Remote('ec2-user', '127.0.0.1')
assert set_['dummy-1'].metadata == {'dummy': 'test'}
assert set_['dummy-2'] == Remote('ec2-user', '127.0.0.1')
assert set_['dummy-2'].metadata == {'dummy': 'test'}
id_set = CloudRemoteSet(driver, alias_namer=lambda n: 'id-' + n.id)
assert frozenset(id_set) == {'id-1', 'id-2'}
assert id_set['id-1'] == set_['dummy-1']
assert id_set['id-2'] == set_['dummy-2']
def test_cloud_remote_set():
driver = DummyNodeDriver('')
set_ = CloudRemoteSet(driver)
assert len(set_) == 2
assert set_['dummy-1'] == Remote('ec2-user', '127.0.0.1')
assert set_['dummy-1'].metadata == {'dummy': 'test'}
assert set_['dummy-2'] == Remote('ec2-user', '127.0.0.1')
assert set_['dummy-2'].metadata == {'dummy': 'test'}
driver = driver_cls('aws access key', 'aws secret key')
container = driver.get_container(container_name='your_team_master_key')
MASTER_KEY_STORE = CloudMasterKeyStore(driver, container, 'id_rsa')
# You have to let Geofront know what to manage remote servers.
# Although the list can be hard-coded in the configuration file,
# but you'll get the list dynamically from EC2 API. Assume our all
# AMIs are Amazon Linux, so the usernames are always ec2-user.
# If you're using Ubuntu AMIs it should be ubuntu instead.
from geofront.backends.cloud import CloudRemoteSet
from libcloud.compute.types import Provider
from libcloud.compute.providers import get_driver
driver_cls = get_driver(Provider.EC2)
driver = driver_cls('aws access id', 'aws secret key', region='uest-east-1')
REMOTE_SET = CloudRemoteSet(driver, user='******')
# Suppose your team is divided by several subgroups, and these subgroups are
# represented in teams of the GitHub organization. So you can control
# who can access each remote by specifying allowed groups to its metadata.
# CloudRemoteSet which is used for above REMOTE_SET exposes each EC2 instance's
# metadata as it has. We suppose every EC2 instance has Allowed-Groups
# metadata key and its value is space-separated list of group slugs.
# The following settings will allow only members who belong to corresponding
# groups to access.
from geofront.remote import GroupMetadataPermissionPolicy
PERMISSION_POLICY = GroupMetadataPermissionPolicy('Allowed-Groups')
# Geofront provisions access tokens (or you can think them as sessions)
# for Geofront clients. Assume you already have a Redis server running