def put_janus_config():
import yaml
execute('ec2.set_instance_roles')
config_fn = 'config/aws.yml'
config = yaml.load(open(config_fn).read())
config['host'] = {}
host = config['host']
created_instances = get_created_instances()
leader_ip_address = env.roledefs['leaders'][0]
for region, instances in created_instances.iteritems():
cnt = 0
for instance in instances:
proc_name = "{region}-{cnt}".format(region=region, cnt=cnt)
if instance.public_ip_address != leader_ip_address:
host[proc_name] = instance.public_ip_address
cnt += 1
config_contents = StringIO.StringIO(yaml.dump(config, default_flow_style=False))
put(config_contents, "{}/config/aws.yml".format(env.nfs_home))
def load_security_grp_ips():
execute('ec2.load_instances')
execute('cluster.setup_security_groups')
sec_group_ids = env.security_groups
created_instances = get_created_instances()
logging.info("created instances: {}".format(created_instances))
regions = created_instances.keys()
logging.info("setup security group for regions: {}".format(regions))
for region in regions:
ec2 = boto3.resource('ec2', region_name=region)
logging.info("adding ips to security group {}".format(sec_grp_name(region)))
security_group = ec2.SecurityGroup(sec_group_ids[region])
if security_group is not None:
security_group.load()
permissions = {
'IpProtocol': '-1',
'FromPort': -1,
'ToPort': -1,
'IpRanges': []
}
for region2 in regions:
for instance in created_instances[region2]:
cidr = instance.public_ip_address + "/32"
permissions['IpRanges'].append({ 'CidrIp': cidr })
for cidr in ALLOWED_IP_RANGES:
permissions['IpRanges'].append({ 'CidrIp': cidr })
logging.info("add rules to security group {}:\n{}".format(
sec_grp_name(region), permissions))
try:
security_group.authorize_ingress(SourceSecurityGroupName=sec_grp_name(region))
security_group.authorize_ingress(IpPermissions=[permissions])
except:
traceback.print_exc()
else:
raise RuntimeError("could not load security group")
