def __init__(self, title, **kwargs):
super().__init__(title, **kwargs)
self.AccessLoggingPolicy = If(
'LoadBalancerLog',
elb.AccessLoggingPolicy(
EmitInterval=get_endvalue('LoadBalancerLog'),
Enabled=True,
S3BucketName=Sub(cfg.BucketLogs),
S3BucketPrefix=''), Ref('AWS::NoValue'))
self.ConnectionDrainingPolicy = elb.ConnectionDrainingPolicy(
Enabled=True, Timeout=5)
self.ConnectionSettings = elb.ConnectionSettings(
IdleTimeout=get_endvalue('LoadBalancerIdleTimeout'))
self.CrossZone = True
self.HealthCheck = elb.HealthCheck(
HealthyThreshold=get_endvalue('HealthyThresholdCount'),
Interval=get_endvalue('HealthCheckIntervalSeconds'),
Target=get_endvalue('HealthCheckTarget'),
Timeout=get_endvalue('HealthCheckTimeoutSeconds'),
UnhealthyThreshold=get_endvalue('UnhealthyThresholdCount'))
self.LBCookieStickinessPolicy = If('LoadBalancerCookieSticky', [
elb.LBCookieStickinessPolicy(PolicyName='LBCookieStickinessPolicy',
CookieExpirationPeriod=get_endvalue(
'LoadBalancerCookieSticky'))
], Ref('AWS::NoValue'))
self.SecurityGroups = [GetAtt('SecurityGroupLoadBalancer', 'GroupId')]
def render_elb(context, template, ec2_instances):
elb_is_public = True if context['full_hostname'] else False
listeners_policy_names = []
app_cookie_stickiness_policy = []
lb_cookie_stickiness_policy = []
if context['elb']['stickiness']:
if context['elb']['stickiness']['type'] == 'cookie':
app_cookie_stickiness_policy = [
elb.AppCookieStickinessPolicy(
CookieName=context['elb']['stickiness']['cookie-name'],
PolicyName='AppCookieStickinessPolicy')
]
listeners_policy_names.append('AppCookieStickinessPolicy')
elif context['elb']['stickiness']['type'] == 'browser':
lb_cookie_stickiness_policy = [
elb.LBCookieStickinessPolicy(
PolicyName='BrowserSessionLongCookieStickinessPolicy')
]
listeners_policy_names.append(
'BrowserSessionLongCookieStickinessPolicy')
else:
raise ValueError('Unsupported stickiness: %s' %
context['elb']['stickiness'])
protocols = _elb_protocols(context)
listeners = []
elb_ports = []
for protocol in protocols:
if protocol == 'http':
listeners.append(
elb.Listener(
InstanceProtocol='HTTP',
InstancePort='80',
LoadBalancerPort='80',
PolicyNames=listeners_policy_names,
Protocol='HTTP',
))
elb_ports.append(80)
elif protocol == 'https':
listeners.append(
elb.Listener(InstanceProtocol='HTTP',
InstancePort='80',
LoadBalancerPort='443',
PolicyNames=listeners_policy_names,
Protocol='HTTPS',
SSLCertificateId=context['elb']['certificate']))
elb_ports.append(443)
elif isinstance(protocol, int):
port = protocol
listeners.append(
elb.Listener(InstanceProtocol='TCP',
InstancePort=str(port),
LoadBalancerPort=str(port),
PolicyNames=listeners_policy_names,
Protocol='TCP'))
elb_ports.append(port)
else:
raise RuntimeError("Unknown procotol `%s`" %
context['elb']['protocol'])
for _, listener in context['elb']['additional_listeners'].items():
listeners.append(
elb.Listener(InstanceProtocol='HTTP',
InstancePort=str(listener['port']),
LoadBalancerPort=str(listener['port']),
PolicyNames=listeners_policy_names,
Protocol=listener['protocol'].upper(),
SSLCertificateId=context['elb']['certificate']))
elb_ports.append(listener['port'])
template.add_resource(
elb.LoadBalancer(
ELB_TITLE,
AppCookieStickinessPolicy=app_cookie_stickiness_policy,
ConnectionDrainingPolicy=elb.ConnectionDrainingPolicy(
Enabled=True,
Timeout=60,
),
ConnectionSettings=elb.ConnectionSettings(
IdleTimeout=context['elb']['idle_timeout']),
CrossZone=True,
Instances=lmap(Ref, ec2_instances.values()),
# TODO: from configuration
Listeners=listeners,
LBCookieStickinessPolicy=lb_cookie_stickiness_policy,
HealthCheck=elb.HealthCheck(
Target=_elb_healthcheck_target(context),
HealthyThreshold=str(context['elb']['healthcheck'].get(
'healthy_threshold', 10)),
UnhealthyThreshold=str(context['elb']['healthcheck'].get(
'unhealthy_threshold', 2)),
Interval=str(context['elb']['healthcheck'].get('interval',
30)),
Timeout=str(context['elb']['healthcheck'].get('timeout', 30)),
),
SecurityGroups=[Ref(SECURITY_GROUP_ELB_TITLE)],
Scheme='internet-facing' if elb_is_public else 'internal',
Subnets=context['elb']['subnets'],
Tags=elb_tags(context)))
template.add_output(
mkoutput("ElasticLoadBalancer", "Generated name of the ELB",
Ref(ELB_TITLE)))
template.add_resource(
security_group(SECURITY_GROUP_ELB_TITLE, context['aws']['vpc-id'],
_convert_ports_to_dictionary(
elb_ports))) # list of strings or dicts
if any([context['full_hostname'], context['int_full_hostname']]):
dns = external_dns_elb if elb_is_public else internal_dns_elb
template.add_resource(dns(context))
if context['full_hostname']:
[template.add_resource(cname) for cname in cnames(context)]
def render_elb(context, template, ec2_instances):
ensure(any([context['full_hostname'], context['int_full_hostname']]),
"An ELB must have either an external or an internal DNS entry")
elb_is_public = True if context['full_hostname'] else False
listeners_policy_names = []
if context['elb']['stickiness']:
cookie_stickiness = [
elb.LBCookieStickinessPolicy(
PolicyName="BrowserSessionLongCookieStickinessPolicy")
]
listeners_policy_names.append(
'BrowserSessionLongCookieStickinessPolicy')
else:
cookie_stickiness = []
if context['elb']['protocol'] == 'http':
listeners = [
elb.Listener(
InstanceProtocol='HTTP',
InstancePort='80',
LoadBalancerPort='80',
PolicyNames=listeners_policy_names,
Protocol='HTTP',
),
]
elif context['elb']['protocol'] == 'https':
listeners = [
elb.Listener(InstanceProtocol='HTTP',
InstancePort='80',
LoadBalancerPort='443',
PolicyNames=listeners_policy_names,
Protocol='HTTPS',
SSLCertificateId=context['elb']['certificate']),
]
else:
raise RuntimeError("Unknown procotol `%s`" %
context['elb']['protocol'])
template.add_resource(
elb.LoadBalancer(
ELB_TITLE,
ConnectionDrainingPolicy=elb.ConnectionDrainingPolicy(
Enabled=True,
Timeout=60,
),
ConnectionSettings=elb.ConnectionSettings(
IdleTimeout=context['elb']['idle_timeout']),
CrossZone=True,
Instances=map(Ref, ec2_instances),
# TODO: from configuration
Listeners=listeners,
LBCookieStickinessPolicy=cookie_stickiness,
# TODO: from configuration
# seems to default to opening a TCP connection on port 80
# HealthCheck=elb.HealthCheck(
# Target=Join('', ['HTTP:', Ref(webport_param), '/']),
# HealthyThreshold='3',
# UnhealthyThreshold='5',
# Interval='30',
# Timeout='5',
# )
SecurityGroups=[Ref(SECURITY_GROUP_TITLE)],
Scheme='internet-facing' if elb_is_public else 'internal',
Subnets=context['elb']['subnets'],
Tags=elb_tags(context)))
dns = external_dns_elb if elb_is_public else internal_dns_elb
template.add_resource(dns(context))
def elb_adder(self, name, instance_list, dns):
ports = self.config['apps'].values()[0].get("ports", None)
elb_type = self.config['apps'].values()[0].get("type",
'internet-facing')
elb_check_type = self.config['apps'].values()[0].get(
"elb_check_type", 'TCP')
elb_check_path = self.config['apps'].values()[0].get(
"elb_check_path", "")
if 'HTTP' in elb_check_type.upper() and not elb_check_path:
elb_check_path = "/"
if instance_list is None:
instance_list = []
elb_tags = self.__tag_elb_role_generator()
elb_id = ''.join(ch for ch in name if ch.isalnum())
elb_sec_group = name + "_group"
elb_sec_group = elb_sec_group.translate(None, '_')
elasticlb = self.template.add_resource(
elb.LoadBalancer(
elb_id,
Subnets=self.config['public_subnets'],
Scheme=elb_type,
LoadBalancerName=Join(
"", [Ref("AWS::StackName"), '-',
random.randint(1, 999)]),
SecurityGroups=[Ref(elb_sec_group)],
LBCookieStickinessPolicy=[
elb.LBCookieStickinessPolicy(
PolicyName='LBCookeStickinessPolicy', )
],
ConnectionDrainingPolicy=elb.ConnectionDrainingPolicy(
Enabled=True,
Timeout=300,
),
CrossZone=True,
Instances=[Ref(r) for r in instance_list],
Tags=elb_tags))
elasticlb.Listeners = [
elb.Listener(LoadBalancerPort="80",
InstancePort=Ref("WebServerPort"),
Protocol="HTTP",
PolicyNames=['LBCookeStickinessPolicy']),
elb.Listener(
LoadBalancerPort="443",
InstancePort=Ref("WebServerPort"),
Protocol="HTTPS",
SSLCertificateId=Ref("CertName"),
PolicyNames=['LBCookeStickinessPolicy'],
)
]
elasticlb.HealthCheck = elb.HealthCheck(Target=Join(
"", [elb_check_type.upper(), ":", ports, elb_check_path]),
HealthyThreshold="3",
UnhealthyThreshold="5",
Interval="30",
Timeout="5")
if dns:
self.dns_adder(dns, elb_id)
return elasticlb