def deploy_celery_backend(rds_host, user_key, user_secret):
'''
We deploy this celery backend host with the following settings:
* Has the vulnweb application from django_frontend for running a
celery worker to consume messages.
* Has access to the DB 3306 port, where it stores the log messages
* Has hard-coded AWS credentials to access SQS
* The credentials have RDS:* , IAM:*, SQS:*
:param rds_host: The RDS instance which we'll use to extract the DB endpoint
:param user_key: The Amazon API key to hard-code during deployment
:param user_secret: The Amazon API secret to hard-code during deployment
'''
conn = EC2Connection()
logging.info('Launching Celery backend instance')
logging.debug(' RDS host: %s' % rds_host)
logging.debug(' Low privilege user access key: %s' % user_key)
logging.debug(' Low privilege user secret key: %s' % user_secret)
keypair_name = create_keypair(NAME)
security_group = create_security_group()
my_reservation = conn.run_instances(
AMI,
instance_type=SIZE,
key_name=keypair_name,
security_groups=[
security_group,
],
)
instance = my_reservation.instances[0]
while not instance.update() == 'running':
logging.debug('Waiting for instance to start...')
time.sleep(10)
conn.create_tags([instance.id], {"Name": NAME})
wait_ssh_ready(instance.public_dns_name)
logging.info('Successfully started %s' % NAME)
logging.debug(SUCCESS_MESSAGE % instance.public_dns_name)
host_string = 'ubuntu@%s' % instance.public_dns_name
key_filename = '%s.pem' % NAME
with hide('stdout', 'stderr'):
with settings(host_string=host_string,
key_filename=key_filename,
host=instance.public_dns_name):
setup_celery_backend(rds_host, user_key, user_secret)
def deploy_django_frontend():
conn = EC2Connection()
logging.info('Launching Django frontend instance')
keypair_name = create_keypair(NAME)
user_data = get_user_data()
security_group = create_security_group()
instance_profile = create_instance_profile(NAME, SQS_POLICY)
my_reservation = conn.run_instances(AMI,
instance_type=SIZE,
key_name=keypair_name,
user_data=user_data,
security_groups=[
security_group,
],
instance_profile_name=instance_profile)
instance = my_reservation.instances[0]
while not instance.update() == 'running':
logging.debug('Waiting for instance to start...')
time.sleep(10)
logging.info(
'Checking if instance was correctly configured (this usually takes 5min)'
)
conn.create_tags([instance.id], {"Name": NAME})
for _ in xrange(10):
time.sleep(60)
try:
response = requests.get(TEST_URL % instance.public_dns_name)
except Exception:
logging.debug('Instance did not boot yet...')
else:
assert 'python-requests' in response.text, 'Incorrectly configured!'
break
else:
raise Exception('Timeout! Instance failed to boot.')
logging.info('Successfully started %s' % NAME)
logging.debug(SUCCESS_MESSAGE %
(instance.public_dns_name, instance.public_dns_name,
instance.public_dns_name))
def deploy_celery_backend(rds_host, user_key, user_secret):
'''
We deploy this celery backend host with the following settings:
* Has the vulnweb application from django_frontend for running a
celery worker to consume messages.
* Has access to the DB 3306 port, where it stores the log messages
* Has hard-coded AWS credentials to access SQS
* The credentials have RDS:* , IAM:*, SQS:*
:param rds_host: The RDS instance which we'll use to extract the DB endpoint
:param user_key: The Amazon API key to hard-code during deployment
:param user_secret: The Amazon API secret to hard-code during deployment
'''
conn = EC2Connection()
logging.info('Launching Celery backend instance')
logging.debug(' RDS host: %s' % rds_host)
logging.debug(' Low privilege user access key: %s' % user_key)
logging.debug(' Low privilege user secret key: %s' % user_secret)
keypair_name = create_keypair(NAME)
security_group = create_security_group()
my_reservation = conn.run_instances(AMI,
instance_type=SIZE,
key_name=keypair_name,
security_groups=[security_group,],)
instance = my_reservation.instances[0]
while not instance.update() == 'running':
logging.debug('Waiting for instance to start...')
time.sleep(10)
conn.create_tags([instance.id], {"Name": NAME})
wait_ssh_ready(instance.public_dns_name)
logging.info('Successfully started %s' % NAME)
logging.debug(SUCCESS_MESSAGE % instance.public_dns_name)
host_string = 'ubuntu@%s' % instance.public_dns_name
key_filename = '%s.pem' % NAME
with hide('stdout', 'stderr'):
with settings(host_string=host_string, key_filename=key_filename,
host=instance.public_dns_name):
setup_celery_backend(rds_host, user_key, user_secret)
def deploy_django_frontend():
conn = EC2Connection()
logging.info('Launching Django frontend instance')
keypair_name = create_keypair(NAME)
user_data = get_user_data()
security_group = create_security_group()
instance_profile = create_instance_profile(NAME, SQS_POLICY)
my_reservation = conn.run_instances(AMI,
instance_type=SIZE,
key_name=keypair_name,
user_data=user_data,
security_groups=[security_group,],
instance_profile_name=instance_profile)
instance = my_reservation.instances[0]
while not instance.update() == 'running':
logging.debug('Waiting for instance to start...')
time.sleep(10)
logging.info('Checking if instance was correctly configured (this usually takes 5min)')
conn.create_tags([instance.id], {"Name": NAME})
for _ in xrange(10):
time.sleep(60)
try:
response = requests.get(TEST_URL % instance.public_dns_name)
except Exception:
logging.debug('Instance did not boot yet...')
else:
assert 'python-requests' in response.text, 'Incorrectly configured!'
break
else:
raise Exception('Timeout! Instance failed to boot.')
logging.info('Successfully started %s' % NAME)
logging.debug(SUCCESS_MESSAGE % (instance.public_dns_name,
instance.public_dns_name,
instance.public_dns_name))