def resolve_host(hostname):
ips = dns.resolver.query(hostname, "A")
# sort these so that we deterministically set up the same route
# resources (until DNS changes)
ips = sorted([i.to_text() for i in ips])
return ips
# VPC
cft = CloudFormationTemplate(description="Release Engineering network configuration")
cft.resources.add(Resource(
'RelengVPC', 'AWS::EC2::VPC',
Properties({
'CidrBlock': subnet_cidr('0.0', 16),
'Tags': [nametag('Releng Network')],
})
))
# DHCP options
cft.resources.add(Resource(
'DHCPOptions', 'AWS::EC2::DHCPOptions',
Properties({
# point to the onsite, IT-managed DNS servers
'DomainNameServers': [
"10.26.75.40",
"10.26.75.41"
],
'Tags': [nametag('Releng Network Options')],
})
from cfn_pyplates.core import CloudFormationTemplate, Resource
from cfn_pyplates.core import Properties, options
from utils import nametag
cft = CloudFormationTemplate(description="Tooltool Infrastructure")
rgn = options['region']
# production
cft.resources.add(Resource(
'FileBucket', 'AWS::S3::Bucket',
Properties({
"AccessControl": "Private",
"BucketName": "mozilla-releng-%s-tooltool" % (rgn,),
'Tags': [nametag('Tooltool File Storage - %s' % (rgn,))],
})
))
# staging
cft.resources.add(Resource(
'StagingFileBucket', 'AWS::S3::Bucket',
Properties({
"AccessControl": "Private",
"BucketName": "mozilla-releng-staging-%s-tooltool" % (rgn,),
'Tags': [nametag('Tooltool File Storage - Staging - %s' % (rgn,))],
})
))
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
from cfn_pyplates.core import CloudFormationTemplate, Resource
from cfn_pyplates.core import Properties, options
from utils import nametag
from utils import sgcidr
cft = CloudFormationTemplate(description="IT Resources")
cft.resources.add(Resource(
'NagiosSG', 'AWS::EC2::SecurityGroup',
Properties({
'GroupDescription': 'Nagios Servers',
'Tags': [nametag('nagios')],
'VpcId': options['vpcid'],
'SecurityGroupIngress': [
sgcidr('10.22.8.128/32', -1, -1),
sgcidr('10.22.20.0/25', -1, -1),
sgcidr('10.22.72.136/32', -1, -1),
sgcidr('10.22.72.155/32', -1, -1),
sgcidr('10.22.72.158/32', -1, -1),
sgcidr('10.22.72.159/32', -1, -1),
sgcidr('10.22.75.5/32', -1, -1),
sgcidr('10.22.75.6/31', -1, -1),
sgcidr('10.22.240.0/20', -1, -1),
sgcidr('10.22.74.22/32', -1, -1),
sgcidr('10.22.75.30/32', -1, -1),
sgcidr('10.22.75.36/32', 'tcp', 22),
sgcidr('10.22.75.136/32', 'udp', 161),
from cfn_pyplates.core import CloudFormationTemplate, Resource
from cfn_pyplates.core import Properties, options
from utils import nametag
from utils import sgcidr
cft = CloudFormationTemplate(description="IT Resources")
cft.resources.add(
Resource(
"NagiosSG",
"AWS::EC2::SecurityGroup",
Properties(
{
"GroupDescription": "Nagios Servers",
"Tags": [nametag("nagios")],
"VpcId": options["vpcid"],
"SecurityGroupIngress": [
sgcidr("10.22.8.128/32", -1, -1),
sgcidr("10.22.20.0/25", -1, -1),
sgcidr("10.22.72.136/32", -1, -1),
sgcidr("10.22.72.155/32", -1, -1),
sgcidr("10.22.72.158/32", -1, -1),
sgcidr("10.22.72.159/32", -1, -1),
sgcidr("10.22.75.5/32", -1, -1),
sgcidr("10.22.75.6/31", -1, -1),
sgcidr("10.22.240.0/20", -1, -1),
sgcidr("10.22.74.22/32", -1, -1),
sgcidr("10.22.75.30/32", -1, -1),
sgcidr("10.22.75.36/32", "tcp", 22),
sgcidr("10.22.75.136/32", "udp", 161),
from cfn_pyplates.core import CloudFormationTemplate, Resource
from cfn_pyplates.core import Properties, options
from utils import nametag
cft = CloudFormationTemplate(description="Archiver Infrastructure")
rgn = options['region']
# production
cft.resources.add(Resource(
'FileBucket', 'AWS::S3::Bucket',
Properties({
"AccessControl": "Private",
"BucketName": "mozilla-releng-%s-archiver" % (rgn,),
'Tags': [nametag('Archiver Archive Storage - %s' % (rgn,))],
})
))
# staging
cft.resources.add(Resource(
'StagingFileBucket', 'AWS::S3::Bucket',
Properties({
"AccessControl": "Private",
"BucketName": "mozilla-releng-staging-%s-archiver" % (rgn,),
'Tags': [nametag('Archiver Archive Storage - Staging - %s' % (rgn,))],
})
))
