def get_network_interface(self, component_key, component_value, vm_config, subnet_name, security_group_name, public_ip_name, index): network_interface = self.get_config_or_default(self.docs, 'infrastructure/network-interface') network_interface.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'nic' + '-' + str(index), component_key) network_interface.specification.use_network_security_groups = self.use_network_security_groups network_interface.specification.security_group_name = security_group_name network_interface.specification.ip_configuration_name = resource_name(self.cluster_prefix, self.cluster_name, 'ipconf' + '-' + str(index), component_key) network_interface.specification.subnet_name = subnet_name network_interface.specification.use_public_ip = self.cluster_model.specification.cloud.use_public_ips network_interface.specification.public_ip_name = public_ip_name network_interface.specification.enable_accelerated_networking = vm_config.specification.network_interface.enable_accelerated_networking return network_interface
def get_public_ip(self, component_key, component_value, vm_config, index): public_ip = self.get_config_or_default(self.docs, 'infrastructure/public-ip') public_ip.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'pubip' + '-' + str(index), component_key) public_ip.specification.allocation_method = vm_config.specification.network_interface.public_ip.allocation_method public_ip.specification.idle_timeout_in_minutes = vm_config.specification.network_interface.public_ip.idle_timeout_in_minutes public_ip.specification.sku = vm_config.specification.network_interface.public_ip.sku return public_ip
def get_vm(self, component_key, component_value, vm_config, network_interface_name, index): vm = dict_to_objdict(deepcopy(vm_config)) vm.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'vm' + '-' + str(index), component_key) vm.specification.admin_username = self.cluster_model.specification.admin_user.name vm.specification.network_interface_name = network_interface_name vm.specification.tags.append( {'cluster': cluster_tag(self.cluster_prefix, self.cluster_name)}) vm.specification.tags.append({component_key: ''}) if vm.specification.os_type == 'linux': # For linux we dont need a PW since we only support SSH. We add something random for Terraform # to run and later disable password access in Ansible. vm.specification.admin_password = str(uuid.uuid4()) if vm_config.specification.os_type == 'windows': raise NotImplementedError('Windows VMs not supported jet.') pub_key_path = self.cluster_model.specification.admin_user.key_path + '.pub' if os.path.isfile(pub_key_path): vm.specification.public_key = pub_key_path else: raise Exception( f'SSH key path "{pub_key_path}" is not valid. Ansible run will fail.' ) return vm
def get_efs_config(self): efs_config = self.get_config_or_default(self.docs, 'infrastructure/efs-storage') efs_config.specification.token = "aws-efs-token-" + self.cluster_name efs_config.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'efs') return efs_config
def get_resource_group(self): resource_group = self.get_config_or_default( self.docs, 'infrastructure/resource-group') resource_group.specification.name = resource_name( self.cluster_prefix, self.cluster_name, 'rg') resource_group.specification.cluster_name = self.cluster_name return resource_group
def __init__(self, cluster_model, config_docs): self.cluster_model = cluster_model self.cluster_name = self.cluster_model.specification.name.lower() self.cluster_prefix = self.cluster_model.specification.prefix.lower() self.resource_group_name = resource_name(self.cluster_prefix, self.cluster_name, 'rg') self.config_docs = config_docs self.logger = Log(__name__)
def get_routing_table(self, vpc_name, internet_gateway_name): route_table = self.get_config_or_default(self.docs, 'infrastructure/route-table') route_table.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'route-table') route_table.specification.vpc_name = vpc_name route_table.specification.route.gateway_name = internet_gateway_name route_table.specification.cluster_name = self.cluster_name return route_table
def get_security_group(self, subnet, component_key, vpc_name, index): security_group = self.get_config_or_default(self.docs, 'infrastructure/security-group') security_group.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'security-group' + '-' + str(index), component_key) security_group.specification.vpc_name = vpc_name security_group.specification.cidr_block = subnet.specification.cidr_block security_group.specification.cluster_name = self.cluster_name return security_group
def get_storage_share_config(self): storage_share = self.get_config_or_default( self.docs, 'infrastructure/storage-share') storage_share.specification.name = resource_name( self.cluster_prefix, self.cluster_name, 'k8s-ss') storage_share.specification.storage_account_name = storage_account_name( self.cluster_prefix, self.cluster_name, 'k8s') return storage_share
def get_availability_set(self, availability_set_name): availability_set = select_first( self.docs, lambda item: item.kind == 'infrastructure/availability-set' and item.name == availability_set_name, ) if availability_set is not None: availability_set.specification.name = resource_name(self.cluster_prefix, self.cluster_name, availability_set_name + '-' + 'aset') return availability_set
def get_internet_gateway(self, vpc_name): internet_gateway = self.get_config_or_default( self.docs, 'infrastructure/internet-gateway') internet_gateway.specification.name = resource_name( self.cluster_prefix, self.cluster_name, 'internet-gateway') internet_gateway.specification.vpc_name = vpc_name internet_gateway.specification.cluster_name = self.cluster_name return internet_gateway
def get_vpc_config(self): vpc_config = self.get_config_or_default(self.docs, 'infrastructure/vpc') vpc_config.specification.address_pool = self.cluster_model.specification.cloud.vnet_address_pool vpc_config.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'vpc') vpc_config.specification.cluster_name = self.cluster_name return vpc_config
def get_subnet(self, subnet_definition, component_key, vpc_name, index): subnet = self.get_config_or_default(self.docs, 'infrastructure/subnet') subnet.specification.vpc_name = vpc_name subnet.specification.cidr_block = subnet_definition['address_pool'] subnet.specification.availability_zone = subnet_definition['availability_zone'] subnet.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'subnet' + '-' + str(index), component_key) subnet.specification.cluster_name = self.cluster_name return subnet
def get_network_security_group(self, component_key, security_rules, index): security_group = self.get_config_or_default( self.docs, 'infrastructure/network-security-group') security_group.specification.name = resource_name( self.cluster_prefix, self.cluster_name, 'nsg' + '-' + str(index), component_key) security_group.specification.rules = security_rules return security_group
def get_launch_configuration(self, autoscaling_group, component_key, security_groups_to_create): launch_configuration = self.get_config_or_default(self.docs, 'infrastructure/launch-configuration') launch_configuration.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'launch-config', component_key) launch_configuration.specification.size = autoscaling_group.specification.size launch_configuration.specification.security_groups = [s.specification.name for s in security_groups_to_create] launch_configuration.specification.disks = autoscaling_group.specification.disks launch_configuration.specification.ebs_optimized = autoscaling_group.specification.ebs_optimized launch_configuration.specification.associate_public_ip = self.cluster_model.specification.cloud.use_public_ips return launch_configuration
def get_route_table_association(self, route_table_name, component_key, subnet_name, subnet_index): route_table_association = self.get_config_or_default( self.docs, 'infrastructure/route-table-association') route_table_association.specification.name = resource_name( self.cluster_prefix, self.cluster_name, 'route-association', component_key + '-' + str(subnet_index)) route_table_association.specification.subnet_name = subnet_name route_table_association.specification.route_table_name = route_table_name return route_table_association
def get_autoscaling_group(self, component_key, component_value, subnets_to_create): autoscaling_group = self.get_virtual_machine(component_value, self.cluster_model, self.docs) autoscaling_group.specification.cluster_name = self.cluster_name autoscaling_group.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'asg', component_key) autoscaling_group.specification.count = component_value.count autoscaling_group.specification.subnet_names = [s.specification.name for s in subnets_to_create] autoscaling_group.specification.availability_zones = list(set([s.specification.availability_zone for s in subnets_to_create])) autoscaling_group.specification.tags.append({'cluster_name': self.cluster_name}) autoscaling_group.specification.tags.append({component_key: ''}) return autoscaling_group
def __init__(self, docs): super().__init__(__name__) self.cluster_model = select_single( docs, lambda x: x.kind == 'epiphany-cluster') self.cluster_name = self.cluster_model.specification.name.lower() self.cluster_prefix = self.cluster_model.specification.prefix.lower() self.resource_group_name = resource_name(self.cluster_prefix, self.cluster_name, 'rg') self.region = self.cluster_model.specification.cloud.region self.docs = docs
def get_subnet(self, subnet_definition, component_key, security_group_name, index): subnet = self.get_config_or_default(self.docs, 'infrastructure/subnet') subnet.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'subnet' + '-' + str(index), component_key) subnet.specification.address_prefix = subnet_definition['address_pool'] subnet.specification.security_group_name = security_group_name subnet.specification.cluster_name = self.cluster_name return subnet
def azure_login(self): # From the 4 methods terraform provides to login to # Azure we support (https://www.terraform.io/docs/providers/azurerm/auth/azure_cli.html): # - Authenticating to Azure using the Azure CLI # - Authenticating to Azure using a Service Principal and a Client Secret apiproxy = APIProxy(self.cluster_model, self.config_docs) if not self.cluster_model.specification.cloud.use_service_principal: # Account subscription = apiproxy.login_account() apiproxy.set_active_subscribtion(subscription['id']) else: # Service principal sp_file = os.path.join( get_terraform_path(self.cluster_model.specification.name), SP_FILE_NAME) if not os.path.exists(sp_file): # If no service principal exists or is defined we created one and for that we need to login using an account subscription = apiproxy.login_account() apiproxy.set_active_subscribtion(subscription['id']) # Create the service principal, for now we use the default subscription self.logger.info('Creating service principal') cluster_name = self.cluster_model.specification.name.lower() cluster_prefix = self.cluster_model.specification.prefix.lower( ) resource_group_name = resource_name(cluster_prefix, cluster_name, 'rg') sp = apiproxy.create_sp(resource_group_name, subscription['id']) sp['subscriptionId'] = subscription['id'] save_sp(sp, self.cluster_model.specification.name) else: self.logger.info('Using service principal from file') sp = load_yaml_file(sp_file) # Login as SP and get the default subscription. subscription = apiproxy.login_sp(sp) if 'subscriptionId' in sp: # Set active subscription if sp contains it. apiproxy.set_active_subscribtion(sp['subscriptionId']) self.new_env['ARM_SUBSCRIPTION_ID'] = sp['subscriptionId'] else: # No subscriptionId in sp.yml so use the default one from Azure SP login. self.new_env['ARM_SUBSCRIPTION_ID'] = subscription[0]['id'] # Set other environment variables for Terraform when working with Azure and service principal. self.new_env['ARM_TENANT_ID'] = sp['tenant'] self.new_env['ARM_CLIENT_ID'] = sp['appId'] self.new_env['ARM_CLIENT_SECRET'] = sp['password']
def get_subnet_network_security_group_association(self, component_key, subnet_name, security_group_name, index): ssga = self.get_config_or_default( self.docs, 'infrastructure/subnet-network-security-group-association') ssga.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'ssga' + '-' + str(index), component_key) ssga.specification.subnet_name = subnet_name ssga.specification.security_group_name = security_group_name return ssga
def get_vm(self, component_key, component_value, vm_config, availability_set, network_interface_name, index): vm = dict_to_objdict(deepcopy(vm_config)) vm.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'vm' + '-' + str(index), component_key) vm.specification.admin_username = self.cluster_model.specification.admin_user.name vm.specification.network_interface_name = network_interface_name vm.specification.tags.append({'cluster': cluster_tag(self.cluster_prefix, self.cluster_name)}) vm.specification.tags.append({component_key: ''}) if vm_config.specification.os_type == 'windows': raise NotImplementedError('Windows VMs not supported jet.') pub_key_path = self.cluster_model.specification.admin_user.key_path + '.pub' if os.path.isfile(pub_key_path): vm.specification.public_key = pub_key_path else: raise Exception(f'SSH key path "{pub_key_path}" is not valid. Ansible run will fail.') if availability_set is not None: vm.specification.availability_set_name = availability_set.specification.name return vm
def test_resource_name_pr_cn_rt_cmp(): actual = resource_name('prefix', 'Cluster', 'Type', component='Component') assert actual == "prefix-cluster-component-type"
def test_resource_name_cn_rt_cmp(): actual = resource_name('default', 'Cluster', 'Type', component='Component') assert actual == "cluster-component-type"
def test_resource_name_pr_cn_rt(): actual = resource_name('prefix', 'Cluster', 'Type') assert actual == "prefix-cluster-type"
def test_resource_name_cn_rt(): actual = resource_name('default', 'Cluster', 'Type') assert actual == "cluster-type"
def get_virtual_network(self): vnet = self.get_config_or_default(self.docs, 'infrastructure/vnet') vnet.specification.name = resource_name(self.cluster_prefix, self.cluster_name, 'vnet') vnet.specification.address_space = self.cluster_model.specification.cloud.vnet_address_pool return vnet