def configure_awscli(profile_name): print(divider) print("Starting configuration of awsclli --> {}".format(profile_name)) print(divider) if profile_name == " ": rc = cmd_exec.execute_command( "aws configure set aws_access_key_id {0} && aws configure set aws_secret_access_key {1} && aws configure set region {2}" .format(aws_parm.AWS_ACCESS_KEY_ID, aws_parm.AWS_SECRET_ACCESS_KEY, aws_parm.AWS_DEFAULT_REGION), False) cmd_exec.execute_command("aws configure list ", False) else: rc = cmd_exec.execute_command( "aws configure --profile {0} set aws_access_key_id {1} && aws configure --profile {0} set aws_secret_access_key {2} && aws configure --profile {0} set region {3}" .format(profile_name, aws_parm.AWS_ACCESS_KEY_ID, aws_parm.AWS_SECRET_ACCESS_KEY, aws_parm.AWS_DEFAULT_REGION), False) cmd_exec.execute_command( "aws configure list --profile {0}".format(profile_name), False) print(divider) print("Completed configuration of awsclli --> {}".format(profile_name)) print(divider)
def ec2_instance_list(): cmd_exec.execute_command( "aws ec2 describe-instances --query 'Reservations[*].Instances[*].[InstanceId,Tags[?Key==`Name`].Value|[0],InstanceType,State.Name,PrivateIpAddress,PublicIpAddress]' --output text", False)
def ec2_dl8_keypair(keypair_name): rc = cmd_exec.execute_command( "aws ec2 delete-key-pair --key-name {0}".format(keypair_name), False)
def ec2_cr8_keypair(keypair_name, key_filename): rc = cmd_exec.execute_command( "aws ec2 create-key-pair --key-name {0} --query 'KeyMaterial' --output text > {1}" .format(keypair_name, key_filename), False)
def install_eks(step, stepto): global vpc_output, node_output if stepto == 0: stepto = 6 print(eks_parm.divider) print("Starting installation of EKS from step {0} to step {1}".format( step, stepto)) print(eks_parm.divider) #sys.exit() if step == 0: rc = cmd_exec.execute_command_with_status( "aws cloudformation create-stack --stack-name {0} --template-url {1}" .format(eks_parm.VPC_STACK_NAME, eks_parm.VPC_TEMPLATE), False, "aws cloudformation describe-stacks --stack-name {0} --query Stacks[0].StackStatus" .format(eks_parm.VPC_STACK_NAME), "\"CREATE_COMPLETE\"") if stepto == 0: sys.exit() step = step + 1 if vpc_output == False and step >= 1: cmd_exec.get_outputs( "aws cloudformation describe-stacks --stack-name {0} --query Stacks[].Outputs[].[OutputKey,OutputValue] --output text" .format(eks_parm.VPC_STACK_NAME), "\t") vpc_output = True if step == 1: #sys.exit() rc = cmd_exec.execute_command_with_status( "aws eks create-cluster --name {0} --role-arn {1} --resources-vpc-config {2}" .format( eks_parm.EKS_CLUSTER_NAME, eks_parm.EKS_ROLE_ARN, "subnetIds={0},securityGroupIds={1}".format( cmd_exec.aws_values["SubnetIds"], cmd_exec.aws_values["SecurityGroups"])), False, "aws eks describe-cluster --name {0} --query cluster.status". format(eks_parm.EKS_CLUSTER_NAME), "\"ACTIVE\"") if stepto == 1: sys.exit() step = step + 1 if step == 2: rc = cmd_exec.execute_command( "aws eks update-kubeconfig --name {}".format( eks_parm.EKS_CLUSTER_NAME), False) if stepto == 2: sys.exit() step = step + 1 if step == 3: #Check Desired vs Min and Max if int(eks_parm.EKS_NODE_AS_GROUP_DESIRED) < int(eks_parm.EKS_NODE_AS_GROUP_MIN) or \ int(eks_parm.EKS_NODE_AS_GROUP_DESIRED) > int(eks_parm.EKS_NODE_AS_GROUP_MAX): cmd_exec.onError("Autoscaling Group Desired size outside Min/Max", 1) #Build Worker Node Command command = "aws cloudformation create-stack --stack-name {0} --template-url {1} --parameters \ ParameterKey=ClusterName,ParameterValue={2} ParameterKey=ClusterControlPlaneSecurityGroup,ParameterValue={3} \ ParameterKey=NodeGroupName,ParameterValue={4} ParameterKey=NodeAutoScalingGroupMinSize,ParameterValue={5} \ ParameterKey=NodeAutoScalingGroupMaxSize,ParameterValue={6} ParameterKey=NodeInstanceType,ParameterValue={7} \ ParameterKey=NodeImageId,ParameterValue={8} ParameterKey=KeyName,ParameterValue={9} \ ParameterKey=VpcId,ParameterValue={10} ParameterKey=Subnets,ParameterValue=\'{11}\' \ ParameterKey=NodeVolumeSize,ParameterValue={12} ParameterKey=NodeAutoScalingGroupDesiredCapacity,ParameterValue={13} \ --capabilities CAPABILITY_IAM".format( eks_parm.EKS_NODES_STACK_NAME, eks_parm.EKS_NODES_TEMPLATE, eks_parm.EKS_CLUSTER_NAME, cmd_exec.aws_values["SecurityGroups"], eks_parm.EKS_NODE_GROUP_NAME, eks_parm.EKS_NODE_AS_GROUP_MIN, eks_parm.EKS_NODE_AS_GROUP_MAX, eks_parm.EKS_NODE_INSTANCE_TYPE, eks_parm.EKS_IMAGE_ID, eks_parm.EKS_KEY_NAME, cmd_exec.aws_values["VpcId"], cmd_exec.aws_values["SubnetIds"].replace(",", "\,"), eks_parm.EKS_NODE_VOLUME_SIZE, eks_parm.EKS_NODE_AS_GROUP_DESIRED) #execute command rc = cmd_exec.execute_command_with_status( command, False, "aws cloudformation describe-stacks --stack-name {0} --query Stacks[0].StackStatus" .format(eks_parm.EKS_NODES_STACK_NAME), "\"CREATE_COMPLETE\"") if stepto == 3: sys.exit() step = step + 1 if step == 4: cmd_exec.execute_command( "curl -O https://amazon-eks.s3-us-west-2.amazonaws.com/cloudformation/2018-12-10/aws-auth-cm.yaml", False) if stepto == 4: sys.exit() step = step + 1 if node_output == False and step >= 4: cmd_exec.get_outputs( "aws cloudformation describe-stacks --stack-name {0} --query Stacks[].Outputs[].[OutputKey,OutputValue] --output text" .format(eks_parm.EKS_NODES_STACK_NAME), "\t") if step == 5: cmd_exec.replace( "./aws-auth-cm.yaml", " - rolearn: <ARN of instance role (not instance profile)>", " - rolearn: {0}".format( cmd_exec.aws_values["NodeInstanceRole"])) cmd_exec.execute_command("kubectl apply -f aws-auth-cm.yaml", False) if stepto == 5: sys.exit() step = step + 1 try: AWS_SEC_ARN = eks_parm.AWS_SECOND_USER_ARN AWS_SEC_NAME = eks_parm.AWS_SECOND_USER_NAME except AttributeError: AWS_SEC_ARN = "" AWS_SEC_NAME = "" if step == 6 and len(AWS_SEC_ARN) > 3 and len(AWS_SEC_NAME) >= 1: cmd_exec.execute_command( "kubectl get -n kube-system configmap/aws-auth -o yaml > aws-auth-patch.yaml", False) cmd_exec.insert_lines("./aws-auth-patch.yaml", "kind: ConfigMap",[" - rolearn: {}".format(eks_parm.AWS_SECOND_USER_ARN), \ " username: {}".format(eks_parm.AWS_SECOND_USER_NAME), \ " groups:", \ " - system:masters"]) cmd_exec.execute_command( "kubectl apply -n kube-system -f aws-auth-patch.yaml", False) else: print( "Skipping step 6 as incomplete secondary user credentials supplied in parameters file" )