Class: CloudProviders::SecurityGroup

Inherits:

Ec2Helper

• Object
• CloudProvider
• Ec2Helper
• CloudProviders::SecurityGroup

Defined in:

lib/cloud_providers/ec2/helpers/security_group.rb

Instance Attribute Summary

Attributes inherited from CloudProvider

#init_opts, #name

Instance Method Summary

• #all_security_groups ⇒ Object
• #authorize(o = {}, &block) ⇒ Object
• #authorizes ⇒ Object
• #create_security_group! ⇒ Object
• #revoke(o = {}, &block) ⇒ Object
• #revokes ⇒ Object
• #run ⇒ Object
• #security_groups ⇒ Object
• #should_create_security_group? ⇒ Boolean
• #to_s ⇒ Object

Methods inherited from Ec2Helper

#as, #ec2, #elb, #initialize, #pool, property, #rds

Methods inherited from CloudProvider

#after_initialized, #bootstrap_nodes!, #default_keypair_path, default_keypair_path, #initialize, #method_missing

Constructor Details

This class inherits a constructor from CloudProviders::Ec2Helper

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class CloudProviders::CloudProvider

Instance Method Details

#all_security_groups ⇒ Object

# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 71

def all_security_groups
  @all_security_groups ||= ec2.describe_security_groups.securityGroupInfo.item.map do |sg|
    perms = sg["ipPermissions"] || {"item" => []} rescue [{"item" => []}]
    {
      :name => sg["groupName"],
      :description => sg["groupDescription"],
      :ip_permissions => perms["item"].map do |i|
        ip_ranges = i["ipRanges"] || {"item" => []} rescue {"item" => []}
        {
          :protocol => i["ipProtocol"],
          :from_port => i["fromPort"],
          :to_port => i["toPort"],
          :ip_ranges => ip_ranges["item"].map do |ip|
            {
              :cidrIp => ip["cidrIp"]
            }
          end
        }
      end
    }
  end
end

#authorize(o = {}, &block) ⇒ Object

# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 56

def authorize(o={}, &block)
  authorizes << Authorize.new("#{name}", o.merge(:parent => parent, :cloud => cloud), &block)
end

#authorizes ⇒ Object

# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 96

def authorizes
  @authorizes ||= []
end

#create_security_group! ⇒ Object

# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 62

def create_security_group!
  ec2.create_security_group(:group_name => name, :group_description => "PoolParty generated security group: #{name}")
end

#revoke(o = {}, &block) ⇒ Object

# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 59

def revoke(o={}, &block)
  revokes << Revoke.new("#{name}", o.merge(:parent => parent, :cloud => cloud), &block)
end

#revokes ⇒ Object

# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 99

def revokes
  @revokes ||= []
end

#run ⇒ Object

# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 4

def run
  if should_create_security_group?
    create_security_group!
  end
  current_security_groups = security_groups.map {|a| 
    a[:ip_permissions].map do |perm|
      if perm[:group_name]
        {
          :group_name => perm[:group_name]
        }
      else
        if perm[:ip_ranges].size > 1
          perm[:ip_ranges].map do |range|
            {
              :group_name => a[:name],
              :from_port => perm[:from_port],
              :to_port => perm[:to_port],
              :cidr_ip => range,
              :ip_protocol => perm[:protocol]
            }.flatten
          end.flatten
        else
          {
            :group_name => a[:name],
            :from_port => perm[:from_port], 
            :to_port => perm[:to_port],
            :cidr_ip => perm[:ip_ranges].map {|c| c[:cidrIp] }.first, # first for simplicity for now...
            :ip_protocol => perm[:protocol]
          }
        end
      end
    end.flatten
  }.flatten
  
  authorizers = []
  authorizes.each do |a|
    unless current_security_groups.include?(a.to_hash)
      authorizers << a
    end
  end
  
  defined_security_group_hashes = authorizes.map {|a| a.to_hash}
  
  current_security_groups.each do |hsh|
    unless defined_security_group_hashes.include?(hsh)
      revoke(hsh.merge(:protocol => hsh[:ip_protocol]))
    end
  end
  
  revokes.each {|r| r.run }
  authorizers.each {|a| a.run}
end

#security_groups ⇒ Object

# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 68

def security_groups
  @security_groups ||= all_security_groups.select {|sg| sg[:name] == name }
end

#should_create_security_group? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 65

def should_create_security_group?
  security_groups.empty?
end

#to_s ⇒ Object

# File 'lib/cloud_providers/ec2/helpers/security_group.rb', line 93

def to_s
  name
end