Class: Central::Machine::Aws::NodeProvisioner

Inherits:
Object
  • Object
show all
Includes:
Common, RandomName
Defined in:
lib/central/machine/aws/node_provisioner.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Common

#default_subnet, #default_vpc, #resolve_ami

Constructor Details

#initialize(api_client, access_key_id, secret_key, region) ⇒ NodeProvisioner

Returns a new instance of NodeProvisioner.

Parameters:

  • api_client (Central::Client)

    Central api client

  • access_key_id (String)

    aws_access_key_id

  • secret_key (String)

    aws_secret_access_key

  • region (String) 


20
21
22
23
24
25
26
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 20

def initialize(api_client, access_key_id, secret_key, region)
  @api_client = api_client
  @ec2 = ::Aws::EC2::Resource.new(
    region: region,
    credentials: ::Aws::Credentials.new(access_key_id, secret_key)
  )
end

Instance Attribute Details

#api_clientObject (readonly)

Returns the value of attribute api_client.



14
15
16
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 14

def api_client
  @api_client
end

#ec2Object (readonly)

Returns the value of attribute ec2.



14
15
16
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 14

def ec2
  @ec2
end

Instance Method Details

#aws_dns_supported?(vpc_id) ⇒ Boolean

Parameters:

  • vpc_id (String)

Returns:

  • (Boolean) 


206
207
208
209
210
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 206

def aws_dns_supported?(vpc_id)
  vpc = ec2.vpc(vpc_id)
  response = vpc.describe_attribute(attribute: 'enableDnsSupport')
  response.enable_dns_support
end

#create_security_group(name, vpc_id) ⇒ Aws::EC2::SecurityGroup

creates security_group and authorizes default port ranges

Parameters:

  • name (String)
  • vpc_id (String)

Returns:

  • (Aws::EC2::SecurityGroup) 


117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 117

def create_security_group(name, vpc_id)
  sg = ec2.create_security_group(
    group_name: name,
    description: 'Central Stack',
    vpc_id: vpc_id)
  sg.create_tags(tags: [
                   { key: 'Name', value: name }
                 ])
  sg.authorize_ingress( # SSHD
    ip_protocol: 'tcp',
    from_port: 22,
    to_port: 22,
    cidr_ip: '24.7.32.100/32')
  sg.authorize_ingress( # HTTPS
    ip_protocol: 'tcp',
    from_port: 443,
    to_port: 443,
    cidr_ip: '24.7.32.100/32')
  sg.authorize_ingress( # OAUTH
    ip_protocol: 'tcp',
    from_port: 5000,
    to_port: 5000,
    cidr_ip: '24.7.32.100/32')
  sg.authorize_ingress( # OpenVPN
    ip_protocol: 'udp',
    from_port: 1194,
    to_port: 1194,
    cidr_ip: '0.0.0.0/0')
  sg.authorize_ingress( # Overlay / Weave network
    ip_permissions: [
      {
        from_port: 6783,
        to_port: 6783,
        ip_protocol: 'tcp',
        user_id_group_pairs: [
          {
            group_id: sg.group_id,
            vpc_id: vpc_id
          }
        ]
      },
      {
        from_port: 6783,
        to_port: 6784,
        ip_protocol: 'udp',
        user_id_group_pairs: [
          {
            group_id: sg.group_id,
            vpc_id: vpc_id
          }
        ]
      }
    ]
  )
  sg
end

#ensure_security_group(stack, vpc_id) ⇒ Aws::EC2::SecurityGroup

Parameters:

  • stack (String)

Returns:

  • (Aws::EC2::SecurityGroup) 


90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 90

def ensure_security_group(stack, vpc_id)
  group_name = "central_stack_#{stack}"
  sg = ec2.security_groups(
    filters: [
      {
        name: 'group-name',
        values: [group_name]
      },
      {
        name: 'vpc-id',
        values: [vpc_id]
      }
    ]
  ).first
  unless sg
    ShellSpinner 'Creating AWS security group' do
      sg = create_security_group(group_name, vpc_id)
    end
  end
  sg
end

#erb(template, vars) ⇒ Object 



192
193
194
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 192

def erb(template, vars)
  ERB.new(template).result(OpenStruct.new(vars).instance_eval { binding })
end

#generate_nameObject 



184
185
186
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 184

def generate_name
  "#{super}-#{rand(1..99)}"
end

#instance_exists_in_stack?(stack, name) ⇒ Boolean

Returns:

  • (Boolean) 


188
189
190
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 188

def instance_exists_in_stack?(stack, name)
  api_client.get("stacks/#{stack}/nodes")['nodes'].find { |n| n['name'] == name }
end

#regionString

Returns:

  • (String) 


175
176
177
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 175

def region
  ec2.client.config.region
end

#run!(opts) ⇒ Object

Parameters:

  • opts (Hash) 


29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 29

def run!(opts)
  ami = resolve_ami(region)
  abort('No valid AMI found for region') unless ami

  opts[:vpc] = default_vpc.vpc_id unless opts[:vpc]

  security_group = ensure_security_group(opts[:stack], opts[:vpc])
  name = opts[:name] || generate_name

  subnet = if opts[:subnet].nil?
             default_subnet(opts[:vpc], region + opts[:zone])
           else
             ec2.subnet(opts[:subnet])
           end
  dns_server = aws_dns_supported?(opts[:vpc]) ? '169.254.169.253' : '8.8.8.8'
  userdata_vars = {
    name: name,
    version: opts[:version],
    master_uri: opts[:master_uri],
    stack_token: opts[:stack_token],
    dns_server: dns_server
  }

  ec2_instance = ec2.create_instances(
    image_id: ami,
    min_count: 1,
    max_count: 1,
    instance_type: opts[:type],
    security_group_ids: [security_group.group_id],
    key_name: opts[:key_pair],
    subnet_id: subnet.subnet_id,
    user_data: Base64.encode64(user_data(userdata_vars)),
    block_device_mappings: [
      {
        device_name: '/dev/xvda',
        virtual_name: 'Root',
        ebs: {
          volume_size: opts[:storage],
          volume_type: 'gp2'
        }
      }
    ]
  ).first
  ec2_instance.create_tags(tags: [
                             { key: 'Name', value: name },
                             { key: 'central_stack', value: opts[:stack] }
                           ])

  ShellSpinner "Creating AWS instance #{name.colorize(:cyan)} " do
    sleep 5 until ec2_instance.reload.state.name == 'running'
  end
  node = nil
  ShellSpinner "Waiting for node #{name.colorize(:cyan)} join to stack #{opts[:stack].colorize(:cyan)} " do
    sleep 2 until node = instance_exists_in_stack?(opts[:stack], name)
  end
  labels = ["region=#{region}", "az=#{opts[:zone]}"]
  set_labels(node, labels)
end

#set_labels(node, labels) ⇒ Object

Parameters:

  • node (Hash)
  • labels (Array<String>) 


198
199
200
201
202
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 198

def set_labels(node, labels)
  data = {}
  data[:labels] = labels
  api_client.put("nodes/#{node['id']}", data, {}, 'Central-Stack-Token' => node['stack']['token'])
end

#user_data(vars) ⇒ Object 



179
180
181
182
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 179

def user_data(vars)
  cloudinit_template = File.join(__dir__, '/cloudinit.yml')
  erb(File.read(cloudinit_template), vars)
end