Class: Central::Machine::Aws::NodeProvisioner

Inherits:
Object
  • Object
show all
Includes:
Common, RandomName
Defined in:
lib/central/machine/aws/node_provisioner.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Common

#default_subnet, #default_vpc, #resolve_ami

Constructor Details

#initialize(api_client, access_key_id, secret_key, region) ⇒ NodeProvisioner 



20
21
22
23
24
25
26
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 20

def initialize(api_client, access_key_id, secret_key, region)
  @api_client = api_client
  @ec2 = ::Aws::EC2::Resource.new(
    region: region,
    credentials: ::Aws::Credentials.new(access_key_id, secret_key)
  )
end

Instance Attribute Details

#api_clientObject (readonly)

Returns the value of attribute api_client.



14
15
16
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 14

def api_client
  @api_client
end

#ec2Object (readonly)

Returns the value of attribute ec2.



14
15
16
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 14

def ec2
  @ec2
end

Instance Method Details

#aws_dns_supported?(vpc_id) ⇒ Boolean 



206
207
208
209
210
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 206

def aws_dns_supported?(vpc_id)
  vpc = ec2.vpc(vpc_id)
  response = vpc.describe_attribute(attribute: 'enableDnsSupport')
  response.enable_dns_support
end

#create_security_group(name, vpc_id) ⇒ Aws::EC2::SecurityGroup

creates security_group and authorizes default port ranges



117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 117

def create_security_group(name, vpc_id)
  sg = ec2.create_security_group(
    group_name: name,
    description: 'Central Stack',
    vpc_id: vpc_id)
  sg.create_tags(tags: [
                   { key: 'Name', value: name }
                 ])
  sg.authorize_ingress( # SSHD
    ip_protocol: 'tcp',
    from_port: 22,
    to_port: 22,
    cidr_ip: '24.7.32.100/32')
  sg.authorize_ingress( # HTTPS
    ip_protocol: 'tcp',
    from_port: 443,
    to_port: 443,
    cidr_ip: '24.7.32.100/32')
  sg.authorize_ingress( # OAUTH
    ip_protocol: 'tcp',
    from_port: 5000,
    to_port: 5000,
    cidr_ip: '24.7.32.100/32')
  sg.authorize_ingress( # OpenVPN
    ip_protocol: 'udp',
    from_port: 1194,
    to_port: 1194,
    cidr_ip: '0.0.0.0/0')
  sg.authorize_ingress( # Overlay / Weave network
    ip_permissions: [
      {
        from_port: 6783,
        to_port: 6783,
        ip_protocol: 'tcp',
        user_id_group_pairs: [
          {
            group_id: sg.group_id,
            vpc_id: vpc_id
          }
        ]
      },
      {
        from_port: 6783,
        to_port: 6784,
        ip_protocol: 'udp',
        user_id_group_pairs: [
          {
            group_id: sg.group_id,
            vpc_id: vpc_id
          }
        ]
      }
    ]
  )
  sg
end

#ensure_security_group(stack, vpc_id) ⇒ Aws::EC2::SecurityGroup 



90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 90

def ensure_security_group(stack, vpc_id)
  group_name = "central_stack_#{stack}"
  sg = ec2.security_groups(
    filters: [
      {
        name: 'group-name',
        values: [group_name]
      },
      {
        name: 'vpc-id',
        values: [vpc_id]
      }
    ]
  ).first
  unless sg
    ShellSpinner 'Creating AWS security group' do
      sg = create_security_group(group_name, vpc_id)
    end
  end
  sg
end

#erb(template, vars) ⇒ Object 



192
193
194
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 192

def erb(template, vars)
  ERB.new(template).result(OpenStruct.new(vars).instance_eval { binding })
end

#generate_nameObject 



184
185
186
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 184

def generate_name
  "#{super}-#{rand(1..99)}"
end

#instance_exists_in_stack?(stack, name) ⇒ Boolean 



188
189
190
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 188

def instance_exists_in_stack?(stack, name)
  api_client.get("stacks/#{stack}/nodes")['nodes'].find { |n| n['name'] == name }
end

#regionString 



175
176
177
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 175

def region
  ec2.client.config.region
end

#run!(opts) ⇒ Object 



29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 29

def run!(opts)
  ami = resolve_ami(region)
  abort('No valid AMI found for region') unless ami

  opts[:vpc] = default_vpc.vpc_id unless opts[:vpc]

  security_group = ensure_security_group(opts[:stack], opts[:vpc])
  name = opts[:name] || generate_name

  subnet = if opts[:subnet].nil?
             default_subnet(opts[:vpc], region + opts[:zone])
           else
             ec2.subnet(opts[:subnet])
           end
  dns_server = aws_dns_supported?(opts[:vpc]) ? '169.254.169.253' : '8.8.8.8'
  userdata_vars = {
    name: name,
    version: opts[:version],
    master_uri: opts[:master_uri],
    stack_token: opts[:stack_token],
    dns_server: dns_server
  }

  ec2_instance = ec2.create_instances(
    image_id: ami,
    min_count: 1,
    max_count: 1,
    instance_type: opts[:type],
    security_group_ids: [security_group.group_id],
    key_name: opts[:key_pair],
    subnet_id: subnet.subnet_id,
    user_data: Base64.encode64(user_data(userdata_vars)),
    block_device_mappings: [
      {
        device_name: '/dev/xvda',
        virtual_name: 'Root',
        ebs: {
          volume_size: opts[:storage],
          volume_type: 'gp2'
        }
      }
    ]
  ).first
  ec2_instance.create_tags(tags: [
                             { key: 'Name', value: name },
                             { key: 'central_stack', value: opts[:stack] }
                           ])

  ShellSpinner "Creating AWS instance #{name.colorize(:cyan)} " do
    sleep 5 until ec2_instance.reload.state.name == 'running'
  end
  node = nil
  ShellSpinner "Waiting for node #{name.colorize(:cyan)} join to stack #{opts[:stack].colorize(:cyan)} " do
    sleep 2 until node = instance_exists_in_stack?(opts[:stack], name)
  end
  labels = ["region=#{region}", "az=#{opts[:zone]}"]
  set_labels(node, labels)
end

#set_labels(node, labels) ⇒ Object 



198
199
200
201
202
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 198

def set_labels(node, labels)
  data = {}
  data[:labels] = labels
  api_client.put("nodes/#{node['id']}", data, {}, 'Central-Stack-Token' => node['stack']['token'])
end

#user_data(vars) ⇒ Object 



179
180
181
182
 
# File 'lib/central/machine/aws/node_provisioner.rb', line 179

def user_data(vars)
  cloudinit_template = File.join(__dir__, '/cloudinit.yml')
  erb(File.read(cloudinit_template), vars)
end