Add SecurityGroups to make is easier to use EIP

Signed-off-by: Angus Salkeld <asalkeld@redhat.com>
This commit is contained in:
Angus Salkeld 2012-04-13 15:26:09 +10:00
parent 4d7e2721ea
commit 0ee8db4459
3 changed files with 62 additions and 0 deletions

View File

@ -70,6 +70,8 @@ class Stack(object):
self.resources[r] = resources.ElasticIp(r, self.t['Resources'][r], self)
elif type == 'AWS::EC2::EIPAssociation':
self.resources[r] = resources.ElasticIpAssociation(r, self.t['Resources'][r], self)
elif type == 'AWS::EC2::SecurityGroup':
self.resources[r] = resources.SecurityGroup(r, self.t['Resources'][r], self)
else:
self.resources[r] = resources.GenericResource(r, self.t['Resources'][r], self)

View File

@ -140,6 +140,54 @@ class GenericResource(Resource):
super(GenericResource, self).create()
print 'creating GenericResource %s' % self.name
class SecurityGroup(Resource):
def __init__(self, name, json_snippet, stack):
super(SecurityGroup, self).__init__(name, json_snippet, stack)
self.instance_id = ''
if self.t['Properties'].has_key('GroupDescription'):
self.description = self.t['Properties']['GroupDescription']
else:
self.description = ''
def create(self):
if self.state != None:
return
self.state_set(self.CREATE_IN_PROGRESS)
Resource.create(self)
sec = self.nova().security_groups.create(self.name, self.description)
self.instance_id = sec.id
if self.t['Properties'].has_key('SecurityGroupIngress'):
for i in self.t['Properties']['SecurityGroupIngress']:
rule = self.nova().security_group_rules.create(sec.id,
i['IpProtocol'],
i['FromPort'],
i['ToPort'],
i['CidrIp'])
def delete(self):
if self.state == self.DELETE_IN_PROGRESS or self.state == self.DELETE_COMPLETE:
return
self.state_set(self.DELETE_IN_PROGRESS)
Resource.delete(self)
if self.instance_id != None:
sec = self.nova().security_groups.get(self.instance_id)
for rule in sec.rules:
self.nova().security_group_rules.delete(rule['id'])
self.nova().security_groups.delete(sec)
self.instance_id = None
self.state_set(self.DELETE_COMPLETE)
def FnGetRefId(self):
return unicode(self.name)
class ElasticIp(Resource):
def __init__(self, name, json_snippet, stack):

View File

@ -132,6 +132,7 @@
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
"InstanceType" : { "Ref" : "InstanceType" },
"KeyName" : { "Ref" : "KeyName" },
"SecurityGroups" : [ {"Ref" : "WebServerSecurityGroup"} ],
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash -v\n",
"# Setup MySQL root password and create a user\n",
@ -148,6 +149,17 @@
"cp /usr/share/wordpress/wp-config.php /usr/share/wordpress/wp-config.orig\n"
]]}}
}
},
"WebServerSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable HTTP access via port 80 plus SSH access",
"SecurityGroupIngress" : [
{"IpProtocol" : "icmp", "FromPort" : "-1", "ToPort" : "-1", "CidrIp" : "0.0.0.0/0"},
{"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0"},
{"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0"}
]
}
}
},