cfn_manage 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 6e4f78a5035f0689fbfc63085368bd1614fe61bc
+  data.tar.gz: 155ff3f1c89b73db2412761cc95e6924a7c6be53
+SHA512:
+  metadata.gz: b64b4a25627848983eea551310e6c7dc5fb6075dc66e3e41731683b78f86bc60909ef15d21662115df876864e63bfa812b57688a734f93ccd7e3e6d42bf052f1
+  data.tar.gz: 5e403600572982b4c5d92e48cba19329ce500655727cfe521770cd3a6204e7ce24579cce71d996803a66fb014ca2686e9728d5283e65ff3a888222909ccc34f7

data/bin/cfn_manage

@@ -0,0 +1,2 @@
+#!/usr/bin/env ruby
+require_relative('./cfn_manage')

data/bin/cfn_manage.rb

@@ -0,0 +1,95 @@
+require 'optparse'
+require_relative '../lib/cf_common'
+require_relative '../lib/cf_start_stop_environment'
+require 'logger'
+
+# exit with usage information
+def print_usage_exit(code)
+  STDERR.puts(File.open("#{File.expand_path(File.dirname(__FILE__))}/usage.txt").read)
+  exit code
+end
+
+# global options
+$options = {}
+$options['SOURCE_BUCKET'] = ENV['SOURCE_BUCKET']
+$options['AWS_ASSUME_ROLE'] = ENV['AWS_ASSUME_ROLE']
+
+# global logger
+$log = Logger.new(STDOUT)
+
+# always flush output
+STDOUT.sync = true
+
+# parse command line options
+OptionParser.new do |opts|
+
+  opts.banner = 'Usage: cfn_manage [command] [options]'
+
+  opts.on('--source-bucket [BUCKET]') do |bucket|
+    $options['SOURCE_BUCKET'] = bucket
+    ENV['SOURCE_BUCKET'] = bucket
+  end
+
+  opts.on('--aws-role [ROLE]') do |role|
+    ENV['AWS_ASSUME_ROLE'] = role
+  end
+
+  opts.on('--stack-name [STACK_NAME]') do |stack|
+    $options['STACK'] = stack
+  end
+
+  opts.on('--asg-name [ASG]') do |asg|
+    $options['ASG'] = asg
+  end
+
+  opts.on('--rds-instance-id [RDS_INSTANCE_ID]') do |asg|
+    $options['RDS_INSTANCE_ID'] = asg
+  end
+
+  opts.on('--stack-name [STACK_NAME]') do |asg|
+    $options['STACK_NAME'] = asg
+  end
+
+  opts.on('-r [AWS_REGION]', '--region [AWS_REGION]') do |region|
+    ENV['AWS_REGION'] = region
+  end
+
+  opts.on('-p [AWS_PROFILE]', '--profile [AWS_PROFILE]') do |profile|
+    ENV['CFN_AWS_PROFILE'] = profile
+  end
+
+  opts.on('--dry-run') do
+    ENV['DRY_RUN'] = '1'
+  end
+
+end.parse!
+
+command = ARGV[0]
+
+if command.nil?
+  print_usage_exit(-1)
+end
+
+# execute action based on command
+case command
+  when 'help'
+    print_usage_exit(0)
+  # asg commands
+  when 'stop-asg'
+    Base2::CloudFormation::EnvironmentRunStop.new().start_stop_asg('stop', $options['ASG'])
+  when 'start-asg'
+    Base2::CloudFormation::EnvironmentRunStop.new().start_stop_asg('start', $options['ASG'])
+
+  # rds commands
+  when 'stop-rds'
+    Base2::CloudFormation::EnvironmentRunStop.new().start_stop_rds('stop', $options['RDS_INSTANCE_ID'])
+  when 'start-rds'
+    Base2::CloudFormation::EnvironmentRunStop.new().start_stop_rds('start', $options['RDS_INSTANCE_ID'])
+
+  # stack commands
+  # rds commands
+  when 'stop-environment'
+    Base2::CloudFormation::EnvironmentRunStop.new().stop_environment($options['STACK_NAME'])
+  when 'start-environment'
+    Base2::CloudFormation::EnvironmentRunStop.new().start_environment($options['STACK_NAME'])
+end

data/bin/usage.txt

@@ -0,0 +1,42 @@
+Usage: cfn_manage [command] [options]
+
+Commands:
+
+cfn_manage stop-environment --stack-name [STACK_NAME]
+
+cfn_manage start-environment --stack-name [STACK_NAME]
+
+cfn_manage stop-asg --asg-name [ASG]
+
+cfn_manage start-asg --asg-name [ASG]
+
+cfn_manage stop-rds --rds-instance-id [RDS_INSTANCE_ID]
+
+cfn_manage start-rds --rds-instance-id [RDS_INSTANCE_ID]
+
+
+General options
+
+--source-bucket [BUCKET]
+
+    Pucket used to store / pull information from
+
+--aws-role [ROLE_ARN]
+
+    AWS Role to assume when performing operations. Any reads and
+    write to source bucket will be performed outside of this role
+
+
+-r [AWS_REGION], --region [AWS_REGION]
+
+    AWS Region to use when making API calls
+
+-p [AWS_PROFILE], --profile [AWS_PROFILE]
+
+    AWS Shared profile to use when making API calls
+
+--dry-run
+
+    Applicable only to [start|stop-environment] commands. If dry run is enabled
+    info about assets being started / stopped will ne only printed to standard output,
+    without any action taken.

data/lib/aws_credentials.rb

@@ -0,0 +1,36 @@
+require 'aws-sdk'
+
+module Base2
+
+  class AWSCredentials
+
+    def self.get_session_credentials(session_name)
+
+      #check if AWS_ASSUME_ROLE exists
+      session_name =  "#{session_name.gsub('_','-')}-#{Time.now.getutc.to_i}"
+      if session_name.length > 64
+        session_name = session_name[-64..-1]
+      end
+      assume_role = ENV['AWS_ASSUME_ROLE'] or nil
+      if not assume_role.nil?
+        return Aws::AssumeRoleCredentials.new(
+            role_arn: assume_role,
+            role_session_name: session_name
+        )
+      end
+
+      # check if explicitly set shared credentials profile
+      if ENV.key?('CFN_AWS_PROFILE')
+        return Aws::SharedCredentials.new(profile_name: ENV['CFN_AWS_PROFILE'])
+      end
+
+      # check if Instance Profile available
+      credentials = Aws::InstanceProfileCredentials.new(retries: 2, http_open_timeout:1)
+      return credentials unless credentials.credentials.access_key_id.nil?
+
+      # use default profile
+      return Aws::SharedCredentials.new()
+
+    end
+  end
+end

data/lib/cf_common.rb

@@ -0,0 +1,27 @@
+module Base2
+
+  module CloudFormation
+
+    class Common
+
+      def self.visit_stack(cf_client, stack_name, handler, visit_substacks)
+        stack_resources = cf_client.describe_stack_resources(stack_name: stack_name)
+        stack = cf_client.describe_stacks(stack_name: stack_name)
+
+        # call traverse handler for parent stack
+        handler.call(stack['stacks'][0].stack_name)
+
+        # do not traverse unless instructed
+        return unless visit_substacks
+
+        stack_resources['stack_resources'].each do |resource|
+          # test if resource us substack
+          unless (resource['physical_resource_id'] =~ /arn:aws:cloudformation:(.*):stack\/(.*)/).nil?
+            # call recursively
+            self.visit_stack(cf_client, resource['physical_resource_id'], handler, visit_substacks)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/cf_progress_tracker.rb

@@ -0,0 +1,55 @@
+require 'aws-sdk'
+require_relative './cf_common'
+
+module Base2
+  module CloudFormation
+    class ProgressTracker
+      @cf_client = nil
+      @stack_name = nil
+      @last_event_times = {}
+      @period_from = nil
+
+      @@default_ending_states = %w[
+        CREATE_COMPLETE
+        UPDATE_COMPLETE
+        UPDATE_ROLLBACK_COMPLETE
+        ROLLBACK_FAILED
+        DELETE_FAILED
+      ]
+
+      @@default_display_state = %w[
+          CREATE_COMPLETE
+          UPDATE_COMPLETE
+      ]
+
+      @ending_states = nil
+
+      def initialize(stack_name, period_from, creds = nil, region = nil)
+        client_params = {}
+        client_params['region'] = region unless region.nil?
+        client_params['credentials'] = creds unless creds.nil?
+        @cf_client = Aws::CloudFormation::Client.new(client_params)
+        @stack_name = stack_name
+        @ending_statest = @@default_ending_states
+        @period_from = period_from
+      end
+
+       
+      def track_single_stack(stack)
+        stack_id = stack['stack_id']
+        # Default to period_from if first run, take from last run otherwise
+        event_from = last_event_times[stack_id] if @last_event_times.key?(stack_id)
+        event_from = @period_from unless @last_event_times.key?(stack_id)
+        
+
+        stack_resources = @cf_client.describe_stack_events(stack_name: stack['stack_id'],)
+        
+        
+      end
+
+      def track_progress(_show_only_failures = false)
+        Common.visit_stack(@cf_client, @stack_name, method(:track_single_stack),true)
+      end
+    end
+  end
+end

data/lib/cf_start_stop_environment.rb

@@ -0,0 +1,357 @@
+require 'aws-sdk'
+require_relative '../lib/cf_common'
+require_relative '../lib/aws_credentials'
+require 'json'
+require 'yaml'
+
+module Base2
+  module CloudFormation
+    class EnvironmentRunStop
+
+      @cf_client = nil
+      @stack_name = nil
+      @s3_client = nil
+      @s3_bucket = nil
+      @credentials = nil
+      @dry_run = false
+      @@supported_start_stop_resources = {
+          'AWS::AutoScaling::AutoScalingGroup' => 'start_stop_asg',
+          'AWS::RDS::DBInstance' => 'start_stop_rds',
+          'AWS::EC2::Instance' => 'start_stop_ec2'
+      }
+
+      @@resource_start_priorities = {
+          'AWS::RDS::DBInstance' => '100',
+          'AWS::AutoScaling::AutoScalingGroup' => '200',
+          'AWS::EC2::Instance' => '200'
+      }
+
+      @environment_resources = nil
+
+      def initialize()
+        @environment_resources = []
+        @s3_client = Aws::S3::Client.new()
+        @s3_bucket = ENV['SOURCE_BUCKET']
+        @cf_client = Aws::CloudFormation::Client.new()
+        @credentials = Base2::AWSCredentials.get_session_credentials('start_stop_environment')
+        if not @credentials.nil?
+          @cf_client =  Aws::CloudFormation::Client.new(credentials: @credentials)
+        end
+        @dry_run = ENV.key?('DRY_RUN') and ENV['DRY_RUN'] == '1'
+      end
+
+
+      def start_environment(stack_name)
+        $log.info("Starting environment #{stack_name}")
+        Common.visit_stack(@cf_client, stack_name, method(:collect_resources), true)
+        do_start_assets
+        configuration = {stack_running: true}
+        save_item_configuration("environment-data/stack-data/#{stack_name}", configuration) unless @dry_run
+        $log.info("Environment #{stack_name} started")
+      end
+
+
+      def stop_environment(stack_name)
+        $log.info("Stopping environment #{stack_name}")
+        Common.visit_stack(@cf_client, stack_name, method(:collect_resources), true)
+        do_stop_assets
+        configuration = {stack_running: false}
+        save_item_configuration("environment-data/stack-data/#{stack_name}", configuration) unless @dry_run
+        $log.info("Environment #{stack_name} stopped")
+      end
+
+
+      def do_stop_assets
+        # sort start resource by priority
+        @environment_resources = @environment_resources.sort_by { |k| k[:priority]}.reverse
+
+        @environment_resources.each do |resource|
+          $log.info("Stopping resource #{resource[:id]}")
+          # just print out information if running a dry run, otherwise start assets
+          if not @dry_run
+            eval "self.#{resource[:method]}('stop','#{resource[:id]}')"
+          else
+            $log.info("Dry run enabled, skipping stop start\nFollowing resource would be stopped: #{resource[:id]}")
+            $log.debug("Resource type: #{resource[:type]}\n\n")
+          end
+        end
+      end
+
+
+      def do_start_assets
+        # sort start resource by priority
+        @environment_resources = @environment_resources.sort_by { |k| k[:priority]}
+
+        @environment_resources.each do |resource|
+          $log.info("Starting resource #{resource[:id]}")
+          # just print out information if running a dry run, otherwise start assets
+          if not @dry_run
+            eval "self.#{resource[:method]}('start','#{resource[:id]}')"
+          else
+            $log.info("Dry run enabled, skipping actual start\nFollowing resource would be started: #{resource[:id]}")
+            $log.debug("Resource type: #{resource[:type]}\n\n")
+          end
+        end
+      end
+
+      def collect_resources(stack_name)
+        resrouces = @cf_client.describe_stack_resources(stack_name: stack_name)
+        resrouces['stack_resources'].each do |resource|
+          if @@supported_start_stop_resources.key?(resource['resource_type'])
+            method_name = @@supported_start_stop_resources[resource['resource_type']]
+            resource_id = resource['physical_resource_id']
+
+            @environment_resources << {
+                id: resource_id,
+                priority: @@resource_start_priorities[resource['resource_type']],
+                method: method_name,
+                type: resource['resource_type']
+            }
+          end
+        end
+      end
+
+      def start_stop_ec2(cmd, instance_id)
+        credentials = Base2::AWSCredentials.get_session_credentials("stoprun_#{instance_id}")
+        ec2_client = Aws::EC2::Client.new(credentials: credentials)
+
+        begin
+          instance = Aws::EC2::Resource.new(client: ec2_client).instance(instance_id)
+
+          if cmd == 'stop'
+            if %w(stopped stopping).include?(instance.state.name)
+              $log.info("Instance #{instance_id} already stopping or stopped")
+              return
+            end
+            $log.info("Stopping instance #{instance_id}")
+            instance.stop()
+          end
+
+          if cmd == 'start'
+            if %w(running).include?(instance.state.name)
+              $log.info("Instance #{instance_id} already running")
+              return
+            end
+            $log.info("Starting instance #{instance_id}")
+            instance.start()
+          end
+        rescue => e
+          $log.error("Failed execution #{cmd} on instance #{instance_id}:\n#{e}")
+        end
+
+      end
+
+      def start_stop_asg(cmd, asg_name)
+
+        # read asg data
+        credentials = Base2::AWSCredentials.get_session_credentials("stopasg_#{asg_name}")
+        asg_client = Aws::AutoScaling::Client.new()
+        if credentials != nil
+          asg_client = Aws::AutoScaling::Client.new(credentials: credentials)
+        end
+
+        asg_details = asg_client.describe_auto_scaling_groups(
+            auto_scaling_group_names: [asg_name]
+        )
+        if asg_details.auto_scaling_groups.size() == 0
+          raise "Couldn't find ASG #{asg_name}"
+        end
+        asg = asg_details.auto_scaling_groups[0]
+        s3_prefix = "environment-data/asg-data/#{asg_name}"
+        case cmd
+          when 'start'
+
+            # retrieve asg params from s3
+            configuration = self.get_object_configuration(s3_prefix)
+            if configuration.nil?
+              $log.warn("No configuration found for #{asg_name}, skipping..")
+              return
+            end
+            $log.info("Starting ASG #{asg_name} with following configuration\n#{configuration}")
+
+            # restore asg sizes
+            asg_client.update_auto_scaling_group({
+                auto_scaling_group_name: asg_name,
+                min_size: configuration['min_size'],
+                max_size: configuration['max_size'],
+                desired_capacity: configuration['desired_capacity']
+            })
+
+          when 'stop'
+            # check if already stopped
+            if asg.min_size == asg.max_size and asg.max_size == asg.desired_capacity and asg.min_size == 0
+              $log.info("ASG #{asg_name} already stopped")
+            else
+              # store asg configuration to S3
+              configuration = {
+                  desired_capacity: asg.desired_capacity,
+                  min_size: asg.min_size,
+                  max_size: asg.max_size
+              }
+              self.save_item_configuration(s3_prefix, configuration)
+
+              $log.info("Setting desired capacity to 0/0/0 for ASG #{asg_name}")
+              # set asg configuration to 0/0/0
+              asg_client.update_auto_scaling_group({
+                  auto_scaling_group_name: asg_name,
+                  min_size: 0,
+                  max_size: 0,
+                  desired_capacity: 0
+              })
+            end
+          # TODO wait for operation to complete (optionally)
+        end
+
+
+      end
+
+      def start_stop_rds(cmd, instance_id)
+        credentials = Base2::AWSCredentials.get_session_credentials("startstoprds_#{instance_id}")
+        rds_client = Aws::RDS::Client.new()
+        if credentials != nil
+          rds_client = Aws::RDS::Client.new(credentials: credentials)
+        end
+        rds = Aws::RDS::Resource.new(client: rds_client)
+        rds_instance = rds.db_instance(instance_id)
+        s3_prefix = "environment-data/rds-data/#{instance_id}"
+        case cmd
+          when 'start'
+            if rds_instance.db_instance_status == 'available'
+              $log.info("RDS Instance #{instance_id} is already in available state")
+              return
+            end
+
+            #retrieve multi-az data from S3
+            configuration = get_object_configuration(s3_prefix)
+            if configuration.nil?
+              $log.warning("No configuration found for #{rds_instance}, skipping..")
+              return
+            end
+
+            # start rds instance
+            if rds_instance.db_instance_status == 'stopped'
+              $log.info("Starting db instance #{instance_id}")
+              rds_client.start_db_instance({ db_instance_identifier: instance_id })
+
+              # wait instance to become available
+              $log.info("Waiting db instance to become available #{instance_id}")
+              wait_rds_instance_states(rds_client, instance_id, %w(starting available))
+            else
+              wait_rds_instance_states(rds_client, instance_id, %w(available))
+            end
+
+            # convert rds instance to mutli-az if required
+            if configuration['is_multi_az']
+              $log.info("Converting to Multi-AZ instance after start (instance #{instance_id})")
+              set_rds_instance_multi_az(rds_instance, true)
+            end
+
+          when 'stop'
+            # store mutli-az data to S3
+            if rds_instance.db_instance_status != 'available'
+              $log.warn("RDS Instance #{instance_id} not in available state, and thus can not be stopped")
+              $log.warn("RDS Instance #{instance_id} state: #{rds_instance.db_instance_status}")
+              return
+            end
+
+            if rds_instance.db_instance_status == 'stopped'
+              $log.info("RDS Instance #{instance_id} is already stopped")
+              return
+            end
+
+            configuration = {
+                is_multi_az: rds_instance.multi_az
+            }
+            save_item_configuration(s3_prefix, configuration)
+
+            #check if mutli-az RDS. if so, convert to single-az
+            if rds_instance.multi_az
+              $log.info("Converting to Non-Multi-AZ instance before stop (instance #{instance_id}")
+              set_rds_instance_multi_az(rds_instance, false)
+            end
+
+            # stop rds instance and wait for it to be fully stopped
+            $log.info("Stopping instance #{instance_id}")
+            rds_client.stop_db_instance({ db_instance_identifier: instance_id })
+            $log.info("Waiting db instance to be stopped #{instance_id}")
+            wait_rds_instance_states(rds_client, instance_id, %w(stopping stopped))
+        end
+      end
+
+      def set_rds_instance_multi_az(rds_instance, multi_az)
+        if rds_instance.multi_az == multi_az
+          $log.info("Rds instance #{rds_instance.db_instance_identifier} already multi-az=#{multi_az}")
+          return
+        end
+        rds_instance.modify({ multi_az: multi_az, apply_immediately: true })
+        # allow half an hour for instance to be converted
+        wait_states = %w(modifying available)
+        wait_rds_instance_states(rds_instance, wait_states)
+      end
+
+      def wait_rds_instance_states(client, rds_instance_id, wait_states)
+        wait_states.each do |state|
+          # reached state must be steady, at least a minute. Modifying an instance to/from MultiAZ can't be shorter
+          # than 40 seconds, hence steady count is 4
+          state_count = 0
+          steady_count = 4
+          attempts = 0
+          rds = Aws::RDS::Resource.new(client: client)
+          until attempts == (max_attempts = 60*6) do
+            instance = rds.db_instance(rds_instance_id)
+            $log.info("Instance #{instance.db_instance_identifier} state: #{instance.db_instance_status}, waiting for #{state}")
+
+            if instance.db_instance_status == "#{state}"
+              state_count = state_count + 1
+              $log.info("#{state_count}/#{steady_count}")
+            else
+              state_count = 0
+            end
+            break if state_count == steady_count
+            attempts = attempts + 1
+            sleep(15)
+          end
+
+          if attempts == max_attempts
+            $log.error("RDS Database Instance #{rds_instance_id} did not enter #{state} state, however continuing operations...")
+          end
+
+        end
+      end
+
+
+      def get_object_configuration(s3_prefix)
+        configuration = nil
+        begin
+          key = "#{s3_prefix}/latest/config.json"
+          $log.info("Reading object configuration from s3://#{@s3_bucket}/#{key}")
+
+          # fetch and deserialize and s3 object
+          configuration = JSON.parse(@s3_client.get_object(bucket: @s3_bucket, key: key).body.read)
+
+          $log.info("Configuration:#{configuration}")
+        rescue Aws::S3::Errors::NoSuchKey
+          $log.warn("Could not find configuration at s3://#{@s3_bucket}/#{key}")
+        end
+        configuration
+      end
+
+      def save_item_configuration(s3_prefix, configuration)
+        # save latest configuration, and one time-based versioned
+        s3_keys = [
+            "#{s3_prefix}/latest/config.json",
+            "#{s3_prefix}/#{Time.now.getutc.to_i}/config.json"
+        ]
+        s3_keys.each do |key|
+          $log.info("Saving configuration to #{@s3_bucket}/#{key}\n#{configuration}")
+          $log.info(configuration.to_yaml)
+          @s3_client.put_object({
+              bucket: @s3_bucket,
+              key: key,
+              body: JSON.pretty_generate(configuration)
+          })
+        end
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,72 @@
+--- !ruby/object:Gem::Specification
+name: cfn_manage
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Base2Services
+- Nikola Tosic
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-09-26 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: aws-sdk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4'
+description: ''
+email: info@base2services.com
+executables:
+- cfn_manage
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/cfn_manage
+- bin/cfn_manage.rb
+- bin/usage.txt
+- lib/aws_credentials.rb
+- lib/cf_common.rb
+- lib/cf_progress_tracker.rb
+- lib/cf_start_stop_environment.rb
+homepage: http://rubygems.org/gems/cfn_manage
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.12
+signing_key: 
+specification_version: 4
+summary: Manage Cloud Formation stacks
+test_files: []