cloud-mu 3.1.2 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Dockerfile +15 -3
- data/ansible/roles/mu-windows/README.md +33 -0
- data/ansible/roles/mu-windows/defaults/main.yml +2 -0
- data/ansible/roles/mu-windows/files/LaunchConfig.json +9 -0
- data/ansible/roles/mu-windows/files/config.xml +76 -0
- data/ansible/roles/mu-windows/handlers/main.yml +2 -0
- data/ansible/roles/mu-windows/meta/main.yml +53 -0
- data/ansible/roles/mu-windows/tasks/main.yml +36 -0
- data/ansible/roles/mu-windows/tests/inventory +2 -0
- data/ansible/roles/mu-windows/tests/test.yml +5 -0
- data/ansible/roles/mu-windows/vars/main.yml +2 -0
- data/bin/mu-adopt +10 -13
- data/bin/mu-azure-tests +57 -0
- data/bin/mu-cleanup +2 -4
- data/bin/mu-configure +52 -0
- data/bin/mu-deploy +3 -3
- data/bin/mu-findstray-tests +25 -0
- data/bin/mu-gen-docs +2 -4
- data/bin/mu-load-config.rb +2 -3
- data/bin/mu-node-manage +15 -16
- data/bin/mu-run-tests +135 -37
- data/cloud-mu.gemspec +22 -20
- data/cookbooks/mu-activedirectory/resources/domain.rb +4 -4
- data/cookbooks/mu-activedirectory/resources/domain_controller.rb +4 -4
- data/cookbooks/mu-tools/libraries/helper.rb +3 -2
- data/cookbooks/mu-tools/libraries/monkey.rb +35 -0
- data/cookbooks/mu-tools/recipes/apply_security.rb +14 -14
- data/cookbooks/mu-tools/recipes/aws_api.rb +9 -0
- data/cookbooks/mu-tools/recipes/eks.rb +2 -2
- data/cookbooks/mu-tools/recipes/google_api.rb +2 -2
- data/cookbooks/mu-tools/recipes/selinux.rb +2 -1
- data/cookbooks/mu-tools/recipes/windows-client.rb +163 -164
- data/cookbooks/mu-tools/resources/disk.rb +1 -1
- data/cookbooks/mu-tools/resources/windows_users.rb +44 -43
- data/extras/clean-stock-amis +25 -19
- data/extras/generate-stock-images +1 -0
- data/extras/image-generators/AWS/win2k12.yaml +18 -13
- data/extras/image-generators/AWS/win2k16.yaml +18 -13
- data/extras/image-generators/AWS/win2k19.yaml +21 -0
- data/extras/image-generators/Google/centos6.yaml +1 -0
- data/extras/image-generators/Google/centos7.yaml +1 -1
- data/modules/mommacat.ru +6 -16
- data/modules/mu.rb +165 -111
- data/modules/mu/adoption.rb +401 -68
- data/modules/mu/cleanup.rb +199 -306
- data/modules/mu/cloud.rb +100 -1632
- data/modules/mu/cloud/database.rb +49 -0
- data/modules/mu/cloud/dnszone.rb +46 -0
- data/modules/mu/cloud/machine_images.rb +212 -0
- data/modules/mu/cloud/providers.rb +81 -0
- data/modules/mu/cloud/resource_base.rb +920 -0
- data/modules/mu/cloud/server.rb +40 -0
- data/modules/mu/cloud/server_pool.rb +1 -0
- data/modules/mu/cloud/ssh_sessions.rb +228 -0
- data/modules/mu/cloud/winrm_sessions.rb +237 -0
- data/modules/mu/cloud/wrappers.rb +165 -0
- data/modules/mu/config.rb +171 -1767
- data/modules/mu/config/alarm.rb +2 -6
- data/modules/mu/config/bucket.rb +4 -4
- data/modules/mu/config/cache_cluster.rb +1 -1
- data/modules/mu/config/collection.rb +4 -4
- data/modules/mu/config/container_cluster.rb +9 -4
- data/modules/mu/config/database.rb +83 -104
- data/modules/mu/config/database.yml +1 -2
- data/modules/mu/config/dnszone.rb +6 -6
- data/modules/mu/config/doc_helpers.rb +516 -0
- data/modules/mu/config/endpoint.rb +4 -4
- data/modules/mu/config/firewall_rule.rb +103 -4
- data/modules/mu/config/folder.rb +4 -4
- data/modules/mu/config/function.rb +3 -3
- data/modules/mu/config/group.rb +4 -4
- data/modules/mu/config/habitat.rb +4 -4
- data/modules/mu/config/loadbalancer.rb +60 -14
- data/modules/mu/config/log.rb +4 -4
- data/modules/mu/config/msg_queue.rb +4 -4
- data/modules/mu/config/nosqldb.rb +4 -4
- data/modules/mu/config/notifier.rb +3 -3
- data/modules/mu/config/ref.rb +365 -0
- data/modules/mu/config/role.rb +4 -4
- data/modules/mu/config/schema_helpers.rb +509 -0
- data/modules/mu/config/search_domain.rb +4 -4
- data/modules/mu/config/server.rb +97 -70
- data/modules/mu/config/server.yml +1 -0
- data/modules/mu/config/server_pool.rb +5 -9
- data/modules/mu/config/storage_pool.rb +1 -1
- data/modules/mu/config/tail.rb +200 -0
- data/modules/mu/config/user.rb +4 -4
- data/modules/mu/config/vpc.rb +70 -27
- data/modules/mu/config/vpc.yml +0 -1
- data/modules/mu/defaults/AWS.yaml +83 -60
- data/modules/mu/defaults/Azure.yaml +1 -0
- data/modules/mu/defaults/Google.yaml +3 -2
- data/modules/mu/deploy.rb +30 -26
- data/modules/mu/groomer.rb +17 -2
- data/modules/mu/groomers/ansible.rb +188 -41
- data/modules/mu/groomers/chef.rb +116 -55
- data/modules/mu/logger.rb +127 -148
- data/modules/mu/master.rb +389 -2
- data/modules/mu/master/chef.rb +3 -4
- data/modules/mu/master/ldap.rb +3 -3
- data/modules/mu/master/ssl.rb +12 -3
- data/modules/mu/mommacat.rb +217 -2612
- data/modules/mu/mommacat/daemon.rb +397 -0
- data/modules/mu/mommacat/naming.rb +473 -0
- data/modules/mu/mommacat/search.rb +495 -0
- data/modules/mu/mommacat/storage.rb +722 -0
- data/modules/mu/{clouds → providers}/README.md +1 -1
- data/modules/mu/{clouds → providers}/aws.rb +271 -112
- data/modules/mu/{clouds → providers}/aws/alarm.rb +5 -3
- data/modules/mu/{clouds → providers}/aws/bucket.rb +26 -22
- data/modules/mu/{clouds → providers}/aws/cache_cluster.rb +33 -67
- data/modules/mu/{clouds → providers}/aws/collection.rb +24 -23
- data/modules/mu/{clouds → providers}/aws/container_cluster.rb +681 -721
- data/modules/mu/providers/aws/database.rb +1744 -0
- data/modules/mu/{clouds → providers}/aws/dnszone.rb +64 -63
- data/modules/mu/{clouds → providers}/aws/endpoint.rb +22 -27
- data/modules/mu/{clouds → providers}/aws/firewall_rule.rb +214 -244
- data/modules/mu/{clouds → providers}/aws/folder.rb +7 -7
- data/modules/mu/{clouds → providers}/aws/function.rb +17 -22
- data/modules/mu/{clouds → providers}/aws/group.rb +23 -23
- data/modules/mu/{clouds → providers}/aws/habitat.rb +17 -14
- data/modules/mu/{clouds → providers}/aws/loadbalancer.rb +57 -48
- data/modules/mu/{clouds → providers}/aws/log.rb +15 -12
- data/modules/mu/{clouds → providers}/aws/msg_queue.rb +17 -16
- data/modules/mu/{clouds → providers}/aws/nosqldb.rb +18 -11
- data/modules/mu/{clouds → providers}/aws/notifier.rb +11 -6
- data/modules/mu/{clouds → providers}/aws/role.rb +112 -86
- data/modules/mu/{clouds → providers}/aws/search_domain.rb +39 -33
- data/modules/mu/{clouds → providers}/aws/server.rb +835 -1133
- data/modules/mu/{clouds → providers}/aws/server_pool.rb +56 -60
- data/modules/mu/{clouds → providers}/aws/storage_pool.rb +24 -42
- data/modules/mu/{clouds → providers}/aws/user.rb +21 -22
- data/modules/mu/{clouds → providers}/aws/userdata/README.md +0 -0
- data/modules/mu/{clouds → providers}/aws/userdata/linux.erb +0 -0
- data/modules/mu/{clouds → providers}/aws/userdata/windows.erb +2 -1
- data/modules/mu/{clouds → providers}/aws/vpc.rb +523 -929
- data/modules/mu/providers/aws/vpc_subnet.rb +286 -0
- data/modules/mu/{clouds → providers}/azure.rb +29 -9
- data/modules/mu/{clouds → providers}/azure/container_cluster.rb +3 -8
- data/modules/mu/{clouds → providers}/azure/firewall_rule.rb +18 -11
- data/modules/mu/{clouds → providers}/azure/habitat.rb +8 -6
- data/modules/mu/{clouds → providers}/azure/loadbalancer.rb +5 -5
- data/modules/mu/{clouds → providers}/azure/role.rb +8 -10
- data/modules/mu/{clouds → providers}/azure/server.rb +95 -48
- data/modules/mu/{clouds → providers}/azure/user.rb +6 -8
- data/modules/mu/{clouds → providers}/azure/userdata/README.md +0 -0
- data/modules/mu/{clouds → providers}/azure/userdata/linux.erb +0 -0
- data/modules/mu/{clouds → providers}/azure/userdata/windows.erb +0 -0
- data/modules/mu/{clouds → providers}/azure/vpc.rb +16 -21
- data/modules/mu/{clouds → providers}/cloudformation.rb +18 -7
- data/modules/mu/{clouds → providers}/cloudformation/alarm.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/cache_cluster.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/collection.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/database.rb +6 -17
- data/modules/mu/{clouds → providers}/cloudformation/dnszone.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/firewall_rule.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/loadbalancer.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/log.rb +3 -3
- data/modules/mu/{clouds → providers}/cloudformation/server.rb +7 -7
- data/modules/mu/{clouds → providers}/cloudformation/server_pool.rb +5 -5
- data/modules/mu/{clouds → providers}/cloudformation/vpc.rb +5 -7
- data/modules/mu/{clouds → providers}/docker.rb +0 -0
- data/modules/mu/{clouds → providers}/google.rb +67 -30
- data/modules/mu/{clouds → providers}/google/bucket.rb +13 -15
- data/modules/mu/{clouds → providers}/google/container_cluster.rb +84 -77
- data/modules/mu/{clouds → providers}/google/database.rb +10 -20
- data/modules/mu/{clouds → providers}/google/firewall_rule.rb +15 -14
- data/modules/mu/{clouds → providers}/google/folder.rb +20 -17
- data/modules/mu/{clouds → providers}/google/function.rb +139 -167
- data/modules/mu/{clouds → providers}/google/group.rb +29 -34
- data/modules/mu/{clouds → providers}/google/habitat.rb +21 -22
- data/modules/mu/{clouds → providers}/google/loadbalancer.rb +18 -20
- data/modules/mu/{clouds → providers}/google/role.rb +92 -58
- data/modules/mu/{clouds → providers}/google/server.rb +242 -155
- data/modules/mu/{clouds → providers}/google/server_pool.rb +25 -44
- data/modules/mu/{clouds → providers}/google/user.rb +95 -31
- data/modules/mu/{clouds → providers}/google/userdata/README.md +0 -0
- data/modules/mu/{clouds → providers}/google/userdata/linux.erb +0 -0
- data/modules/mu/{clouds → providers}/google/userdata/windows.erb +0 -0
- data/modules/mu/{clouds → providers}/google/vpc.rb +103 -79
- data/modules/tests/bucket.yml +4 -0
- data/modules/tests/centos6.yaml +11 -0
- data/modules/tests/centos7.yaml +11 -0
- data/modules/tests/centos8.yaml +12 -0
- data/modules/tests/ecs.yaml +23 -0
- data/modules/tests/includes-and-params.yaml +2 -1
- data/modules/tests/rds.yaml +108 -0
- data/modules/tests/regrooms/aws-iam.yaml +201 -0
- data/modules/tests/regrooms/bucket.yml +19 -0
- data/modules/tests/regrooms/rds.yaml +123 -0
- data/modules/tests/server-with-scrub-muisms.yaml +1 -0
- data/modules/tests/super_simple_bok.yml +1 -3
- data/modules/tests/win2k12.yaml +17 -5
- data/modules/tests/win2k16.yaml +25 -0
- data/modules/tests/win2k19.yaml +25 -0
- data/requirements.txt +1 -0
- data/spec/mu/clouds/azure_spec.rb +2 -2
- metadata +232 -154
- data/extras/image-generators/AWS/windows.yaml +0 -18
- data/modules/mu/clouds/aws/database.rb +0 -1985
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
module MU
|
|
16
16
|
class Config
|
|
17
|
-
# Basket of Kittens config schema and parser logic. See modules/mu/
|
|
17
|
+
# Basket of Kittens config schema and parser logic. See modules/mu/providers/*/api.rb
|
|
18
18
|
class Endpoint
|
|
19
19
|
|
|
20
20
|
# Base configuration schema for an Endpoint (e.g. AWS API Gateway)
|
|
@@ -57,10 +57,10 @@ module MU
|
|
|
57
57
|
end
|
|
58
58
|
|
|
59
59
|
# Generic pre-processing of {MU::Config::BasketofKittens::endpoints}, bare and unvalidated.
|
|
60
|
-
# @param
|
|
61
|
-
# @param
|
|
60
|
+
# @param _endpoint [Hash]: The resource to process and validate
|
|
61
|
+
# @param _configurator [MU::Config]: The overall deployment configurator of which this resource is a member
|
|
62
62
|
# @return [Boolean]: True if validation succeeded, False otherwise
|
|
63
|
-
def self.validate(
|
|
63
|
+
def self.validate(_endpoint, _configurator)
|
|
64
64
|
ok = true
|
|
65
65
|
|
|
66
66
|
ok
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
module MU
|
|
16
16
|
class Config
|
|
17
|
-
# Basket of Kittens config schema and parser logic. See modules/mu/
|
|
17
|
+
# Basket of Kittens config schema and parser logic. See modules/mu/providers/*/firewall_rule.rb
|
|
18
18
|
class FirewallRule
|
|
19
19
|
|
|
20
20
|
# Base configuration schema for a FirewallRule
|
|
@@ -100,14 +100,113 @@ module MU
|
|
|
100
100
|
end
|
|
101
101
|
|
|
102
102
|
# Generic pre-processing of {MU::Config::BasketofKittens::firewall_rules}, bare and unvalidated.
|
|
103
|
-
# @param
|
|
104
|
-
# @param
|
|
103
|
+
# @param _acl [Hash]: The resource to process and validate
|
|
104
|
+
# @param _configurator [MU::Config]: The overall deployment configurator of which this resource is a member
|
|
105
105
|
# @return [Boolean]: True if validation succeeded, False otherwise
|
|
106
|
-
def self.validate(
|
|
106
|
+
def self.validate(_acl, _configurator)
|
|
107
107
|
ok = true
|
|
108
108
|
ok
|
|
109
109
|
end
|
|
110
110
|
|
|
111
111
|
end
|
|
112
|
+
|
|
113
|
+
# FirewallRules can reference other FirewallRules, which means we need to do
|
|
114
|
+
# an extra pass to make sure we get all intra-stack dependencies correct.
|
|
115
|
+
# @param acl [Hash]: The configuration hash for the FirewallRule to check
|
|
116
|
+
# @return [Hash]
|
|
117
|
+
def resolveIntraStackFirewallRefs(acl, delay_validation = false)
|
|
118
|
+
acl["rules"].each { |acl_include|
|
|
119
|
+
if acl_include['sgs']
|
|
120
|
+
acl_include['sgs'].each { |sg_ref|
|
|
121
|
+
if haveLitterMate?(sg_ref, "firewall_rules")
|
|
122
|
+
MU::Config.addDependency(acl, sg_ref, "firewall_rule", no_create_wait: true)
|
|
123
|
+
siblingfw = haveLitterMate?(sg_ref, "firewall_rules")
|
|
124
|
+
if !siblingfw["#MU_VALIDATED"]
|
|
125
|
+
# XXX raise failure somehow
|
|
126
|
+
insertKitten(siblingfw, "firewall_rules", delay_validation: delay_validation)
|
|
127
|
+
end
|
|
128
|
+
end
|
|
129
|
+
}
|
|
130
|
+
end
|
|
131
|
+
}
|
|
132
|
+
acl
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
# Generate configuration for the general-purpose admin firewall rulesets
|
|
136
|
+
# (security groups in AWS). Note that these are unique to regions and
|
|
137
|
+
# individual VPCs (as well as Classic, which is just a degenerate case of
|
|
138
|
+
# a VPC for our purposes.
|
|
139
|
+
# @param vpc [Hash]: A VPC reference as defined in our config schema. This originates with the calling resource, so we'll peel out just what we need (a name or cloud id of a VPC).
|
|
140
|
+
# @param admin_ip [String]: Optional string of an extra IP address to allow blanket access to the calling resource.
|
|
141
|
+
# @param cloud [String]: The parent resource's cloud plugin identifier
|
|
142
|
+
# @param region [String]: Cloud provider region, if applicable.
|
|
143
|
+
# @return [Hash<String>]: A dependency description that the calling resource can then add to itself.
|
|
144
|
+
def adminFirewallRuleset(vpc: nil, admin_ip: nil, region: nil, cloud: nil, credentials: nil, rules_only: false)
|
|
145
|
+
if !cloud or (cloud == "AWS" and !region)
|
|
146
|
+
raise MuError, "Cannot call adminFirewallRuleset without specifying the parent's region and cloud provider"
|
|
147
|
+
end
|
|
148
|
+
hosts = Array.new
|
|
149
|
+
hosts << "#{MU.my_public_ip}/32" if MU.my_public_ip
|
|
150
|
+
hosts << "#{MU.my_private_ip}/32" if MU.my_private_ip
|
|
151
|
+
hosts << "#{MU.mu_public_ip}/32" if MU.mu_public_ip
|
|
152
|
+
hosts << "#{admin_ip}/32" if admin_ip
|
|
153
|
+
hosts.uniq!
|
|
154
|
+
|
|
155
|
+
rules = []
|
|
156
|
+
if cloud == "Google"
|
|
157
|
+
rules = [
|
|
158
|
+
{ "ingress" => true, "proto" => "all", "hosts" => hosts },
|
|
159
|
+
{ "egress" => true, "proto" => "all", "hosts" => hosts }
|
|
160
|
+
]
|
|
161
|
+
else
|
|
162
|
+
rules = [
|
|
163
|
+
{ "proto" => "tcp", "port_range" => "0-65535", "hosts" => hosts },
|
|
164
|
+
{ "proto" => "udp", "port_range" => "0-65535", "hosts" => hosts },
|
|
165
|
+
{ "proto" => "icmp", "port_range" => "-1", "hosts" => hosts }
|
|
166
|
+
]
|
|
167
|
+
end
|
|
168
|
+
|
|
169
|
+
if rules_only
|
|
170
|
+
return rules
|
|
171
|
+
end
|
|
172
|
+
|
|
173
|
+
name = "admin"
|
|
174
|
+
name += credentials.to_s if credentials
|
|
175
|
+
realvpc = nil
|
|
176
|
+
if vpc
|
|
177
|
+
realvpc = {}
|
|
178
|
+
['vpc_name', 'vpc_id'].each { |p|
|
|
179
|
+
if vpc[p]
|
|
180
|
+
vpc[p.sub(/^vpc_/, '')] = vpc[p]
|
|
181
|
+
vpc.delete(p)
|
|
182
|
+
end
|
|
183
|
+
}
|
|
184
|
+
['cloud', 'id', 'name', 'deploy_id', 'habitat', 'credentials'].each { |field|
|
|
185
|
+
realvpc[field] = vpc[field] if !vpc[field].nil?
|
|
186
|
+
}
|
|
187
|
+
if !realvpc['id'].nil? and !realvpc['id'].empty?
|
|
188
|
+
# Stupid kludge for Google cloud_ids which are sometimes URLs and
|
|
189
|
+
# sometimes not. Requirements are inconsistent from scenario to
|
|
190
|
+
# scenario.
|
|
191
|
+
name = name + "-" + realvpc['id'].gsub(/.*\//, "")
|
|
192
|
+
realvpc['id'] = getTail("id", value: realvpc['id'], prettyname: "Admin Firewall Ruleset #{name} Target VPC", cloudtype: "AWS::EC2::VPC::Id") if realvpc["id"].is_a?(String)
|
|
193
|
+
elsif !realvpc['name'].nil?
|
|
194
|
+
name = name + "-" + realvpc['name']
|
|
195
|
+
end
|
|
196
|
+
end
|
|
197
|
+
|
|
198
|
+
|
|
199
|
+
acl = {"name" => name, "rules" => rules, "vpc" => realvpc, "cloud" => cloud, "admin" => true, "credentials" => credentials }
|
|
200
|
+
if cloud == "Google" and acl["vpc"] and acl["vpc"]["habitat"]
|
|
201
|
+
acl['project'] = acl["vpc"]["habitat"]["id"] || acl["vpc"]["habitat"]["name"]
|
|
202
|
+
end
|
|
203
|
+
acl.delete("vpc") if !acl["vpc"]
|
|
204
|
+
if !MU::Cloud.resourceClass(cloud, "FirewallRule").isGlobal? and !region.nil? and !region.empty?
|
|
205
|
+
acl["region"] = region
|
|
206
|
+
end
|
|
207
|
+
@admin_firewall_rules << acl if !@admin_firewall_rules.include?(acl)
|
|
208
|
+
return {"type" => "firewall_rule", "name" => name}
|
|
209
|
+
end
|
|
210
|
+
|
|
112
211
|
end
|
|
113
212
|
end
|
data/modules/mu/config/folder.rb
CHANGED
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
module MU
|
|
16
16
|
class Config
|
|
17
|
-
# Basket of Kittens config schema and parser logic. See modules/mu/
|
|
17
|
+
# Basket of Kittens config schema and parser logic. See modules/mu/providers/*/folder.rb
|
|
18
18
|
class Folder
|
|
19
19
|
|
|
20
20
|
# Base configuration schema for a Folder
|
|
@@ -59,10 +59,10 @@ module MU
|
|
|
59
59
|
end
|
|
60
60
|
|
|
61
61
|
# Generic pre-processing of {MU::Config::BasketofKittens::folder}, bare and unvalidated.
|
|
62
|
-
# @param
|
|
63
|
-
# @param
|
|
62
|
+
# @param _folder [Hash]: The resource to process and validate
|
|
63
|
+
# @param _configurator [MU::Config]: The overall deployment configurator of which this resource is a member
|
|
64
64
|
# @return [Boolean]: True if validation succeeded, False otherwise
|
|
65
|
-
def self.validate(
|
|
65
|
+
def self.validate(_folder, _configurator)
|
|
66
66
|
ok = true
|
|
67
67
|
ok
|
|
68
68
|
end
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
module MU
|
|
16
16
|
class Config
|
|
17
|
-
# Basket of Kittens config schema and parser logic. See modules/mu/
|
|
17
|
+
# Basket of Kittens config schema and parser logic. See modules/mu/providers/*/function.rb
|
|
18
18
|
class Function
|
|
19
19
|
|
|
20
20
|
# Base configuration schema for a Function
|
|
@@ -99,9 +99,9 @@ module MU
|
|
|
99
99
|
|
|
100
100
|
# Generic pre-processing of {MU::Config::BasketofKittens::functions}, bare and unvalidated.
|
|
101
101
|
# @param function [Hash]: The resource to process and validate
|
|
102
|
-
# @param
|
|
102
|
+
# @param _configurator [MU::Config]: The overall deployment configurator of which this resource is a member
|
|
103
103
|
# @return [Boolean]: True if validation succeeded, False otherwise
|
|
104
|
-
def self.validate(function,
|
|
104
|
+
def self.validate(function, _configurator)
|
|
105
105
|
ok = true
|
|
106
106
|
if !function['code']
|
|
107
107
|
ok = false
|
data/modules/mu/config/group.rb
CHANGED
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
module MU
|
|
16
16
|
class Config
|
|
17
|
-
# Basket of Kittens config schema and parser logic. See modules/mu/
|
|
17
|
+
# Basket of Kittens config schema and parser logic. See modules/mu/providers/*/group.rb
|
|
18
18
|
class Group
|
|
19
19
|
|
|
20
20
|
# Base configuration schema for a Group
|
|
@@ -51,10 +51,10 @@ module MU
|
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
# Generic pre-processing of {MU::Config::BasketofKittens::group}, bare and unvalidated.
|
|
54
|
-
# @param
|
|
55
|
-
# @param
|
|
54
|
+
# @param _group [Hash]: The resource to process and validate
|
|
55
|
+
# @param _configurator [MU::Config]: The overall deployment configurator of which this resource is a member
|
|
56
56
|
# @return [Boolean]: True if validation succeeded, False otherwise
|
|
57
|
-
def self.validate(
|
|
57
|
+
def self.validate(_group, _configurator)
|
|
58
58
|
ok = true
|
|
59
59
|
ok
|
|
60
60
|
end
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
module MU
|
|
16
16
|
class Config
|
|
17
|
-
# Basket of Kittens config schema and parser logic. See modules/mu/
|
|
17
|
+
# Basket of Kittens config schema and parser logic. See modules/mu/providers/*/project.rb
|
|
18
18
|
class Habitat
|
|
19
19
|
|
|
20
20
|
# Base configuration schema for a Habitat
|
|
@@ -38,10 +38,10 @@ module MU
|
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
# Generic pre-processing of {MU::Config::BasketofKittens::habitat}, bare and unvalidated.
|
|
41
|
-
# @param
|
|
42
|
-
# @param
|
|
41
|
+
# @param _habitat [Hash]: The resource to process and validate
|
|
42
|
+
# @param _configurator [MU::Config]: The overall deployment configurator of which this resource is a member
|
|
43
43
|
# @return [Boolean]: True if validation succeeded, False otherwise
|
|
44
|
-
def self.validate(
|
|
44
|
+
def self.validate(_habitat, _configurator)
|
|
45
45
|
ok = true
|
|
46
46
|
ok
|
|
47
47
|
end
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
module MU
|
|
16
16
|
class Config
|
|
17
|
-
# Basket of Kittens config schema and parser logic. See modules/mu/
|
|
17
|
+
# Basket of Kittens config schema and parser logic. See modules/mu/providers/*/loadbalancer.rb
|
|
18
18
|
class LoadBalancer
|
|
19
19
|
|
|
20
20
|
# Generate schema for a LoadBalancer health check
|
|
@@ -64,6 +64,45 @@ module MU
|
|
|
64
64
|
}
|
|
65
65
|
end
|
|
66
66
|
|
|
67
|
+
# Generate schema for a LoadBalancer redirect
|
|
68
|
+
# @return [Hash]
|
|
69
|
+
def self.redirect
|
|
70
|
+
{
|
|
71
|
+
"type" => "object",
|
|
72
|
+
"title" => "redirect",
|
|
73
|
+
"additionalProperties" => false,
|
|
74
|
+
"description" => "Instruct our LoadBalancer to redirect traffic to another host, port, and/or path.",
|
|
75
|
+
"properties" => {
|
|
76
|
+
"protocol" => {
|
|
77
|
+
"type" => "string",
|
|
78
|
+
"default" => "HTTPS"
|
|
79
|
+
},
|
|
80
|
+
"port" => {
|
|
81
|
+
"type" => "integer",
|
|
82
|
+
"default" => 443
|
|
83
|
+
},
|
|
84
|
+
"host" => {
|
|
85
|
+
"type" => "string",
|
|
86
|
+
"default" => "\#{host}"
|
|
87
|
+
},
|
|
88
|
+
"path" => {
|
|
89
|
+
"type" => "string",
|
|
90
|
+
"default" => "/\#{path}"
|
|
91
|
+
},
|
|
92
|
+
"query" => {
|
|
93
|
+
"type" => "string",
|
|
94
|
+
"default" => "\#{query}"
|
|
95
|
+
},
|
|
96
|
+
"status_code" => {
|
|
97
|
+
"type" => "integer",
|
|
98
|
+
"description" => "The HTTP status code when issuing a redirect",
|
|
99
|
+
"default" => 301,
|
|
100
|
+
"enum" => [301, 302]
|
|
101
|
+
},
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
end
|
|
105
|
+
|
|
67
106
|
# Base configuration schema for a LoadBalancer
|
|
68
107
|
# @return [Hash]
|
|
69
108
|
def self.schema
|
|
@@ -261,7 +300,7 @@ module MU
|
|
|
261
300
|
"type" => "array",
|
|
262
301
|
"items" => {
|
|
263
302
|
"type" => "object",
|
|
264
|
-
"required" => ["lb_protocol", "lb_port"
|
|
303
|
+
"required" => ["lb_protocol", "lb_port"],
|
|
265
304
|
"additionalProperties" => false,
|
|
266
305
|
"description" => "A list of port/protocols which this Load Balancer should answer.",
|
|
267
306
|
"properties" => {
|
|
@@ -279,6 +318,7 @@ module MU
|
|
|
279
318
|
"enum" => ["HTTP", "HTTPS", "TCP", "SSL", "UDP"],
|
|
280
319
|
"description" => "Specifies the load balancer transport protocol to use for routing - HTTP, HTTPS, TCP, SSL, or UDP. SSL and UDP are only valid in Google Cloud."
|
|
281
320
|
},
|
|
321
|
+
"redirect" => MU::Config::LoadBalancer.redirect,
|
|
282
322
|
"targetgroup" => {
|
|
283
323
|
"type" => "string",
|
|
284
324
|
"description" => "Which of our declared targetgroups should be the back-end for this listener's traffic"
|
|
@@ -309,14 +349,14 @@ module MU
|
|
|
309
349
|
"items" => {
|
|
310
350
|
"type" => "object",
|
|
311
351
|
"description" => "Rules to route requests to different target groups based on the request path",
|
|
312
|
-
"required" => ["
|
|
352
|
+
"required" => ["order", "conditions"],
|
|
313
353
|
"additionalProperties" => false,
|
|
314
354
|
"properties" => {
|
|
315
355
|
"conditions" => {
|
|
316
356
|
"type" => "array",
|
|
317
357
|
"items" => {
|
|
318
358
|
"type" => "object",
|
|
319
|
-
"description" => "Rule
|
|
359
|
+
"description" => "Rule conditionl; if none are specified (or if none match) the default action will be set.",
|
|
320
360
|
"required" => ["field", "values"],
|
|
321
361
|
"additionalProperties" => false,
|
|
322
362
|
"properties" => {
|
|
@@ -339,16 +379,17 @@ module MU
|
|
|
339
379
|
"type" => "array",
|
|
340
380
|
"items" => {
|
|
341
381
|
"type" => "object",
|
|
342
|
-
"description" => "Rule action",
|
|
343
|
-
"required" => ["action"
|
|
382
|
+
"description" => "Rule action, which must specify one of +targetgroup+ or +redirect+",
|
|
383
|
+
"required" => ["action"],
|
|
344
384
|
"additionalProperties" => false,
|
|
345
385
|
"properties" => {
|
|
346
386
|
"action" => {
|
|
347
387
|
"type" => "string",
|
|
348
388
|
"default" => "forward",
|
|
349
389
|
"description" => "An action to take when a match occurs. Currently, only forwarding to a targetgroup is supported.",
|
|
350
|
-
"enum" => ["forward"]
|
|
390
|
+
"enum" => ["forward", "redirect"]
|
|
351
391
|
},
|
|
392
|
+
"redirect" => MU::Config::LoadBalancer.redirect,
|
|
352
393
|
"targetgroup" => {
|
|
353
394
|
"type" => "string",
|
|
354
395
|
"description" => "Which of our declared targetgroups should be the recipient of this traffic. If left unspecified, will default to the default targetgroup of this listener."
|
|
@@ -383,9 +424,9 @@ module MU
|
|
|
383
424
|
|
|
384
425
|
# Generic pre-processing of {MU::Config::BasketofKittens::loadbalancers}, bare and unvalidated.
|
|
385
426
|
# @param lb [Hash]: The resource to process and validate
|
|
386
|
-
# @param
|
|
427
|
+
# @param _configurator [MU::Config]: The overall deployment configurator of which this resource is a member
|
|
387
428
|
# @return [Boolean]: True if validation succeeded, False otherwise
|
|
388
|
-
def self.validate(lb,
|
|
429
|
+
def self.validate(lb, _configurator)
|
|
389
430
|
ok = true
|
|
390
431
|
# Convert old-school listener declarations into target groups and health
|
|
391
432
|
# checks, for which AWS and Google both have equivalents.
|
|
@@ -405,13 +446,18 @@ module MU
|
|
|
405
446
|
"proto" => l["instance_protocol"],
|
|
406
447
|
"port" => l["instance_port"]
|
|
407
448
|
}
|
|
408
|
-
if
|
|
409
|
-
|
|
410
|
-
tg["
|
|
449
|
+
if l["redirect"]
|
|
450
|
+
tg["proto"] ||= l["redirect"]["protocol"]
|
|
451
|
+
tg["port"] ||= l["redirect"]["port"]
|
|
452
|
+
end
|
|
453
|
+
l['healthcheck'] ||= lb['healthcheck'] if lb['healthcheck']
|
|
454
|
+
if l["healthcheck"]
|
|
455
|
+
hc_target = l['healthcheck']['target'].match(/^([^:]+):(\d+)(.*)/)
|
|
456
|
+
tg["healthcheck"] = l['healthcheck'].dup
|
|
411
457
|
proto = ["HTTP", "HTTPS"].include?(hc_target[1]) ? hc_target[1] : l["instance_protocol"]
|
|
412
458
|
tg['healthcheck']['target'] = "#{proto}:#{hc_target[2]}#{hc_target[3]}"
|
|
413
459
|
tg['healthcheck']["httpcode"] = "200,301,302"
|
|
414
|
-
MU.log "Converting classic-style ELB health check target #{
|
|
460
|
+
MU.log "Converting classic-style ELB health check target #{l['healthcheck']['target']} to ALB style for target group #{tgname} (#{l["instance_protocol"]}:#{l["instance_port"]}).", details: tg['healthcheck']
|
|
415
461
|
end
|
|
416
462
|
lb["targetgroups"] << tg
|
|
417
463
|
}
|
|
@@ -446,7 +492,7 @@ module MU
|
|
|
446
492
|
else
|
|
447
493
|
found = false
|
|
448
494
|
lb['targetgroups'].each { |tg|
|
|
449
|
-
if
|
|
495
|
+
if tg['name'] == action['targetgroup']
|
|
450
496
|
found = true
|
|
451
497
|
break
|
|
452
498
|
end
|
data/modules/mu/config/log.rb
CHANGED
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
module MU
|
|
16
16
|
class Config
|
|
17
|
-
# Basket of Kittens config schema and parser logic. See modules/mu/
|
|
17
|
+
# Basket of Kittens config schema and parser logic. See modules/mu/providers/*/log.rb
|
|
18
18
|
class Log
|
|
19
19
|
|
|
20
20
|
# Base configuration schema for a Log
|
|
@@ -36,10 +36,10 @@ module MU
|
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
# Generic pre-processing of {MU::Config::BasketofKittens::logs}, bare and unvalidated.
|
|
39
|
-
# @param
|
|
40
|
-
# @param
|
|
39
|
+
# @param _log [Hash]: The resource to process and validate
|
|
40
|
+
# @param _configurator [MU::Config]: The overall deployment configurator of which this resource is a member
|
|
41
41
|
# @return [Boolean]: True if validation succeeded, False otherwise
|
|
42
|
-
def self.validate(
|
|
42
|
+
def self.validate(_log, _configurator)
|
|
43
43
|
ok = true
|
|
44
44
|
ok
|
|
45
45
|
end
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
module MU
|
|
16
16
|
class Config
|
|
17
|
-
# Basket of Kittens config schema and parser logic. See modules/mu/
|
|
17
|
+
# Basket of Kittens config schema and parser logic. See modules/mu/providers/*/msg_queue.rb
|
|
18
18
|
class MsgQueue
|
|
19
19
|
|
|
20
20
|
# Base configuration schema for a MsgQueue
|
|
@@ -34,10 +34,10 @@ module MU
|
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
# Generic pre-processing of {MU::Config::BasketofKittens::msg_queues}, bare and unvalidated.
|
|
37
|
-
# @param
|
|
38
|
-
# @param
|
|
37
|
+
# @param _queue [Hash]: The resource to process and validate
|
|
38
|
+
# @param _configurator [MU::Config]: The overall deployment configurator of which this resource is a member
|
|
39
39
|
# @return [Boolean]: True if validation succeeded, False otherwise
|
|
40
|
-
def self.validate(
|
|
40
|
+
def self.validate(_queue, _configurator)
|
|
41
41
|
ok = true
|
|
42
42
|
ok
|
|
43
43
|
end
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
|
|
15
15
|
module MU
|
|
16
16
|
class Config
|
|
17
|
-
# Basket of Kittens config schema and parser logic. See modules/mu/
|
|
17
|
+
# Basket of Kittens config schema and parser logic. See modules/mu/providers/*/nosqldb.rb
|
|
18
18
|
class NoSQLDB
|
|
19
19
|
|
|
20
20
|
# Base configuration schema for a Bucket
|
|
@@ -35,10 +35,10 @@ module MU
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
# Generic pre-processing of {MU::Config::BasketofKittens::nosqldbs}, bare and unvalidated.
|
|
38
|
-
# @param
|
|
39
|
-
# @param
|
|
38
|
+
# @param _db [Hash]: The resource to process and validate
|
|
39
|
+
# @param _configurator [MU::Config]: The overall deployment configurator of which this resource is a member
|
|
40
40
|
# @return [Boolean]: True if validation succeeded, False otherwise
|
|
41
|
-
def self.validate(
|
|
41
|
+
def self.validate(_db, _configurator)
|
|
42
42
|
ok = true
|
|
43
43
|
|
|
44
44
|
ok
|