kanmon 0.5.0 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +31 -0
- data/lib/kanmon/cli.rb +25 -4
- data/lib/kanmon/server.rb +80 -0
- data/lib/kanmon/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b86b5720d0e9a1091f268c95417798f229b8cb0e3a0dbc56578e1ac0dcd88c04
|
|
4
|
+
data.tar.gz: 0aeca4174abd12f9e5a916856c8d596f43ae51c85b769b3fd9f11dc9405b42bf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 24c2c7e15d5b0bdcbf321478e4fdaddd71efc26bcd2d0d73e92558e1e645e1cfc5d2e5ff3f28404ac3b1a1ed2d2bc7290a06ae7ef1991e633a5b97c9988e8bb3
|
|
7
|
+
data.tar.gz: 70e05239cfc92015d3b6c5ed8ee151ec018f8daf6aa0dba9f0da47f714a5d1de0497f7831ce43faff3a5179a83f2d2248e6a8b6b8f741149c43dbff938b4171b
|
data/README.md
CHANGED
|
@@ -10,6 +10,23 @@ $ cat kanmon.yml
|
|
|
10
10
|
security_group: 11122233-4444-5555-6666-777788889999
|
|
11
11
|
```
|
|
12
12
|
|
|
13
|
+
または、SSHでアクセスしたいサーバーのUUIDを記述することも可能です。サーバーのUUIDを記述した場合、新規にSecurityGroupを作成し、指定したサーバーに追加します。
|
|
14
|
+
|
|
15
|
+
```yaml
|
|
16
|
+
➤ cat kanmon.yml
|
|
17
|
+
server: 11122233-4444-5555-6666-777788889999
|
|
18
|
+
```
|
|
19
|
+
|
|
20
|
+
もし、kanmon.yaml で複数のターゲットを管理したい場合、次のように書くこともできます。
|
|
21
|
+
|
|
22
|
+
```yaml
|
|
23
|
+
➤ cat kanmon.yml
|
|
24
|
+
targetA:
|
|
25
|
+
security_group: 11122233-4444-5555-6666-777788889999
|
|
26
|
+
targetB:
|
|
27
|
+
server: 33344444-5555-6666-7777-888800000000
|
|
28
|
+
```
|
|
29
|
+
|
|
13
30
|
環境変数を設定します。
|
|
14
31
|
|
|
15
32
|
```
|
|
@@ -28,8 +45,22 @@ $ export OS_PROJECT_DOMAIN_NAME=default
|
|
|
28
45
|
$ kanmon open
|
|
29
46
|
```
|
|
30
47
|
|
|
48
|
+
kanmon.yaml に複数のターゲットを記述した場合、下記のようにします。
|
|
49
|
+
|
|
50
|
+
```
|
|
51
|
+
$ kanmon open --target targetA
|
|
52
|
+
$ kanmon open --target targetB
|
|
53
|
+
```
|
|
54
|
+
|
|
31
55
|
追加したSecurity Groupのルールを削除します。
|
|
32
56
|
|
|
33
57
|
```
|
|
34
58
|
$ kanmon close
|
|
35
59
|
```
|
|
60
|
+
|
|
61
|
+
複数のターゲットがある場合、下記のようになります。
|
|
62
|
+
|
|
63
|
+
```
|
|
64
|
+
$ kanmon close --target targetA
|
|
65
|
+
$ kanmon close --target targetB
|
|
66
|
+
```
|
data/lib/kanmon/cli.rb
CHANGED
|
@@ -2,14 +2,28 @@ require "thor"
|
|
|
2
2
|
require "shellwords"
|
|
3
3
|
|
|
4
4
|
require "kanmon/securitygroup"
|
|
5
|
+
require "kanmon/server"
|
|
6
|
+
|
|
7
|
+
module Yao::Resources
|
|
8
|
+
class Server < Yao::Resources::Base
|
|
9
|
+
def self.add_security_group(server_id, security_group_name)
|
|
10
|
+
action(server_id, {"addSecurityGroup": {"name": security_group_name}})
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def self.remove_security_group(server_id, security_group_name)
|
|
14
|
+
action(server_id, {"removeSecurityGroup": {"name": security_group_name}})
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
5
18
|
|
|
6
19
|
module Kanmon
|
|
7
20
|
class CLI < Thor
|
|
8
21
|
class_option :kanmon_config, aliases: "f", type: :string, default: "kanmon.yml", banner: "FILE", desc: "Load configure from FILE"
|
|
22
|
+
class_option :target, aliases: "t", type: :string, default: nil, banner: "TARGET", desc: "If more than one Security Group is in the setting, select target"
|
|
9
23
|
|
|
10
24
|
desc "open", "Commands about add rules to SecurityGroup"
|
|
11
25
|
def open
|
|
12
|
-
@
|
|
26
|
+
@kanmon.open
|
|
13
27
|
puts "Success!!"
|
|
14
28
|
rescue Yao::Conflict => e
|
|
15
29
|
puts "Is not it already opened?" if e.message.include?("Security group rule already exists.")
|
|
@@ -18,7 +32,7 @@ module Kanmon
|
|
|
18
32
|
|
|
19
33
|
desc "close", "Commands about delete rules from SecurityGroup"
|
|
20
34
|
def close
|
|
21
|
-
@
|
|
35
|
+
@kanmon.close
|
|
22
36
|
puts "Success!!"
|
|
23
37
|
end
|
|
24
38
|
|
|
@@ -29,7 +43,7 @@ module Kanmon
|
|
|
29
43
|
|
|
30
44
|
desc "exec COMMAND", "Commands about open, exec command, close"
|
|
31
45
|
def exec(*args)
|
|
32
|
-
@
|
|
46
|
+
@kanmon.open do
|
|
33
47
|
command = Shellwords.join(args)
|
|
34
48
|
Process.wait spawn(command)
|
|
35
49
|
end
|
|
@@ -45,7 +59,14 @@ module Kanmon
|
|
|
45
59
|
unless %w(help version).include?(command.name)
|
|
46
60
|
Kanmon.init_yao
|
|
47
61
|
@config = Kanmon.load_config(options[:kanmon_config])
|
|
48
|
-
@
|
|
62
|
+
@config = @config[options[:target]] if options[:target]
|
|
63
|
+
|
|
64
|
+
if @config.key?("security_group")
|
|
65
|
+
@kanmon = SecurityGroup.new(@config["security_group"])
|
|
66
|
+
end
|
|
67
|
+
if @config.key?('server')
|
|
68
|
+
@kanmon = Server.new(@config["server"])
|
|
69
|
+
end
|
|
49
70
|
end
|
|
50
71
|
|
|
51
72
|
super
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
require "yao"
|
|
2
|
+
|
|
3
|
+
require "kanmon/myip"
|
|
4
|
+
|
|
5
|
+
module Kanmon
|
|
6
|
+
class Server
|
|
7
|
+
def initialize(id, ip = nil)
|
|
8
|
+
@id = id
|
|
9
|
+
@ip = ip || Kanmon::MyIP.get
|
|
10
|
+
@tenant_id = Yao.current_tenant_id
|
|
11
|
+
@server = Yao::Server.get(id)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def create_sg
|
|
15
|
+
puts "Create security group allow to access server '#{@server.name}'."
|
|
16
|
+
param = {name: sg_name, description: "create by kanmon and #{ENV['OS_USERNAME']}"}
|
|
17
|
+
@sg = Yao::SecurityGroup.create(param)
|
|
18
|
+
result = Yao::SecurityGroupRule.create(rule)
|
|
19
|
+
puts "Create rule to #{@sg.name} allow ssh from #{@ip}/32: #{result.id}"
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def delete_sg
|
|
23
|
+
puts "Delete security group #{sg_name}"
|
|
24
|
+
Yao::SecurityGroup.destroy(@sg.id)
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def add_sg
|
|
28
|
+
puts "Add security group #{sg_name} to server #{@server.name}"
|
|
29
|
+
Yao::Server.add_security_group(@id, sg_name)
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def remove_sg
|
|
33
|
+
puts "Remove security group #{sg_name} from server '#{@server.name}'."
|
|
34
|
+
Yao::Server.remove_security_group(@id, sg_name)
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def open
|
|
38
|
+
create_sg
|
|
39
|
+
add_sg
|
|
40
|
+
|
|
41
|
+
if block_given?
|
|
42
|
+
begin
|
|
43
|
+
yield
|
|
44
|
+
ensure
|
|
45
|
+
remove_sg
|
|
46
|
+
delete_sg
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def close
|
|
52
|
+
begin
|
|
53
|
+
@sg = Yao::SecurityGroup.get(sg_name)
|
|
54
|
+
remove_sg
|
|
55
|
+
delete_sg
|
|
56
|
+
|
|
57
|
+
rescue => e
|
|
58
|
+
p e
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
private
|
|
63
|
+
def rule
|
|
64
|
+
{
|
|
65
|
+
direction: "ingress",
|
|
66
|
+
port_range_min: 22,
|
|
67
|
+
port_range_max: 22,
|
|
68
|
+
ethertype: "IPv4",
|
|
69
|
+
protocol: "tcp",
|
|
70
|
+
security_group_id: @sg.id,
|
|
71
|
+
tenant_id: @tenant_id,
|
|
72
|
+
remote_ip_prefix: "#{@ip}/32"
|
|
73
|
+
}
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def sg_name
|
|
77
|
+
"kanmon-server:#{@server.id}-user:#{ENV['OS_USERNAME']}"
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
end
|
data/lib/kanmon/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kanmon
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Yuki Koya
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-08-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: yao
|
|
@@ -103,6 +103,7 @@ files:
|
|
|
103
103
|
- lib/kanmon/cli.rb
|
|
104
104
|
- lib/kanmon/myip.rb
|
|
105
105
|
- lib/kanmon/securitygroup.rb
|
|
106
|
+
- lib/kanmon/server.rb
|
|
106
107
|
- lib/kanmon/version.rb
|
|
107
108
|
homepage: https://github.com/buty4649/kanmon/
|
|
108
109
|
licenses: []
|