kelbim 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 7eedb5e0c3b9983991baaaacd8233fe41d9ed137
+  data.tar.gz: 73b2b07df5e2219bfaaf81c9d0d39b9b56d363eb
+SHA512:
+  metadata.gz: 6aa83ac6a4a98111e0f3816c15d200236256bbe6cff68c24087be96c11b27da1952e1b7f7e9dd66ecc91f2a73b3c4e43430c59ac1b87927cb87bcf5705f59f07
+  data.tar.gz: 430af7b5270717adddd3cd7452f15e392cb118c845b5db5930a9097c458740233d1d14583ba88affbd4d655562c1d01977b03d307fb003c3eb559b0e081ae160

data/README.md

@@ -0,0 +1,104 @@
+# Kelbim
+
+Kelbim is a tool to manage ELB.
+
+It defines the state of ELB using DSL, and updates ELB according to DSL.
+
+**Attention! This is the alpha version!**
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'kelbim'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install kelbim
+
+## Usage
+
+```sh
+export AWS_ACCESS_KEY_ID='...'
+export AWS_SECRET_ACCESS_KEY='...'
+export AWS_REGION='ap-northeast-1'
+kelbim -e -o ELBfile  # export EKB
+vi ELB
+kelbim -a --dry-run
+kelbim -a             # apply `ELBfile` to ELB
+```
+
+## ELBfile example
+
+```ruby
+require 'other/elbfile'
+
+# EC2 Classic
+ec2 do
+  load_balancer "my-load-balancer" do
+    instances(
+      "cthulhu",
+      "nyar",
+    )
+
+    listeners do
+      listener [:http, 80] => [:http, 80]
+    end
+
+    health_check do
+      target "HTTP:80/index.html"
+      timeout 5
+      interval 30
+      healthy_threshold 10
+      unhealthy_threshold 2
+    end
+
+    availability_zones(
+      "ap-northeast-1a",
+      "ap-northeast-1b"
+    )
+  end
+end
+
+# EC2 VPC
+ec2 "vpc-XXXXXXXXX" do
+  load_balancer "my-load-balancer", :internal => true do
+    instances(
+      "nyar",
+      "yog"
+    )
+
+    listeners do
+      listener [:tcp, 80] => [:tcp, 80]
+      listener [:https, 443] => [:http, 80] do
+        app_cookie_stickiness "CookieName"=>"20"
+        ssl_negotiation ["Protocol-TLSv1", "Protocol-SSLv3", "AES256-SHA", ...]
+        server_certificate "my-cert"
+      end
+    end
+
+    health_check do
+      target "TCP:80"
+      timeout 5
+      interval 30
+      healthy_threshold 10
+      unhealthy_threshold 2
+    end
+
+    subnets(
+      "subnet-XXXXXXXX"
+    )
+
+    security_groups(
+      "default"
+    )
+  end
+end
+```
+
+## Link
+* [RubyGems.org site](http://rubygems.org/gems/kelbim)

data/bin/kelbim

@@ -0,0 +1,138 @@
+#!/usr/bin/env ruby
+$: << File.expand_path("#{File.dirname __FILE__}/../lib")
+require 'rubygems'
+require 'kelbim'
+require 'optparse'
+
+DEFAULT_FILENAME = 'ELBfile'
+
+mode = nil
+file = DEFAULT_FILENAME
+output_file = '-'
+split = false
+
+options = {
+  :dry_run     => false,
+  :color       => true,
+  :debug       => false,
+}
+
+ARGV.options do |opt|
+  begin
+    access_key = nil
+    secret_key = nil
+    region = nil
+
+    opt.on('-k', '--access-key ACCESS_KEY') {|v| access_key                   = v       }
+    opt.on('-s', '--secret-key SECRET_KEY') {|v| secret_key                   = v       }
+    opt.on('-r', '--region REGION')         {|v| region                       = v       }
+    opt.on('-a', '--apply')                 {|v| mode                         = :apply  }
+    opt.on('-f', '--file FILE')             {|v| file                         = v       }
+    opt.on('',   '--dry-run')               {|v| options[:dry_run]            = true    }
+    opt.on('-e', '--export')                {|v| mode                         = :export }
+    opt.on('-o', '--output FILE')           {|v| output_file                  = v       }
+    opt.on('',   '--split')                 {|v| split                        = true    }
+    opt.on('-t', '--test')                  {|v| mode                         = :test   }
+    opt.on(''  , '--no-color')              {    options[:color]              = false   }
+    opt.on(''  , '--debug')                 {    options[:debug]              = true    }
+    opt.parse!
+
+    if access_key and secret_key
+      aws_opts = {
+        :access_key_id     => access_key,
+        :secret_access_key => secret_key,
+      }
+      aws_opts[:region] = region if region
+      AWS.config(aws_opts)
+    elsif (access_key and !secret_key) or (!access_key and secret_key) or mode.nil?
+      puts opt.help
+      exit 1
+    end
+  rescue => e
+    $stderr.puts("[ERROR] #{e.message}")
+    exit 1
+  end
+end
+
+String.colorize = options[:color]
+
+if options[:debug]
+  AWS.config({
+    :http_wire_trace => true,
+    :logger => Kelbim::Logger.instance,
+  })
+end
+
+begin
+  logger = Kelbim::Logger.instance
+  logger.set_debug(options[:debug])
+  client = Kelbim::Client.new(options)
+
+  case mode
+  when :export
+    if split
+      logger.info('Export ELB')
+
+      output_file = DEFAULT_FILENAME if output_file == '-'
+      requires = []
+
+      client.export do |exported, converter|
+        exported.each do |vpc, elbs|
+          elb_file = File.join(File.dirname(output_file), "#{vpc || :classic}.elb")
+          requires << elb_file
+
+          logger.info("  write `#{elb_file}`")
+
+          open(elb_file, 'wb') do |f|
+            f.puts converter.call(vpc => elbs)
+          end
+        end
+      end
+
+      logger.info("  write `#{output_file}`")
+
+      open(output_file, 'wb') do |f|
+        requires.each do |elb_file|
+          f.puts "require '#{File.basename elb_file}'"
+        end
+      end
+    else
+      if output_file == '-'
+        logger.info('# Export ELB')
+        puts client.export
+      else
+        logger.info("Export ELB to `#{output_file}`")
+        open(output_file, 'wb') {|f| f.puts client.export }
+      end
+    end
+  when :apply
+    unless File.exist?(file)
+      raise "No ELBfile found (looking for: #{file})"
+    end
+
+    msg = "Apply `#{file}` to ELB"
+    msg << ' (dry-run)' if options[:dry_run]
+    logger.info(msg)
+
+    updated = client.apply(file)
+
+    logger.info('No change'.intense_blue) unless updated
+  when :test
+    unless File.exist?(file)
+      raise "No ELBfile found (looking for: #{file})"
+    end
+
+    logger.info("Test `#{file}`")
+    # XXX:
+    client.test(file)
+  else
+    raise 'must not happen'
+  end
+rescue => e
+  if options[:debug]
+    raise e
+  else
+    $stderr.puts("[ERROR] #{e.message}".red)
+    exit 1
+  end
+end

data/lib/kelbim/client.rb

@@ -0,0 +1,217 @@
+require 'aws-sdk'
+require 'kelbim/dsl'
+require 'kelbim/exporter'
+require 'kelbim/ext/ec2-ext'
+require 'kelbim/ext/elb-load-balancer-ext'
+require 'kelbim/policy-types'
+require 'kelbim/wrapper/elb-wrapper'
+require 'kelbim/logger'
+
+module Kelbim
+  class Client
+    include Logger::ClientHelper
+
+    def initialize(options = {})
+      @options = OpenStruct.new(options)
+      @options.elb = AWS::ELB.new
+      @options.ec2 = AWS::EC2.new
+      @options.iam = AWS::IAM.new
+    end
+
+    def apply(file)
+      AWS.memoize { walk(file) }
+    end
+
+    def test(file)
+      # XXX:
+    end
+
+    def export
+      exported = nil
+      instance_names = nil
+
+      AWS.memoize do
+        exported = Exporter.export(@options.elb)
+        instance_names = @options.ec2.instance_names
+      end
+
+      if block_given?
+        converter = proc do |src|
+          DSL.convert(src, instance_names)
+        end
+
+        yield(exported, converter)
+      else
+        DSL.convert(exported, instance_names)
+      end
+    end
+
+    private
+    def load_file(file)
+      if file.kind_of?(String)
+        open(file) do |f|
+          DSL.define(f.read, file).result
+        end
+      elsif file.respond_to?(:read)
+        DSL.define(file.read, file.path).result
+      else
+        raise TypeError, "can't convert #{file} into File"
+      end
+    end
+
+    def walk(file)
+      dsl = load_file(file)
+
+      dsl_ec2s = dsl.ec2s
+      elb = ELBWrapper.new(@options.elb, @options)
+
+      aws_ec2s = collect_to_hash(elb.load_balancers, :has_many => true) do |item|
+        item.vpc_id
+      end
+
+      dsl_ec2s.each do |vpc, ec2_dsl|
+        ec2_aws = aws_ec2s[vpc]
+
+        if ec2_aws
+          walk_ec2(vpc, ec2_dsl, ec2_aws, elb.load_balancers)
+        else
+          log(:warn, "EC2 `#{vpc || :classic}` is not found", :yellow)
+        end
+      end
+
+      elb.updated?
+    end
+
+    def walk_ec2(vpc, ec2_dsl, ec2_aws, collection_api)
+      lb_list_dsl = collect_to_hash(ec2_dsl.load_balancers, :name)
+      lb_list_aws = collect_to_hash(ec2_aws, :name)
+
+      lb_list_dsl.each do |key, lb_dsl|
+        name = key[0]
+        lb_aws = lb_list_aws[key]
+
+        unless lb_aws
+          lb_aws = collection_api.create(lb_dsl, vpc)
+          lb_list_aws[key] = lb_aws
+        end
+      end
+
+      lb_list_dsl.each do |key, lb_dsl|
+        lb_aws = lb_list_aws.delete(key)
+        walk_load_balancer(lb_dsl, lb_aws)
+      end
+
+      lb_list_aws.each do |key, lb_aws|
+        lb_aws.delete
+      end
+    end
+
+    def walk_load_balancer(load_balancer_dsl, load_balancer_aws)
+      unless load_balancer_aws.eql?(load_balancer_dsl)
+        load_balancer_aws.update(load_balancer_dsl)
+      end
+
+      lstnr_list_dsl = collect_to_hash(load_balancer_dsl.listeners, :port)
+      listeners = load_balancer_aws.listeners
+      lstnr_list_aws = collect_to_hash(listeners, :port)
+
+      walk_listeners(lstnr_list_dsl, lstnr_list_aws, listeners)
+    end
+
+    def walk_listeners(listeners_dsl, listeners_aws, collection_api)
+      listeners_dsl.each do |key, lstnr_dsl|
+        lstnr_aws = listeners_aws[key]
+
+        unless lstnr_aws
+          lstnr_aws = collection_api.create(lstnr_dsl)
+          listeners_aws[key] = lstnr_aws
+        end
+      end
+
+      listeners_dsl.each do |key, lstnr_dsl|
+        lstnr_aws = listeners_aws.delete(key)
+        walk_listener(lstnr_dsl, lstnr_aws, collection_api)
+      end
+
+      listeners_aws.each do |key, lstnr_aws|
+        lstnr_aws.delete
+      end
+    end
+
+    def walk_listener(listener_dsl, listener_aws, collection_api)
+      unless listener_aws.eql?(listener_dsl)
+        if listener_aws.has_difference_protocol_port?(listener_dsl)
+          listener_aws.delete
+          listener_aws = collection_api.create(listener_dsl)
+        else
+          listener_aws.update(listener_dsl)
+        end
+      end
+
+      plcy_list_dsl = collect_to_hash(listener_dsl.policies) do |policy_type, name_or_attrs|
+        [PolicyTypes.symbol_to_string(policy_type)]
+      end
+
+      policies = listener_aws.policies
+      plcy_list_aws = collect_to_hash(policies, :type)
+
+      walk_policies(listener_aws, plcy_list_dsl, plcy_list_aws, policies)
+    end
+
+    def walk_policies(listener, policies_dsl, policies_aws, collection_api)
+      orig_policy_names = policies_aws.map {|k, v| v.name }
+      new_policies = []
+      old_policies = []
+
+      policies_dsl.each do |key, plcy_dsl|
+        unless policies_aws[key]
+          new_policies << collection_api.create(plcy_dsl)
+        end
+      end
+
+      policies_dsl.each do |key, plcy_dsl|
+        plcy_aws = policies_aws.delete(key)
+        next unless plcy_aws
+
+        if plcy_aws.eql?(plcy_dsl)
+          new_policies << plcy_aws
+        else
+          new_policies << collection_api.create(plcy_dsl)
+          old_policies << plcy_aws
+        end
+      end
+
+      policies_aws.each do |key, plcy_aws|
+        old_policies << plcy_aws
+      end
+
+      if not new_policies.empty? and orig_policy_names.sort != new_policies.map {|i| i.name }.sort
+        listener.policies = new_policies
+
+        unless @options.without_deleting_policy
+          old_policies.each do |plcy_aws|
+            plcy_aws.delete
+          end
+        end
+      end
+    end
+
+    def collect_to_hash(collection, *key_attrs)
+      options = key_attrs.last.kind_of?(Hash) ? key_attrs.pop : {}
+      hash = {}
+
+      collection.each do |item|
+        key = block_given? ? yield(item) : key_attrs.map {|k| item.send(k) }
+
+        if options[:has_many]
+          hash[key] ||= []
+          hash[key] << item
+        else
+          hash[key] = item
+        end
+      end
+
+      return hash
+    end
+  end # Client
+end # Kelbim

data/lib/kelbim/dsl/checker.rb

@@ -0,0 +1,65 @@
+module Kelbim
+  class DSL
+    module Checker
+      private
+      def required(name, value)
+        invalid = false
+
+        if value
+          case value
+          when String
+            invalid = value.strip.empty?
+          when Array, Hash
+            invalid = value.empty?
+          end
+        else
+          invalid = true
+        end
+
+        raise __identify("`#{name}` is required") if invalid
+      end
+
+      def expected_type(value, *types)
+        unless types.any? {|t| value.kind_of?(t) }
+          raise __identify("Invalid type: #{value}")
+        end
+      end
+
+      def expected_length(value, length)
+        if value.length != length
+          raise __identify("Invalid length: #{value}")
+        end
+      end
+
+      def expected_value(value, *list)
+        unless list.any? {|i| value == i }
+          raise __identify("Invalid value: #{value}")
+        end
+      end
+
+      def not_include(value, list)
+        if list.include?(value)
+          raise __identify("`#{value}` is already included")
+        end
+      end
+
+      def call_once(method_name)
+        @called ||= []
+
+        if @called.include?(method_name)
+          raise __identify("`#{method_name}` is already defined")
+        end
+
+        @called << method_name
+      end
+
+      def __identify(errmsg)
+        if @error_identifier
+          errmsg = "#{@error_identifier}: #{errmsg}"
+        end
+
+        return errmsg
+      end
+    end # Checker
+  end # DSL
+end # Kelbim

data/lib/kelbim/dsl/converter.rb

@@ -0,0 +1,177 @@
+require 'kelbim/policy-types'
+
+module Kelbim
+  class DSL
+    class Converter
+      class << self
+        def convert(exported, instance_names)
+          self.new(exported, instance_names).convert
+        end
+      end # of class methods
+
+      def initialize(exported, instance_names)
+        @exported = exported
+        @instance_names = instance_names
+      end
+
+      def convert
+        @exported.each.map {|vpc, load_balancers|
+          output_ec2(vpc, load_balancers)
+        }.join("\n")
+      end
+
+      private
+      def output_ec2(vpc, load_balancers)
+        arg_vpc = vpc ? vpc.inspect + ' ' : ''
+        load_balancers = load_balancers.map {|name, load_balancer|
+          output_load_balancer(vpc, name, load_balancer)
+        }.join("\n").strip
+
+        <<-EOS
+ec2 #{arg_vpc}do
+  #{load_balancers}
+end
+        EOS
+      end
+
+      def output_load_balancer(vpc, name, load_balancer)
+        name = name.inspect
+        internal = (load_balancer[:scheme] == 'internal') ? ', :internal => true ' : ' '
+        instances = output_instances(load_balancer[:instances], vpc).strip
+        listeners = output_listeners(load_balancer[:listeners]).strip
+        health_check = output_health_check(load_balancer[:health_check]).strip
+        dns_name = load_balancer[:dns_name]
+
+        out = <<-EOS
+  load_balancer #{name}#{internal}do
+    #test do
+    #  #host = #{dns_name.inspect}
+    #  #expect(Net::HTTP.start(host, 80).get("/")).to be_a(Net::HTTPOK)
+    #end
+
+    #{instances}
+
+    #{listeners}
+
+    #{health_check}
+        EOS
+
+        if vpc
+          subnets = load_balancer[:subnets]
+          subnets = subnets.map {|i| i.inspect }.join(",\n      ")
+
+          out << "\n"
+          out.concat(<<-EOS)
+    subnets(
+      #{subnets}
+    )
+          EOS
+
+          security_groups = load_balancer[:security_groups]
+          security_groups = security_groups.map {|i| i.inspect }.join(",\n      ")
+
+          out << "\n"
+          out.concat(<<-EOS)
+    security_groups(
+      #{security_groups}
+    )
+          EOS
+        else
+          availability_zones = load_balancer[:availability_zones]
+          availability_zones = availability_zones.map {|i| i.inspect }.join(",\n      ")
+
+          out << "\n"
+          out.concat(<<-EOS)
+    availability_zones(
+      #{availability_zones}
+    )
+          EOS
+        end
+
+        out << "  end\n"
+        return out
+      end
+
+      def output_instances(instances, vpc)
+        if instances.empty?
+          instances = '# not registered'
+        else
+          instance_id_names = @instance_names[vpc] || {}
+
+          instances = instances.map {|instance_id|
+            instance_id_names.fetch(instance_id, instance_id).inspect
+          }.join(",\n      ")
+        end
+
+        <<-EOS
+    instances(
+      #{instances}
+    )
+        EOS
+      end
+
+      def output_listeners(listeners)
+        items = listeners.map {|listener|
+          output_listener(listener).strip
+        }.join("\n      ")
+
+        <<-EOS
+    listeners do
+      #{items}
+    end
+        EOS
+      end
+
+      def output_listener(listener)
+        protocol = listener[:protocol].inspect
+        port = listener[:port]
+        instance_protocol = listener[:instance_protocol].inspect
+        instance_port = listener[:instance_port]
+        policies = listener[:policies]
+        server_certificate = listener[:server_certificate]
+
+        out = "listener [#{protocol}, #{port}] => [#{instance_protocol}, #{instance_port}]"
+
+        if policies.empty? and server_certificate.nil?
+          return out
+        end
+
+        out << " do\n"
+
+        unless policies.empty?
+          policies_dsl = policies.map {|policy|
+            PolicyTypes.convert_to_dsl(policy)
+          }.join("\n        ")
+
+          out << "        #{policies_dsl}\n"
+        end
+
+        if server_certificate
+          out << "        server_certificate #{server_certificate.name.inspect}\n"
+        end
+
+        out << "      end"
+
+        return out
+      end
+
+      def output_health_check(health_check)
+        target = health_check[:target].inspect
+        timeout = health_check[:timeout]
+        interval = health_check[:interval]
+        healthy_threshold = health_check[:healthy_threshold]
+        unhealthy_threshold = health_check[:unhealthy_threshold]
+
+        <<-EOS
+    health_check do
+      target #{target}
+      timeout #{timeout}
+      interval #{interval}
+      healthy_threshold #{healthy_threshold}
+      unhealthy_threshold #{unhealthy_threshold}
+    end
+        EOS
+      end
+    end # Converter
+  end # DSL
+end # Kelbim