lucid-cumulus 0.11.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- data/.gitignore +3 -0
- data/.travis.yml +11 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +29 -0
- data/LICENSE +202 -0
- data/README.md +41 -0
- data/autocomplete +137 -0
- data/bin/cumulus +658 -0
- data/cumulus +2 -0
- data/lib/autoscaling/AutoScaling.rb +40 -0
- data/lib/autoscaling/loader/Loader.rb +56 -0
- data/lib/autoscaling/manager/Manager.rb +360 -0
- data/lib/autoscaling/models/AlarmConfig.rb +165 -0
- data/lib/autoscaling/models/AlarmDiff.rb +172 -0
- data/lib/autoscaling/models/AutoScalingDiff.rb +178 -0
- data/lib/autoscaling/models/GroupConfig.rb +330 -0
- data/lib/autoscaling/models/PolicyConfig.rb +135 -0
- data/lib/autoscaling/models/PolicyDiff.rb +73 -0
- data/lib/autoscaling/models/ScheduledActionDiff.rb +53 -0
- data/lib/autoscaling/models/ScheduledConfig.rb +96 -0
- data/lib/aws_extensions/ec2/DhcpOptions.rb +41 -0
- data/lib/aws_extensions/ec2/Instance.rb +29 -0
- data/lib/aws_extensions/ec2/NetworkAcl.rb +25 -0
- data/lib/aws_extensions/ec2/NetworkInterface.rb +14 -0
- data/lib/aws_extensions/ec2/RouteTable.rb +26 -0
- data/lib/aws_extensions/ec2/SecurityGroup.rb +16 -0
- data/lib/aws_extensions/ec2/Subnet.rb +28 -0
- data/lib/aws_extensions/ec2/Volume.rb +24 -0
- data/lib/aws_extensions/ec2/Vpc.rb +14 -0
- data/lib/aws_extensions/ec2/VpcEndpoint.rb +11 -0
- data/lib/aws_extensions/elb/BackendServerDescription.rb +12 -0
- data/lib/aws_extensions/elb/PolicyDescription.rb +14 -0
- data/lib/aws_extensions/kinesis/StreamDescription.rb +12 -0
- data/lib/aws_extensions/route53/AliasTarget.rb +21 -0
- data/lib/aws_extensions/s3/Bucket.rb +33 -0
- data/lib/aws_extensions/s3/BucketAcl.rb +28 -0
- data/lib/aws_extensions/s3/BucketCors.rb +17 -0
- data/lib/aws_extensions/s3/BucketLifecycle.rb +21 -0
- data/lib/aws_extensions/s3/BucketLogging.rb +18 -0
- data/lib/aws_extensions/s3/BucketNotification.rb +23 -0
- data/lib/aws_extensions/s3/BucketPolicy.rb +18 -0
- data/lib/aws_extensions/s3/BucketTagging.rb +15 -0
- data/lib/aws_extensions/s3/BucketVersioning.rb +14 -0
- data/lib/aws_extensions/s3/BucketWebsite.rb +49 -0
- data/lib/aws_extensions/s3/CORSRule.rb +27 -0
- data/lib/aws_extensions/s3/ReplicationConfiguration.rb +22 -0
- data/lib/cloudfront/CloudFront.rb +83 -0
- data/lib/cloudfront/loader/Loader.rb +31 -0
- data/lib/cloudfront/manager/Manager.rb +183 -0
- data/lib/cloudfront/models/CacheBehaviorConfig.rb +237 -0
- data/lib/cloudfront/models/CacheBehaviorDiff.rb +211 -0
- data/lib/cloudfront/models/CustomOriginConfig.rb +51 -0
- data/lib/cloudfront/models/CustomOriginDiff.rb +74 -0
- data/lib/cloudfront/models/DistributionConfig.rb +183 -0
- data/lib/cloudfront/models/DistributionDiff.rb +131 -0
- data/lib/cloudfront/models/InvalidationConfig.rb +37 -0
- data/lib/cloudfront/models/OriginConfig.rb +144 -0
- data/lib/cloudfront/models/OriginDiff.rb +86 -0
- data/lib/cloudfront/models/OriginSslProtocols.rb +28 -0
- data/lib/cloudfront/models/OriginSslProtocolsDiff.rb +39 -0
- data/lib/common/BaseLoader.rb +80 -0
- data/lib/common/manager/Manager.rb +148 -0
- data/lib/common/models/Diff.rb +114 -0
- data/lib/common/models/ListChange.rb +21 -0
- data/lib/common/models/TagsDiff.rb +55 -0
- data/lib/common/models/UTCTimeSource.rb +17 -0
- data/lib/conf/Configuration.rb +365 -0
- data/lib/ec2/EC2.rb +503 -0
- data/lib/ec2/IPProtocolMapping.rb +165 -0
- data/lib/ec2/loaders/EbsLoader.rb +19 -0
- data/lib/ec2/loaders/InstanceLoader.rb +32 -0
- data/lib/ec2/managers/EbsManager.rb +176 -0
- data/lib/ec2/managers/InstanceManager.rb +509 -0
- data/lib/ec2/models/EbsGroupConfig.rb +133 -0
- data/lib/ec2/models/EbsGroupDiff.rb +48 -0
- data/lib/ec2/models/InstanceConfig.rb +202 -0
- data/lib/ec2/models/InstanceDiff.rb +95 -0
- data/lib/elb/ELB.rb +148 -0
- data/lib/elb/loader/Loader.rb +65 -0
- data/lib/elb/manager/Manager.rb +581 -0
- data/lib/elb/models/AccessLogConfig.rb +82 -0
- data/lib/elb/models/AccessLogDiff.rb +47 -0
- data/lib/elb/models/HealthCheckConfig.rb +91 -0
- data/lib/elb/models/HealthCheckDiff.rb +50 -0
- data/lib/elb/models/ListenerConfig.rb +99 -0
- data/lib/elb/models/ListenerDiff.rb +91 -0
- data/lib/elb/models/LoadBalancerConfig.rb +239 -0
- data/lib/elb/models/LoadBalancerDiff.rb +265 -0
- data/lib/iam/IAM.rb +36 -0
- data/lib/iam/loader/Loader.rb +117 -0
- data/lib/iam/manager/IamGroups.rb +98 -0
- data/lib/iam/manager/IamResource.rb +288 -0
- data/lib/iam/manager/IamRoles.rb +112 -0
- data/lib/iam/manager/IamUsers.rb +54 -0
- data/lib/iam/manager/Manager.rb +29 -0
- data/lib/iam/migration/AssumeRoleUnifier.rb +34 -0
- data/lib/iam/migration/PolicyUnifier.rb +90 -0
- data/lib/iam/models/GroupConfig.rb +40 -0
- data/lib/iam/models/IamDiff.rb +132 -0
- data/lib/iam/models/PolicyConfig.rb +67 -0
- data/lib/iam/models/ResourceWithPolicy.rb +208 -0
- data/lib/iam/models/RoleConfig.rb +53 -0
- data/lib/iam/models/StatementConfig.rb +35 -0
- data/lib/iam/models/UserConfig.rb +21 -0
- data/lib/kinesis/Kinesis.rb +94 -0
- data/lib/kinesis/loader/Loader.rb +19 -0
- data/lib/kinesis/manager/Manager.rb +206 -0
- data/lib/kinesis/models/StreamConfig.rb +75 -0
- data/lib/kinesis/models/StreamDiff.rb +58 -0
- data/lib/lambda/Lambda.rb +41 -0
- data/lib/route53/loader/Loader.rb +32 -0
- data/lib/route53/manager/Manager.rb +241 -0
- data/lib/route53/models/AliasTarget.rb +86 -0
- data/lib/route53/models/RecordConfig.rb +178 -0
- data/lib/route53/models/RecordDiff.rb +140 -0
- data/lib/route53/models/Vpc.rb +24 -0
- data/lib/route53/models/ZoneConfig.rb +156 -0
- data/lib/route53/models/ZoneDiff.rb +118 -0
- data/lib/s3/S3.rb +89 -0
- data/lib/s3/loader/Loader.rb +66 -0
- data/lib/s3/manager/Manager.rb +296 -0
- data/lib/s3/models/BucketConfig.rb +321 -0
- data/lib/s3/models/BucketDiff.rb +167 -0
- data/lib/s3/models/GrantConfig.rb +189 -0
- data/lib/s3/models/GrantDiff.rb +50 -0
- data/lib/s3/models/LifecycleConfig.rb +142 -0
- data/lib/s3/models/LifecycleDiff.rb +46 -0
- data/lib/s3/models/LoggingConfig.rb +81 -0
- data/lib/s3/models/NotificationConfig.rb +157 -0
- data/lib/s3/models/NotificationDiff.rb +62 -0
- data/lib/s3/models/ReplicationConfig.rb +133 -0
- data/lib/s3/models/ReplicationDiff.rb +60 -0
- data/lib/s3/models/WebsiteConfig.rb +107 -0
- data/lib/security/SecurityGroups.rb +39 -0
- data/lib/security/loader/Loader.rb +94 -0
- data/lib/security/manager/Manager.rb +246 -0
- data/lib/security/models/RuleConfig.rb +161 -0
- data/lib/security/models/RuleDiff.rb +72 -0
- data/lib/security/models/RuleMigration.rb +127 -0
- data/lib/security/models/SecurityGroupConfig.rb +172 -0
- data/lib/security/models/SecurityGroupDiff.rb +112 -0
- data/lib/sns/SNS.rb +40 -0
- data/lib/sqs/SQS.rb +62 -0
- data/lib/sqs/loader/Loader.rb +34 -0
- data/lib/sqs/manager/Manager.rb +128 -0
- data/lib/sqs/models/DeadLetterConfig.rb +70 -0
- data/lib/sqs/models/DeadLetterDiff.rb +35 -0
- data/lib/sqs/models/QueueConfig.rb +115 -0
- data/lib/sqs/models/QueueDiff.rb +89 -0
- data/lib/util/Colors.rb +111 -0
- data/lib/util/StatusCodes.rb +51 -0
- data/lib/vpc/loader/Loader.rb +73 -0
- data/lib/vpc/manager/Manager.rb +954 -0
- data/lib/vpc/models/AclEntryConfig.rb +150 -0
- data/lib/vpc/models/AclEntryDiff.rb +54 -0
- data/lib/vpc/models/DhcpConfig.rb +100 -0
- data/lib/vpc/models/DhcpDiff.rb +90 -0
- data/lib/vpc/models/EndpointConfig.rb +76 -0
- data/lib/vpc/models/EndpointDiff.rb +69 -0
- data/lib/vpc/models/NetworkAclConfig.rb +87 -0
- data/lib/vpc/models/NetworkAclDiff.rb +116 -0
- data/lib/vpc/models/RouteConfig.rb +82 -0
- data/lib/vpc/models/RouteDiff.rb +50 -0
- data/lib/vpc/models/RouteTableConfig.rb +92 -0
- data/lib/vpc/models/RouteTableDiff.rb +101 -0
- data/lib/vpc/models/SubnetConfig.rb +113 -0
- data/lib/vpc/models/SubnetDiff.rb +78 -0
- data/lib/vpc/models/VpcConfig.rb +173 -0
- data/lib/vpc/models/VpcDiff.rb +315 -0
- data/lucid-cumulus.gemspec +20 -0
- data/rakefile.rb +8 -0
- metadata +245 -0
@@ -0,0 +1,69 @@
|
|
1
|
+
require "common/models/Diff"
|
2
|
+
require "common/models/ListChange"
|
3
|
+
require "util/Colors"
|
4
|
+
|
5
|
+
require "json"
|
6
|
+
|
7
|
+
module Cumulus
|
8
|
+
module VPC
|
9
|
+
# Public: The types of changes that can be made to the endpoint
|
10
|
+
module EndpointChange
|
11
|
+
include Common::DiffChange
|
12
|
+
|
13
|
+
POLICY = Common::DiffChange.next_change_id
|
14
|
+
ROUTE_TABLES = Common::DiffChange.next_change_id
|
15
|
+
end
|
16
|
+
|
17
|
+
# Public: Represents a single difference between local configuration and AWS configuration
|
18
|
+
class EndpointDiff < Common::Diff
|
19
|
+
include EndpointChange
|
20
|
+
|
21
|
+
def self.route_tables(aws, local)
|
22
|
+
changes = Common::ListChange.simple_list_diff(aws, local)
|
23
|
+
if changes
|
24
|
+
diff = EndpointDiff.new(ROUTE_TABLES, aws, local)
|
25
|
+
diff.changes = changes
|
26
|
+
diff
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def self.policy(aws, local)
|
31
|
+
if aws != local
|
32
|
+
diff = EndpointDiff.new(POLICY, aws, local)
|
33
|
+
diff
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
def asset_type
|
38
|
+
"Endpoint"
|
39
|
+
end
|
40
|
+
|
41
|
+
def aws_name
|
42
|
+
@aws.service_name
|
43
|
+
end
|
44
|
+
|
45
|
+
def diff_string
|
46
|
+
case @type
|
47
|
+
when POLICY
|
48
|
+
[
|
49
|
+
"Policy Statement:",
|
50
|
+
Colors.unmanaged([
|
51
|
+
"\tRemoving:",
|
52
|
+
JSON.pretty_generate(aws).lines.map { |l| "\t\t#{l}".chomp("\n") }
|
53
|
+
].join("\n")),
|
54
|
+
Colors.added([
|
55
|
+
"\tAdding:",
|
56
|
+
JSON.pretty_generate(local).lines.map { |l| "\t\t#{l}".chomp("\n") }
|
57
|
+
].join("\n"))
|
58
|
+
].join("\n")
|
59
|
+
when ROUTE_TABLES
|
60
|
+
[
|
61
|
+
"Route Tables:",
|
62
|
+
@changes.removed.map { |d| Colors.unmanaged("\t#{d}") },
|
63
|
+
@changes.added.map { |d| Colors.added("\t#{d}") },
|
64
|
+
].flatten.join("\n")
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
@@ -0,0 +1,87 @@
|
|
1
|
+
require "conf/Configuration"
|
2
|
+
require "vpc/models/AclEntryConfig"
|
3
|
+
require "ec2/EC2"
|
4
|
+
|
5
|
+
require "json"
|
6
|
+
|
7
|
+
module Cumulus
|
8
|
+
module VPC
|
9
|
+
|
10
|
+
# Public: An object representing configuration for a VPC Network ACL
|
11
|
+
class NetworkAclConfig
|
12
|
+
attr_reader :inbound
|
13
|
+
attr_reader :outbound
|
14
|
+
attr_reader :tags
|
15
|
+
attr_reader :name
|
16
|
+
|
17
|
+
# Public: Constructor
|
18
|
+
#
|
19
|
+
# name - the name of the network acl config
|
20
|
+
# json - a hash containing the JSON configuration for the Network ACL
|
21
|
+
def initialize(name, json = nil)
|
22
|
+
@name = name
|
23
|
+
if !json.nil?
|
24
|
+
@inbound = (json["inbound"] || []).map { |entry| AclEntryConfig.new(entry) }
|
25
|
+
@outbound = (json["outbound"] || []).map { |entry| AclEntryConfig.new(entry) }
|
26
|
+
@tags = json["tags"] || {}
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def to_hash
|
31
|
+
{
|
32
|
+
"inbound" => @inbound.map(&:to_hash),
|
33
|
+
"outbound" => @outbound.map(&:to_hash),
|
34
|
+
"tags" => @tags
|
35
|
+
}.reject { |k, v| v.nil? }
|
36
|
+
end
|
37
|
+
|
38
|
+
def populate!(aws)
|
39
|
+
@inbound = aws.diffable_entries.select { |entry| !entry.egress }
|
40
|
+
.map { |entry| AclEntryConfig.new().populate!(entry) }
|
41
|
+
.sort_by!(&:rule)
|
42
|
+
@outbound = aws.diffable_entries.select { |entry| entry.egress }
|
43
|
+
.map { |entry| AclEntryConfig.new().populate!(entry) }
|
44
|
+
.sort_by!(&:rule)
|
45
|
+
@tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
46
|
+
|
47
|
+
# If there is not a name then add a name tag using the given name
|
48
|
+
if !@tags["Name"]
|
49
|
+
puts "Network ACL #{aws.network_acl_id} does not have a Name defined. Cumulus will use #{name} as the name when migrated."
|
50
|
+
@tags["Name"] = @name
|
51
|
+
end
|
52
|
+
|
53
|
+
self
|
54
|
+
end
|
55
|
+
|
56
|
+
# Public: Produce an array of differences between this local configuration and the
|
57
|
+
# configuration in AWS
|
58
|
+
#
|
59
|
+
# aws - the AWS resource
|
60
|
+
#
|
61
|
+
# Returns an array of the NetworkAclDiffs that were found
|
62
|
+
def diff(aws)
|
63
|
+
diffs = []
|
64
|
+
|
65
|
+
aws_inbound = aws.diffable_entries.select { |entry| !entry.egress }
|
66
|
+
inbound_diff = NetworkAclDiff.entries(NetworkAclChange::INBOUND, aws_inbound, @inbound)
|
67
|
+
if inbound_diff
|
68
|
+
diffs << inbound_diff
|
69
|
+
end
|
70
|
+
|
71
|
+
aws_outbound = aws.diffable_entries.select { |entry| entry.egress }
|
72
|
+
outbound_diff = NetworkAclDiff.entries(NetworkAclChange::OUTBOUND, aws_outbound, @outbound)
|
73
|
+
if outbound_diff
|
74
|
+
diffs << outbound_diff
|
75
|
+
end
|
76
|
+
|
77
|
+
aws_tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
78
|
+
if @tags != aws_tags
|
79
|
+
diffs << NetworkAclDiff.new(NetworkAclChange::TAGS, aws_tags, @tags)
|
80
|
+
end
|
81
|
+
|
82
|
+
diffs
|
83
|
+
end
|
84
|
+
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
@@ -0,0 +1,116 @@
|
|
1
|
+
require "common/models/Diff"
|
2
|
+
require "common/models/ListChange"
|
3
|
+
require "common/models/TagsDiff"
|
4
|
+
require "vpc/models/AclEntryDiff"
|
5
|
+
require "util/Colors"
|
6
|
+
|
7
|
+
require "json"
|
8
|
+
|
9
|
+
module Cumulus
|
10
|
+
module VPC
|
11
|
+
# Public: The types of changes that can be made to the network acl
|
12
|
+
module NetworkAclChange
|
13
|
+
include Common::DiffChange
|
14
|
+
|
15
|
+
INBOUND = Common::DiffChange.next_change_id
|
16
|
+
OUTBOUND = Common::DiffChange.next_change_id
|
17
|
+
TAGS = Common::DiffChange.next_change_id
|
18
|
+
end
|
19
|
+
|
20
|
+
# Public: Represents a single difference between local configuration and AWS configuration
|
21
|
+
class NetworkAclDiff < Common::Diff
|
22
|
+
include NetworkAclChange
|
23
|
+
include Common::TagsDiff
|
24
|
+
|
25
|
+
def self.entries(type, aws, local)
|
26
|
+
aws_rule_entries = Hash[aws.map do |entry|
|
27
|
+
aws_entry = AclEntryConfig.new
|
28
|
+
aws_entry.populate!(entry)
|
29
|
+
[entry.rule_number, aws_entry]
|
30
|
+
end]
|
31
|
+
local_rule_entries = Hash[local.map { |entry| [entry.rule, entry] }]
|
32
|
+
|
33
|
+
added_diffs = Hash[local_rule_entries.reject { |rule, entry| aws_rule_entries.has_key? rule }.map do |rule, local_entry|
|
34
|
+
[rule, AclEntryDiff.added(local_entry)]
|
35
|
+
end]
|
36
|
+
removed_diffs = Hash[aws_rule_entries.reject { |rule, entry| local_rule_entries.has_key? rule }.map do |rule, aws_entry|
|
37
|
+
[rule, AclEntryDiff.unmanaged(aws_entry)]
|
38
|
+
end]
|
39
|
+
|
40
|
+
modified_diffs = Hash[local_rule_entries.select { |rule, entry| aws_rule_entries.has_key? rule }.map do |rule, local_entry|
|
41
|
+
aws_entry = aws_rule_entries[rule]
|
42
|
+
entry_diffs = local_entry.diff(aws_entry)
|
43
|
+
if !entry_diffs.empty?
|
44
|
+
[rule, AclEntryDiff.modified(aws_entry, local_entry, entry_diffs)]
|
45
|
+
end
|
46
|
+
end.reject { |v| v.nil? }]
|
47
|
+
|
48
|
+
if !added_diffs.empty? or !removed_diffs.empty? or !modified_diffs.empty?
|
49
|
+
diff = NetworkAclDiff.new(type, aws, local)
|
50
|
+
diff.changes = Common::ListChange.new(added_diffs, removed_diffs, modified_diffs)
|
51
|
+
diff
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
def local_tags
|
56
|
+
@local
|
57
|
+
end
|
58
|
+
|
59
|
+
def aws_tags
|
60
|
+
@aws
|
61
|
+
end
|
62
|
+
|
63
|
+
def asset_type
|
64
|
+
"Network Acl"
|
65
|
+
end
|
66
|
+
|
67
|
+
def aws_name
|
68
|
+
@aws.name || @aws.network_acl_id
|
69
|
+
end
|
70
|
+
|
71
|
+
def diff_string
|
72
|
+
case @type
|
73
|
+
when INBOUND
|
74
|
+
[
|
75
|
+
"Inbound Rules:",
|
76
|
+
entries_diff_string
|
77
|
+
].flatten.join("\n")
|
78
|
+
when OUTBOUND
|
79
|
+
[
|
80
|
+
"Outbound Rules:",
|
81
|
+
entries_diff_string
|
82
|
+
].flatten.join("\n")
|
83
|
+
when TAGS
|
84
|
+
tags_diff_string
|
85
|
+
end
|
86
|
+
end
|
87
|
+
|
88
|
+
private
|
89
|
+
|
90
|
+
def entries_diff_string
|
91
|
+
[
|
92
|
+
[
|
93
|
+
"\tThese rules will be deleted:",
|
94
|
+
@changes.removed.map do |rule, removed_diff|
|
95
|
+
Colors.unmanaged(removed_diff.aws.pretty_string.lines.map { |l| "\t\t#{l}".chomp("\n") }.join("\n"))
|
96
|
+
end.flatten.join("\n\t\t\t---\n")
|
97
|
+
].reject { @changes.removed.empty? },
|
98
|
+
[
|
99
|
+
"\tThese rules will be created:",
|
100
|
+
@changes.added.map do |rule, added_diff|
|
101
|
+
Colors.added(added_diff.local.pretty_string.lines.map { |l| "\t\t#{l}".chomp("\n") }.join("\n"))
|
102
|
+
end.flatten.join("\n\t\t\t---\n")
|
103
|
+
].reject { @changes.added.empty? },
|
104
|
+
@changes.modified.map do |rule, modified_diff|
|
105
|
+
[
|
106
|
+
"\tRule #{rule} was modified:",
|
107
|
+
modified_diff.changes.map do |diff|
|
108
|
+
diff.to_s.lines.map { |l| "\t\t#{l}".chomp("\n") }
|
109
|
+
end
|
110
|
+
]
|
111
|
+
end
|
112
|
+
].flatten.join("\n")
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
116
|
+
end
|
@@ -0,0 +1,82 @@
|
|
1
|
+
require "conf/Configuration"
|
2
|
+
require "vpc/loader/Loader"
|
3
|
+
require "ec2/EC2"
|
4
|
+
|
5
|
+
require "json"
|
6
|
+
|
7
|
+
module Cumulus
|
8
|
+
module VPC
|
9
|
+
|
10
|
+
# Public: An object representing configuration for a VPC route table route
|
11
|
+
class RouteConfig
|
12
|
+
attr_reader :dest_cidr
|
13
|
+
attr_reader :gateway_id
|
14
|
+
attr_reader :instance_id
|
15
|
+
attr_reader :network_interface_id
|
16
|
+
attr_reader :vpc_peering_connection_id
|
17
|
+
attr_reader :nat_gateway_id
|
18
|
+
|
19
|
+
# Public: Constructor
|
20
|
+
#
|
21
|
+
# json - a hash containing the JSON configuration for the route table route
|
22
|
+
def initialize(json = nil)
|
23
|
+
if !json.nil?
|
24
|
+
@dest_cidr = json["dest-cidr"]
|
25
|
+
@gateway_id = json["gateway-id"]
|
26
|
+
@network_interface_id = json["network-interface-id"]
|
27
|
+
@vpc_peering_connection_id = json["vpc-peering-connection-id"]
|
28
|
+
@nat_gateway_id = json["nat-gateway-id"]
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def to_hash
|
33
|
+
{
|
34
|
+
"dest-cidr" => @dest_cidr,
|
35
|
+
"gateway-id" => @gateway_id,
|
36
|
+
"network-interface-id" => @network_interface_id,
|
37
|
+
"vpc-peering-connection-id" => @vpc_peering_connection_id,
|
38
|
+
"nat-gateway-id" => @nat_gateway_id,
|
39
|
+
}.reject { |k, v| v.nil? }
|
40
|
+
end
|
41
|
+
|
42
|
+
def populate!(aws)
|
43
|
+
@dest_cidr = aws.destination_cidr_block
|
44
|
+
@gateway_id = aws.gateway_id
|
45
|
+
@network_interface_id = aws.network_interface_id
|
46
|
+
@vpc_peering_connection_id = aws.vpc_peering_connection_id
|
47
|
+
@nat_gateway_id = aws.nat_gateway_id
|
48
|
+
|
49
|
+
self
|
50
|
+
end
|
51
|
+
|
52
|
+
# Public: Produce an array of differences between this local configuration and the
|
53
|
+
# configuration in AWS
|
54
|
+
#
|
55
|
+
# aws - the AWS resource
|
56
|
+
#
|
57
|
+
# Returns an array of the RouteDiffs that were found
|
58
|
+
def diff(aws)
|
59
|
+
diffs = []
|
60
|
+
|
61
|
+
if @gateway_id != aws.gateway_id
|
62
|
+
diffs << RouteDiff.new(RouteChange::GATEWAY, aws.gateway_id, @gateway_id)
|
63
|
+
end
|
64
|
+
|
65
|
+
if @network_interface_id != aws.network_interface_id
|
66
|
+
diffs << RouteDiff.new(RouteChange::NETWORK, aws.network_interface_id, @network_interface_id)
|
67
|
+
end
|
68
|
+
|
69
|
+
if @vpc_peering_connection_id != aws.vpc_peering_connection_id
|
70
|
+
diffs << RouteDiff.new(RouteChange::VPC_PEERING, aws.vpc_peering_connection_id, @vpc_peering_connection_id)
|
71
|
+
end
|
72
|
+
|
73
|
+
if @nat_gateway_id != aws.nat_gateway_id
|
74
|
+
diffs << RouteDiff.new(RouteChange::NAT_GATEWAY, aws.nat_gateway_id, @nat_gateway_id)
|
75
|
+
end
|
76
|
+
|
77
|
+
diffs
|
78
|
+
end
|
79
|
+
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
require "common/models/Diff"
|
2
|
+
require "vpc/models/RouteDiff"
|
3
|
+
require "util/Colors"
|
4
|
+
|
5
|
+
module Cumulus
|
6
|
+
module VPC
|
7
|
+
# Public: The types of changes that can be made to a route
|
8
|
+
module RouteChange
|
9
|
+
include Common::DiffChange
|
10
|
+
|
11
|
+
GATEWAY = Common::DiffChange.next_change_id
|
12
|
+
NETWORK = Common::DiffChange.next_change_id
|
13
|
+
VPC_PEERING = Common::DiffChange.next_change_id
|
14
|
+
NAT_GATEWAY = Common::DiffChange.next_change_id
|
15
|
+
end
|
16
|
+
|
17
|
+
# Public: Represents a single difference between local configuration AWS configuration
|
18
|
+
class RouteDiff < Common::Diff
|
19
|
+
include RouteChange
|
20
|
+
|
21
|
+
def asset_type
|
22
|
+
"Route"
|
23
|
+
end
|
24
|
+
|
25
|
+
def aws_name
|
26
|
+
@aws.destination_cidr_block
|
27
|
+
end
|
28
|
+
|
29
|
+
def diff_string
|
30
|
+
resource = case @type
|
31
|
+
when GATEWAY
|
32
|
+
"Gateway"
|
33
|
+
when NETWORK
|
34
|
+
"Network Interface"
|
35
|
+
when VPC_PEERING
|
36
|
+
"VPC Peering Connection"
|
37
|
+
when NAT_GATEWAY
|
38
|
+
"NAT Gateway"
|
39
|
+
end
|
40
|
+
|
41
|
+
[
|
42
|
+
"#{resource}:",
|
43
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
44
|
+
Colors.local_changes("\tLocal - #{local}"),
|
45
|
+
].join("\n")
|
46
|
+
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
@@ -0,0 +1,92 @@
|
|
1
|
+
require "conf/Configuration"
|
2
|
+
require "vpc/loader/Loader"
|
3
|
+
require "vpc/models/RouteConfig"
|
4
|
+
require "ec2/EC2"
|
5
|
+
|
6
|
+
require "json"
|
7
|
+
|
8
|
+
module Cumulus
|
9
|
+
module VPC
|
10
|
+
|
11
|
+
# Public: An object representing configuration for a VPC route table
|
12
|
+
class RouteTableConfig
|
13
|
+
attr_reader :name
|
14
|
+
attr_reader :routes
|
15
|
+
attr_reader :propagate_vgws
|
16
|
+
attr_reader :tags
|
17
|
+
|
18
|
+
# Public: Constructor
|
19
|
+
#
|
20
|
+
# json - a hash containing the JSON configuration for the route table
|
21
|
+
def initialize(name, json = nil)
|
22
|
+
@name = name
|
23
|
+
@excludes = []
|
24
|
+
if !json.nil?
|
25
|
+
@routes = (json["routes"] || []).map { |route| RouteConfig.new(route) }
|
26
|
+
@propagate_vgws = json["propagate-vgws"] || []
|
27
|
+
@tags = json["tags"]
|
28
|
+
@excludes = json["exclude-cidr-blocks"] || []
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def to_hash
|
33
|
+
{
|
34
|
+
"routes" => @routes.map(&:to_hash),
|
35
|
+
"propagate-vgws" => @propagate_vgws,
|
36
|
+
"tags" => @tags,
|
37
|
+
}.reject { |k, v| v.nil? }
|
38
|
+
end
|
39
|
+
|
40
|
+
def populate!(aws)
|
41
|
+
@routes = aws.diffable_routes.reject { |route| @excludes.include? route.destination_cidr_block }.map do |aws_route|
|
42
|
+
cumulus_route = RouteConfig.new
|
43
|
+
cumulus_route.populate!(aws_route)
|
44
|
+
cumulus_route
|
45
|
+
end
|
46
|
+
|
47
|
+
@propagate_vgws = aws.propagating_vgws.map(&:gateway_id)
|
48
|
+
|
49
|
+
@tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
50
|
+
|
51
|
+
self
|
52
|
+
end
|
53
|
+
|
54
|
+
# Public: Produce an array of differences between this local configuration and the
|
55
|
+
# configuration in AWS
|
56
|
+
#
|
57
|
+
# aws - the AWS resource
|
58
|
+
#
|
59
|
+
# Returns an array of the RouteTableDiffs that were found
|
60
|
+
def diff(aws)
|
61
|
+
diffs = []
|
62
|
+
|
63
|
+
aws_routes = aws.diffable_routes.reject { |route| @excludes.include? route.destination_cidr_block }
|
64
|
+
local_routes = @routes.reject { |route| @excludes.include? route.dest_cidr }
|
65
|
+
|
66
|
+
ignored_aws_routes = aws.diffable_routes.select { |route| @excludes.include? route.destination_cidr_block }.map(&:destination_cidr_block).join(", ")
|
67
|
+
ignored_local_routes = @routes.select { |route| @excludes.include? route.dest_cidr }.map(&:dest_cidr).join(", ")
|
68
|
+
|
69
|
+
puts "Ignoring local routes: #{ignored_local_routes}" if !ignored_local_routes.empty?
|
70
|
+
puts "Ignoring AWS routes: #{ignored_aws_routes}" if !ignored_aws_routes.empty?
|
71
|
+
|
72
|
+
routes_diff = RouteTableDiff.routes(aws_routes, local_routes)
|
73
|
+
if routes_diff
|
74
|
+
diffs << routes_diff
|
75
|
+
end
|
76
|
+
|
77
|
+
aws_vgw_ids = aws.propagating_vgws.map(&:gateway_id)
|
78
|
+
if @propagate_vgws.sort != aws_vgw_ids.sort
|
79
|
+
diffs << RouteTableDiff.propagate_vgws(aws_vgw_ids, @propagate_vgws)
|
80
|
+
end
|
81
|
+
|
82
|
+
aws_tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
83
|
+
if @tags != aws_tags
|
84
|
+
diffs << RouteTableDiff.new(RouteTableChange::TAGS, aws_tags, @tags)
|
85
|
+
end
|
86
|
+
|
87
|
+
diffs
|
88
|
+
end
|
89
|
+
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|