lucid-cumulus 0.11.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +15 -0
- data/.gitignore +3 -0
- data/.travis.yml +11 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +29 -0
- data/LICENSE +202 -0
- data/README.md +41 -0
- data/autocomplete +137 -0
- data/bin/cumulus +658 -0
- data/cumulus +2 -0
- data/lib/autoscaling/AutoScaling.rb +40 -0
- data/lib/autoscaling/loader/Loader.rb +56 -0
- data/lib/autoscaling/manager/Manager.rb +360 -0
- data/lib/autoscaling/models/AlarmConfig.rb +165 -0
- data/lib/autoscaling/models/AlarmDiff.rb +172 -0
- data/lib/autoscaling/models/AutoScalingDiff.rb +178 -0
- data/lib/autoscaling/models/GroupConfig.rb +330 -0
- data/lib/autoscaling/models/PolicyConfig.rb +135 -0
- data/lib/autoscaling/models/PolicyDiff.rb +73 -0
- data/lib/autoscaling/models/ScheduledActionDiff.rb +53 -0
- data/lib/autoscaling/models/ScheduledConfig.rb +96 -0
- data/lib/aws_extensions/ec2/DhcpOptions.rb +41 -0
- data/lib/aws_extensions/ec2/Instance.rb +29 -0
- data/lib/aws_extensions/ec2/NetworkAcl.rb +25 -0
- data/lib/aws_extensions/ec2/NetworkInterface.rb +14 -0
- data/lib/aws_extensions/ec2/RouteTable.rb +26 -0
- data/lib/aws_extensions/ec2/SecurityGroup.rb +16 -0
- data/lib/aws_extensions/ec2/Subnet.rb +28 -0
- data/lib/aws_extensions/ec2/Volume.rb +24 -0
- data/lib/aws_extensions/ec2/Vpc.rb +14 -0
- data/lib/aws_extensions/ec2/VpcEndpoint.rb +11 -0
- data/lib/aws_extensions/elb/BackendServerDescription.rb +12 -0
- data/lib/aws_extensions/elb/PolicyDescription.rb +14 -0
- data/lib/aws_extensions/kinesis/StreamDescription.rb +12 -0
- data/lib/aws_extensions/route53/AliasTarget.rb +21 -0
- data/lib/aws_extensions/s3/Bucket.rb +33 -0
- data/lib/aws_extensions/s3/BucketAcl.rb +28 -0
- data/lib/aws_extensions/s3/BucketCors.rb +17 -0
- data/lib/aws_extensions/s3/BucketLifecycle.rb +21 -0
- data/lib/aws_extensions/s3/BucketLogging.rb +18 -0
- data/lib/aws_extensions/s3/BucketNotification.rb +23 -0
- data/lib/aws_extensions/s3/BucketPolicy.rb +18 -0
- data/lib/aws_extensions/s3/BucketTagging.rb +15 -0
- data/lib/aws_extensions/s3/BucketVersioning.rb +14 -0
- data/lib/aws_extensions/s3/BucketWebsite.rb +49 -0
- data/lib/aws_extensions/s3/CORSRule.rb +27 -0
- data/lib/aws_extensions/s3/ReplicationConfiguration.rb +22 -0
- data/lib/cloudfront/CloudFront.rb +83 -0
- data/lib/cloudfront/loader/Loader.rb +31 -0
- data/lib/cloudfront/manager/Manager.rb +183 -0
- data/lib/cloudfront/models/CacheBehaviorConfig.rb +237 -0
- data/lib/cloudfront/models/CacheBehaviorDiff.rb +211 -0
- data/lib/cloudfront/models/CustomOriginConfig.rb +51 -0
- data/lib/cloudfront/models/CustomOriginDiff.rb +74 -0
- data/lib/cloudfront/models/DistributionConfig.rb +183 -0
- data/lib/cloudfront/models/DistributionDiff.rb +131 -0
- data/lib/cloudfront/models/InvalidationConfig.rb +37 -0
- data/lib/cloudfront/models/OriginConfig.rb +144 -0
- data/lib/cloudfront/models/OriginDiff.rb +86 -0
- data/lib/cloudfront/models/OriginSslProtocols.rb +28 -0
- data/lib/cloudfront/models/OriginSslProtocolsDiff.rb +39 -0
- data/lib/common/BaseLoader.rb +80 -0
- data/lib/common/manager/Manager.rb +148 -0
- data/lib/common/models/Diff.rb +114 -0
- data/lib/common/models/ListChange.rb +21 -0
- data/lib/common/models/TagsDiff.rb +55 -0
- data/lib/common/models/UTCTimeSource.rb +17 -0
- data/lib/conf/Configuration.rb +365 -0
- data/lib/ec2/EC2.rb +503 -0
- data/lib/ec2/IPProtocolMapping.rb +165 -0
- data/lib/ec2/loaders/EbsLoader.rb +19 -0
- data/lib/ec2/loaders/InstanceLoader.rb +32 -0
- data/lib/ec2/managers/EbsManager.rb +176 -0
- data/lib/ec2/managers/InstanceManager.rb +509 -0
- data/lib/ec2/models/EbsGroupConfig.rb +133 -0
- data/lib/ec2/models/EbsGroupDiff.rb +48 -0
- data/lib/ec2/models/InstanceConfig.rb +202 -0
- data/lib/ec2/models/InstanceDiff.rb +95 -0
- data/lib/elb/ELB.rb +148 -0
- data/lib/elb/loader/Loader.rb +65 -0
- data/lib/elb/manager/Manager.rb +581 -0
- data/lib/elb/models/AccessLogConfig.rb +82 -0
- data/lib/elb/models/AccessLogDiff.rb +47 -0
- data/lib/elb/models/HealthCheckConfig.rb +91 -0
- data/lib/elb/models/HealthCheckDiff.rb +50 -0
- data/lib/elb/models/ListenerConfig.rb +99 -0
- data/lib/elb/models/ListenerDiff.rb +91 -0
- data/lib/elb/models/LoadBalancerConfig.rb +239 -0
- data/lib/elb/models/LoadBalancerDiff.rb +265 -0
- data/lib/iam/IAM.rb +36 -0
- data/lib/iam/loader/Loader.rb +117 -0
- data/lib/iam/manager/IamGroups.rb +98 -0
- data/lib/iam/manager/IamResource.rb +288 -0
- data/lib/iam/manager/IamRoles.rb +112 -0
- data/lib/iam/manager/IamUsers.rb +54 -0
- data/lib/iam/manager/Manager.rb +29 -0
- data/lib/iam/migration/AssumeRoleUnifier.rb +34 -0
- data/lib/iam/migration/PolicyUnifier.rb +90 -0
- data/lib/iam/models/GroupConfig.rb +40 -0
- data/lib/iam/models/IamDiff.rb +132 -0
- data/lib/iam/models/PolicyConfig.rb +67 -0
- data/lib/iam/models/ResourceWithPolicy.rb +208 -0
- data/lib/iam/models/RoleConfig.rb +53 -0
- data/lib/iam/models/StatementConfig.rb +35 -0
- data/lib/iam/models/UserConfig.rb +21 -0
- data/lib/kinesis/Kinesis.rb +94 -0
- data/lib/kinesis/loader/Loader.rb +19 -0
- data/lib/kinesis/manager/Manager.rb +206 -0
- data/lib/kinesis/models/StreamConfig.rb +75 -0
- data/lib/kinesis/models/StreamDiff.rb +58 -0
- data/lib/lambda/Lambda.rb +41 -0
- data/lib/route53/loader/Loader.rb +32 -0
- data/lib/route53/manager/Manager.rb +241 -0
- data/lib/route53/models/AliasTarget.rb +86 -0
- data/lib/route53/models/RecordConfig.rb +178 -0
- data/lib/route53/models/RecordDiff.rb +140 -0
- data/lib/route53/models/Vpc.rb +24 -0
- data/lib/route53/models/ZoneConfig.rb +156 -0
- data/lib/route53/models/ZoneDiff.rb +118 -0
- data/lib/s3/S3.rb +89 -0
- data/lib/s3/loader/Loader.rb +66 -0
- data/lib/s3/manager/Manager.rb +296 -0
- data/lib/s3/models/BucketConfig.rb +321 -0
- data/lib/s3/models/BucketDiff.rb +167 -0
- data/lib/s3/models/GrantConfig.rb +189 -0
- data/lib/s3/models/GrantDiff.rb +50 -0
- data/lib/s3/models/LifecycleConfig.rb +142 -0
- data/lib/s3/models/LifecycleDiff.rb +46 -0
- data/lib/s3/models/LoggingConfig.rb +81 -0
- data/lib/s3/models/NotificationConfig.rb +157 -0
- data/lib/s3/models/NotificationDiff.rb +62 -0
- data/lib/s3/models/ReplicationConfig.rb +133 -0
- data/lib/s3/models/ReplicationDiff.rb +60 -0
- data/lib/s3/models/WebsiteConfig.rb +107 -0
- data/lib/security/SecurityGroups.rb +39 -0
- data/lib/security/loader/Loader.rb +94 -0
- data/lib/security/manager/Manager.rb +246 -0
- data/lib/security/models/RuleConfig.rb +161 -0
- data/lib/security/models/RuleDiff.rb +72 -0
- data/lib/security/models/RuleMigration.rb +127 -0
- data/lib/security/models/SecurityGroupConfig.rb +172 -0
- data/lib/security/models/SecurityGroupDiff.rb +112 -0
- data/lib/sns/SNS.rb +40 -0
- data/lib/sqs/SQS.rb +62 -0
- data/lib/sqs/loader/Loader.rb +34 -0
- data/lib/sqs/manager/Manager.rb +128 -0
- data/lib/sqs/models/DeadLetterConfig.rb +70 -0
- data/lib/sqs/models/DeadLetterDiff.rb +35 -0
- data/lib/sqs/models/QueueConfig.rb +115 -0
- data/lib/sqs/models/QueueDiff.rb +89 -0
- data/lib/util/Colors.rb +111 -0
- data/lib/util/StatusCodes.rb +51 -0
- data/lib/vpc/loader/Loader.rb +73 -0
- data/lib/vpc/manager/Manager.rb +954 -0
- data/lib/vpc/models/AclEntryConfig.rb +150 -0
- data/lib/vpc/models/AclEntryDiff.rb +54 -0
- data/lib/vpc/models/DhcpConfig.rb +100 -0
- data/lib/vpc/models/DhcpDiff.rb +90 -0
- data/lib/vpc/models/EndpointConfig.rb +76 -0
- data/lib/vpc/models/EndpointDiff.rb +69 -0
- data/lib/vpc/models/NetworkAclConfig.rb +87 -0
- data/lib/vpc/models/NetworkAclDiff.rb +116 -0
- data/lib/vpc/models/RouteConfig.rb +82 -0
- data/lib/vpc/models/RouteDiff.rb +50 -0
- data/lib/vpc/models/RouteTableConfig.rb +92 -0
- data/lib/vpc/models/RouteTableDiff.rb +101 -0
- data/lib/vpc/models/SubnetConfig.rb +113 -0
- data/lib/vpc/models/SubnetDiff.rb +78 -0
- data/lib/vpc/models/VpcConfig.rb +173 -0
- data/lib/vpc/models/VpcDiff.rb +315 -0
- data/lucid-cumulus.gemspec +20 -0
- data/rakefile.rb +8 -0
- metadata +245 -0
@@ -0,0 +1,101 @@
|
|
1
|
+
require "common/models/Diff"
|
2
|
+
require "common/models/TagsDiff"
|
3
|
+
require "common/models/ListChange"
|
4
|
+
require "vpc/models/RouteDiff"
|
5
|
+
require "util/Colors"
|
6
|
+
|
7
|
+
module Cumulus
|
8
|
+
module VPC
|
9
|
+
# Public: The types of changes that can be made to a route table
|
10
|
+
module RouteTableChange
|
11
|
+
include Common::DiffChange
|
12
|
+
|
13
|
+
ROUTES = Common::DiffChange.next_change_id
|
14
|
+
VGWS = Common::DiffChange.next_change_id
|
15
|
+
TAGS = Common::DiffChange.next_change_id
|
16
|
+
end
|
17
|
+
|
18
|
+
# Public: Represents a single difference between local configuration and AWS configuration
|
19
|
+
class RouteTableDiff < Common::Diff
|
20
|
+
include RouteTableChange
|
21
|
+
include Common::TagsDiff
|
22
|
+
|
23
|
+
def self.routes(aws, local)
|
24
|
+
aws_cidr_routes = Hash[aws.map { |route| [route.destination_cidr_block, route] }]
|
25
|
+
local_cidr_routes = Hash[local.map { |route| [route.dest_cidr, route] }]
|
26
|
+
|
27
|
+
added = local_cidr_routes.reject { |k, v| aws_cidr_routes.has_key? k }
|
28
|
+
removed = aws_cidr_routes.reject { |k, v| local_cidr_routes.has_key? k }
|
29
|
+
modified = local_cidr_routes.select { |k, v| aws_cidr_routes.has_key? k }
|
30
|
+
|
31
|
+
added_diffs = Hash[added.map { |cidr, route| [cidr, RouteDiff.added(route)] }]
|
32
|
+
removed_diffs = Hash[removed.map { |cidr, route| [cidr, RouteDiff.unmanaged(route)] }]
|
33
|
+
modified_diffs = Hash[modified.map do |cidr, route|
|
34
|
+
aws_route = aws_cidr_routes[cidr]
|
35
|
+
route_diffs = route.diff(aws_route)
|
36
|
+
if !route_diffs.empty?
|
37
|
+
[cidr, RouteDiff.modified(aws_route, route, route_diffs)]
|
38
|
+
end
|
39
|
+
end.reject { |v| v.nil? }]
|
40
|
+
|
41
|
+
if !added_diffs.empty? or !removed_diffs.empty? or !modified_diffs.empty?
|
42
|
+
diff = RouteTableDiff.new(ROUTES, aws, local)
|
43
|
+
diff.changes = Common::ListChange.new(added_diffs, removed_diffs, modified_diffs)
|
44
|
+
diff
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
def self.propagate_vgws(aws, local)
|
49
|
+
changes = Common::ListChange.simple_list_diff(aws, local)
|
50
|
+
if changes
|
51
|
+
diff = RouteTableDiff.new(VGWS, aws, local)
|
52
|
+
diff.changes = changes
|
53
|
+
diff
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def local_tags
|
58
|
+
@local
|
59
|
+
end
|
60
|
+
|
61
|
+
def aws_tags
|
62
|
+
@aws
|
63
|
+
end
|
64
|
+
|
65
|
+
def asset_type
|
66
|
+
"Route Table"
|
67
|
+
end
|
68
|
+
|
69
|
+
def aws_name
|
70
|
+
@aws.name
|
71
|
+
end
|
72
|
+
|
73
|
+
def diff_string
|
74
|
+
case @type
|
75
|
+
when ROUTES
|
76
|
+
[
|
77
|
+
"Routes:",
|
78
|
+
@changes.removed.map { |s, _| Colors.unmanaged("\t#{s} will be deleted") },
|
79
|
+
@changes.added.map { |s, _| Colors.added("\t#{s} will be created") },
|
80
|
+
@changes.modified.map do |cidr, diff|
|
81
|
+
[
|
82
|
+
"\t#{cidr}:",
|
83
|
+
diff.changes.map do |diff|
|
84
|
+
diff.to_s.lines.map { |l| "\t\t#{l}".chomp("\n") }
|
85
|
+
end
|
86
|
+
]
|
87
|
+
end
|
88
|
+
].flatten.join("\n")
|
89
|
+
when VGWS
|
90
|
+
[
|
91
|
+
"Propagate VGWs:",
|
92
|
+
@changes.removed.map { |s, _| Colors.unmanaged("\t#{s}") },
|
93
|
+
@changes.added.map { |s, _| Colors.added("\t#{s}") },
|
94
|
+
].flatten.join("\n")
|
95
|
+
when TAGS
|
96
|
+
tags_diff_string
|
97
|
+
end
|
98
|
+
end
|
99
|
+
end
|
100
|
+
end
|
101
|
+
end
|
@@ -0,0 +1,113 @@
|
|
1
|
+
require "conf/Configuration"
|
2
|
+
require "vpc/loader/Loader"
|
3
|
+
require "vpc/models/SubnetDiff"
|
4
|
+
require "ec2/EC2"
|
5
|
+
|
6
|
+
require "json"
|
7
|
+
|
8
|
+
module Cumulus
|
9
|
+
module VPC
|
10
|
+
|
11
|
+
# Public: An object representing configuration for a Subnet
|
12
|
+
class SubnetConfig
|
13
|
+
attr_reader :name
|
14
|
+
attr_reader :cidr_block
|
15
|
+
attr_reader :map_public_ip
|
16
|
+
attr_accessor :route_table
|
17
|
+
attr_accessor :network_acl
|
18
|
+
attr_reader :availability_zone
|
19
|
+
attr_reader :tags
|
20
|
+
|
21
|
+
# Public: Constructor
|
22
|
+
#
|
23
|
+
# json - a hash containing the JSON configuration for the subnet
|
24
|
+
def initialize(name, json = nil)
|
25
|
+
@name = name
|
26
|
+
if !json.nil?
|
27
|
+
@cidr_block = json["cidr-block"]
|
28
|
+
@map_public_ip = json["map-public-ip"] || false
|
29
|
+
@route_table = json["route-table"]
|
30
|
+
@network_acl = json["network-acl"]
|
31
|
+
@availability_zone = json["availability-zone"]
|
32
|
+
@tags = json["tags"] || {}
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
def to_hash
|
37
|
+
{
|
38
|
+
"cidr-block" => @cidr_block,
|
39
|
+
"map-public-ip" => @map_public_ip,
|
40
|
+
"route-table" => @route_table,
|
41
|
+
"network-acl" => @network_acl,
|
42
|
+
"availability-zone" => @availability_zone,
|
43
|
+
"tags" => @tags,
|
44
|
+
}
|
45
|
+
end
|
46
|
+
|
47
|
+
# Public: Populate a config object with AWS configuration
|
48
|
+
#
|
49
|
+
# aws - the AWS configuration for the subnet
|
50
|
+
# route_table_map - an optional mapping of route table ids to names
|
51
|
+
# network_acl_map - an optional mapping of network acl ids to names
|
52
|
+
def populate!(aws, route_table_map = {}, network_acl_map = {})
|
53
|
+
@cidr_block = aws.cidr_block
|
54
|
+
@map_public_ip = aws.map_public_ip_on_launch
|
55
|
+
|
56
|
+
subnet_rt = EC2::subnet_route_tables[aws.subnet_id]
|
57
|
+
@route_table = if subnet_rt then route_table_map[subnet_rt.route_table_id] || subnet_rt.route_table_id end
|
58
|
+
|
59
|
+
subnet_acl = EC2::subnet_network_acls[aws.subnet_id]
|
60
|
+
@network_acl = network_acl_map[subnet_acl.network_acl_id] || subnet_acl.network_acl_id
|
61
|
+
|
62
|
+
@availability_zone = aws.availability_zone
|
63
|
+
@tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
64
|
+
|
65
|
+
self
|
66
|
+
end
|
67
|
+
|
68
|
+
# Public: Produce an array of differences between this local configuration and the
|
69
|
+
# configuration in AWS
|
70
|
+
#
|
71
|
+
# aws - the AWS resource
|
72
|
+
#
|
73
|
+
# Returns an array of the SubnetDiffs that were found
|
74
|
+
def diff(aws)
|
75
|
+
diffs = []
|
76
|
+
|
77
|
+
if @cidr_block != aws.cidr_block
|
78
|
+
diffs << SubnetDiff.new(SubnetChange::CIDR, aws.cidr_block, @cidr_block)
|
79
|
+
end
|
80
|
+
|
81
|
+
if @map_public_ip != aws.map_public_ip_on_launch
|
82
|
+
diffs << SubnetDiff.new(SubnetChange::PUBLIC, aws.map_public_ip_on_launch, @map_public_ip)
|
83
|
+
end
|
84
|
+
|
85
|
+
# For route table try to get the AWS name or default to id
|
86
|
+
aws_subnet_rt = EC2::subnet_route_tables[aws.subnet_id]
|
87
|
+
aws_rt_name = if aws_subnet_rt then aws_subnet_rt.name || aws_subnet_rt.route_table_id end
|
88
|
+
if @route_table != aws_rt_name
|
89
|
+
diffs << SubnetDiff.new(SubnetChange::ROUTE_TABLE, aws_rt_name, @route_table)
|
90
|
+
end
|
91
|
+
|
92
|
+
# For network acl try to get the AWS name or default to its id
|
93
|
+
aws_subnet_net_acl = EC2::subnet_network_acls[aws.subnet_id]
|
94
|
+
aws_net_acl_name = aws_subnet_net_acl.name || aws_subnet_net_acl.network_acl_id
|
95
|
+
if @network_acl != aws_net_acl_name
|
96
|
+
diffs << SubnetDiff.new(SubnetChange::NETWORK_ACL, aws_net_acl_name, @network_acl)
|
97
|
+
end
|
98
|
+
|
99
|
+
if @availability_zone != aws.availability_zone
|
100
|
+
diffs << SubnetDiff.new(SubnetChange::AZ, aws.availability_zone, @availability_zone)
|
101
|
+
end
|
102
|
+
|
103
|
+
aws_tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
104
|
+
if @tags != aws_tags
|
105
|
+
diffs << SubnetDiff.new(SubnetChange::TAGS, aws_tags, @tags)
|
106
|
+
end
|
107
|
+
|
108
|
+
diffs
|
109
|
+
end
|
110
|
+
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
@@ -0,0 +1,78 @@
|
|
1
|
+
require "common/models/Diff"
|
2
|
+
require "common/models/TagsDiff"
|
3
|
+
require "util/Colors"
|
4
|
+
|
5
|
+
module Cumulus
|
6
|
+
module VPC
|
7
|
+
# Public: The types of changes that can be made to a subnet
|
8
|
+
module SubnetChange
|
9
|
+
include Common::DiffChange
|
10
|
+
|
11
|
+
CIDR = Common::DiffChange.next_change_id
|
12
|
+
PUBLIC = Common::DiffChange.next_change_id
|
13
|
+
ROUTE_TABLE = Common::DiffChange.next_change_id
|
14
|
+
NETWORK_ACL = Common::DiffChange.next_change_id
|
15
|
+
AZ = Common::DiffChange.next_change_id
|
16
|
+
TAGS = Common::DiffChange.next_change_id
|
17
|
+
end
|
18
|
+
|
19
|
+
# Public: Represents a single difference between local configuration and AWS configuration
|
20
|
+
class SubnetDiff < Common::Diff
|
21
|
+
include SubnetChange
|
22
|
+
include Common::TagsDiff
|
23
|
+
|
24
|
+
def local_tags
|
25
|
+
@local
|
26
|
+
end
|
27
|
+
|
28
|
+
def aws_tags
|
29
|
+
@aws
|
30
|
+
end
|
31
|
+
|
32
|
+
def asset_type
|
33
|
+
"Subnet"
|
34
|
+
end
|
35
|
+
|
36
|
+
def aws_name
|
37
|
+
@aws.name
|
38
|
+
end
|
39
|
+
|
40
|
+
def diff_string
|
41
|
+
case @type
|
42
|
+
when CIDR
|
43
|
+
[
|
44
|
+
"CIDR Block:",
|
45
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
46
|
+
Colors.local_changes("\tLocal - #{local}"),
|
47
|
+
].join("\n")
|
48
|
+
when PUBLIC
|
49
|
+
[
|
50
|
+
"Map Public Ip:",
|
51
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
52
|
+
Colors.local_changes("\tLocal - #{local}"),
|
53
|
+
].join("\n")
|
54
|
+
when ROUTE_TABLE
|
55
|
+
[
|
56
|
+
"Route Table:",
|
57
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
58
|
+
Colors.local_changes("\tLocal - #{local}"),
|
59
|
+
].join("\n")
|
60
|
+
when NETWORK_ACL
|
61
|
+
[
|
62
|
+
"Network ACL:",
|
63
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
64
|
+
Colors.local_changes("\tLocal - #{local}"),
|
65
|
+
].join("\n")
|
66
|
+
when AZ
|
67
|
+
[
|
68
|
+
"Availability Zone:",
|
69
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
70
|
+
Colors.local_changes("\tLocal - #{local}"),
|
71
|
+
].join("\n")
|
72
|
+
when TAGS
|
73
|
+
tags_diff_string
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
@@ -0,0 +1,173 @@
|
|
1
|
+
require "conf/Configuration"
|
2
|
+
require "vpc/loader/Loader"
|
3
|
+
require "vpc/models/DhcpConfig"
|
4
|
+
require "vpc/models/RouteTableConfig"
|
5
|
+
require "vpc/models/EndpointConfig"
|
6
|
+
require "vpc/models/NetworkAclConfig"
|
7
|
+
require "vpc/models/VpcDiff"
|
8
|
+
require "ec2/EC2"
|
9
|
+
|
10
|
+
require "json"
|
11
|
+
|
12
|
+
module Cumulus
|
13
|
+
module VPC
|
14
|
+
|
15
|
+
# Public: An object representing configuration for a VPC
|
16
|
+
class VpcConfig
|
17
|
+
attr_reader :name
|
18
|
+
attr_reader :cidr_block
|
19
|
+
attr_reader :tenancy
|
20
|
+
attr_reader :subnets
|
21
|
+
attr_reader :dhcp
|
22
|
+
attr_reader :route_tables
|
23
|
+
attr_reader :endpoints
|
24
|
+
attr_reader :address_associations
|
25
|
+
attr_reader :network_acls
|
26
|
+
attr_reader :tags
|
27
|
+
|
28
|
+
# Public: Constructor
|
29
|
+
#
|
30
|
+
# json - a hash containing the JSON configuration for the VPC
|
31
|
+
def initialize(name, json = nil)
|
32
|
+
@name = name
|
33
|
+
if !json.nil?
|
34
|
+
@cidr_block = json["cidr-block"]
|
35
|
+
@tenancy = json["tenancy"]
|
36
|
+
@dhcp = if json["dhcp"] then DhcpConfig.new(json["dhcp"]) end
|
37
|
+
@route_tables = json["route-tables"] || []
|
38
|
+
@endpoints = (json["endpoints"] || []).map { |endpoint| EndpointConfig.new(endpoint) }
|
39
|
+
@address_associations = json["address-associations"] || {}
|
40
|
+
@network_acls = json["network-acls"] || []
|
41
|
+
@subnets = json["subnets"] || []
|
42
|
+
@tags = json["tags"] || {}
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
def to_hash
|
47
|
+
{
|
48
|
+
"cidr-block" => @cidr_block,
|
49
|
+
"tenancy" => @tenancy,
|
50
|
+
"dhcp" => if @dhcp then @dhcp.to_hash end,
|
51
|
+
"route-tables" => @route_tables,
|
52
|
+
"endpoints" => @endpoints.map(&:to_hash),
|
53
|
+
"address-associations" => @address_associations,
|
54
|
+
"network-acls" => @network_acls,
|
55
|
+
"subnets" => @subnets,
|
56
|
+
"tags" => @tags,
|
57
|
+
}
|
58
|
+
end
|
59
|
+
|
60
|
+
# Public: Populate a config object with AWS configuration
|
61
|
+
#
|
62
|
+
# aws - the AWS configuration for the subnet
|
63
|
+
# route_table_map - an optional mapping of route table ids to names
|
64
|
+
# subnet_map - an optional mapping of subnet ids to names
|
65
|
+
# network_acl_map - an optional mapping of network acl ids to names
|
66
|
+
def populate!(aws, route_table_map = {}, subnet_map = {}, network_acl_map = {})
|
67
|
+
@cidr_block = aws.cidr_block
|
68
|
+
@tenancy = aws.instance_tenancy
|
69
|
+
|
70
|
+
if aws.dhcp_options_id != "default"
|
71
|
+
aws_dhcp = EC2::id_dhcp_options[aws.dhcp_options_id]
|
72
|
+
@dhcp = DhcpConfig.new().populate!(aws_dhcp)
|
73
|
+
end
|
74
|
+
|
75
|
+
aws_rts = EC2::vpc_route_tables[aws.vpc_id]
|
76
|
+
rt_names = aws_rts.map { |rt| route_table_map[rt.route_table_id] || rt.route_table_id }
|
77
|
+
@route_tables = rt_names.sort
|
78
|
+
|
79
|
+
aws_endpoints = EC2::vpc_endpoints[aws.vpc_id]
|
80
|
+
@endpoints = aws_endpoints.map { |endpoint| EndpointConfig.new().populate!(endpoint, route_table_map) }
|
81
|
+
|
82
|
+
aws_addresses = EC2::vpc_addresses[aws.vpc_id]
|
83
|
+
@address_associations = Hash[aws_addresses.map do |addr|
|
84
|
+
network_interface = EC2::id_network_interfaces[addr.network_interface_id]
|
85
|
+
[addr.public_ip, network_interface.name || addr.network_interface_id]
|
86
|
+
end]
|
87
|
+
|
88
|
+
aws_network_acls = EC2::vpc_network_acls[aws.vpc_id]
|
89
|
+
cumulus_network_acls = aws_network_acls.map { |acl| network_acl_map[acl.network_acl_id] || acl.network_acl_id }
|
90
|
+
@network_acls = cumulus_network_acls.sort
|
91
|
+
|
92
|
+
aws_subnets = EC2::vpc_subnets[aws.vpc_id]
|
93
|
+
subnet_names = aws_subnets.map { |subnet| subnet_map[subnet.subnet_id] || subnet.subnet_id }
|
94
|
+
@subnets = subnet_names.sort
|
95
|
+
|
96
|
+
@tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
97
|
+
|
98
|
+
self
|
99
|
+
end
|
100
|
+
|
101
|
+
# Public: Produce an array of differences between this local configuration and the
|
102
|
+
# configuration in AWS
|
103
|
+
#
|
104
|
+
# aws - the AWS resource
|
105
|
+
#
|
106
|
+
# Returns an array of the VpcDiffs that were found
|
107
|
+
def diff(aws)
|
108
|
+
diffs = []
|
109
|
+
|
110
|
+
if @cidr_block != aws.cidr_block
|
111
|
+
diffs << VpcDiff.new(VpcChange::CIDR, aws.cidr_block, @cidr_block)
|
112
|
+
end
|
113
|
+
|
114
|
+
if @tenancy != aws.instance_tenancy
|
115
|
+
diffs << VpcDiff.new(VpcChange::TENANCY, aws.instance_tenancy, @tenancy)
|
116
|
+
end
|
117
|
+
|
118
|
+
# Get the actual DHCP Options from AWS from the id
|
119
|
+
aws_dhcp_options = EC2::id_dhcp_options[aws.dhcp_options_id]
|
120
|
+
dhcp_diff = VpcDiff.dhcp(aws_dhcp_options, @dhcp)
|
121
|
+
if dhcp_diff
|
122
|
+
diffs << dhcp_diff
|
123
|
+
end
|
124
|
+
|
125
|
+
# Load the actual route table configs to diff them
|
126
|
+
local_route_tables = @route_tables.map { |rt_name| Loader.route_table(rt_name) }
|
127
|
+
aws_route_tables = EC2::vpc_route_tables[aws.vpc_id]
|
128
|
+
route_table_diff = VpcDiff.route_tables(aws_route_tables, local_route_tables)
|
129
|
+
if route_table_diff
|
130
|
+
diffs << route_table_diff
|
131
|
+
end
|
132
|
+
|
133
|
+
# Load the vpc endpoints
|
134
|
+
aws_endpoints = EC2::vpc_endpoints[aws.vpc_id]
|
135
|
+
endpoints_diff = VpcDiff.endpoints(aws_endpoints, @endpoints)
|
136
|
+
if endpoints_diff
|
137
|
+
diffs << endpoints_diff
|
138
|
+
end
|
139
|
+
|
140
|
+
aws_associations = EC2::vpc_addresses[aws.vpc_id]
|
141
|
+
association_diff = VpcDiff.address_associations(aws_associations, @address_associations)
|
142
|
+
if association_diff
|
143
|
+
diffs << association_diff
|
144
|
+
end
|
145
|
+
|
146
|
+
# Inbound and outbound network acls
|
147
|
+
local_network_acls = @network_acls.map { |acl_name| Loader.network_acl(acl_name) }
|
148
|
+
aws_network_acls = EC2::vpc_network_acls[aws.vpc_id]
|
149
|
+
network_acl_diff = VpcDiff.network_acls(aws_network_acls, local_network_acls)
|
150
|
+
if network_acl_diff
|
151
|
+
diffs << network_acl_diff
|
152
|
+
end
|
153
|
+
|
154
|
+
# Load the local subnets from config, and the aws version of their subnets
|
155
|
+
local_subnets = @subnets.map { |subnet_name| Loader.subnet(subnet_name) }
|
156
|
+
aws_subnets = EC2::vpc_subnets[aws.vpc_id]
|
157
|
+
subnets_diff = VpcDiff.subnets(aws_subnets, local_subnets)
|
158
|
+
if subnets_diff
|
159
|
+
diffs << subnets_diff
|
160
|
+
end
|
161
|
+
|
162
|
+
# Tags
|
163
|
+
aws_tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
164
|
+
if @tags != aws_tags
|
165
|
+
diffs << VpcDiff.new(VpcChange::TAGS, aws_tags, @tags)
|
166
|
+
end
|
167
|
+
|
168
|
+
diffs
|
169
|
+
end
|
170
|
+
|
171
|
+
end
|
172
|
+
end
|
173
|
+
end
|