right_aws 1.10.0 → 2.0.0

data/lib/ec2/right_ec2_monitoring.rb

@@ -0,0 +1,70 @@
+#
+# Copyright (c) 2009 RightScale Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+module RightAws
+
+  class Ec2
+
+    # Enables monitoring for a running instances. For more information, refer to the Amazon CloudWatch Developer Guide.
+    # 
+    #  ec2.monitor_instances('i-8437ddec') #=>
+    #    {:instance_id=>"i-8437ddec", :monitoring_state=>"pending"}
+    #
+    def monitor_instances(*list)
+      link = generate_request("MonitorInstances", amazonize_list('InstanceId', list.flatten) )
+      request_info(link, QEc2MonitorInstancesParser.new(:logger => @logger)).first
+    rescue Exception
+      on_exception
+    end
+
+    # Disables monitoring for a running instances. For more information, refer to the Amazon CloudWatch Developer Guide.
+    #
+    #  ec2.unmonitor_instances('i-8437ddec') #=>
+    #    {:instance_id=>"i-8437ddec", :monitoring_state=>"disabling"}
+    #
+    def unmonitor_instances(*list)
+      link = generate_request("UnmonitorInstances", amazonize_list('InstanceId', list.flatten) )
+      request_info(link, QEc2MonitorInstancesParser.new(:logger => @logger)).first
+    rescue Exception
+      on_exception
+    end
+
+    class QEc2MonitorInstancesParser < RightAWSParser #:nodoc:
+      def tagstart(name, attributes)
+        @item = {} if name == 'item'
+      end
+      def tagend(name)
+        case name
+        when 'instanceId'   then @item[:instance_id] = @text
+        when 'state'        then @item[:monitoring_state] = @text
+        when 'item'         then @result << @item
+        end
+      end
+      def reset
+        @result = []
+      end
+    end
+
+  end
+
+end

data/lib/ec2/right_ec2_reserved_instances.rb

@@ -0,0 +1,170 @@
+#
+# Copyright (c) 2009 RightScale Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+module RightAws
+
+  class Ec2
+
+  #-----------------------------------------------------------------
+  #      Reserved instances
+  #-----------------------------------------------------------------
+
+    # Retrieve reserved instances list.
+    # Returns a list of Reserved Instances.
+    #
+    # ec2.describe_reserved_instances #=>
+    #    [{:aws_id=>"1ba8e2e3-1c40-434c-a741-5ff16a4c542e",
+    #      :aws_duration=>31536000,
+    #      :aws_instance_type=>"m1.small",
+    #      :aws_usage_price=>0.03,
+    #      :aws_availability_zone=>"us-east-1b",
+    #      :aws_state=>"payment-pending",
+    #      :aws_product_description=>"Test",
+    #      :aws_fixed_price=>325.0,
+    #      :aws_start=>"2009-12-18T20:39:39.569Z"
+    #      :aws_instance_count=>1}]
+    #
+    def describe_reserved_instances(*reserved_instances)
+      reserved_instances = reserved_instances.flatten
+      link = generate_request("DescribeReservedInstances", amazonize_list('ReservedInstancesId', reserved_instances))
+      request_cache_or_info(:describe_reserved_instances, link,  QEc2DescribeReservedInstancesParser, @@bench, reserved_instances.blank?)
+    rescue Exception
+      on_exception
+    end
+
+    # Retrieve reserved instances offerings.
+    # Returns a set of available offerings.
+    #
+    # Optional params:
+    #  :aws_instance_type       => String
+    #  :aws_availability_zone   => String
+    #  :aws_product_description => String
+    #
+    #  ec2.describe_reserved_instances_offerings #=>
+    #    [{:aws_instance_type=>"c1.medium",
+    #      :aws_availability_zone=>"us-east-1c",
+    #      :aws_duration=>94608000,
+    #      :aws_product_description=>"Linux/UNIX",
+    #      :aws_id=>"e5a2ff3b-f6eb-4b4e-83f8-b879d7060257",
+    #      :aws_usage_price=>0.06,
+    #      :aws_fixed_price=>1000.0},
+    #      ...
+    #     {:aws_instance_type=>"m1.xlarge",
+    #      :aws_availability_zone=>"us-east-1a",
+    #      :aws_duration=>31536000,
+    #      :aws_product_description=>"Linux/UNIX",
+    #      :aws_id=>"c48ab04c-63ab-4cd6-b8f5-978a29eb9bcc",
+    #      :aws_usage_price=>0.24,
+    #      :aws_fixed_price=>2600.0}]
+    #
+    def describe_reserved_instances_offerings(*list_and_params)
+      list, params = AwsUtils::split_items_and_params(list_and_params)
+      # backward compartibility with the old way
+      list ||= Array(params[:aws_ids])
+      rparams = {}
+      rparams.update(amazonize_list('ReservedInstancesOfferingId', list)) unless list.blank?
+      rparams['InstanceType']       = params[:aws_instance_type]       if params[:aws_instance_type]
+      rparams['AvailabilityZone']   = params[:aws_availability_zone]   if params[:aws_availability_zone]
+      rparams['ProductDescription'] = params[:aws_product_description] if params[:aws_product_description]
+      link = generate_request("DescribeReservedInstancesOfferings", rparams)
+      request_cache_or_info(:describe_reserved_instances_offerings, link,  QEc2DescribeReservedInstancesOfferingsParser, @@bench, list.blank?)
+    rescue Exception
+      on_exception
+    end
+
+    # Purchase a Reserved Instance.
+    # Returns ReservedInstancesId value.
+    #
+    #  ec2.purchase_reserved_instances_offering('e5a2ff3b-f6eb-4b4e-83f8-b879d7060257', 3) # => '4b2293b4-5813-4cc8-9ce3-1957fc1dcfc8'
+    #
+    def purchase_reserved_instances_offering(reserved_instances_offering_id, instance_count=1)
+      link = generate_request("PurchaseReservedInstancesOffering", { 'ReservedInstancesOfferingId' => reserved_instances_offering_id,
+                                                                     'InstanceCount'               => instance_count  })
+      request_info(link, QEc2PurchaseReservedInstancesOfferingParser.new)
+    rescue Exception
+      on_exception
+    end
+
+  #-----------------------------------------------------------------
+  #      PARSERS: ReservedInstances
+  #-----------------------------------------------------------------
+
+    class QEc2DescribeReservedInstancesParser < RightAWSParser #:nodoc:
+      def tagstart(name, attributes)
+        @item = {} if name == 'item'
+      end
+      def tagend(name)
+        case name
+          when 'reservedInstancesId' then @item[:aws_id]                  = @text
+          when 'instanceType'        then @item[:aws_instance_type]       = @text
+          when 'availabilityZone'    then @item[:aws_availability_zone]   = @text
+          when 'duration'            then @item[:aws_duration]            = @text.to_i
+          when 'usagePrice'          then @item[:aws_usage_price]         = @text.to_f
+          when 'fixedPrice'          then @item[:aws_fixed_price]         = @text.to_f
+          when 'instanceCount'       then @item[:aws_instance_count]      = @text.to_i
+          when 'productDescription'  then @item[:aws_product_description] = @text
+          when 'state'               then @item[:aws_state]               = @text
+          when 'start'               then @item[:aws_start]               = @text
+          when 'item'                then @result << @item
+        end
+      end
+      def reset
+        @result = []
+      end
+    end
+
+    class QEc2DescribeReservedInstancesOfferingsParser < RightAWSParser #:nodoc:
+      def tagstart(name, attributes)
+        @item = {} if name == 'item'
+      end
+      def tagend(name)
+        case name
+          when 'reservedInstancesOfferingId' then @item[:aws_id]                  = @text
+          when 'instanceType'                then @item[:aws_instance_type]       = @text
+          when 'availabilityZone'            then @item[:aws_availability_zone]   = @text
+          when 'duration'                    then @item[:aws_duration]            = @text.to_i
+          when 'usagePrice'                  then @item[:aws_usage_price]         = @text.to_f
+          when 'fixedPrice'                  then @item[:aws_fixed_price]         = @text.to_f
+          when 'productDescription'          then @item[:aws_product_description] = @text
+          when 'item'                        then @result << @item
+        end
+      end
+      def reset
+        @result = []
+      end
+    end
+
+    class QEc2PurchaseReservedInstancesOfferingParser < RightAWSParser #:nodoc:
+      def tagend(name)
+        if name == 'reservedInstancesId'
+          @result = @text
+        end
+      end
+      def reset
+        @result = ''
+      end
+    end
+
+  end
+
+end

data/lib/ec2/right_ec2_security_groups.rb

@@ -0,0 +1,280 @@
+#
+# Copyright (c) 2010 RightScale Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+module RightAws
+
+  class Ec2
+
+    #-----------------------------------------------------------------
+    #      Security groups
+    #-----------------------------------------------------------------
+
+    # Retrieve Security Groups information. If +list+ is omitted the returns the whole list of groups.
+    #
+    #  # Amazon cloud:
+    #  ec2 = Rightscale::Ec2.new(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  ec2.describe_security_groups #=>
+    #    [{:aws_perms=>
+    #       [{:group=>"default", :owner=>"048291609141"},
+    #        {:to_port=>"22",
+    #         :protocol=>"tcp",
+    #         :from_port=>"22",
+    #         :cidr_ips=>"0.0.0.0/0"},
+    #        {:to_port=>"9997",
+    #         :protocol=>"tcp",
+    #         :from_port=>"9997",
+    #         :cidr_ips=>"0.0.0.0/0"}],
+    #      :aws_group_name=>"photo_us",
+    #      :aws_description=>"default group",
+    #      :aws_owner=>"826693181925"}]
+    #
+    #  # Eucalyptus cloud:
+    #  ec2 = Rightscale::Ec2.new(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, :eucalyptus => true)
+    #  ec2.describe_security_groups #=>
+    #    [{:aws_perms=>
+    #       [{:to_port=>"65535",
+    #         :group=>"default",
+    #         :protocol=>"tcp",
+    #         :owner=>"048291609141",
+    #         :from_port=>"1"},
+    #        {:to_port=>"65535",
+    #         :group=>"default",
+    #         :protocol=>"udp",
+    #         :owner=>"048291609141",
+    #         :from_port=>"1"},
+    #        {:to_port=>"-1",
+    #         :group=>"default",
+    #         :protocol=>"icmp",
+    #         :owner=>"048291609141",
+    #         :from_port=>"-1"},
+    #        {:to_port=>"22",
+    #         :protocol=>"tcp",
+    #         :from_port=>"22",
+    #         :cidr_ip=>"0.0.0.0/0"},
+    #        {:to_port=>"9997",
+    #         :protocol=>"tcp",
+    #         :from_port=>"9997",
+    #         :cidr_ip=>"0.0.0.0/0"}],
+    #      :aws_group_name=>"photo_us",
+    #      :aws_description=>"default group",
+    #      :aws_owner=>"826693181925"}]
+    #
+    def describe_security_groups(list=[])
+      link = generate_request("DescribeSecurityGroups", amazonize_list('GroupName', list))
+
+      request_cache_or_info( :describe_security_groups, link,  QEc2DescribeSecurityGroupsParser, @@bench, list.blank?) do |parser|
+        result = []
+        parser.result.each do |item|
+          result_item = { :aws_owner       => item[:owner_id],
+                          :aws_group_name  => item[:group_name],
+                          :aws_description => item[:group_description] }
+          aws_perms = []
+          item[:ip_permissions].each do |permission|
+            result_perm = {}
+            result_perm[:from_port] = permission[:from_port]
+            result_perm[:to_port]   = permission[:to_port]
+            result_perm[:protocol]  = permission[:ip_protocol]
+            # IP permissions
+            Array(permission[:ip_ranges]).each do |ip_range|
+              perm = result_perm.dup
+              # Mhhh... For Eucalyptus we somehow get used to use ":cidr_ip" instead of ":cidr_ips"...
+              if @params[:eucalyptus] then  perm[:cidr_ip]  = ip_range
+              else                          perm[:cidr_ips] = ip_range
+              end
+              aws_perms << perm
+            end
+            # Group permissions
+            Array(permission[:groups]).each do |group|
+              perm = result_perm.dup
+              perm[:group] = group[:group_name]
+              perm[:owner] = group[:user_id]
+              # AWS does not support Port Based Group Permissions but Eucalyptus does
+              unless @params[:port_based_group_ingress]
+                perm.delete(:from_port)
+                perm.delete(:to_port)
+                perm.delete(:protocol)
+              end
+              aws_perms << perm
+            end
+          end
+          result_item[:aws_perms] = aws_perms.uniq
+          result << result_item
+        end
+        result
+      end
+    rescue Exception
+      on_exception
+    end
+
+    # Create new Security Group. Returns +true+ or an exception.
+    #
+    #  ec2.create_security_group('default-1',"Default allowing SSH, HTTP, and HTTPS ingress") #=> true
+    #
+    def create_security_group(name, description=nil)
+      # EC2 doesn't like an empty description...
+      description = "-" if description.blank?
+      link = generate_request("CreateSecurityGroup",
+                              'GroupName'        => name.to_s,
+                              'GroupDescription' => description.to_s)
+      request_info(link, RightBoolResponseParser.new(:logger => @logger))
+    rescue Exception
+      on_exception
+    end
+
+    # Remove Security Group. Returns +true+ or an exception.
+    #
+    #  ec2.delete_security_group('default-1') #=> true
+    #
+    def delete_security_group(name)
+      link = generate_request("DeleteSecurityGroup",
+                              'GroupName' => name.to_s)
+      request_info(link, RightBoolResponseParser.new(:logger => @logger))
+    rescue Exception
+      on_exception
+    end
+
+    # Edit group permissions.
+    #
+    #    action     - :authorize (or :grant) | :revoke (or :remove)
+    #    group_name - security group name
+    #    params     - a combination of options below:
+    #      :source_group_owner => grantee id
+    #      :source_group       => grantee group name
+    #      :from_port          => from port
+    #      :to_port            => to port
+    #      :port               => set both :from_port and to_port with the same value
+    #      :protocol           => :tcp | :udp | :icmp
+    #      :cidr_ip            => '0.0.0.0/0'
+    #
+    #  ec2.edit_security_group( :grant,
+    #                           'kd-sg-test',
+    #                           :source_group       => "sketchy",
+    #                           :source_group_owner => "600000000006",
+    #                           :protocol           => 'tcp',
+    #                           :port               => '80',
+    #                           :cidr_ip            => '127.0.0.1/32') #=> true
+    #
+    # P.S. setting both group based and port based ingresses is not supported by Amazon but by Eucalyptus.
+    #
+    def edit_security_group(action, group_name, params)
+      hash = {}
+      case action
+      when :authorize, :grant then action = "AuthorizeSecurityGroupIngress"
+      when :revoke, :remove   then action = "RevokeSecurityGroupIngress"
+      else raise "Unknown action #{action.inspect}!"
+      end
+      hash['GroupName']                  = group_name
+      hash['SourceSecurityGroupName']    = params[:source_group]                         unless params[:source_group].blank?
+      hash['SourceSecurityGroupOwnerId'] = params[:source_group_owner].to_s.gsub(/-/,'') unless params[:source_group_owner].blank?
+      hash['IpProtocol']                 = params[:protocol]                             unless params[:protocol].blank?
+      unless params[:port].blank?
+        hash['FromPort'] = params[:port]
+        hash['ToPort']   = params[:port]
+      end
+      hash['FromPort']   = params[:from_port] unless params[:from_port].blank?
+      hash['ToPort']     = params[:to_port]   unless params[:to_port].blank?
+      hash['CidrIp']     = params[:cidr_ip]   unless params[:cidr_ip].blank?
+      #
+      link = generate_request(action, hash)
+      request_info(link, RightBoolResponseParser.new(:logger => @logger))
+    rescue Exception
+      on_exception
+    end
+
+    # Authorize named ingress for security group. Allows instances that are member of someone
+    # else's security group to open connections to instances in my group.
+    #
+    #  ec2.authorize_security_group_named_ingress('my_awesome_group', '7011-0219-8268', 'their_group_name') #=> true
+    #
+    def authorize_security_group_named_ingress(name, owner, group)
+      edit_security_group( :authorize, name, :source_group_owner => owner, :source_group => group)
+    end
+
+    # Revoke named ingress for security group.
+    #
+    #  ec2.revoke_security_group_named_ingress('my_awesome_group', aws_user_id, 'another_group_name') #=> true
+    #
+    def revoke_security_group_named_ingress(name, owner, group)
+      edit_security_group( :revoke, name, :source_group_owner => owner, :source_group => group)
+    end
+
+    # Add permission to a security group. Returns +true+ or an exception. +protocol+ is one of :'tcp'|'udp'|'icmp'.
+    #
+    #  ec2.authorize_security_group_IP_ingress('my_awesome_group', 80, 82, 'udp', '192.168.1.0/8') #=> true
+    #  ec2.authorize_security_group_IP_ingress('my_awesome_group', -1, -1, 'icmp') #=> true
+    #
+    def authorize_security_group_IP_ingress(name, from_port, to_port, protocol='tcp', cidr_ip='0.0.0.0/0')
+      edit_security_group( :authorize, name, :from_port => from_port, :to_port => to_port, :protocol => protocol, :cidr_ip => cidr_ip )
+    end
+
+    # Remove permission from a security group. Returns +true+ or an exception. +protocol+ is one of :'tcp'|'udp'|'icmp' ('tcp' is default).
+    #
+    #  ec2.revoke_security_group_IP_ingress('my_awesome_group', 80, 82, 'udp', '192.168.1.0/8') #=> true
+    #
+    def revoke_security_group_IP_ingress(name, from_port, to_port, protocol='tcp', cidr_ip='0.0.0.0/0')
+      edit_security_group( :revoke, name, :from_port => from_port, :to_port => to_port, :protocol => protocol, :cidr_ip => cidr_ip )
+    end
+
+    #-----------------------------------------------------------------
+    #      PARSERS: Security Groups
+    #-----------------------------------------------------------------
+
+    class QEc2DescribeSecurityGroupsParser < RightAWSParser #:nodoc:
+      def tagstart(name, attributes)
+        if name == 'item'
+          case
+          when @xmlpath[/securityGroupInfo$/] then @item = { :ip_permissions => [] }
+          when @xmlpath[/ipPermissions$/]     then @ip_permission = { :groups => [], :ip_ranges => [] }
+          when @xmlpath[/groups$/]            then @group = {}
+          end
+        end
+      end
+      def tagend(name)
+        case name
+        when 'ownerId'          then @item[:owner_id]             = @text
+        when 'groupDescription' then @item[:group_description]    = @text
+        when 'ipProtocol'       then @ip_permission[:ip_protocol] = @text
+        when 'fromPort'         then @ip_permission[:from_port]   = @text
+        when 'toPort'           then @ip_permission[:to_port]     = @text
+        when 'cidrIp'           then @ip_permission[:ip_ranges]  << @text
+        when 'userId'           then @group[:user_id]             = @text
+        when 'groupName'
+          case
+          when @xmlpath[/securityGroupInfo\/item$/] then @item[:group_name]  = @text
+          when @xmlpath[/groups\/item$/]            then @group[:group_name] = @text
+          end
+        when 'item'
+          case
+          when @xmlpath[/groups$/]           then @ip_permission[:groups] << @group
+          when @xmlpath[/ipPermissions$/]    then @item[:ip_permissions] << @ip_permission
+          when @xmlpath[/securityGroupInfo$/]then @result << @item
+          end
+        end
+      end
+      def reset
+        @result = []
+      end
+    end
+    
+  end
+end