traceroute53 0.1.3 → 0.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c092c67488876b90c93716934989e5da3ca311d787d4f63f5f506035ed2c7a6b
-  data.tar.gz: 4ad6dcf187f73112d4e8b90ed054eeb8b1879beadc6c7b0daef02b10fdf677b9
+  metadata.gz: 2366ea9ef30a2d88826cc6601ffae1c4f87cc14a275473375e19ded8c9771ea9
+  data.tar.gz: 8b95a5fd70d36a1a8fa26d846304f83a52ac61107a0a323b5aff5b82b1565845
 SHA512:
-  metadata.gz: c8ce824f9311a9999f31ced357dd9e52afd9c2522945c2518a8007b4ec6a883f292ef98f6024b6c59083871329fa5002daa2ca21fed9a922e1083fb84f8b2446
-  data.tar.gz: d195974076040536c4e49225bf296588070c685ef55d1054e600c745be923693cf17995ca7d9d4df97633198d0b188f807f6d823f1d15a6d1075524fde84465b
+  metadata.gz: b3661175cef71d2b88432e4e15f4667257a13f2f3586b822e505cc838a3f9ee1f095fb27fd895171289a4bb82498a41bda19ef3e0a20e7a433364dbd48cd3f9c
+  data.tar.gz: 96aa5bbe750855f4bd0c4222c0fa13a5573cfb2f00cb749afdb60badef01172c6f369a7ff943aae56a8890ac9a4e810d6cfc22433ed960e962bcfcecc95d56ad

data/exe/traceroute53

@@ -1,6 +1,7 @@
 #!/usr/bin/env ruby
 # Trace route53 and Load Balancers related to the given domain
 require 'aws-sdk-route53'
+require 'aws-sdk-elasticloadbalancing'
 require 'aws-sdk-elasticloadbalancingv2'
 require 'aws-sdk-ec2'
 require 'optparse'
@@ -43,7 +44,22 @@ def list_resource_record_sets(client, hosted_zone)
   records
 end
 
-def describe_load_balancers(client)
+def describe_load_balancers(client, name)
+  marker = nil
+  load_balancers = []
+  loop do
+    resp = client.describe_load_balancers({
+      load_balancer_names: [name],
+      marker: marker,
+    })
+    load_balancers.concat resp.load_balancer_descriptions
+    marker = resp.next_marker
+    break unless marker
+  end
+  load_balancers
+end
+
+def describe_load_balancersv2(client)
   marker = nil
   load_balancers = []
   loop do
@@ -72,6 +88,21 @@ def describe_listeners(client, load_balancer)
   listeners
 end
 
+def describe_rules(client, listener)
+  marker = nil
+  rules = []
+  loop do
+    resp = client.describe_rules({
+      listener_arn: listener.listener_arn,
+      marker: marker,
+    })
+    rules.concat resp.rules
+    marker = resp.next_marker
+    break unless marker
+  end
+  rules
+end
+
 def describe_target_groups(client, target_group_arns)
   marker = nil
   target_groups = []
@@ -129,7 +160,7 @@ end
 def main
   opt = OptionParser.new("usage: traceroute53 <domain>")
 
-  profile = nil
+  profile = ENV['AWS_PROFILE']
   opt.on('--profile PROFILE', "use given profile") {|v| profile = v }
 
   opt.parse!(ARGV)
@@ -158,7 +189,7 @@ def main
 
   record_sets = list_resource_record_sets(client, hosted_zone)
   while true
-    records = record_sets.select{|record| record.name == domain_dot}
+    records = record_sets.select{|r| r.name == domain_dot}
     if records.empty?
       STDERR.puts "resource record set not found in #{hosted_zone} for #{domain}"
       exit 1
@@ -168,73 +199,154 @@ def main
       STDERR.puts "more than one resource record set in #{hosted_zone} for #{domain}"
       exit 1
     end
-    dns_name = records[0].alias_target.dns_name
-    puts "dns name: #{dns_name}"
-    if /([a-z0-9\-]+)\.elb\.amazonaws.com\.\z/ =~ dns_name
-      break
+    record = records[0]
+    if record.alias_target
+      # The record is an AWS resource
+      dns_name = record.alias_target.dns_name
+      puts "dns name: #{dns_name}"
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Route53/Types/AliasTarget.html
+      if /\.elb\.(?:[a-z0-9\-]+\.)?amazonaws.com\.\z/ =~ dns_name
+        break
+      elsif /\.amazonaws.com\.\z/ =~ dns_name
+        STDERR.puts record.inspect
+        STDERR.puts "unsupported AWS resource '#{dns_name}'; pull request is welcome https://github.com/nurse/traceroute53"
+      exit 1
+      else
+        # assune Another Route 53 resource record set
+        domain_dot = dns_name
+      end
+    elsif record.type == 'CNAME'
+      puts "resource_records: #{record.resource_records.map(&:value)}"
+      domain_dot = record.resource_records[0].value
+    else
+      STDERR.puts record.inspect
+      STDERR.puts "unsupported record; pull request is welcome https://github.com/nurse/traceroute53"
+      exit 1
     end
-    domain_dot = dns_name
   end
   dns_name.sub!(/\Adualstack\./, '')
   dns_name.chomp!('.')
 
-  region = dns_name[/([a-z0-9\-]+)\.elb\.amazonaws.com\z/, 1]
-  client = Aws::ElasticLoadBalancingV2::Client.new(
-    region: region,
-    profile: profile,
-  )
-  load_balancers = describe_load_balancers(client)
-  if load_balancers.empty?
-    STDERR.puts "load balancers not found in #{region} for #{dns_name}"
+  unless /([a-z0-9\-]+)?\.elb\.(?:([a-z0-9\-]+)\.)?amazonaws.com\z/ =~ dns_name
+    STDERR.puts "dns_name:#{dns_name} doesn't include AWS region name"
     exit 1
   end
-  load_balancer = load_balancers.find{|lb| lb.dns_name == dns_name}
-  unless load_balancer
-    load_balancers.each_with_index do |lb, i|
-      STDERR.puts "load balancer[#{i}]: #{lb.dns_name}"
+  region = $2 || $1
+
+  name = dns_name[/\A([a-z0-9\-]+)-\h+\./, 1]
+  puts "Load Balancer name is '#{name}'"
+
+  instance_ids = nil
+  begin
+    # Aws::ElasticLoadBalancingV2 (Application Load Balancer or Network Load Balancer)
+    client = Aws::ElasticLoadBalancingV2::Client.new(
+      region: region,
+      profile: profile,
+    )
+    load_balancers = describe_load_balancersv2(client)
+    # it raises LoadBalancerNotFound exception if not found
+    load_balancer = load_balancers.find{|lb| lb.dns_name == dns_name}
+    puts "load balancer: #{load_balancer.load_balancer_name} #{load_balancer.security_groups}"
+
+    listeners = describe_listeners(client, load_balancer)
+    if listeners.empty?
+      STDERR.puts "listeners not found in #{region} for #{load_balancer}"
+      exit 1
     end
-    STDERR.puts "load balancers not found in #{region} for #{dns_name}"
-    exit 1
-  end
-  puts "load balancer: #{load_balancer.load_balancer_name} #{load_balancer.security_groups}"
 
-  listeners = describe_listeners(client, load_balancer)
-  if listeners.empty?
-    STDERR.puts "listeners not found in #{region} for #{load_balancer}"
-    exit 1
+    instance_ids = []
+    target_group_arns = {}
+    listeners.each_with_index do |listener, i|
+      # p listener
+      puts "listener[#{i}]: port:#{listener.port} #{listener.listener_arn}"
+      rules = describe_rules(client, listener)
+      rules.each_with_index do |rule, j|
+        puts "listener[#{i}]rule[#{j}]: #{rule.rule_arn}#{rule.is_default ? ' (default)' : ''}"
+        rule.conditions.each_with_index do |condition, k|
+          puts "listener[#{i}]rule[#{j}]condition[#{k}]: #{condition.values}"
+        end
+        rule.actions.each_with_index do |action, k|
+          puts "listener[#{i}]rule[#{j}]action[#{k}]: #{action.type} #{action.target_group_arn}"
+          if target_group_arns[action.target_group_arn]
+            puts "listener[#{i}]rule[#{j}]action[#{k}]: the target group is already showed; skip"
+          else
+            target_group_arns[action.target_group_arn] = true
+            target_healths = describe_target_health(client, action.target_group_arn)
+            target_healths.each_with_index do |health, l|
+              puts "listener[#{i}]rule[#{j}]action[#{k}]target[#{l}]: #{health.target.id}:#{health.target.port} #{health.target_health.state}"
+              instance_ids << health.target.id
+            end
+          end
+        end
+      end
+    end
+    instance_ids
+
+    # p target_group_arns
+    # target_groups = describe_target_groups(client, target_group_arns)
+    # if target_groups.empty?
+    #   STDERR.puts "target groups not found in #{region} for #{listeners}"
+    #   exit 1
+    # end
+    # p target_groups
+
+    unless instance_ids
+      STDERR.puts "load balancers not found in #{region} for #{dns_name} with ELBv2"
+      # exit 1
+    end
+  rescue Aws::ElasticLoadBalancingV2::Errors::LoadBalancerNotFound
+    STDERR.puts "load balancers not found in #{region} for #{dns_name} with ELBv2"
   end
 
-  instance_ids = []
-  listeners.each_with_index do |listener, i|
-    # p listener
-    puts "listener[#{i}]: port:#{listener.port} #{listener.listener_arn}"
-    listener.default_actions.each_with_index do |action, j|
-      puts "listener[#{i}]action[#{j}]: #{action.type} #{action.target_group_arn}"
-      target_healths = describe_target_health(client, action.target_group_arn)
-      target_healths.each_with_index do |health, k|
-        puts "listener[#{i}]action[#{j}]target[#{k}]: #{health.target.id}:#{health.target.port} #{health.target_health.state}"
-        instance_ids << health.target.id
+  unless instance_ids
+    # Aws::ElasticLoadBalancing (Classic Load Balancer)
+    client = Aws::ElasticLoadBalancing::Client.new(
+      region: region,
+      profile: profile,
+    )
+    load_balancers = describe_load_balancers(client, name)
+    if load_balancers.empty?
+      STDERR.puts "load balancers not found in #{region} for #{dns_name}"
+      exit 1
+    end
+
+    load_balancer = load_balancers.find{|lb| lb.dns_name == dns_name}
+    instance_ids = []
+    unless load_balancer
+      load_balancers.each_with_index do |lb, i|
+        STDERR.puts "load balancer[#{i}]: #{lb.dns_name}"
       end
+      STDERR.puts "load balancers not found in #{region} for #{dns_name}"
+      exit 1
     end
-  end
 
-  # p target_group_arns
-  # target_groups = describe_target_groups(client, target_group_arns)
-  # if target_groups.empty?
-  #   STDERR.puts "target groups not found in #{region} for #{listeners}"
-  #   exit 1
-  # end
-  # p target_groups
+    load_balancer = load_balancers[0]
+    puts "load balancer: #{load_balancer.load_balancer_name} #{load_balancer.security_groups}"
+
+    load_balancer.instances.each_with_index do |instance, i|
+      puts "instances[#{i}]: #{instance[:instance_id]}"
+      instance_ids << instance[:instance_id]
+    end
+  end
 
+  # Inspect Security Group
   client = Aws::EC2::Client.new(
     region: region,
     profile: profile,
   )
   instances = describe_instances(client, instance_ids)
-  group_ids_ary = instances.map{|instance| instance.security_groups.map(&:group_id)}.uniq
+  group_ids_hash = {}
+  instances.each do |instance|
+    group_ids = instance.security_groups.map(&:group_id)
+    group_ids_hash[group_ids] ||= []
+    group_ids_hash[group_ids] << instance.instance_id
+  end
 
-  group_ids_ary.each_with_index do |group_ids, i|
+  # Assume that instances under an ELB have the same security groups.
+  # If they are varied, something weird is happening and it needs further investigation...
+  group_ids_hash.each_pair.with_index do |(group_ids, instance_ids), i|
     puts "group_ids[#{i}]: #{group_ids}"
+    puts "group_ids[#{i}]: #{instance_ids}"
     security_groups = describe_security_groups(client, group_ids)
     security_groups.each_with_index do |sg, j|
       puts "group_ids[#{i}]sg[#{j}]: #{sg.group_id}"

data/lib/traceroute53/version.rb

@@ -1,3 +1,3 @@
 module Traceroute53
-  VERSION = "0.1.3"
+  VERSION = "0.1.6"
 end

data/traceroute53.gemspec

@@ -37,6 +37,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency 'aws-sdk-route53', "~> 1"
+  spec.add_dependency 'aws-sdk-elasticloadbalancing', "~> 1"
   spec.add_dependency 'aws-sdk-elasticloadbalancingv2', "~> 1"
   spec.add_dependency 'aws-sdk-ec2', "~> 1"
   spec.add_development_dependency "bundler", "~> 1.17"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: traceroute53
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.6
 platform: ruby
 authors:
 - NARUSE, Yui
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-05-21 00:00:00.000000000 Z
+date: 2022-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-route53
@@ -24,6 +24,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1'
+- !ruby/object:Gem::Dependency
+  name: aws-sdk-elasticloadbalancing
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
 - !ruby/object:Gem::Dependency
   name: aws-sdk-elasticloadbalancingv2
   requirement: !ruby/object:Gem::Requirement
@@ -121,7 +135,7 @@ licenses:
 metadata:
   homepage_uri: https://github.com/nurse/traceroute53
   source_code_uri: https://github.com/nurse/traceroute53
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -136,8 +150,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.3.7
+signing_key:
 specification_version: 4
 summary: A tool to investigate Route53, ELB, EC2 and Security Groups
 test_files: []