Skip to content
Permalink
Browse files
Check that security group exists (#107)
* Check that security group exists
* Throw an exception after max retries + refactoring
  • Loading branch information
kamilla1201 authored and nonbinaryprogrammer committed Sep 12, 2019
1 parent bffbb22 commit be2ab2f60e765b09c71a4bcc961b709468b30384
Showing 1 changed file with 51 additions and 3 deletions.
@@ -47,6 +47,9 @@
import software.amazon.awssdk.services.ec2.model.DescribeImagesRequest;
import software.amazon.awssdk.services.ec2.model.DescribeInstancesRequest;
import software.amazon.awssdk.services.ec2.model.DescribeInstancesResponse;
import software.amazon.awssdk.services.ec2.model.DescribeSecurityGroupsRequest;
import software.amazon.awssdk.services.ec2.model.DescribeSecurityGroupsResponse;
import software.amazon.awssdk.services.ec2.model.Ec2Exception;
import software.amazon.awssdk.services.ec2.model.Filter;
import software.amazon.awssdk.services.ec2.model.Image;
import software.amazon.awssdk.services.ec2.model.Instance;
@@ -65,6 +68,8 @@
import org.apache.geode.infrastructure.BenchmarkMetadata;

public class LaunchCluster {
private static final long MAX_WAIT_INTERVAL = 2000;
private static final int MAX_RETRIES = 5;
static Ec2Client ec2 = Ec2Client.create();

public static void main(String[] args) throws IOException, InterruptedException {
@@ -85,6 +90,7 @@ public static void main(String[] args) throws IOException, InterruptedException

createPlacementGroup(benchmarkTag);
createSecurityGroup(benchmarkTag, tags);
authorizeSecurityGroup(benchmarkTag);
createLaunchTemplate(benchmarkTag, newestImage);

List<String> instanceIds = launchInstances(benchmarkTag, tags, count);
@@ -235,21 +241,55 @@ private static void createLaunchTemplate(String benchmarkTag, Image newestImage)
System.out.println("Launch Template for cluster '" + benchmarkTag + "' created.");
}

private static void createSecurityGroup(String benchmarkTag, List<Tag> tags) {
// Make a security group for the launch template
/*
* Create the security group and wait until it is visible to subsequent commands.
* This avoids issues caused by Amazon EC2 API eventual consistency model.
*/
private static void createSecurityGroup(String benchmarkTag, List<Tag> tags)
throws InterruptedException {
CreateSecurityGroupResponse csgr = ec2.createSecurityGroup(CreateSecurityGroupRequest.builder()
.groupName(AwsBenchmarkMetadata.securityGroup(benchmarkTag))
.description(AwsBenchmarkMetadata.securityGroup(benchmarkTag))
.build());

String groupId = csgr.groupId();
int retries = 0;
DescribeSecurityGroupsRequest describeSecurityGroupsRequest =
DescribeSecurityGroupsRequest.builder().groupIds(groupId).build();
DescribeSecurityGroupsResponse describeSecurityGroupsResponse;

while (true) {
try {
describeSecurityGroupsResponse = ec2.describeSecurityGroups(describeSecurityGroupsRequest);

if (!describeSecurityGroupsResponse.securityGroups().isEmpty()) {
System.out.println("SecurityGroup with id '" + groupId
+ "' is created and visible to subsequent commands.");
break;
}
} catch (Ec2Exception e) {
System.out.println(e.getMessage());
// will retry or return from the method
}
if (++retries >= MAX_RETRIES) {
throw new RuntimeException("Security Group with id '" + groupId
+ "' was not created or is invisible to subsequent commands.");
}
Thread.sleep(Math.min(getWaitTimeExp(retries), MAX_WAIT_INTERVAL));
}
ec2.createTags(CreateTagsRequest.builder().resources(groupId).tags(tags).build());
System.out.println("Security Group for cluster '" + benchmarkTag + "' created.");
}

// Allow all members of the security group to freely talk to each other
/*
* Allow all members of the security group to freely talk to each other.
*/
private static void authorizeSecurityGroup(String benchmarkTag) {
ec2.authorizeSecurityGroupIngress(AuthorizeSecurityGroupIngressRequest.builder()
.groupName(AwsBenchmarkMetadata.securityGroup(benchmarkTag))
.sourceSecurityGroupName(AwsBenchmarkMetadata.securityGroup(benchmarkTag))
.build());

ec2.authorizeSecurityGroupIngress(AuthorizeSecurityGroupIngressRequest.builder()
.groupName(AwsBenchmarkMetadata.securityGroup(benchmarkTag))
.cidrIp("0.0.0.0/0")
@@ -300,4 +340,12 @@ private static Image getNewestImage() {
}
return sortableImages.get(sortableImages.size() - 1);
}

/*
* Returns the next wait interval, in milliseconds, using an exponential
* backoff algorithm.
*/
private static long getWaitTimeExp(int retryCount) {
return ((long) Math.pow(2, retryCount) * 100L);
}
}

0 comments on commit be2ab2f

Please sign in to comment.