Merge pull request #31 from remind101/ecs_hook

Ecs hook
cloudtools · May 14, 2015 · 44825e5 · 44825e5
2 parents 44bcfb7 + e983cd1
commit 44825e5
Show file tree

Hide file tree

Showing 2 changed files with 74 additions and 0 deletions.
diff --git a/stacker/hooks/ecs.py b/stacker/hooks/ecs.py
@@ -0,0 +1,43 @@
+# A lot of this code exists to deal w/ the broken ECS connect_to_region
+# function, and will be removed once this pull request is accepted:
+#   https://github.com/boto/boto/pull/3143
+import logging
+
+logger = logging.getLogger(__name__)
+
+from boto.regioninfo import get_regions
+from boto.ec2containerservice.layer1 import EC2ContainerServiceConnection
+
+
+def regions():
+    return get_regions('ec2containerservice',
+                       connection_cls=EC2ContainerServiceConnection)
+
+
+def connect_to_region(region_name, **kw_params):
+    for region in regions():
+        if region.name == region_name:
+            return region.connect(**kw_params)
+    return None
+
+
+def create_clusters(region, namespace, mappings, parameters, **kwargs):
+    """ Creates ECS clusters.
+
+    Expects a 'clusters' argument, which should contain a list of cluster
+    names to create.
+    """
+    conn = connect_to_region(region)
+    try:
+        clusters = kwargs['clusters']
+    except KeyError:
+        logger.error("setup_clusters hook missing 'clusters' argument")
+        return False
+
+    if isinstance(clusters, basestring):
+        clusters = [clusters]
+
+    for cluster in clusters:
+        logger.debug("Creating ECS cluster: %s", cluster)
+        conn.create_cluster(cluster)
+    return True
diff --git a/stacker/hooks/iam.py b/stacker/hooks/iam.py
@@ -0,0 +1,31 @@
+import logging
+
+logger = logging.getLogger(__name__)
+
+from aws_helper.connection import ConnectionManager
+
+from awacs.aws import Statement, Allow, Policy
+from awacs import ecs
+
+
+def create_ecs_service_role(region, namespace, mappings, parameters,
+                            **kwargs):
+    """ Used to create the ecsServieRole, which has to be named exactly that
+    currently, so cannot be created via CloudFormation. See:
+
+    http://docs.aws.amazon.com/AmazonECS/latest/developerguide/IAM_policies.html#service_IAM_role
+    """
+    conn = ConnectionManager(region).iam
+    policy = Policy(
+        Statement=[
+            Statement(
+                Effect=Allow,
+                Resource=["*"],
+                Action=[ecs.CreateCluster, ecs.DeregisterContainerInstance,
+                        ecs.DiscoverPollEndpoint, ecs.Poll,
+                        ecs.ECSAction("Submit*")]
+            )
+        ])
+    conn.put_role_policy("ecsServiceRole", "AmazonEC2ContainerServiceRole",
+                         policy.to_json())
+    return True