Applb is a tool to manage ALB. It defines the state of ALB using DSL, and updateds ALB according DSL.
Ruby HTML Shell
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
bin
exe
lib
spec
.gitignore
.rspec
.travis.yml
Gemfile
LICENSE.txt
README.md
Rakefile
applb.gemspec
aws_config.yml.enc

README.md

Applb

Build Status

Applb is a tool to manage ELB v2(ALB). It defines the state of ELB v2(ALB) using DSL, and updates ELB v2(ALB) according to DSL.

Installation

Add this line to your application's Gemfile:

gem 'applb'

And then execute:

$ bundle

Or install it yourself as:

$ gem install applb

Usage

export AWS_ACCESS_KEY_ID='...'
export AWS_SECRET_ACCESS_KEY='...'
export AWS_REGION='ap-northeast-1'
applb -e -o ALBfile  # export ELB v2(ALB)
vi ALBFile
applb -a --dry-run
applb -a             # apply `ALBfile` to ELB

Help

Usage: applb [options]
    -h, --help                       Show help
    -v, --debug                      Show debug log
    -a, --apply                      apply DSL
    -e, --export                     export to DSL
    -n, --dry-run                    dry run
    -f, --file FILE                  use selected DSL file
    -s, --split                      split export DSL file to 1 per VPC
        --split-more
                                     split export DSL file to 1 per load balancer
        --no-color
                                     no color
    -i, --include-names NAMES        include ELB v2(ALB) names
    -x, --exclude-names NAMES        exclude ELB v2(ALB) names by regex

ALBfile

require 'other/albfile'

ec2 "vpc-XXXXXXXX" do
  elb_v2 "my-app-load-balancer" do
    subnets(
      "subnet-XXXXXXXX",
      "subnet-YYYYYYYY",
    )

    security_groups(
      "sg-XXXXXXXX",
      "sg-YYYYYYYY",
    )

    scheme("internet-facing") # internal or internet-facing

    ip_address_type("ipv4") # ipv4 or dualstack

    attributes do
      # currently applb does not create bucket and set bucket policy.
      # you must create and set bucket policy by yourself.
      access_logs({
        s3_enabled: false,
        s3_bucket: nil,
        s3_prefix: nil,
      })
      idle_timeout timeout_seconds: 60
      deletion_protection enabled: false
    end

    target_groups do
      target_group "my-target-group" do
        protocol "HTTP" # HTTP or HTTPS
        port 80
        vpc_id "vpc-XXXXXXXX"
        health_check_interval_seconds 30
        health_check_path "/healthcheck"
        health_check_port "traffic-port" # specify port number or use traffic-port which indicates the port on which each target receives traffic from the load balancer.
        health_check_protocol "HTTP" # HTTP or HTTPS
        health_check_timeout_seconds 5
        healthy_threshold_count 5
        unhealthy_threshold_count 2
        matcher http_code: "200"
      end

      target_group "my-target-group2" do
        protocol "HTTP"
        port 80
        vpc_id "vpc-XXXXXXXX"
        health_check_interval_seconds 30
        health_check_path "/healthcheck"
        health_check_port "traffic-port"
        health_check_protocol "HTTP"
        health_check_timeout_seconds 5
        healthy_threshold_count 5
        unhealthy_threshold_count 2
        matcher http_code: "200" # if needs multiple values set like 200,302 or 200-299
      end
    end

    listeners do
      # https sample
      listener do
        # if multiple certificates is needed, call certificates method multiple times.
        # eg.
        # certificates certificate_arn: "[certificate arn1]"
        # certificates certificate_arn: "[certificate arn2]"
        certificates certificate_arn: "arn:aws:acm:ap-northeast-1:XXXXXXXXXXXX:certificate/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
        ssl_policy "ELBSecurityPolicy-2015-05"
        port 443
        protocol "HTTPS" # HTTP or HTTPS

        default_actions(
          target_group_name: "my-target-group", # set target_group_name defined above
          # [optional]
          # needs this to avoid unnecessary call of create_target_group.
          target_group_arn: "arn:aws:elasticloadbalancing:ap-northeast-1:XXXXXXXXXXXX:targetgroup/my-target-group/XXXXXXXXXXXXXXXX",
          type: "forward",
        )

        rules do
          # no rules
        end
      end

      # http sample
      listener do
        port 80
        protocol "HTTP"

        default_actions(
          target_group_name: "my-target-group",
          # [optional]
          # needs this to avoid unnecessary call of create_target_group.
          target_group_arn: "arn:aws:elasticloadbalancing:ap-northeast-1:XXXXXXXXXXXX:targetgroup/my-target-group/XXXXXXXXXXXXXXXX",
          type: "forward",
        )

        rules do
          rule do
            # caution!
            # rule_arn is needed to update rule_arn.
            # after created rule_arn you are strongly recommended to write rule_arn.
            rule_arn "arn:aws:elasticloadbalancing:ap-northeast-1:XXXXXXXXXXXX:listener-rule/app/my-app-load-balancer/XXXXXXXXXXXXXXXX/XXXXXXXXXXXXXXXX/XXXXXXXXXXXXXXXX"
            # caution!
            # currently priority is used by set_rule_priorities one by one.
            # this means if priority is conflicted each other, applb fails to modify rule.
            # so it is recommended to modify priority number that is not used yet.
            priority "3"

            actions(
              target_group_name: "my-target-group2",
              # [optional]
              # needs this to avoid unnecessary call of create_target_group.
              target_group_arn: "arn:aws:elasticloadbalancing:ap-northeast-1:XXXXXXXXXXXX:targetgroup/my-target-group2/XXXXXXXXXXXXXXXX",
              type: "forward",
            )

            conditions(
              field: "path-pattern",
              values: ["/admin/*"], # * for 0 or more characters and ? for exactly 1 character
            )
          end

          rule do
            rule_arn "arn:aws:elasticloadbalancing:ap-northeast-1:XXXXXXXXXXXX:listener-rule/app/my-app-load-balancer/XXXXXXXXXXXXXXXX/XXXXXXXXXXXXXXXX/XXXXXXXXXXXXXXXX""
            priority "4"

            actions(
              target_group_name: "my-target-group2",
              # [optional]
              # needs this to avoid unnecessary call of create_target_group.
              target_group_arn: "arn:aws:elasticloadbalancing:ap-northeast-1:XXXXXXXXXXXX:targetgroup/my-target-group2/XXXXXXXXXXXXXXXX",
              type: "forward",
            )

            conditions(
              field: "path-pattern",
              values: ["/user/*"],
            )
          end
        end
      end
    end
  end
end

Use template

template "target_groups" do
  target_groups do
    target_group "my-target-group" do
      protocol "HTTP"
      port context.port || 80 # use default 80 or override with context value
      vpc_id "vpc-XXXXXXXX"
      health_check_interval_seconds 30
      health_check_path "/healthcheck"
      health_check_port "traffic-port"
      health_check_protocol "HTTP"
      health_check_timeout_seconds 5
      healthy_threshold_count 5
      unhealthy_threshold_count 2
      matcher http_code: "200"
    end
end

ec2 "vpc-XXXXXXXXX" do
  elb_v2 "my-app-load-balancer" do
    subnets(
      "subnet-XXXXXXXX",
      "subnet-YYYYYYYY",
      )
    end

    include_template "target_groups", port: 80
  end
end

Test

set your AWS arn for spec/aws_config.yml.sample and rename to spec/aws_config.yml.

Similar tools

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/codenize-tools/applb.

License

The gem is available as open source under the terms of the MIT License.