Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

VPC Support #49

Merged
merged 3 commits into from

3 participants

@calebfornari

I needed vpc support for a project I was working on so I went ahead and added it. Thought it might be useful to others.

Note that this change introduces parameter dependencies when using a vpc subnet in
that security group identifiers must be passed as ID's instead of names,
and at least one security group is required in order to create an
instance in a vpc subnet. The documentation may need to be updated accordingly.

@calebfornari calebfornari Adding support for using vpc subnets.
This change introduces parameter dependencies when using a vpc subnet in
that security group identifiers must be passed as ID's instead of names,
and at least one security group is required in order to create an
instance in a vpc subnet.
58b3c42
@cosmin
Collaborator

Instead of requiring the user to pass in security group ids for VPC I think we should look up the necessary id (and perhaps do it always so we don't need a separate code path just for VPC).

@calebfornari

This is a little convoluted since boto does not allow fetching vpc security group by name, but I have modified to pull all security groups and then parse the list and match on name. This solves the dual code path problem and allows the user to always specify a security group name even when using a vpc subnet.

@cosmin cosmin merged commit 95398ab into from
@cosmin
Collaborator

There actually is a way to do this in boto (at least in a new enough version), although it is somewhat hidden.

con.get_all_security_groups(groupnames=['default'])

That said, I think the current approach is a good place to start, we can optimize the boto call in a second pass.

@calebfornari

That method works great as long as the named group is not in a VPC (I actually tried this first), if you try that with a VPC security group name however the aws response returns an explicit error stating that VPC security groups can only be retrieved by id. I am on boto 2.7, so it's possible that this changed in 2.8 but I doubt it since this seems to be a limitation of the aws api and not boto itself.

@cosmin
Collaborator

Ah, I should have checked this in VPC. Thanks again for getting this working :)

@Altonymous

This appears to break in some cases when you have 2 security groups named the same thing. I think it needs to be modified to also take the instance and compare the instance type to find the right group. I'm investigating how to do this now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Mar 29, 2013
  1. @calebfornari

    Adding support for using vpc subnets.

    calebfornari authored
    This change introduces parameter dependencies when using a vpc subnet in
    that security group identifiers must be passed as ID's instead of names,
    and at least one security group is required in order to create an
    instance in a vpc subnet.
Commits on Apr 15, 2013
  1. @calebfornari
Commits on Apr 17, 2013
  1. @calebfornari
This page is out of date. Refresh to see the latest.
Showing with 23 additions and 6 deletions.
  1. +17 −3 beeswithmachineguns/bees.py
  2. +6 −3 beeswithmachineguns/main.py
View
20 beeswithmachineguns/bees.py
@@ -71,10 +71,23 @@ def _get_pem_path(key):
def _get_region(zone):
return zone[:-1] # chop off the "d" in the "us-east-1d" to get the "Region"
+
+def _get_security_group_ids(connection, security_group_names):
+ ids = []
+ # Since we cannot get security groups in a vpc by name, we get all security groups and parse them by name later
+ security_groups = connection.get_all_security_groups()
+
+ # Parse the name of each security group and add the id of any match to the group list
+ for group in security_groups:
+ for name in security_group_names:
+ if group.name == name:
+ ids.append(group.id)
+
+ return ids
# Methods
-def up(count, group, zone, image_id, instance_type, username, key_name):
+def up(count, group, zone, image_id, instance_type, username, key_name, subnet):
"""
Startup the load testing server.
"""
@@ -103,9 +116,10 @@ def up(count, group, zone, image_id, instance_type, username, key_name):
min_count=count,
max_count=count,
key_name=key_name,
- security_groups=[group],
+ security_group_ids=_get_security_group_ids(ec2_connection, [group]),
instance_type=instance_type,
- placement=zone)
+ placement=zone,
+ subnet_id=subnet)
print 'Waiting for bees to load their machine guns...'
View
9 beeswithmachineguns/main.py
@@ -61,7 +61,7 @@ def parse_options():
help="The number of servers to start (default: 5).")
up_group.add_option('-g', '--group', metavar="GROUP", nargs=1,
action='store', dest='group', type='string', default='default',
- help="The security group to run the instances under (default: default).")
+ help="The security group(s) to run the instances under (default: default).")
up_group.add_option('-z', '--zone', metavar="ZONE", nargs=1,
action='store', dest='zone', type='string', default='us-east-1d',
help="The availability zone to start the instances in (default: us-east-1d).")
@@ -74,6 +74,9 @@ def parse_options():
up_group.add_option('-l', '--login', metavar="LOGIN", nargs=1,
action='store', dest='login', type='string', default='newsapps',
help="The ssh username name to use to connect to the new servers (default: newsapps).")
+ up_group.add_option('-v', '--subnet', metavar="SUBNET", nargs=1,
+ action='store', dest='subnet', type='string', default=None,
+ help="The vpc subnet id in which the instances should be launched. (default: None).")
parser.add_option_group(up_group)
@@ -115,8 +118,8 @@ def parse_options():
if options.group == 'default':
print 'New bees will use the "default" EC2 security group. Please note that port 22 (SSH) is not normally open on this group. You will need to use to the EC2 tools to open it before you will be able to attack.'
-
- bees.up(options.servers, options.group, options.zone, options.instance, options.type, options.login, options.key)
+
+ bees.up(options.servers, options.group, options.zone, options.instance, options.type, options.login, options.key, options.subnet)
elif command == 'attack':
if not options.url:
parser.error('To run an attack you need to specify a url with -u')
Something went wrong with that request. Please try again.