VPC Support #49

Merged
merged 3 commits into from Apr 17, 2013

Conversation

Projects
None yet
3 participants
Contributor

calebfornari commented Mar 29, 2013

I needed vpc support for a project I was working on so I went ahead and added it. Thought it might be useful to others.

Note that this change introduces parameter dependencies when using a vpc subnet in
that security group identifiers must be passed as ID's instead of names,
and at least one security group is required in order to create an
instance in a vpc subnet. The documentation may need to be updated accordingly.

@calebfornari calebfornari Adding support for using vpc subnets.
This change introduces parameter dependencies when using a vpc subnet in
that security group identifiers must be passed as ID's instead of names,
and at least one security group is required in order to create an
instance in a vpc subnet.
58b3c42
Collaborator

cosmin commented Apr 13, 2013

Instead of requiring the user to pass in security group ids for VPC I think we should look up the necessary id (and perhaps do it always so we don't need a separate code path just for VPC).

Contributor

calebfornari commented Apr 17, 2013

This is a little convoluted since boto does not allow fetching vpc security group by name, but I have modified to pull all security groups and then parse the list and match on name. This solves the dual code path problem and allows the user to always specify a security group name even when using a vpc subnet.

@cosmin cosmin added a commit that referenced this pull request Apr 17, 2013

@cosmin cosmin Merge pull request #49 from calebfornari/master
Add VPC support
95398ab

@cosmin cosmin merged commit 95398ab into newsapps:master Apr 17, 2013

Collaborator

cosmin commented Apr 17, 2013

There actually is a way to do this in boto (at least in a new enough version), although it is somewhat hidden.

con.get_all_security_groups(groupnames=['default'])

That said, I think the current approach is a good place to start, we can optimize the boto call in a second pass.

Contributor

calebfornari commented Apr 17, 2013

That method works great as long as the named group is not in a VPC (I actually tried this first), if you try that with a VPC security group name however the aws response returns an explicit error stating that VPC security groups can only be retrieved by id. I am on boto 2.7, so it's possible that this changed in 2.8 but I doubt it since this seems to be a limitation of the aws api and not boto itself.

Collaborator

cosmin commented Apr 17, 2013

Ah, I should have checked this in VPC. Thanks again for getting this working :)

Contributor

Altonymous commented May 15, 2013

This appears to break in some cases when you have 2 security groups named the same thing. I think it needs to be modified to also take the instance and compare the instance type to find the right group. I'm investigating how to do this now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment