Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

boto_asg - add support for use of security group names in launch configs #14701

Merged
merged 1 commit into from Aug 4, 2014

Conversation

@colinbjohnson
Copy link
Contributor

commented Aug 4, 2014

Overview:

This pull request will allow the use of a security group names within the boto_asg state module when creating Auto Scaling Groups within a VPC.

Previous Behavior:

When given a state file that looks like the following:

Ensure gateway security group exists:
  boto_asg.present:
    - name: test-vpc
    - availability_zones:
      - us-east-1c
      - us-east-1d
    - min_size: 0
    - max_size: 0
    - desired_capacity: 0
    - region: us-east-1
    - vpc_zone_identifier:
      - subnet-61b47516
      - subnet-a042a1f9
    - tags:
      - key: 'Name'
        value: 'test'
        propagate_at_launch: true
    - launch_config_name: test
    - launch_config:
      - image_id: ami-a427efcc
      - security_groups:
        - sg-c4b3cea1
        - gateway
        - test-2

The boto_asg state would fail to execute due to a boto failure - the security group names aren't allows by Amazon's API because they lack specificity. As an example, the group gateway could be in multiple VPCs or in EC2-Classic and EC2-VPC - resulting in a condition where the launch configuration could not be created.

New Behavior:

Behavior has been modified slightly to allow for use of security group names within a boto_asg.present State Definition. Description Below.

  1. If one or more VPC Zone Identifiers are given in an Auto Scaling Group Configuration, the boto_asg state module will call boto_vpc.get_subnet_association (newly added module/function) to determine which VPC the Auto Scaling Group is associated with.
  2. If associated with a VPC, the boto_asg module will determine if there are any security groups defined in the Auto Scaling Group's Launch Configuration. If there are Launch Configuration <-> Security Group associations, the boto_asg state module will convert all Security Group Names to Security Group IDs using boto_secgroup.get_group_id (newly added module/function).
  3. The new Auto Scaling Group and Launch Configuration will be built.

Additional Changes:

  1. Unit Testing for newly added boto_secgroup.get_group_id and boto_vpc.get_subnet_association modules and functions.
@salt-jenkins

This comment has been minimized.

Copy link
Contributor

commented Aug 4, 2014

Test PASSed.
Refer to this link for build results: http://jenkins.saltstack.com/job/salt-pr-build/6634/

@colinbjohnson colinbjohnson changed the title boto_asg now support use of security group names in launch configs boto_asg - add support for use of security group names in launch configs Aug 4, 2014

thatch45 added a commit that referenced this pull request Aug 4, 2014
Merge pull request #14701 from lyft/asg-support-security-group-names
boto_asg - add support for use of security group names in launch configs

@thatch45 thatch45 merged commit d279889 into saltstack:develop Aug 4, 2014

1 check passed

default Merged build finished.
Details
@ryan-lane

This comment has been minimized.

Copy link
Contributor

commented Aug 29, 2014

@basepi please backport to 2014.7

@colinbjohnson colinbjohnson deleted the lyft:asg-support-security-group-names branch Sep 4, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
6 participants
You can’t perform that action at this time.