#1871 - Amazon EC2 VPC support #778
Conversation
this patch is rebased from 1.0 to 1.2. original patch created by rvrignaud
moved managed_ip to fog_extentions/aws/server security groups and VPC are displayed by name where possible instead of by amazon id moved code from _ec2 form into a helper
reverting provided_attributes to take the host out of it
updating the initial load of the security group list, so that names are displayed instead of the amazon ids on first load of virtual machine page
made static strings into translation ones using _(...) changed .map to .find_all in security_groups, in case there are any nil values
| @@ -15,6 +15,7 @@ gem 'uuidtools' | |||
| gem "apipie-rails", "~> 0.0.22" | |||
| gem 'rabl', '>= 0.7.5' | |||
| gem 'oauth' | |||
| gem 'puppet' | |||
There was a problem hiding this comment.
This isn't in the gemfile because most people will use the system version. For development you should put it into bundler.d/Gemfile.local.rb.
There was a problem hiding this comment.
OK, great, thanks for the tip!
On Fri, Jul 12, 2013 at 1:58 PM, Sam Kottler notifications@github.comwrote:
In Gemfile:
@@ -15,6 +15,7 @@ gem 'uuidtools'
gem "apipie-rails", "~> 0.0.22"
gem 'rabl', '>= 0.7.5'
gem 'oauth'
+gem 'puppet'This isn't in the gemfile because most people will use the system version.
For development you should put it into bundler.d/Gemfile.local.rb.—
Reply to this email directly or view it on GitHubhttps://github.com//pull/778/files#r5163939
.
There was a problem hiding this comment.
This line is causing the tests to fail. Would you mind removing it so the initial tests can run?
|
[test] |
made static strings into translation ones using _(...) changed .map to .find_all in security_groups, in case there are any nil values
|
[test] |
| @@ -154,3 +154,16 @@ function enable_libvirt_dropdown(item){ | |||
| item.find(':input').attr('disabled',false) | |||
| item.show(); | |||
| } | |||
|
|
|||
| function ec2_vpcSelected(form, security_groups, subnets){ | |||
| $('#host_compute_attributes_security_group_ids').empty() | |||
There was a problem hiding this comment.
while not critical, the vm creation forms are also avail under /compute_resources/id/vms/new, hardcoding the host_id would not work no these conditions, maybe change to a regexp match that checks the ending of the id with security_groups_ids instead?
There was a problem hiding this comment.
there isn't any reference from /compute_resources/id/vms/new to the function name yet.
maybe we could wait until that functionality has being added?
what is the difference between compute_resources and compute_resources_vms (presume its a difference between baremetal and could servers)?
There was a problem hiding this comment.
compute_resource is the creation of the CR itself, CR_vms is a shortcut to create just the vm vs the full blown host object.
There was a problem hiding this comment.
ah ok.
i see what you are getting at now.
this will need a little bit more work for another reason as when the multi
select list is created, it doesn't like to be changed by just altering the
options and calling multiSelectOnLoad();
but will also make the selection a regex so it picks up both multiselect
lists.
On Mon, Jul 15, 2013 at 2:42 PM, Ohad Levy notifications@github.com wrote:
In app/assets/javascripts/compute_resource.js:
@@ -154,3 +154,16 @@ function enable_libvirt_dropdown(item){
item.find(':input').attr('disabled',false)
item.show();
}
+
+function ec2_vpcSelected(form, security_groups, subnets){
- $('#host_compute_attributes_security_group_ids').empty()
compute_resource is the creation of the CR itself, CR_vms is a shortcut to
create just the vm vs the full blown host object.—
Reply to this email directly or view it on GitHubhttps://github.com//pull/778/files#r5189608
.
changing attributes to symbolic versions instead of direct method calls
| @@ -13,6 +16,10 @@ def dns | |||
| dns_name || private_dns_name | |||
| end | |||
|
|
|||
| def vm_ip_address | |||
| managed_ip == 'private' ? :private_ip_address : :public_ip_address | |||
There was a problem hiding this comment.
changed private_ip_address and public_ip_address to symbolic calls as suggested by @ohadlevy
both seem to work, but symbolic calls seem to comply more with convention
There was a problem hiding this comment.
after some testing, this doesn't work. private_ip_address and public_ip_address need to be method names, otherwise the string private_ip_address is stored as the IP address of the vm.
There was a problem hiding this comment.
This should be a method as vm_ip_address needs to the return the actual IP value.
There was a problem hiding this comment.
Yes, after some extermination, that is the way I'll set it in the next
patch update.
One other thing, for the multi-select box, it seems the current library
that foreman uses is a little buggy around updating the multiselect box and
refreshing it.
After updating the library to v0.9.8 from v0.9.3, everything starting
working straight away.
Any objections to updating the library again to 0.9.8?
Mark
On Wed, Jul 17, 2013 at 10:47 AM, Dominic Cleal notifications@github.comwrote:
In lib/fog_extensions/aws/server.rb:
@@ -13,6 +16,10 @@ def dns
dns_name || private_dns_name
end
def vm_ip_addressmanaged_ip == 'private' ? :private_ip_address : :public_ip_addressThis should be a method as vm_ip_address needs to the return the actual IP
value.—
Reply to this email directly or view it on GitHubhttps://github.com//pull/778/files#r5238013
.
There was a problem hiding this comment.
I asked @abenari about this and he said:
155901 < amos_> Dominic, replacing multi-select to 0.9.8 broke the headers (with the filter, select all, unselect all) I'll need to look into it probably a small issue.
Maybe he can suggest a fix that we can apply as part of this patch?
There was a problem hiding this comment.
Tried upgrading the multi-select from v0.9.3 to v0.9.8 and found that on some of the multi-select boxes, in organization edit form the header that holds the filter and select/unselect all is missing. I was also able to unselect disabled items.
|
[test] |
|
@moshea can you please merge the |
| <% security_groups = compute_resource.security_groups %> | ||
| <% vpc_id = @host && @host.vpc_id %> | ||
|
|
||
| <%= selectable_f f, :security_group_ids, security_groups.map{|sg| [sg.name, sg.group_id,] if sg.vpc_id == vpc_id}.compact!, |
There was a problem hiding this comment.
To avoid the .map.compact! expression, you can do security_groups.select { |sg| .. } instead
There was a problem hiding this comment.
Sorry, re-reading this, it's actually restricting the options listed to the users if they're editing a host and have a security group selected.. seems that instead it should use multiple_selects instead of selectable_f + multiple: true, then you're able to pass in the currently selected value. Have a look at app/views/taxonomies/_form.html.erb for how they work.
If it's not possible (or sensible?) to change this on the fly, it should probably be disabled too for non-new hosts.
There was a problem hiding this comment.
@domcleal I agree with everything you said. It's not possible to change the security groups a host is in after its launched so existing hosts need to have re-selection disabled when being edited.
There was a problem hiding this comment.
The VMware form has a good example of this, borrow the new/disabled code from there.
patched jquery.multi-select so that 'refresh' method would now refresh the select box fixed multiselect form submission and initial loading issues moved vpc_id from generic host object to a helper function vpc_security_group_hash and subnet_vpc_hash added as 'data' attributes on select_f in _ec2.html.erb, they are now accessible without needing to export as JSON in this :onchange attribute rewrote security_groups method to make it cleaner cleaned up some test code
|
@domcleal - the multiselect library has being reverted back, however, I made a 4 line patch which fixes the refreshing of the select list. luckily it was so easy. All of the other changes have being made except for the suggest about moving an f_selectable :multiple=> true to a multiple_select. possibly my lack of ruby front end, but multiple_select seems to want to work on ActiveRecord objects, and isn't so great for array's of hashes, as the .all method is used in multiple_selects |
| {}, | ||
| { :multiple => true, :label => _("Security groups"), :disabled => !@host.nil?, | ||
| :data => {:security_groups => vpc_security_group_hash(security_groups), :subnets => subnet_vpc_hash(subnets)} } %> | ||
|
|
There was a problem hiding this comment.
The above is causing an error for me when not using an account with a VPC, although it works as I'd expect on an account with a VPC configured.
edit: hmm, having trouble reproducing it now...
|
has DNS been tested by anyone else besides me? With a DNS proxy configured I get: NoMethodError |
patched jquery.multi-select so that 'refresh' method would now refresh the select box fixed multiselect form submission and initial loading issues moved vpc_id from generic host object to a helper function vpc_security_group_hash and subnet_vpc_hash added as 'data' attributes on select_f in _ec2.html.erb, they are now accessible without needing to export as JSON in this :onchange attribute rewrote security_groups method to make it cleaner cleaned up some test code FIXED: issue reported by @jmontleon, using an account without a VPC causes an error on _ec2.html.erb
Conflicts: app/helpers/compute_resources_vms_helper.rb app/views/compute_resources_vms/form/_ec2.html.erb FIXED: issue reported by @jmontleon error when trying to create an instance without a VPC - error has being fixed, by checking for mil on compute_resource.security_groups. However, it turns out, once the default VPC has being removed, instances can no longer be created and need to contact amazon support to create a default VPC. Also cleaned up the code a little bit, and placed some logic inside a helper, getting security groups for VPC's
|
Hi @jmontleon |
|
@moshea it's pretty straightforward. Install bind, create a forward zone, (could literally just be example.com if it's for testing) and configure as outlined here: http://www.theforeman.org/manuals/1.2/index.html#4.3.5BIND One thing that might be nice, is adding ptr records for vpc hosts, but not critical for us, I don't think. Also, fwiw I literally just added rescue nil to the end of that line and it works now. |
|
@moshea another small point if it's possible. Can the subnet selection go above the security groups? As it is, because the security groups change based on the subnet selected it almost makes more sense to work from the bottom of the page up when making your selections. |
|
@moshea also if I select one of the AWS Compute Resources when creating a new host and then select a hostgroup the Security Groups box gets grayed out. If I unselect and select the compute resource (or select it after selecting a hostgroup) the items listed in it are selectable (again). |
|
@jmontleon moving the subnet selection above the security group makes perfect sense. so implemented that change. Also, stopped the securty group dialog box being disabled when a hostgroup is selected. |
moving the subnet selection above the security group stopped the securty group dialog box being disabled when a hostgroup is selected. The rescue nil for DNS proxy errors Conflicts: app/models/concerns/fog_extensions/aws/server.rb
|
sorry guys, seems I have messed up the pull request a little bit. i'll work on fixing it a little later today. |
|
@lzap reminder - add this to Headline Feature for 1.3 if it gets merged |
|
Thank you for your efforts preparing and finalising this @moshea, and to @rvrignaud for the original implementation. I'm happy to say it's been merged as beed05d for Foreman 1.3. |
issue 1871
ability to select a security group for a amazon instance inside a vpc
this is a second pull request after the changes suggested from the first pull
main changes:
managed_ip moved to a VM
vpc and security groups display human names where possible (based on the standard tag "Name" )
moved code into helpers out of .erb files