- EC2LM: EFS utils will only be installed if it does not already exist

- EC2LMS: EFS: Moved tmp dir to root folder for CIS hardened ubuntu images. - EC2LMS: EFS: Mounting of EFS drives made idempotent
waterbear-cloud · Oct 30, 2021 · 93f5a15 · 93f5a15
1 parent b44c622
commit 93f5a15
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 16 deletions.
diff --git a/src/paco/application/ec2_launch_manager.py b/src/paco/application/ec2_launch_manager.py
@@ -962,6 +962,9 @@ def lb_add_efs(self, bundle_name, resource):
 EFS_MOUNT_FOLDER_LIST=./efs_mount_folder_list
 EFS_ID_LIST=./efs_id_list
 
+mkdir -p /root/tmp
+TMP_DIR=/root/tmp
+
 function process_mount_target()
 {{
     MOUNT_FOLDER=$1
@@ -971,15 +974,26 @@ def lb_add_efs(self, bundle_name, resource):
     EFS_ID=$(aws efs describe-file-systems --region $REGION --no-paginate --query "FileSystems[].{{Tags: Tags[?Key=='Paco-Stack-Name'].Value, FileSystemId: FileSystemId}} | [].{{stack: Tags[0], fs: FileSystemId}} | [?stack=='$EFS_STACK_NAME'].fs | [0]" | tr -d '"')
 
     # Setup the mount folder
+    set +e
+    # Verify we are mounting the correct EFS IDs
     if [ -e $MOUNT_FOLDER ] ; then
-        mv $MOUNT_FOLDER ${{MOUNT_FOLDER%%/}}.old
+        if mountpoint -q -- $MOUNT_FOLDER; then
+            mount |grep " on $MOUNT_FOLDER" |grep "$EFS_ID"
+            if [ $? -ne 0 ] ; then
+                echo "EFS: A new EFS_ID detected: unmounting folder: $MOUNT_FOLDER"
+                umount $MOUNT_FOLDER
+            else
+                echo "EFS: Folder already mounted: $MOUNT_FOLDER -> $EFS_ID"
+            fi
+        fi
+    else
+        mkdir -p $MOUNT_FOLDER
     fi
-    mkdir -p $MOUNT_FOLDER
-
+    set -e
     # Setup fstab
-    grep -v -E "^$EFS_ID:/" /etc/fstab >/tmp/fstab.efs_new
-    echo "$EFS_ID:/ $MOUNT_FOLDER efs defaults,_netdev,fsc 0 0" >>/tmp/fstab.efs_new
-    mv /tmp/fstab.efs_new /etc/fstab
+    grep -v -E "^$EFS_ID:/" /etc/fstab >${{TMP_DIR}}/fstab.efs_new
+    echo "$EFS_ID:/ $MOUNT_FOLDER efs defaults,_netdev,fsc 0 0" >>${{TMP_DIR}}/fstab.efs_new
+    mv ${{TMP_DIR}}/fstab.efs_new /etc/fstab
     chmod 0664 /etc/fstab
     echo "$MOUNT_FOLDER" >>$EFS_MOUNT_FOLDER_LIST".new"
     echo "$EFS_ID" >>$EFS_ID_LIST".new"
@@ -1014,8 +1028,8 @@ def lb_add_efs(self, bundle_name, resource):
     if [ -e "$EFS_ID_LSIT" ] ; then
         for EFS_ID in $(cat $EFS_ID_LIST)
         do
-            grep -v -E "^$EFS_ID:/" /etc/fstab >/tmp/fstab.efs_new
-            mv /tmp/fstab.efs_new /etc/fstab
+            grep -v -E "^$EFS_ID:/" /etc/fstab >${{TMP_DIR}}/fstab.efs_new
+            mv ${{TMP_DIR}}/fstab.efs_new /etc/fstab
             chmod 0664 /etc/fstab
         done
         rm $EFS_ID_LIST

diff --git a/src/paco/application/ec2lm_commands.py b/src/paco/application/ec2lm_commands.py
@@ -60,14 +60,20 @@
 		'amazon': 'yum install -y amazon-efs-utils cachefilesd',
 		'centos': 'yum install -y amazon-efs-utils cachefilesd',
 		'ubuntu': """
-    apt-get install cachefilesd git binutils make -y
-    LB_DIR=$(pwd)
-    cd /tmp
-    git clone https://github.com/aws/efs-utils
-    cd efs-utils/
-    ./build-deb.sh
-    apt-get -y install ./build/amazon-efs-utils*deb
-    cd ${LB_DIR}
+    dpkg -l amazon-efs-utils 2>/dev/null 2>&1
+    if [ $? -ne 0 ] ; then
+        echo "EFS: amazon-efs-utils: Installing package"
+        apt-get install cachefilesd git binutils make -y
+        LB_DIR=$(pwd)
+        cd /tmp
+        git clone https://github.com/aws/efs-utils
+        cd efs-utils/
+        sh ./build-deb.sh
+        apt-get -y install ./build/amazon-efs-utils*deb
+        cd ${LB_DIR}
+    else
+        echo "EFS: amazon-efs-utils package is already installed."
+    fi
 """
 	},
 	'install_cfn_init': {