kotovalexarian-likes-github/fog--fog
1
0
Fork 0
mirror of https://github.com/fog/fog.git synced 2022-11-09 13:51:43 -05:00
Code Releases Activity

[aws|elb] add new style default security group

Browse source 
* AWS VPC enabled accounts have a new style security
  group separate from the 'amazon-elb-sg' group.
* added describe account attributes call
* use account attributes to determine elb security group
This commit is contained in:
Eugene Howe 2013-08-06 09:51:51 -04:00
parent 2921c81e40
commit e146962677
6 changed files with 186 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
lib/fog/aws/compute.rb
View file

@ -80,6 +80,7 @@ module Fog
request :delete_volume request :delete_volume
request :delete_vpc request :delete_vpc
request :deregister_image request :deregister_image
request :describe_account_attributes
request :describe_addresses request :describe_addresses
request :describe_availability_zones request :describe_availability_zones
request :describe_dhcp_options request :describe_dhcp_options
@ -192,7 +193,15 @@ module Fog
} }
], ],
'ownerId' => owner_id 'ownerId' => owner_id
} },
'amazon-elb-sg' => {
'groupDescription' => 'amazon-elb-sg',
'groupName' => 'amazon-elb-sg',
'groupId' => 'amazon-elb',
'ownerId' => 'amazon-elb',
'ipPermissionsEgree' => [],
'ipPermissions' => [],
},
}, },
:network_interfaces => {}, :network_interfaces => {},
:snapshots => {}, :snapshots => {},
@ -205,7 +214,33 @@ module Fog
:subnets => [], :subnets => [],
:vpcs => [], :vpcs => [],
:dhcp_options => [], :dhcp_options => [],
:internet_gateways => [] :internet_gateways => [],
:account_attributes => [
{
"values" => ["5"],
"attributeName" => "vpc-max-security-groups-per-interface"
},
{
"values" => ["20"],
"attributeName" => "max-instances"
},
{
"values" => ["EC2", "VPC"],
"attributeName" => "supported-platforms"
},
{
"values" => ["none"],
"attributeName" => "default-vpc"
},
{
"values" => ["5"],
"attributeName" => "max-elastic-ips"
},
{
"values" => ["5"],
"attributeName" => "vpc-max-elastic-ips"
}
]
} }
end end
end end
@ -256,6 +291,11 @@ module Fog
images images
end end
def ec2_compatibility_mode(enabled=true)
values = enabled ? ["EC2", "VPC"] : ["VPC"]
self.data[:account_attributes].detect { |h| h["attributeName"] == "supported-platforms" }["values"] = values
end
def apply_tag_filters(resources, filters, resource_id_key) def apply_tag_filters(resources, filters, resource_id_key)
tag_set_fetcher = lambda {|resource| self.data[:tag_sets][resource[resource_id_key]] } tag_set_fetcher = lambda {|resource| self.data[:tag_sets][resource[resource_id_key]] }

42
lib/fog/aws/parsers/compute/describe_account_attributes.rb Normal file
View file

@ -0,0 +1,42 @@
module Fog
module Parsers
module Compute
module AWS
class DescribeAccountAttributes < Fog::Parsers::Base
def reset
@attribute = { 'values' => []}
@account_attributes = []
@response = { 'accountAttributeSet' => [] }
end
def start_element(name, attrs = [])
super
case name
when 'attributeValueSet'
@in_attribute_value_set = true
end
end
def end_element(name)
case name
when 'attributeName'
@attribute[name] = value
when 'attributeValue'
@attribute['values'] << value
when['requestId']
@response[name] = value
when 'item'
@response['accountAttributeSet'] << @attribute
@attribute = { 'values' => []} unless @in_attribute_value_set
when 'attributeValueSet'
@in_attribute_value_set = false
else
end
@response['accountAttributeSet'].uniq!
end
end
end
end
end
end

49
lib/fog/aws/requests/compute/describe_account_attributes.rb Normal file
View file

@ -0,0 +1,49 @@
module Fog
module Compute
class AWS
class Real
require 'fog/aws/parsers/compute/describe_account_attributes'
# Describe account attributes
#
# ==== Parameters
# * filters<~Hash> - List of filters to limit results with
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'requestId'<~String> = Id of request
# * 'accountAttributeSet'<~Array>:
# * 'attributeName'<~String> - supported-platforms
# * 'attributeValueSet'<~Array>:
# * 'attributeValue'<~String> - Value of attribute
#
# {Amazon API Reference}[http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ApiReference-query-DescribeAccountAttributes.html]
def describe_account_attributes(filters = {})
params = Fog::AWS.indexed_filters(filters)
request({
'Action' => 'DescribeAccountAttributes',
:idempotent => true,
:parser => Fog::Parsers::Compute::AWS::DescribeAccountAttributes.new
}.merge!(params))
end
end
class Mock
def describe_account_attributes(filters = {})
account_attributes = self.data[:account_attributes]
Excon::Response.new(
:status => 200,
:body => {
'requestId' => Fog::AWS::Mock.request_id,
'accountAttributeSet' => account_attributes
}
)
end
end
end
end
end

30
lib/fog/aws/requests/elb/create_load_balancer.rb
View file

@ -74,15 +74,29 @@ module Fog
dns_name = Fog::AWS::ELB::Mock.dns_name(lb_name, @region) dns_name = Fog::AWS::ELB::Mock.dns_name(lb_name, @region)
region = availability_zones ? availability_zones.first.gsub(/[a-z]$/, '') : "us-east-1"
Fog::Compute::AWS::Mock.data[@region][@aws_access_key_id][:security_groups]['amazon-elb-sg'] ||= { supported_platforms = Fog::Compute::AWS::Mock.data[region][@aws_access_key_id][:account_attributes].detect { |h| h["attributeName"] == "supported-platforms" }["values"]
'groupDescription' => 'amazon-elb-sg', security_group = if supported_platforms.include?("EC2")
'groupName' => 'amazon-elb-sg', Fog::Compute::AWS::Mock.data[region][@aws_access_key_id][:security_groups]['amazon-elb-sg']
'groupId' => 'amazon-elb', else
'ownerId' => 'amazon-elb', if default_sg = Fog::Compute::AWS::Mock.data[region][@aws_access_key_id][:security_groups].values.detect { |sg| sg['groupName'] =~ /default_elb/ }
'ipPermissionsEgree' => [], default_sg
else
default_sg_name = "default_elb_#{Fog::Mock.random_hex(6)}"
default_sg = {
'groupDescription' => 'default elb security group',
'groupName' => default_sg_name,
'groupId' => Fog::AWS::Mock.security_group_id,
'ipPermissionsEgress' => [],
'ipPermissions' => [], 'ipPermissions' => [],
'ownerId' => self.data[:owner_id]
} }
Fog::Compute::AWS::Mock.data[region][@aws_access_key_id][:security_groups][default_sg_name] = default_sg
end
default_sg
end
self.data[:load_balancers][lb_name] = { self.data[:load_balancers][lb_name] = {
'AvailabilityZones' => availability_zones, 'AvailabilityZones' => availability_zones,
@ -115,7 +129,7 @@ module Fog
'Proper' => [] 'Proper' => []
}, },
'SourceSecurityGroup' => { 'SourceSecurityGroup' => {
'GroupName' => '', 'GroupName' => security_group['groupName'],
'OwnerAlias' => '' 'OwnerAlias' => ''
} }
} }

5
tests/aws/models/elb/model_tests.rb
View file

@ -57,7 +57,10 @@ Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
end end
end end
tests('with vpc') do tests('with vpc') do
Fog::Compute[:aws].ec2_compatibility_mode(false)
elb2 = Fog::AWS[:elb].load_balancers.create(:id => "#{elb_id}-2", :subnet_ids => [@subnet_id]) elb2 = Fog::AWS[:elb].load_balancers.create(:id => "#{elb_id}-2", :subnet_ids => [@subnet_id])
tests("elb source group should be default_elb*").returns(true) { !!(elb2.source_group["GroupName"] =~ /default_elb_*/) }
tests("should have a 'default_elb_*' security group").returns(true) { Fog::Compute[:aws].security_groups.all.any? { |sg| sg.name =~ /default_elb/ } }
tests("subnet ids are correct").returns(@subnet_id) { elb2.subnet_ids.first } tests("subnet ids are correct").returns(@subnet_id) { elb2.subnet_ids.first }
elb2.destroy elb2.destroy
end end
@ -75,8 +78,10 @@ Shindo.tests('AWS::ELB | models', ['aws', 'elb']) do
end end
tests('with availability zones') do tests('with availability zones') do
Fog::Compute[:aws].ec2_compatibility_mode(true)
azs = @availability_zones[1..-1] azs = @availability_zones[1..-1]
elb2 = Fog::AWS[:elb].load_balancers.create(:id => "#{elb_id}-2", :availability_zones => azs) elb2 = Fog::AWS[:elb].load_balancers.create(:id => "#{elb_id}-2", :availability_zones => azs)
tests("elb source group should be amazon-elb-sg").returns(true) { elb2.source_group["GroupName"] == 'amazon-elb-sg' }
tests("availability zones are correct").returns(azs.sort) { elb2.availability_zones.sort } tests("availability zones are correct").returns(azs.sort) { elb2.availability_zones.sort }
elb2.destroy elb2.destroy
end end

25
tests/aws/requests/compute/client_tests.rb Normal file
View file

@ -0,0 +1,25 @@
Shindo.tests('Fog::Compute[:aws] | account tests', ['aws']) do
if Fog.mocking?
tests('check for vpc') do
tests('supports both vpc and ec2 in compatibility mode').succeeds do
client = Fog::Compute[:aws]
client.ec2_compatibility_mode(true)
data = Fog::Compute[:aws].describe_account_attributes.body
data['accountAttributeSet'].any? { |s| [*s["values"]].include?("VPC") && [*s["values"]].include?("EC2") }
end
tests('supports VPC in vpc mode').succeeds do
client = Fog::Compute[:aws]
client.ec2_compatibility_mode(true)
data = Fog::Compute[:aws].describe_account_attributes.body
data['accountAttributeSet'].any? { |s| [*s["values"]].include?("VPC") }
end
tests('does not support VPC and EC2 in vpc mode').succeeds do
client = Fog::Compute[:aws]
client.ec2_compatibility_mode(false)
data = Fog::Compute[:aws].describe_account_attributes.body
!data['accountAttributeSet'].any? { |s| [*s["values"]].include?("VPC") && [*s["values"]].include?("EC2") }
end
end
end
end