bootstrap-vz/bootstrapvz/providers/ec2/tasks/connection.py

from bootstrapvz.base import Task
from bootstrapvz.common import phases
import host


class SilenceBotoDebug(Task):
	description = 'Silence boto debug logging'
	phase = phases.preparation

	@classmethod
	def run(cls, info):
		# Regardless of of loglevel, we don't want boto debug stuff, it's very noisy
		import logging
		logging.getLogger('boto').setLevel(logging.INFO)


class GetCredentials(Task):
	description = 'Getting AWS credentials'
	phase = phases.preparation
	successors = [SilenceBotoDebug]

	@classmethod
	def run(cls, info):
		keys = ['access-key', 'secret-key']
		if info.manifest.volume['backing'] == 's3':
			keys.extend(['certificate', 'private-key', 'user-id'])
		info.credentials = cls.get_credentials(info.manifest, keys)

	@classmethod
	def get_credentials(cls, manifest, keys):
		from os import getenv
		creds = {}
		if 'credentials' in manifest.provider:
			if all(key in manifest.provider['credentials'] for key in keys):
				for key in keys:
					creds[key] = manifest.provider['credentials'][key]
				return creds

		def env_key(key):
			return ('aws-' + key).upper().replace('-', '_')
		if all(getenv(env_key(key)) is not None for key in keys):
			for key in keys:
				creds[key] = getenv(env_key(key))
			return creds

		def provider_key(key):
			return key.replace('-', '_')
		import boto.provider
		provider = boto.provider.Provider('aws')
		if all(getattr(provider, provider_key(key)) is not None for key in keys):
			for key in keys:
				creds[key] = getattr(provider, provider_key(key))
			if hasattr(provider, 'security_token'):
				creds['security-token'] = provider.security_token
			return creds
		raise RuntimeError(('No ec2 credentials found, they must all be specified '
		                    'exclusively via environment variables or through the manifest.'))


class Connect(Task):
	description = 'Connecting to EC2'
	phase = phases.preparation
	predecessors = [GetCredentials, host.GetInstanceMetadata, host.SetRegion]

	@classmethod
	def run(cls, info):
		from boto.ec2 import connect_to_region
		connect_args = {
			'aws_access_key_id': info.credentials['access-key'],
			'aws_secret_access_key': info.credentials['secret-key']
		}

		if 'security-token' in info.credentials:
			connect_args['security_token'] = info.credentials['security-token']

		info._ec2['connection'] = connect_to_region(info._ec2['region'], **connect_args)
Properly fix imports and make bootstrapvz work like a package 2014-03-23 23:12:07 +01:00			`from bootstrapvz.base import Task`
			`from bootstrapvz.common import phases`
Various improvements and additions. I couldn't be bothered to untangle this, so here it goes: * Log colors depending on loglevel * Simplified Filelogger * Remove description=None from basetask * create_list creates task list from argument now * Task rollback feature: If a task fails, the tasklist calls rollback() on the completed tasks in reverse order * Added TaskException to common.exceptions as a base to extend from * Added TriggerRollback task to common.tasks for development purposes * An EBS volume for bootstrapping is now created and attached to the instance (including rollback actions) * EC2 Connect task now depends on host.GetInfo 2013-06-24 23:12:39 +02:00			`import host`
Basic structure up and running 2013-05-02 19:13:35 +02:00

Kill the initalize() function. Nobody uses it except ec2 The boto debug messages are now silenced with a task. 2015-05-03 12:31:44 +02:00			`class SilenceBotoDebug(Task):`
			`description = 'Silence boto debug logging'`
			`phase = phases.preparation`

			`@classmethod`
			`def run(cls, info):`
			`# Regardless of of loglevel, we don't want boto debug stuff, it's very noisy`
			`import logging`
			`logging.getLogger('boto').setLevel(logging.INFO)`


Basic structure up and running 2013-05-02 19:13:35 +02:00			`class GetCredentials(Task):`
logging 2013-06-09 20:29:54 +02:00			`description = 'Getting AWS credentials'`
fix phases and their ordering 2013-06-23 22:12:29 +02:00			`phase = phases.preparation`
Kill the initalize() function. Nobody uses it except ec2 The boto debug messages are now silenced with a task. 2015-05-03 12:31:44 +02:00			`successors = [SilenceBotoDebug]`
logging 2013-06-09 20:29:54 +02:00
Don't instantiate tasks In practice they are just typed functions with attributes, having a reference to an object is just confusing. So: Task.run() is now a classmethod 2014-01-05 15:57:11 +01:00			`@classmethod`
			`def run(cls, info):`
Bootstrapping of instance store AMIs implemented 2013-07-14 23:16:37 +02:00			`keys = ['access-key', 'secret-key']`
			`if info.manifest.volume['backing'] == 's3':`
			`keys.extend(['certificate', 'private-key', 'user-id'])`
Don't instantiate tasks In practice they are just typed functions with attributes, having a reference to an object is just confusing. So: Task.run() is now a classmethod 2014-01-05 15:57:11 +01:00			`info.credentials = cls.get_credentials(info.manifest, keys)`
Basic structure up and running 2013-05-02 19:13:35 +02:00
Don't instantiate tasks In practice they are just typed functions with attributes, having a reference to an object is just confusing. So: Task.run() is now a classmethod 2014-01-05 15:57:11 +01:00			`@classmethod`
			`def get_credentials(cls, manifest, keys):`
Basic structure up and running 2013-05-02 19:13:35 +02:00			`from os import getenv`
Bootstrapping of instance store AMIs implemented 2013-07-14 23:16:37 +02:00			`creds = {}`
Do not crash with KeyError when there is no credentials in manifest. 2014-07-12 19:40:53 +02:00			`if 'credentials' in manifest.provider:`
			`if all(key in manifest.provider['credentials'] for key in keys):`
			`for key in keys:`
			`creds[key] = manifest.provider['credentials'][key]`
			`return creds`
credential keys now actually work when set via env all credential keys are converted to uppercase, dashes replaced with underscores and prefixed with 'AWS_' 2013-11-04 17:31:32 +01:00
			`def env_key(key):`
Fix PEP8 style fixes 2013-12-14 19:37:23 +01:00			`return ('aws-' + key).upper().replace('-', '_')`
credential keys now actually work when set via env all credential keys are converted to uppercase, dashes replaced with underscores and prefixed with 'AWS_' 2013-11-04 17:31:32 +01:00			`if all(getenv(env_key(key)) is not None for key in keys):`
Bootstrapping of instance store AMIs implemented 2013-07-14 23:16:37 +02:00			`for key in keys:`
credential keys now actually work when set via env all credential keys are converted to uppercase, dashes replaced with underscores and prefixed with 'AWS_' 2013-11-04 17:31:32 +01:00			`creds[key] = getenv(env_key(key))`
Bootstrapping of instance store AMIs implemented 2013-07-14 23:16:37 +02:00			`return creds`
Do not require AWS credentials in manifest file Boto allows for storing credentials in ~/.boto file; user those if user has not provider one in manifest file. 2014-06-30 20:23:44 +02:00
			`def provider_key(key):`
			`return key.replace('-', '_')`
			`import boto.provider`
			`provider = boto.provider.Provider('aws')`
			`if all(getattr(provider, provider_key(key)) is not None for key in keys):`
			`for key in keys:`
			`creds[key] = getattr(provider, provider_key(key))`
AWS: support IAM role Fixes #259 2016-04-14 19:28:44 -04:00			`if hasattr(provider, 'security_token'):`
			`creds['security-token'] = provider.security_token`
Do not require AWS credentials in manifest file Boto allows for storing credentials in ~/.boto file; user those if user has not provider one in manifest file. 2014-06-30 20:23:44 +02:00			`return creds`
Bootstrapping of instance store AMIs implemented 2013-07-14 23:16:37 +02:00			`raise RuntimeError(('No ec2 credentials found, they must all be specified '`
			`'exclusively via environment variables or through the manifest.'))`
Basic structure up and running 2013-05-02 19:13:35 +02:00

			`class Connect(Task):`
logging 2013-06-09 20:29:54 +02:00			`description = 'Connecting to EC2'`
fix phases and their ordering 2013-06-23 22:12:29 +02:00			`phase = phases.preparation`
Fixes #14 and #78 S3 images can now be bootstrapped outside EC2. However, this fix adds the requirement of a "region" setting. At some point we could make "region" optional and fail when bootstrap-vz is run outside EC2 and no "region" is set. 2014-05-03 10:43:14 +02:00			`predecessors = [GetCredentials, host.GetInstanceMetadata, host.SetRegion]`
PEP8 fixes 2013-06-26 20:14:37 +02:00
Don't instantiate tasks In practice they are just typed functions with attributes, having a reference to an object is just confusing. So: Task.run() is now a classmethod 2014-01-05 15:57:11 +01:00			`@classmethod`
			`def run(cls, info):`
Manifest validation, simplified main run fn 2013-06-23 12:00:17 +02:00			`from boto.ec2 import connect_to_region`
AWS: support IAM role Fixes #259 2016-04-14 19:28:44 -04:00			`connect_args = {`
			`'aws_access_key_id': info.credentials['access-key'],`
			`'aws_secret_access_key': info.credentials['secret-key']`
			`}`

			`if 'security-token' in info.credentials:`
			`connect_args['security_token'] = info.credentials['security-token']`

			`info._ec2['connection'] = connect_to_region(info._ec2['region'], **connect_args)`