Example 6 with GroupIdentifier
use of com.amazonaws.services.ec2.model.GroupIdentifier in project crate by crate.
the class AwsEc2SeedHostsProvider method fetchDynamicNodes.
private List<TransportAddress> fetchDynamicNodes() {
final List<TransportAddress> dynamicHosts = new ArrayList<>();
final DescribeInstancesResult descInstances;
try (AmazonEc2Reference clientReference = awsEc2Service.client()) {
// Query EC2 API based on AZ, instance state, and tag.
// NOTE: we don't filter by security group during the describe instances request for two reasons:
// 1. differences in VPCs require different parameters during query (ID vs Name)
// 2. We want to use two different strategies: (all security groups vs. any security groups)
descInstances = clientReference.client().describeInstances(buildDescribeInstancesRequest());
} catch (final AmazonClientException e) {
LOGGER.info("Exception while retrieving instance list from AWS API: {}", e.getMessage());
LOGGER.debug("Full exception:", e);
return dynamicHosts;
}
LOGGER.trace("finding seed nodes...");
for (final Reservation reservation : descInstances.getReservations()) {
for (final Instance instance : reservation.getInstances()) {
// lets see if we can filter based on groups
if (!groups.isEmpty()) {
final List<GroupIdentifier> instanceSecurityGroups = instance.getSecurityGroups();
final List<String> securityGroupNames = new ArrayList<>(instanceSecurityGroups.size());
final List<String> securityGroupIds = new ArrayList<>(instanceSecurityGroups.size());
for (final GroupIdentifier sg : instanceSecurityGroups) {
securityGroupNames.add(sg.getGroupName());
securityGroupIds.add(sg.getGroupId());
}
if (bindAnyGroup) {
// We check if we can find at least one group name or one group id in groups.
if (disjoint(securityGroupNames, groups) && disjoint(securityGroupIds, groups)) {
LOGGER.trace("filtering out instance {} based on groups {}, not part of {}", instance.getInstanceId(), instanceSecurityGroups, groups);
// continue to the next instance
continue;
}
} else {
// We need tp match all group names or group ids, otherwise we ignore this instance
if (!(securityGroupNames.containsAll(groups) || securityGroupIds.containsAll(groups))) {
LOGGER.trace("filtering out instance {} based on groups {}, does not include all of {}", instance.getInstanceId(), instanceSecurityGroups, groups);
// continue to the next instance
continue;
}
}
}
String address = null;
if (hostType.equals(PRIVATE_DNS)) {
address = instance.getPrivateDnsName();
} else if (hostType.equals(PRIVATE_IP)) {
address = instance.getPrivateIpAddress();
} else if (hostType.equals(PUBLIC_DNS)) {
address = instance.getPublicDnsName();
} else if (hostType.equals(PUBLIC_IP)) {
address = instance.getPublicIpAddress();
} else if (hostType.startsWith(TAG_PREFIX)) {
// Reading the node host from its metadata
final String tagName = hostType.substring(TAG_PREFIX.length());
LOGGER.debug("reading hostname from [{}] instance tag", tagName);
final List<Tag> tags = instance.getTags();
for (final Tag tag : tags) {
if (tag.getKey().equals(tagName)) {
address = tag.getValue();
LOGGER.debug("using [{}] as the instance address", address);
}
}
} else {
throw new IllegalArgumentException(hostType + " is unknown for discovery.ec2.host_type");
}
if (address != null) {
try {
final TransportAddress[] addresses = transportService.addressesFromString(address);
for (int i = 0; i < addresses.length; i++) {
LOGGER.trace("adding {}, address {}, transport_address {}", instance.getInstanceId(), address, addresses[i]);
dynamicHosts.add(addresses[i]);
}
} catch (final Exception e) {
final String finalAddress = address;
LOGGER.warn((Supplier<?>) () -> new ParameterizedMessage("failed to add {}, address {}", instance.getInstanceId(), finalAddress), e);
}
} else {
LOGGER.trace("not adding {}, address is null, host_type {}", instance.getInstanceId(), hostType);
}
}
}
LOGGER.debug("using dynamic transport addresses {}", dynamicHosts);
return dynamicHosts;
}
Also used :
Instance(com.amazonaws.services.ec2.model.Instance)
TransportAddress(org.elasticsearch.common.transport.TransportAddress)
AmazonClientException(com.amazonaws.AmazonClientException)
ArrayList(java.util.ArrayList)
Collections.disjoint(java.util.Collections.disjoint)
AmazonClientException(com.amazonaws.AmazonClientException)
GroupIdentifier(com.amazonaws.services.ec2.model.GroupIdentifier)
DescribeInstancesResult(com.amazonaws.services.ec2.model.DescribeInstancesResult)
Reservation(com.amazonaws.services.ec2.model.Reservation)
Supplier(org.apache.logging.log4j.util.Supplier)
ParameterizedMessage(org.apache.logging.log4j.message.ParameterizedMessage)
Tag(com.amazonaws.services.ec2.model.Tag)
Example 7 with GroupIdentifier
use of com.amazonaws.services.ec2.model.GroupIdentifier in project camel by apache.
the class AmazonEC2ClientMock method runInstances.
@Override
public RunInstancesResult runInstances(RunInstancesRequest runInstancesRequest) {
RunInstancesResult result = new RunInstancesResult();
if (runInstancesRequest.getImageId().equals("test-1")) {
Reservation res = new Reservation();
res.setOwnerId("1");
res.setRequesterId("user-test");
res.setReservationId("res-1");
Collection<Instance> instances = new ArrayList();
Instance ins = new Instance();
ins.setImageId(runInstancesRequest.getImageId());
ins.setInstanceType(runInstancesRequest.getInstanceType());
ins.setInstanceId("instance-1");
if (runInstancesRequest.getSecurityGroups() != null) {
if (runInstancesRequest.getSecurityGroups().contains("secgroup-1") && runInstancesRequest.getSecurityGroups().contains("secgroup-2")) {
GroupIdentifier id1 = new GroupIdentifier();
id1.setGroupId("id-1");
id1.setGroupName("secgroup-1");
GroupIdentifier id2 = new GroupIdentifier();
id2.setGroupId("id-2");
id2.setGroupName("secgroup-2");
Collection secGroups = new ArrayList<GroupIdentifier>();
secGroups.add(id1);
secGroups.add(id2);
ins.setSecurityGroups(secGroups);
} else if (ObjectHelper.isNotEmpty(runInstancesRequest.getKeyName())) {
if (ObjectHelper.isNotEmpty(runInstancesRequest.getKeyName().contains("keypair-1"))) {
GroupIdentifier id1 = new GroupIdentifier();
id1.setGroupId("id-3");
id1.setGroupName("secgroup-3");
GroupIdentifier id2 = new GroupIdentifier();
id2.setGroupId("id-4");
id2.setGroupName("secgroup-4");
Collection secGroups = new ArrayList<GroupIdentifier>();
secGroups.add(id1);
secGroups.add(id2);
ins.setSecurityGroups(secGroups);
}
}
}
instances.add(ins);
res.setInstances(instances);
result.setReservation(res);
} else {
throw new AmazonServiceException("The image-id doesn't exists");
}
return result;
}
Also used :
Reservation(com.amazonaws.services.ec2.model.Reservation)
Instance(com.amazonaws.services.ec2.model.Instance)
RunInstancesResult(com.amazonaws.services.ec2.model.RunInstancesResult)
ArrayList(java.util.ArrayList)
AmazonServiceException(com.amazonaws.AmazonServiceException)
Collection(java.util.Collection)
GroupIdentifier(com.amazonaws.services.ec2.model.GroupIdentifier)
Example 8 with GroupIdentifier
use of com.amazonaws.services.ec2.model.GroupIdentifier in project herd by FINRAOS.
the class MockEc2OperationsImpl method describeInstanceAttribute.
@Override
public DescribeInstanceAttributeResult describeInstanceAttribute(AmazonEC2Client ec2Client, DescribeInstanceAttributeRequest describeInstanceAttributeRequest) {
InstanceAttribute instanceAttribute = new InstanceAttribute();
instanceAttribute.withGroups(new GroupIdentifier().withGroupId("A_TEST_SECURITY_GROUP"));
return new DescribeInstanceAttributeResult().withInstanceAttribute(instanceAttribute);
}
Also used :
DescribeInstanceAttributeResult(com.amazonaws.services.ec2.model.DescribeInstanceAttributeResult)
InstanceAttribute(com.amazonaws.services.ec2.model.InstanceAttribute)
GroupIdentifier(com.amazonaws.services.ec2.model.GroupIdentifier)
Example 9 with GroupIdentifier
use of com.amazonaws.services.ec2.model.GroupIdentifier in project herd by FINRAOS.
the class Ec2DaoImpl method addSecurityGroupsToEc2Instance.
/**
* Adds the security groups to an EC2 instance.
*
* @param ec2InstanceId the ec2 instance id.
* @param securityGroups security groups to be added.
* @param awsParams awsParamsDto object
*
* @return updated security groups.
*/
@Override
public List<String> addSecurityGroupsToEc2Instance(String ec2InstanceId, List<String> securityGroups, AwsParamsDto awsParams) {
Set<String> updatedSecurityGroups = new HashSet<>();
for (String securityGroup : securityGroups) {
updatedSecurityGroups.add(securityGroup);
}
// Get existing security groups
DescribeInstanceAttributeRequest describeInstanceAttributeRequest = new DescribeInstanceAttributeRequest().withInstanceId(ec2InstanceId).withAttribute(InstanceAttributeName.GroupSet);
DescribeInstanceAttributeResult describeInstanceAttributeResult = ec2Operations.describeInstanceAttribute(getEc2Client(awsParams), describeInstanceAttributeRequest);
List<GroupIdentifier> groups = describeInstanceAttributeResult.getInstanceAttribute().getGroups();
for (GroupIdentifier groupIdentifier : groups) {
updatedSecurityGroups.add(groupIdentifier.getGroupId());
}
// Add security group on master EC2 instance
ModifyInstanceAttributeRequest modifyInstanceAttributeRequest = new ModifyInstanceAttributeRequest().withInstanceId(ec2InstanceId).withGroups(updatedSecurityGroups);
ec2Operations.modifyInstanceAttribute(getEc2Client(awsParams), modifyInstanceAttributeRequest);
return new ArrayList<>(updatedSecurityGroups);
}
Also used :
DescribeInstanceAttributeResult(com.amazonaws.services.ec2.model.DescribeInstanceAttributeResult)
DescribeInstanceAttributeRequest(com.amazonaws.services.ec2.model.DescribeInstanceAttributeRequest)
ArrayList(java.util.ArrayList)
ModifyInstanceAttributeRequest(com.amazonaws.services.ec2.model.ModifyInstanceAttributeRequest)
HashSet(java.util.HashSet)
GroupIdentifier(com.amazonaws.services.ec2.model.GroupIdentifier)
Example 10 with GroupIdentifier
use of com.amazonaws.services.ec2.model.GroupIdentifier in project photon-model by vmware.
the class AWSComputeStateCreationAdapterService method updateNICState.
/**
* For each NetworkInterfaceState, obtain the corresponding AWS NIC, and generate POST operation
* to update its private address
*/
private NetworkInterfaceState updateNICState(AWSComputeStateCreationContext context, Instance instance, NetworkInterfaceState existingNicState) {
InstanceNetworkInterface awsNic = instance.getNetworkInterfaces().stream().filter(currentAwsNic -> currentAwsNic.getAttachment().getDeviceIndex() == existingNicState.deviceIndex).findFirst().orElse(null);
// create a new NetworkInterfaceState for updating the address
NetworkInterfaceState updateNicState = new NetworkInterfaceState();
if (StringUtils.isEmpty(updateNicState.endpointLink)) {
updateNicState.endpointLink = context.request.endpointLink;
}
// endpoint link.
if (existingNicState.endpointLinks == null) {
updateNicState.endpointLinks = new HashSet<>();
} else {
updateNicState.endpointLinks = existingNicState.endpointLinks;
}
updateNicState.endpointLinks.add(context.request.endpointLink);
updateNicState.address = awsNic.getPrivateIpAddress();
if (context.request.enumeratedSecurityGroups != null) {
for (GroupIdentifier awsSG : awsNic.getGroups()) {
// we should have updated the list of SG Ids before this step and should have
// ensured that all the SGs exist locally
String securityGroupLink = context.request.enumeratedSecurityGroups.securityGroupStates.get(awsSG.getGroupId());
if (securityGroupLink == null || securityGroupLink.isEmpty()) {
continue;
}
if (updateNicState.securityGroupLinks == null) {
updateNicState.securityGroupLinks = new ArrayList<>();
}
updateNicState.securityGroupLinks.add(securityGroupLink);
}
}
// create update operation and add it for batch execution on the next stage
Operation updateNicOperation = createPatchOperation(this, updateNicState, existingNicState.documentSelfLink);
context.enumerationOperations.add(updateNicOperation);
// If existing network state does not have an internal tag then create dedicated
// patch to update the internal tag link.
String networkInterfaceInternalTagLink = context.internalTagLinksMap.get(ec2_net_interface.toString()).iterator().next();
if (existingNicState.tagLinks == null || (existingNicState.tagLinks != null && !existingNicState.tagLinks.contains(networkInterfaceInternalTagLink))) {
Map<String, Collection<Object>> collectionsToAddMap = Collections.singletonMap(NetworkInterfaceState.FIELD_NAME_TAG_LINKS, Collections.singletonList(networkInterfaceInternalTagLink));
Map<String, Collection<Object>> collectionsToRemoveMap = Collections.singletonMap(NetworkInterfaceState.FIELD_NAME_TAG_LINKS, Collections.emptyList());
ServiceStateCollectionUpdateRequest updateTagLinksRequest = ServiceStateCollectionUpdateRequest.create(collectionsToAddMap, collectionsToRemoveMap);
context.enumerationOperations.add(Operation.createPatch(this.getHost(), existingNicState.documentSelfLink).setReferer(this.getUri()).setBody(updateTagLinksRequest));
}
return updateNicState;
}
Also used :
NetworkInterfaceState(com.vmware.photon.controller.model.resources.NetworkInterfaceService.NetworkInterfaceState)
Collection(java.util.Collection)
ServiceStateCollectionUpdateRequest(com.vmware.xenon.common.ServiceStateCollectionUpdateRequest)
AdapterUtils.createDeleteOperation(com.vmware.photon.controller.model.adapters.util.AdapterUtils.createDeleteOperation)
AdapterUtils.createPatchOperation(com.vmware.photon.controller.model.adapters.util.AdapterUtils.createPatchOperation)
AdapterUtils.createPostOperation(com.vmware.photon.controller.model.adapters.util.AdapterUtils.createPostOperation)
Operation(com.vmware.xenon.common.Operation)
InstanceNetworkInterface(com.amazonaws.services.ec2.model.InstanceNetworkInterface)
GroupIdentifier(com.amazonaws.services.ec2.model.GroupIdentifier)
Aggregations
GroupIdentifier (com.amazonaws.services.ec2.model.GroupIdentifier)10
Instance (com.amazonaws.services.ec2.model.Instance)7
ArrayList (java.util.ArrayList)7
Operation (com.vmware.xenon.common.Operation)4
List (java.util.List)4
AmazonEC2AsyncClient (com.amazonaws.services.ec2.AmazonEC2AsyncClient)3
IpPermission (com.amazonaws.services.ec2.model.IpPermission)3
SecurityGroup (com.amazonaws.services.ec2.model.SecurityGroup)3
Tag (com.amazonaws.services.ec2.model.Tag)3
PhotonModelMetricServices (com.vmware.photon.controller.model.PhotonModelMetricServices)3
PhotonModelServices (com.vmware.photon.controller.model.PhotonModelServices)3
AWS_VM_REQUEST_TIMEOUT_MINUTES (com.vmware.photon.controller.model.adapters.awsadapter.TestAWSSetupUtils.AWS_VM_REQUEST_TIMEOUT_MINUTES)3
TestAWSSetupUtils.createAWSAuthentication (com.vmware.photon.controller.model.adapters.awsadapter.TestAWSSetupUtils.createAWSAuthentication)3
TestAWSSetupUtils.createAWSComputeHost (com.vmware.photon.controller.model.adapters.awsadapter.TestAWSSetupUtils.createAWSComputeHost)3
TestAWSSetupUtils.createAWSResourcePool (com.vmware.photon.controller.model.adapters.awsadapter.TestAWSSetupUtils.createAWSResourcePool)3
TestAWSSetupUtils.createAWSVMResource (com.vmware.photon.controller.model.adapters.awsadapter.TestAWSSetupUtils.createAWSVMResource)3
TestAWSSetupUtils.deleteSecurityGroupUsingEC2Client (com.vmware.photon.controller.model.adapters.awsadapter.TestAWSSetupUtils.deleteSecurityGroupUsingEC2Client)3
TestAWSSetupUtils.getAwsInstancesByIds (com.vmware.photon.controller.model.adapters.awsadapter.TestAWSSetupUtils.getAwsInstancesByIds)3
TestAWSSetupUtils.getSecurityGroupsIdUsingEC2Client (com.vmware.photon.controller.model.adapters.awsadapter.TestAWSSetupUtils.getSecurityGroupsIdUsingEC2Client)3
TestAWSSetupUtils.regionId (com.vmware.photon.controller.model.adapters.awsadapter.TestAWSSetupUtils.regionId)3
