lib/beaker/hypervisor/aws_sdk.rb in beaker-aws-0.8.1 vs lib/beaker/hypervisor/aws_sdk.rb in beaker-aws-0.9.0
- old
+ new
@@ -63,15 +63,23 @@
start_time = Time.now
# Perform the main launch work
launch_all_nodes()
- wait_for_status_netdev()
-
# Add metadata tags to each instance
+ # tagging early as some nodes take longer
+ # to initialize and terminate before it has
+ # a chance to provision
add_tags()
+ # adding the correct security groups to the
+ # network interface, as during the `launch_all_nodes()`
+ # step they never get assigned, although they get created
+ modify_network_interface()
+
+ wait_for_status_netdev()
+
# Grab the ip addresses and dns from EC2 for each instance to use for ssh
populate_dns()
#enable root if user is not root
enable_root_on_hosts()
@@ -350,10 +358,14 @@
:instance_type => amisize,
:disable_api_termination => false,
:instance_initiated_shutdown_behavior => "terminate",
}
if assoc_pub_ip_addr
+ # this never gets created, so they end up with
+ # default security group which only allows for
+ # ssh access from outside world which
+ # doesn't work well with remote devices etc.
config[:network_interfaces] = [{
:subnet_id => subnet_id,
:groups => [security_group.group_id, ping_security_group.group_id],
:device_index => 0,
:associate_public_ip_address => assoc_pub_ip_addr,
@@ -483,11 +495,11 @@
# FIXME: rename to #wait_for_state
def wait_for_status(state_name, instances, &block)
# Wait for each node to reach status :running
@logger.notify("aws-sdk: Waiting for all hosts to be #{state_name}")
instances.each do |x|
- name = x[:host].name
+ name = x[:host] ? x[:host].name : x[:name]
instance = x[:instance]
@logger.notify("aws-sdk: Wait for node #{name} to be #{state_name}")
# Here we keep waiting for the machine state to reach 'running' with an
# exponential backoff for each poll.
# TODO: should probably be a in a shared method somewhere
@@ -528,13 +540,13 @@
@hosts.each do |host|
if host['platform'] =~ /f5-|netscaler/
wait_for_status(:running, @hosts)
wait_for_status(nil, @hosts) do |instance|
- instance_status_collection = instance.client.describe_instance_status({:instance_ids => [instance.instance_id]})
- first_instance = instance_status_collection.reservations.first.instances.first
- first_instance[:system_status][:status] == "ok"
+ instance_status_collection = client.describe_instance_status({:instance_ids => [instance.instance_id]})
+ first_instance = instance_status_collection.first[:instance_statuses].first
+ first_instance[:instance_status][:status] == "ok" if first_instance
end
break
end
end
@@ -585,10 +597,37 @@
end
nil
end
+ # Add correct security groups to hosts network_interface
+ # as during the create_instance stage it is too early in process
+ # to configure
+ #
+ # @return [void]
+ # @api private
+ def modify_network_interface
+ @hosts.each do |host|
+ instance = host['instance']
+ host['sg_cidr_ips'] = host['sg_cidr_ips'] || '0.0.0.0/0';
+ sg_cidr_ips = host['sg_cidr_ips'].split(',')
+
+ # Define tags for the instance
+ @logger.notify("aws-sdk: Update network_interface for #{host.name}")
+
+ security_group = ensure_group(instance[:network_interfaces].first, Beaker::EC2Helper.amiports(host), sg_cidr_ips)
+ ping_security_group = ensure_ping_group(instance[:network_interfaces].first, sg_cidr_ips)
+
+ client.modify_network_interface_attribute(
+ :network_interface_id => "#{instance[:network_interfaces].first[:network_interface_id]}",
+ :groups => [security_group.group_id, ping_security_group.group_id],
+ )
+ end
+
+ nil
+ end
+
# Populate the hosts IP address from the EC2 dns_name
#
# @return [void]
# @api private
def populate_dns
@@ -690,17 +729,21 @@
rescue Beaker::Host::CommandFailure => e
@logger.debug("Instance not yet configured (#{e})")
end
backoff_sleep(tries)
end
- host['user'] = 'root'
- host.close
+ host['user'] = 'admin'
sha256 = Digest::SHA256.new
- password = sha256.hexdigest((1..50).map{(rand(86)+40).chr}.join.gsub(/\\/,'\&\&'))
- host['ssh'] = {:password => password}
- host.exec(Command.new("echo -e '#{password}\\n#{password}' | tmsh modify auth password admin"))
+ password = sha256.hexdigest((1..50).map{(rand(86)+40).chr}.join.gsub(/\\/,'\&\&')) + 'password!'
+ # disabling password policy to account for the enforcement level set
+ # and the generated password is sometimes too `01070366:3: Bad password (admin): BAD PASSWORD: \
+ # it is too simplistic/systematic`
+ host.exec(Command.new('modify auth password-policy policy-enforcement disabled'))
+ host.exec(Command.new("modify auth user admin password #{password}"))
@logger.notify("f5: Configured admin password to be #{password}")
+ host.close
+ host['ssh'] = {:password => password}
end
# Enables root access for a host on an netscaler platform
# @note This method does not support other platforms
#
@@ -728,11 +771,11 @@
# on el-7 hosts, the hostname command doesn't "stick" randomly
host.exec(Command.new("hostnamectl set-hostname #{host.name}"))
elsif host['platform'] =~ /windows/
@logger.notify('aws-sdk: Change hostname on windows is not supported.')
else
- next if host['platform'] =~ /netscaler/
+ next if host['platform'] =~ /f5-|netscaler/
host.exec(Command.new("hostname #{host.name}"))
if host['vmname'] =~ /^amazon/
# Amazon Linux requires this to preserve host name changes across reboots.
# http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/set-hostname.html
# Also note that without an elastic ip set, while this will
@@ -749,10 +792,10 @@
# on el-7 hosts, the hostname command doesn't "stick" randomly
host.exec(Command.new("hostnamectl set-hostname #{host.hostname}"))
elsif host['platform'] =~ /windows/
@logger.notify('aws-sdk: Change hostname on windows is not supported.')
else
- next if host['platform'] =~ /netscaler/
+ next if host['platform'] =~ /ft-|netscaler/
host.exec(Command.new("hostname #{host.hostname}"))
if host['vmname'] =~ /^amazon/
# See note above
host.exec(Command.new("sed -ie '/^HOSTNAME/ s/=.*/=#{host.hostname}/' /etc/sysconfig/network"))
end