ec2_server_create.rb in knife-ec2-1.0.14

- old
+ new

@@ -240,10 +240,16 @@
         long: "--disable-api-termination",
         description: "Disable termination of the instance using the Amazon EC2 console, CLI and API.",
         boolean: true,
         default: false
 
+      option :disable_source_dest_check,
+        long: "--disable-source-dest-check",
+        description: "Disables the source destination check if this option is passed. This value must be passed for a NAT instance to perform NAT.",
+        boolean: true,
+        default: false
+
       option :volume_tags,
         long: "--volume-tags Tag=Value[,Tag=Value...]",
         description: "Tag the Root volume",
         proc: Proc.new { |volume_tags| volume_tags.split(",") }
 
@@ -324,11 +330,10 @@
             ui.error error.message
             Chef::Log.debug("#{error.backtrace.join("\n")}")
             exit
           end
         end
-
         msg_pair("Instance ID", server.id)
         msg_pair("Flavor", server.instance_type)
         msg_pair("Image", server.image_id)
         msg_pair("Region", fetch_region)
         msg_pair("Availability Zone", server.availability_zone)
@@ -345,10 +350,12 @@
         puts("\n")
 
         # occasionally 'ready?' isn't, so retry a couple times if needed.
         tries = 6
         begin
+          disable_source_dest_check if vpc_mode? && config_value(:disable_source_dest_check)
+
           create_tags(hashed_tags) unless hashed_tags.empty?
           create_volume_tags(hashed_volume_tags) unless hashed_volume_tags.empty?
           associate_address(elastic_ip) if config[:associate_eip]
           enable_classic_link(config[:classic_link_vpc_id], config[:classic_link_vpc_security_group_ids]) if config[:classic_link_vpc_id]
         rescue Aws::EC2::Errors::ServiceError, Aws::EC2::Errors::Error
@@ -1230,9 +1237,21 @@
       def enable_classic_link(vpc_id, security_group_ids)
         ec2_connection.attach_classic_link_vpc({
           instance_id: server.id,
           groups: security_group_ids,
           vpc_id: vpc_id,
+        })
+      end
+
+      # disable_source_dest_check option is used to set value of source_dest_check attribute in ec2.
+      # By default the source destination check is enabled in ec2.
+      # This value must be disable for a NAT instance to perform NAT.
+      def disable_source_dest_check
+        ec2_connection.modify_instance_attribute({
+          source_dest_check: {
+            value: false,
+          },
+          instance_id: server.id,
         })
       end
 
       def tcp_test_winrm(ip_addr, port)
         tcp_socket = TCPSocket.new(ip_addr, port)