Class: Enscalator::EnAppTemplateDSL

Inherits:
RichTemplateDSL show all
Includes:
Helpers
Defined in:
lib/enscalator/enapp.rb

Overview

Template DSL for common enJapan application stack

Constant Summary collapse

SUBNET_CIDR_BLOCK_SIZE =

Subnet size (256 addresses)

24

Constants inherited from RichTemplateDSL

RichTemplateDSL::TEMPLATE_BODY_LIMIT

Constants included from Plugins::Route53

Plugins::Route53::HEALTH_CHECK_TYPE, Plugins::Route53::RECORD_TYPE

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Helpers

#cfn_call_script, #create_ssh_key, #find_ami, #flatten_hash, #gen_ssh_key_name, #init_assets_dir, #init_aws_config, #read_user_data, #run_cmd

Methods included from Helpers::Dns

#get_dns_records, #upsert_dns_record

Methods included from Helpers::Stack

#cfn_create_stack, #generate_parameters, #get_resource, #get_resources, #wait_stack

Methods included from Helpers::Wrappers

#cfn_client, #cfn_resource, #ec2_client, #route53_client

Methods inherited from RichTemplateDSL

#availability_zones, #creating?, #deploy, #deployment_env, #description, #enqueue, #exec!, #handle_trailing_dot, #has_multiple_envs, #hosted_zone, #network_interface, #parameter, #parse_params, #post_run, #pre_run, #private_hosted_zone, #public_hosted_zone, #read_availability_zones, #region, #resource, #tags_to_properties, #vpc_stack_name

Methods included from Plugins::Route53

#create_healthcheck, #create_multiple_dns_records, #create_private_hosted_zone, #create_public_hosted_zone, #create_single_dns_record

Methods included from Core::CfResources

#iam_instance_profile_with_full_access, #instance_vpc, #instance_with_network, #security_group, #security_group_vpc, #subnet

Methods included from Core::CfParameters

#parameter_allocated_storage, #parameter_ami, #parameter_ec2_instance_type, #parameter_instance_type, #parameter_key_name, #parameter_name, #parameter_password, #parameter_rds_instance_type, #parameter_username

Constructor Details

#initialize(options = {}) ⇒ EnAppTemplateDSL

Create new EnAppTemplateDSL instance

Parameters:

  • options (Hash) (defaults to: {})

    command-line arguments



19
20
21
22
23
 
# File 'lib/enscalator/enapp.rb', line 19

def initialize(options = {})
  # application name taken from template name by default
  @app_name = self.class.name.demodulize
  super
end

Instance Attribute Details

#app_nameObject (readonly)

Returns the value of attribute app_name.



9
10
11
 
# File 'lib/enscalator/enapp.rb', line 9

def app_name
  @app_name
end

Instance Method Details

#current_stackAws::CloudFormation::Stack

Get current stack

Returns:

  • (Aws::CloudFormation::Stack)

    current stack



35
36
37
 
# File 'lib/enscalator/enapp.rb', line 35

def current_stack
  @current_stack ||= (cfn_resource(cfn_client(region)).stack(stack_name) rescue nil) unless creating?
end

#get_all_cidr_blocksHash

Get all CIRD blocks for current VPC

Returns:

  • (Hash) 


87
88
89
90
 
# File 'lib/enscalator/enapp.rb', line 87

def get_all_cidr_blocks
  IPAddress(
    Core::NetworkConfig.mapping_vpc_net[region.to_sym][:VPC]).subnet(SUBNET_CIDR_BLOCK_SIZE).map(&:to_string)
end

#get_application_cidr_blocksArray

CIDR blocks allocated for application subnets

Returns:

  • (Array) 


120
121
122
 
# File 'lib/enscalator/enapp.rb', line 120

def get_application_cidr_blocks
  get_application_to_az_mapping.map(&:cidr_block)
end

#get_application_to_az_mappingHash

Get application CIDR blocks availability zones mapping

Returns:

  • (Hash) 


106
107
108
109
110
111
112
113
114
115
116
 
# File 'lib/enscalator/enapp.rb', line 106

def get_application_to_az_mapping
  cidr_blocks = get_available_cidr_blocks.dup
  availability_zones.map do |suffix, az|
    cidr_block = (begin
      subnet_id = get_resource(current_stack, "ApplicationSubnet#{suffix.upcase}")
      Aws::EC2::Subnet.new(id: subnet_id, region: region).cidr_block
    end rescue nil) if current_stack

    Struct::Subnet.new(az, suffix, cidr_block || cidr_blocks.shift)
  end
end

#get_available_cidr_blocksArray

Get non-used CIDR blocks

Returns:

  • (Array) 


100
101
102
 
# File 'lib/enscalator/enapp.rb', line 100

def get_available_cidr_blocks
  get_all_cidr_blocks - get_used_cidr_blocks
end

#get_resource_cidr_blocksArray

CIDR blocks allocated for resource subnets

Returns:

  • (Array) 


140
141
142
 
# File 'lib/enscalator/enapp.rb', line 140

def get_resource_cidr_blocks
  get_resource_to_az_mapping.map(&:cidr_block)
end

#get_resource_to_az_mappingArray

Get resource CIDR blocks availability zones mapping

Returns:

  • (Array) 


126
127
128
129
130
131
132
133
134
135
136
 
# File 'lib/enscalator/enapp.rb', line 126

def get_resource_to_az_mapping
  cidr_blocks = (get_available_cidr_blocks - get_application_cidr_blocks).dup
  availability_zones.map do |suffix, az|
    cidr_block = (begin
      subnet_id = get_resource(current_stack, "ResourceSubnet#{suffix.upcase}")
      Aws::EC2::Subnet.new(id: subnet_id, region: region).cidr_block
    end rescue nil) if current_stack

    Struct::Subnet.new(az, suffix, cidr_block || cidr_blocks.shift)
  end
end

#get_used_cidr_blocksArray

Get currently used CIDR blocks

Returns:

  • (Array) 


94
95
96
 
# File 'lib/enscalator/enapp.rb', line 94

def get_used_cidr_blocks
  vpc.subnets.collect(&:cidr_block)
end

#load_vpc_paramsObject

Query and pre-configure VPC parameters required for the stack



145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
 
# File 'lib/enscalator/enapp.rb', line 145

def load_vpc_params
  parameter 'VpcId',
            Description: 'The Id of the VPC',
            Default: vpc.id,
            Type: 'String',
            AllowedPattern: 'vpc-[a-zA-Z0-9]*',
            ConstraintDescription: 'must begin with vpc- followed by numbers and alphanumeric characters.'

  parameter 'PrivateSecurityGroup',
            Description: 'Security group identifier of private instances',
            Default: get_resource(vpc_stack, 'PrivateSecurityGroup'),
            Type: 'String',
            AllowedPattern: 'sg-[a-zA-Z0-9]*',
            ConstraintDescription: 'must begin with sg- followed by numbers and alphanumeric characters.'

  # allocate application/resource cidr blocks dynamically for all availability zones
  availability_zones.zip(get_application_cidr_blocks,
                         get_resource_cidr_blocks).each do |pair, application_cidr_block, resource_cidr_block|
    suffix, availability_zone = pair

    private_route_table_name = "PrivateRouteTable#{suffix.upcase}"
    parameter private_route_table_name,
              Description: "Route table identifier for private instances of zone #{suffix}",
              Default: get_resource(vpc_stack, private_route_table_name),
              Type: 'String',
              AllowedPattern: 'rtb-[a-zA-Z0-9]*',
              ConstraintDescription: 'must begin with rtb- followed by numbers and alphanumeric characters.'

    application_subnet_name = "ApplicationSubnet#{suffix.upcase}"
    subnet application_subnet_name,
           vpc.id,
           application_cidr_block,
           availability_zone: availability_zone,
           tags: {
             Network: 'Private',
             Application: aws_stack_name,
             immutable_metadata: join('', '{ "purpose": "', aws_stack_name, '-app" }')
           }

    resource_subnet_name = "ResourceSubnet#{suffix.upcase}"
    subnet resource_subnet_name,
           vpc.id,
           resource_cidr_block,
           availability_zone: availability_zone,
           tags: {
             Network: 'Private',
             Application: aws_stack_name
           }

    resource "ApplicationRouteTableAssociation#{suffix.upcase}",
             Type: 'AWS::EC2::SubnetRouteTableAssociation',
             Properties: {
               RouteTableId: ref(private_route_table_name),
               SubnetId: ref(application_subnet_name)
             }

    resource "ResourceRouteTableAssociation#{suffix.upcase}",
             Type: 'AWS::EC2::SubnetRouteTableAssociation',
             Properties: {
               RouteTableId: ref(private_route_table_name),
               SubnetId: ref(resource_subnet_name)
             }
  end

  security_group_vpc 'ResourceSecurityGroup',
                     'Enable internal access with ssh',
                     vpc.id,
                     security_group_ingress: [
                       {
                         IpProtocol: 'tcp',
                         FromPort: '22',
                         ToPort: '22',
                         CidrIp: '10.0.0.0/8'
                       },
                       {
                         IpProtocol: 'tcp',
                         FromPort: '0',
                         ToPort: '65535',
                         SourceSecurityGroupId: ref_application_security_group
                       }
                     ],
                     tags: {
                       Name: join('-', aws_stack_name, 'res', 'sg'),
                       Application: aws_stack_name
                     }

  security_group_vpc 'ApplicationSecurityGroup',
                     'Security group of the application servers',
                     vpc.id,
                     security_group_ingress: [
                       {
                         IpProtocol: 'tcp',
                         FromPort: '0',
                         ToPort: '65535',
                         CidrIp: '10.0.0.0/8'
                       }
                     ],
                     tags: {
                       Name: join('-', aws_stack_name, 'app', 'sg'),
                       Application: aws_stack_name
                     }
end

#public_subnetsObject

Public subnets in all availability zones



57
58
59
 
# File 'lib/enscalator/enapp.rb', line 57

def public_subnets
  availability_zones.map { |suffix, _| get_resource(vpc_stack, "PublicSubnet#{suffix.upcase}") }
end

#ref_application_security_groupHash

Reference to application security group

Returns:

  • (Hash) 


81
82
83
 
# File 'lib/enscalator/enapp.rb', line 81

def ref_application_security_group
  ref('ApplicationSecurityGroup')
end

#ref_application_subnetsObject

References to application subnets in all availability zones



47
48
49
 
# File 'lib/enscalator/enapp.rb', line 47

def ref_application_subnets
  availability_zones.map { |suffix, _| ref("ApplicationSubnet#{suffix.upcase}") }
end

#ref_private_security_groupHash

Reference to private security group

Returns:

  • (Hash) 


69
70
71
 
# File 'lib/enscalator/enapp.rb', line 69

def ref_private_security_group
  ref('PrivateSecurityGroup')
end

#ref_resource_security_groupHash

Reference to resource security group

Returns:

  • (Hash) 


75
76
77
 
# File 'lib/enscalator/enapp.rb', line 75

def ref_resource_security_group
  ref('ResourceSecurityGroup')
end

#ref_resource_subnetsObject

References to resource subnets in all availability zones



52
53
54
 
# File 'lib/enscalator/enapp.rb', line 52

def ref_resource_subnets
  availability_zones.map { |suffix, _| ref("ResourceSubnet#{suffix.upcase}") }
end

#ref_vpc_idHash

Get VPC ID as reference to parameter

Returns:

  • (Hash) 


63
64
65
 
# File 'lib/enscalator/enapp.rb', line 63

def ref_vpc_id
  ref('VpcId')
end

#vpcAws::EC2::Vpc

Get vpc

Returns:

  • (Aws::EC2::Vpc)

    vpc instance



42
43
44
 
# File 'lib/enscalator/enapp.rb', line 42

def vpc
  @vpc ||= Aws::EC2::Vpc.new(id: get_resource(vpc_stack, 'VPC'), region: region)
end

#vpc_stackAws::CloudFormation::Stack

Get vpc stack

Returns:

  • (Aws::CloudFormation::Stack)

    stack instance of vpc stack



28
29
30
 
# File 'lib/enscalator/enapp.rb', line 28

def vpc_stack
  @vpc_stack ||= cfn_resource(cfn_client(region)).stack(vpc_stack_name)
end