aws

package

v1.1.3 Latest Latest Go to latest Published: Apr 22, 2021 License: Apache-2.0 Imports: 32 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/elotl/kip

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func AutoDetectRegion() string
func CheckConnection(endpointURL string, insecureSkipSSLVerify bool) error
func GetMetadata(p string) (string, error)
func MakeFamilyPrefix(controllerID string) string
func SecurityContextToUserGroup(sc *api.SecurityContext) *string
func SplitTaskDef(taskDef, controllerID string) (string, int)
type AwsEC2
- func NewEC2Client(config EC2ClientConfig) (*AwsEC2, error)
type EC2ClientConfig
type EbsSpecs

Constants ¶

View Source

const (
	BootTimeout               = 10 * time.Minute
	AwsInstanceAvailableState = "available"
	AvailableWaitTimeout      = 30 * time.Second
)

Variables ¶

This section is empty.

Functions ¶

func AutoDetectRegion ¶ added in v0.0.14

func AutoDetectRegion() string

func CheckConnection ¶

func CheckConnection(endpointURL string, insecureSkipSSLVerify bool) error

func GetMetadata ¶

func GetMetadata(p string) (string, error)

This function grabs the ec2 metadata for the local machine that milpa is running on. However, if milpa is not running within AWS the standard AWS metadata query hangs for about 15s. I tried modifiying the AWS HTTP client timeout but that didn't work so we'll just use our own client.

func MakeFamilyPrefix ¶

func MakeFamilyPrefix(controllerID string) string

func SecurityContextToUserGroup ¶

func SecurityContextToUserGroup(sc *api.SecurityContext) *string

func SplitTaskDef ¶

func SplitTaskDef(taskDef, controllerID string) (string, int)

Types ¶

type AwsEC2 ¶

type AwsEC2 struct {
	// contains filtered or unexported fields
}

func NewEC2Client ¶

func NewEC2Client(config EC2ClientConfig) (*AwsEC2, error)

Parsing our server.json configuration should have put all confg into environment variables, load necessary config from there.

func (*AwsEC2) AddIAMPermissions ¶ added in v0.0.15

func (e *AwsEC2) AddIAMPermissions(node *api.Node, instanceProfile string) error

func (*AwsEC2) AddInstanceParameter ¶ added in v1.0.5

func (e *AwsEC2) AddInstanceParameter(instanceID, name, value string, isSecret bool) error

func (*AwsEC2) AddInstanceTags ¶

func (e *AwsEC2) AddInstanceTags(iid string, labels map[string]string) error

Tagging with user lables is a best effort, in other words, we allow this to generate errors but will try to continue with tagging if the user breaks some tag constraints.

func (*AwsEC2) AddRoute ¶

func (e *AwsEC2) AddRoute(destinationCIDR, instanceID string) error

func (*AwsEC2) AttachSecurityGroups ¶

func (e *AwsEC2) AttachSecurityGroups(node *api.Node, groups []string) error

func (*AwsEC2) ConnectWithPublicIPs ¶

func (e *AwsEC2) ConnectWithPublicIPs() bool

func (*AwsEC2) ControllerInsideVPC ¶

func (e *AwsEC2) ControllerInsideVPC() bool

func (*AwsEC2) CreateSGName ¶

func (e *AwsEC2) CreateSGName(svcName string) string

func (*AwsEC2) CreateSecurityGroup ¶

func (e *AwsEC2) CreateSecurityGroup(sgName string, ports []cloud.InstancePort, sourceRanges []string) (*cloud.SecurityGroup, error)

func (*AwsEC2) DeleteInstanceParameter ¶ added in v1.0.5

func (e *AwsEC2) DeleteInstanceParameter(instanceID, name string) error

func (*AwsEC2) DeleteSecurityGroup ¶

func (e *AwsEC2) DeleteSecurityGroup(groupID string) error

In non-default VPC, docs say you can only delete Groups by ID.

func (*AwsEC2) DeregisterTaskDefinition ¶

func (c *AwsEC2) DeregisterTaskDefinition(taskARN string) error

func (*AwsEC2) EnsureContainerInstanceCluster ¶

func (c *AwsEC2) EnsureContainerInstanceCluster() error

func (*AwsEC2) EnsureMilpaSecurityGroups ¶

func (c *AwsEC2) EnsureMilpaSecurityGroups(extraCIDRs, extraGroupIDs []string) error

func (*AwsEC2) EnsureSecurityGroup ¶

func (e *AwsEC2) EnsureSecurityGroup(sgName string, ports []cloud.InstancePort, sourceRanges []string) (*cloud.SecurityGroup, error)

Notice this calls findSecurityGroup twice, not the most efficient... Currently this is only used to set up the milpa security group. If it's used more, we'll need to do something else (possibly return the changes from UpdateSecurityGroup and see if we need to re-fetch the SG.

func (*AwsEC2) FindSecurityGroup ¶

func (e *AwsEC2) FindSecurityGroup(sgName string) (*cloud.SecurityGroup, error)

func (*AwsEC2) GetAttributes ¶

func (m *AwsEC2) GetAttributes() cloud.CloudAttributes

func (*AwsEC2) GetBootSecurityGroupIDs ¶

func (c *AwsEC2) GetBootSecurityGroupIDs() []string

func (*AwsEC2) GetContainerInstancesStatuses ¶

func (c *AwsEC2) GetContainerInstancesStatuses(taskARNs []string) (map[string][]api.UnitStatus, error)

func (*AwsEC2) GetDNSInfo ¶

func (e *AwsEC2) GetDNSInfo() ([]string, []string, error)

func (*AwsEC2) GetImage ¶ added in v0.0.3

func (e *AwsEC2) GetImage(spec cloud.BootImageSpec) (cloud.Image, error)

func (*AwsEC2) GetRegistryAuth ¶

func (e *AwsEC2) GetRegistryAuth(image string) (string, string, error)

func (*AwsEC2) GetVPCCIDRs ¶

func (c *AwsEC2) GetVPCCIDRs() []string

func (*AwsEC2) IsAvailable ¶

func (az *AwsEC2) IsAvailable() (bool, error)

func (*AwsEC2) ListContainerInstances ¶

func (c *AwsEC2) ListContainerInstances() ([]cloud.ContainerInstance, error)

func (*AwsEC2) ListContainerInstancesFilterID ¶

func (c *AwsEC2) ListContainerInstancesFilterID(taskARNs []string) ([]cloud.ContainerInstance, error)

func (*AwsEC2) ListInstances ¶

func (e *AwsEC2) ListInstances() ([]cloud.CloudInstance, error)

func (*AwsEC2) ListInstancesFilterID ¶

func (e *AwsEC2) ListInstancesFilterID(ids []string) ([]cloud.CloudInstance, error)

func (*AwsEC2) ListTaskDefinitions ¶

func (c *AwsEC2) ListTaskDefinitions() ([]string, error)

func (*AwsEC2) ModifySourceDestinationCheck ¶

func (e *AwsEC2) ModifySourceDestinationCheck(instanceID string, isEnabled bool) error

func (*AwsEC2) ReleaseDedicatedHosts ¶ added in v1.1.0

func (e *AwsEC2) ReleaseDedicatedHosts() error

We need to ensure the dedicated host fulfills two constraints 1) in a state of "available" 2) no tenant is currently occupying the host

func (*AwsEC2) RemoveRoute ¶

func (e *AwsEC2) RemoveRoute(destinationCIDR, instanceID string) error

func (*AwsEC2) ResizeVolume ¶

func (e *AwsEC2) ResizeVolume(node *api.Node, size int64) (error, bool)

func (*AwsEC2) SetBootSecurityGroupIDs ¶

func (c *AwsEC2) SetBootSecurityGroupIDs(ids []string)

func (*AwsEC2) SetSustainedCPU ¶

func (e *AwsEC2) SetSustainedCPU(node *api.Node, enabled bool) error

func (*AwsEC2) StartContainerInstance ¶

func (c *AwsEC2) StartContainerInstance(pod *api.Pod) (string, error)

func (*AwsEC2) StartDedicatedNode ¶ added in v1.1.0

func (e *AwsEC2) StartDedicatedNode(node *api.Node, image cloud.Image, metadata, iamPermissions string) (string, error)

func (*AwsEC2) StartNode ¶

func (e *AwsEC2) StartNode(node *api.Node, image cloud.Image, metadata, iamPermissions string) (string, error)

func (*AwsEC2) StartSpotNode ¶

func (e *AwsEC2) StartSpotNode(node *api.Node, image cloud.Image, metadata, iamPermissions string) (string, error)

This isn't terribly different from Start node but there are some minor differences. We'll capture errors correctly here and there

func (*AwsEC2) StopContainerInstance ¶

func (c *AwsEC2) StopContainerInstance(containerInstanceID string) error

func (*AwsEC2) StopInstance ¶

func (e *AwsEC2) StopInstance(instanceID string) error

func (*AwsEC2) UpdateSecurityGroup ¶

func (e *AwsEC2) UpdateSecurityGroup(cloudSG cloud.SecurityGroup, specPorts []cloud.InstancePort, sourceRanges []string) error

go through and figure out what rules need to be deleted and what rules need to be added in order to make our security group match the spec the user has asked for. We do the merge instead of deleting everything and re-adding because we don't want to delete existing rules that aren't changing sincec services might depend on those rules. We have to be careful because AWS doesn't allow duplicate rules to exist (but does allow overlapping rules)

func (*AwsEC2) WaitForContainerInstanceRunning ¶

func (c *AwsEC2) WaitForContainerInstanceRunning(pod *api.Pod) (*api.Pod, error)

func (*AwsEC2) WaitForRunning ¶

func (e *AwsEC2) WaitForRunning(node *api.Node) ([]api.NetworkAddress, error)

type EC2ClientConfig ¶ added in v0.0.6

type EC2ClientConfig struct {
	ControllerID          string
	Nametag               string
	VPCID                 string
	SubnetID              string
	ECSClusterName        string
	PrivateIPOnly         bool
	EndpointURL           string
	InsecureTLSSkipVerify bool
}

type EbsSpecs ¶ added in v1.1.0

type EbsSpecs struct {
	Iops       *int64
	Throughput *int64 // MiB/s, valid only for gp3
	VolumeType string
	VolumeSize int32 // GiBs
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL