Branch: refs/heads/master
Home: https://github.com/NixOS/charon
Commit: bbba740d14c79d444aa72c3780ea1ed07f549ed1
https://github.com/NixOS/charon/commit/bbba740d14c79d444aa72c3780ea1ed07f549ed1
Author: Eelco Dolstra <[email protected]>
Date: 2012-04-24 (Tue, 24 Apr 2012)
Changed paths:
M charon/deployment.py
M scripts/charon
Log Message:
-----------
‘charon destroy’: support restricting the set of machines to be destroyed
‘charon destroy’ now accepts the same ‘--include’ and ‘--exclude’
flags accepted by ‘charon deploy’.
diff --git a/charon/deployment.py b/charon/deployment.py
index 3d7a134..37f5517 100644
--- a/charon/deployment.py
+++ b/charon/deployment.py
@@ -280,10 +280,11 @@ def worker(m):
self.activate_configs(self.configs_path, include=include,
exclude=exclude)
- def destroy_vms(self):
+ def destroy_vms(self, include=[], exclude=[]):
"""Destroy all current or obsolete VMs."""
for m in self.machines.values(): # don't use itervalues() here
+ if not should_do(m, include, exclude): continue
m.destroy()
self.delete_machine(m)
diff --git a/scripts/charon b/scripts/charon
index fdd3b80..44b52bd 100755
--- a/scripts/charon
+++ b/scripts/charon
@@ -76,7 +76,7 @@ def op_deploy():
def op_destroy():
depl = deployment.Deployment(args.state_file)
- depl.destroy_vms()
+ depl.destroy_vms(include=args.include or [], exclude=args.exclude or [])
def op_show_physical():
@@ -145,6 +145,8 @@ subparser.add_argument('--check', dest='check',
action='store_true', help='do no
subparser = subparsers.add_parser('destroy', help='destroy all virtual
machines in the network')
subparser.set_defaults(op=op_destroy)
+subparser.add_argument('--include', nargs='+', metavar='MACHINE-NAME',
help='destroy only the specified machines')
+subparser.add_argument('--exclude', nargs='+', metavar='MACHINE-NAME',
help='destroy all except the specified machines')
subparser = subparsers.add_parser('show-physical', help='print the physical
network expression')
subparser.set_defaults(op=op_show_physical)
================================================================
Commit: 3a907f318f11ea4b7cc81f124038f3ec2e36f6fc
https://github.com/NixOS/charon/commit/3a907f318f11ea4b7cc81f124038f3ec2e36f6fc
Author: Eelco Dolstra <[email protected]>
Date: 2012-04-24 (Tue, 24 Apr 2012)
Changed paths:
M charon/backends/ec2.py
M examples/apache-ec2-multizone.nix
M examples/ec2-info.nix
M nix/options.nix
Log Message:
-----------
EC2 backend: Support specifying the path to the private key
diff --git a/charon/backends/ec2.py b/charon/backends/ec2.py
index 6503346..01aa6a8 100644
--- a/charon/backends/ec2.py
+++ b/charon/backends/ec2.py
@@ -31,6 +31,7 @@ def __init__(self, xml):
if self.ami == "": raise Exception("no AMI defined for EC2 machine
‘{0}’".format(self.name))
self.instance_type =
x.find("attr[@name='instanceType']/string").get("value")
self.key_pair = x.find("attr[@name='keyPair']/string").get("value")
+ self.private_key =
x.find("attr[@name='privateKey']/string").get("value")
self.security_groups = [e.get("value") for e in
x.findall("attr[@name='securityGroups']/list/string")]
self.tags = {k.get("name"): k.find("string").get("value") for k in
x.findall("attr[@name='tags']/attrs/attr")}
def f(xml):
@@ -66,6 +67,7 @@ def _reset_state(self):
self._ami = None
self._instance_type = None
self._key_pair = None
+ self._private_key = None
self._security_groups = None
self._instance_id = None
@@ -94,6 +96,7 @@ def serialise(self):
if self._ami: y['ami'] = self._ami
if self._instance_type: y['instanceType'] = self._instance_type
if self._key_pair: y['keyPair'] = self._key_pair
+ if self._private_key: y['privateKey'] = self._private_key
if self._security_groups: y['securityGroups'] = self._security_groups
if self._tags: y['tags'] = self._tags
if self._block_device_mapping: y['blockDeviceMapping'] =
self._block_device_mapping
@@ -121,6 +124,7 @@ def deserialise(self, x):
self._ami = y.get('ami', None)
self._instance_type = y.get('instanceType', None)
self._key_pair = y.get('keyPair', None)
+ self._private_key = y.get('privateKey', None)
self._security_groups = y.get('securityGroups', None)
self._tags = y.get('tags', {})
self._block_device_mapping = y.get('blockDeviceMapping', {})
@@ -136,6 +140,11 @@ def get_ssh_name(self):
raise Exception("EC2 machine ‘{0}’ does not have a public IPv4
address (yet)".format(self.name))
return self._public_ipv4
+
+ def get_ssh_flags(self):
+ return ["-i", self._private_key] if self._private_key else []
+
+
def get_physical_spec(self, machines):
lines = [' require = [
<nixos/modules/virtualisation/amazon-config.nix> ];',
' services.openssh.extraConfig = "PermitTunnel yes\\n";']
@@ -167,20 +176,24 @@ def get_physical_spec(self, machines):
authorized_keys.append('"' + m._public_vpn_key + '"')
lines.append(' users.extraUsers.root.openssh.authorizedKeys.keys =
[ {0} ];'.format(" ".join(authorized_keys)))
return lines
+
def show_type(self):
s = MachineState.show_type(self)
if self._zone or self._region: s = "{0} [{1}; {2}]".format(s,
self._zone or self._region, self._instance_type)
return s
+
@property
def vm_id(self):
return self._instance_id
+
@property
def public_ipv4(self):
return self._public_ipv4
+
@property
def private_ipv4(self):
return self._private_ipv4
@@ -261,6 +274,8 @@ def create(self, defn, check):
self._access_key_id = defn.access_key_id or
os.environ.get('EC2_ACCESS_KEY') or os.environ.get('AWS_ACCESS_KEY_ID')
if not self._access_key_id:
raise Exception("please set ‘deployment.ec2.accessKeyId’,
$EC2_ACCESS_KEY or $AWS_ACCESS_KEY_ID")
+
+ self._private_key = defn.private_key or None
# Check whether the instance hasn't been killed behind our
# backs. Restart stopped instances.
diff --git a/examples/apache-ec2-multizone.nix
b/examples/apache-ec2-multizone.nix
index 00d94bd..838ba0b 100644
--- a/examples/apache-ec2-multizone.nix
+++ b/examples/apache-ec2-multizone.nix
@@ -5,6 +5,7 @@ let
deployment.targetEnv = "ec2";
deployment.ec2.region = "us-east-1";
deployment.ec2.instanceType = "m1.small";
+ deployment.ec2.privateKey =
"/home/eelco/.ec2/logicblox/id_rsa-eelco-logicblox-us-east-1";
};
configEU =
diff --git a/examples/ec2-info.nix b/examples/ec2-info.nix
index a8afa33..07beac9 100644
--- a/examples/ec2-info.nix
+++ b/examples/ec2-info.nix
@@ -1,4 +1,9 @@
+{ pkgs, ... }:
+
+with pkgs.lib;
+
{ deployment.ec2.accessKeyId = "AKIAIEMEJZVNOOHWZKZQ";
- deployment.ec2.keyPair = "eelco";
- deployment.ec2.securityGroups = [ "eelco-test" ];
+ deployment.ec2.keyPair = mkDefault "eelco";
+ deployment.ec2.privateKey = mkDefault
"/home/eelco/.ec2/logicblox/id_rsa-eelco-logicblox-eu-west-1";
+ deployment.ec2.securityGroups = mkDefault [ "eelco-test" ];
}
diff --git a/nix/options.nix b/nix/options.nix
index d8a9b7c..56fb8e5 100644
--- a/nix/options.nix
+++ b/nix/options.nix
@@ -195,6 +195,20 @@ in
'';
};
+ deployment.ec2.privateKey = mkOption {
+ default = "";
+ example = "/home/alice/.ssh/id_rsa-my-keypair";
+ type = types.uniq types.string;
+ description = ''
+ Path of the SSH private key file corresponding with
+ <option>deployment.ec2.keyPair</option>. Charon will use this
+ private key if set; otherwise, the key must be findable by SSH
+ through its normal mechanisms (e.g. it should be listed in
+ <filename>~/.ssh/config</filename> or added to the
+ <command>ssh-agent</command>).
+ '';
+ };
+
deployment.ec2.securityGroups = mkOption {
default = [ "default" ];
example = [ "my-group" "my-other-group" ];
================================================================
Compare: https://github.com/NixOS/charon/compare/22b0c52...3a907f3
_______________________________________________
nix-commits mailing list
[email protected]
http://lists.science.uu.nl/mailman/listinfo/nix-commits
