EC2 support for SubnetName and securityGroupName

Now we can have subnetname and securitygroupname in network_interfaces of EC2 cloud profiles: profile_name: size: t2.medium network_interfaces: - DeviceIndex: 0 allocate_new_eip: true subnetname: subnet01 securitygroupname: - sgLinux - sgServer1 - sgServer2
2024-11-07 00:55:19 +00:00 · 2016-11-04 14:16:02 -04:00 · 2016-11-04 14:16:02 -04:00 · 783f58bf3d
commit 783f58bf3d
parent 60b5085696
2 changed files with 48 additions and 23 deletions
--- a/doc/topics/cloud/aws.rst
+++ b/doc/topics/cloud/aws.rst
@ -1048,6 +1048,12 @@ the network interfaces of your virtual machines, for example:-
          # to accept IP packets with destinations other than itself.
          # SourceDestCheck: False

+        - DeviceIndex: 1
+          subnetname: XXXXXXXX-Subnet
+          securitygroupname:
+            - XXXXXXXX-SecurityGroup
+            - YYYYYYYY-SecurityGroup
+
 Note that it is an error to assign a 'subnetid', 'subnetname', 'securitygroupid'
 or 'securitygroupname' to a profile where the interfaces are manually configured
 like this. These are both really properties of each network interface, not of
--- a/salt/cloud/clouds/ec2.py
+++ b/salt/cloud/clouds/ec2.py
@ -1122,6 +1122,24 @@ def get_tenancy(vm_):
    )


+def _get_subnetname_id(subnetname):
+    '''
+    Returns the SubnetId of a SubnetName to use
+    '''
+    params = {'Action': 'DescribeSubnets'}
+    for subnet in aws.query(params, location=get_location(),
+               provider=get_provider(), opts=__opts__, sigver='4'):
+        tags = subnet.get('tagSet', {}).get('item', {})
+        if not isinstance(tags, list):
+            tags = [ tags, ]
+        for tag in tags:
+            if tag['key'] == 'Name' and tag['value'] == subnetname:
+                log.debug('AWS Subnet ID of {0} is {1}'.format(
+                                        subnetname, subnet['subnetId'] )
+                )
+                return subnet['subnetId']
+    return None
+
 def get_subnetid(vm_):
    '''
    Returns the SubnetId to use
@ -1136,20 +1154,25 @@ def get_subnetid(vm_):
        'subnetname', vm_, __opts__, search_global=False
    )
    if subnetname:
-        params = {'Action': 'DescribeSubnets'}
-        for subnet in aws.query(params, location=get_location(),
-                   provider=get_provider(), opts=__opts__, sigver='4'):
-            tags = subnet.get('tagSet', {}).get('item', {})
-            if not isinstance(tags, list):
-                tags = [tags]
-            for tag in tags:
-                if tag['key'] == 'Name' and tag['value'] == subnetname:
-                    log.debug('AWS Subnet ID of {0} is {1}'.format(
-                        subnetname, subnet['subnetId'])
-                    )
-                    return subnet['subnetId']
+        return _get_subnetname_id(subnetname)
    return None

+def _get_securitygroupname_id(securitygroupname_list):
+    '''
+    Returns the SecurityGroupId of a SecurityGroupName to use
+    '''
+    securitygroupid_set = set()
+    if not isinstance(securitygroupname_list, list):
+    securitygroupname_list = [ securitygroupname_list, ]
+    params = {'Action': 'DescribeSecurityGroups'}
+    for sg in aws.query(params, location=get_location(),
+               provider=get_provider(), opts=__opts__, sigver='4'):
+        if sg['groupName'] in securitygroupname_list:
+            log.debug('AWS SecurityGroup ID of {0} is {1}'.format(
+                                    sg['groupName'], sg['groupId'] )
+            )
+            securitygroupid_set.add(sg['groupId'])
+    return list(securitygroupid_set)

 def securitygroupid(vm_):
    '''
@ -1161,7 +1184,7 @@ def securitygroupid(vm_):
    )
    if securitygroupid_list:
        if isinstance(securitygroupid_list, list):
-            securitygroupid_set.union(securitygroupid_list)
+            securitygroupid_set = securitygroupid_set.union( securitygroupid_list )
        else:
            securitygroupid_set.add(securitygroupid_list)

@ -1169,16 +1192,7 @@ def securitygroupid(vm_):
        'securitygroupname', vm_, __opts__, search_global=False
    )
    if securitygroupname_list:
-        if not isinstance(securitygroupname_list, list):
-            securitygroupname_list = [securitygroupname_list]
-        params = {'Action': 'DescribeSecurityGroups'}
-        for sg in aws.query(params, location=get_location(),
-                            provider=get_provider(), opts=__opts__, sigver='4'):
-            if sg['groupName'] in securitygroupname_list:
-                log.debug('AWS SecurityGroup ID of {0} is {1}'.format(
-                    sg['groupName'], sg['groupId'])
-                )
-                securitygroupid_set.add(sg['groupId'])
+        securitygroupid_set = securitygroupid_set.union( _get_securitygroupname_id(securitygroupname_list) )
    return list(securitygroupid_set)


@ -1289,6 +1303,11 @@ def _create_eni_if_necessary(interface, vm_):
                             opts=__opts__,
                             sigver='4')

+    if 'SecurityGroupId' not in interface and 'securitygroupname' in interface:
+        interface['SecurityGroupId'] = _get_securitygroupname_id(interface['securitygroupname'])
+    if 'SubnetId' not in interface and 'subnetname' in interface:
+        interface['SubnetId'] = _get_subnetname_id(interface['subnetname'])
+
    subnet_id = _get_subnet_id_for_interface(subnet_query, interface)
    if not subnet_id:
        raise SaltCloudConfigError(