func (builder *Builder) buildInternetGateways(former cloudformer.CloudFormer) error {
for _, x := range builder.spec.InternetGateways {
builder.gateways[x.Name] = former.InternetGateway(x.Name)
}
return nil
}
func (builder *Builder) buildBuckets(former cloudformer.CloudFormer) error {
for _, x := range builder.spec.Buckets {
former.Bucket(x.Name).Name(x.BucketName)
}
return nil
}
func (builder *Builder) buildElasticIPs(former cloudformer.CloudFormer) error {
for _, x := range builder.spec.ElasticIPs {
former.ElasticIP(x.Name).Domain("vpc")
}
return nil
}
func (builder *Builder) buildVPC(former cloudformer.CloudFormer) error {
vpc := former.VPC("")
vpc.Network(cloudformer.CIDR(builder.spec.VPC.CIDR))
vpc.AssociateDHCPOptions(cloudformer.DHCPOptions{
DomainNameServers: builder.spec.DNS,
})
vpcGateway, found := builder.gateways[builder.spec.VPC.InternetGateway]
if !found {
return fmt.Errorf("unknown gateway for VPC: %s", builder.spec.VPC.InternetGateway)
}
vpc.AttachInternetGateway(vpcGateway)
builder.vpc = vpc
return nil
}
func (builder *Builder) buildLoadBalancers(former cloudformer.CloudFormer) error {
for _, x := range builder.spec.LoadBalancers {
balancer := former.LoadBalancer(x.Name)
for _, name := range x.Subnets {
subnet, found := builder.subnets[name]
if !found {
return fmt.Errorf("unknown subnet: %s", name)
}
balancer.Subnet(subnet)
}
for _, listener := range x.Listeners {
destinationPort := listener.Port
if listener.DestinationPort != nil {
destinationPort = *listener.DestinationPort
}
destinationProtocol := listener.Protocol
if listener.DestinationProtocol != nil {
destinationProtocol = *listener.DestinationProtocol
}
balancer.Listener(
cloudformer.ProtocolType(listener.Protocol),
listener.Port,
cloudformer.ProtocolType(destinationProtocol),
destinationPort,
listener.SSLCertificateId,
)
}
for _, name := range x.SecurityGroups {
securityGroup, found := builder.securityGroups[name]
if !found {
return fmt.Errorf("unknown security group: %s", name)
}
balancer.SecurityGroup(securityGroup)
}
balancer.HealthCheck(cloudformer.HealthCheck{
Protocol: cloudformer.ProtocolType(x.HealthCheck.Target.Protocol),
Port: x.HealthCheck.Target.Port,
Path: x.HealthCheck.Target.Path,
Interval: time.Duration(x.HealthCheck.Interval) * time.Second,
Timeout: time.Duration(x.HealthCheck.Timeout) * time.Second,
HealthyThreshold: x.HealthCheck.HealthyThreshold,
UnhealthyThreshold: x.HealthCheck.UnhealthyThreshold,
})
if x.DNSRecord != "" {
balancer.RecordSet(x.DNSRecord, builder.spec.Domain)
}
if x.Scheme != "" {
balancer.Scheme(x.Scheme)
}
balancer.CrossZone(x.CrossZone)
}
return nil
}
func (builder *Builder) buildSubnets(former cloudformer.CloudFormer) error {
natAMI, found := NAT_AMIS[builder.region]
if !found {
return fmt.Errorf("unknown NAT image for region: %s", builder.region)
}
for _, x := range builder.spec.Subnets {
if x.NAT == nil {
continue
}
if x.RouteTable != nil && x.RouteTable.Instance != nil {
continue
}
subnet := builder.vpc.Subnet(x.Name)
subnet.Network(cloudformer.CIDR(x.CIDR))
subnet.AvailabilityZone(x.AvailabilityZone)
if x.RouteTable != nil {
if x.RouteTable.InternetGateway != nil {
gateway, found := builder.gateways[*x.RouteTable.InternetGateway]
if !found {
return fmt.Errorf("unknown gateway: %s", *x.RouteTable.InternetGateway)
}
subnet.RouteTable().InternetGateway(gateway)
}
}
nat := subnet.Instance(x.NAT.Name)
nat.Type(x.NAT.InstanceType)
nat.PrivateIP(cloudformer.IP(x.NAT.IP))
nat.KeyPair(x.NAT.KeyPairName)
nat.Image(natAMI)
nat.SourceDestCheck(false)
securityGroup, found := builder.securityGroups[x.NAT.SecurityGroup]
if !found {
return fmt.Errorf("unknown security group: %s", x.NAT.SecurityGroup)
}
nat.SecurityGroup(securityGroup)
ip := former.ElasticIP("NAT")
ip.Domain("vpc")
ip.AttachTo(nat)
builder.instances[x.NAT.Name] = nat
builder.subnets[x.Name] = subnet
}
for _, x := range builder.spec.Subnets {
if x.NAT != nil {
continue
}
subnet := builder.vpc.Subnet(x.Name)
subnet.Network(cloudformer.CIDR(x.CIDR))
subnet.AvailabilityZone(x.AvailabilityZone)
if x.RouteTable != nil {
if x.RouteTable.Instance != nil {
instance, found := builder.instances[*x.RouteTable.Instance]
if !found {
return fmt.Errorf("unknown instance: %s", *x.RouteTable.Instance)
}
subnet.RouteTable().Instance(instance)
}
if x.RouteTable.InternetGateway != nil {
gateway, found := builder.gateways[*x.RouteTable.InternetGateway]
if !found {
return fmt.Errorf("unknown gateway: %s", *x.RouteTable.InternetGateway)
}
subnet.RouteTable().InternetGateway(gateway)
}
}
builder.subnets[x.Name] = subnet
}
return nil
}
func Form(f cloudformer.CloudFormer) {
zone1 := "us-east-1a"
vpc := f.VPC("Drone")
vpc.Network(cloudformer.CIDR("10.10.0.0/16"))
vpcGateway := f.InternetGateway("Drone")
vpc.AttachInternetGateway(vpcGateway)
openSecurityGroup := vpc.SecurityGroup("Open")
boshSecurityGroup := vpc.SecurityGroup("BOSH")
internalSecurityGroup := vpc.SecurityGroup("Internal")
webSecurityGroup := vpc.SecurityGroup("Web")
for _, group := range []cloudformer.SecurityGroup{
openSecurityGroup,
boshSecurityGroup,
internalSecurityGroup,
} {
group.Ingress(cloudformer.TCP, cloudformer.CIDR("0.0.0.0/0"), 0, 65535)
group.Ingress(cloudformer.UDP, cloudformer.CIDR("0.0.0.0/0"), 0, 65535)
}
webSecurityGroup.Ingress(cloudformer.TCP, cloudformer.CIDR("0.0.0.0/0"), 80, 80)
webSecurityGroup.Ingress(cloudformer.TCP, cloudformer.CIDR("0.0.0.0/0"), 8080, 8080)
boshSubnet := vpc.Subnet("BOSH")
boshSubnet.Network(cloudformer.CIDR("10.10.0.0/24"))
boshSubnet.AvailabilityZone(zone1)
boshSubnet.RouteTable().InternetGateway(vpcGateway)
droneELBSubnet := vpc.Subnet("DroneELB")
droneELBSubnet.Network(cloudformer.CIDR("10.10.2.0/24"))
droneELBSubnet.AvailabilityZone(zone1)
droneELBSubnet.RouteTable().InternetGateway(vpcGateway)
droneSubnet := vpc.Subnet("Drone")
droneSubnet.Network(cloudformer.CIDR("10.10.16.0/20"))
droneSubnet.AvailabilityZone(zone1)
boshNAT := boshSubnet.Instance("NAT")
boshNAT.Type("m1.small")
boshNAT.Image("ami-something")
boshNAT.PrivateIP(cloudformer.IP("10.10.0.10"))
boshNAT.KeyPair("bosh")
boshNAT.SecurityGroup(openSecurityGroup)
droneSubnet.RouteTable().Instance(boshNAT)
balancer := f.LoadBalancer("Drone")
balancer.Listener(cloudformer.TCP, 80, cloudformer.TCP, 80, "")
balancer.Listener(cloudformer.TCP, 8080, cloudformer.TCP, 8080, "")
balancer.HealthCheck(cloudformer.HealthCheck{
Protocol: cloudformer.TCP,
Port: 80,
Timeout: 5 * time.Second,
Interval: 30 * time.Second,
HealthyThreshold: 10,
UnhealthyThreshold: 2,
})
balancer.Subnet(droneELBSubnet)
balancer.SecurityGroup(webSecurityGroup)
}