func groups(c cmd, conn *ec2.EC2, _ []string) {
resp, err := conn.SecurityGroups(nil, nil)
check(err, "list groups")
var b bytes.Buffer
printf := func(f string, a ...interface{}) {
fmt.Fprintf(&b, f, a...)
}
for _, g := range resp.Groups {
switch {
case groupsFlags.vv:
printf("%s:%s %s %q\n", g.OwnerId, g.Name, g.Id, g.Description)
for _, p := range g.IPPerms {
printf("\t")
printf("\t-proto %s -from %d -to %d", p.Protocol, p.FromPort, p.ToPort)
for _, g := range p.SourceGroups {
printf(" %s", g.Id)
}
for _, ip := range p.SourceIPs {
printf(" %s", ip)
}
printf("\n")
}
case groupsFlags.v:
printf("%s %s %q\n", g.Name, g.Id, g.Description)
case groupsFlags.ids:
printf("%s\n", g.Id)
default:
printf("%s\n", g.Name)
}
}
os.Stdout.Write(b.Bytes())
}
func revoke(c cmd, conn *ec2.EC2, args []string) {
if len(args) < 1 {
c.usage()
}
_, err := conn.RevokeSecurityGroup(parseGroup(args[0]), ipPerms(args[1:]))
check(err, "revokeSecurityGroup")
}
func mkgroup(c cmd, conn *ec2.EC2, args []string) {
if len(args) != 2 {
c.usage()
}
_, err := conn.CreateSecurityGroup(args[0], args[1])
check(err, "create security group")
}
func instances(c cmd, conn *ec2.EC2, args []string) {
resp, err := conn.Instances(nil, nil)
if err != nil {
fatalf("cannot get instances: %v", err)
}
var line []string
for _, r := range resp.Reservations {
for _, inst := range r.Instances {
if !instancesFlags.all && inst.State.Name == "terminated" {
continue
}
line = append(line[:0], inst.InstanceId)
if instancesFlags.state {
line = append(line, inst.State.Name)
}
if instancesFlags.addr {
if inst.DNSName == "" {
inst.DNSName = "none"
}
line = append(line, inst.DNSName)
}
fmt.Printf("%s\n", strings.Join(line, " "))
}
}
}
func auth(c cmd, conn *ec2.EC2, args []string) {
if len(args) < 1 {
c.usage()
}
_, err := conn.AuthorizeSecurityGroup(parseGroup(args[0]), ipPerms(args[1:]))
check(err, "authorizeSecurityGroup")
}
func terminate(c cmd, conn *ec2.EC2, args []string) {
if len(args) == 0 {
return
}
_, err := conn.TerminateInstances(args)
if err != nil {
fatalf("cannot terminate instances: %v", err)
}
}
func terminateInstances(c *C, e *ec2.EC2, insts []*ec2.Instance) {
var ids []string
for _, inst := range insts {
if inst != nil {
ids = append(ids, inst.InstanceId)
}
}
_, err := e.TerminateInstances(ids)
c.Check(err, IsNil, Commentf("%d INSTANCES LEFT RUNNING!!!", len(ids)))
}
func defaultAMI(conn *ec2.EC2) (string, error) {
filter := ec2.NewFilter()
imageName := "amzn-ami-hvm-2014.03.2.x86_64-ebs"
filter.Add("name", imageName)
resp, _ := conn.Images(nil, filter)
if len(resp.Images) == 0 {
return "", fmt.Errorf("Unable to retrieve ami id for image name: %s", imageName)
}
return resp.Images[0].Id, nil
}
func searchByFilter(e *ec2.EC2, key, value string) (*ec2.Instance, error) {
filter := ec2.NewFilter()
filter.Add(key, value)
resp, err := e.Instances(nil, filter)
if err != nil {
return nil, errors.New("EC2 API call failed. " +
"Check your AWS credentials and system clock")
}
if len(resp.Reservations) != 1 {
return nil, errors.New("no instance with " + key + "=" + value)
}
return &resp.Reservations[0].Instances[0], nil
}
func setupEC2(accessKey string, secretKey string, regionName string) (ec2.EC2, error) {
e := ec2.EC2{}
auth := aws.Auth{accessKey, secretKey}
region := aws.Regions[regionName]
if region.Name != regionName {
return e, errors.New("Region is invalid")
}
e.Auth = auth
e.Region = region
return e, nil
}
func delgroup(c cmd, conn *ec2.EC2, args []string) {
hasError := false
for _, g := range args {
var ec2g ec2.SecurityGroup
if secGroupPat.MatchString(g) {
ec2g.Id = g
} else {
ec2g.Name = g
}
_, err := conn.DeleteSecurityGroup(ec2g)
if err != nil {
errorf("cannot delete %q: %v", g, err)
hasError = true
}
}
if hasError {
os.Exit(1)
}
}
func getLocalIP(ec2conn *ec2.EC2) string {
f := ec2.NewFilter()
f.Add("tag:server-type", "image-proxy")
resp, err := ec2conn.Instances(nil, f)
if err != nil {
return ""
}
for _, reserv := range resp.Reservations {
for _, instance := range reserv.Instances {
if localAddress(instance.PrivateIPAddress) {
return instance.PrivateIPAddress
}
}
}
return ""
}
func waitForDnsName(ec2Inst *ec2.EC2, instance *ec2.Instance) (*ec2.Instance, error) {
t0 := time.Now()
for instance.DNSName == "" {
instId := instance.InstanceId
if time.Now().Sub(t0) > maxWaitTime {
return nil, fmt.Errorf("ec2: time out waiting for instance %s to start", instId)
}
log.Debugf("ec2: waiting for dnsname for instance %s", instId)
time.Sleep(500 * time.Millisecond)
resp, err := ec2Inst.Instances([]string{instance.InstanceId}, ec2.NewFilter())
if err != nil {
return nil, err
}
if len(resp.Reservations) == 0 || len(resp.Reservations[0].Instances) == 0 {
return nil, fmt.Errorf("No instances returned")
}
instance = &resp.Reservations[0].Instances[0]
}
return instance, nil
}
func terminateInstances(c *C, e *ec2.EC2, ids []string) {
_, err := e.TerminateInstances(ids)
c.Assert(err, IsNil, Commentf("%v INSTANCES LEFT RUNNING!!!", ids))
// We need to wait until the instances are really off, because
// entities that depend on them won't be deleted (i.e. groups,
// NICs, subnets, etc.)
testAttempt := aws.AttemptStrategy{
Total: 10 * time.Minute,
Delay: 5 * time.Second,
}
f := ec2.NewFilter()
f.Add("instance-state-name", "terminated")
idsLeft := make(map[string]bool)
for _, id := range ids {
idsLeft[id] = true
}
for a := testAttempt.Start(); a.Next(); {
c.Logf("waiting for %v to get terminated", ids)
resp, err := e.Instances(ids, f)
if err != nil {
c.Fatalf("not waiting for %v to terminate: %v", ids, err)
}
for _, r := range resp.Reservations {
for _, inst := range r.Instances {
delete(idsLeft, inst.InstanceId)
}
}
ids = []string{}
for id, _ := range idsLeft {
ids = append(ids, id)
}
if len(ids) == 0 {
c.Logf("all instances terminated.")
return
}
}
c.Fatalf("%v INSTANCES LEFT RUNNING!!!", ids)
}
// createGroup creates a new EC2 group and returns it. If it already exists,
// it revokes all its permissions and returns the existing group.
func createGroup(c *C, ec2conn *amzec2.EC2, name, descr string) amzec2.SecurityGroup {
resp, err := ec2conn.CreateSecurityGroup(name, descr)
if err == nil {
return resp.SecurityGroup
}
if err.(*amzec2.Error).Code != "InvalidGroup.Duplicate" {
c.Fatalf("cannot make group %q: %v", name, err)
}
// Found duplicate group, so revoke its permissions and return it.
gresp, err := ec2conn.SecurityGroups(amzec2.SecurityGroupNames(name), nil)
c.Assert(err, IsNil)
gi := gresp.Groups[0]
if len(gi.IPPerms) > 0 {
_, err = ec2conn.RevokeSecurityGroup(gi.SecurityGroup, gi.IPPerms)
c.Assert(err, IsNil)
}
return gi.SecurityGroup
}