aws() 공개 메소드

This method ensures that aws instance is always from the current environment scope.
public aws ( string | DBServer | DBFarmRole | DBEBSVolume $awsRegion = null, string $awsAccessKeyId = null, string $awsSecretAccessKey = null, string $certificate = null, string $privateKey = null ) : Aws
$awsRegion string | DBServer | DBFarmRole | DBEBSVolume optional The region or object which has both Scalr_Environment instance and cloud location itself
$awsAccessKeyId string optional The AccessKeyId
$awsSecretAccessKey string optional The SecretAccessKey
$certificate string optional Contains x.509 certificate
$privateKey string optional The private key for the certificate
리턴 Scalr\Service\Aws Returns Aws instance
예제 #1
0
파일: Clouds.php 프로젝트: scalr/scalr
 private function saveEc2()
 {
     $pars = [];
     $enabled = false;
     $envAutoEnabled = false;
     $bNew = !$this->env->isPlatformEnabled(SERVER_PLATFORMS::EC2);
     $currentCloudCredentials = $this->env->keychain(SERVER_PLATFORMS::EC2);
     $ccProps = $currentCloudCredentials->properties;
     if ($this->getParam('ec2_is_enabled')) {
         $enabled = true;
         $pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_TYPE] = trim($this->checkVar(Entity\CloudCredentialsProperty::AWS_ACCOUNT_TYPE, 'string', "AWS Account Type required", SERVER_PLATFORMS::EC2));
         $pars[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY] = trim($this->checkVar(Entity\CloudCredentialsProperty::AWS_ACCESS_KEY, 'string', "AWS Access Key required", SERVER_PLATFORMS::EC2));
         $pars[Entity\CloudCredentialsProperty::AWS_SECRET_KEY] = trim($this->checkVar(Entity\CloudCredentialsProperty::AWS_SECRET_KEY, 'password', "AWS Access Key required", SERVER_PLATFORMS::EC2));
         $pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] = $this->checkVar(Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY, 'file', '', SERVER_PLATFORMS::EC2);
         $pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE] = $this->checkVar(Entity\CloudCredentialsProperty::AWS_CERTIFICATE, 'file', '', SERVER_PLATFORMS::EC2);
         if ($this->getContainer()->analytics->enabled) {
             $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_ENABLED] = $this->checkVar2(Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_ENABLED, 'bool', '', SERVER_PLATFORMS::EC2);
             if (!empty($pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_ENABLED])) {
                 $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_BUCKET] = $this->checkVar(Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_BUCKET, 'string', "Detailed billing bucket name is required", SERVER_PLATFORMS::EC2);
                 $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_PAYER_ACCOUNT] = $this->checkVar2(Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_PAYER_ACCOUNT, 'string', '', SERVER_PLATFORMS::EC2);
                 $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_REGION] = $this->checkVar(Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_REGION, 'string', "Aws region is required", SERVER_PLATFORMS::EC2);
             } else {
                 $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_BUCKET] = false;
                 $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_PAYER_ACCOUNT] = false;
                 $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_REGION] = false;
             }
         }
         // user can mull certificate and private key, check it
         if (strpos($pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY], 'BEGIN CERTIFICATE') !== FALSE && strpos($pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE], 'BEGIN PRIVATE KEY') !== FALSE) {
             // swap it
             $key = $pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY];
             $pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] = $pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE];
             $pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE] = $key;
         }
         if ($pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_TYPE] == Entity\CloudCredentialsProperty::AWS_ACCOUNT_TYPE_GOV_CLOUD) {
             $region = \Scalr\Service\Aws::REGION_US_GOV_WEST_1;
         } else {
             if ($pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_TYPE] == Entity\CloudCredentialsProperty::AWS_ACCOUNT_TYPE_CN_CLOUD) {
                 $region = \Scalr\Service\Aws::REGION_CN_NORTH_1;
             } else {
                 $region = \Scalr\Service\Aws::REGION_US_EAST_1;
             }
         }
         if (!count($this->checkVarError)) {
             if ($pars[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY] != $ccProps[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY] or $pars[Entity\CloudCredentialsProperty::AWS_SECRET_KEY] != $ccProps[Entity\CloudCredentialsProperty::AWS_SECRET_KEY] or $pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] != $ccProps[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] or $pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE] != $ccProps[Entity\CloudCredentialsProperty::AWS_CERTIFICATE]) {
                 $aws = $this->env->aws($region, $pars[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY], $pars[Entity\CloudCredentialsProperty::AWS_SECRET_KEY], !empty($pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE]) ? $pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE] : null, !empty($pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY]) ? $pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] : null);
                 //Validates private key and certificate if they are provided
                 if (!empty($pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE]) || !empty($pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY])) {
                     try {
                         //SOAP is not supported anymore
                         //$aws->validateCertificateAndPrivateKey();
                     } catch (Exception $e) {
                         throw new Exception(_("Incorrect format of X.509 certificate or private key. Make sure that you are using files downloaded from AWS profile. ({$e->getMessage()})"));
                     }
                 }
                 //Validates both access and secret keys
                 try {
                     $buckets = $aws->s3->bucket->getList();
                 } catch (Exception $e) {
                     throw new Exception(sprintf(_("Failed to verify your EC2 access key and secret key: %s"), $e->getMessage()));
                 }
                 //Extract AWS Account ID
                 $pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID] = $aws->getAccountNumber();
                 try {
                     if ($ccProps[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID] != $pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID]) {
                         $this->db->Execute("DELETE FROM client_environment_properties WHERE name LIKE 'ec2.vpc.default%' AND env_id = ?", [$this->env->id]);
                     }
                 } catch (Exception $e) {
                 }
             } else {
                 $pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID] = $ccProps[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID];
             }
         } else {
             $this->response->failure();
             $this->response->data(['errors' => $this->checkVarError]);
             return;
         }
     }
     if ($enabled && $this->getContainer()->analytics->enabled && !empty($pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_BUCKET])) {
         try {
             $region = $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_REGION];
             $aws = $this->env->aws($region, $pars[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY], $pars[Entity\CloudCredentialsProperty::AWS_SECRET_KEY]);
             if (!empty($pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_PAYER_ACCOUNT]) && $aws->getAccountNumber() != $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_PAYER_ACCOUNT]) {
                 $payerCredentials = $this->getUser()->getAccount()->cloudCredentialsList([SERVER_PLATFORMS::EC2], [], [Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID => [['value' => $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_PAYER_ACCOUNT]]]]);
                 if (count($payerCredentials) == 0) {
                     throw new Exception("Payer account not found!");
                 }
                 $payerCredentials = $payerCredentials->current();
                 $aws = $this->env->aws($region, $payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY], $payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_SECRET_KEY], !empty($payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_CERTIFICATE]) ? $payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_CERTIFICATE] : null, !empty($payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY]) ? $payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] : null);
             }
             try {
                 $bucketObjects = $aws->s3->bucket->listObjects($pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_BUCKET]);
             } catch (ClientException $e) {
                 if ($e->getErrorData() && $e->getErrorData()->getCode() == ErrorData::ERR_AUTHORIZATION_HEADER_MALFORMED && preg_match("/expecting\\s+'(.+?)'/", $e->getMessage(), $matches) && in_array($matches[1], Aws::getCloudLocations())) {
                     $expectingRegion = $matches[1];
                     if (isset($payerCredentials)) {
                         $aws = $this->env->aws($expectingRegion, $payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY], $payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_SECRET_KEY], !empty($payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_CERTIFICATE]) ? $payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_CERTIFICATE] : null, !empty($payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY]) ? $payerCredentials->properties[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] : null);
                     } else {
                         $aws = $this->env->aws($expectingRegion, $pars[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY], $pars[Entity\CloudCredentialsProperty::AWS_SECRET_KEY]);
                     }
                     $bucketObjects = $aws->s3->bucket->listObjects($pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_BUCKET]);
                     $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_REGION] = $expectingRegion;
                 } else {
                     throw $e;
                 }
             }
             $objectName = (empty($pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_PAYER_ACCOUNT]) ? '' : "{$pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_PAYER_ACCOUNT]}-") . 'aws-billing-detailed-line-items-with-resources-and-tags';
             $objectExists = false;
             $bucketObjectName = null;
             foreach ($bucketObjects as $bucketObject) {
                 /* @var $bucketObject Scalr\Service\Aws\S3\DataType\ObjectData */
                 if (strpos($bucketObject->objectName, $objectName) !== false) {
                     $bucketObjectName = $bucketObject->objectName;
                     $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_ENABLED] = 1;
                     $objectExists = true;
                     break;
                 }
             }
             if (!$objectExists) {
                 $this->response->failure();
                 $this->response->data(['errors' => [Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_PAYER_ACCOUNT => "Object with name '{$objectName}' does not exist."]]);
                 return;
             }
             $aws->s3->object->getMetadata($pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_BUCKET], $bucketObjectName);
         } catch (Exception $e) {
             $this->response->failure();
             $this->response->data(['errors' => [Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_BUCKET => sprintf("Cannot access billing bucket with name %s. Error: %s", $pars[Entity\CloudCredentialsProperty::AWS_DETAILED_BILLING_BUCKET], $e->getMessage())]]);
             return;
         }
     }
     $this->db->BeginTrans();
     try {
         $this->env->enablePlatform(SERVER_PLATFORMS::EC2, $enabled);
         if ($enabled) {
             $this->makeCloudCredentials(SERVER_PLATFORMS::EC2, $pars);
             if ($this->getContainer()->analytics->enabled && $bNew) {
                 $this->getContainer()->analytics->notifications->onCloudAdd('ec2', $this->env, $this->user);
             }
         }
         if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) {
             $this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time());
         }
         //TODO: cloud suspension info must work with cloud credentials
         if ($enabled && $this->env->status == Scalr_Environment::STATUS_INACTIVE && $this->env->getPlatformConfigValue('system.auto-disable-reason')) {
             // env was inactive due invalid keys for amazon, activate it
             $this->env->status = Scalr_Environment::STATUS_ACTIVE;
             $this->env->save();
             $this->env->setPlatformConfig(['system.auto-disable-reason' => NULL]);
             $envAutoEnabled = true;
         }
         $this->db->CommitTrans();
     } catch (Exception $e) {
         $this->db->RollbackTrans();
         throw new Exception(_("Failed to save AWS settings: {$e->getMessage()}"));
     }
     $this->response->success('Cloud credentials have been ' . ($enabled ? 'saved' : 'removed from Scalr'));
     $this->response->data(['enabled' => $enabled, 'demoFarm' => $demoFarm, 'envAutoEnabled' => $envAutoEnabled]);
 }
예제 #2
0
파일: Platform.php 프로젝트: mheydt/scalr
 public function xSaveEc2Action()
 {
     $pars = array();
     $enabled = false;
     $ccProps = $this->env->cloudCredentials(SERVER_PLATFORMS::EC2)->properties;
     if ($this->getParam('ec2_is_enabled')) {
         $enabled = true;
         $pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID] = $this->checkVar(Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID, 'string', "AWS Account Number required", SERVER_PLATFORMS::EC2);
         if (!is_numeric($pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID]) || strlen($pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID]) != 12) {
             //$err[Ec2PlatformModule::ACCOUNT_ID] = _("AWS numeric account ID required (See <a href='/faq.html'>FAQ</a> for info on where to get it).");
             $this->checkVarError[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID] = _("AWS Account Number should be numeric");
         } else {
             $pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID] = preg_replace("/[^0-9]+/", "", $pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID]);
         }
         $pars[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY] = $this->checkVar(Entity\CloudCredentialsProperty::AWS_ACCESS_KEY, 'string', "AWS Access Key required", SERVER_PLATFORMS::EC2);
         $pars[Entity\CloudCredentialsProperty::AWS_SECRET_KEY] = $this->checkVar(Entity\CloudCredentialsProperty::AWS_SECRET_KEY, 'password', "AWS Access Key required", SERVER_PLATFORMS::EC2);
         $pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] = trim($this->checkVar(Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY, 'file', "AWS x.509 Private Key required", SERVER_PLATFORMS::EC2));
         $pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE] = trim($this->checkVar(Entity\CloudCredentialsProperty::AWS_CERTIFICATE, 'file', "AWS x.509 Certificate required", SERVER_PLATFORMS::EC2));
         // user can mull certificate and private key, check it
         if (strpos($pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY], 'BEGIN CERTIFICATE') !== FALSE && strpos($pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE], 'BEGIN PRIVATE KEY') !== FALSE) {
             // swap it
             $key = $pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY];
             $pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] = $pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE];
             $pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE] = $key;
         }
         if (!count($this->checkVarError)) {
             if ($pars[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID] != $ccProps[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID] or $pars[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY] != $ccProps[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY] or $pars[Entity\CloudCredentialsProperty::AWS_SECRET_KEY] != $ccProps[Entity\CloudCredentialsProperty::AWS_SECRET_KEY] or $pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] != $ccProps[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY] or $pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE] != $ccProps[Entity\CloudCredentialsProperty::AWS_CERTIFICATE]) {
                 try {
                     $aws = $this->env->aws(\Scalr\Service\Aws::REGION_US_EAST_1, $pars[Entity\CloudCredentialsProperty::AWS_ACCESS_KEY], $pars[Entity\CloudCredentialsProperty::AWS_SECRET_KEY], $pars[Entity\CloudCredentialsProperty::AWS_CERTIFICATE], $pars[Entity\CloudCredentialsProperty::AWS_PRIVATE_KEY]);
                     $aws->validateCertificateAndPrivateKey();
                 } catch (Exception $e) {
                     throw new Exception(_("Incorrect format of X.509 certificate or private key. Make sure that you are using files downloaded from AWS profile. ({$e->getMessage()})"));
                 }
                 try {
                     $buckets = $aws->s3->bucket->getList();
                 } catch (Exception $e) {
                     throw new Exception(sprintf(_("Failed to verify your EC2 access key and secret key: %s"), $e->getMessage()));
                 }
             }
         } else {
             $this->response->failure();
             $this->response->data(array('errors' => $this->checkVarError));
             return;
         }
     }
     $this->db->BeginTrans();
     try {
         $this->env->enablePlatform(SERVER_PLATFORMS::EC2, $enabled);
         if ($enabled) {
             $this->makeCloudCredentials(SERVER_PLATFORMS::EC2, $pars);
         }
         if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) {
             $this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time());
         }
         if ($this->env->status == Scalr_Environment::STATUS_INACTIVE) {
             $this->env->status = Scalr_Environment::STATUS_ACTIVE;
             $this->env->save();
         }
         $this->db->CommitTrans();
     } catch (Exception $e) {
         $this->db->RollbackTrans();
         throw new Exception(_("Failed to save AWS settings: {$e->getMessage()}"));
     }
     $demoFarm = false;
     $this->response->success('Environment saved');
     $this->response->data(array('enabled' => $enabled, 'demoFarm' => $demoFarm));
 }
예제 #3
0
 /**
  * {@inheritdoc}
  * @see PlatformModuleInterface::getImageInfo()
  */
 public function getImageInfo(\Scalr_Environment $environment, $cloudLocation, $imageId)
 {
     $info = [];
     $snap = $environment->aws($cloudLocation)->ec2->image->describe($imageId);
     if ($snap->count() > 0) {
         $sn = $snap->get(0);
         if ($sn->imageState == ImageData::STATE_AVAILABLE) {
             $info["name"] = $sn->name;
             $info["architecture"] = $sn->architecture;
             if ($sn->description) {
                 $info["description"] = $sn->description;
             }
             if ($sn->platform) {
                 // platform could be windows or empty string
                 $info["osFamily"] = $sn->platform;
             }
             if ($sn->rootDeviceType == "ebs" || $sn->rootDeviceType == "instance-store") {
                 $info["type"] = $sn->rootDeviceType;
                 if ($sn->virtualizationType == "hvm") {
                     $info["type"] .= "-hvm";
                 }
             }
             foreach ($sn->blockDeviceMapping as $b) {
                 if ($b->deviceName == $sn->rootDeviceName && $b->ebs) {
                     $info["size"] = $b->ebs->volumeSize;
                     $info["ec2VolumeType"] = $b->ebs->volumeType;
                     $info["ec2VolumeIops"] = $b->ebs->iops;
                 }
             }
         }
     }
     return $info;
 }
예제 #4
0
 public function getDefaultVpc(\Scalr_Environment $environment, $cloudLocation)
 {
     $vpcId = $environment->getPlatformConfigValue(self::DEFAULT_VPC_ID . ".{$cloudLocation}");
     if ($vpcId === null || $vpcId === false) {
         $vpcId = "";
         $aws = $environment->aws($cloudLocation);
         $list = $aws->ec2->describeAccountAttributes(array('default-vpc'));
         foreach ($list as $item) {
             if ($item->attributeName == 'default-vpc') {
                 $vpcId = $item->attributeValueSet[0]->attributeValue;
             }
         }
         if ($vpcId == 'none') {
             $vpcId = '';
         }
         $environment->setPlatformConfig(array(self::DEFAULT_VPC_ID . ".{$cloudLocation}" => $vpcId));
     }
     return $vpcId;
 }
예제 #5
0
파일: ApiTestCase.php 프로젝트: scalr/scalr
 /**
  * Gets unused image id from the cloud
  *
  * @param \Scalr_Environment $env               Scalr environment
  * @param string             $cloudLocation     Region
  * @return null|string
  */
 protected function getNewImageId(\Scalr_Environment $env, $cloudLocation)
 {
     $aws = $env->aws($cloudLocation);
     $cloudImageId = null;
     $existedImages = [];
     foreach (Image::find([['platform' => \SERVER_PLATFORMS::EC2], ['cloudLocation' => $cloudLocation], ['envId' => static::$testEnvId]]) as $img) {
         /* @var $img Image */
         $existedImages[$img->id] = $img;
     }
     foreach ($aws->ec2->image->describe(null, 'self') as $awsImage) {
         /* @var $awsImage \Scalr\Service\Aws\Ec2\DataType\ImageData */
         if (!isset($existedImages[$awsImage->imageId])) {
             $cloudImageId = $awsImage->imageId;
             break;
         }
     }
     return $cloudImageId;
 }
예제 #6
0
파일: Ec2.php 프로젝트: recipe/scalr
 /**
  * Gets the list of the EC2 instances
  * for the specified environment and AWS location
  *
  * @param   Scalr_Environment $environment Environment Object
  * @param   string            $region      EC2 location name
  * @param   bool              $skipCache   Whether it should skip the cache.
  * @return  array Returns array looks like array(InstanceId => stateName)
  */
 public function GetServersList(Scalr_Environment $environment, $region, $skipCache = false)
 {
     if (!$region) {
         return array();
     }
     if (empty($this->instancesListCache[$environment->id][$region]) || $skipCache) {
         try {
             $results = $environment->aws($region)->ec2->instance->describe();
         } catch (Exception $e) {
             throw new Exception(sprintf("Cannot get list of servers for platfrom ec2: %s", $e->getMessage()));
         }
         if (count($results)) {
             foreach ($results as $reservation) {
                 /* @var $reservation Scalr\Service\Aws\Ec2\DataType\ReservationData */
                 foreach ($reservation->instancesSet as $instance) {
                     /* @var $instance Scalr\Service\Aws\Ec2\DataType\InstanceData */
                     $this->instancesListCache[$environment->id][$region][$instance->instanceId] = $instance->instanceState->name;
                 }
             }
         }
     }
     return !empty($this->instancesListCache[$environment->id][$region]) ? $this->instancesListCache[$environment->id][$region] : array();
 }
예제 #7
0
파일: Platform.php 프로젝트: recipe/scalr
 public function xSaveEc2Action()
 {
     $pars = array();
     $enabled = false;
     if ($this->getParam('ec2_is_enabled')) {
         $enabled = true;
         $pars[Modules_Platforms_Ec2::ACCOUNT_ID] = $this->checkVar(Modules_Platforms_Ec2::ACCOUNT_ID, 'string', "AWS Account Number required");
         if (!is_numeric($pars[Modules_Platforms_Ec2::ACCOUNT_ID]) || strlen($pars[Modules_Platforms_Ec2::ACCOUNT_ID]) != 12) {
             //$err[Modules_Platforms_Ec2::ACCOUNT_ID] = _("AWS numeric account ID required (See <a href='/faq.html'>FAQ</a> for info on where to get it).");
             $this->checkVarError[Modules_Platforms_Ec2::ACCOUNT_ID] = _("AWS Account Number should be numeric");
         } else {
             $pars[Modules_Platforms_Ec2::ACCOUNT_ID] = preg_replace("/[^0-9]+/", "", $pars[Modules_Platforms_Ec2::ACCOUNT_ID]);
         }
         $pars[Modules_Platforms_Ec2::ACCESS_KEY] = $this->checkVar(Modules_Platforms_Ec2::ACCESS_KEY, 'string', "AWS Access Key required");
         $pars[Modules_Platforms_Ec2::SECRET_KEY] = $this->checkVar(Modules_Platforms_Ec2::SECRET_KEY, 'password', "AWS Access Key required");
         $pars[Modules_Platforms_Ec2::PRIVATE_KEY] = trim($this->checkVar(Modules_Platforms_Ec2::PRIVATE_KEY, 'file'));
         $pars[Modules_Platforms_Ec2::CERTIFICATE] = trim($this->checkVar(Modules_Platforms_Ec2::CERTIFICATE, 'file'));
         // user can mull certificate and private key, check it
         if (strpos($pars[Modules_Platforms_Ec2::PRIVATE_KEY], 'BEGIN CERTIFICATE') !== FALSE && strpos($pars[Modules_Platforms_Ec2::CERTIFICATE], 'BEGIN PRIVATE KEY') !== FALSE) {
             // swap it
             $key = $pars[Modules_Platforms_Ec2::PRIVATE_KEY];
             $pars[Modules_Platforms_Ec2::PRIVATE_KEY] = $pars[Modules_Platforms_Ec2::CERTIFICATE];
             $pars[Modules_Platforms_Ec2::CERTIFICATE] = $key;
         }
         if (!count($this->checkVarError)) {
             if ($pars[Modules_Platforms_Ec2::ACCOUNT_ID] != $this->env->getPlatformConfigValue(Modules_Platforms_Ec2::ACCOUNT_ID) or $pars[Modules_Platforms_Ec2::ACCESS_KEY] != $this->env->getPlatformConfigValue(Modules_Platforms_Ec2::ACCESS_KEY) or $pars[Modules_Platforms_Ec2::SECRET_KEY] != $this->env->getPlatformConfigValue(Modules_Platforms_Ec2::SECRET_KEY) or $pars[Modules_Platforms_Ec2::PRIVATE_KEY] != $this->env->getPlatformConfigValue(Modules_Platforms_Ec2::PRIVATE_KEY) or $pars[Modules_Platforms_Ec2::CERTIFICATE] != $this->env->getPlatformConfigValue(Modules_Platforms_Ec2::CERTIFICATE)) {
                 $aws = $this->env->aws(\Scalr\Service\Aws::REGION_US_EAST_1, $pars[Modules_Platforms_Ec2::ACCESS_KEY], $pars[Modules_Platforms_Ec2::SECRET_KEY], !empty($pars[Modules_Platforms_Ec2::CERTIFICATE]) ? $pars[Modules_Platforms_Ec2::CERTIFICATE] : null, !empty($pars[Modules_Platforms_Ec2::PRIVATE_KEY]) ? $pars[Modules_Platforms_Ec2::PRIVATE_KEY] : null);
                 if (!empty($pars[Modules_Platforms_Ec2::CERTIFICATE]) || !empty($pars[Modules_Platforms_Ec2::PRIVATE_KEY])) {
                     try {
                         $aws->validateCertificateAndPrivateKey();
                     } catch (Exception $e) {
                         throw new Exception(_("Incorrect format of X.509 certificate or private key. Make sure that you are using files downloaded from AWS profile. ({$e->getMessage()})"));
                     }
                 }
                 try {
                     $buckets = $aws->s3->bucket->getList();
                 } catch (Exception $e) {
                     throw new Exception(sprintf(_("Failed to verify your EC2 access key and secret key: %s"), $e->getMessage()));
                 }
             }
         } else {
             $this->response->failure();
             $this->response->data(array('errors' => $this->checkVarError));
             return;
         }
     }
     $this->db->BeginTrans();
     try {
         $this->env->enablePlatform(SERVER_PLATFORMS::EC2, $enabled);
         if ($enabled) {
             $this->env->setPlatformConfig($pars);
         }
         if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) {
             $this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time());
         }
         $this->db->CommitTrans();
     } catch (Exception $e) {
         $this->db->RollbackTrans();
         throw new Exception(_("Failed to save AWS settings: {$e->getMessage()}"));
     }
     try {
         if ($this->user->getAccount()->getSetting(Scalr_Account::SETTING_IS_TRIAL) == 1) {
             if ($this->db->GetOne("SELECT COUNT(*) FROM farms WHERE clientid = ?", array($this->user->getAccountId())) == 0) {
                 //Create demo farm
                 try {
                     $dbFarm = DBFarm::LoadByID(9670);
                     // LAMP-PROTOTYPE
                     $dbFarm->cloneFarm('My First LAMP Farm', $this->user, $this->getEnvironmentId());
                     $demoFarm = true;
                 } catch (Exception $e) {
                     throw new Exception("Demo farm creation failed: {$e->getMessage()}");
                 }
             }
         }
     } catch (Exception $e) {
     }
     $this->response->success('Environment saved');
     $this->response->data(array('enabled' => $enabled, 'demoFarm' => $demoFarm));
 }
예제 #8
0
 /**
  * Gets the list of the EC2 instances
  * for the specified environment and AWS location
  *
  * @param   \Scalr_Environment $environment Environment Object
  * @param   string            $region      EC2 location name
  * @param   bool              $skipCache   Whether it should skip the cache.
  * @return  array Returns array looks like array(InstanceId => stateName)
  */
 public function GetServersList(\Scalr_Environment $environment, $region, $skipCache = false)
 {
     if (!$region) {
         return array();
     }
     $aws = $environment->aws($region);
     $cacheKey = sprintf('%s:%s', $environment->id, $region);
     if (!isset($this->instancesListCache[$cacheKey]) || $skipCache) {
         $cacheValue = array();
         $nextToken = null;
         $results = null;
         do {
             try {
                 if (isset($results)) {
                     $nextToken = $results->getNextToken();
                 }
                 $results = $aws->ec2->instance->describe(null, null, $nextToken);
             } catch (Exception $e) {
                 throw new Exception(sprintf("Cannot get list of servers for platfrom ec2: %s", $e->getMessage()));
             }
             if (count($results)) {
                 foreach ($results as $reservation) {
                     /* @var $reservation Scalr\Service\Aws\Ec2\DataType\ReservationData */
                     foreach ($reservation->instancesSet as $instance) {
                         /* @var $instance Scalr\Service\Aws\Ec2\DataType\InstanceData */
                         $cacheValue[sprintf('%s:%s', $environment->id, $region)][$instance->instanceId] = $instance->instanceState->name;
                     }
                 }
             }
         } while ($results->getNextToken());
         foreach ($cacheValue as $offset => $value) {
             $this->instancesListCache[$offset] = $value;
         }
     }
     return isset($this->instancesListCache[$cacheKey]) ? $this->instancesListCache[$cacheKey] : array();
 }
예제 #9
0
 private function saveEc2()
 {
     $pars = array();
     $enabled = false;
     $envAutoEnabled = false;
     $bNew = !$this->env->isPlatformEnabled(SERVER_PLATFORMS::EC2);
     if ($this->getParam('ec2_is_enabled')) {
         $enabled = true;
         $pars[Ec2PlatformModule::ACCOUNT_TYPE] = trim($this->checkVar(Ec2PlatformModule::ACCOUNT_TYPE, 'string', "AWS Account Type required"));
         $pars[Ec2PlatformModule::ACCESS_KEY] = trim($this->checkVar(Ec2PlatformModule::ACCESS_KEY, 'string', "AWS Access Key required"));
         $pars[Ec2PlatformModule::SECRET_KEY] = trim($this->checkVar(Ec2PlatformModule::SECRET_KEY, 'password', "AWS Access Key required"));
         $pars[Ec2PlatformModule::PRIVATE_KEY] = trim($this->checkVar(Ec2PlatformModule::PRIVATE_KEY, 'file'));
         $pars[Ec2PlatformModule::CERTIFICATE] = trim($this->checkVar(Ec2PlatformModule::CERTIFICATE, 'file'));
         if ($this->getContainer()->analytics->enabled) {
             $pars[Ec2PlatformModule::DETAILED_BILLING_BUCKET] = $this->getParam(Ec2PlatformModule::DETAILED_BILLING_BUCKET) ?: null;
             $pars[Ec2PlatformModule::DETAILED_BILLING_ENABLED] = 0;
         }
         // user can mull certificate and private key, check it
         if (strpos($pars[Ec2PlatformModule::PRIVATE_KEY], 'BEGIN CERTIFICATE') !== FALSE && strpos($pars[Ec2PlatformModule::CERTIFICATE], 'BEGIN PRIVATE KEY') !== FALSE) {
             // swap it
             $key = $pars[Ec2PlatformModule::PRIVATE_KEY];
             $pars[Ec2PlatformModule::PRIVATE_KEY] = $pars[Ec2PlatformModule::CERTIFICATE];
             $pars[Ec2PlatformModule::CERTIFICATE] = $key;
         }
         if ($pars[Ec2PlatformModule::ACCOUNT_TYPE] == Ec2PlatformModule::ACCOUNT_TYPE_GOV_CLOUD) {
             $region = \Scalr\Service\Aws::REGION_US_GOV_WEST_1;
         } else {
             if ($pars[Ec2PlatformModule::ACCOUNT_TYPE] == Ec2PlatformModule::ACCOUNT_TYPE_CN_CLOUD) {
                 $region = \Scalr\Service\Aws::REGION_CN_NORTH_1;
             } else {
                 $region = \Scalr\Service\Aws::REGION_US_EAST_1;
             }
         }
         if (!count($this->checkVarError)) {
             if ($pars[Ec2PlatformModule::ACCESS_KEY] != $this->env->getPlatformConfigValue(Ec2PlatformModule::ACCESS_KEY) or $pars[Ec2PlatformModule::SECRET_KEY] != $this->env->getPlatformConfigValue(Ec2PlatformModule::SECRET_KEY) or $pars[Ec2PlatformModule::PRIVATE_KEY] != $this->env->getPlatformConfigValue(Ec2PlatformModule::PRIVATE_KEY) or $pars[Ec2PlatformModule::CERTIFICATE] != $this->env->getPlatformConfigValue(Ec2PlatformModule::CERTIFICATE)) {
                 $aws = $this->env->aws($region, $pars[Ec2PlatformModule::ACCESS_KEY], $pars[Ec2PlatformModule::SECRET_KEY], !empty($pars[Ec2PlatformModule::CERTIFICATE]) ? $pars[Ec2PlatformModule::CERTIFICATE] : null, !empty($pars[Ec2PlatformModule::PRIVATE_KEY]) ? $pars[Ec2PlatformModule::PRIVATE_KEY] : null);
                 //Validates private key and certificate if they are provided
                 if (!empty($pars[Ec2PlatformModule::CERTIFICATE]) || !empty($pars[Ec2PlatformModule::PRIVATE_KEY])) {
                     try {
                         //SOAP is not supported anymore
                         //$aws->validateCertificateAndPrivateKey();
                     } catch (Exception $e) {
                         throw new Exception(_("Incorrect format of X.509 certificate or private key. Make sure that you are using files downloaded from AWS profile. ({$e->getMessage()})"));
                     }
                 }
                 //Validates both access and secret keys
                 try {
                     $buckets = $aws->s3->bucket->getList();
                 } catch (Exception $e) {
                     throw new Exception(sprintf(_("Failed to verify your EC2 access key and secret key: %s"), $e->getMessage()));
                 }
                 //Extract AWS Account ID
                 $pars[Ec2PlatformModule::ACCOUNT_ID] = $aws->getAccountNumber();
                 try {
                     if ($this->env->getPlatformConfigValue(Ec2PlatformModule::ACCOUNT_ID) != $pars[Ec2PlatformModule::ACCOUNT_ID]) {
                         $this->db->Execute("DELETE FROM client_environment_properties WHERE name LIKE 'ec2.vpc.default%' AND env_id = ?", array($this->env->id));
                     }
                 } catch (Exception $e) {
                 }
             }
         } else {
             $this->response->failure();
             $this->response->data(array('errors' => $this->checkVarError));
             return;
         }
     }
     if ($enabled && $this->getContainer()->analytics->enabled && !empty($pars[Ec2PlatformModule::DETAILED_BILLING_BUCKET])) {
         try {
             $aws = $this->env->aws($region, $pars[Ec2PlatformModule::ACCESS_KEY], $pars[Ec2PlatformModule::SECRET_KEY]);
             $bucketObjects = $aws->s3->bucket->listObjects($pars[Ec2PlatformModule::DETAILED_BILLING_BUCKET]);
             $objectName = 'aws-billing-detailed-line-items-with-resources-and-tags';
             $objectExists = false;
             foreach ($bucketObjects as $bucketObject) {
                 /* @var $bucketObject Scalr\Service\Aws\S3\DataType\ObjectData */
                 if (strpos($bucketObject->objectName, $objectName) !== false) {
                     $pars[Ec2PlatformModule::DETAILED_BILLING_ENABLED] = 1;
                     $objectExists = true;
                     break;
                 }
             }
             if (!$objectExists) {
                 $this->response->failure();
                 $this->response->data(['errors' => [Ec2PlatformModule::DETAILED_BILLING_BUCKET => "Object with name 'aws-billing-detailed-line-items-with-resources-and-tags' does not exist."]]);
                 return;
             }
         } catch (Exception $e) {
             $this->response->failure();
             $this->response->data(['errors' => [Ec2PlatformModule::DETAILED_BILLING_BUCKET => sprintf("Cannot access billing bucket with name %s.", $pars[Ec2PlatformModule::DETAILED_BILLING_BUCKET])]]);
             return;
         }
     }
     $this->db->BeginTrans();
     try {
         $this->env->enablePlatform(SERVER_PLATFORMS::EC2, $enabled);
         if ($enabled) {
             $this->env->setPlatformConfig($pars);
             if ($this->getContainer()->analytics->enabled && $bNew) {
                 $this->getContainer()->analytics->notifications->onCloudAdd('ec2', $this->env, $this->user);
             }
         }
         if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) {
             $this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time());
         }
         if ($enabled && $this->env->status == Scalr_Environment::STATUS_INACTIVE && $this->env->getPlatformConfigValue('system.auto-disable-reason')) {
             // env was inactive due invalid keys for amazon, activate it
             $this->env->status = Scalr_Environment::STATUS_ACTIVE;
             $this->env->save();
             $this->env->setPlatformConfig(['system.auto-disable-reason' => NULL]);
             $envAutoEnabled = true;
         }
         $this->db->CommitTrans();
     } catch (Exception $e) {
         $this->db->RollbackTrans();
         throw new Exception(_("Failed to save AWS settings: {$e->getMessage()}"));
     }
     $this->response->success('Cloud credentials have been ' . ($enabled ? 'saved' : 'removed from Scalr'));
     $this->response->data(array('enabled' => $enabled, 'demoFarm' => $demoFarm, 'envAutoEnabled' => $envAutoEnabled));
 }