public function createSubnetAction()
{
$ec2 = $this->getEnvironment()->aws($this->getParam('cloudLocation'))->ec2;
$subnetLength = 24;
$subnetsList = $ec2->subnet->describe(null, array(array('name' => SubnetFilterNameType::vpcId(), 'value' => $this->getParam('vpcId'))));
$subnets = array();
foreach ($subnetsList as $subnet) {
@(list($ip, $len) = explode('/', $subnet->cidrBlock));
$subnets[] = array('min' => ip2long($ip), 'max' => ip2long($ip) | (1 << 32 - $len) - 1);
}
$vpcInfo = $ec2->vpc->describe($this->getParam('vpcId'));
/* @var $vpc \Scalr\Service\Aws\Ec2\DataType\VpcData */
$vpc = $vpcInfo->get(0);
$info = explode("/", $vpc->cidrBlock);
$startIp = ip2long($info[0]);
$maxIp = $startIp | (1 << 32 - $info[1]) - 1;
while ($startIp < $maxIp) {
$sIp = $startIp;
$eIp = $sIp | (1 << 32 - $subnetLength) - 1;
foreach ($subnets as $subnet) {
$checkRange = $subnet['min'] <= $sIp && $sIp <= $subnet['max'] && $subnet['min'] <= $eIp && $eIp <= $subnet['max'];
if ($checkRange) {
break;
}
}
if ($checkRange) {
$startIp = $eIp + 1;
} else {
$subnetIp = long2ip($startIp);
break;
}
}
if (!$subnetIp) {
throw new Exception("You don't have free space in your VPC network ({$vpc->cidrBlock}) to create additional subnets");
}
$this->response->page('ui/tools/aws/vpc/createSubnet.js', array('subnet' => "{$subnetIp}/{$subnetLength}", 'debug' => array('vpcCIDR' => $vpc->cidrBlock, 'subnets' => $subnets, 'maxIp' => array(long2ip($maxIp), $maxIp))));
}
/**
* @test
* @depends testFunctionalEc2
*/
public function testFunctionalVpc()
{
$this->skipIfEc2PlatformDisabled();
$aws = $this->getContainer()->aws(AwsTestCase::REGION);
$aws->ec2->enableEntityManager();
$nameTag = new ResourceTagSetData(self::TAG_NAME_KEY, self::getTestName(self::NAME_TAG_VALUE));
$ret = $aws->ec2->describeAccountAttributes(array('supported-platforms', 'default-vpc'));
$this->assertInstanceOf($this->getEc2ClassName('DataType\\AccountAttributeSetList'), $ret);
unset($ret);
//Removes previously created route tables if they exist.
$rtList = $aws->ec2->routeTable->describe(null, array(array('name' => RouteTableFilterNameType::tagName(), 'value' => self::getTestName(self::NAME_TAG_VALUE))));
$this->assertInstanceOf($this->getEc2ClassName('DataType\\RouteTableList'), $rtList);
foreach ($rtList as $rt) {
/* @var $rt RouteTableData */
foreach ($rt->routeSet as $route) {
/* @var $route RouteData */
try {
$route->delete();
} catch (ClientException $e) {
}
}
foreach ($rt->associationSet as $rtassoc) {
try {
$rtassoc->disassociate();
} catch (ClientException $e) {
}
}
$rt->delete();
}
unset($rtList);
//Removes previously created Network Interfaces if they have not been removed during past test executions.
$eniList = $aws->ec2->networkInterface->describe(null, array(array('name' => NetworkInterfaceFilterNameType::tag(self::TAG_NAME_KEY), 'value' => self::getTestName(self::NAME_TAG_VALUE))));
$this->assertInstanceOf($this->getEc2ClassName('DataType\\NetworkInterfaceList'), $eniList);
foreach ($eniList as $v) {
$v->delete();
}
unset($eniList);
$subnetList = $aws->ec2->subnet->describe(null, array(array('name' => SubnetFilterNameType::tag(self::TAG_NAME_KEY), 'value' => self::getTestName(self::NAME_TAG_VALUE))));
$this->assertInstanceOf($this->getEc2ClassName('DataType\\SubnetList'), $subnetList);
foreach ($subnetList as $subnet) {
/* @var $subnet SubnetData */
$subnet->delete();
}
unset($subnetList);
//Removes previously created Internet Gateways which has not been removed during previous test run.
$igwList = $aws->ec2->internetGateway->describe(null, array(array('name' => InternetGatewayFilterNameType::tag(self::TAG_NAME_KEY), 'value' => self::getTestName(self::NAME_TAG_VALUE))));
$this->assertInstanceOf($this->getEc2ClassName('DataType\\InternetGatewayList'), $igwList);
foreach ($igwList as $igw) {
/* @var $igw InternetGatewayData */
if (count($igw->attachmentSet)) {
//Detaches previously attachet VPC
$igw->attachmentSet->get(0)->detach();
for ($t = time(); time() - $t < 100 && !empty($igw->attachmentSet[0]) && $igw->attachmentSet[0]->state == InternetGatewayAttachmentData::STATE_DETACHING; sleep(3)) {
$igw = $igw->refresh();
}
}
//Deletes previously created internet gateways
$igw->delete();
}
unset($igwList);
//We should be assured that group which is used for the test does not exists
$list = $aws->ec2->securityGroup->describe(null, null, new SecurityGroupFilterData(SecurityGroupFilterNameType::groupName(), self::getTestName(self::NAME_SECURITY_GROUP_VPC)));
if (count($list) > 0) {
foreach ($list as $v) {
$v->delete();
}
}
unset($list);
//Describes VPC
$vpcList = $aws->ec2->vpc->describe(null, array(array('name' => VpcFilterNameType::tag(self::TAG_NAME_KEY), 'value' => self::getTestName(self::NAME_TAG_VALUE))));
$this->assertInstanceOf($this->getEc2ClassName('DataType\\VpcList'), $vpcList);
//We should remove VPC which has not been removed by some reason.
foreach ($vpcList as $vpc) {
$vpc->delete();
unset($vpc);
}
unset($vpcList);
//Creates VPC
$vpc = $aws->ec2->vpc->create('10.0.0.0/16');
$this->assertInstanceOf($this->getEc2ClassName('DataType\\VpcData'), $vpc);
for ($t = time(); time() - $t < 600 && $vpc->state !== VpcData::STATE_AVAILABLE;) {
sleep(5);
$vpc = $vpc->refresh();
}
$this->assertTrue($vpc->state == VpcData::STATE_AVAILABLE);
$ret = $vpc->createTags($nameTag);
$this->assertTrue($ret);
//Creates an VPC Security group
$securityGroupId = $aws->ec2->securityGroup->create(self::getTestName(self::NAME_SECURITY_GROUP_VPC), self::getTestName(self::NAME_SECURITY_GROUP_VPC) . ' description', $vpc->vpcId);
$this->assertNotEmpty($securityGroupId);
sleep(2);
$sg = $aws->ec2->securityGroup->describe(null, $securityGroupId)->get(0);
$this->assertInstanceOf($this->getEc2ClassName('DataType\\SecurityGroupData'), $sg);
//Authorizes security group Egress
//Example, how to construct the list with arrays
$ipperm3array = array(array('ipProtocol' => 'tcp', 'fromPort' => 80, 'toPort' => 80, 'ipRanges' => array(array('cidrIp' => '192.0.2.0/24'), array('cidrIp' => '198.51.100.0/24'))));
$ipperm3 = new IpPermissionList($ipperm3array);
$this->assertInstanceOf($this->getEc2ClassName('DataType\\IpPermissionData'), $ipperm3->get(0));
$this->assertInstanceOf($this->getEc2ClassName('DataType\\IpRangeList'), $ipperm3->get(0)->ipRanges);
$this->assertEquals(2, $ipperm3->get(0)->ipRanges->count());
$this->assertEquals('192.0.2.0/24', $ipperm3->get(0)->ipRanges->get(0)->cidrIp);
$this->assertEquals('198.51.100.0/24', $ipperm3->get(0)->ipRanges->get(1)->cidrIp);
//The same can be produced in the another way
$ipperm4 = new IpPermissionList(new IpPermissionData('tcp', 80, 80, array(new IpRangeData('192.0.2.0/24'), new IpRangeData('198.51.100.0/24'))));
//Checks the equality
$this->assertEquals($ipperm3->toArray(), $ipperm4->toArray());
//Authorizes IP Permission Egress
$ret = $sg->authorizeEgress($ipperm3);
$this->assertTrue($ret);
sleep(1);
//Checks if specified IP Permission is successfully set
$sg->refresh();
$this->assertContains('192.0.2.0/24', $sg->ipPermissionsEgress->getQueryArrayBare());
//Revokes IP Permission Egress
//You may pass an array directly to the method
$ret = $sg->revokeEgress($ipperm3array);
$this->assertTrue($ret);
sleep(3);
$sg->refresh();
//Checks if IP Permission is successfully revoked.
$this->assertNotContains('192.0.2.0/24', $sg->ipPermissionsEgress->getQueryArrayBare());
$this->assertNotContains('198.51.100.0/24', $sg->ipPermissionsEgress->getQueryArrayBare());
//Creates subneet for the networkInterface
$subnet = $aws->ec2->subnet->create($vpc->vpcId, '10.0.0.0/16');
$this->assertInstanceOf($this->getEc2ClassName('DataType\\SubnetData'), $subnet);
for ($t = time(); time() - $t < 600 && $subnet->state !== SubnetData::STATE_AVAILABLE;) {
sleep(5);
$subnet = $subnet->refresh();
}
$this->assertTrue($subnet->state == SubnetData::STATE_AVAILABLE);
$ret = $subnet->createTags($nameTag);
$this->assertTrue($ret);
//Creates network interface
$eni = $aws->ec2->networkInterface->create($subnet->subnetId);
$this->assertInstanceOf($this->getEc2ClassName('DataType\\NetworkInterfaceData'), $eni);
sleep(4);
$ret = $eni->createTags($nameTag);
$this->assertTrue($ret);
//DescribeAttribute test
foreach (NetworkInterfaceAttributeType::getAllowedValues() as $attr) {
$expected = $eni->{$attr};
$v = $eni->describeAttribute($attr);
$this->assertEquals($expected, $v);
if (is_object($v)) {
//It's true only if entityManager is enabled
$this->assertSame($eni->{$attr}, $v);
}
}
//ModifyAttribute test
$ret = $eni->modifyAttribute(NetworkInterfaceAttributeType::sourceDestCheck(), true);
$this->assertTrue($ret);
//ResetAttrubute test
$ret = $eni->resetAttribute(NetworkInterfaceAttributeType::sourceDestCheck());
$this->assertTrue($ret);
//Creates Internet Gateway
$igw = $aws->ec2->internetGateway->create();
$this->assertInstanceOf($this->getEc2ClassName('DataType\\InternetGatewayData'), $igw);
$this->assertNotEmpty($igw->internetGatewayId);
sleep(4);
$igw->createTags($nameTag);
//Attaches Internet Gateway to VPC
$ret = $igw->attach($vpc->vpcId);
$this->assertTrue($ret);
$t = time();
do {
sleep(3);
$igw = $igw->refresh();
//Verifies that external index for attachmentSet is set properly.
$this->assertEquals($igw->internetGatewayId, $igw->attachmentSet[0]->getInternetGatewayId());
} while (time() - $t < 100 && $igw->attachmentSet[0]->state != InternetGatewayAttachmentData::STATE_ATTACHED);
$this->assertTrue($igw->attachmentSet[0]->state == InternetGatewayAttachmentData::STATE_AVAILABLE);
//Detaches Internet Gateway from VPC
$ret = $igw->detach($vpc->vpcId);
$this->assertTrue($ret);
for ($t = time(); time() - $t < 100 && count($igw->attachmentSet) && $igw->attachmentSet[0]->state == InternetGatewayAttachmentData::STATE_DETACHING; sleep(3)) {
$igw = $igw->refresh();
}
$this->assertTrue($igw->attachmentSet[0]->state !== InternetGatewayAttachmentData::STATE_DETACHING);
//Creates RouteTable
$rt = $vpc->createRouteTable();
$this->assertInstanceOf($this->getEc2ClassName('DataType\\RouteTableData'), $rt);
$this->assertNotEmpty($rt->routeTableId);
$this->assertEquals($vpc->vpcId, $rt->vpcId);
sleep(5);
$ret = $rt->createTags($nameTag);
$this->assertTrue($ret);
//Associates route table with the subnet
$associationId = $rt->associate($subnet->subnetId);
$this->assertNotEmpty($associationId);
$rt = $rt->refresh();
$this->assertTrue(count($rt->associationSet) > 0);
$c = array();
foreach ($rt->associationSet as $rtassoc) {
/* @var $rtassoc RouteTableAssociationData */
$c[] = $rtassoc->routeTableAssociationId;
}
$this->assertContains($associationId, $c);
//Adds Route to Route Table
$destinationCidrBlock = '0.0.0.0/0';
$ret = $rt->createRoute($destinationCidrBlock, null, null, $eni->networkInterfaceId);
$this->assertTrue($ret);
$rt = $rt->refresh();
$this->assertTrue(count($rt->routeSet) > 0);
$c = array();
foreach ($rt->routeSet as $route) {
/* @var $route RouteData */
$c[$route->destinationCidrBlock] = $route;
unset($route);
}
$this->assertArrayHasKey($destinationCidrBlock, $c);
$route = $c[$destinationCidrBlock];
//Deletes Route
$ret = $route->delete();
$this->assertTrue($ret);
unset($route);
$rt = $rt->refresh();
//Disassociates route table with the subnet
foreach ($rt->associationSet as $rtassoc) {
if ($rtassoc->routeTableAssociationId == $associationId) {
$ret = $rtassoc->disassociate();
$this->assertTrue($ret);
}
}
//RunInstance test
$request = new RunInstancesRequestData(self::INSTANCE_IMAGE_ID, 1, 1);
$request->instanceType = self::INSTANCE_TYPE;
//Placement groups may not be used with instances of type 'm1.small'.
$request->setPlacement(new PlacementResponseData($subnet->availabilityZone));
$request->setMonitoring(true);
// test Assosiate Public Ip
$instanceList = new Ec2\DataType\InstanceNetworkInterfaceSetRequestList();
$instanceData = new Ec2\DataType\InstanceNetworkInterfaceSetRequestData();
$instanceData->deviceIndex = 0;
$instanceData->associatePublicIpAddress = true;
$instanceData->subnetId = $subnet->subnetId;
$instanceList->append($instanceData);
$request->setNetworkInterface($instanceList);
$request->userData = base64_encode("test=26;");
$rd = $aws->ec2->instance->run($request);
$this->assertInstanceOf($this->getEc2ClassName('DataType\\ReservationData'), $rd);
sleep(60);
//Terminates the instance
$ind = $rd->instancesSet[0];
$st = $ind->terminate();
$this->assertInstanceOf($this->getEc2ClassName('DataType\\InstanceStateChangeList'), $st);
$this->assertEquals(1, count($st));
$this->assertEquals($rd->instancesSet[0]->instanceId, $st[0]->getInstanceId());
for ($t = time(); time() - $t < 200 && $ind && $ind->instanceState->name != InstanceStateData::NAME_TERMINATED; sleep(5)) {
$ind = $ind->refresh();
}
$this->assertTrue(!$ind || $ind->instanceState->name == InstanceStateData::NAME_TERMINATED);
if (isset($ind)) {
unset($ind);
}
//Removes Route Table
$ret = $rt->delete();
$this->assertTrue($ret);
//Removes Internet Gateway
$ret = $igw->delete();
$this->assertTrue($ret);
//Removes Network Interface
$ret = $eni->delete();
$this->assertTrue($ret);
//Removes Subnet
$ret = $subnet->delete();
$this->assertTrue($ret);
//Removes securigy group
$ret = $sg->delete();
$this->assertTrue($ret);
//Removes VPC
$ret = $vpc->delete();
$this->assertTrue($ret);
$aws->ec2->getEntityManager()->detachAll();
}
/**
* @test
* @functional
*/
public function testComplex()
{
$user = $this->getUser();
$environment = $this->getEnvironment();
$fictionController = new ApiController();
/* @var $farm Farm */
$farm = static::createEntity(new Farm(), ['changedById' => $user->getId(), 'name' => "{$this->uuid}-farm", 'comments' => "{$this->uuid}-description", 'envId' => $environment->id, 'accountId' => $user->getAccountId(), 'ownerId' => $user->getId()]);
/* @var $roles EntityIterator */
/* @var $role Role */
$roles = Role::findByName('base-ubuntu1404');
if (empty($roles) || !count($roles)) {
$this->markTestSkipped("Not found suitable role, required role - 'base-ubuntu1404'");
} else {
$role = $roles->current();
}
//test Governance
$this->getGovernance();
/* @var $vpcList VpcList */
$vpcList = \Scalr::getContainer()->aws(self::TEST_REGION, $this->getEnvironment())->ec2->vpc->describe(self::TEST_VPC_ID);
/* @var $vpc VpcData */
$vpc = $vpcList->current();
/* @var $subnetList SubnetList */
$subnetList = \Scalr::getContainer()->aws(self::TEST_REGION, $this->getEnvironment())->ec2->subnet->describe(null, [['name' => SubnetFilterNameType::vpcId(), 'value' => $vpc->vpcId]]);
/* @var $subnet SubnetData */
$subnet = $subnetList->current();
//setup test governance
$vpcId = $vpc->vpcId;
$subnetId = $subnet->subnetId;
$governanceConfiguration = [SERVER_PLATFORMS::EC2 => [Scalr_Governance::INSTANCE_TYPE => ['enabled' => true, 'limits' => ['value' => ['t1.micro', 't2.small', 't2.medium', 't2.large'], 'default' => ['t2.small']]], Scalr_Governance::AWS_VPC => ['enabled' => true, 'limits' => ['regions' => [self::TEST_REGION => ['default' => true, 'ids' => [$vpcId]]], 'ids' => [$vpcId => [$subnetId]]]]]];
$this->setupGovernanceConfiguration($governanceConfiguration);
//farm role data
$data = ['role' => ['id' => $role->id], 'alias' => 't-ps', 'platform' => SERVER_PLATFORMS::EC2, 'placement' => ['placementConfigurationType' => FarmRoles::AWS_CLASSIC_PLACEMENT_CONFIGURATION, 'region' => static::TEST_REGION], 'scaling' => ['enabled' => true, 'minInstances' => 2, 'maxInstances' => 3], 'instance' => ['instanceConfigurationType' => FarmRoles::AWS_INSTANCE_CONFIGURATION, 'instanceType' => ['id' => 't1.micro']]];
//create farmRole with wrong instance type
$data['instance']['instanceType']['id'] = 'm1.small';
$response = $this->postFarmRole($farm->id, $data);
$this->assertErrorMessageContains($response, 400, ErrorMessage::ERR_INVALID_VALUE);
//Add AWS VPC settings
$farm->settings[FarmSetting::EC2_VPC_ID] = $vpc->vpcId;
$farm->settings[FarmSetting::EC2_VPC_REGION] = self::TEST_REGION;
$farm->save();
//create farm role with AwsClassicPlacementConfiguration
$data['instance']['instanceType']['id'] = 't2.small';
$response = $this->postFarmRole($farm->id, $data);
$this->assertErrorMessageContains($response, 400, ErrorMessage::ERR_INVALID_STRUCTURE);
//create farm role with incorrect subnet
$subnetList->next();
/* @var $incorrectSubnet SubnetData */
$incorrectSubnet = $subnetList->current();
$data['placement'] = ['region' => self::TEST_REGION, 'placementConfigurationType' => 'AwsVpcPlacementConfiguration', 'subnets' => [['id' => $incorrectSubnet->subnetId]]];
$response = $this->postFarmRole($farm->id, $data);
$this->assertErrorMessageContains($response, 400, ErrorMessage::ERR_INVALID_VALUE);
//create farm role with incorrect region
$data['placement'] = ['region' => Aws::REGION_US_WEST_1, 'placementConfigurationType' => 'AwsVpcPlacementConfiguration', 'subnets' => [['id' => $subnetId]]];
$response = $this->postFarmRole($farm->id, $data);
$this->assertErrorMessageContains($response, 400, ErrorMessage::ERR_INVALID_VALUE);
//post farm role correct data
$data['placement']['region'] = self::TEST_REGION;
$data['alias'] = 't-ps-1';
$response = $this->postFarmRole($farm->id, $data);
$this->assertEquals(201, $response->status, $this->printResponseError($response));
$farmRoleId = $response->getBody()->data->id;
/* @var $farmRole FarmRole */
$farmRole = FarmRole::findPk($farmRoleId);
$this->assertNotEmpty($farmRole);
$this->farmRoleToDelete($farmRoleId);
$data['scaling']['rules'] = [];
$this->assertObjectEqualsEntity($data, $farmRole);
//Reset AWS VPC settings
$farm->settings[FarmSetting::EC2_VPC_ID] = null;
$farm->settings[FarmSetting::EC2_VPC_REGION] = null;
$farm->save();
//set default governance settings
$this->restoreGovernanceConfiguration();
//test farm roles post
$data = ['role' => ['id' => $role->id], 'alias' => 't-ps-2', 'platform' => SERVER_PLATFORMS::EC2, 'placement' => ['placementConfigurationType' => FarmRoles::AWS_CLASSIC_PLACEMENT_CONFIGURATION, 'region' => static::TEST_REGION], 'scaling' => ['enabled' => true, 'minInstances' => 2, 'maxInstances' => 3], 'instance' => ['instanceConfigurationType' => FarmRoles::AWS_INSTANCE_CONFIGURATION, 'instanceType' => ['id' => 't1.micro']]];
$response = $this->postFarmRole($farm->id, $data);
$this->assertEquals(201, $response->status, $this->printResponseError($response));
$farmRoleId = $response->getBody()->data->id;
/* @var $farmRole FarmRole */
$farmRole = FarmRole::findPk($farmRoleId);
$this->assertNotEmpty($farmRole);
$this->farmRoleToDelete($farmRoleId);
$data['placement']['availabilityZones'] = '';
$data['scaling']['rules'] = [];
$this->assertObjectEqualsEntity($data, $farmRole);
//test farm role modify scaling
$data = ['scaling' => ['enabled' => false]];
$response = $this->modifyFarmRole($farmRole->id, $data);
$this->assertEquals(200, $response->status, $this->printResponseError($response));
$farmRoleData = $response->getBody()->data;
$this->assertObjectHasAttribute('scaling', $farmRoleData);
$scalingConfiguration = $farmRoleData->scaling;
$this->assertObjectNotHasAttribute('enabled', $scalingConfiguration);
//test modify instance
$data = ['instance' => ['instanceConfigurationType' => FarmRoles::AWS_INSTANCE_CONFIGURATION, 'instanceType' => 'm3.medium']];
$response = $this->modifyFarmRole($farmRole->id, $data);
$this->assertEquals(200, $response->status, $this->printResponseError($response));
$farmRoleData = $response->getBody()->data;
$this->assertObjectHasAttribute('instance', $farmRoleData);
$instanceConfiguration = $farmRoleData->instance;
$this->assertObjectHasAttribute('instanceType', $instanceConfiguration);
$instanceType = $instanceConfiguration->instanceType;
$this->assertObjectHasAttribute('id', $instanceType);
$this->assertEquals('m3.medium', $instanceType->id);
//test list farm roles filters
$farmRoles = $this->listFarmRoles($farm->id);
$farmRoleAdapter = $this->getAdapter('farmRole');
$filterable = $farmRoleAdapter->getRules()[ApiEntityAdapter::RULE_TYPE_FILTERABLE];
/* @var $farmRole FarmRole */
foreach ($farmRoles as $farmRole) {
foreach ($filterable as $property) {
$filterValue = $farmRole->{$property};
$listResult = $this->listFarmRoles($farm->id, [$property => $filterValue]);
if (!static::isRecursivelyEmpty($filterValue)) {
foreach ($listResult as $filtered) {
$this->assertEquals($filterValue, $filtered->{$property}, "Property '{$property}' mismatch");
}
}
}
$response = $this->getFarmRole($farmRole->id);
$this->assertEquals(200, $response->status, $this->printResponseError($response));
$dbFarmRole = FarmRole::findPk($farmRole->id);
$this->assertObjectEqualsEntity($response->getBody()->data, $dbFarmRole, $farmRoleAdapter);
}
}
public function getSubnetsList($cloudLocation, $vpcId)
{
$aws = $this->getEnvironment()->aws($cloudLocation);
$subnets = $aws->ec2->subnet->describe(null, array(array('name' => SubnetFilterNameType::vpcId(), 'value' => $vpcId)));
$rows = array();
foreach ($subnets as $subnet) {
/* @var $subnet \Scalr\Service\Aws\Ec2\DataType\SubnetData */
$item = array('id' => $subnet->subnetId, 'description' => "{$subnet->subnetId}", 'sidr' => $subnet->cidrBlock, 'availability_zone' => $subnet->availabilityZone, 'ips_left' => $subnet->availableIpAddressCount, 'name' => 'No name');
foreach ($subnet->tagSet as $tag) {
if ($tag->key == 'scalr-sn-type') {
$item['internet'] = $tag->value;
}
if ($tag->key == 'Name') {
$item['name'] = $tag->value;
}
}
$item['description'] = "{$item['name']} - {$subnet->subnetId}";
$rows[] = $item;
}
return $rows;
}
public function onFarmSave(DBFarm $dbFarm, DBFarmRole $dbFarmRole)
{
$vpcId = $dbFarm->GetSetting(DBFarm::SETTING_EC2_VPC_ID);
if (!$vpcId) {
//REMOVE VPC RELATED SETTINGS
return;
}
if ($dbFarmRole->GetSetting(self::ROLE_VPC_ROUTER_CONFIGURED) == 1) {
// ALL OBJECTS ALREADY CONFIGURED
return true;
}
$aws = $dbFarm->GetEnvironmentObject()->aws($dbFarmRole->CloudLocation);
$filter = array(array('name' => SubnetFilterNameType::vpcId(), 'value' => $vpcId), array('name' => SubnetFilterNameType::tagKey(), 'value' => 'scalr-sn-type'), array('name' => SubnetFilterNameType::tagValue(), 'value' => self::INTERNET_ACCESS_FULL));
// Try to find scalr FULL subnet
$subnets = $aws->ec2->subnet->describe(null, $filter);
if ($subnets->count() > 0) {
$subnetId = $subnets->get(0)->subnetId;
}
if (!$subnetId) {
$platform = PlatformFactory::NewPlatform(SERVER_PLATFORMS::EC2);
$subnet = $platform->AllocateNewSubnet($aws->ec2, $vpcId, null);
$subnetId = $subnet->subnetId;
//ADD TAGS
try {
$subnet->createTags(array(array('key' => "scalr-id", 'value' => SCALR_ID), array('key' => "scalr-sn-type", 'value' => self::INTERNET_ACCESS_FULL), array('key' => "Name", 'value' => 'Scalr System Subnet')));
} catch (Exception $e) {
}
$routingTableId = $platform->getRoutingTable(self::INTERNET_ACCESS_FULL, $aws, null, $vpcId);
//Associate Routing table with subnet
$aws->ec2->routeTable->associate($routingTableId, $subnetId);
}
$niId = $dbFarmRole->GetSetting(self::ROLE_VPC_NID);
if (!$niId) {
//Create Network interface
$createNetworkInterfaceRequestData = new CreateNetworkInterfaceRequestData($subnetId);
// Check and create security group
$filter = array(array('name' => SecurityGroupFilterNameType::groupName(), 'value' => array('SCALR-VPC')), array('name' => SecurityGroupFilterNameType::vpcId(), 'value' => $vpcId));
try {
$list = $aws->ec2->securityGroup->describe(null, null, $filter);
if ($list->count() > 0 && $list->get(0)->groupName == 'SCALR-VPC') {
$sgId = $list->get(0)->groupId;
}
} catch (Exception $e) {
throw new Exception("Cannot get list of security groups (1): {$e->getMessage()}");
}
if (!$sgId) {
$sgId = $aws->ec2->securityGroup->create('SCALR-VPC', 'System SG for Scalr VPC integration', $vpcId);
$ipRangeList = new IpRangeList();
$ipRangeList->append(new IpRangeData('0.0.0.0/0'));
$ipRangeListLocal = new IpRangeList();
$ipRangeListLocal->append(new IpRangeData('10.0.0.0/8'));
$aws->ec2->securityGroup->authorizeIngress(array(new IpPermissionData('tcp', 8008, 8013, $ipRangeList), new IpPermissionData('tcp', 80, 80, $ipRangeList), new IpPermissionData('tcp', 443, 443, $ipRangeList), new IpPermissionData('tcp', 0, 65535, $ipRangeListLocal), new IpPermissionData('udp', 0, 65535, $ipRangeListLocal)), $sgId);
}
$createNetworkInterfaceRequestData->setSecurityGroupId(array('groupId' => $sgId));
$networkInterface = $aws->ec2->networkInterface->create($createNetworkInterfaceRequestData);
// Disable sourceDeskCheck
$networkInterface->modifyAttribute(NetworkInterfaceAttributeType::sourceDestCheck(), 0);
$niId = $networkInterface->networkInterfaceId;
$dbFarmRole->SetSetting(self::ROLE_VPC_NID, $niId, DBFarmRole::TYPE_LCL);
try {
$networkInterface->createTags(array(array('key' => "scalr-id", 'value' => SCALR_ID), array('key' => "Name", 'value' => 'Scalr System ENI')));
} catch (Exception $e) {
}
}
// If there is no public IP allocate it and associate with NI
$publicIp = $dbFarmRole->GetSetting(self::ROLE_VPC_IP);
if ($niId && !$publicIp) {
$address = $aws->ec2->address->allocate('vpc');
$publicIp = $address->publicIp;
$dbFarmRole->SetSetting(self::ROLE_VPC_IP, $publicIp, DBFarmRole::TYPE_LCL);
$dbFarmRole->SetSetting(self::ROLE_VPC_AID, $address->allocationId, DBFarmRole::TYPE_LCL);
$associateAddressRequestData = new AssociateAddressRequestData();
$associateAddressRequestData->networkInterfaceId = $niId;
$associateAddressRequestData->allocationId = $address->allocationId;
//Associate PublicIP with NetworkInterface
$aws->ec2->address->associate($associateAddressRequestData);
}
$dbFarmRole->SetSetting(self::ROLE_VPC_ROUTER_CONFIGURED, 1, DBFarmRole::TYPE_LCL);
}
public function AllocateNewSubnet(\Scalr\Service\Aws\Ec2 $ec2, $vpcId, $availZone, $subnetLength = 24)
{
// HARDCODE THIS
$subnetLength = 24;
$subnetsList = $ec2->subnet->describe(null, array(array('name' => SubnetFilterNameType::vpcId(), 'value' => $vpcId)));
$subnets = array();
foreach ($subnetsList as $subnet) {
@(list($ip, $len) = explode('/', $subnet->cidrBlock));
$subnets[] = array('min' => ip2long($ip), 'max' => ip2long($ip) | (1 << 32 - $len) - 1);
}
$vpcInfo = $ec2->vpc->describe($vpcId);
/* @var $vpc \Scalr\Service\Aws\Ec2\DataType\VpcData */
$vpc = $vpcInfo->get(0);
$info = explode("/", $vpc->cidrBlock);
$startIp = ip2long($info[0]);
$maxIp = $startIp | (1 << 32 - $info[1]) - 1;
while ($startIp < $maxIp) {
$sIp = $startIp;
$eIp = $sIp | (1 << 32 - $subnetLength) - 1;
foreach ($subnets as $subnet) {
$checkRange = $subnet['min'] <= $sIp && $sIp <= $subnet['max'] && $subnet['min'] <= $eIp && $eIp <= $subnet['max'];
if ($checkRange) {
break;
}
}
if ($checkRange) {
$startIp = $eIp + 1;
} else {
$subnetIp = long2ip($startIp);
break;
}
}
return $ec2->subnet->create($vpcId, "{$subnetIp}/{$subnetLength}", $availZone);
}
