02_elasticip_assigner.config

files:
  "/tmp/eip-exclusion":
    mode: "00555"
    owner: root
    group: root
    encoding: plain
    content: |
      # DevOps Production IPs in US-WEST-2
      1.1.1.1
	  2.2.2.2
      # DevOps Production IPs in US-EAST-1
      3.3.3.3
      4.4.4.4
    
  "/usr/local/PRODUCT-tools/assign-eip":
    mode: "00555"
    owner: root
    group: root
    encoding: plain
    content: |
      #!/usr/bin/env python
      
      """
      Assign an Elastic IP to THIS instance, allocate new if required
      -------------------------------------------------------------------
      Creator: Dave North <dnorth98@gmail.com>
      
      Requires: boto
      """
      
      import os
      import sys
      import time
      import syslog
      import boto.ec2
      import boto.sqs
      import boto.utils
      
      lockQueueNameFile = "/usr/local/PRODUCT-tools/EIPQUEUENAME"
      
      def myLog(message):
          procName = __file__
          syslogMsg = procName + ": " + message
          syslog.syslog(syslogMsg)
          print '%s' % message
      
      def getLock(queueFile,region):
        # Use the SQS queue as as lock so we don't have 2 instances trying to obtain
        # EIPs at the same time

        queueName = None

        # get the lock queue name. It's written to this file by the beanstalk resources
        myLog("getLock: Reading queue name from file %s" % queueFile)
        if ( os.path.exists(queueFile) ):
          with open(queueFile) as f:
            queueName = f.readline()
            queueName = queueName.rstrip();
        else:
          myLog("getLock: unable to read queue name from file %s" %queueFile)

        myLog("getLock: queueName %s" % queueName)

        lockAcquired = None
        readAttempts = 10
        readDelay = 10

        sqsConn = boto.sqs.connect_to_region(region)
        lockQueue = sqsConn.get_queue(queueName)

        if (lockQueue):
          myLog("getLock: Successfully found SQS queue")
          currentReadAttempt = 0

          while currentReadAttempt <= readAttempts:
            myLog("getLock: Reading from queue - attempt %s" % currentReadAttempt)
            messages = lockQueue.get_messages(1)
            
            if ( len(messages) == 0 ):
              # We did not get the lock - sleep and try again
              myLog("getLock: No messages read from queue - retrying in %i seconds" % readDelay)
              time.sleep(readDelay)
            else:
              # We did get the lock - break out and return
              myLog("getLock: message read from queue - lock acquired")
              lockAcquired = True
              break

            currentReadAttempt +=1
        else:
          myLog("getLock: Unable to find SQS queue %s in region %s" % (queueName,region))

        return lockAcquired

      ####################### MAINLINE ######################################
      myLog("Elastic IP Assigner starts....")

      # get our current region and instance ID for "this" instance
      region = boto.utils.get_instance_metadata()['placement']['availability-zone'][:-1]
      current_instance_id = boto.utils.get_instance_metadata()['instance-id']

      conn = boto.ec2.connect_to_region(region)

      exclusionsFile = ""

      # Get the file containing any EIPs that should not excluded
      # needed because we have some reserved IPs in production
      if ( len(sys.argv) == 2 ):
        exclusionsFile = sys.argv[1]
        myLog("Reading elastic IP exclusions from file: %s" % exclusionsFile)

      elasticExclusions = {}
      if (exclusionsFile):
        with open(exclusionsFile) as f:
          for line in f:
            if (line[0] == "#"):
              continue
            key = line.rstrip()
            elasticExclusions[key] = 1

      # Obtain a lock
      if ( getLock(lockQueueNameFile,region) ):
        myLog("Successfully obtained lock from SQS queue")

        # Get a list of all elastic IPs
        all_region_eips = conn.get_all_addresses()

        proceedWithAssignment = True
        elasticIP = ""

        for eip in all_region_eips:
          if ( eip.domain == "standard" ):
            if (eip.instance_id == current_instance_id):
              # There is already an EIP assigned to this instance
              myLog("This instance is already using elastic IP: %s" % eip.public_ip)
              elasticIP = eip.public_ip
              proceedWithAssignment = False

          if ( (not eip.instance_id) and (not elasticIP) ):
            # this is an unallocated address
            if (eip.public_ip in elasticExclusions):
              myLog("Elastic IP %s found unallocated but is on the exclusion list - skipping" % eip.public_ip)
            else:
              myLog("Found an unallocated candidate elastic IP to use: %s" % eip.public_ip)
              elasticIP = eip.public_ip

        # See if we need to provision a new elastic IP
        if ( not elasticIP ) :
          myLog("No unallocated elastic IP addresses - provisioning new")
          try:
            newElasticIP = conn.allocate_address()
            elasticIP = newElasticIP.public_ip
            myLog("Provisioned new elastic IP: %s" % elasticIP)
          except Exception as e:
            myLog("Failed to provision new elastic IP: %s" % e)
            proceedWithAssignment = False

        # Now associate the address with this instance
        if (proceedWithAssignment):
          myLog("Assigning elastic IP: %s" % elasticIP)

          result = conn.associate_address(current_instance_id, elasticIP)
          if (result):
            myLog("Successfully associated elastic IP %s with instanceID %s" % (elasticIP,current_instance_id))
          else:
            myLog("Not proceeding with elastic IP assignment - elastic IP already assigned")
      else:
         myLog("Unable to obtain SQS queue lock - no EIP assignment performed")

  "/tmp/eip-queue-keepalive":
    mode: "00555"
    owner: root
    group: root
    encoding: plain
    content: |
      #!/usr/bin/env python
      
      """
      Read a message from a queue and then re-post
      Needed as part of the elasticIP manager as messages are expired from
      queues after 4 days (default)
      -------------------------------------------------------------------
      Creator: Dave North <dnorth98@gmail.com>
      
      Requires: boto
      """
      
      import os
      import sys
      import time
      import datetime
      import syslog
      import boto.sqs
      import boto.sqs.message
      from boto.exception import SQSError
      import boto.utils
      
      lockQueueNameFile = "/usr/local/PRODUCT-tools/EIPQUEUENAME"
      
      def myLog(message):
        procName = __file__
        syslogMsg = procName + ": " + message
        syslog.syslog(syslogMsg)
        print '%s' % message

      def getQueueName(queueFile):
      
        queueName = None
      
        # get the lock queue name. It's written to this file by the beanstalk resources
        myLog("getQueueName: Reading queue name from file %s" % queueFile)
        if ( os.path.exists(queueFile) ):
          with open(queueFile) as f:
            queueName = f.readline()
            queueName = queueName.rstrip()
        else:
          myLog("getQueueName: unable to read queue name from file %s" %queueFile)
      
        myLog("getQueueName: Found SQS queue name: %s" % queueName)
        return queueName

      def initialSeed(queueFile,region,instID):
        # post the initial seed message
      
        queueName = getQueueName(queueFile)
        retVal = None
      
        sqsConn = boto.sqs.connect_to_region(region)
        lockQueue = sqsConn.get_queue(queueName)
      
        if (lockQueue):
          datetimeStr = datetime.datetime.now().strftime("%I:%M%p %B %d, %Y")
          body = "initial seed message generated by " + instID + " on " + datetimeStr
      
          myMessage = boto.sqs.message.RawMessage()
          myMessage.set_body(body)
          try:
            myLog("initialSeed: Writing new message to SQS queue")
            lockQueue.write(myMessage)
            retVal = True
          except SQSError, e:
            myLog("initialSeed: Unable to write message to SQS queue")
            myLog("initialSeed: Error %s - %s" % (e.code,  str(e)))
        else:
          myLog("initialSeed: Unable to find SQS queue %s in region %s" % (queueName,region))
      
        return retVal
      
      def replaceMessage(queueFile,region,instID):
        # get a messsage from the queue, delete it and add a new one
      
        queueName = getQueueName(queueFile)
      
        myLog("replaceMessage: queueName %s" % queueName)
      
        retVal = None
        readAttempts = 10
        readDelay = 10
      
        sqsConn = boto.sqs.connect_to_region(region)
        lockQueue = sqsConn.get_queue(queueName)
      
        if (lockQueue):
          myLog("replaceMessage: Successfully found SQS queue")
          currentReadAttempt = 0
      
          while currentReadAttempt <= readAttempts:
            myLog("replaceMessage: Reading from queue - attempt %s" % currentReadAttempt)
            messages = lockQueue.get_messages(1)
            if ( len(messages) == 0 ):
              # We did not get the message - sleep and try again
              myLog("replaceMessage: No messages read from queue - retrying in %i seconds" % readDelay)
              time.sleep(readDelay)
            else:
              # We did get the message - delete it and post a new one
              myLog("replaceMessage: message read from queue")
      
              if ( lockQueue.delete_message(messages[0]) ):
                myLog("replaceMessage: Successfully removed lock message from queue")
      
                datetimeStr = datetime.datetime.now().strftime("%I:%M%p %B %d, %Y")
                body = "Keepalive message generated by " + instID + " on " + datetimeStr
      
                myMessage = boto.sqs.message.RawMessage()
                myMessage.set_body(body)
                try:
                  myLog("replaceMessage: Writing new message to SQS queue")
                  lockQueue.write(myMessage)
                  retVal = True
                  break
                except SQSError, e:
                  myLog("Unable to write message to SQS queue")
                  myLog("Error %s - %s" % (e.code,  str(e)))
      
              else:
                myLog("replaceMessage: Error removing lock message from queue")
      
            currentReadAttempt +=1
        else:
          myLog("replaceMessage: Unable to find SQS queue %s in region %s" % (queueName,region))
      
        return retVal
      
      ####################### MAINLINE ######################################
      myLog("Queue Message Poster process starts....")
      
      # get our current region and instance ID for "this" instance
      region = boto.utils.get_instance_metadata()['placement']['availability-zone'][:-1]
      current_instance_id = boto.utils.get_instance_metadata()['instance-id']
      
      # do we need to seed the queue with the inital message?
      action  = None

      if ( len(sys.argv) == 2 ):
        action = sys.argv[1]
      
      if (action == "SEED"):
        if (initialSeed(lockQueueNameFile,region,current_instance_id) ):
          myLog("Successfully posted seed message to SQS queue from instance %s" % current_instance_id)
          sys.exit(0)
        else:
          myLog("Unable to post seed message to SQS queue from instance %s" % current_instance_id)
          sys.exit(1)
      else:
        if ( replaceMessage(lockQueueNameFile,region,current_instance_id) ):
          myLog("Successfully posted new message to SQS queue from instance %s" % current_instance_id)
          sys.exit(0)
        else:
          myLog("Unable to post keepalive message to SQS queue from instance %s" % current_instance_id)
          sys.exit(1)

container_commands:            
  01_assign_elastic_ip:
    command: "/usr/local/PRODUCT-tools/assign-eip /tmp/eip-exclusion"

  02_sleep_elastic_ip:
    command: "/bin/sleep 10"
    
  03_add_cron_task:
    command: "mv -f /tmp/eip-queue-keepalive /etc/cron.daily/eip-queue-keepalive"