This repository has been archived by the owner on Jun 5, 2020. It is now read-only.
ELBv2 (ALB) partially working code for Issue #429 #439
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…o block_device_mappings (defaults to [])
updating of target group parameters and attributes mostly working Todo :- stickiness - enabled/disabled not updating
…lbv2 loadbalancers
updating of target group parameters and attributes mostly working Todo :- stickiness - enabled/disabled not updating
…lbv2 loadbalancers
prozach
suggested changes
Mar 22, 2017
There was a problem hiding this comment.
This looks like a good start to me. I was able to enumerate the ALBs in our environment and their target groups. I've not tried modification, but it looks like most of that is in place.
I'd say at a minimum we should get the tests passing, and if you see any obvious style issues that you want to clean up before hand. That and a squash here, and I'd think this would be good to go in, given that its all new code.
Is this still something that you are actively working on?
| desc 'Protocol to use for routing traffic to targets (HTTP/HTTPS)' | ||
| newvalues(:HTTP, :HTTPS) | ||
| validate do |value| | ||
| file 'protocol must be specified' unless value |
There was a problem hiding this comment.
I think fail was intended here.
There was a problem hiding this comment.
@zleswomp Yes, you are correct.
Unfortuately this is NOT something that I'm actively working on at present.
| newproperty(:port) do | ||
| desc 'Port on which the targets receive traffic' | ||
| validate do |value| | ||
| file 'Target port must be specified' unless value |
There was a problem hiding this comment.
I think fail was intended here.
This should make gem installation across all supported ruby versions work again, and reduce the delta, once we can roll that up into modulesync. This also includes version restrictions for gems droppint 1.9.3 support.
Without this change, we call '.keys' on a nil object. The 'initialize' method should have set the 'property_flush' to an empty hash, so I'm a little confused about why this is required.
Without this change, webmock fails to install correctly due to a version mismatch on ruby. Here we address this by pinning the version of webmock based on the ruby version.
…ameter for RDS instances.
This work updates the SDK to be newer. This will be required for several items going in currently, as well as work that is planned to be submitted around CloudFront soon.
adds Ubuntu 16.04 to supported ubuntu platforms on metadata.json
Without this change, the listeners on elb_loadbalancer resources are marked as read-only in the type and are thus not modifiable. This work adds support for modifying listeners and setting the 'policy' for HTTPS listeners to control which cipher suites are available.
…w ec2_vpc_dhcp_options to be associated with ec2_vpc.
removing test for enforcing old value adding tests fixing tests fixing test more elegant way of handling the validation using symbol which is more efficient performance wise
Without this change, there is no functionality in this module to manage the lifecycle and policy of a KMS key in amazon. Here we add a simple type and provider with just enough to create, destroy, and manage the policy. There are testing updates for the normalization code here, since the KMS policy exercises data structures that are not exercised elsewhere, so we extend the use case a bit of the normalize method calls.
Without this change, the autorequire for iam_role is not enabled for the iam_policy_attachment. This was originally commented because the iam_role code had not been merged. Now that the code has been merged, we can enable this here to allow the automatic and correct ordering for IAM resources.
Without this change, the ECS tasks are unable to assume a role when under puppet management. This work adds a new 'role' property that allows tasks to assume a given IAM role.
This mistakenly made it through and should be removed. We should not be printing data here.
Without this change, the module does not have the facility to manage the ELB policies, which include a policy type for managing the cipher suite accepted on HTTPS listeners. This work adds the initial functionality to set the listener polices.
Without this change, it is not possible for security groups to use other
security groups in a circular fashion due to creating a dependency loop
in Puppet. As of the following commit, we no longer fail when a
security group reference to another security group is not found, and
instead simply throw a warning and drop the rule's inclusion in the
rule set.
bd0ac4b
This now means that two security groups that have not yet been created,
can be set to reference eachother, but will take two runs to be
accurate. The first run to create the security groups, which will skip
the rules that reference the currently nonexistent security group peers,
and the second run to set the reference rules correctly.
This now opens up the potential for circular dependencies.
Ec2_securitygroup {
ensure => present,
region => 'us-west-2',
vpc => 'Z',
}
ec2_securitygroup { 'first':
description => 'first',
ingress => [{'port' => '666', 'protocol' => 'tcp', 'security_group' => 'second'}],
}
ec2_securitygroup { 'second':
description => 'second',
ingress => [{'port' => '666', 'protocol' => 'tcp', 'security_group' => 'third'}],
}
ec2_securitygroup { 'third':
description => 'thrid',
ingress => [{'port' => '666', 'protocol' => 'tcp', 'security_group' => 'first'}],
}
This is a valid use case for security groups, but not in Puppet. This is now
only possible to function in this way because we skip security group references
that don't exist. However, this now means that the autorequire rules will
create a circular dependency and fail to deploy.
Here we remove the autorequire from the securitygroup type for other security
group references to allow the above scenario to complete the catalog compile
and manage the groups as needed completely. This solves both the case of
creation of groups that don't exist, but are referenced in other security
groups, as well as circular group references, without causing puppet to loop.
Without this change, the volumes property is not property respected, either on modification, or on creation. Here we add the necessary logic to to set the volumes for a task upon creation of an ECS task, as well as modification after the initial creation.
Without this change, iam_role is a bit noisy by using Puppet.info. To quiet up the log messages, here we change those log entries to be debug in place of info. This is more in line with the rest of the providers.
Without this change, an ELB with no listeners causes a stacktrace due to an incorrect detection of existing listner. Here we adjust the logic to account for an empty array, by checking that we have at least 1 listener before we proceed inspecting the delta between the desired listeners and the actual listeners.
This adds functionality to the *route53_zone* resource type to manage private Route53 zones. Previously, only public zones could be created and destroyed, and there were no properties to manage. This also adds properties to discovery and management, including which VPCs to associate with private zones. Without these changes, only 100 zones could be managed. This updates the discovery API call to handle pagination to remove this limitation. The shared code to discover a VPC name by ID is changed to also allow discovery of a VPC ID by name. Internal structure is changed, but method parameters and returns retain previous functionality. Existing Route53 Zone tests are updated for these changes.
defined standard properties and auto requires. Working on creating logic to enforce subnets from seperate AZ's last revision on type. Need to cleanup ensure settings, and make required properties enforced. beginning to write out provider Working on create and destroy options for resource. Should be able to report on values at this point. fix issue with missing PuppetX class removing fluff typo should have been using the method to hash working on subnet enumeration adding tags to resource hash fixing issues fixing more issues working version of resource. Need to achieve vpc name translation, and Subnet name resolution fixed vpc translation enumeration of first position subnet, need to fix to enumerate ALL subnets refined to return a hash record subnets resolving as hash Base resource generation achieved. Subnet name translation successful working out the config for the create action fixing missuse of param fixing issue with typo on method working version, resource created. Modifying v2 to allow for the update of the subnets value. Testing for description change now ability to destroy enabled. Doest not attempt to update when purged, does attempt to update at first build. fixing. cleanup. working version create,update,destroy. bug in create where update is attempted
This updates the readme to match the code.
Without this change, if the task family count is larger than the results AWS is willing to hand back in a single request, we don't correctly discover all of the resources. Here we add the logic we use elsewhere to ensure that all resources are collected.
Without this change, tests are failing due to a Puppet Forge change.
…bs-aws into merge/trail-1
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
@zleswomp I've rebased what I currently have against the master branch.
Here's what I have managed so far.
Target group - listing/creation/modification/deletion
ALB - listing/partial creation/partial modification/deletion
From what I remember, my next steps where to work on the listner rules for the ALB