Skip to content

Instantly share code, notes, and snippets.

@halberom

halberom/get_subnet_route_map.py

Last active October 23, 2017 18:47
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save halberom/71f07f489e23e1804ec6 to your computer and use it in GitHub Desktop.
Save halberom/71f07f489e23e1804ec6 to your computer and use it in GitHub Desktop.
Download ZIP
ansible - a really nasty jinja filter to return a public subnet : route table mapping based on az
Raw
get_subnet_route_map.py
from jinja2.utils import soft_unicode
def get_subnet_route_map(value, routes, tag_key='Type', tag_value='public'):
# given a list of subnet results from the ec2_vpc_subnet task
# and a list of route results from the ec2_vpc_route_table task
# return a list of dicts of public subnet_id : route_id mapping
# where the public subnet is in the same az as the subnet the
# route is associated with
# assumes all private subnets in a routing table are in the same az!
# assumes the public subnets are tagged in some way, e.g. with Type: public
mapping = []
subnet_route_map = {}
no_routes = {}
for r in routes.iteritems():
for s in value.iteritems():
subnet_in_route = False
# the route table task can take a name, cidr or id
if 'Name' in s['subnet']['tags']:
if s['subnet']['tags']['Name'] in r['item']['subnets']:
subnet_in_route = True
elif s['subnet']['cidr'] in r['item']['subnets']:
subnet_in_route = True
elif s['subnet_id'] in r['item']['subnets']:
subnet_in_route = True
if subnet_in_route:
subnet_route_map[s['subnet_id']] = { 'route_table_id':r['route_table_id'], 'az':s['subnet']['az'] }
# assume a distinguishing tag exists
# get a mapping of public subnets to az
subnet_az_map = {}
for s in value.iteritems():
if s['subnet']['tags'][tag_key] == tag_value:
subnet_az_map[s['subnet_id']] = s['subnet']['az']
# now loop through the route:az's, and find a matching subnet with based on az
for k,v in subnet_route_map.iteritems():
for s,a in subnet_az_map.iteritems():
if a == v['az']:
mapping.append({'subnet_id':s, 'route_table_id':v['route_table_id'] })
return mapping
class FilterModule(object):
''' Ansible jinja2 filters '''
def filters(self):
return {
'get_subnet_route_map': get_subnet_route_map,
}
Raw
play.yml
to be used in a play, e.g. in an ec2_lc user_data config
- name: get a mapping of subnet-id to private route-id
set_fact:
subnet_route_map: "{{ ec2_vpc_subnet_out.results | get_subnet_route_map(ec2_vpc_route_table_private_out.results) }}"
- name: create the nat auto scaling group launch configuration
ec2_lc:
region: "{{ region }}"
name: "{{ nat_asg_lc.name }}"
image_id: "{{ nat_asg_lc.image_id }}"
security_groups: "{{ ec2_group_out.results | get_security_groups('name', nat_asg_lc.security_group) }}"
instance_type: "{{ nat_asg_lc.instance_type }}"
user_data: |
"{{ lookup('template', './user_data.j2') }}"
key_name: "{{ nat_asg_lc.key_name }}"
instance_profile_name: "{{ nat_asg_lc.instance_profile_name }}"
assign_public_ip: "{{ nat_asg_lc.assign_public_ip }}"
register: ec2_lc_out
Raw
user_data.j2
#!/bin/bash
cat > /root/nat_configs.txt <<EOF
{% for item in subnet_route_map %}
{{ item['subnet_id'] }},{{ item['route_table_id'] }}
{% endfor %}
EOF
curl -sL https://raw.githubusercontent.com/wrapp/ec2-nat-failover/master/nat_monitor.py > /root/nat_monitor.py
python -u /root/nat_monitor.py < /root/nat_configs.txt | logger -t nat_monitor
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment