Add AWS VPN support #2261
Add AWS VPN support #2261
Conversation
| @@ -0,0 +1,28 @@ | |||
| # VPN iperf config. | |||
There was a problem hiding this comment.
This looks like a specific test, not general functionality?
| @@ -95,6 +95,7 @@ class AwsEMR(spark_service.BaseSparkService): | |||
| CLOUD = providers.AWS | |||
| SPARK_SAMPLE_LOCATION = '/usr/lib/spark/lib/spark-examples.jar' | |||
| SERVICE_NAME = 'emr' | |||
| cidr = None # placeholder for vpn service | |||
There was a problem hiding this comment.
Is there a plan to integrate here?
There was a problem hiding this comment.
No. EMR cluster passes itself to aws_network.AwsNetwork.GetNetwork(self) which expects zone and cidr attributes. This probably should have gone into [#1986] but didn't present problems until the aws network code was involved (this PR).
There was a problem hiding this comment.
Seems like the correct fix is for EMR to instead call aws_network.AwsNetwork.GetNetworkFromNetworkSpec and just build the network spec like
| flags.DEFINE_string( | ||
| 'aws_subnet', None, | ||
| 'The static AWS subnet id to use. Default creates a new one') | ||
| 'aws_vpc', |
There was a problem hiding this comment.
There seem to be a lot of ?auto? formatting changes in here. Can you revert (or split those out to a separate pull request) so it's easier to review?
There was a problem hiding this comment.
Fixed. Is there a .style.yapf that works for this codebase?
There was a problem hiding this comment.
sadly no, but I'm told that chromium style is closest.
| @@ -65,12 +78,35 @@ def __init__(self): | |||
| self.firewall_icmp_set = set() | |||
| self._lock = threading.Lock() | |||
|
|
|||
| # @TODO: merge this not in rebase | |||
There was a problem hiding this comment.
Wasn't sure if it should be separate from this PR. Fixed in [cd82eda] which is the last commit on this push, so I can pop it off and resubmit if it doesn't belong here.
There was a problem hiding this comment.
Given the size of this, it'd be great to resubmit this standalone (and any other pieces we can break off).
|
|
||
|
|
||
| class AwsVPNGW(network.BaseVpnGateway): | ||
| CLOUD = providers.AWS |
There was a problem hiding this comment.
Can you move all the AWS VPN related code (both existing and new) into a new file
aws_vpn_network.py
as that will make it a lot easier to diff. We did that with https://github.com/GoogleCloudPlatform/PerfKitBenchmarker/blob/master/perfkitbenchmarker/providers/aws/aws_placement_group.py which made it a lot easier to review.
mjz-smu
force-pushed
the
vpn_005_vpn_aws
branch
from
31080e8
to
cd82eda
Compare
| @@ -85,8 +89,8 @@ def AllowIcmp(self, vm): | |||
| authorize_cmd = util.AWS_PREFIX + [ | |||
| 'ec2', | |||
| 'authorize-security-group-ingress', | |||
| '--region=%s' % vm.region, | |||
| '--group-id=%s' % vm.group_id, | |||
| '--region=%s' % region or vm.region, | |||
There was a problem hiding this comment.
can we use the values from entry here rather than duplicating the logic?
There was a problem hiding this comment.
and inline source = cidr or '0.0.0.0/0'
| @@ -95,6 +95,7 @@ class AwsEMR(spark_service.BaseSparkService): | |||
| CLOUD = providers.AWS | |||
| SPARK_SAMPLE_LOCATION = '/usr/lib/spark/lib/spark-examples.jar' | |||
| SERVICE_NAME = 'emr' | |||
| cidr = None # placeholder for vpn service | |||
There was a problem hiding this comment.
Seems like the correct fix is for EMR to instead call aws_network.AwsNetwork.GetNetworkFromNetworkSpec and just build the network spec like
| self.subnet = None | ||
| self.vpc_peering = None | ||
| self.cidr = None |
There was a problem hiding this comment.
move to the else in if spec.cidr to have single assignment.
| 'create-vpn-gateway', | ||
| '--region=%s' % self.region, | ||
| '--availability-zone=%s' % self.az, | ||
| '--type=%s' % 'ipsec.1' |
There was a problem hiding this comment.
Can this change? Why not just make a constant?
| # } | ||
| def _Create(self): | ||
| """Creates the VPN gateway.""" | ||
| ''' |
There was a problem hiding this comment.
please include link to documentation.
| '--options=%s' % self._getCnxnOpts() | ||
| ] | ||
| response, _ = util.IssueRetryableCommand(create_cmd) | ||
| response_xml = response[response.find("<"):response.rfind(">") + |
There was a problem hiding this comment.
needs more comments about formats and parsing. Can you parse as Json and then xml rather than this manual stuff?
| response_json = re.sub(r'<.*>', '', response) | ||
| response_json = json.loads(response_json) | ||
| self.id = response_json["VpnConnection"]["VpnConnectionId"] | ||
| # self.ip = response_json["VpnConnection"]["VgwTelemetry"][0][ |
| ] | ||
| logging.info("Get VPN Cnxn Options<tun_opts>: %s" % str(opts)) | ||
| # https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html | ||
| logging.info( |
| str(json.dumps(json.dumps(opts))[1:-1].replace('\\', | ||
| '')) | ||
| ) | ||
| return json.dumps(json.dumps(opts))[1:-1].replace('\\', '') |
There was a problem hiding this comment.
needs comments about encodings. prefer using standard parsers.
| '--customer-gateway-ids=%s' % self.id | ||
| ] | ||
| response, _ = util.IssueRetryableCommand(cmd) | ||
| # logging.log(logging.INFO, response) |
Notes: