Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proposed fixes for ec2 provider create with non-default VPC. Closes #… #75

Merged
merged 1 commit into from
Aug 24, 2020
Merged

Proposed fixes for ec2 provider create with non-default VPC. Closes #… #75

merged 1 commit into from
Aug 24, 2020

Conversation

thesurlydev
Copy link
Contributor

@thesurlydev thesurlydev commented Aug 10, 2020

…73 and #74.

Description

These changes are proposed fixes for issues #73 and #74. If maintainers are happy with proposed changes I'll commit to updating documentation or whatever other changes are prudent. I should note that I'm a golang novice so feedback on the provide code changes is welcome!

How Has This Been Tested?

Tested with this PR's code changes via:

 ./inletsctl create -f ~/Downloads/access-key --secret-key-file ~/Downloads/secret-access-key -r us-west-2 -p ec2 --vpc-id vpc-f12e6b88 --subnet-id subnet-89ef61d3

By providing the new args vpc-id and subnet-id, I was able to successfully create the exit node and accompanying security group.

How are existing users impacted? What migration steps/scripts do we need?

With these changes users that target the ec2 provider will now have the option to include the new vpc-id and subnet-id args. By providing these args users with no default VPC will no longer face an error during exit node creation. They also allow users to have more control over the placement of the exit node.

Checklist:

I have:

  • updated the documentation and/or roadmap (if required)
  • read the CONTRIBUTION guide
  • signed-off my commits with git commit -s
  • added unit tests

@derek
Copy link

derek bot commented Aug 10, 2020

Thank you for your contribution. I've just checked and your commit doesn't appear to be signed-off. That's something we need before your Pull Request can be merged. Please see our contributing guide.
Tip: if you only have one commit so far then run: git commit --amend --signoff and then git push --force.

cmd/create.go Outdated Show resolved Hide resolved
cmd/create.go Outdated Show resolved Hide resolved
cmd/create.go Outdated Show resolved Hide resolved
pkg/provision/ec2.go Show resolved Hide resolved
pkg/provision/ec2.go Show resolved Hide resolved
@derek
Copy link

derek bot commented Aug 10, 2020

Thank you for your contribution. I've just checked and your commit doesn't appear to be signed-off. That's something we need before your Pull Request can be merged. Please see our contributing guide.
Tip: if you only have one commit so far then run: git commit --amend --signoff and then git push --force.

@derek derek bot added no-dco and removed no-dco labels Aug 10, 2020
@thesurlydev
Copy link
Contributor Author

@Waterdrips ready for review of feedback items.

I had a question regarding passing parameters that may have nil values now that the new vpc-id and subnet-id parameters are optional. Is it okay to pass those to the SDK requests as-is or should they be excluded if the values are nil?

@Waterdrips
Copy link
Contributor

Id think that excluding them if they are nil (actually only setting if not nil), which matches the current version might be best.

You could even do an explicit check for the error code you reported initially and prompt a user to use the flags if the same error is returned?

@thesurlydev
Copy link
Contributor Author

@Waterdrips For now, I'll just exclude if they're nil.

@thesurlydev
Copy link
Contributor Author

@Waterdrips Let me know if there's something more to be addressed. Thanks.

Copy link
Contributor

@Waterdrips Waterdrips left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Think there's a small change needed on how you deal with empty strings.

pkg/provision/ec2.go Outdated Show resolved Hide resolved
Copy link
Contributor

@Waterdrips Waterdrips left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Iv tested the functionality and it looks good. 1 change in formatting strings requested

Also can we get a check to make sure that if either --vpc-id or --subnet-id are set that the other is set too? (both must be set, or neither set)

pkg/provision/ec2.go Outdated Show resolved Hide resolved
@Waterdrips
Copy link
Contributor

So iv tested both default vpc (no options) and custom VPC (flags) - Both worked like a charm.

If we can get the couple of bits tidyd up and the 4 or so commits squashed into 1 commit with a good commit message (using something like this as a guide: https://chris.beams.io/posts/git-commit/) we should be good to go :)

Thanks for your work on this @digitalsanctum

The create command failed when a default VPC was not
present for the ec2 provider. When the failure occurred there
was also a side effect of dangling security groups that
got created but not cleaned up in the event of failure.

Two additional arguments were added, vpc-id and subnet-id,
to mitigate the failure while also giving users the option
to choose a specific VPC and subnet if more than one VPC
exists. New validation checks that if one of these new arguments
are specified then the other must be as well.

Additional logic was added so that in the event of ec2
instance creation failure any security groups created
will get deleted.

Signed-off-by: Shane Witbeck <shane@digitalsanctum.com>
@thesurlydev
Copy link
Contributor Author

So iv tested both default vpc (no options) and custom VPC (flags) - Both worked like a charm.

If we can get the couple of bits tidyd up and the 4 or so commits squashed into 1 commit with a good commit message (using something like this as a guide: https://chris.beams.io/posts/git-commit/) we should be good to go :)

Thanks for your work on this @digitalsanctum

Should be good now. Thanks

Copy link
Contributor

@Waterdrips Waterdrips left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks great.

I Tested this with default (no flags) and with the new flags - worked a charm in both casses.

@alexellis
Copy link
Member

Why?

with changes as-is, users that target the ec2 provider will be required to include the new vpc-id and subnet-id args.

@Waterdrips
Copy link
Contributor

Why?

with changes as-is, users that target the ec2 provider will be required to include the new vpc-id and subnet-id args.

that text is no longer correct @digitalsanctum might be worth re-wording the pr body to match the changes now.

@thesurlydev
Copy link
Contributor Author

Why?

with changes as-is, users that target the ec2 provider will be required to include the new vpc-id and subnet-id args.

that text is no longer correct @digitalsanctum might be worth re-wording the pr body to match the changes now.

Done. Thanks for catching that.

@thesurlydev
Copy link
Contributor Author

@Waterdrips Is this good to merge now?

@Waterdrips
Copy link
Contributor

Waterdrips commented Aug 14, 2020

Alex needs to sign off and merge - its on the list (the openfaas 2020 roadmap) here: https://trello.com/c/GGzIvan7/142-inletsctl-inlets-operator-with-ec2-and-non-default-vpc

Copy link
Member

@alexellis alexellis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants