Cross region support for copy_and_split. gen_terraform fixes (#43)

Author: twarnock

cloudendure/cloudendure.py

@@ -743,6 +743,7 @@ def gen_terraform(
         # Access the image
         image: str = _ec2_res.Image(image_id)
         base_template_data = {
+            "image_id": image_id,
             "name": name,
             "keypair": keypair,
             "uppercase_name": name.upper(),
@@ -771,9 +772,11 @@ def gen_terraform(
 
             drive_template_data = {
                 **base_template_data,
+                "drive": drive,
                 "drive_name": drive_name,
+                "snapshot_id": drive_info.get("SnapshotId", ""),
                 "volume_size": drive_info.get("VolumeSize", "2"),
-                "volume_type": drive_info.driveget("VolumeType", "gp2"),
+                "volume_type": drive_info.get("VolumeType", "gp2"),
             }
 
             drive_template = TerraformTemplate.VOLUME_TEMPLATE.format(

cloudendure/templates.py

@@ -58,7 +58,7 @@ class TerraformTemplate:
   type              = "{volume_type}"
   size              = {volume_size}
   encrypted         = true
-  snapshot_id       = "{drive_info.get('SnapshotId', '')}"
+  snapshot_id       = "{snapshot_id}"
 
   tags = {{
     Name        = "ap-vol-{name}-{drive_name}-sg"

step/lambdas.tf

@@ -85,12 +85,12 @@ resource "aws_lambda_function" "lambda_split_image" {
   depends_on       = ["data.archive_file.lambdas"]
 }
 
-resource "aws_lambda_function" "lambda_image_cleanup" {
-  filename         = "lambdas.zip"
-  function_name    = "tf-image-cleanup"
-  role             = "${aws_iam_role.iam_for_lambda.arn}"
-  handler          = "image_cleanup.lambda_handler"
-  source_code_hash = "${data.archive_file.lambdas.output_base64sha256}"
-  runtime          = "python3.7"
-  depends_on       = ["data.archive_file.lambdas"]
-}
+// resource "aws_lambda_function" "lambda_image_cleanup" {
+//   filename         = "lambdas.zip"
+//   function_name    = "tf-image-cleanup"
+//   role             = "${aws_iam_role.iam_for_lambda.arn}"
+//   handler          = "image_cleanup.lambda_handler"
+//   source_code_hash = "${data.archive_file.lambdas.output_base64sha256}"
+//   runtime          = "python3.7"
+//   depends_on       = ["data.archive_file.lambdas"]
+// }

step/lambdas/copy_image.py

@@ -14,9 +14,10 @@
 ec2_client = boto3.client("ec2")
 
 # {
-#     "ami_id" : "ami-123456",
-#     "kms_id"   : "GUID",
-#     "wait_time": 60
+#     "ami_id"    : "ami-123456",
+#     "kms_id"    : "GUID",
+#     "wait_time" : 60,
+#     "region"    : "optional destination region"
 # }
 
 
@@ -26,13 +27,19 @@ def lambda_handler(event: Dict[str, Any], context: Any) -> str:
 
     ami_id: str = event["ami_id"]
     kms_id: str = event["kms_id"]
-
-    new_image: Dict[str, Any] = ec2_client.copy_image(
-        SourceImageId=ami_id,
-        SourceRegion=os.environ.get("AWS_REGION", "us-east-1"),
-        Name=f"copied-{ami_id}",
-        Encrypted=True,
-        KmsKeyId=kms_id,
-    )
+    region: str = event.get("region")
+    if region:
+        ec2_client = boto3.client("ec2", region)
+    try:
+        new_image: Dict[str, Any] = ec2_client.copy_image(
+            SourceImageId=ami_id,
+            SourceRegion=os.environ.get("AWS_REGION", "us-east-1"),
+            Name=f"copied-{ami_id}",
+            Encrypted=True,
+            KmsKeyId=kms_id,
+        )
+    except Exception as e:
+        print(e)
+        return ""
 
     return new_image.get("ImageId", "")

step/lambdas/get_copy_status.py

@@ -18,6 +18,7 @@
 #   "wait_time": timeout in seconds,
 #   "copy_ami": "copied AMI",
 #   "status": "pending if it came from the copy complete? choice"
+#   "region": "different region"
 # }
 
 
@@ -26,7 +27,14 @@ def lambda_handler(event: Dict[str, Any], context: Any) -> str:
     print("Received event: " + json.dumps(event, indent=2))
 
     copy_ami: str = event["copy_ami"]
-
-    ami_state: Dict[str, Any] = ec2_client.describe_images(ImageIds=[copy_ami])
+    region: str = event.get("region")
+    if region:
+        ec2_client = boto3.client("ec2", region)
+
+    try:
+        ami_state: Dict[str, Any] = ec2_client.describe_images(ImageIds=[copy_ami])
+    except Exception as e:
+        print(e)
+        return "error"
 
     return ami_state["Images"][0]["State"]

step/lambdas/split_image.py

@@ -15,7 +15,8 @@
 # {
 #     "copy_ami" : "ami-123456",
 #     "kms_id"   : "GUID",
-#     "wait_time": 60
+#     "wait_time": 60,
+#     "region"   : optional region
 # }
 
 
@@ -24,42 +25,52 @@ def lambda_handler(event: Dict[str, Any], context: Any) -> str:
     print("Received event: " + json.dumps(event, indent=2))
 
     copy_ami: str = event["copy_ami"]
-
-    # Access the image that needs to be split
-    image = ec2_res.Image(copy_ami)
-
-    root_drive: Dict[str, Any] = {}
-    drives: Dict[str, Any] = {}
-
-    # separate the root drive from the other drives
-    devices: List[Any] = image.block_device_mappings
-    for device in devices:
-        if "Ebs" in device:
-            if device["DeviceName"] == image.root_device_name:
-                print(f"Found Root! {device}")
-                root_drive: Dict[str, Any] = device
-            else:
-                drives[device["DeviceName"]] = device["Ebs"]
-
-    # have to remove the encrypted flag
-    del root_drive["Ebs"]["Encrypted"]
-
-    # create a new AMI with only the root
-    response = ec2_res.register_image(
-        Architecture=image.architecture,
-        BlockDeviceMappings=[root_drive],
-        Name=f"root-{copy_ami}",
-        RootDeviceName=image.root_device_name,
-        VirtualizationType=image.virtualization_type,
-    )
-
-    root_ami = response.id
-
-    for drive in drives:
-        print(drives[drive])
-        ec2_res.create_tags(
-            Resources=[root_ami],
-            Tags=[{"Key": f"Drive-{drive}", "Value": json.dumps(drives[drive])}],
+    region: str = event.get("region")
+    if region:
+        ec2_res = boto3.resource("ec2", region)
+
+    try:
+        # Access the image that needs to be split
+        image = ec2_res.Image(copy_ami)
+
+        root_drive: Dict[str, Any] = {}
+        drives: Dict[str, Any] = {}
+
+        # separate the root drive from the other drives
+        devices: List[Any] = image.block_device_mappings
+        for device in devices:
+            if "Ebs" in device:
+                if device["DeviceName"] == image.root_device_name:
+                    print(f"Found Root! {device}")
+                    root_drive: Dict[str, Any] = device
+                else:
+                    drives[device["DeviceName"]] = device["Ebs"]
+
+        # have to remove the encrypted flag
+        del root_drive["Ebs"]["Encrypted"]
+
+        # create a new AMI with only the root
+        response = ec2_res.register_image(
+            Architecture=image.architecture,
+            BlockDeviceMappings=[root_drive],
+            Name=f"root-{copy_ami}",
+            RootDeviceName=image.root_device_name,
+            VirtualizationType=image.virtualization_type,
         )
 
+        root_ami = response.id
+
+        for drive in drives:
+            print(drives[drive])
+            ec2_res.create_tags(
+                Resources=[root_ami],
+                Tags=[{"Key": f"Drive-{drive}", "Value": json.dumps(drives[drive])}],
+            )
+
+        # clean up original image
+        image.deregister()
+    except Exception as e:
+        print(e)
+        return ""
+
     return root_ami

step/step-function.tf

@@ -242,20 +242,6 @@ resource "aws_sfn_state_machine" "copy_and_split" {
       "Type": "Task",
       "Resource": "${aws_lambda_function.lambda_split_image.arn}",
       "ResultPath": "$.split_ami_id",
-      "Next": "Image Cleanup",
-      "Retry": [
-        {
-          "ErrorEquals": ["States.ALL"],
-          "IntervalSeconds": 1,
-          "MaxAttempts": 3,
-          "BackoffRate": 2
-        }
-      ]
-    },
-    "Image Cleanup": {
-      "Type": "Task",
-      "Resource": "${aws_lambda_function.lambda_image_cleanup.arn}",
-      "ResultPath": "$.cleanup",
       "End": true,
       "Retry": [
         {