Merge pull request #844 from edx/jarv/bastion-ssh-config

create alias for bastion

Merge pull request #844 from edx/jarv/bastion-ssh-config
create alias for bastion
006dee6b · John Jarvis · f064db8f · bb69502a · 006dee6b
Commit 006dee6b authored Mar 04, 2014 by John Jarvis
Hide whitespace changes
Inline Side-by-side

Showing with 74 additions and 44 deletions

util/vpc-tools/vpc-tools.py
+74 -44

No files found.
--- a/util/vpc-tools/vpc-tools.py
+++ b/util/vpc-tools/vpc-tools.py
@@ -21,27 +21,35 @@ VERSION="vpc tools 0.1"
 DEFAULT_USER="ubuntu"
 DEFAULT_HOST_CHECK="ask"
-JUMPBOX_CONFIG = """
+BASTION_CONFIG = """Host {jump_box}
-    Host {jump_box}
+    HostName {ip}
-      HostName {ip}
+    ForwardAgent yes
-      ForwardAgent yes
+    User {user}
-      User {user}
+    StrictHostKeyChecking {strict_host_check}
-      StrictHostKeyChecking {strict_host_check}
+    {identity_line}
-      {identity_line}
    """
-HOST_CONFIG = """
+HOST_CONFIG = """# Instance ID: {instance_id}
-    # Instance ID: {instance_id}
+Host {name}
-    Host {name}
+    ProxyCommand ssh {config_file} -W %h:%p {jump_box}
-      ProxyCommand ssh {config_file} -W %h:%p {jump_box}
+    HostName {ip}
-      HostName {ip}
+    ForwardAgent yes
-      ForwardAgent yes
+    User {user}
-      User {user}
+    StrictHostKeyChecking {strict_host_check}
-      StrictHostKeyChecking {strict_host_check}
+    {identity_line}
-      {identity_line}
+    """
+BASTION_HOST_CONFIG = """# Instance ID: {instance_id}
+Host {name}
+    HostName {ip}
+    ForwardAgent yes
+    User {user}
+    StrictHostKeyChecking {strict_host_check}
+    {identity_line}
    """
 def dispatch(args):
    if args.get("ssh-config"):
@@ -80,7 +88,7 @@ def _ssh_config(args):
    else:
      config_file = ""
-    jump_box = "{stack_name}-jumpbox".format(stack_name=stack_name)
+    jump_box = "{stack_name}-bastion".format(stack_name=stack_name)
    friendly = "{stack_name}-{logical_id}-{instance_number}"
    id_type_counter = defaultdict(int)
@@ -105,39 +113,61 @@ def _ssh_config(args):
            if logical_id == "BastionHost" or logical_id == 'bastion':
-                print JUMPBOX_CONFIG.format(
+                print BASTION_CONFIG.format(
                    jump_box=jump_box,
                    ip=instance.ip_address,
                    user=user,
                    strict_host_check=strict_host_check,
                    identity_line=identity_line)
-            # Print host config even for the bastion box because that is how
+                print BASTION_HOST_CONFIG.format(
-            # ansible accesses it.
+                    name=instance.private_ip_address,
-            print HOST_CONFIG.format(
+                    ip=instance.ip_address,
-                name=instance.private_ip_address,
+                    user=user,
-                jump_box=jump_box,
+                    instance_id=instance.id,
-                ip=instance.private_ip_address,
+                    strict_host_check=strict_host_check,
-                user=user,
+                    identity_line=identity_line)
-                config_file=config_file,
-                strict_host_check=strict_host_check,
+                #duplicating for convenience with ansible
-                instance_id=instance.id,
+                name = friendly.format(stack_name=stack_name,
-                identity_line=identity_line)
+                                       logical_id=logical_id,
+                                       instance_number=instance_number)
-            #duplicating for convenience with ansible
-            name = friendly.format(stack_name=stack_name,
+                print BASTION_HOST_CONFIG.format(
-                                   logical_id=logical_id,
+                    name=name,
-                                   instance_number=instance_number)
+                    ip=instance.ip_address,
+                    user=user,
-            print HOST_CONFIG.format(
+                    strict_host_check=strict_host_check,
-                name=name,
+                    instance_id=instance.id,
-                jump_box=jump_box,
+                    identity_line=identity_line)
-                ip=instance.private_ip_address,
-                user=user,
+            else:
-                config_file=config_file,
+                # Print host config even for the bastion box because that is how
-                strict_host_check=strict_host_check,
+                # ansible accesses it.
-                instance_id=instance.id,
+                print HOST_CONFIG.format(
-                identity_line=identity_line)
+                    name=instance.private_ip_address,
+                    jump_box=jump_box,
+                    ip=instance.private_ip_address,
+                    user=user,
+                    config_file=config_file,
+                    strict_host_check=strict_host_check,
+                    instance_id=instance.id,
+                    identity_line=identity_line)
+                #duplicating for convenience with ansible
+                name = friendly.format(stack_name=stack_name,
+                                       logical_id=logical_id,
+                                       instance_number=instance_number)
+                print HOST_CONFIG.format(
+                    name=name,
+                    jump_box=jump_box,
+                    ip=instance.private_ip_address,
+                    user=user,
+                    config_file=config_file,
+                    strict_host_check=strict_host_check,
+                    instance_id=instance.id,
+                    identity_line=identity_line)
 if __name__ == '__main__':
    args = docopt(__doc__, version=VERSION)