[checkmk-commits] agent_aws: Simplified 'security group to EC2 instance' mapping

Module: check_mk Branch: master Commit: 7a733a42bb6317b082ca6c78631d1c2f3d67f255 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=7a733a42bb6317… Author: Simon Betz <si(a)mathias-kettner.de> Date: Fri Feb 1 14:51:52 2019 +0100 agent_aws: Simplified 'security group to EC2 instance' mapping Change-Id: Ib23b3dd8f4616cfb47a0f7c4cfacdcf07c58e931 --- agents/special/agent_aws | 130 +++++++++++++++-------------------------------- 1 file changed, 41 insertions(+), 89 deletions(-) diff --git a/agents/special/agent_aws b/agents/special/agent_aws index 7b01f2a..0bc1ccf 100755 --- a/agents/special/agent_aws +++ b/agents/special/agent_aws @@ -375,51 +375,6 @@ class CostsAndUsage(AWSSectionGeneric): #. -# .--security groups-----------------------------------------------------. -# | _ _ | -# | ___ ___ ___ _ _ _ __(_) |_ _ _ | -# | / __|/ _ \/ __| | | | '__| | __| | | | | -# | \__ \ __/ (__| |_| | | | | |_| |_| | | -# | |___/\___|\___|\__,_|_| |_|\__|\__, | | -# | |___/ | -# | | -# | __ _ _ __ ___ _ _ _ __ ___ | -# | / _` | '__/ _ \| | | | '_ \/ __| | -# | | (_| | | | (_) | |_| | |_) \__ \ | -# | \__, |_| \___/ \__,_| .__/|___/ | -# | |___/ |_| | -# '----------------------------------------------------------------------' - - -class SecurityGroups(AWSSectionGeneric): - @property - def name(self): - return "security_groups" - - @property - def interval(self): - return 300 - - def _get_colleague_contents(self): - return AWSColleagueContents(None, 0) - - def _fetch_raw_content(self, colleague_contents): - # TODO Filter - response = self._client.describe_security_groups() - try: - return response['SecurityGroups'] - except KeyError as e: - logging.info("%s: KeyError %s; Available are %s", self.name, e, response.keys()) - return [] - - def _compute_content(self, raw_content, colleague_contents): - return AWSComputedContent(raw_content.content, raw_content.cache_timestamp) - - def _create_results(self, computed_content): - return [AWSSectionResult("", computed_content.content)] - - -#. # .--EC2-----------------------------------------------------------------. # | _____ ____ ____ | # | | ____/ ___|___ \ | @@ -449,39 +404,42 @@ class EC2Summary(AWSSectionGeneric): # TODO Filter response = self._client.describe_instances() try: - return response['Reservations'] + instances = { + self._extract_instance_name_from_tags(instance): instance + for reservation in response['Reservations'] + for instance in reservation.get('Instances', []) + } except KeyError as e: logging.info("%s: KeyError %s; Available are %s", self.name, e, response.keys()) - return {} + instances = {} + + # TODO Filter + response = self._client.describe_security_groups() + try: + security_groups = {group['GroupId']: group for group in response['SecurityGroups']} + except KeyError as e: + logging.info("%s: KeyError %s; Available are %s", self.name, e, response.keys()) + security_groups = {} + return instances, security_groups def _compute_content(self, raw_content, colleague_contents): - reservations = raw_content.content - for security_group in colleague_contents.content: - for reservation in reservations: - if security_group['OwnerId'] == reservation['OwnerId']: - reservation.setdefault('SecurityGroups', []).append(security_group) - return AWSComputedContent({ - "Reservations": reservations, - "mapping": self._map_instance_id_to_name(reservations), - }, raw_content.cache_timestamp) - - def _map_instance_id_to_name(self, reservations): - mapping = {} - for reservation in reservations: - for instance in reservation.get('Instances', []): - instance_id = instance['InstanceId'] - instance_name = self._extract_instance_name_from_tags(instance, instance_id) - mapping.setdefault(instance_id, instance_name) - return mapping - - def _extract_instance_name_from_tags(self, instance, instance_id): + instances, security_groups = raw_content.content + + for instance in instances.itervalues(): + for security_group in instance.get('SecurityGroups', []): + security_group_id = security_group['GroupId'] + if security_group_id in security_groups: + security_group.update(security_groups[security_group_id]) + return AWSComputedContent(instances, raw_content.cache_timestamp) + + def _extract_instance_name_from_tags(self, instance): for tag in instance.get('Tags', []): if tag.get('Key') == 'Name': return tag['Value'] - return instance_id + return instance['InstanceId'] def _create_results(self, computed_content): - return [AWSSectionResult("", computed_content.content['Reservations'])] + return [AWSSectionResult("", [computed_content.content])] class EC2(AWSSectionCloudwatch): @@ -496,14 +454,14 @@ class EC2(AWSSectionCloudwatch): def _get_colleague_contents(self): colleague = self._received_results.get('ec2_summary') if colleague and colleague.content: - return AWSColleagueContents( - colleague.content.get('mapping', {}), colleague.cache_timestamp) + return AWSColleagueContents(colleague.content, colleague.cache_timestamp) return AWSColleagueContents({}, 0) def _get_metrics(self, colleague_contents): metrics = [] idx = 0 - for instance_id, instance_name in colleague_contents.content.iteritems(): + for instance_name, attrs in colleague_contents.content.iteritems(): + instance_id = attrs['InstanceId'] for metric_name, unit in [ ("CPUCreditUsage", "Count"), ("CPUCreditBalance", "Count"), @@ -880,8 +838,8 @@ class EBSSummary(AWSSectionGeneric): def _get_colleague_contents(self): colleague = self._received_results.get('ec2_summary') if colleague and colleague.content: - return AWSColleagueContents( - colleague.content.get('mapping', {}), colleague.cache_timestamp) + mapping = {v['InstanceId']: k for k, v in colleague.content.iteritems()} + return AWSColleagueContents(mapping, colleague.cache_timestamp) return AWSColleagueContents({}, 0) def _fetch_raw_content(self, colleague_contents): @@ -1207,14 +1165,12 @@ class AWSSectionsGeneric(AWSSections): cloudwatch_client = self._init_client('cloudwatch') #---distributors---------------------------------------------------- - security_groups_distributor = ResultDistributor() ec2_summary_distributor = ResultDistributor() elb_summary_distributor = ResultDistributor() ebs_summary_distributor = ResultDistributor() s3_summary_distributor = ResultDistributor() #---sections with distributors-------------------------------------- - security_groups = SecurityGroups(ec2_client, hostname, region, security_groups_distributor) ec2_summary = EC2Summary(ec2_client, hostname, region, ec2_summary_distributor) ebs_summary = EBSSummary(ec2_client, hostname, region, ebs_summary_distributor) elb_summary = ELBSummary(elb_client, hostname, region, elb_summary_distributor) @@ -1229,7 +1185,6 @@ class AWSSectionsGeneric(AWSSections): s3 = S3(cloudwatch_client, hostname, region) #---register sections to distributors------------------------------- - security_groups_distributor.add(ec2_summary) ec2_summary_distributor.add(ec2) ec2_summary_distributor.add(ebs_summary) ec2_summary_distributor.add(ebs) @@ -1240,17 +1195,15 @@ class AWSSectionsGeneric(AWSSections): #---register sections for execution--------------------------------- # Dependencies: First append sections which distribute their results: - # -- security_groups - # | - # |--ec2_summary ('ec2') - # | - # |-- ec2 ('ec2') - # | - # |-- ebs_summary ('ec2', 'ebs') - # | | - # | |-- ebs ('ec2', 'ebs') - # | - # |-- ebs ('ec2') + # --ec2_summary ('ec2') + # | + # |-- ec2 ('ec2') + # | + # |-- ebs_summary ('ec2', 'ebs') + # | | + # | |-- ebs ('ec2', 'ebs') + # | + # |-- ebs ('ec2') # # -- elb_summary # | @@ -1258,7 +1211,6 @@ class AWSSectionsGeneric(AWSSections): # | # |-- elb if 'ec2' in services: - self._sections.append(security_groups) self._sections.append(ec2_summary) self._sections.append(ec2)