Nat Instance on AWS

Prerequisites

This post uses

Amazon Command Line Interface

To validate the installation of AWS Command Line Interface run a query

   aws ec2 describe-regions

to return AWS regions

{
    "Regions": [
	{
	    "Endpoint": "ec2.eu-west-1.amazonaws.com", 
	    "RegionName": "eu-west-1"
	}, 
	{
	    "Endpoint": "ec2.ap-southeast-1.amazonaws.com", 
	    "RegionName": "ap-southeast-1"
	}, 
	{
	    "Endpoint": "ec2.ap-southeast-2.amazonaws.com", 
	    "RegionName": "ap-southeast-2"
	}, 
	{
	    "Endpoint": "ec2.eu-central-1.amazonaws.com", 
	    "RegionName": "eu-central-1"
	}, 
	{
	    "Endpoint": "ec2.ap-northeast-1.amazonaws.com", 
	    "RegionName": "ap-northeast-1"
	}, 
	{
	    "Endpoint": "ec2.us-east-1.amazonaws.com", 
	    "RegionName": "us-east-1"
	}, 
	{
	    "Endpoint": "ec2.sa-east-1.amazonaws.com", 
	    "RegionName": "sa-east-1"
	}, 
	{
	    "Endpoint": "ec2.us-west-1.amazonaws.com", 
	    "RegionName": "us-west-1"
	}, 
	{
	    "Endpoint": "ec2.us-west-2.amazonaws.com", 
	    "RegionName": "us-west-2"
	}
    ]
}

Amazon Keypair

We will create stack, which uses Amazon EC2 key demo-key.

Run query

     aws ec2 describe-key-pairs --query 'KeyPairs[?KeyName==`demo-key`]' --output text

to show Amazon EC2 key demo-key

31:09:0f:7b:35:49:84:ac:75:dd:a4:7f:38:b7:31:89 demo-key

Follow instruction in blog post, if the key does not exist.

Validate Ruby Version

Running

   ruby --version

should return Ruby 2 version

ruby 2.1.5p273 (2014-11-13 revision 48405) [x86_64-linux]

A Nat Instance on AWS

Install aws-must-templates

Current aws-must-templates version is 0.2.4. To install this version we create a Gemfile

source 'https://rubygems.org'
gem 'aws-must-templates', '=0.2.4'

and run

bundle install

The output shows aws-must-templates Gem, together with a number of dependencies.

Fetching gem metadata from https://rubygems.org/.......
Fetching version metadata from https://rubygems.org/..
Resolving dependencies...
Using rake 10.4.2
Using mustache 1.0.2
Using thor 0.19.1
Using aws-must 0.0.14
Using json 1.8.3
Using aws-ssh-resolver 0.0.4
Using rspec-support 3.3.0
Using rspec-core 3.3.2
Using diff-lcs 1.2.5
Using rspec-expectations 3.3.1
Using rspec-mocks 3.3.2
Using rspec 3.3.0
Using multi_json 1.11.2
Using rspec-its 1.2.0
Using net-ssh 2.9.2
Using net-scp 1.2.1
Using net-telnet 0.1.1
Using sfl 2.2
Installing specinfra 2.43.8
Installing serverspec 2.24.1
Using aws-must-templates 0.2.4
Using bundler 1.9.1
Bundle complete! 1 Gemfile dependency, 22 gems now installed.
Use `bundle show [gemname]` to see where a bundled gem is installed.

Particularly, observe version numbers for

  • aws-must-templates: aws-must-templates (0.2.4)
  • template generator: aws-must (0.0.14)
  • Aws SSH resolver : aws-ssh-resolver (0.0.4)

Create CloudFormation YAML Configuration

aws-must-templates uses YAML files to configure CloudFormation stacks.

In this example, we use suite2.yaml in aws-must-templates. It defines a CloudFormation stack, with VPC Public and Private Subnets with NAT (similar to Amazon scenario 2):

  • subnets ranges:
    • 10.0.0.0/16 : VPC
    • 10.0.0.0/24: public subnet in the VPC
      • with internet gateway
      • instance myNat
      • instance myFront1
    • 10.0.1.0/24: private subnet in the VPC
      • instance myBack1
  • theree security groups to act as virtual firewalls (c.f. instance description below)
    • FrontEndSecurityGroup
    • BackendSecurityGroup
    • NatSecurityGroup
  • three EC2 instances
    • myNat (based on Amazon vpc-nat instances)
      • defines a public IP
      • private ip from public subnet range
      • route 0.0.0.0/0 to internet gateway
      • allow ping from 0.0.0.0/0
      • allow ssh from 0.0.0.0/0 (as defined parameter SSHLocation)/to Private Subnet
      • allow http from Private Subnet/to 0.0.0.0/0
    • myFront1 (ubuntu)
      • defines a public IP
      • private ip from public subnet range
      • route 0.0.0.0/0 to internet gateway
      • allow ping from 0.0.0.0/0
      • allow ssh from 0.0.0.0/0 (as defined parameter SSHLocation)
    • myBack1 (ubuntu)
      • no public ip assigned
      • private ip from private subnet range
      • route 0.0.0.0/0 to nat instance
      • allow ping from VPC address range
      • allow ssh from public subnet

Run

   cp $(bundle show aws-must-templates)/suite2.yaml .

to copy suite2.yaml from the installed Gem to current working directory.

See gist [=https://gist.github.com/7d7789cd0c18d5e51c99=] for suite2.yaml.

Generate CloudFormation JSON Template

To convert a YAML configuration in suite2.yaml into a CloudFormation JSON template suite.json run

  bundle exec aws-must.rb  gen suite2.yaml -m aws-must-templates | jq . > suite2.json

In the command above, output of aws-must.rb is piped to jq -tool for pretty-formatting. Output is valid JSON without formatting, and you may direct the result directly to suite.json.

See gist [=https://gist.github.com/7d7789cd0c18d5e51c99=] for suite2.json.

Prepare Test Runner

At this point, we have a CloudFormation JSON template in suite2.json. Instead of using command

aws cloudformation create-stack --stack-name suite2 --capabilities CAPABILITY_IAM --template-body "$(cat suite2.json)"

to create a Cloudformation stack suite2, we will prepare Test runner, which comes bundled with aws-must-templates. The test runner helps

  • in creating, and destroying, CloudFormation stacks
  • resolving instance names for OpenSSH configuration from EC2 instances
  • configuring test environment
  • running tests
  • creating test reports

Initialize Test Runner Configuration File test-suites.yaml

Test Runner uses configuration file test-suites.yaml to define test suites.

To add a test suite for CloudFormation stack suite2, create a YAML -file test-suites.yaml with the initial content:

- suite2:

   desc: VPC with Public and Private Subnets (NAT)

See gist [=https://gist.github.com/7d7789cd0c18d5e51c99=] for test-suites.yaml

Create suite-runner-configs.yaml

Some of tests in aws-must-templates use AWS SDK for Ruby, which searches region information from ENV['AWS_REGION'] (c.f. Amazon documentation).

Test Runner sets environment variable AWS_REGION automatically, if suite-runner-configs.yaml defines configuration aws_region.

For region eu-west-1 create suite-runner-configs.yaml

      # http://docs.aws.amazon.com/sdkforruby/api/index.html#Configuration
      # "The SDK searches the following locations for a region: ENV['AWS_REGION']"
      # 
      # Test runner sets ENV['AWS_REGION'] if following property is set
      aws_region: eu-west-1

Include Test Runner in Rakefile

Test Runner is implemented as a set of Rake tasks under namespace suite in aws-must-templates Gem.

Create Rakefile

   require 'yaml'

   # name of a configuration file
   suite_runner_configs= "suite-runner-configs.yaml"

   # Override configuration in 'suite.rake' 
   $suite_runner_configs = File.exist?(suite_runner_configs) ? YAML.load_file( suite_runner_configs ) : {}

   # load `suite` namespace
   spec = Gem::Specification.find_by_name 'aws-must-templates'
   load "#{spec.gem_dir}/lib/tasks/suite.rake"

to add Test Runner from suite.rake in aws-must-templtaes Gem, and to override default configuration in Test Runner with configurations in file suite-runner-configs.yaml, created above.

Validate Test Runner Installation

Running

rake -T suite

lists new rake tasks added by rake.suite in namespace suite:

rake suite:all[gen_opts]                  # Run all suites
rake suite:ec2-sync                       # Syncrronize ec2 instance metadata to
rake suite:suite2[gen_opts]               # suite2 - VPC with Public and Private Subnets (NAT)
rake suite:suite2-stack-create[gen_opts]  # suite2 - create stack 'suite2'
rake suite:suite2-stack-delete            # suite2 - delete stack suite2
rake suite:suite2-stack-start[gen_opts]   # suite2 - create stack 'suite2', wait to complete, sync ssh/config.aws
rake suite:suite2-stack-status            # suite2 - show status for stack suite2
rake suite:suite2-stack-wait              # suite2 - wait stack suite2 CREATE_COMPLETE, UPDATE_COMPLETE, CREATE_FAILED, DELETE_FAILED, UPDATE_ROLLBACK_FAILED, ROLLBACK_FAILED, ROLLBACK_COMPLETE, ROLLBACK_FAILED, UPDATE_ROLLBACK_COMPLETE, UPDATE_ROLLBACK_FAILED
rake suite:suite2-sync[gen_opts]          # suite2 - syncrhornize ssh/config.aws

Create SSH Client Configuration File

Test Runner uses SSH connections to access EC2 instances. It expects to find SSH client confiuguration files in directory ssh.

Create directory ssh, if it does not exist

[ -d ssh ] || mkdir ssh

Create an initial SSH Client Configuration file ssh/config.init

Host myNat
     user ec2-user

Host *.internal
     ProxyCommand ssh myFront1 -F ssh/config.aws nc -q0 %h 22

Host *
     user ubuntu
     StrictHostKeyChecking no
     UserKnownHostsFile=/dev/null
     IdentityFile ~/.ssh/demo-key/demo-key

The configuration instructs SSH client to

  • use user name ubuntu and SSH private key in ~/.ssh/demo-key/demo-key for all hosts. For instance myNat, the user name is ec2-user.
  • proxy connections to host names ending .internal via instance myFront1
  • not to updatte your default .ssh/known_hosts file with the fingerprints of the (temporary) instances used in testing

Start Stack suite2

Once the configurations are in place, we can start CloudFormation stack suite2

rake suite:suite2-stack-start

The command takes several minutes to complete. It outputs a dot each time stack status is being polled.

{
    "StackId": "arn:aws:cloudformation:eu-west-1:365098080134:stack/suite2/0aecbf20-62ad-11e5-85e1-50fa19418090"
}
......................

Validate Stack Status

Once stack start finishes, check stack status

 aws cloudformation describe-stacks --stack-name suite2 --query "Stacks[][StackName, StackStatus]" --output text

Expect to see status CREATE_COMPLETE in the output

suite2  CREATE_COMPLETE

Check Resolved Instance Names in ssh/config.aws

Command rake suite:suite2-stack-start resolves EC2 instance DNS names, and updates OpenSSH Client Configuration file ssh/config.aws with the resolved instance/DNS names.

To see the result

 cat ssh/config.aws

Observe three instances myBack1, myFront1, and myNat with HostNames assigned by Amazon. Lower section of the file, after the line # +++ aws-ssh-resolver-cli update end here +++, is created using configurations we entered in ssh/config.init earlier.

# +++ aws-ssh-resolver-cli update start here +++

# Content generated 2015-09-24-14:15:39

host myBack1
    HostName ip-10-0-1-227.eu-west-1.compute.internal


host myFront1
    HostName ec2-54-77-248-1.eu-west-1.compute.amazonaws.com


host myNat
    HostName ec2-52-17-124-42.eu-west-1.compute.amazonaws.com


# +++ aws-ssh-resolver-cli update end here +++
    Host myNat
         user ec2-user

    Host *.internal
         ProxyCommand ssh myFront1 -F ssh/config.aws nc -q0 %h 22

    Host *
         user ubuntu
         StrictHostKeyChecking no
         UserKnownHostsFile=/dev/null
         IdentityFile ~/.ssh/demo-key/demo-key

Reload EC2 Instance Name/Hostname Maping

Instance name/Hostname mapping in ssh/config.aws can be reloaded again running

rake suite:ec2-sync

It uses aws-ssh-resolver

aws-ssh-resolver.rb aws --ssh-config-file ssh/config.aws --ssh-config-init ssh/config.init

to resolve DNS names.

Validate SSH Connection

To validate SSH Client configuration make a SSH connection to each of the EC2 instances myFront1, myBack1, and myNat. On each instance, use hostname command to return the name assigned by Amazon.

For myNat

      ssh myNat -F ssh/config.aws hostname

observe the hostname returned to correspond the public subnet 10.0.0.0/24.

ip-10-0-0-30

Similarly for myFront1

 ssh myFront1 -F ssh/config.aws hostname

hostname corresponds the public subnet.

ip-10-0-0-5

For instance myBack1

 ssh myBack1 -F ssh/config.aws hostname

hostname maps to private subnet 10.0.1.0/24

ip-10-0-1-246

Define Instances in test-suites.yaml

Each instance requires an entry in instances array in test-suites.yaml file.

The entry for myFront1 is

instances:
   - myFront1:

Test ping on Instance myFront1

Test cases of an instance are defined in roles array of the instance. For example, myFront1 has two test cases:

        roles:
            - RespondsToPing:
            - NetworkCanPing:
                  Destination: www.google.com

The test cases are

These test case are reused from aws-must-templates Gem. Test Runner allows also creating own test in local directory spec/aws-must-templates.

Run Tests on myFront1

Running tests on myFront1

    rake suite:suite2:myFront1

prints RSPEC progress report, and, when finished, test summary

------------------------------------------------------------------
suite=suite2  instance:  myFront1
/home/jj/rbenv/versions/2.1.5/bin/ruby -I /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/lib/tasks/../../spec/support -I/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-support-3.3.0/lib:/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/lib /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/exe/rspec --pattern /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/RespondsToPing/\*_spec.rb,/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/NetworkCanPing/\*_spec.rb --format progress --format documentation --out generated-docs/suites/suite2-myFront1.txt
------------------------------------------------------------------
instance_name myFront1
...

Finished in 6.94 seconds (files took 1.44 seconds to load)
3 examples, 0 failures

Check Test Report for myFront1

Test reports are generated in directory generated-docs/suites.

To show the test report for instance myFront1 in suite suite2,

cat generated-docs/suites/suite2-myFront1.txt

The report shows result of running the two tests configured in test-suites.yaml above

NetworkCanPing
  ping  3 times to 'www.google.com', wait response within 20 seconds
    Command "ping www.google.com -W 20 -c 3"
      exit_status
	should eq 0

RespondsToPing
  ping 'myFront1'
    ec2: instanceName=myFront1
      #reponds within 20 seconds with 3 test counts
      public_dns_name
	should not eql nil

Finished in 6.94 seconds (files took 1.44 seconds to load)
3 examples, 0 failures

Test Routes on Instance myBack1

Add a section for instance myBack in test-suites.yaml

  - myBack1:
        roles:

and test cases for

  • Ec2Routes to validate instance routes
    • IP addresses in VPC subnet routed to local gateway
    • all other IP addresses routed to a (Nat) instance (identified using a regexp expression)
  • NetworkCanPing to validate that instance has an access the Internet, and it can ping http://www.google.com

Configuration in test-suites.yaml for instance myBack is

         - NetworkCanPing:
               Destination: www.google.com
         - Ec2Routes:
             Routes:   
               - :gateway_id: local
                 :state: active
                 :destination_cidr_block: "10.0.0.0/16"
               - :destination_cidr_block: "0.0.0.0/0"
                 :state: active
                 :instance_id: !ruby/regexp '/^i-.*/'

Run test for myBack1

Run tests for instance myBack1

    rake suite:suite2:myBack1

and observe that three test, one for each route, and one for the ping test, were successfully executed

------------------------------------------------------------------
suite=suite2  instance:  myBack1
/home/jj/rbenv/versions/2.1.5/bin/ruby -I /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/lib/tasks/../../spec/support -I/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-support-3.3.0/lib:/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/lib /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/exe/rspec --pattern /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/NetworkCanPing/\*_spec.rb,/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/Ec2Routes/\*_spec.rb --format progress --format documentation --out generated-docs/suites/suite2-myBack1.txt
------------------------------------------------------------------
instance_name myBack1
...

Finished in 6.99 seconds (files took 1.18 seconds to load)
3 examples, 0 failures

Check Test Report for myBack1

Output the test report for instance myBack1 in suite suite2

 cat generated-docs/suites/suite2-myBack1.txt

Output shows that the tests for the two routes in test-suites.yaml pass, as well as, the test to validate Internet access.

Ec2Routes
  awsRoute:  instanceName=myBack1
    implement route {:gateway_id=>"local", :state=>"active", :destination_cidr_block=>"10.0.0.0/16"}
    implement route {:destination_cidr_block=>"0.0.0.0/0", :state=>"active", :instance_id=>/^i-.*/}

NetworkCanPing
  ping  3 times to 'www.google.com', wait response within 20 seconds
    Command "ping www.google.com -W 20 -c 3"
      exit_status
	should eq 0

Finished in 6.99 seconds (files took 1.18 seconds to load)
3 examples, 0 failures

Define Tests for Instance myNat

Instance myNat defines two test cases. Test case Ec2SecurityGroups validates that AWS Security Group rules “allows pinging the instance from any address”. Test case RespondsToPing, validates that the instance actually responds to a ping.

Add an entry for myNat in test-suites-yaml

  - myNat:
        roles:
         - RespondsToPing:
         - Ec2SecurityGroups:
             StrictIngress: false
             StrictEgress: false
             Ingress:
                - :ip_protocol: icmp
                  :from_port: -1
                  :to_port: -1
                  :ip_ranges:
                     - :cidr_ip: "0.0.0.0/0"
             Egress:

Run Tests for myNat

Rake task

    rake suite:suite2:myNat

runs tests, and outputs RSPEC progress information

------------------------------------------------------------------
suite=suite2  instance:  myNat
/home/jj/rbenv/versions/2.1.5/bin/ruby -I /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/lib/tasks/../../spec/support -I/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-support-3.3.0/lib:/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/lib /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/exe/rspec --pattern /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/RespondsToPing/\*_spec.rb,/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/Ec2SecurityGroups/\*_spec.rb --format progress --format documentation --out generated-docs/suites/suite2-myNat.txt
------------------------------------------------------------------
instance_name myNat
.....

Finished in 1.83 seconds (files took 1.27 seconds to load)
5 examples, 0 failures

Check Test Report myNat

Output test report for instance myNat in test suite suite2

    cat generated-docs/suites/suite2-myNat.txt

The report confirms that security group rules, indeed, “allow ping from any address”. The report show a warning indicating that we have not tested all security group rules. More tests should be added. Finally, the report also shows that the ping test was successful.

Ec2SecurityGroups
  Security group:  instanceName=myNat
    ingress rules
      WARNING does not validate all ingress rules in test suite
      implement ingress rule: {:ip_protocol=>"icmp", :from_port=>-1, :to_port=>-1, :ip_ranges=>[{:cidr_ip=>"0.0.0.0/0"}]}
    egress rules
      WARNING does not validate all egress rules in test suite

RespondsToPing
  ping 'myNat'
    ec2: instanceName=myNat
      #reponds within 20 seconds with 3 test counts
      public_dns_name
	should not eql nil

Finished in 1.83 seconds (files took 1.27 seconds to load)
5 examples, 0 failures

Delete the Stack

To remove resources from Amazon run

rake suite:suite2-stack-delete

Run All Steps With One Command

Rake task

rake suite:suite2

runs the steps presented above

  • start stack suite2
  • runs tests on all EC2 instances myBack1, myFront1, myNat
  • delete stack suite2

for suite suite2 with one command

{
    "StackId": "arn:aws:cloudformation:eu-west-1:365098080134:stack/suite2/1818e4d0-62b7-11e5-8223-50d5026f660a"
}
........................------------------------------------------------------------------
suite=suite2  instance:  myFront1
/home/jj/rbenv/versions/2.1.5/bin/ruby -I /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/lib/tasks/../../spec/support -I/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-support-3.3.0/lib:/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/lib /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/exe/rspec --pattern /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/RespondsToPing/\*_spec.rb,/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/NetworkCanPing/\*_spec.rb --format progress --format documentation --out generated-docs/suites/suite2-myFront1.txt
------------------------------------------------------------------
instance_name myFront1
...

Finished in 7.06 seconds (files took 1.11 seconds to load)
3 examples, 0 failures

------------------------------------------------------------------
suite=suite2  instance:  myBack1
/home/jj/rbenv/versions/2.1.5/bin/ruby -I /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/lib/tasks/../../spec/support -I/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-support-3.3.0/lib:/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/lib /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/exe/rspec --pattern /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/NetworkCanPing/\*_spec.rb,/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/Ec2Routes/\*_spec.rb --format progress --format documentation --out generated-docs/suites/suite2-myBack1.txt
------------------------------------------------------------------
instance_name myBack1
...

Finished in 17.99 seconds (files took 1.16 seconds to load)
3 examples, 0 failures

------------------------------------------------------------------
suite=suite2  instance:  myNat
/home/jj/rbenv/versions/2.1.5/bin/ruby -I /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/lib/tasks/../../spec/support -I/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-support-3.3.0/lib:/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/lib /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/rspec-core-3.3.2/exe/rspec --pattern /home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/RespondsToPing/\*_spec.rb,/home/jj/rbenv/versions/2.1.5/lib/ruby/gems/2.1.0/gems/aws-must-templates-0.2.4/spec/aws-must-templates/Ec2SecurityGroups/\*_spec.rb --format progress --format documentation --out generated-docs/suites/suite2-myNat.txt
------------------------------------------------------------------
instance_name myNat
.....

Finished in 1.65 seconds (files took 1.17 seconds to load)
5 examples, 0 failures

Validate that Stack Is Actually Deleted

When stack is deleted, command

aws cloudformation describe-stacks

returns an empty array Stacks

{
    "Stacks": []
}

Document Context

Documentation environment:

  • System environment:
    • Operating system: Distributor ID: Ubuntu Description: Ubuntu 14.04.3 LTS Release: 14.04 Codename: trusty
    • Ruby: ruby 2.1.5p273 (2014-11-13 revision 48405) [x86_64-linux]
    • AWS Command Line Interface: aws-cli/1.7.23 Python/2.7.6 Linux/3.13.0-63-generic
  • Document generation environment:
    • Emacs: 25.0.50.1
    • Emacs org: 8.3.1

Document target:

  • Templates and test runner Gem: aws-must-templates (0.2.4)
  • Template generator Gem: aws-must (0.0.14)
  • Aws ssh resolver Gem: aws-ssh-resolver (0.0.4)

Fin

This has been a looooong post – Congratulations making it so far!

The blog post was authored using Emacs Org -package. Tasks were actually executed using the authoring tool, and presented in an order, which requires minimal upfront preparations, before getting results.

Then plan is to add gradually more features to the aws-must-temmplates generation, and at the same time, add supporting tests. In a way this the tool becomes a way register (permanently), what I have learned from Amazon Web Services 🙂

The code snippet for this post can be found in gist [=https://gist.github.com/7d7789cd0c18d5e51c99=]

Advertisements

2 thoughts on “Nat Instance on AWS

  1. It is appropriate time to make a few plans for the future
    and it is time to be happy. I’ve read this post and if I could
    I wish to suggest you few attention-grabbing issues or
    suggestions. Perhaps you could write subsequent articles regarding this article.

    I wish to read even more things about it!

    Like

    1. Hello, I am sorry that I have not been able to take the time to post more on this subject. I have made some preparations to use aws-must-template to create Lambda instances, and to separate CF configuration using lambda. I’ll try to come back to this subject, but can’t promise anything.

      BR, Jukka

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s