summaryrefslogtreecommitdiff
path: root/app/services/clusters/aws/provision_service.rb
blob: 35fe8433b4d77e3d5785a0ff9eaefb341817b75d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# frozen_string_literal: true

module Clusters
  module Aws
    class ProvisionService
      attr_reader :provider

      def execute(provider)
        @provider = provider

        configure_provider_credentials
        provision_cluster

        if provider.make_creating
          WaitForClusterCreationWorker.perform_in(
            Clusters::Aws::VerifyProvisionStatusService::INITIAL_INTERVAL,
            provider.cluster_id
          )
        else
          provider.make_errored!("Failed to update provider record; #{provider.errors.full_messages}")
        end
      rescue Clusters::Aws::FetchCredentialsService::MissingRoleError
        provider.make_errored!('Amazon role is not configured')
      rescue ::Aws::Errors::MissingCredentialsError
        provider.make_errored!('Amazon credentials are not configured')
      rescue ::Aws::STS::Errors::ServiceError => e
        provider.make_errored!("Amazon authentication failed; #{e.message}")
      rescue ::Aws::CloudFormation::Errors::ServiceError => e
        provider.make_errored!("Amazon CloudFormation request failed; #{e.message}")
      end

      private

      def provision_role
        provider.created_by_user&.aws_role
      end

      def credentials
        @credentials ||= Clusters::Aws::FetchCredentialsService.new(
          provision_role,
          provider: provider,
          region: provider.region
        ).execute
      end

      def configure_provider_credentials
        provider.update!(
          access_key_id: credentials.access_key_id,
          secret_access_key: credentials.secret_access_key,
          session_token: credentials.session_token
        )
      end

      def provision_cluster
        provider.api_client.create_stack(
          stack_name: provider.cluster.name,
          template_body: stack_template,
          parameters: parameters,
          capabilities: ["CAPABILITY_IAM"]
        )
      end

      def parameters
        [
          parameter('ClusterName', provider.cluster.name),
          parameter('ClusterRole', provider.role_arn),
          parameter('ClusterControlPlaneSecurityGroup', provider.security_group_id),
          parameter('VpcId', provider.vpc_id),
          parameter('Subnets', provider.subnet_ids.join(',')),
          parameter('NodeAutoScalingGroupDesiredCapacity', provider.num_nodes.to_s),
          parameter('NodeInstanceType', provider.instance_type),
          parameter('KeyName', provider.key_name)
        ]
      end

      def parameter(key, value)
        { parameter_key: key, parameter_value: value }
      end

      def stack_template
        File.read(Rails.root.join('vendor', 'aws', 'cloudformation', 'eks_cluster.yaml'))
      end
    end
  end
end