App-FargateStack
view release on metacpan or search on metacpan
lib/App/FargateStack/Builder/HTTPService.pm view on Meta::CPAN
$alb_info->{LoadBalancerName}, $alb_sg );
}
}
if ( !$alb_sg ) {
$alb_sg = $alb_security_groups->[0];
$self->log_warn( 'http-service: could not find a security group for ALB [%s] with 443 ingress, using [%s]',
$alb_name, $alb_sg );
}
$security_groups->{alb}->{group_id} = $alb_sg;
$security_groups->{alb}->{group_name} = $ec2->find_security_group_name($alb_sg);
$self->inc_existing_resources( security_groups => [$alb_sg] );
return;
}
# --create-alb forces creation of a new ALB
if ( !$self->get_create_alb && !$alb->{create} ) {
my $alb_type = $alb->{type};
$self->log_error( 'http-service: WARNING - no ALB ARN defined in configuration...looking for %s ALB', $alb_type );
my ( $alb_arn, $security_group_id ) = eval { return $elb->find_alb($alb_type); };
my $err = $EVAL_ERROR;
if ( !$alb_arn || $err ) {
if ( $err =~ /no\salbs/xsm ) {
$self->log_error( 'http-service: no %s ALBs were found in this VPC...a new ALB will be created...%s',
$alb_type, $dryrun );
}
elsif ( $err =~ /more\sthan\sone/xsm ) {
$self->log_die(
'http-service: more than 1 %s ALBs were found...add the ARN to your configuration file or use the --create-alb option.',
$alb_type
);
}
else {
die "$err";
}
}
$self->log_trace(
sub {
return Dumper(
[ alb_arn => $alb_arn,
security_group => $security_group_id
]
);
}
);
my $security_group_name;
my $is_valid_alb;
if ($alb_arn) {
$security_group_name = $ec2->find_security_group_name($security_group_id);
$is_valid_alb = $elb->validate_alb(
arn => $alb_arn,
scheme => $self->is_https ? 'internet-facing' : 'internal'
);
}
if ( $alb_arn && $is_valid_alb ) {
# set this for later
$self->set_alb( $elb->get_alb );
$self->log_error( 'http-service: Found an existing ALB (%s)...will be added to configuration.', $alb_arn );
$security_groups->{alb}->{group_id} = $security_group_id;
$security_groups->{alb}->{name} = $security_group_name;
$alb->{arn} = $alb_arn;
$alb->{name} = $self->get_alb->{LoadBalancerName};
$self->inc_existing_resources( alb => $config->{alb}->{name} );
# me may still need to attach Fargate's security group to this ALB
# check to see if fargate's security group is already attached
my $query = sprintf 'LoadBalancers[?LoadBalancerArn == `%s`]|[0].SecurityGroups', $alb_arn;
my $alb_security_groups = $elb->describe_load_balancers( query => $query );
my $fargate_sg = $security_groups->{fargate}->{group_id} // 'not-provisioned-yet';
if ( none { $_ eq $fargate_sg } @{$alb_security_groups} ) {
$self->log_warn( 'http-service: will add security group %s to load balancer...%s', $fargate_sg, $dryrun );
if ( !$dryrun ) {
$elb->set_security_groups( $alb_arn, @{$alb_security_groups}, $fargate_sg );
}
}
else {
$self->log_info( 'http-service: security group %s already attached...skipping', $fargate_sg );
}
return;
}
}
# create an alb
if ( $self->get_create_alb || $alb->{create} ) {
$self->log_warn( 'http-service: ALB creation forced by configuration or option...will be created...%s', $dryrun );
}
else {
$self->log_error(
'http-service: no ALB defined in your configuration and no usable ALB found...an ALB will be created...%s', $dryrun );
}
my $alb_sg = $self->create_alb_security_group;
my $alb_type = $self->is_https ? 'public' : 'private';
my $subnets = [ @{ $self->get_subnets->{$alb_type} }[ ( 0, 1 ) ] ];
my $alb_name = $alb->{name} // $self->create_default('alb-name');
$alb->{name} = $alb_name;
( run in 0.651 second using v1.01-cache-2.11-cpan-39bf76dae61 )