def main():
colorama.init()
parser = argparse.ArgumentParser(description='Apply a "Security Group" to a Deis cluster')
parser.add_argument('--private-key', required=True, type=file, dest='private_key', help='Cluster SSH Private Key')
parser.add_argument('--private', action='store_true', dest='private', help='Only allow access to the cluster from the private network')
parser.add_argument('--discovery-url', dest='discovery_url', help='Etcd discovery url')
parser.add_argument('--hosts', nargs='+', dest='hosts', help='The IP addresses of the hosts to apply rules to')
args = parser.parse_args()
nodes = get_nodes_from_args(args)
hosts = args.hosts if args.hosts is not None else nodes
node_ips = []
for ip in nodes:
if validate_ip_address(ip):
node_ips.append(ip)
else:
log_warning('Invalid IP will not be added to security group: ' + ip)
if not len(node_ips) > 0:
raise ValueError('No valid IP addresses in security group.')
host_ips = []
for ip in hosts:
if validate_ip_address(ip):
host_ips.append(ip)
else:
log_warning('Host has invalid IP address: ' + ip)
if not len(host_ips) > 0:
raise ValueError('No valid host addresses.')
log_info('Generating iptables rules...')
rules = get_firewall_contents(node_ips, args.private)
log_success('Generated rules:')
log_debug(rules)
log_info('Applying rules...')
apply_rules_to_all(host_ips, rules, args.private_key)
log_success('Done!')
评论列表
文章目录
