--- # __Test Info__ # Create a self signed cert and upload it to AWS # http://www.akadia.com/services/ssh_test_certificate.html # http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.html # __Test Outline__ # # __ec2_elb_lb__ # create test elb with listeners and certificat # change AZ's # change listeners # remove listeners # remove elb # __ec2-common__ # test environment variable EC2_REGION # test with no parameters # test with only instance_id # test invalid region parameter # test valid region parameter # test invalid ec2_url parameter # test valid ec2_url parameter # test credentials from environment # test credential parameters # ============================================================ # create test elb with listeners, certificate, and health check - name: Create ELB ec2_elb_lb: name: "{{ tag_prefix }}" region: "{{ ec2_region }}" ec2_access_key: "{{ ec2_access_key }}" ec2_secret_key: "{{ ec2_secret_key }}" state: present zones: - us-east-1c - us-east-1d listeners: - protocol: http load_balancer_port: 80 instance_port: 80 - protocol: https load_balancer_port: 443 instance_protocol: http instance_port: 80 ssl_certificate_id: "{{ elb_lb_cert }}" health_check: ping_protocol: http ping_port: 80 ping_path: "/index.html" response_timeout: 5 interval: 30 unhealthy_threshold: 2 healthy_threshold: 10 register: info - assert: that: - 'info.changed' - '"failed" not in info' - 'info.elb.status == "created"' - 'info.elb.zones[0] == "us-east-1c"' - 'info.elb.zones[1] == "us-east-1d"' - 'info.elb.health_check.healthy_threshold == 10' - 'info.elb.health_check.interval == 30' - 'info.elb.health_check.target == "HTTP:80/index.html"' - 'info.elb.health_check.timeout == 5' - 'info.elb.health_check.unhealthy_threshold == 2' - 'info.elb.listeners[0][0] == 80' - 'info.elb.listeners[0][1] == 80' - 'info.elb.listeners[0][2] == "HTTP"' - 'info.elb.listeners[0][3] == "HTTP"' - 'info.elb.listeners[1][0] == 443' - 'info.elb.listeners[1][1] == 80' - 'info.elb.listeners[1][2] == "HTTPS"' - 'info.elb.listeners[1][3] == "HTTP"' - 'info.elb.listeners[1][4] == "{{ elb_lb_cert }}"' # ============================================================ # check ports, would be cool, but we are at the mercy of AWS # to start things in a timely manner #- name: check to make sure 80 is listening # wait_for: host={{ info.elb.dns_name }} port=80 timeout=600 # register: result #- name: assert can connect to port# # assert: 'result.state == "started"' #- name: check to make sure 443 is listening # wait_for: host={{ info.elb.dns_name }} port=443 timeout=600 # register: result #- name: assert can connect to port# # assert: 'result.state == "started"' # ============================================================ # Change AZ's - name: Change AZ's ec2_elb_lb: name: "{{ tag_prefix }}" region: "{{ ec2_region }}" ec2_access_key: "{{ ec2_access_key }}" ec2_secret_key: "{{ ec2_secret_key }}" state: present zones: - us-east-1b listeners: - protocol: http load_balancer_port: 80 instance_port: 80 - protocol: https load_balancer_port: 443 instance_protocol: http instance_port: 80 ssl_certificate_id: "{{ elb_lb_cert }}" purge_zones: yes health_check: ping_protocol: http ping_port: 80 ping_path: "/index.html" response_timeout: 5 interval: 30 unhealthy_threshold: 2 healthy_threshold: 10 register: info - assert: that: - '"failed" not in info' - 'info.elb.status == "ok"' - 'info.changed' - 'info.elb.zones[0] == "us-east-1b"' # ============================================================ # Update AZ's - name: Update AZ's ec2_elb_lb: name: "{{ tag_prefix }}" region: "{{ ec2_region }}" ec2_access_key: "{{ ec2_access_key }}" ec2_secret_key: "{{ ec2_secret_key }}" state: present zones: - us-east-1b - us-east-1c - us-east-1d listeners: - protocol: http load_balancer_port: 80 instance_port: 80 - protocol: https load_balancer_port: 443 instance_protocol: http instance_port: 80 ssl_certificate_id: "{{ elb_lb_cert }}" purge_zones: yes register: info - assert: that: - '"failed" not in info' - 'info.changed' - 'info.elb.status == "ok"' - 'info.elb.zones[0] == "us-east-1b"' - 'info.elb.zones[1] == "us-east-1c"' - 'info.elb.zones[2] == "us-east-1d"' # ============================================================ # Purge Listeners - name: Purge Listeners ec2_elb_lb: name: "{{ tag_prefix }}" region: "{{ ec2_region }}" ec2_access_key: "{{ ec2_access_key }}" ec2_secret_key: "{{ ec2_secret_key }}" state: present zones: - us-east-1b - us-east-1c - us-east-1d listeners: - protocol: http load_balancer_port: 80 instance_port: 81 purge_listeners: yes register: info - assert: that: - '"failed" not in info' - 'info.elb.status == "ok"' - 'info.changed' - 'info.elb.listeners[0][0] == 80' - 'info.elb.listeners[0][1] == 81' - 'len(info.elb.listeners) == 1' # ============================================================ # add Listeners - name: Add Listeners ec2_elb_lb: name: "{{ tag_prefix }}" region: "{{ ec2_region }}" ec2_access_key: "{{ ec2_access_key }}" ec2_secret_key: "{{ ec2_secret_key }}" state: present zones: - us-east-1b - us-east-1c - us-east-1d listeners: - protocol: http load_balancer_port: 80 instance_port: 81 - protocol: https load_balancer_port: 443 instance_protocol: http instance_port: 80 ssl_certificate_id: "{{ elb_lb_cert }}" purge_listeners: yes register: info - assert: that: - '"failed" not in info' - 'info.elb.status == "ok"' - 'info.changed' - 'info.elb.listeners[0][0] == 80' - 'info.elb.listeners[0][1] == 80' - 'info.elb.listeners[0][2] == "HTTP"' - 'info.elb.listeners[0][3] == "HTTP"' - 'info.elb.listeners[1][0] == 443' - 'info.elb.listeners[1][1] == 80' - 'info.elb.listeners[1][2] == "HTTPS"' - 'info.elb.listeners[1][3] == "HTTP"' - 'info.elb.listeners[1][4] == "{{ elb_lb_cert }}"' - 'len(info.elb.listeners) == 2' # ============================================================ - name: test with no parameters ec2_elb_lb: register: result ignore_errors: true - name: assert failure when called with no parameters assert: that: - 'result.failed' - 'result.msg == "missing required arguments: name,state"' # ============================================================ - name: test with only name ec2_elb_lb: name="{{ tag_prefix }}" register: result ignore_errors: true - name: assert failure when called with only name assert: that: - 'result.failed' - 'result.msg == "missing required arguments: state"' # ============================================================ - name: test invalid region parameter ec2_elb_lb: name="{{ tag_prefix }}" region='asdf querty 1234' state=present register: result ignore_errors: true - name: assert invalid region parameter assert: that: - 'result.failed' - 'result.msg.startswith("value of region must be one of:")' # ============================================================ - name: test valid region parameter ec2_elb_lb: name: "{{ tag_prefix }}" region: "{{ ec2_region }}" state: present zones: - us-east-1a - us-east-1d listeners: - protocol: http load_balancer_port: 80 instance_port: 80 register: result ignore_errors: true - name: assert valid region parameter assert: that: - 'result.failed' - 'result.msg.startswith("No handler was ready to authenticate.")' # ============================================================ - name: test invalid ec2_url parameter ec2_elb_lb: name: "{{ tag_prefix }}" region: "{{ ec2_region }}" state: present zones: - us-east-1a - us-east-1d listeners: - protocol: http load_balancer_port: 80 instance_port: 80 environment: EC2_URL: bogus.example.com register: result ignore_errors: true - name: assert invalid ec2_url parameter assert: that: - 'result.failed' - 'result.msg.startswith("No handler was ready to authenticate.")' # ============================================================ - name: test valid ec2_url parameter ec2_elb_lb: name: "{{ tag_prefix }}" region: "{{ ec2_region }}" state: present zones: - us-east-1a - us-east-1d listeners: - protocol: http load_balancer_port: 80 instance_port: 80 environment: EC2_URL: '{{ec2_url}}' register: result ignore_errors: true - name: assert valid ec2_url parameter assert: that: - 'result.failed' - 'result.msg.startswith("No handler was ready to authenticate.")' # ============================================================ - name: test credentials from environment ec2_elb_lb: name: "{{ tag_prefix }}" region: "{{ ec2_region }}" state: present zones: - us-east-1a - us-east-1d listeners: - protocol: http load_balancer_port: 80 instance_port: 80 environment: EC2_ACCESS_KEY: bogus_access_key EC2_SECRET_KEY: bogus_secret_key register: result ignore_errors: true - name: assert credentials from environment assert: that: - 'result.failed' - '"InvalidClientTokenId" in result.msg' # ============================================================ - name: test credential parameters ec2_elb_lb: name: "{{ tag_prefix }}" region: "{{ ec2_region }}" state: present zones: - us-east-1a - us-east-1d listeners: - protocol: http load_balancer_port: 80 instance_port: 80 register: result ignore_errors: true - name: assert credential parameters assert: that: - 'result.failed' - '"No handler was ready to authenticate. 1 handlers were checked." in result.msg'