Skip to content

Commit

Permalink
make server timeout configurable (#214)
Browse files Browse the repository at this point in the history
Also do some dependency updates
  • Loading branch information
snowiow authored Apr 7, 2022
1 parent 6049fe0 commit 8268bd0
Show file tree
Hide file tree
Showing 13 changed files with 1,364 additions and 1,059 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@v3
- name: Use node.js 16.x
uses: actions/setup-node@v3
with:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@v3
- name: Use node.js 16.x
uses: actions/setup-node@v3
with:
Expand Down
1 change: 1 addition & 0 deletions lib/aurora-serverless.ts
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ export class BastionHostAuroraServerlessForward extends BastionHostForward {
address: props.serverlessCluster.clusterEndpoint.hostname,
port: Token.asString(props.serverlessCluster.clusterEndpoint.port),
clientTimeout: props.clientTimeout,
serverTimeout: props.serverTimeout,
});

if (props.iamUser !== undefined && props.resourceIdentifier !== undefined) {
Expand Down
7 changes: 7 additions & 0 deletions lib/bastion-host-forward-base-props.ts
Original file line number Diff line number Diff line change
Expand Up @@ -40,4 +40,11 @@ export interface BastionHostForwardBaseProps {
* @default 1
*/
readonly clientTimeout?: number;

/**
* The HAProxy server timeout in minutes
*
* @default 1
*/
readonly serverTimeout?: number;
}
28 changes: 20 additions & 8 deletions lib/bastion-host-forward.ts
Original file line number Diff line number Diff line change
Expand Up @@ -18,25 +18,32 @@ import { Construct } from 'constructs';

import type { BastionHostForwardProps } from './bastion-host-forward-props';

interface HaProxyConfig {
address: string;
port: string;
clientTimeout: number;
serverTimeout: number;
}

/*
* Creates a Config entry for HAProxy with the given address and port
*/
const generateHaProxyBaseConfig = (address: string, port: string, clientTimeout: number): string =>
const generateHaProxyBaseConfig = (config: HaProxyConfig): string =>
`listen database
bind 0.0.0.0:${port}
bind 0.0.0.0:${config.port}
timeout connect 10s
timeout client ${clientTimeout}m
timeout server 1m
timeout client ${config.clientTimeout}m
timeout server ${config.serverTimeout}m
mode tcp
server service ${address}:${port}\n`;
server service ${config.address}:${config.port}\n`;

/*
* Generates EC2 User Data for Bastion Host Forwarder. This installs HAProxy
* on the Instance as well, as writing a config file for it.
* The User Data is written in MIME format to override the User Data
* application behavior to be applied on every machine restart
*/
const generateEc2UserData = (address: string, port: string, clientTimeout: number): UserData =>
const generateEc2UserData = (config: HaProxyConfig): UserData =>
UserData.custom(
`Content-Type: multipart/mixed; boundary="//"
MIME-Version: 1.0
Expand All @@ -57,7 +64,7 @@ Content-Disposition: attachment; filename="userdata.txt"
mount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc
yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
yum install -y haproxy
echo "${generateHaProxyBaseConfig(address, port, clientTimeout)}" > /etc/haproxy/haproxy.cfg
echo "${generateHaProxyBaseConfig(config)}" > /etc/haproxy/haproxy.cfg
service haproxy restart
--//`,
);
Expand Down Expand Up @@ -95,7 +102,12 @@ export class BastionHostForward extends Construct {
});

const cfnBastionHost = this.bastionHost.instance.node.defaultChild as CfnInstance;
const shellCommands = generateEc2UserData(props.address, props.port, props.clientTimeout ?? 1);
const shellCommands = generateEc2UserData({
address: props.address,
port: props.port,
clientTimeout: props.clientTimeout ?? 1,
serverTimeout: props.serverTimeout ?? 1,
});
cfnBastionHost.userData = Fn.base64(shellCommands.render());

this.instanceId = this.bastionHost.instance.instanceId;
Expand Down
1 change: 1 addition & 0 deletions lib/generic-bastion-host-forward.ts
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ export class GenericBastionHostForward extends BastionHostForward {
address: props.address,
port: String(props.port),
clientTimeout: props.clientTimeout,
serverTimeout: props.serverTimeout,
});
}
}
1 change: 1 addition & 0 deletions lib/rds.ts
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ export class BastionHostRDSForward extends BastionHostForward {
address: props.rdsInstance.dbInstanceEndpointAddress,
port: props.rdsInstance.dbInstanceEndpointPort,
clientTimeout: props.clientTimeout,
serverTimeout: props.serverTimeout,
});

if (props.iamUser !== undefined && props.rdsResourceIdentifier !== undefined) {
Expand Down
89 changes: 46 additions & 43 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

21 changes: 8 additions & 13 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -44,28 +44,23 @@
},
"devDependencies": {
"@moia-oss/eslint-prettier-typescript-config": "^0.11.3",
"@types/jest": "^27.0.0",
"@types/jest": "^27.4.1",
"@types/node": "17.0.21",
"constructs": "10.0.59",
"aws-cdk-lib": "2.12.0",
"constructs": "10.0.102",
"aws-cdk-lib": "2.18.0",
"eslint": "^8.6.0",
"jest": "^27.4.7",
"jsii": "^1.52.1",
"jsii-pacmak": "^1.52.1",
"jsii-release": "^0.2.248",
"prettier": "^2.5.1",
"jsii-release": "^0.2.309",
"prettier": "^2.6.1",
"ts-jest": "^27.1.3",
"tslint": "^6.1.3",
"typescript": "^4.5.2"
},
"peerDependencies": {
"constructs": "^10.0.51",
"aws-cdk-lib": "^2.10.0"
"constructs": "^10.0.102",
"aws-cdk-lib": "^2.18.0"
},
"dependencies": {},
"jest": {
"moduleFileExtensions": [
"js"
]
}
"dependencies": {}
}
3 changes: 2 additions & 1 deletion test/aurora-serverless.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ test('Bastion Host created for normal username/password access', () => {
name: 'MyBastion',
serverlessCluster: testAurora,
clientTimeout: 2,
serverTimeout: 7,
});

const template = Template.fromStack(stack);
Expand All @@ -48,7 +49,7 @@ test('Bastion Host created for normal username/password access', () => {
{
'Fn::GetAtt': ['TestAurora252434E9', 'Endpoint.Port'],
},
'\n timeout connect 10s\n timeout client 2m\n timeout server 1m\n mode tcp\n server service ',
'\n timeout connect 10s\n timeout client 2m\n timeout server 7m\n mode tcp\n server service ',
{
'Fn::GetAtt': ['TestAurora252434E9', 'Endpoint.Address'],
},
Expand Down
Loading

0 comments on commit 8268bd0

Please sign in to comment.