From ae6992bf8c346dc9053d0fc0fcdec26d6c1b1618 Mon Sep 17 00:00:00 2001 From: Ryan Brown Date: Mon, 12 Sep 2016 18:26:13 -0400 Subject: [PATCH] Handle EC2 instances with multiple network interfaces (#4766) Currently instances with multiple ENI's can't be started or stopped because sourceDestCheck is a per-interface attribute, but we use the boto global access to it (which only works when there's a single ENI). This patch handles multiple ENI's and applies the sourcedestcheck across all interfaces the same way. Fixes #3234 --- cloud/amazon/ec2.py | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/cloud/amazon/ec2.py b/cloud/amazon/ec2.py index d6d34fbe863..5f69ab978b7 100644 --- a/cloud/amazon/ec2.py +++ b/cloud/amazon/ec2.py @@ -1310,9 +1310,22 @@ def startstop_instances(module, ec2, instance_ids, state, instance_tags): for inst in res.instances: # Check "source_dest_check" attribute - if inst.vpc_id is not None and inst.get_attribute('sourceDestCheck')['sourceDestCheck'] != source_dest_check: - inst.modify_attribute('sourceDestCheck', source_dest_check) - changed = True + try: + if inst.vpc_id is not None and inst.get_attribute('sourceDestCheck')['sourceDestCheck'] != source_dest_check: + inst.modify_attribute('sourceDestCheck', source_dest_check) + changed = True + except boto.exception.EC2ResponseError as exc: + # instances with more than one Elastic Network Interface will + # fail, because they have the sourceDestCheck attribute defined + # per-interface + if exc.code == 'InvalidInstanceID': + for interface in inst.interfaces: + if interface.source_dest_check != source_dest_check: + ec2.modify_network_interface_attribute(interface.id, "sourceDestCheck", source_dest_check) + changed = True + else: + module.fail_json(msg='Failed to handle source_dest_check state for instance {0}, error: {1}'.format(inst.id, exc), + exception=traceback.format_exc(exc)) # Check "termination_protection" attribute if inst.get_attribute('disableApiTermination')['disableApiTermination'] != termination_protection: