aws-eni 0.1.2 → 0.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3dd624009ce2d87a86fa1e33188a38f0be254464
-  data.tar.gz: b1b958d4b5b71a7431cd19cff6b8e595ba0db1ef
+  metadata.gz: 613d8b521f5ea3db65f0420e90dfe188c6b42e53
+  data.tar.gz: 0a1eebe7c2b86a128a282f9edd8d61d5c0c39d2c
 SHA512:
-  metadata.gz: 209b4e24a7b5934a67beab03852f11565ed997296ce9063af45d87803c7cb0e169590dfb1a5d71b6e19207281a04306aa6f09ca38436f90012ee302fc59724ea
-  data.tar.gz: bf9452d5c381ff04bab980f0c1fa5b1738294a336330c090c58b759919f52ef839d46c90a8af0307db1051c4f96a92ff4bc3ac9d5c42b9ebdaefc0cbac3c50f3
+  metadata.gz: 092fd301932d4521a4c7b1fda6c1d04f21160d9585bd5e0b1c11e5385a87b97b21bb33bd3a55001fafa3da4e2b39d67b12b5cd759c7f00aa2064ce9dfe733edd
+  data.tar.gz: c10cb8481dc1f9a544e3ebedb674bd434d4e30f1a9cdc1e02d022d2195016f5f16813919a387a82e27b4aa206d29b092cbbb51bc568e1a4f3ba7e135007f976c

data/bin/aws-eni

@@ -213,7 +213,7 @@ command [:create] do |c|
     args.delete('new')
     params = parse_args args, :subnet_id, :security_groups, :primary_ip
     interface = Aws::ENI.create_interface(params)
-    puts "interface #{interface[:id]} created on #{interface[:subnet_id]}"
+    puts "interface #{interface[:interface_id]} created on #{interface[:subnet_id]}"
   end
 end
 
@@ -251,12 +251,12 @@ command [:attach] do |c|
       params = parse_args args, :subnet_id, :security_groups, :primary_ip
       Aws::ENI.assert_ifconfig_access if config
       interface = Aws::ENI.create_interface(params)
-      puts "interface #{interface[:id]} created on #{interface[:subnet_id]}"
-      id = interface[:id]
+      puts "interface #{interface[:interface_id]} created on #{interface[:subnet_id]}"
+      id = interface[:interface_id]
     end
     device = Aws::ENI.attach_interface(id, enable: config, configure: config, block: opts[:block])
-    puts "interface #{device[:id]} attached to #{device[:name]}"
-    puts "device #{device[:name]} enabled and configured" if opts[:config]
+    puts "interface #{device[:interface_id]} attached to #{device[:device_name]}"
+    puts "device #{device[:device_name]} enabled and configured" if config
   end
 end
 
@@ -283,13 +283,13 @@ command [:detach] do |c|
     params = parse_args args, :interface_id, :device_name
     params[:block] = opts[:block]
     params[:delete] = opts[:delete] unless opts[:delete] == :not_provided
-    id = params[:interface_id] || params[:device_name]
+    id = params[:device_name] || params[:interface_id]
 
     device = Aws::ENI.detach_interface(id, params)
     if device[:deleted]
-      puts "interface #{device[:id]} detached from #{device[:name]} and deleted"
+      puts "interface #{device[:interface_id]} detached from #{device[:device_name]} and deleted"
     else
-      puts "interface #{device[:id]} detached from #{device[:name]}"
+      puts "interface #{device[:interface_id]} detached from #{device[:device_name]}"
     end
   end
 end
@@ -327,10 +327,20 @@ long_desc %{
 arg 'ip-address', :optional
 arg 'interface-id OR device-name'
 command [:assign] do |c|
+  c.desc 'Do not configure the interface after assignment'
+  c.switch [:n,'no-config'], negatable: false
+
+  c.desc 'Do not return until connection is verified'
+  c.switch [:b,:block], negatable: false
+
   c.action do |global,opts,args|
-    help_now! "Missing argument" if args.empty?
     params = parse_args args, :interface_id, :device_name, :private_ip
-    device = params[:interface_id] || params[:device_name]
+    device = params[:device_name] || params[:interface_id]
+    help_now! "Missing argument" if device.nil?
+
+    params.merge! configure: !opts['no-config'], block: opts[:block]
+    Aws::ENI.assert_ifconfig_access if params[:configure]
+
     assignment = Aws::ENI.assign_secondary_ip(device, params)
     puts "IP #{assignment[:private_ip]} assigned to #{assignment[:device_name]} (#{assignment[:interface_id]})"
   end
@@ -380,10 +390,14 @@ arg 'allocation-id', :optional
 arg 'interface-id', :optional
 arg 'device-name', :optional
 command [:associate] do |c|
+  c.desc 'Do not return until connection is verified'
+  c.switch [:b,:block], negatable: false
+
   c.action do |global,opts,args|
     help_now! "Missing argument" if args.empty?
     args.delete('new')
     params = parse_args args, :private_ip, :public_ip, :allocation_id, :interface_id, :device_name
+    params[:block] = opts[:block]
     assoc = Aws::ENI.associate_elastic_ip(params[:private_ip], params)
     puts "EIP #{assoc[:public_ip]} (#{assoc[:allocation_id]}) associated with #{assoc[:private_ip]} on #{assoc[:device_name]} (#{assoc[:interface_id]})"
   end
@@ -427,19 +441,19 @@ command [:allocate] do |c|
   end
 end
 
-desc 'Release one or more unassigned Elastic IP addresses'
+desc 'Release unassigned Elastic IP addresses'
 long_desc %{
-  Release one or more unassigned Elastic IP addresses.  If IP address or
-  allication, will release only that EIP, otherwise will clean all unassigned
-  EIPs.
+  Release one unassigned Elastic IP addresses identified by its public IP or its
+  allocation ID
 }
 arg 'ip-address OR allocation-id'
 command [:release] do |c|
   c.action do |global,opts,args|
     help_now! "Missing argument" if args.empty?
+    help_now! "Too many arguments" if args.count > 1
     params = parse_args args, :public_ip, :allocation_id
     eip = params[:public_ip] || params[:allocation_id]
-    release = Aws::ENI.release_elastic_ip(eip, params)
+    release = Aws::ENI.release_elastic_ip(eip)
     puts "EIP #{release[:public_ip]} (#{release[:allocation_id]}) released"
   end
 end

data/lib/aws-eni.rb

@@ -1,4 +1,5 @@
 require 'time'
+require 'resolv'
 require 'aws-sdk'
 require 'aws-eni/version'
 require 'aws-eni/errors'
@@ -78,7 +79,7 @@ module Aws
         end
       end
       {
-        id:           response[:network_interface][:network_interface_id],
+        interface_id: response[:network_interface][:network_interface_id],
         subnet_id:    response[:network_interface][:subnet_id],
         api_response: response[:network_interface]
       }
@@ -90,74 +91,73 @@ module Aws
       do_config = true unless options[:configure] == false
       assert_ifconfig_access if do_config || do_enable
 
-      interface = IFconfig[options[:device_number] || options[:name]]
-      raise InvalidParameterError, "Interface #{interface.name} is already in use" if interface.exists?
+      device = IFconfig[options[:device_number] || options[:name]].assert(exists: false)
 
-      params = {}
-      params[:network_interface_id] = id
-      params[:instance_id] = environment[:instance_id]
-      params[:device_index] = interface.device_number
-
-      response = client.attach_network_interface(params)
+      response = client.attach_network_interface(
+        network_interface_id: id,
+        instance_id: environment[:instance_id],
+        device_index: device.device_number
+      )
 
       if options[:block] || do_config || do_enable
         wait_for 'the interface to attach', rescue: ConnectionFailed do
-          interface.exists? && interface_status(interface.interface_id) == 'in-use'
+          device.exists? && interface_status(device.interface_id) == 'in-use'
         end
       end
-      interface.configure if do_config
-      interface.enable if do_enable
+      device.configure if do_config
+      device.enable if do_enable
       {
-        id:           interface.interface_id,
-        name:         interface.name,
-        configured:   options[:configure],
-        api_response: response
+        interface_id:  device.interface_id,
+        device_name:   device.name,
+        device_number: device.device_number,
+        enabled:       do_enable,
+        configured:    do_config,
+        api_response:  response
       }
     end
 
     # detach network interface
     def detach_interface(id, options = {})
-      interface = IFconfig.filter(id).first
-      raise InvalidParameterError, "Interface #{interface.name} does not exist" unless interface && interface.exists?
-      if options[:name] && interface.name != options[:name]
-        raise InvalidParameterError, "Interface #{interface.interface_id} not found on #{options[:name]}"
-      end
-      if options[:device_number] && interface.device_number != options[:device_number].to_i
-        raise InvalidParameterError, "Interface #{interface.interface_id} not found at index #{options[:device_number]}"
-      end
+      device = IFconfig[id].assert(
+        exists: true,
+        device_name:   options[:device_name],
+        interface_id:  options[:interface_id],
+        device_number: options[:device_number]
+      )
+      interface_id = device.interface_id
 
-      description = client.describe_network_interfaces(filters: [{
+      response = client.describe_network_interfaces(filters: [{
         name: 'attachment.instance-id',
         values: [environment[:instance_id]]
       },{
         name: 'network-interface-id',
-        values: [interface.interface_id]
+        values: [interface_id]
       }])
-      description = description[:network_interfaces].first
-      raise UnknownInterfaceError, "Interface attachment could not be located" unless description
+      interface = response[:network_interfaces].first
+      raise UnknownInterfaceError, "Interface attachment could not be located" unless interface
 
-      interface.disable
-      interface.deconfigure
+      device.disable
+      device.deconfigure
       client.detach_network_interface(
-        attachment_id: description[:attachment][:attachment_id],
+        attachment_id: interface[:attachment][:attachment_id],
         force: true
       )
-      created_by_us = description.tag_set.any? { |tag| tag.key == 'created by' && tag.value == owner_tag }
+      created_by_us = interface.tag_set.any? { |tag| tag.key == 'created by' && tag.value == owner_tag }
       do_delete = options[:delete] || options[:delete].nil? && created_by_us
 
       if options[:block] || do_delete
         wait_for 'the interface to detach', interval: 0.3 do
-          !interface.exists? && interface_status(description[:network_interface_id]) == 'available'
+          !device.exists? && interface_status(interface[:network_interface_id]) == 'available'
         end
       end
-      client.delete_network_interface(network_interface_id: description[:network_interface_id]) if do_delete
+      client.delete_network_interface(network_interface_id: interface[:network_interface_id]) if do_delete
       {
-        id:            description[:network_interface_id],
-        name:          "eth#{description[:attachment][:device_index]}",
-        device_number: description[:attachment][:device_index],
+        interface_id:  interface_id,
+        device_name:   device.name,
+        device_number: device.device_number,
         created_by_us: created_by_us,
         deleted:       do_delete,
-        api_response:  description
+        api_response:  interface
       }
     end
 
@@ -187,14 +187,13 @@ module Aws
 
       descriptions = client.describe_network_interfaces(filters: filters)
       interfaces = descriptions[:network_interfaces].select do |interface|
-        skip = safe_mode && interface.tag_set.any? do |tag|
+        unless safe_mode && interface.tag_set.any? do |tag|
           begin
             tag.key == 'created on' && Time.now - Time.parse(tag.value) < 60
           rescue ArgumentError
             false
           end
         end
-        unless skip
           client.delete_network_interface(network_interface_id: interface[:network_interface_id])
           true
         end
@@ -207,12 +206,53 @@ module Aws
     end
 
     # add new private ip using the AWS api and add it to our local ip config
-    def assign_secondary_ip(interface, options = {})
-      raise NoMethodError, "assign_secondary_ip not yet implemented"
+    def assign_secondary_ip(id, options = {})
+      device = IFconfig[id].assert(
+        exists: true,
+        device_name:   options[:device_name],
+        interface_id:  options[:interface_id],
+        device_number: options[:device_number]
+      )
+      interface_id = device.interface_id
+      current_ips = interface_ips(interface_id)
+      new_ip = options[:private_ip]
+
+      if new_ip = options[:private_ip]
+        if current_ips.include?(new_ip)
+          raise InvalidParameterError, "IP #{new_ip} already assigned to #{device.name}"
+        end
+        client.assign_private_ip_addresses(
+          network_interface_id: interface_id,
+          private_ip_addresses: [new_ip],
+          allow_reassignment: false
+        )
+        wait_for 'private ip address to be assigned' do
+          interface_ips(interface_id).include?(new_ip)
+        end
+      else
+        client.assign_private_ip_addresses(
+          network_interface_id: interface_id,
+          secondary_private_ip_address_count: 1,
+          allow_reassignment: false
+        )
+        wait_for 'new private ip address to be assigned' do
+          new_ips = interface_ips(interface_id) - current_ips
+          new_ip = new_ips.first if new_ips
+        end
+      end
+
+      unless options[:configure] == false
+        device.add_alias(new_ip)
+        if options[:block] && !IFconfig.test(new_ip, target: device.gateway)
+          raise TimeoutError, "Timed out waiting for ip address to become active"
+        end
+      end
       {
-        private_ip:   '0.0.0.0',
-        device_name:  'eth0',
-        interface_id: 'eni-1a2b3c4d'
+        private_ip:    new_ip,
+        interface_id:  interface_id,
+        device_name:   device.name,
+        device_number: device.device_number,
+        interface_ips: current_ips << new_ip
       }
     end
 
@@ -232,14 +272,46 @@ module Aws
 
     # associate a private ip with an elastic ip through the AWS api
     def associate_elastic_ip(private_ip, options = {})
-      raise NoMethodError, "associate_elastic_ip not yet implemented"
+      find = options[:device_name] || options[:device_number] || options[:interface_id] || private_ip
+      device = IFconfig[find].assert(
+        exists: true,
+        private_ip:    private_ip,
+        device_name:   options[:device_name],
+        interface_id:  options[:interface_id],
+        device_number: options[:device_number]
+      )
+      options[:public_ip] ||= options[:allocation_id]
+
+      if public_ip = device.public_ips[private_ip]
+        raise InvalidParameterError, "IP #{private_ip} already has an associated EIP (#{public_ip})"
+      end
+
+      if options[:public_ip]
+        eip = describe_address(options[:public_ip])
+        if options[:allocation_id] && eip[:allocation_id] != options[:allocation_id]
+          raise InvalidParameterError, "EIP #{eip[:public_ip]} (#{eip[:allocation_id]}) does not match #{options[:allocation_id]}"
+        end
+      else
+        eip = allocate_elastic_ip
+      end
+
+      resp = client.associate_address(
+        network_interface_id: device.interface_id,
+        allocation_id:        eip[:allocation_id],
+        private_ip_address:   private_ip,
+        allow_reassociation:  false
+      )
+
+      if options[:block] && !IFconfig.test(private_ip)
+        raise TimeoutError, "Timed out waiting for ip address to become active"
+      end
       {
-        private_ip:     '0.0.0.0',
-        device_name:    'eth0',
-        interface_id:   'eni-1a2b3c4d',
-        public_ip:      '0.0.0.0',
-        allocation_id:  'eipalloc-1a2b3c4d',
-        association_id: 'eipassoc-1a2b3c4d'
+        private_ip:     private_ip,
+        device_name:    device.name,
+        interface_id:   device.interface_id,
+        public_ip:      eip[:public_ip],
+        allocation_id:  eip[:allocation_id],
+        association_id: resp[:association_id]
       }
     end
 
@@ -260,19 +332,23 @@ module Aws
 
     # allocate a new elastic ip address
     def allocate_elastic_ip
-      raise NoMethodError, "allocate_elastic_ip not yet implemented"
+      eip = client.allocate_address(domain: 'vpc')
       {
-        public_ip:     '0.0.0.0',
-        allocation_id: 'eipalloc-1a2b3c4d'
+        public_ip:     eip[:public_ip],
+        allocation_id: eip[:allocation_id]
       }
     end
 
     # release the specified elastic ip address
-    def release_elastic_ip(ip, options = {})
-      raise NoMethodError, "release_elastic_ip not yet implemented"
+    def release_elastic_ip(ip)
+      eip = describe_address(ip)
+      if eip[:association_id]
+        raise AWSPermissionError, "Elastic IP #{eip[:public_ip]} (#{eip[:allocation_id]}) is currently in use"
+      end
+      client.release_address(allocation_id: eip[:allocation_id])
       {
-        public_ip:     '0.0.0.0',
-        allocation_id: 'eipalloc-1a2b3c4d'
+        public_ip:     eip[:public_ip],
+        allocation_id: eip[:allocation_id]
       }
     end
 
@@ -308,7 +384,21 @@ module Aws
         create_tags: {
           resources: ['eni-abcd1234'],
           tags: []
+        },
+        describe_addresses: nil,
+        allocate_address: nil,
+        release_address: {
+          dry_run: true,
+          allocation_id: 'eipalloc-no_exist'
+        },
+        associate_address: {
+          allocation_id: 'eipalloc-no_exist',
+          network_interface_id: 'eni-abcd1234'
         }
+        # has no dry_run method
+        # assign_private_ip_addresses: {
+        #   network_interface_id: 'eni-abcd1234'
+        # }
       }
       test_methods.each do |method, params|
         begin
@@ -318,6 +408,8 @@ module Aws
           raise Error, "Unexpected behavior while testing AWS API access"
         rescue Aws::EC2::Errors::DryRunOperation
           # success
+        rescue Aws::EC2::Errors::InvalidAllocationIDNotFound
+          # release_address does not properly support dry_run
         rescue Aws::EC2::Errors::UnauthorizedOperation
           return false
         end
@@ -331,6 +423,29 @@ module Aws
 
     private
 
+    # use either an ip address or allocation id
+    def describe_address(address)
+      filter_by = address =~ Resolv::IPv4::Regex ? 'public-ip' : 'allocation-id'
+      resp = client.describe_addresses(filters: [
+        { name: 'domain', values: ['vpc'] },
+        { name: filter_by, values: [address] }
+      ])
+      raise InvalidParameterError, "IP #{address} could not be located" if resp[:addresses].empty?
+      resp[:addresses].first
+    end
+
+    def interface_ips(id)
+      resp = client.describe_network_interfaces(network_interface_ids: [id])
+      interface = resp[:network_interfaces].first
+      if interface && interface[:private_ip_addresses]
+        primary = interface[:private_ip_addresses].find { |ip| ip[:primary] }
+        interface[:private_ip_addresses].map { |ip| ip[:private_ip_address] }.tap do |ips|
+          # ensure primary ip is first in the list
+          ips.unshift(*ips.delete(primary[:private_ip_address])) if primary
+        end
+      end
+    end
+
     def interface_status(id)
       resp = client.describe_network_interfaces(network_interface_ids: [id])
       resp[:network_interfaces].first[:status] unless resp[:network_interfaces].empty?

data/lib/aws-eni/ifconfig.rb

@@ -13,10 +13,23 @@ module Aws
 
         # Array-like accessor to automatically instantiate our class
         def [](index)
-          index = $1.to_i if index.to_s =~ /^(?:eth)?([0-9]+)$/
-          index ||= next_available_index
-          @instance_cache ||= []
-          @instance_cache[index] ||= new("eth#{index}", false)
+          case index
+          when Integer
+            @instance_cache ||= []
+            @instance_cache[index] ||= new("eth#{index}", false)
+          when nil
+            self[next_available_index]
+          when /^(?:eth)?([0-9]+)$/
+            self[$1.to_i]
+          when /^eni-/
+            find { |dev| dev.instance_id == index }
+          when /^[0-9a-f:]+$/i
+            find { |dev| dev.hwaddr.casecmp(index) == 0 }
+          when /^[0-9\.]+$/
+            find { |dev| dev.has_ip?(index) }
+          end.tap do |dev|
+            raise UnknownInterfaceError, "No interface found matching #{index}" unless dev
+          end
         end
 
         # Purge and deconfigure non-existent interfaces from the cache
@@ -25,11 +38,6 @@ module Aws
           @instance_cache.map!{ |dev| dev if dev.exists? }
         end
 
-        # Return array of available ethernet interfaces
-        def existing
-          Dir.entries("/sys/class/net/").grep(/^eth[0-9]+$/){ |name| self[name] }
-        end
-
         # Return the next unused device index
         def next_available_index
           for index in 0..32 do
@@ -39,7 +47,7 @@ module Aws
 
         # Iterate over available ethernet interfaces (required for Enumerable)
         def each(&block)
-          existing.each(&block)
+          Dir.entries("/sys/class/net/").grep(/^eth[0-9]+$/){ |name| self[name] }.each(&block)
         end
 
         # Return array of enabled interfaces
@@ -63,38 +71,65 @@ module Aws
 
         # Return an array of available interfaces identified by name, id,
         # hwaddr, or subnet id.
-        def filter(match = nil)
-          return existing unless match
-          select{ |dev| dev.is?(match) }.tap do |result|
-            raise UnknownInterfaceError, "No interface found matching \"#{match}\"" if result.empty?
+        def filter(filter = nil)
+          case filter
+          when nil
+            to_a
+          when /^eni-/, /^eth[0-9]+$/, /^[0-9a-f:]+$/i, /^[0-9\.]+$/
+            self[filter].to_a
+          when /^subnet-/
+            select { |dev| dev.subnet_id == filter }
+          end.tap do |devs|
+            raise UnknownInterfaceError, "No interface found matching #{filter}" if devs.nil? || devs.empty?
           end
         end
 
         # Test whether we have permission to run RTNETLINK commands
         def mutable?
-          exec 'link set dev eth0' # random innocuous command
+          cmd('link set dev eth0') # innocuous command
           true
         rescue PermissionError
           false
         end
 
-        # Execute a command
+        # Execute an 'ip' command
+        def cmd(command, options = {})
+          errors = options[:errors]
+          options[:errors] = true
+          begin
+            exec("/sbin/ip #{command}", options)
+          rescue CommandError => e
+            case e.message
+            when /operation not permitted/i
+              raise PermissionError, "Operation not permitted"
+            else
+              raise if errors
+            end
+          end
+        end
+
+        # Test connectivity from a given ip address
+        def test(ip, options = {})
+          timeout = Integer(options[:timeout] || 30)
+          target = options[:target] || '8.8.8.8'
+          !!exec("ping -w #{timeout} -c 1 -I #{ip} #{target}")
+        end
+
+        # Execute a command, returns output as string or nil on error
         def exec(command, options = {})
           output = nil
+          errors = options[:errors]
           verbose = self.verbose || options[:verbose]
-          raise_errors = options[:raise_errors]
-          puts "ip #{command}" if verbose
-
-          Open3.popen3("/sbin/ip #{command}") do |i,o,e,t|
-            unless t.value.success?
-              error_msg = e.read
-              if error_msg =~ /operation not permitted/i
-                raise PermissionError, "Operation not permitted"
-              end
-              warn "Warning: #{error_msg}" if verbose
-              raise CommandError, error_msg if raise_errors
+
+          puts command if verbose
+          Open3.popen3(command) do |i,o,e,t|
+            if t.value.success?
+              output = o.read
+            else
+              error = e.read
+              warn "Warning: #{error}" if verbose
+              raise CommandError, error if errors
             end
-            output = o.read
           end
           output
         end
@@ -159,10 +194,18 @@ module Aws
         info[:subnet_cidr]
       end
 
+      def gateway
+        IPAddr.new(subnet_cidr).succ.to_s
+      end
+
+      def prefix
+        subnet_cidr.split('/').last.to_i
+      end
+
       # Return an array of configured ip addresses (primary + secondary)
       def local_ips
-        list = exec("addr show dev #{name} primary") +
-               exec("addr show dev #{name} secondary")
+        list = cmd("addr show dev #{name} primary") +
+               cmd("addr show dev #{name} secondary")
         list.lines.grep(/inet ([0-9\.]+)\/.* #{name}/i){ $1 }
       end
 
@@ -180,29 +223,29 @@ module Aws
         ip_assoc
       end
 
-      # Enable our interface
+      # Enable our interface and create necessary routes
       def enable
-        exec("link set dev #{name} up")
+        cmd("link set dev #{name} up")
+        cmd("route add default via #{gateway} dev #{name} table #{route_table}")
+        cmd("route flush cache")
       end
 
       # Disable our interface
       def disable
-        exec("link set dev #{name} down")
+        cmd("link set dev #{name} down")
       end
 
       # Check whether our interface is enabled
       def enabled?
-        exists? && exec("link show up").include?(name)
+        exists? && cmd("link show up").include?(name)
       end
 
       # Initialize a new interface config
       def configure(dry_run = false)
         changes = 0
-        info = self.info
-        prefix = info[:subnet_cidr].split('/').last.to_i
-        gateway = IPAddr.new(info[:subnet_cidr]).succ.to_s
+        prefix = self.prefix # prevent exists? check on each use
 
-        meta_ips = Meta.get("network/interfaces/macs/#{info[:hwaddr]}/local-ipv4s").lines.map(&:strip)
+        meta_ips = Meta.get("network/interfaces/macs/#{hwaddr}/local-ipv4s").lines.map(&:strip)
         local_primary, *local_aliases = local_ips
         meta_primary, *meta_aliases = meta_ips
 
@@ -210,35 +253,34 @@ module Aws
         if name != 'eth0' && local_primary != meta_primary
           unless dry_run
             deconfigure
-            exec("addr add #{meta_primary}/#{prefix} brd + dev #{name}")
-            exec("route add default via #{gateway} dev #{name} table #{route_table}")
-            exec("route flush cache")
+            cmd("addr add #{meta_primary}/#{prefix} brd + dev #{name}")
           end
           changes += 1
         end
 
         # add missing secondary ips
         (meta_aliases - local_aliases).each do |ip|
-          exec("addr add #{ip}/#{prefix} brd + dev #{name}") unless dry_run
+          cmd("addr add #{ip}/#{prefix} brd + dev #{name}") unless dry_run
           changes += 1
         end
 
         # remove extra secondary ips
         (local_aliases - meta_aliases).each do |ip|
-          exec("addr del #{ip}/#{prefix} dev #{name}") unless dry_run
+          cmd("addr del #{ip}/#{prefix} dev #{name}") unless dry_run
           changes += 1
         end
 
+        # add and remove source-ip based rules
         unless name == 'eth0'
           rules_to_add = meta_ips || []
-          exec("rule list").lines.grep(/^([0-9]+):.*\s([0-9\.]+)\s+lookup #{route_table}/) do
+          cmd("rule list").lines.grep(/^([0-9]+):.*\s([0-9\.]+)\s+lookup #{route_table}/) do
             unless rules_to_add.delete($2)
-              exec("rule delete pref #{$1}") unless dry_run
+              cmd("rule delete pref #{$1}") unless dry_run
               changes += 1
             end
           end
           rules_to_add.each do |ip|
-            exec("rule add from #{ip} lookup #{route_table}") unless dry_run
+            cmd("rule add from #{ip} lookup #{route_table}") unless dry_run
             changes += 1
           end
         end
@@ -251,67 +293,105 @@ module Aws
       def deconfigure
         # assume eth0 primary ip is managed by dhcp
         if name == 'eth0'
-          exec("addr flush dev eth0 secondary")
+          cmd("addr flush dev eth0 secondary")
         else
-          exec("rule list").lines.grep(/^([0-9]+):.*lookup #{route_table}/) do
-            exec("rule delete pref #{$1}")
+          cmd("rule list").lines.grep(/^([0-9]+):.*lookup #{route_table}/) do
+            cmd("rule delete pref #{$1}")
           end
-          exec("addr flush dev #{name}")
-          exec("route flush table #{route_table}")
-          exec("route flush cache")
+          cmd("addr flush dev #{name}")
+          cmd("route flush table #{route_table}")
+          cmd("route flush cache")
         end
         @clean = true
       end
 
       # Add a secondary ip to this interface
       def add_alias(ip)
-        prefix = info[:subnet_cidr].split('/').last.to_i
-        exec("addr add #{ip}/#{prefix} brd + dev #{name}")
-
-        unless name == 'eth0' || exec("rule list") =~ /from #{ip} lookup #{route_table}/
-          exec("rule add from #{ip} lookup #{route_table}")
+        cmd("addr add #{ip}/#{prefix} brd + dev #{name}")
+        unless name == 'eth0' || cmd("rule list").include?("from #{ip} lookup #{route_table}")
+          cmd("rule add from #{ip} lookup #{route_table}")
         end
       end
 
       # Remove a secondary ip from this interface
       def remove_alias
-        prefix = info[:subnet_cidr].split('/').last.to_i
-        exec("addr del #{ip}/#{prefix} dev #{name}")
-
-        if name != 'eth0' && exec("rule list") =~ /([0-9]+):\s+from #{ip} lookup #{route_table}/
-          exec("rule delete pref #{$1}")
+        cmd("addr del #{ip}/#{prefix} dev #{name}")
+        unless name == 'eth0' || !cmd("rule list").match(/([0-9]+):\s+from #{ip} lookup #{route_table}/)
+          cmd("rule delete pref #{$1}")
         end
       end
 
-      # Identify this interface by one of its attributes
-      def is?(match)
-        if match == name
-          true
+      # Return true if the ip address is associated with this interface
+      def has_ip?(ip_addr)
+        if IPAddr.new(subnet_cidr) === IPAddr.new(ip_addr)
+          # ip within subnet
+          local_ips.include? ip_addr
         else
-          info = self.info
-          match == info[:interface_id] || match == info[:hwaddr] || match == info[:subnet_id]
+          # ip outside subnet
+          public_ips.has_value? ip_addr
+        end
+      end
+
+      # Throw exception unless this interface matches the provided attributes
+      # else returns self
+      def assert(attr)
+        error = nil
+        attr.find do |attr,val|
+          next if val.nil?
+          error = case attr
+            when :exists
+              if val
+                "The specified interface does not exist." unless exists?
+              else
+                "Interface #{name} exists." if exists?
+              end
+            when :enabled
+              if val
+                "Interface #{name} is not enabled." unless enabled?
+              else
+                "Interface #{name} is not disabled." if enabled?
+              end
+            when :name, :device_name
+              "The specified interface does not match" unless name == val
+            when :index, :device_index, :device_number
+              "Interface #{name} is device number #{val}" unless device_number == val.to_i
+            when :hwaddr
+              "Interface #{name} does not match hwaddr #{val}" unless hwaddr == val
+            when :interface_id
+              "Interface #{name} does not have interface id #{val}" unless interface_id == val
+            when :subnet_id
+              "Interface #{name} does not have subnet id #{val}" unless subnet_id == val
+            when :ip, :has_ip
+              "Interface #{name} does not have IP #{val}" unless has_ip? val
+            when :public_ip
+              "Interface #{name} does not have private IP #{val}" unless public_ips.include? val
+            when :local_ip, :private_ip
+              "Interface #{name} does not have private IP #{val}" unless local_ips.include? val
+            else
+              "Unknown attribute: #{attr}"
+            end
         end
+        raise UnknownInterfaceError, error if error
+        self
       end
 
       # Return an array representation of our interface config, including public
       # ip associations and enabled status
       def to_h
-        info.merge({
+        info.merge(
           name:          name,
           device_number: device_number,
           route_table:   route_table,
           local_ips:     local_ips,
           public_ips:    public_ips,
           enabled:       enabled?
-        })
+        )
       end
 
       private
 
       # Alias for static method
-      def exec(command, options = {})
-        self.class.exec(command, options)
-      end
+      def cmd(*args) self.class.cmd(*args) end
     end
   end
 end

data/lib/aws-eni/version.rb

@@ -1,5 +1,5 @@
 module Aws
   module ENI
-    VERSION = "0.1.2"
+    VERSION = "0.1.3"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-eni
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
 platform: ruby
 authors:
 - Mike Greiling
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-28 00:00:00.000000000 Z
+date: 2015-04-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gli