chef-provisioning-oneview 1.0.1 → 1.1.0

data/lib/chef/provisioning/oneview/san_storage.rb

@@ -0,0 +1,91 @@
+# Methods for configuring SAN storage on OneView
+module OneViewSanStorage
+  def fill_volume_details(v)
+    details = rest_api(:oneview, :get, v['volumeUri'])
+    v['volumeName'] = details['name']
+    v['permanent'] = details['isPermanent']
+    v['volumeShareable'] = details['shareable']
+    v['volumeProvisionType'] = details['provisionType']
+    v['volumeProvisionedCapacityBytes'] = details['provisionedCapacity']
+    v['volumeDescription'] = details['description']
+    v
+  end
+
+  # Prepare profile for SAN storage
+  def update_san_info(machine_spec, profile)
+    san_storage = profile['sanStorage']
+    return profile unless san_storage && !san_storage['volumeAttachments'].empty?
+
+    # Sanitize old SAN entries and fill in details
+    boot_vols = []
+    san_storage['volumeAttachments'].each do |v|
+      fill_volume_details(v) unless profile['serverProfileTemplateUri']
+      fail "#{machine_spec.name}: Should know if volume is sharable:\n#{v}" unless v.key?('volumeShareable')
+
+      # Match boot disks by name
+      boot_vols.push(v['volumeName']) if v['volumeName'].downcase.match(/^boot/)
+      v['volumeName'] += " #{profile['name']}" unless v['volumeShareable'] # Append profile name to volume name
+
+      unless profile['serverProfileTemplateUri'] # Only needed when coppied from profile
+        v['state'] = nil
+        v['status'] = nil
+        v['storagePaths'].each { |s| s['status'] = nil }
+
+        unless v['volumeShareable']
+          # It is private in the profile, so we will clone it
+          v['volumeUri'] = nil
+
+          # Assumes all cloned volumes are non-permanet. Might want some global config to control this
+          v['permanent'] = false
+          v['lun'] = nil if v['lunType'].downcase == 'auto'
+        end
+      end
+    end
+    fail "#{machine_spec.name}: There should only be 1 SAN boot volume. Boot volumes: #{boot_vols}" if boot_vols.size > 1
+    profile
+  end
+
+  # Make sure connections for SAN boot volumes are configured to boot from the correct SAN volume
+  def enable_boot_from_san(action_handler, machine_spec, profile)
+    return false if profile['connections'].nil? || profile['connections'].empty?
+
+    # If there is a san volume we might need to update boot connections
+    update_needed = false
+    profile['sanStorage']['volumeAttachments'].each do |v|
+      vol_details = rest_api(:oneview, :get, v['volumeUri'])
+      next unless vol_details['name'].downcase.match(/^boot/)
+      # Find the enabled path(s), get target wwpn, and then update connection, setting boot targets
+      v['storagePaths'].each do |s|
+        next if !s['isEnabled'] || s['storageTargets'].nil? || s['storageTargets'].empty?
+        connection = profile['connections'].find { |c| c['id'] == s['connectionId'] }
+        fail "#{machine_spec.name}: Connection #{s['connectionId']} not found! Check SAN settings" unless connection
+        if connection['boot'].nil? || connection['boot']['priority'] == 'NotBootable'
+          msg = "#{machine_spec.name}: Connection #{s['connectionId']} is labeled for boot, but the connection is not marked as bootable."
+          fail "#{msg} Set the connection boot target to Primary or Secondary"
+        end
+        target = {}
+        target['arrayWwpn'] = s['storageTargets'].first.delete(':')
+        target['lun'] = v['lun']
+        unless connection['boot']['targets'] && connection['boot']['targets'].first &&
+               connection['boot']['targets'].first['arrayWwpn'] == target['arrayWwpn'] &&
+               connection['boot']['targets'].first['lun'] == target['lun']
+          connection['boot']['targets'] = [target]
+          update_needed = true
+        end
+      end
+    end
+
+    if update_needed
+      action_handler.perform_action "Enable SAN-bootable connections for #{machine_spec.name}" do
+        action_handler.report_progress "INFO: Enabling SAN-bootable connections for #{machine_spec.name}"
+        power_off(action_handler, machine_spec, profile['serverHardwareUri'])
+        task = rest_api(:oneview, :put, profile['uri'], { 'body' => profile })
+        task = oneview_wait_for(task['uri'], 90) # Wait for up to 15 min for profile to be updated
+        fail "Timed out waiting for enabling SAN-bootable connections on #{machine_spec.name}" if task == false
+        fail "Error enabling SAN-bootable connections on #{machine_spec.name}. Response: #{task}" unless task == true
+      end
+      profile = rest_api(:oneview, :get, profile['uri'])
+    end
+    profile # Return profile
+  end
+end

data/lib/chef/provisioning/oneview/v1.2/api.rb

@@ -0,0 +1,3 @@
+module OneViewAPIv1_2
+  # TODO
+end

data/lib/chef/provisioning/oneview_driver.rb

@@ -7,12 +7,20 @@ require 'chef/provisioning/machine/unix_machine'
 require 'json'
 require 'ridley'
 require_relative 'driver_init/oneview'
-require_relative 'oneview/version'
+require_relative 'version'
+require_relative 'rest'
+require_relative 'create_machine'
+require_relative 'customize_machine'
 require_relative 'oneview/oneview_api'
+require_relative 'icsp/icsp_api'
 
 module Chef::Provisioning
   class OneViewDriver < Chef::Provisioning::Driver
+    include CreateMachine
+    include CustomizeMachine
+    include RestAPI
     include OneViewAPI
+    include ICspAPI
 
     def self.canonicalize_url(url, config)
       _scheme, oneview_url = url.split(':', 2)
@@ -37,7 +45,8 @@ module Chef::Provisioning
       @oneview_password    = config[:knife][:oneview_password]
       fail 'Must set the knife[:oneview_password] attribute!' if @oneview_password.nil? || @oneview_password.empty?
       @oneview_disable_ssl = config[:knife][:oneview_ignore_ssl]
-      @oneview_api_version = 120 # get_oneview_api_version
+      @oneview_api_version = 120 # Use this version for all calls that don't override it
+      @current_oneview_api_version = get_oneview_api_version
       @oneview_key         = login_to_oneview
 
       @icsp_base_url       = config[:knife][:icsp_url]
@@ -47,7 +56,8 @@ module Chef::Provisioning
       @icsp_password       = config[:knife][:icsp_password]
       fail 'Must set the knife[:icsp_password] attribute!' if @icsp_password.nil? || @icsp_password.empty?
       @icsp_disable_ssl    = config[:knife][:icsp_ignore_ssl]
-      @icsp_api_version    = 102 # get_icsp_api_version
+      @icsp_api_version    = 102 # Use this version for all calls that don't override it
+      @current_icsp_api_version = get_icsp_api_version
       @icsp_key            = login_to_icsp
     end
 
@@ -58,6 +68,9 @@ module Chef::Provisioning
         if get_oneview_profile_by_sn(machine_spec.reference['serial_number']).nil? # It doesn't really exist
           action_handler.report_progress "Machine #{host_name} does not really exist.  Recreating ..."
           machine_spec.reference = nil
+        else # Update reference data
+          machine_spec.reference['driver_url'] = driver_url
+          machine_spec.reference['driver_version'] = ONEVIEW_DRIVER_VERSION
         end
       end
       if !machine_spec.reference
@@ -82,6 +95,7 @@ module Chef::Provisioning
 
     def ready_machine(action_handler, machine_spec, machine_options)
       profile = get_oneview_profile_by_sn(machine_spec.reference['serial_number'])
+      fail "Failed to retrieve Server Profile for #{machine_spec.name}. Serial Number used to search: #{machine_spec.reference['serial_number']}" unless profile
       customize_machine(action_handler, machine_spec, machine_options, profile)
       machine_for(machine_spec, machine_options) # Return the Machine object
     end
@@ -89,10 +103,24 @@ module Chef::Provisioning
 
     def machine_for(machine_spec, machine_options)
       bootstrap_ip_address = machine_options[:driver_options][:ip_address]
+      unless bootstrap_ip_address
+        id, connection = machine_options[:driver_options][:connections].find { |_id, c| c[:bootstrap] == true }
+        fail 'Must specify a connection to use to bootstrap!' unless id && connection
+        bootstrap_ip_address = connection[:ip4Address] # For static IPs
+        unless bootstrap_ip_address # Look for dhcp address given to this connection
+          profile = get_oneview_profile_by_sn(machine_spec.reference['serial_number'])
+          my_server = get_icsp_server_by_sn(machine_spec.reference['serial_number'])
+          mac = profile['connections'].find {|x| x['id'] == id}['mac']
+          interface = my_server['interfaces'].find { |i| i['macAddr'] == mac }
+          bootstrap_ip_address = interface['ipv4Addr'] || interface['ipv6Addr']
+        end
+        bootstrap_ip_address ||= my_server['hostName'] # Fall back on hostName
+      end
+      fail 'Server IP address not specified and could not be retrieved!' unless bootstrap_ip_address
       username = machine_options[:transport_options][:user] || 'root' rescue 'root'
       default_ssh_options = {
-        # auth_methods: ['publickey'],
-        # keys: ['/home/username/.vagrant.d/insecure_private_key'],
+        # auth_methods: ['password', 'publickey'],
+        # keys: ['~/.ssh/id_rsa'],
         password: Chef::Config.knife[:node_root_password]
       }
       ssh_options = machine_options[:transport_options][:ssh_options] || default_ssh_options rescue default_ssh_options
@@ -169,5 +197,14 @@ module Chef::Provisioning
       machine_for(machine_spec, machine_options)
     end
 
+    private
+
+    # Login to both OneView and ICsp
+    def auth_tokens
+      @icsp_key  ||= login_to_icsp
+      @oneview_key ||= login_to_oneview
+      { 'icsp_key' => @icsp_key, 'oneview_key' => @oneview_key }
+    end
+
   end # class end
 end # module end

data/lib/chef/provisioning/rest.rb

@@ -0,0 +1,51 @@
+module RestAPI
+  # API calls for OneView and ICsp
+  def rest_api(host, type, path, options = {})
+    disable_ssl = false
+    case host
+    when 'icsp', :icsp
+      uri = URI.parse(URI.escape(@icsp_base_url + path))
+      options['X-API-Version'] ||= @icsp_api_version unless [:put, 'put'].include?(type.downcase)
+      options['auth'] ||= @icsp_key
+      disable_ssl = true if @icsp_disable_ssl
+    when 'oneview', :oneview
+      uri = URI.parse(URI.escape(@oneview_base_url + path))
+      options['X-API-Version'] ||= @oneview_api_version
+      options['auth'] ||= @oneview_key
+      disable_ssl = true if @oneview_disable_ssl
+    else
+      fail "Invalid rest host: #{host}"
+    end
+
+    http = Net::HTTP.new(uri.host, uri.port)
+    http.use_ssl = true if uri.scheme == 'https'
+    http.verify_mode = OpenSSL::SSL::VERIFY_NONE if disable_ssl
+
+    case type.downcase
+    when 'get', :get
+      request = Net::HTTP::Get.new(uri.request_uri)
+    when 'post', :post
+      request = Net::HTTP::Post.new(uri.request_uri)
+    when 'put', :put
+      request = Net::HTTP::Put.new(uri.request_uri)
+    when 'delete', :delete
+      request = Net::HTTP::Delete.new(uri.request_uri)
+    else
+      fail "Invalid rest call: #{type}"
+    end
+    options['Content-Type'] ||= 'application/json'
+    options.delete('Content-Type')  if [:none, 'none', nil].include?(options['Content-Type'])
+    options.delete('X-API-Version') if [:none, 'none', nil].include?(options['X-API-Version'])
+    options.delete('auth')          if [:none, 'none', nil].include?(options['auth'])
+    options.each do |key, val|
+      if key.downcase == 'body'
+        request.body = val.to_json rescue val
+      else
+        request[key] = val
+      end
+    end
+
+    response = http.request(request)
+    JSON.parse(response.body) rescue response
+  end
+end # End module

data/lib/chef/provisioning/{oneview/version.rb → version.rb}

@@ -1,5 +1,5 @@
 class Chef
   module Provisioning
-    ONEVIEW_DRIVER_VERSION = '1.0.1'
+    ONEVIEW_DRIVER_VERSION = '1.1.0'
   end
 end

data/spec/shared_context.rb

@@ -0,0 +1,77 @@
+RSpec.shared_context 'shared context', a: :b do
+
+  domain = 'my-domain.com'
+  chef_server = "https://my-chef-server.#{domain}/organizations/oneview"
+  oneview = "https://my-oneview.#{domain}"
+  icsp = "https://my-icsp.#{domain}"
+
+  let(:knife_config) do
+    { knife: {
+      oneview_url: oneview,
+      oneview_username: 'Administrator',
+      oneview_password: 'password12',
+      oneview_ignore_ssl: true,
+
+      icsp_url: icsp,
+      icsp_username: 'administrator',
+      icsp_password: 'password123'
+    } }
+  end
+
+  let(:valid_machine_options) do
+    {
+      convergence_options: {
+        ssl_verify_mode: :verify_none,
+        bootstrap_proxy: "http://proxy.#{domain}:8080",
+        chef_server: {
+          chef_server_url: chef_server,
+          options: {
+            client_name: 'user',
+            signing_key_filename: 'spec/fixtures/.chef/user.pem'
+          }
+        }
+      },
+      driver_options: {
+        server_template: 'Template - Web Server',
+        os_build: 'CHEF-RHEL-6.5-x64',
+        host_name: 'chef-web01',
+        ip_address: '192.168.1.2',
+        domainType: 'workgroup',
+        domainName: domain,
+        gateway: '192.168.1.1',
+        dns: '192.168.1.1,10.1.1.1',
+        connections: {
+          1 => { dhcp: true, team: 'team1' },
+          2 => { ip4Address: '192.168.1.2', mask: '255.255.254.0', dhcp: false, team: 'team1' }
+        }
+      },
+      custom_attributes: {
+
+      },
+      transport_options: {
+        ssh_options: { password: 'password1234' }
+      }
+    }
+  end
+
+  let(:action_handler) do
+    ChefProvisioningOneviewHelpers::FakeActionHandler.new
+  end
+
+  let(:machine_spec) do
+    ChefProvisioningOneviewHelpers::FakeMachineSpec.new('server-1', 'VCGE9KB041')
+  end
+
+  let(:machine_spec2) do
+    ChefProvisioningOneviewHelpers::FakeMachineSpec.new('server-2', '789123')
+  end
+
+  before :each do
+    @oneview_key = 'A954A2A6Psy7Alg3HApAcEbAcAwa-ftA'
+    @icsp_key = 'AA_aaAaa3AA3Aa0_aAaAA4AAAA3AAAAA'
+    @url = oneview
+    @canonical_url = "oneview:#{@url}"
+    @instance = Chef::Provisioning::OneViewDriver.new(@canonical_url, knife_config)
+  end
+
+end

data/spec/spec_helper.rb

@@ -1,20 +1,22 @@
 require 'pry'
+require 'webmock/rspec'
+require 'simplecov'
+SimpleCov.start
+
 require_relative './../lib/chef/provisioning/driver_init/oneview'
 require_relative 'support/fake_oneview'
 require_relative 'support/fake_icsp'
-require 'webmock/rspec'
+require_relative 'support/fake_machine_spec'
+require_relative 'support/fake_action_handler'
+require_relative 'shared_context'
 # WebMock.disable_net_connect!(allow_localhost: true)
 
 RSpec.configure do |config|
   config.before(:each) do
-    allow_any_instance_of(Chef::Provisioning::OneViewDriver).to receive(:get_oneview_api_version).and_return(120)
-    allow_any_instance_of(Chef::Provisioning::OneViewDriver).to receive(:get_icsp_api_version).and_return(102)
-    allow_any_instance_of(Chef::Provisioning::OneViewDriver).to receive(:login_to_oneview).and_return('long_oneview_key')
-    allow_any_instance_of(Chef::Provisioning::OneViewDriver).to receive(:login_to_icsp).and_return('long_icsp_key')
-
     stub_request(:any, /my-oneview.my-domain.com/).to_rack(FakeOneView)
     stub_request(:any, /my-icsp.my-domain.com/).to_rack(FakeIcsp)
   end
+
 end
 
 # Chef::Log.level = :debug

data/spec/support/fake_icsp.rb

@@ -1,21 +1,73 @@
-require 'sinatra/base'
-
-class FakeIcsp < Sinatra::Base
-  get '/rest/version' do
-    version = request['X-API-Version'] # TODO
-    json_response(200, 'version.json', version)
-  end
-
-  post '/rest/login-sessions' do
-    version = request['X-API-Version'] # TODO
-    json_response(200, 'login.json', version)
-  end
-
-  private
-
-  def json_response(response_code, file_name, version = 102)
-    content_type :json
-    status response_code
-    File.open(File.dirname(__FILE__) + "/fixtures/icsp/v#{version.gsub('.', '')}/" + file_name, 'rb').read
-  end
-end
+require 'sinatra/base'
+require 'json'
+
+class FakeIcsp < Sinatra::Base
+
+  get '/rest/version' do
+    json_response(200, 'version.json', '102')
+  end
+
+  get '/rest/index/resources' do
+    version = env['HTTP_X_API_VERSION']
+    category = params['category']
+    return json_response(404, 'error_404.json', version) if category.nil?
+    if category == 'osdserver' && params['query'].match(/osdServerSerialNumber:"VCGE9KB041"/)
+      return json_response(200, 'server_by_sn_VCGE9KB041.json', version)
+    elsif category == 'osdserver' && params['query'].match(/osdServerSerialNumber:"FAKESN"/)
+      return json_response(200, 'server_by_sn_empty.json', version)
+    else
+      return json_response(404, 'error_404.json', version)
+    end
+  end
+
+  get '/rest/os-deployment-servers' do
+    version = env['HTTP_X_API_VERSION']
+    json_response(200, 'os-deployment-servers.json', version)
+  end
+
+  get '/rest/os-deployment-servers/:id' do
+    version = env['HTTP_X_API_VERSION']
+    if params[:id] == '1670001'
+      return json_response(200, 'os-deployment-servers_1670001.json', version)
+    else
+      return json_response(200, 'os-deployment-servers_fakesn.json', version)
+    end
+  end
+
+  post '/rest/login-sessions' do
+    version = env['HTTP_X_API_VERSION']
+    json_response(200, 'login.json', version)
+  end
+
+  get '/' do
+    { message: 'Fake ICsp works!', method: env['REQUEST_METHOD'], content_type: env['CONTENT_TYPE'], query: env['QUERY_STRING'],
+      api_version: env['HTTP_X_API_VERSION'], auth: env['HTTP_AUTH'], params: params }.to_json
+  end
+
+  post '/' do
+    { message: 'Fake ICsp works!', method: env['REQUEST_METHOD'], content_type: env['CONTENT_TYPE'], query: env['QUERY_STRING'],
+      api_version: env['HTTP_X_API_VERSION'], auth: env['HTTP_AUTH'], params: params }.to_json
+  end
+
+  put '/' do
+    { message: 'Fake ICsp works!', method: env['REQUEST_METHOD'], content_type: env['CONTENT_TYPE'], query: env['QUERY_STRING'],
+      api_version: env['HTTP_X_API_VERSION'], auth: env['HTTP_AUTH'], params: params }.to_json
+  end
+
+  delete '/' do
+    { message: 'Fake ICsp works!', method: env['REQUEST_METHOD'], content_type: env['CONTENT_TYPE'], query: env['QUERY_STRING'],
+      api_version: env['HTTP_X_API_VERSION'], auth: env['HTTP_AUTH'], params: params }.to_json
+  end
+
+  get '/*' do # All other paths should return a 404 error
+    json_response(404, 'error_404.json', '102')
+  end
+
+  private
+
+  def json_response(response_code, file_name, version = 102)
+    content_type :json
+    status response_code
+    File.open(File.dirname(__FILE__) + "/fixtures/icsp/v#{version}/" + file_name, 'rb').read
+  end
+end