chef-provisioning-opennebula 0.3.4

data/lib/chef/provider/one_vnet.rb

@@ -0,0 +1,122 @@
+# Copyright 2015, BlackBerry, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# Implementation of Provider class.
+#
+class Chef
+  #
+  # Implementation of Provider class.
+  #
+  class Provider
+    #
+    # Implementation of Provider class.
+    #
+    class OneVnet < Chef::Provider::LWRPBase
+      use_inline_resources
+
+      provides :one_vnet
+
+      attr_reader :current_vnet
+
+      def action_handler
+        @action_handler ||= Chef::Provisioning::ChefProviderActionHandler.new(self)
+      end
+
+      def exists?(filter)
+        new_driver = driver
+        @current_vnet = new_driver.one.get_resource('vnet', filter)
+        Chef::Log.debug("VNET '#{filter}' exists: #{!@current_vnet.nil?}")
+        !@current_vnet.nil?
+      end
+
+      action :create do
+        fail "Missing attribute 'template_file'" unless @new_resource.template_file
+        fail "Missing attribute 'cluster_id'" unless @new_resource.cluster_id
+
+        if exists?(:name => @new_resource.name)
+          action_handler.report_progress "vnet '#{@new_resource.name}' already exists - nothing to do"
+        else
+          action_handler.perform_action "created vnet '#{@new_resource.name}' from '#{@new_resource.template_file}'" do
+            template_str = ::File.read(@new_resource.template_file) + "\nNAME=\"#{@new_resource.name}\""
+            vnet = new_driver.one.allocate_vnet(template_str, @new_resource.cluster_id)
+            Chef::Log.debug(template_str)
+            fail "failed to create vnet '#{@new_resource.name}': #{vnet.message}" if OpenNebula.is_error?(vnet)
+            @new_resource.updated_by_last_action(true)
+          end
+        end
+      end
+
+      action :delete do
+        if exists?(:id => @new_resource.vnet_id, :name => @new_resource.name)
+          action_handler.perform_action "deleted vnet '#{new_resource.name}' (#{@current_vnet.id})" do
+            rc = @current_vnet.delete
+            fail "failed to delete vnet '#{@new_resource.name}': #{rc.message}" if OpenNebula.is_error?(rc)
+            @new_resource.updated_by_last_action(true)
+          end
+        else
+          action_handler.report_progress "vnet '#{new_resource.name}' does not exists - nothing to do"
+        end
+      end
+
+      action :reserve do
+        fail "Missing attribute 'network'" unless @new_resource.network
+
+        if exists?(:name => @new_resource.name)
+          hash = @current_vnet.to_hash
+          ar_pool = [hash['VNET']['AR_POOL']].flatten
+          Chef::Log.debug(@current_vnet.to_hash)
+          same = false
+          if @new_resource.ar_id && @new_resource.ar_id > -1
+            ar_pool.each do |ar|
+              same = true if ar['AR']['AR_ID'] == @new_resource.ar_id.to_s && ar['AR']['SIZE'].to_i == @new_resource.size
+            end
+          else
+            same = ar_pool[0]['AR']['SIZE'].to_i == @new_resource.size
+          end
+          if same
+            action_handler.report_progress "vnet '#{@new_resource.name}' already exists - nothing to do"
+          else
+            fail "vnet '#{@new_resource.name}' exists with different configuration"
+          end
+        else
+          fail "parent network '#{@new_resource.network}' does not exist" unless exists?(:id => @new_resource.network)
+          action_handler.perform_action "reserved vnet '#{@new_resource.name}'" do
+            rc = @current_vnet.reserve(@new_resource.name, @new_resource.size.to_s, @new_resource.ar_id.to_s, @new_resource.mac_ip, nil)
+            fail "Failed to reserve new vnet in network (#{@new_resource.network}): #{rc.message}" if OpenNebula.is_error?(rc)
+            @new_resource.updated_by_last_action(true)
+          end
+        end
+      end
+
+      protected
+
+      def driver
+        if current_driver && current_driver.driver_url != new_driver.driver_url
+          fail "Cannot move '#{machine_spec.name}' from #{current_driver.driver_url} to #{new_driver.driver_url}: machine moving is not supported.  Destroy and recreate."
+        end
+        fail "Driver not specified for one_image #{new_resource.name}" unless new_driver
+        new_driver
+      end
+
+      def new_driver
+        run_context.chef_provisioning.driver_for(new_resource.driver)
+      end
+
+      def current_driver
+        run_context.chef_provisioning.driver_for(run_context.chef_provisioning.current_driver) if run_context.chef_provisioning.current_driver
+      end
+    end
+  end
+end

data/lib/chef/provider/one_vnet_lease.rb

@@ -0,0 +1,133 @@
+# Copyright 2015, BlackBerry, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# Implementation of Provider class.
+#
+class Chef
+  #
+  # Implementation of Provider class.
+  #
+  class Provider
+    #
+    # Implementation of Provider class.
+    #
+    class OneVnetLease < Chef::Provider::LWRPBase
+      use_inline_resources
+
+      provides :one_vnet_lease
+
+      attr_reader :current_vnet
+
+      def action_handler
+        @action_handler ||= Chef::Provisioning::ChefProviderActionHandler.new(self)
+      end
+
+      def exists?
+        new_driver = driver
+        filter = { @new_resource.vnet.is_a?(Integer) ? :id : :name => @new_resource.vnet }
+        @current_vnet = new_driver.one.get_resource('vnet', filter)
+        fail "vnet '#{@new_resource.vnet}' does not exist" if @current_vnet.nil?
+        @current_vnet.info!
+        hash = @current_vnet.to_hash
+
+        lookup = @new_resource.name.include?(':') ? 'MAC' : 'IP'
+        ar_pool = [hash['VNET']['AR_POOL']].flatten
+
+        if @new_resource.ar_id && @new_resource.ar_id > -1
+          ar_pool = get_ar_pool(ar_pool, @new_resource.ar_id.to_s)
+          fail "ar_id not found '#{@new_resource.ar_id}'" if ar_pool.nil?
+        end
+        available = lease_available?(ar_pool, lookup)
+        fail "'#{name}' is already allocated to a VM (ID: #{vm})" unless available
+        available
+        # ar_pool.each do |a|
+        #   if a['AR']['LEASES']['LEASE']
+        #     [a['AR']['LEASES']['LEASE']].flatten.each do |l|
+        #       if l[lookup] && l[lookup] == @new_resource.name
+        #         exists = true
+        #         vm = l['VM'].to_i
+        #         break
+        #       end
+        #     end
+        #   end
+        # end
+        # fail "'#{name}' is already allocated to a VM (ID: #{vm})" if exists && vm > -1
+        # (exists && vm == -1)
+      end
+
+      action :hold do
+        if exists?
+          action_handler.report_progress("#{@new_resource.name} is already on hold and not used")
+        else
+          action_handler.perform_action "hold '#{@new_resource.name}'" do
+            rc = @current_vnet.hold(@new_resource.name, @new_resource.ar_id || -1)
+            fail "Failed to put a hold on '#{@new_resource.name}': #{rc.message}" if OpenNebula.is_error?(rc)
+            @new_resource.updated_by_last_action(true)
+          end
+        end
+      end
+
+      action :release do
+        if exists?
+          action_handler.perform_action "released '#{@new_resource.name}'" do
+            rc = @current_vnet.release(@new_resource.name, @new_resource.ar_id || -1)
+            fail "Failed to release '#{@new_resource.name}': #{rc.message}" if OpenNebula.is_error?(rc)
+            @new_resource.updated_by_last_action(true)
+          end
+        else
+          action_handler.report_progress("#{@new_resource.name} is not present - nothing do to")
+        end
+      end
+
+      protected
+
+      def get_ar_pool(ar_pool, ar_id)
+        ar_pool.each { |a| return [a] if a['AR']['AR_ID'] == ar_id }
+        nil
+      end
+
+      def lease_available?(ar_pool, lookup)
+        exists = false
+        vm = -2
+        ar_pool.each do |a|
+          next unless a['AR']['LEASES']['LEASE']
+          [a['AR']['LEASES']['LEASE']].flatten.each do |l|
+            next unless l[lookup] && l[lookup] == @new_resource.name
+            exists = true
+            vm = l['VM'].to_i
+            break
+          end
+        end
+        (exists && vm == -1)
+      end
+
+      def driver
+        if current_driver && current_driver.driver_url != new_driver.driver_url
+          fail "Cannot move '#{machine_spec.name}' from #{current_driver.driver_url} to #{new_driver.driver_url}: machine moving is not supported.  Destroy and recreate."
+        end
+        fail "Driver not specified for one_image #{new_resource.name}" unless new_driver
+        new_driver
+      end
+
+      def new_driver
+        run_context.chef_provisioning.driver_for(new_resource.driver)
+      end
+
+      def current_driver
+        run_context.chef_provisioning.driver_for(run_context.chef_provisioning.current_driver) if run_context.chef_provisioning.current_driver
+      end
+    end
+  end
+end

data/lib/chef/provisioning/driver_init/opennebula.rb

@@ -0,0 +1,17 @@
+# Copyright 2015, BlackBerry, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'chef/provisioning/opennebula_driver/driver'
+
+Chef::Provisioning.register_driver_class("opennebula", Chef::Provisioning::OpenNebulaDriver::Driver)

data/lib/chef/provisioning/opennebula_driver.rb

@@ -0,0 +1,18 @@
+# Copyright 2015, BlackBerry, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'chef/provisioning'
+require 'chef/provisioning/opennebula_driver/driver'
+require 'chef/provisioning/opennebula_driver/resources'
+require 'chef/provisioning/opennebula_driver/credentials'

data/lib/chef/provisioning/opennebula_driver/credentials.rb

@@ -0,0 +1,105 @@
+# Copyright 2015, BlackBerry, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'json'
+
+#
+# Implementation of Provider class.
+#
+class Chef
+  #
+  # Extending module.
+  #
+  module Provisioning
+    #
+    # Extending module.
+    #
+    module OpenNebulaDriver
+      #
+      # Implementation of Provider class.
+      #
+      class Credentials
+        def initialize(options = {})
+          @credentials = {}
+          load_default(options)
+          load_profiles
+        end
+
+        def default
+          fail 'No credentials loaded!  Do you have a ~/.one/one_auth file?' if @credentials.size == 0
+          @credentials[ENV['ONE_DEFAULT_PROFILE'] || 'default'] || @credentials.first[1]
+        end
+
+        def [](name)
+          fail "Profile '#{name}' does not exist" unless @credentials[name]
+          @credentials[name]
+        end
+
+        def load_default(options = {})
+          oneauth_file = ENV['ONE_AUTH'] || File.expand_path('~/.one/one_auth')
+          begin
+            creds = File.read(oneauth_file).strip
+            @credentials['default'] = { :credentials => creds, :options => options }
+          end if File.file?(oneauth_file)
+        end
+
+        def load_profiles
+          file = nil
+          if ENV['ONE_CONFIG'] && !ENV['ONE_CONFIG'].empty? && File.file?(ENV['ONE_CONFIG'])
+            file = ENV['ONE_CONFIG']
+          elsif ENV['HOME'] && File.file?("#{ENV['HOME']}/.one/one_config")
+            file = "#{ENV['HOME']}/.one/one_config"
+          elsif File.file?("/var/lib/one/.one/one_config")
+            file = "/var/lib/one/.one/one_config"
+          else
+            Chef::Log.info("No ONE_CONFIG file found, will use default profile")
+          end
+          json = {}
+          begin
+            content_hash = JSON.parse(File.read(file), :symbolize_names => true)
+            content_hash.each { |k, v| json[k.to_s] = v }
+          rescue Exception => e
+            Chef::Log.warn("Failed to read and parse config file #{file}: #{e.message}")
+          end
+          @credentials.merge!(json)
+        end
+
+        def load_plain(creds, options = {})
+          @credentials['default'] = {
+            :credentials => creds,
+            :options => options
+          } unless creds.nil?
+          @credentials
+        end
+
+        def load_file(filename, options = {})
+          creds = File.read(filename).strip if File.file?(filename)
+          @credentials['default'] = {
+            :credentials => creds,
+            :options => options
+          } unless creds.nil?
+          @credentials
+        end
+
+        def self.method_missing(name, *args, &block)
+          singleton.send(name, *args, &block)
+        end
+
+        def self.singleton
+          @one_credentials ||= Credentials.new
+        end
+      end
+    end
+  end
+end

data/lib/chef/provisioning/opennebula_driver/driver.rb

@@ -0,0 +1,572 @@
+# Copyright 2015, BlackBerry, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'chef/provisioning/driver'
+require 'chef/provisioning/machine/unix_machine'
+require 'chef/provisioning/convergence_strategy/install_cached'
+require 'chef/provisioning/convergence_strategy/install_sh'
+require 'chef/provisioning/convergence_strategy/no_converge'
+require 'chef/provisioning/transport/ssh'
+require 'chef/provisioning/opennebula_driver/version'
+require 'chef/provisioning/opennebula_driver/one_lib'
+require 'chef/provisioning/opennebula_driver/credentials'
+
+class Chef
+  module Provisioning
+    module OpenNebulaDriver
+      #
+      # A Driver instance represents a place where machines can be created
+      # and found, and contains methods to create, delete, start, stop, and
+      # find them.
+      #
+      # For AWS, a Driver instance corresponds to a single account.
+      # For Vagrant, it is a directory where VM files are found.
+      #
+      # = How to Make a Driver
+      #
+      # To implement a Driver, you must implement the following methods:
+      #
+      # * initialize(driver_url) - create a new driver with the given URL
+      # * driver_url - a URL representing everything unique about your
+      #                driver. (NOT credentials)
+      # * allocate_machine - ask the driver to allocate a machine to you.
+      # * ready_machine - get the machine "ready" - wait for it to be booted
+      #                   and accessible (for example, accessible via SSH
+      #                   transport).
+      # * stop_machine - stop the machine.
+      # * destroy_machine - delete the machine.
+      # * connect_to_machine - connect to the given machine.
+      #
+      # Optionally, you can also implement:
+      # * allocate_machines - allocate an entire group of machines.
+      # * ready_machines - get a group of machines warm and booted.
+      # * stop_machines - stop a group of machines.
+      # * destroy_machines - delete a group of machines.
+      #
+      # Additionally, you must create a file named
+      # `chef/provisioning/driver_init/<scheme>.rb`,
+      # where <scheme> is the name of the scheme you chose for your driver_url.
+      # This file, when required, must call
+      # Chef::Provisioning.add_registered_driver(<scheme>, <class>).
+      # The given <class>.from_url(url, config) will be called with a
+      # driver_url and configuration.
+      #
+      # All of these methods must be idempotent - if the work is already done,
+      # they just don't do anything.
+      #
+      class Driver < Chef::Provisioning::Driver
+        attr_reader :one
+
+        #
+        # OpenNebula by default reads the following information:
+        #
+        #  username:password from ENV['ONE_AUTH'] or ENV['HOME']/.one/one_auth
+        #  endpoint from ENV['ONE_XMLRPC']
+        #
+        # driver_url format:
+        #   opennebula:<endpoint>:<profile>
+        # where <profile> points to a one_auth file in ENV['HOME']/.one/<profile>
+        #
+        # driver_options:
+        #   credentials: bbsl-auto:text_pass  credentials has precedence over secret_file
+        #   secret_file: local_path_to_one_auth_file
+        #
+        def initialize(driver_url, config)
+          super
+          scan = driver_url.match(%r/(opennebula):(https?:\/\/[^:\/]+ (?::[0-9]{2,5})? (?:\/[^:\s]+) ) :?([^:\s]+)?/x)
+          endpoint = scan[2]
+          profile_name = scan[3]
+          fail "OpenNebula endpoint must be specified in 'driver_url': #{driver_url}" if endpoint.nil?
+
+          profile = profile_name ? one_credentials[profile_name] : one_credentials.default
+          Chef::Log.warn("':credentials' and ':secret_file' will be deprecated in next version in favour of 'opennebula:<endpoint>:<profile_name>'") if profile_name.nil?
+          @one = OneLib.new(profile[:credentials], endpoint, profile[:options] || {})
+        end
+
+        def self.from_url(driver_url, config)
+          Driver.new(driver_url, config)
+        end
+
+        # URL _must_ have an endpoint to prevent machine moving, which
+        # is not possible today between different endpoints.
+        def self.canonicalize_url(driver_url, config)
+          [driver_url, config]
+        end
+
+        # Allocate a machine from the underlying service.  This method
+        # does not need to wait for the machine to boot or have an IP, but
+        # it must store enough information in machine_spec.location to find
+        # the machine later in ready_machine.
+        #
+        # If a machine is powered off or otherwise unusable, this method may
+        # start it, but does not need to wait until it is started.  The
+        # idea is to get the gears moving, but the job doesn't need to be
+        # done :)
+        #
+        # @param [Chef::Provisioning::ActionHandler] action_handler
+        #   The action_handler object that is calling this method
+        # @param [Chef::Provisioning::MachineSpec] machine_spec
+        #   A machine specification representing this machine.
+        # @param [Hash] machine_options
+        #   A set of options representing the desired options when
+        #   constructing the machine
+        #
+        # @return [Chef::Provisioning::MachineSpec]
+        #   Modifies the passed-in machine_spec.  Anything in here will be
+        #   saved back after allocate_machine completes.
+        #
+        def allocate_machine(action_handler, machine_spec, machine_options)
+          fqdn = begin
+            machine_options.bootstrap_options[:enforce_chef_fqdn]
+          rescue NoMethodError
+            false
+          end
+          fail "Machine 'name' must be a FQDN" if fqdn && machine_spec.name.scan(/([a-z0-9-]+\.)/i).length == 0
+          instance = instance_for(machine_spec)
+
+          if instance.nil?
+            fail "'bootstrap_options' must be specified" unless machine_options.bootstrap_options
+            check_unique_names(machine_options.bootstrap_options, machine_spec)
+            action_handler.perform_action "created vm '#{machine_spec.name}'" do
+              Chef::Log.debug(machine_options)
+              tpl = @one.get_template(machine_spec.name, machine_options.bootstrap_options)
+              vm = @one.allocate_vm(tpl)
+              populate_node_object(machine_spec, machine_options, vm)
+            end
+            Chef::Log.debug(machine_spec.reference)
+          else
+            Chef::Log.info("vm '#{machine_spec.name}' already exists - nothing to do")
+          end
+          machine_spec
+        end
+
+        # Ready a machine, to the point where it is running and accessible
+        # via a transport. This will NOT allocate a machine, but may kick
+        # it if it is down. This method waits for the machine to be usable,
+        # returning a Machine object pointing at the machine, allowing useful
+        # actions like setup, converge, execute, file and directory.
+        #
+        #
+        # @param [Chef::Provisioning::ActionHandler] action_handler
+        #     The action_handler object that is calling this method
+        # @param [Chef::Provisioning::MachineSpec] machine_spec
+        #     A machine specification representing this machine.
+        # @param [Hash] machine_options
+        #     A set of options representing the desired state of the machine
+        #
+        # @return [Machine] A machine object pointing at the machine, allowing
+        #   useful actions like setup, converge, execute, file and directory.
+        #
+        def ready_machine(action_handler, machine_spec, machine_options)
+          instance = instance_for(machine_spec)
+          fail "Machine '#{machine_spec.name}' does not have an instance associated with it, or instance does not exist." if instance.nil?
+
+          # TODO: Currently it does not start stopped VMs, it only waits for new VMs to be in RUNNING state
+          machine = nil
+          action_handler.perform_action "vm '#{machine_spec.name}' is ready" do
+            deployed = @one.wait_for_vm(instance.id)
+            machine_spec.reference['name'] = deployed.name
+            machine_spec.reference['state'] = deployed.state_str
+            nic_hash = deployed.to_hash
+            ip = [nic_hash['VM']['TEMPLATE']['NIC']].flatten[0]['IP']
+            fail "Could not get IP from VM '#{deployed.name}'" if ip.nil? || ip.to_s.empty?
+            machine_spec.reference['ip'] = ip
+            machine = machine_for(machine_spec, machine_options)
+          end
+          machine
+        end
+
+        # Connect to a machine without allocating or readying it.  This method will
+        # NOT make any changes to anything, or attempt to wait.
+        #
+        # @param [Chef::Provisioning::MachineSpec] machine_spec
+        #     MachineSpec representing this machine.
+        # @param [Hash] machine_options
+        # @return [Machine] A machine object pointing at the machine, allowing
+        #   useful actions like setup, converge, execute, file and directory.
+        #
+        def connect_to_machine(machine_spec, machine_options)
+          machine_for(machine_spec, machine_options)
+        end
+
+        # Delete the given machine --  destroy the machine,
+        # returning things to the state before allocate_machine was called.
+        #
+        # @param [Chef::Provisioning::ActionHandler] action_handler
+        #     The action_handler object that is calling this method
+        # @param [Chef::Provisioning::MachineSpec] machine_spec
+        #     A machine specification representing this machine.
+        # @param [Hash] machine_options
+        #     A set of options representing the desired state of the machine
+        def destroy_machine(action_handler, machine_spec, machine_options)
+          instance = instance_for(machine_spec)
+          if !instance.nil?
+            action_handler.perform_action "destroyed machine #{machine_spec.name} (#{machine_spec.reference['instance_id']})" do
+              instance.delete
+              1.upto(10) do
+                instance.info
+                break if instance.state_str == 'DONE'
+                Chef::Log.debug("Waiting for VM '#{instance.id}' to be in 'DONE' state: '#{instance.state_str}'")
+                sleep(2)
+              end
+              fail "Failed to destroy '#{instance.name}'.  Current state: #{instance.state_str}" if instance.state_str != 'DONE'
+            end
+          else
+            Chef::Log.info("vm #{machine_spec.name} (#{machine_spec.reference['instance_id']}) does not exist - nothing to do")
+          end
+          strategy = convergence_strategy_for(machine_spec, machine_options)
+          strategy.cleanup_convergence(action_handler, machine_spec)
+        end
+
+        # Stop the given machine.
+        #
+        # @param [Chef::Provisioning::ActionHandler] action_handler
+        #     The action_handler object that is calling this method
+        # @param [Chef::Provisioning::MachineSpec] machine_spec
+        #     A machine specification representing this machine.
+        # @param [Hash] machine_options
+        #     A set of options representing the desired state of the machine
+        def stop_machine(action_handler, machine_spec, machine_options)
+          instance = instance_for(machine_spec)
+          if !instance.nil?
+            action_handler.perform_action "powered off machine #{machine_spec.name} (#{machine_spec.reference['instance_id']})" do
+              if machine_spec.reference[:is_shutdown] || machine_options.bootstrap_options[:is_shutdown]
+                hard = machine_spec.reference[:shutdown_hard] || machine_options.bootstrap_options[:shutdown_hard] || false
+                instance.shutdown(hard)
+              else
+                instance.stop
+              end
+            end
+          else
+            Chef::Log.info("vm #{machine_spec.name} (#{machine_spec.reference['instance_id']}) does not exist - nothing to do")
+          end
+        end
+
+        # Allocate an image. Returns quickly with an ID that tracks the image.
+        #
+        # @param [Chef::Provisioning::ActionHandler] action_handler
+        #     The action_handler object that is calling this method
+        # @param [Chef::Provisioning::ImageSpec] image_spec
+        #     A machine specification representing this machine.
+        # @param [Hash] image_options
+        #     A set of options representing the desired state of the machine
+        def allocate_image(action_handler, image_spec, image_options, machine_spec)
+          if image_spec.reference
+            # check if image already exists
+            image = @one.get_resource('img', :id => image_spec.reference['image_id'].to_i)
+            action_handler.report_progress "image #{image_spec.name} (ID: #{image_spec.reference['image_id']}) already exists" unless image.nil?
+          else
+            action_handler.perform_action "create image #{image_spec.name} from machine ID #{machine_spec.reference['instance_id']} with options #{image_options.inspect}" do
+              vm = @one.get_resource('vm', :id => machine_spec.reference['instance_id'])
+              fail "allocate_image: VM does not exist" if vm.nil?
+              # set default disk ID
+              disk_id = 1
+              if image_options.disk_id
+                disk_id = image_options.disk_id.is_a?(Integer) ? image_options.disk_id : @one.get_disk_id(vm, new_resource.disk_id)
+              end
+
+              new_img = vm.disk_snapshot(disk_id, image_spec.name, "", true)
+              fail "Failed to create snapshot '#{new_resource.name}': #{new_img.message}" if OpenNebula.is_error?(new_img)
+              populate_img_object(image_spec, new_image)
+            end
+          end
+        end
+
+        # Ready an image, waiting till the point where it is ready to be used.
+        #
+        # @param [Chef::Provisioning::ActionHandler] action_handler
+        #     The action_handler object that is calling this method
+        # @param [Chef::Provisioning::ImageSpec] image_spec
+        #     A machine specification representing this machine.
+        # @param [Hash] image_options
+        #     A set of options representing the desired state of the machine
+        def ready_image(action_handler, image_spec, _image_options)
+          img = @one.get_resource('img', :id => image_spec.reference['image_id'].to_i)
+          fail "Image #{image_spec.name} (#{image_spec.reference['image_id']}) does not exist" if img.nil?
+          action_handler.perform_action "image #{image_spec.name} is ready" do
+            deployed = @one.wait_for_img(img.name, img.id)
+            image_spec.reference['state'] = deployed.state_str
+          end
+          img
+        end
+
+        # Destroy an image using this service.
+        #
+        # @param [Chef::Provisioning::ActionHandler] action_handler
+        #     The action_handler object that is calling this method
+        # @param [Chef::Provisioning::ImageSpec] image_spec
+        #     A machine specification representing this machine.
+        # @param [Hash] image_options
+        #     A set of options representing the desired state of the machine
+        def destroy_image(action_handler, image_spec, _image_options)
+          img = @one.get_resource('img', :id => image_spec.location['image_id'].to_i)
+          if img.nil?
+            action_handler.report_progress "image #{image_spec.name} (#{image_spec.location['image_id']}) does not exist - nothing to do"
+          else
+            action_handler.perform_action "deleted image #{image_spec.name} (#{image_spec.location['image_id']})" do
+              rc = img.delete
+              fail "Failed to delete image '#{image_spec.name}' : #{rc.message}" if OpenNebula.is_error?(rc)
+            end
+          end
+        end
+
+        #
+        # Optional interface methods
+        #
+
+        #
+        # Allocate a set of machines.  This should have the same effect as
+        # running allocate_machine on all machine_specs.
+        #
+        # Drivers do not need to implement this; the default implementation
+        # calls acquire_machine in parallel.
+        #
+        # == Parallelizing
+        #
+        # The parallelizer must implement #parallelize
+        # @example Example parallelizer
+        #   parallelizer.parallelize(specs_and_options) do |machine_spec|
+        #     allocate_machine(action_handler, machine_spec)
+        #   end.to_a
+        #   # The to_a at the end causes you to wait until the
+        #   parallelization is done
+        #
+        # This object is shared among other chef-provisioning actions, ensuring
+        # that you do not go over parallelization limits set by the user.  Use
+        # of the parallelizer to parallelizer machines is not required.
+        #
+        # == Passing a block
+        #
+        # If you pass a block to this function, each machine will be yielded
+        # to you as it completes, and then the function will return when
+        # all machines are yielded.
+        #
+        # @example Passing a block
+        #   allocate_machines(
+        #     action_handler,
+        #     specs_and_options,
+        #     parallelizer) do |machine_spec|
+        #     ...
+        #   end
+        #
+        # @param [Chef::Provisioning::ActionHandler] action_handler
+        #        The action_handler object that is calling this method; this
+        #        is generally a driver, but could be anything that can support
+        #        the interface (i.e., in the case of the test kitchen
+        #        provisioning driver for acquiring and destroying VMs).
+        # @param [Hash] specs_and_options
+        #        A hash of machine_spec -> machine_options representing the
+        #        machines to allocate.
+        # @param [Parallelizer] parallelizer an object with a
+        #        parallelize() method that works like this:
+        # @return [Array<Machine>] An array of machine objects created
+        def allocate_machines(action_handler, specs_and_options, parallelizer)
+          parallelizer.parallelize(specs_and_options) do |machine_spec, machine_options|
+            allocate_machine(add_prefix(machine_spec, action_handler), machine_spec, machine_options)
+            yield machine_spec if block_given?
+            machine_spec
+          end.to_a
+        end
+
+        # Ready machines in batch, in parallel if possible.
+        def ready_machines(action_handler, specs_and_options, parallelizer)
+          parallelizer.parallelize(specs_and_options) do |machine_spec, machine_options|
+            machine = ready_machine(add_prefix(machine_spec, action_handler), machine_spec, machine_options)
+            yield machine if block_given?
+            machine
+          end.to_a
+        end
+
+        # Stop machines in batch, in parallel if possible.
+        def stop_machines(action_handler, specs_and_options, parallelizer)
+          parallelizer.parallelize(specs_and_options) do |machine_spec, machine_options|
+            stop_machine(add_prefix(machine_spec, action_handler), machine_spec, machine_options)
+            yield machine_spec if block_given?
+          end.to_a
+        end
+
+        # Delete machines in batch, in parallel if possible.
+        def destroy_machines(action_handler, specs_and_options, parallelizer)
+          parallelizer.parallelize(specs_and_options) do |machine_spec, machine_options|
+            destroy_machine(add_prefix(machine_spec, action_handler), machine_spec, machine_options)
+            yield machine_spec if block_given?
+          end.to_a
+        end
+
+        # Allocate a load balancer
+        # @param [ChefMetal::ActionHandler] action_handler The action handler
+        # @param [ChefMetal::LoadBalancerSpec] lb_spec Frozen LB specification
+        # @param [Hash] lb_options A hash of options to pass the LB
+        # @param [Array[ChefMetal::MachineSpec]] machine_specs
+        #        An array of machine specs the load balancer should have
+        def allocate_load_balancer(_action_handler, _lb_spec, _lb_options, _machine_specs)
+        end
+
+        # Make the load balancer ready
+        # @param [ChefMetal::ActionHandler] action_handler The action handler
+        # @param [ChefMetal::LoadBalancerSpec] lb_spec Frozen LB specification
+        # @param [Hash] lb_options A hash of options to pass the LB
+        def ready_load_balancer(_action_handler, _lb_spec, _lb_options, _machine_specs)
+        end
+
+        # Destroy the load balancer
+        # @param [ChefMetal::ActionHandler] action_handler The action handler
+        # @param [ChefMetal::LoadBalancerSpec] lb_spec Frozen LB specification
+        # @param [Hash] lb_options A hash of options to pass the LB
+        def destroy_load_balancer(_action_handler, _lb_spec, _lb_options)
+        end
+
+        protected
+
+        def one_credentials
+          @one_credentials ||= begin
+                                 credentials = Credentials.new(driver_options[:one_options] || {})
+                                 if driver_options[:credentials]
+                                   credentials.load_plain(driver_options[:credentials], driver_options[:one_options] || {})
+                                 elsif driver_options[:secret_file]
+                                   credentials.load_file(driver_options[:secret_file], driver_options[:one_options] || {})
+                                 end
+                                 credentials
+                               end
+        end
+
+        def check_unique_names(bootstrap_options, machine_spec)
+          fail "VM with name '#{machine_spec.name}' already exists" unless @one.get_resource('vm', :name => machine_spec.name).nil? if bootstrap_options[:unique_names]
+        end
+
+        def populate_node_object(machine_spec, machine_options, vm)
+          machine_spec.driver_url = driver_url
+          machine_spec.reference = {
+            'driver_version' => Chef::Provisioning::OpenNebulaDriver::VERSION,
+            'allocated_at' => Time.now.utc.to_s,
+            'image_id' => machine_options.bootstrap_options[:image_id] || nil,
+            'is_shutdown' => machine_options.bootstrap_options[:is_shutdown] || false,
+            'shutdown_hard' => machine_options.bootstrap_options[:shutdown_hard] || false,
+            'instance_id' => vm.id,
+            'name' => vm.name,
+            'state' => vm.state_str
+          }
+          # handle ssh_user and ssh_username for backward compatibility
+          Chef::Log.warn("':ssh_user' will be deprecated in next version in favour of ':ssh_username'") if machine_options.key?(:ssh_user)
+          machine_spec.reference['ssh_username'] = get_ssh_user(machine_spec, machine_options)
+          %w(is_windows sudo transport_address_location ssh_gateway).each do |key|
+            machine_spec.reference[key] = machine_options[key.to_sym] if machine_options[key.to_sym]
+          end
+        end
+
+        def populate_img_object(image_spec, new_image)
+          image_spec.driver_url = driver_url
+          image_spec.reference = {
+            'driver_version' => Chef::Provisioning::OpenNebulaDriver::VERSION,
+            'image_id'       => new_image,
+            'allocated_at'   => Time.now.to_i,
+            'state'          => 'none'
+          }
+          image_spec.machine_options ||= {}
+          image_spec.machine_options.merge!(:bootstrap_options => { :image_id => new_image })
+        end
+
+        def instance_for(machine_spec)
+          instance = nil
+          if machine_spec.reference
+            fail "Switching a machine's driver from #{machine_spec.driver_url} to #{driver_url} is not supported!" \
+                "  Use machine :destroy and then :create the machine on the new driver." if machine_spec.driver_url != driver_url
+            instance = @one.get_resource('vm', :id => machine_spec.reference['instance_id'].to_i)
+          elsif machine_spec.location
+            fail "Switching a machine's driver from #{machine_spec.driver_url} to #{driver_url} is not supported!" \
+                "  Use machine :destroy and then :create the machine on the new driver." if machine_spec.driver_url != driver_url
+            instance = @one.get_resource('vm', :id => machine_spec.location['server_id'].to_i)
+            unless instance.nil?
+              # Convert from previous driver
+              machine_spec.reference = {
+                  'driver_version' => machine_spec.location['driver_version'],
+                  'allocated_at' => machine_spec.location['allocated_at'],
+                  'image_id' => machine_spec.location['image_id'],
+                  'instance_id' => machine_spec.location['server_id'],
+                  'name' => machine_spec.location['name'],
+                  'state' => machine_spec.location['state']
+              }
+            end
+          end
+          instance
+        end
+
+        def machine_for(machine_spec, machine_options)
+          instance = instance_for(machine_spec)
+          fail "#{machine_spec.name} (#{machine_spec.reference['instance_id']}) does not exist!" if instance.nil?
+          # TODO: Support Windoze VMs (see chef-provisioning-vagrant)
+          Chef::Provisioning::Machine::UnixMachine.new(machine_spec, transport_for(machine_spec, machine_options, instance), convergence_strategy_for(machine_spec, machine_options))
+        end
+
+        def get_ssh_user(machine_spec, machine_options)
+          # handle ssh_user and ssh_username for backward compatibility
+          Chef::Log.warn("':ssh_user' will be deprecated in next version in favour of ':ssh_username'") if machine_options.key?(:ssh_user)
+          machine_spec.reference['ssh_username'] || machine_options[:ssh_username] || machine_options[:ssh_user] || 'local'
+        end
+
+        def transport_for(machine_spec, machine_options, _instance)
+          # TODO: Store ssh_options in machine_spec.reference ???
+          ssh_options = {
+            :keys_only => false,
+            :forward_agent => true,
+            :use_agent => true,
+            :user_known_hosts_file => '/dev/null'
+          }.merge(machine_options[:ssh_options] || {})
+          username = get_ssh_user(machine_spec, machine_options)
+          conf = machine_options[:ssh_config] || config
+          options = {}
+          if machine_spec.reference[:sudo] || (!machine_spec.reference.key?(:sudo) && username != 'root')
+            options[:prefix] = 'sudo '
+          end
+
+          # Enable pty by default
+          options[:ssh_pty_enable] = true
+          options[:ssh_gateway] = machine_spec.reference['ssh_gateway'] if machine_spec.reference.key?('ssh_gateway')
+
+          transport = Chef::Provisioning::Transport::SSH.new(machine_spec.reference['ip'], username, ssh_options, options, conf)
+
+          # wait up to 5 min to establish SSH connection
+          100.times do
+            break if transport.available?
+            sleep 3
+            Chef::Log.debug("Waiting for SSH server ...")
+          end
+          fail "Failed to establish SSH connection to '#{machine_spec.name}'" unless transport.available?
+          transport
+        end
+
+        def convergence_strategy_for(machine_spec, machine_options)
+          # TODO: Support Windoze VMs (see chef-provisioning-vagrant)
+          convergence_options = Cheffish::MergedConfig.new(machine_options[:convergence_options] || {})
+
+          if !machine_spec.reference
+            Chef::Provisioning::ConvergenceStrategy::NoConverge.new(convergence_options, config)
+          elsif machine_options[:cached_installer] == true
+            Chef::Provisioning::ConvergenceStrategy::InstallCached.new(convergence_options, config)
+          else
+            Chef::Provisioning::ConvergenceStrategy::InstallSh.new(convergence_options, config)
+          end
+        end
+
+        def add_prefix(machine_spec, action_handler)
+          AddPrefixActionHandler.new(action_handler, "[#{machine_spec.name}] ")
+        end
+
+        def get_private_key(name)
+          Cheffish.get_private_key(name, config)
+        end
+      end
+    end
+  end
+end