chef-vpc-toolkit 2.0.1 → 2.1.0

data/.rvmrc

@@ -0,0 +1 @@
+rvm 1.8.7@chef_vpc_toolkit

data/CHANGELOG

@@ -0,0 +1,14 @@
+* Tue Jan 11 2011 Dan Prince <dan.prince@rackspace.com> - 2.1.0
+  - Implement 'rake vpn' tasks.
+  - Set permission to 0600 on tmp/server_group files.
+  - Create config/TOOLKIT_VERSION when running chef-vpc-toolkit -upgrade.
+  - Set 'StrictHostKeyChecking no' when using ssh.
+
+* Thu Dec 7 2010 Dan Prince <dan.prince@rackspace.com> - 2.0.1
+  - Automatically load rake files from the tasks directory.
+  - Rename config file from cloud_toolkit.conf to chef_vpc_toolkit.conf.
+  - Rename variable that can be used to override default config file location
+    to be called CHEF_VPC_TOOLKIT_CONF.
+
+* Thu Oct 26 2010 Dan Prince <dan.prince@rackspace.com> - 2.0.0
+  - Initial open source release.

data/Rakefile

@@ -28,6 +28,7 @@ begin
     gemspec.add_dependency 'rake'
     gemspec.add_dependency 'builder'
     gemspec.add_dependency 'json'
+    gemspec.add_dependency 'uuidtools'
   end
 rescue LoadError
   puts "Jeweler not available. Install it with: sudo gem install jeweler"

data/VERSION

@@ -1 +1 @@
-2.0.1
+2.1.0

data/bin/chef-vpc-toolkit

@@ -13,17 +13,17 @@ opts = OptionParser.new
 
 options[:name] = ""
 opts.on("-n name", "--name", String,
-	"Create a new cloud project with the given directory name.") do |name|
+	"Create a new project with the given directory name.") do |name|
 	options[:name] = name
 end
 
 options[:upgrade] = false
-opts.on("-u", "--upgrade", "Upgrade a cloud project to work with the latest Cloud Toolkit.") do
+opts.on("-u", "--upgrade", "Upgrade a project to work with the latest Chef VPC Toolkit.") do
 	options[:upgrade] = true
 end
 
 opts.on_tail("-v", "--version", "Print version") do
-puts "Cloud Toolkit Version: #{Version::VERSION}"
+puts "Chef VPC Toolkit Version: #{Version::VERSION}"
 exit
 end
 
@@ -47,10 +47,10 @@ if options[:upgrade]
 
 	# Rakefile
 	if not File.exists?("Rakefile") then
-		puts "Unable to find Rakefile. Run the 'cloud-toolkit -u' commmand from within a cloud project directory."
+		puts "Unable to find Rakefile. Run the 'chef-vpc-toolkit -u' commmand from within a project directory."
 		exit 1
 	else
-		FileUtils.cp("#{Version::CHEF_VPC_TOOLKIT_ROOT}/contrib/Rakefile", "Rakefile")
+		FileUtils.cp("#{Version::CHEF_VPC_TOOLKIT_ROOT}/contrib/rake/Rakefile", "Rakefile")
 	end
 
 	# chef_installer.yml
@@ -58,6 +58,8 @@ if options[:upgrade]
 		FileUtils.mv("config/chef_installer.conf", "config/chef_installer.yml")
 	end
 
+	FileUtils.cp("#{Version::CHEF_VPC_TOOLKIT_ROOT}/VERSION", File.join("config", "TOOLKIT_VERSION"))
+
 else
 	exit_if_nil_or_empty(options, :name)
 

data/config/server_group.json

@@ -5,12 +5,12 @@
 	"servers": {
 		"login": {
 			"image_id": "51",
-			"flavor_id": "4",
+			"flavor_id": "2",
 			"openvpn_server": "true"
 		},
 		"client1": {
 			"image_id": "51",
-			"flavor_id": "4"
+			"flavor_id": "2"
 		}
 	}
 }

data/contrib/etc/chef_vpc_toolkit.conf

@@ -8,3 +8,7 @@ cloud_servers_vpc_password:
 # The text editor to use for Chef knife commands. Used when a new server group
 # is created. Default: vim
 # knife_editor: vim
+#
+# VPN client name. The name given to this machine when connecting to a
+# server group as a VPN client.
+# vpn_client_name: local

data/contrib/rake/Rakefile

@@ -5,9 +5,9 @@ require 'rubygems'
 version_file=(File.join(CHEF_VPC_PROJECT, 'config', 'TOOLKIT_VERSION'))
 toolkit_version=nil
 if ENV['CHEF_VPC_TOOLKIT_VERSION'] then
-	toolkit_version=ENV['CHEF_VPC_TOOLKIT_VERSION']
+  toolkit_version=ENV['CHEF_VPC_TOOLKIT_VERSION']
 elsif File.exists?(version_file)
-	toolkit_version=IO.read(version_file)
+  toolkit_version=IO.read(version_file)
 end
 
 #puts "Chef VPC Toolkit Version: #{toolkit_version}"
@@ -22,7 +22,8 @@ Dir[File.join("#{ChefVPCToolkit::Version::CHEF_VPC_TOOLKIT_ROOT}/rake", '*.rake'
     import(rakefile)
 end
 
-Dir[File.join(File.dirname("__FILE__"), 'tasks', '*.rake')].each do  |rakefile|
-puts rakefile
+if File.exist?(File.join(CHEF_VPC_PROJECT, 'tasks')) then
+  Dir[File.join(File.dirname("__FILE__"), 'tasks', '*.rake')].each do  |rakefile|
     import(rakefile)
+  end
 end

data/lib/chef-vpc-toolkit.rb

@@ -4,3 +4,4 @@ require 'chef-vpc-toolkit/cloud_servers_vpc'
 require 'chef-vpc-toolkit/http_util'
 require 'chef-vpc-toolkit/ssh_util'
 require 'chef-vpc-toolkit/version'
+require 'chef-vpc-toolkit/vpn_network_manager'

data/lib/chef-vpc-toolkit/chef-0.9.bash

@@ -166,7 +166,7 @@ local REPOS_BASEDIR=${2:-"/root/cookbook-repos"}
 for CB_REPO in $COOKBOOK_URLS; do
 echo -n "Downloading $CB_REPO..."
 	if [ "http:" == ${CB_REPO:0:5} ] || [ "https:" == ${CB_REPO:0:6} ]; then
-		wget "$CB_REPO" -O "/tmp/cookbook-repo.tar.gz" &> /dev/null || { echo "Failed to download cookbook tarball."; return 1; }
+		wget --no-check-certificate "$CB_REPO" -O "/tmp/cookbook-repo.tar.gz" &> /dev/null || { echo "Failed to download cookbook tarball."; return 1; }
 	else
 		download_cloud_file "$CB_REPO" "/tmp/cookbook-repo.tar.gz"
 	fi

data/lib/chef-vpc-toolkit/chef_bootstrap/fedora.bash

@@ -34,8 +34,9 @@ validation_key         "/etc/chef/validation.pem"
 client_key             "/etc/chef/client.pem"
 EOF_CAT
 
-	cp /usr/lib/ruby/gems/1.8/gems/chef-0.9.8/distro/redhat/etc/init.d/chef-client /etc/init.d/
-	cp /usr/lib/ruby/gems/1.8/gems/chef-0.9.8/distro/redhat/etc/logrotate.d/chef-client /etc/logrotate.d/
+	CHEF_GEM_DIR=$(gem contents chef | sed -e "s|\(.*chef-0.9.8\).*|\1|" | head -n 1)
+	cp $CHEF_GEM_DIR/distro/redhat/etc/init.d/chef-client /etc/init.d/
+	cp $CHEF_GEM_DIR/distro/redhat/etc/logrotate.d/chef-client /etc/logrotate.d/
 	chmod 755 /etc/init.d/chef-client
 
 }

data/lib/chef-vpc-toolkit/chef_installer.rb

@@ -72,7 +72,7 @@ end
 os_type=machine_os_types[options['chef_server_name']]
 
 data=%x{
-ssh root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
+ssh -o "StrictHostKeyChecking no" root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
 ssh #{options['chef_server_name']} bash <<-"EOF_BASH"
 echo "Installing Chef server on: $HOSTNAME"
 EOF_BASH
@@ -81,7 +81,7 @@ EOF_GATEWAY
 puts data
 
 data=%x{
-ssh root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
+ssh -o "StrictHostKeyChecking no" root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
 ssh #{options['chef_server_name']} bash <<-"EOF_BASH"
 #{IO.read(File.dirname(__FILE__) + "/cloud_files.bash")}
 #{IO.read(File.dirname(__FILE__) + "/chef_bootstrap/#{os_type}.bash")}
@@ -115,7 +115,7 @@ end
 def self.client_validation_key(options)
 
 client_validation_key=%x{
-ssh root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
+ssh -o "StrictHostKeyChecking no" root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
 ssh #{options['chef_server_name']} bash <<-"EOF_BASH"
 #{IO.read(CHEF_INSTALL_FUNCTIONS)}
 print_client_validation_key
@@ -146,7 +146,7 @@ def self.install_chef_client(options, client_name, client_validation_key, os_typ
 	puts "Installing Chef client on: #{client_name}"
 
 	data=%x{
-	ssh root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
+	ssh -o "StrictHostKeyChecking no" root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
 	ssh #{client_name} bash <<-"EOF_BASH"
 	#{IO.read(File.dirname(__FILE__) + "/cloud_files.bash")}
 	#{IO.read(File.dirname(__FILE__) + "/chef_bootstrap/#{os_type}.bash")}
@@ -192,15 +192,16 @@ json.each_pair do |bag_name, items_json|
 	end
 
 data=%x{
-ssh root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
+ssh -o "StrictHostKeyChecking no" root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
 #{IO.read(CHEF_INSTALL_FUNCTIONS)}
 #{databag_cmds}
 EOF_GATEWAY
 }
-puts "OK."
 
 end
 
+puts "OK."
+
 end
 
 def self.knife_readd_node(options, client_name)
@@ -214,7 +215,7 @@ run_list=node_json['run_list'].inspect
 node_json.delete("run_list")
 attributes=node_json.to_json.to_s
 data=%x{
-ssh root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
+ssh -o "StrictHostKeyChecking no" root@#{options['ssh_gateway_ip']} bash <<-"EOF_GATEWAY"
 #{IO.read(CHEF_INSTALL_FUNCTIONS)}
 knife_delete_node '#{client_name}'
 knife_add_node '#{client_name}' '#{run_list}' '#{attributes}'
@@ -224,7 +225,7 @@ EOF_GATEWAY
 end
 
 def self.tail_log(gateway_ip, server_name, log_file="/var/log/chef/client.log", num_lines="100")
-	%x{ssh root@#{gateway_ip} ssh #{server_name} tail -n #{num_lines} #{log_file}}
+	%x{ssh -o "StrictHostKeyChecking no" root@#{gateway_ip} ssh #{server_name} tail -n #{num_lines} #{log_file}}
 end
 
 def self.rsync_cookbook_repos(options, local_dir="#{CHEF_VPC_PROJECT}/cookbook-repos/", remote_directory="/root/cookbook-repos")
@@ -232,7 +233,7 @@ def self.rsync_cookbook_repos(options, local_dir="#{CHEF_VPC_PROJECT}/cookbook-r
 	if File.exists?(local_dir) then
 		$stdout.printf "Syncing local Chef cookbook repositories..."
 		configs=Util.load_configs
-		%x{ssh root@#{options['ssh_gateway_ip']} bash <<-"EOF_SSH"
+		%x{ssh -o "StrictHostKeyChecking no" root@#{options['ssh_gateway_ip']} bash <<-"EOF_SSH"
 			mkdir -p #{remote_directory}
 			if [ -f /usr/bin/yum ]; then
 				rpm -q rsync &> /dev/null || yum install -y -q rsync
@@ -251,7 +252,7 @@ def self.rsync_cookbook_repos(options, local_dir="#{CHEF_VPC_PROJECT}/cookbook-r
 	end
 
 	data=%x{
-	ssh root@#{options['ssh_gateway_ip']} bash <<-"EOF_SSH"
+	ssh -o "StrictHostKeyChecking no" root@#{options['ssh_gateway_ip']} bash <<-"EOF_SSH"
 	#{IO.read(File.dirname(__FILE__) + "/cloud_files.bash")}
 	#{IO.read(CHEF_INSTALL_FUNCTIONS)}
 

data/lib/chef-vpc-toolkit/cloud_servers_vpc.rb

@@ -83,7 +83,8 @@ module CloudServersVPC
 			hash["description"]=sg.elements["description"].text
 			hash["id"]=sg.elements["id"].text
 			hash["domain-name"]=sg.elements["domain-name"].text
-
+			hash["vpn-network"]=sg.elements["vpn-network"].text
+			hash["vpn-subnet"]=sg.elements["vpn-subnet"].text
 			hash["servers"]={}
 			REXML::XPath.each(dom, "//server") do |server|
 				server_name=server.elements["name"].text
@@ -180,6 +181,21 @@ module CloudServersVPC
 		
 	end
 
+	# Return the name of the VPN server within a server group
+	def self.vpn_server_name(hash)
+
+		hash["servers"].each_pair do |name, hash|
+			if hash['openvpn-server'] and hash['openvpn-server'] == "true" then
+				if block_given? then
+					yield name
+				else
+					return name
+				end
+			end	
+		end
+
+	end
+
 	# default timeout of 20 minutes
 	def self.poll_until_online(group_id, timeout=1200)
 
@@ -229,6 +245,8 @@ module CloudServersVPC
 					"centos"
 				when 187811 # Centos 5.4
 					"centos"
+				when 71 # Fedora 14
+					"fedora"
 				when 53 # Fedora 13
 					"fedora"
 				when 17 # Fedora 12
@@ -280,6 +298,96 @@ module CloudServersVPC
 
 	end
 
+	def self.client_hash(xml)
+
+		hash={}
+        dom = REXML::Document.new(xml)
+        REXML::XPath.each(dom, "/client") do |client|
+
+			hash["name"]=client.elements["name"].text
+			hash["description"]=client.elements["description"].text
+			hash["id"]=client.elements["id"].text
+			hash["status"]=client.elements["status"].text
+			hash["server-group-id"]=client.elements["server-group-id"].text
+			hash["vpn-network-interfaces"]=[]
+			REXML::XPath.each(dom, "//vpn-network-interface") do |vni|
+				client_attributes={
+					"id" => vni.elements["id"].text,
+					"vpn-ip-addr" => vni.elements["vpn-ip-addr"].text,
+					"ptp-ip-addr" => vni.elements["ptp-ip-addr"].text,
+					"client-key" => vni.elements["client-key"].text,
+					"client-cert" => vni.elements["client-cert"].text,
+					"ca-cert" => vni.elements["ca-cert"].text
+				}
+				hash["vpn-network-interfaces"] << client_attributes
+			end
+		end
+
+		hash
+
+	end
+
+	def self.poll_client(client_id, timeout=300)
+
+		configs=Util.load_configs
+
+		online = false
+		count=0
+		until online or (count*5) >= timeout.to_i do
+			count+=1
+			begin
+				xml=HttpUtil.get(
+					configs["cloud_servers_vpc_url"]+"/clients/#{client_id}.xml",
+					configs["cloud_servers_vpc_username"],
+					configs["cloud_servers_vpc_password"]
+				)
+				hash=CloudServersVPC.client_hash(xml)
+
+				if hash["status"] == "Online" then
+					online = true
+				else 
+					yield hash if block_given?
+					sleep 5
+				end
+			rescue EOFError
+			end
+		end
+		if (count*20) >= timeout.to_i then
+			raise "Timeout waiting for client to come online."
+		end
+
+	end
+
+	def self.client_xml_for_id(configs, dir, id=nil)
+
+		xml=HttpUtil.get(
+			configs["cloud_servers_vpc_url"]+"/clients/#{id}.xml",
+			configs["cloud_servers_vpc_username"],
+			configs["cloud_servers_vpc_password"]
+		)
+
+	end
+
+	def self.create_client(server_group_hash, client_name)
+
+		configs=Util.load_configs
+
+		xml = Builder::XmlMarkup.new
+		xml.client do |client|
+			client.name(client_name)
+			client.description("Toolkit Client: #{client_name}")
+			client.tag! "server-group-id", server_group_hash['id']
+		end
+	
+		HttpUtil.post(
+			configs["cloud_servers_vpc_url"]+"/clients.xml",
+			xml.target!,
+			configs["cloud_servers_vpc_username"],
+			configs["cloud_servers_vpc_password"]
+		)
+
+	end
+
 end
 
 end

data/lib/chef-vpc-toolkit/http_util.rb

@@ -72,6 +72,7 @@ def self.post(url_string, post_data, auth_user=nil, auth_password=nil)
 	when Net::HTTPSuccess
 		return response.body
 	else
+		puts response.body
 		response.error!
 	end
 end

data/lib/chef-vpc-toolkit/util.rb

@@ -1,9 +1,14 @@
 require 'yaml'
+require 'socket'
 
 module ChefVPCToolkit
 
 module Util
 
+	def self.hostname
+		Socket.gethostname
+	end
+
 	def self.load_configs
 
 		config_file=ENV['CHEF_VPC_TOOLKIT_CONF']

data/lib/chef-vpc-toolkit/vpn_network_manager.rb

@@ -0,0 +1,227 @@
+require 'json'
+require 'builder'
+require 'rexml/document'
+require 'rexml/xpath'
+require 'uuidtools'
+require 'ipaddr'
+require 'fileutils'
+require 'tempfile'
+
+module ChefVPCToolkit
+
+module VpnNetworkManager
+
+	CERT_DIR=File.join(ENV['HOME'], '.pki', 'openvpn')
+
+	def self.configure_gconf(group_hash, client_hash)
+
+		ca_cert=File.join(CERT_DIR, group_hash['id'], 'ca.crt')
+		client_cert=File.join(CERT_DIR, group_hash['id'], 'client.crt')
+		client_key=File.join(CERT_DIR, group_hash['id'], 'client.key')
+
+		vpn_interface=client_hash['vpn-network-interfaces'][0]
+
+		FileUtils.mkdir_p(File.join(CERT_DIR, group_hash['id']))
+		File::chmod(0700, File.join(ENV['HOME'], '.pki'))
+		File::chmod(0700, CERT_DIR)
+
+		File.open(ca_cert, 'w') { |f| f.write(vpn_interface['ca-cert']) }
+		File.open(client_cert, 'w') { |f| f.write(vpn_interface['client-cert']) }
+		File.open(client_key, 'w') do |f|
+			f.write(vpn_interface['client-key'])
+			f.chmod(0600)
+		end
+
+		xml = Builder::XmlMarkup.new
+		xml.gconfentryfile do |file|
+			file.entrylist({ "base" => "/system/networking/connections/vpc_#{group_hash['id']}"}) do |entrylist|
+
+				entrylist.entry do |entry|
+					entry.key("connection/autoconnect")
+					entry.value do |value|
+						value.bool("false")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("connection/id")
+					entry.value do |value|
+						value.string("VPC Group: #{group_hash['id']}")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("connection/name")
+					entry.value do |value|
+						value.string("connection")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("connection/timestamp")
+					entry.value do |value|
+						value.string(Time.now.to_i.to_s)
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("connection/type")
+					entry.value do |value|
+						value.string("vpn")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("connection/uuid")
+					entry.value do |value|
+						value.string(UUIDTools::UUID.random_create)
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("ipv4/addresses")
+					entry.value do |value|
+						value.list("type" => "int") do |list|
+						end
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("ipv4/dns")
+					entry.value do |value|
+						value.list("type" => "int") do |list|
+							ip=IPAddr.new(group_hash['vpn-network'].chomp("0")+"1")
+							list.value do |lv|
+								lv.int(ip_to_integer(ip.to_s))
+							end
+						end
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("ipv4/dns-search")
+					entry.value do |value|
+						value.list("type" => "string") do |list|
+							list.value do |lv|
+								lv.string(group_hash['domain-name'])
+							end
+						end
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("ipv4/ignore-auto-dns")
+					entry.value do |value|
+						value.bool("true")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("ipv4/method")
+					entry.value do |value|
+						value.string("auto")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("ipv4/name")
+					entry.value do |value|
+						value.string("ipv4")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("ipv4/never-default")
+					entry.value do |value|
+						value.bool("true")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("ipv4/routes")
+					entry.value do |value|
+						value.list("type" => "int") do |list|
+						end
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("vpn/ca")
+					entry.value do |value|
+						value.string(ca_cert)
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("vpn/cert")
+					entry.value do |value|
+						value.string(client_cert)
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("vpn/comp-lzo")
+					entry.value do |value|
+						value.string("yes")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("vpn/connection-type")
+					entry.value do |value|
+						value.string("tls")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("vpn/key")
+					entry.value do |value|
+						value.string(client_key)
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("vpn/proto-tcp")
+					entry.value do |value|
+						value.string("yes")
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("vpn/remote")
+					entry.value do |value|
+						value.string(group_hash['vpn-gateway'])
+					end
+				end
+				entrylist.entry do |entry|
+					entry.key("vpn/service-type")
+					entry.value do |value|
+						value.string("org.freedesktop.NetworkManager.openvpn")
+					end
+				end
+			end
+
+		end
+
+		Tempfile.open('w') do |f|
+			f.write(xml.target!)
+			f.flush
+			puts %x{gconftool-2 --load #{f.path}}
+		end
+
+		return true
+
+	end
+
+	def self.unset_gconf_config(server_group_id)
+		puts %x{gconftool-2 --recursive-unset /system/networking/connections/vpc_#{server_group_id}}
+	end
+
+	def self.delete_certs(server_group_id)
+		FileUtils.rm_rf(File.join(CERT_DIR, server_group_id))
+	end
+
+	def self.connect(server_group_id)
+		puts %x{#{sudo_display} nmcli con up id "VPC Group: #{server_group_id}"}
+	end
+
+	def self.disconnect(server_group_id)
+		puts %x{#{sudo_display} nmcli con down id "VPC Group: #{server_group_id}"}
+	end
+
+	def self.ip_to_integer(ip_string)
+		return 0 if ip_string.nil?
+		ip_arr=ip_string.each(".").collect{ |s| s.chomp(".").to_i}
+		return ip_arr[0] + ip_arr[1]*2**8 + ip_arr[2]*2**16 + ip_arr[3]*2**24
+	end
+
+	def self.sudo_display
+		if ENV['DISPLAY'].nil? or ENV['DISPLAY'] != ":0.0" then
+			"sudo"
+		else
+			""
+		end
+	end
+
+end
+end

data/rake/chef_vpc_toolkit.rake

@@ -2,8 +2,10 @@
 
 namespace :group do
 	TMP_SG=File.join(CHEF_VPC_PROJECT, 'tmp', 'server_groups')
+	TMP_CLIENTS=File.join(CHEF_VPC_PROJECT, 'tmp', 'clients')
 
 	directory TMP_SG
+	directory TMP_CLIENTS
 
 	desc "Create a new group of cloud servers"
 	task :create => [ TMP_SG, "chef:validate_json" ] do
@@ -20,7 +22,10 @@ namespace :group do
 
 		hash=CloudServersVPC.server_group_hash(resp)	
 		out_file=hash["id"]+".xml"
-		File.open(File.join(TMP_SG, out_file), 'w') { |f| f.write(resp) }
+		File.open(File.join(TMP_SG, out_file), 'w') do |f|
+			f.chmod(0600)
+			f.write(resp)
+		end
 		puts "Cloud server group ID #{hash['id']} created."
 		
 	end
@@ -51,13 +56,16 @@ namespace :group do
 		xml=CloudServersVPC.server_group_xml_for_id(configs, File.join(TMP_SG, '*.xml'), id)
 
 		hash=CloudServersVPC.server_group_hash(xml)
-		File.open(File.join(TMP_SG, "#{hash['id']}.xml"), 'w') { |f| f.write(xml) }
+		File.open(File.join(TMP_SG, "#{hash['id']}.xml"), 'w') do |f|
+			f.chmod(0600)
+			f.write(xml)
+		end
 		CloudServersVPC.print_server_group(hash)
 
 	end
 
 	desc "Delete a cloud server group"
-	task :delete do
+	task :delete => "vpn:delete" do
 		id=ENV['GROUP_ID']
 		configs=Util.load_configs
 		hash=Util.hash_for_group
@@ -72,6 +80,7 @@ namespace :group do
 			configs["cloud_servers_vpc_password"]
 		)
 		File.delete(File.join(TMP_SG, "#{id}.xml"))
+
 	end
 
 	desc "Force clean the cached server group files"
@@ -203,10 +212,106 @@ namespace :share do
 
 end
 
+namespace :vpn do
+
+	desc "Connect to a server group as a VPN client."
+	task :connect do
+
+		puts "Creating VPN Connection..."
+		configs=Util.load_configs
+		group_hash=Util.hash_for_group(configs)
+		if not File.exists?(File.join(TMP_CLIENTS, group_hash['id']+'.xml')) then
+			Rake::Task['vpn:create_client'].invoke
+			Rake::Task['vpn:poll_client'].invoke
+		end
+		client_hash=CloudServersVPC.client_hash(IO.read(File.join(TMP_CLIENTS, group_hash['id']+'.xml')))
+		ChefVPCToolkit::VpnNetworkManager.configure_gconf(group_hash, client_hash)
+		ChefVPCToolkit::VpnNetworkManager.connect(group_hash['id'])
+
+	end
+
+	desc "Disconnect from a server group as a VPN client."
+	task :disconnect do
+
+		configs=Util.load_configs
+		group_hash=Util.hash_for_group(configs)
+		ChefVPCToolkit::VpnNetworkManager.disconnect(group_hash['id'])
+
+		vpn_server_ip=group_hash["vpn-network"].chomp("0")+"1"
+		SshUtil.remove_known_hosts_ip(vpn_server_ip)
+		SshUtil.remove_known_hosts_ip("#{CloudServersVPC.vpn_server_name(group_hash)},#{vpn_server_ip}")
+
+	end
+
+	desc "Delete VPN config information."
+	task :delete do
+
+		configs=Util.load_configs
+		group_hash=Util.hash_for_group(configs)
+		group_id=group_hash['id']
+		ChefVPCToolkit::VpnNetworkManager.unset_gconf_config(group_id)
+		ChefVPCToolkit::VpnNetworkManager.delete_certs(group_id)
+		client_file=File.join(TMP_CLIENTS, "#{group_id}.xml")
+
+		vpn_server_ip=group_hash["vpn-network"].chomp("0")+"1"
+		SshUtil.remove_known_hosts_ip(vpn_server_ip)
+		SshUtil.remove_known_hosts_ip("#{CloudServersVPC.vpn_server_name(group_hash)},#{vpn_server_ip}")
+
+		if File.exists?(client_file) then
+			File.delete(client_file)
+		end
+
+	end
+
+	desc "Create a new VPN client."
+	task :create_client => [ TMP_CLIENTS ] do
+
+		configs=Util.load_configs
+		group_hash=Util.hash_for_group(configs)
+
+		vpn_client_name=Util.hostname
+		if not configs['vpn_client_name'].nil? then
+			vpn_client_name=configs['vpn_client_name']
+		end
+
+		xml=CloudServersVPC.create_client(group_hash, vpn_client_name)
+		client_hash=CloudServersVPC.client_hash(xml)
+		out_file=group_hash["id"]+".xml"
+		File.open(File.join(TMP_CLIENTS, out_file), 'w') do |f|
+			f.chmod(0600)
+			f.write(xml)
+		end
+		puts "Client ID #{client_hash['id']} created."
+		
+	end
+
+	desc "Poll until a client is online"
+	task :poll_client => TMP_CLIENTS do
+		timeout=ENV['VPN_CLIENT_TIMEOUT']
+		if timeout.nil? or timeout.empty? then
+			timeout=300 # defaults to 5 minutes
+		end
+		configs=Util.load_configs
+		group_hash=Util.hash_for_group
+		client_hash=CloudServersVPC.client_hash(IO.read(File.join(TMP_CLIENTS, group_hash['id']+'.xml')))
+		puts "Polling for client VPN cert to be created (this may take a minute)...."
+		CloudServersVPC.poll_client(client_hash["id"], timeout)
+		xml=CloudServersVPC.client_xml_for_id(configs, TMP_CLIENTS, client_hash["id"])
+		out_file=group_hash["id"]+".xml"
+		File.open(File.join(TMP_CLIENTS, out_file), 'w') do |f|
+			f.chmod(0600)
+			f.write(xml)
+		end
+		puts "Client VPN certs are ready to use."
+
+	end
+
+end
+
 desc "SSH into the most recently created VPN gateway server."
 task :ssh do
 	hash=Util.hash_for_group
-	exec("ssh root@#{hash['vpn-gateway']}")
+	exec("ssh -o \"StrictHostKeyChecking no\" root@#{hash['vpn-gateway']}")
 end
 
 desc "Create a server group, install chef, sync share data and cookbooks."
@@ -236,6 +341,10 @@ task :rechef => [ "server:rebuild", "group:poll" ] do
 
 end
 
+desc "Alias to the vpn:connect task."
+task :vpn => "vpn:connect"
+
+
 desc "Print help and usage information"
 task :usage do
 

data/test/cloud_servers_vpc_test.rb

@@ -6,72 +6,8 @@ module ChefVPCToolkit
 
 class CloudServersVPCTest < Test::Unit::TestCase
 
-SERVER_GROUP_XML = %{
-<?xml version="1.0" encoding="UTF-8"?>
-<server-group>
-  <created-at type="datetime">2010-10-15T15:15:58-04:00</created-at>
-  <description>test description</description>
-  <domain-name>mydomain.net</domain-name>
-  <historical type="boolean">false</historical>
-  <id type="integer">1759</id>
-  <last-used-ip-address>172.19.0.2</last-used-ip-address>
-  <name>test</name>
-  <owner-name>dan.prince</owner-name>
-  <updated-at type="datetime">2010-10-15T15:15:58-04:00</updated-at>
-  <user-id type="integer">3</user-id>
-  <vpn-network>172.19.0.0</vpn-network>
-  <vpn-subnet>255.255.128.0</vpn-subnet>
-  <servers type="array">
-    <server>
-      <account-id type="integer">3</account-id>
-      <cloud-server-id-number type="integer">1</cloud-server-id-number>
-      <created-at type="datetime">2010-10-15T15:15:58-04:00</created-at>
-      <description>login1</description>
-      <error-message nil="true"></error-message>
-      <external-ip-addr>184.106.205.120</external-ip-addr>
-      <flavor-id type="integer">4</flavor-id>
-      <historical type="boolean">false</historical>
-      <id type="integer">5513</id>
-      <image-id type="integer">14</image-id>
-      <internal-ip-addr>10.179.107.203</internal-ip-addr>
-      <name>login1</name>
-      <openvpn-server type="boolean">true</openvpn-server>
-      <retry-count type="integer">0</retry-count>
-      <server-group-id type="integer">1759</server-group-id>
-      <status>Online</status>
-      <updated-at type="datetime">2010-10-15T15:18:22-04:00</updated-at>
-      <vpn-network-interfaces type="array"/>
-    </server>
-    <server>
-      <account-id type="integer">3</account-id>
-      <cloud-server-id-number type="integer">2</cloud-server-id-number>
-      <created-at type="datetime">2010-10-15T15:15:58-04:00</created-at>
-      <description>test1</description>
-      <error-message nil="true"></error-message>
-      <external-ip-addr>184.106.205.121</external-ip-addr>
-      <flavor-id type="integer">49</flavor-id>
-      <historical type="boolean">false</historical>
-      <id type="integer">5513</id>
-      <image-id type="integer">49</image-id>
-      <internal-ip-addr>10.179.107.204</internal-ip-addr>
-      <name>test1</name>
-      <openvpn-server type="boolean">false</openvpn-server>
-      <retry-count type="integer">0</retry-count>
-      <server-group-id type="integer">1759</server-group-id>
-      <status>Online</status>
-      <updated-at type="datetime">2010-10-15T15:18:22-04:00</updated-at>
-      <vpn-network-interfaces type="array"/>
-    </server>
-  </servers>
-</server-group>
-}
-
   def test_os_types
 
-    #response = mock()
-    #response.stubs(:code => "200", :body => json_response)
-
-    #@conn.stubs(:csreq).returns(response)
     hash=CloudServersVPC.server_group_hash(SERVER_GROUP_XML)
     os_types=CloudServersVPC.os_types(hash)
 
@@ -169,6 +105,25 @@ SERVER_GROUP_XML = %{
 
   end
 
+  def test_create_client
+
+    response={}
+    response.stubs(:code).returns('200')
+    HttpUtil.stubs(:post).returns(response)
+
+    hash=CloudServersVPC.server_group_hash(SERVER_GROUP_XML)
+
+	assert "200", CloudServersVPC.create_client(hash, "test1").code
+
+  end
+
+  def test_vpn_server_name
+
+    hash=CloudServersVPC.server_group_hash(SERVER_GROUP_XML)
+    assert_equal "login1", CloudServersVPC.vpn_server_name(hash)
+
+  end
+
 end
 
 end

data/test/ssh_util_test.rb

@@ -0,0 +1,21 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+require 'tempfile'
+
+module ChefVPCToolkit
+
+class SshUtilTest < Test::Unit::TestCase
+
+  def test_remove_known_hosts_ip
+
+    t=Tempfile.new('ssh_test')
+    t.write(%{login,172.19.0.1 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu1Xfhjj0hZwDIXWa6Gd/Qk/S9VwO5ec9+u6CMLMteQY4seeXmpu643k8zCa6yLuDXyzucknfrsxtOKJVQ6F5glXW6+Ko/zPiPNQbeC6GIKDs2a3m6A5OJSqRHqoy0RTJu11Acs3tkWUgmvBKFX7jxEZuHJM1kI0/xP0JlO0zOVr8+9Wg6Zy5KfVnEsgbdaEvpk3Rrtt5Lm42w/uxvPTFY7AWBhUfloYqBQrX6zd8d17jHLCnukHmvdR7eVGihXREtvDjX4ycG1o5/9amLWR0ELVFkFiXPHyWCuyl21j5uI7Ro9P2pga5ypnDB+N1BjFJHSMMofT40XOBkzAxBUrLgw==\n})
+    t.flush
+    SshUtil.remove_known_hosts_ip('login,172.19.0.1', t.path)
+    assert_equal "", IO.read(t.path)
+
+  end
+
+end
+
+end

data/test/test_helper.rb

@@ -12,7 +12,7 @@ require 'fileutils'
 
 class TmpDir
 
-	def self.new_tmp_dir(prefix="chef-cloud-toolkit")
+	def self.new_tmp_dir(prefix="chef-vpc-toolkit")
 
 		tmp_file=Tempfile.new prefix
 		path=tmp_file.path
@@ -23,3 +23,152 @@ class TmpDir
 	end
 
 end
+
+SERVER_GROUP_XML = %{
+<?xml version="1.0" encoding="UTF-8"?>
+<server-group>
+  <created-at type="datetime">2010-10-15T15:15:58-04:00</created-at>
+  <description>test description</description>
+  <domain-name>mydomain.net</domain-name>
+  <historical type="boolean">false</historical>
+  <id type="integer">1759</id>
+  <last-used-ip-address>172.19.0.2</last-used-ip-address>
+  <name>test</name>
+  <owner-name>dan.prince</owner-name>
+  <updated-at type="datetime">2010-10-15T15:15:58-04:00</updated-at>
+  <user-id type="integer">3</user-id>
+  <vpn-network>172.19.0.0</vpn-network>
+  <vpn-subnet>255.255.128.0</vpn-subnet>
+  <servers type="array">
+    <server>
+      <account-id type="integer">3</account-id>
+      <cloud-server-id-number type="integer">1</cloud-server-id-number>
+      <created-at type="datetime">2010-10-15T15:15:58-04:00</created-at>
+      <description>login1</description>
+      <error-message nil="true"></error-message>
+      <external-ip-addr>184.106.205.120</external-ip-addr>
+      <flavor-id type="integer">4</flavor-id>
+      <historical type="boolean">false</historical>
+      <id type="integer">5513</id>
+      <image-id type="integer">14</image-id>
+      <internal-ip-addr>10.179.107.203</internal-ip-addr>
+      <name>login1</name>
+      <openvpn-server type="boolean">true</openvpn-server>
+      <retry-count type="integer">0</retry-count>
+      <server-group-id type="integer">1759</server-group-id>
+      <status>Online</status>
+      <updated-at type="datetime">2010-10-15T15:18:22-04:00</updated-at>
+      <vpn-network-interfaces type="array"/>
+    </server>
+    <server>
+      <account-id type="integer">3</account-id>
+      <cloud-server-id-number type="integer">2</cloud-server-id-number>
+      <created-at type="datetime">2010-10-15T15:15:58-04:00</created-at>
+      <description>test1</description>
+      <error-message nil="true"></error-message>
+      <external-ip-addr>184.106.205.121</external-ip-addr>
+      <flavor-id type="integer">49</flavor-id>
+      <historical type="boolean">false</historical>
+      <id type="integer">5513</id>
+      <image-id type="integer">49</image-id>
+      <internal-ip-addr>10.179.107.204</internal-ip-addr>
+      <name>test1</name>
+      <openvpn-server type="boolean">false</openvpn-server>
+      <retry-count type="integer">0</retry-count>
+      <server-group-id type="integer">1759</server-group-id>
+      <status>Online</status>
+      <updated-at type="datetime">2010-10-15T15:18:22-04:00</updated-at>
+      <vpn-network-interfaces type="array"/>
+    </server>
+  </servers>
+</server-group>
+}
+
+CLIENT_XML = %{
+<client>
+  <created-at type="datetime">2011-01-09T19:37:32-05:00</created-at>
+  <description>Toolkit Client: local</description>
+  <id type="integer">5</id>
+  <is-windows type="boolean">false</is-windows>
+  <name>local</name>
+  <server-group-id type="integer">11</server-group-id>
+  <status>Online</status>
+  <updated-at type="datetime">2011-01-09T19:37:37-05:00</updated-at>
+  <vpn-network-interfaces type="array">
+    <vpn-network-interface>
+      <ca-cert>-----BEGIN CERTIFICATE-----
+MIIDyDCCAzGgAwIBAgIJAORNZNRpPx87MA0GCSqGSIb3DQEBBQUAMIGfMQswCQYD
+VQQGEwJVUzELMAkGA1UECBMCVkExEzARBgNVBAcTCkJsYWNrc2J1cmcxEjAQBgNV
+BAoTCVJhY2tzcGFjZTEXMBUGA1UECxMOSW5mcmFzdHJ1Y3R1cmUxDjAMBgNVBAMT
+BWxvZ2luMQ4wDAYDVQQpEwVsb2dpbjEhMB8GCSqGSIb3DQEJARYSY29icmFAc25h
+a2VvaWwuY29tMB4XDTExMDExMDAwMzI1NVoXDTIxMDEwNzAwMzI1NVowgZ8xCzAJ
+BgNVBAYTAlVTMQswCQYDVQQIEwJWQTETMBEGA1UEBxMKQmxhY2tzYnVyZzESMBAG
+A1UEChMJUmFja3NwYWNlMRcwFQYDVQQLEw5JbmZyYXN0cnVjdHVyZTEOMAwGA1UE
+AxMFbG9naW4xDjAMBgNVBCkTBWxvZ2luMSEwHwYJKoZIhvcNAQkBFhJjb2JyYUBz
+bmFrZW9pbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL0xIVIfh8rA
+OCfc4BbWG+W+53iP9J6Fqhya5HSrYw3pdUCdimRBwQ0HoEnHndz2soRYc2Wtat8L
+qqoS/qZMBbqerzEUFHumSKLADT3y8G1gkiGsb1fBZPmExPYyG/UQQUfK7CIM/L/m
+W6Ji5ZEfTF9QPwHj3kVU99VUvm/BS8wXAgMBAAGjggEIMIIBBDAdBgNVHQ4EFgQU
+dOvLRyxDa2Xso59PFLf22sZQ07wwgdQGA1UdIwSBzDCByYAUdOvLRyxDa2Xso59P
+FLf22sZQ07yhgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJWQTETMBEG
+A1UEBxMKQmxhY2tzYnVyZzESMBAGA1UEChMJUmFja3NwYWNlMRcwFQYDVQQLEw5J
+bmZyYXN0cnVjdHVyZTEOMAwGA1UEAxMFbG9naW4xDjAMBgNVBCkTBWxvZ2luMSEw
+HwYJKoZIhvcNAQkBFhJjb2JyYUBzbmFrZW9pbC5jb22CCQDkTWTUaT8fOzAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAAVXIxOocwXi05004m9Znff6/cAj
+2osr72g/Xux++lVqiSHf+T/R4QywsXy9//vKeXVEIyaaP9ImnWbbzHFFI+NStP4n
+LILyv+/eOuZ6Dv7Vv6ZacjI3fexcXYr5VW52HHbb/M7G1ePAfdAixUHNH7lh58dY
+WDzmJicksUYlyvI+
+-----END CERTIFICATE-----
+</ca-cert>
+      <client-cert>-----BEGIN CERTIFICATE-----
+MIIEDjCCA3egAwIBAgIBAzANBgkqhkiG9w0BAQUFADCBnzELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAlZBMRMwEQYDVQQHEwpCbGFja3NidXJnMRIwEAYDVQQKEwlSYWNr
+c3BhY2UxFzAVBgNVBAsTDkluZnJhc3RydWN0dXJlMQ4wDAYDVQQDEwVsb2dpbjEO
+MAwGA1UEKRMFbG9naW4xITAfBgkqhkiG9w0BCQEWEmNvYnJhQHNuYWtlb2lsLmNv
+bTAeFw0xMTAxMTAwMDM3MzVaFw0yMTAxMDcwMDM3MzVaMIGfMQswCQYDVQQGEwJV
+UzELMAkGA1UECBMCVkExEzARBgNVBAcTCkJsYWNrc2J1cmcxEjAQBgNVBAoTCVJh
+Y2tzcGFjZTEXMBUGA1UECxMOSW5mcmFzdHJ1Y3R1cmUxDjAMBgNVBAMTBWxvY2Fs
+MQ4wDAYDVQQpEwVsb2dpbjEhMB8GCSqGSIb3DQEJARYSY29icmFAc25ha2VvaWwu
+Y29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCefsUr0T4oQUjKjW7Dpx0t
+KwwafBF2HUW7CI75apeTjSBgYC1CHC6cggfFkUTFvndzspbGaeuJeYtvcvkAa2BD
+p4jlSJgEXa+Uy1UAj1y06BePLNbKF4EfgEGf3eIWcdOtLYbOg4k33uNgto168iVO
+owWOR+B2/z73NIHWxvtF3wIDAQABo4IBVjCCAVIwCQYDVR0TBAIwADAtBglghkgB
+hvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSRXbeuamcuma4yo5B8IYSGGT3fNjCB1AYDVR0jBIHMMIHJgBR068tHLENrZeyj
+n08Ut/baxlDTvKGBpaSBojCBnzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRMw
+EQYDVQQHEwpCbGFja3NidXJnMRIwEAYDVQQKEwlSYWNrc3BhY2UxFzAVBgNVBAsT
+DkluZnJhc3RydWN0dXJlMQ4wDAYDVQQDEwVsb2dpbjEOMAwGA1UEKRMFbG9naW4x
+ITAfBgkqhkiG9w0BCQEWEmNvYnJhQHNuYWtlb2lsLmNvbYIJAORNZNRpPx87MBMG
+A1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOB
+gQApPAG1suVSPugJyQGfBaL8H+7VJdAGXnc6INX5s1AxJ3mvp4o6PQ7ytP4v/QkJ
+ZVMgWV8immfa3PboFgT00qqpbC2Vbf4RR972IEQfGuJLLl4YLrJsbloV9hBamKS7
+Z1lllmEHxFWpNK2FLSZNaeQABZyvzfZYkk6zsHoY8XsCBg==
+-----END CERTIFICATE-----
+</client-cert>
+      <client-key>-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCefsUr0T4oQUjKjW7Dpx0tKwwafBF2HUW7CI75apeTjSBgYC1C
+HC6cggfFkUTFvndzspbGaeuJeYtvcvkAa2BDp4jlSJgEXa+Uy1UAj1y06BePLNbK
+F4EfgEGf3eIWcdOtLYbOg4k33uNgto168iVOowWOR+B2/z73NIHWxvtF3wIDAQAB
+AoGAf3tFykWl8ij4jHsP8Wz0CcWLGa5bOR64XIS4wyKaQoML3JjfLkKOtzHbYGzE
+3Syi1bt6jKLbYZsSrRTT9SNorB3M2HI/uu1NHVyJ8fqxSJs9wQWv26XcMq6iPXR6
+JQmiG44r0NoHtDOw0NCoo+9il4wjTIVSwN58x69EO1hsWokCQQDREYW73F536KzN
+GSsLy+8VsaRiHCboi7lZwITGt4xFhykP/P5R/mNMTklVpJENuZH5jhiBr8r2O/XE
+NQpIEZiFAkEAwhL4EnXax5p50g2CpkJM2B9F/p3IjjMs/sdUh4/RvAVkVAzz7uOh
+TjtrL0T6480wA7rk3324IG5x4XTgXYVkEwJBAKkg7LgJ0N5d+xS8TIdxhctd9uZr
+ccpj5iDGTmNXbwF8EurdNnvsODYtisPeqn2Y5o8ktYyMQrupy+rbIaMloOUCQAsI
+pQ33oV6jy7VDi2AEePX4oTQeqF5dTnuVvZqPdK8p51BYBC5axrr56dggJdt5uPcd
+UxHZxfQiE1tsF615ff0CQQCjeBskODATJkbN0kw+6FIF9m7QoEAYtJD1jLiY/2Sv
+QRiYX+gvycrIph1yyIGA1qeHYnjhQp4ZijhcwSFUAAyF
+-----END RSA PRIVATE KEY-----
+</client-key>
+      <created-at type="datetime">2011-01-09T19:37:32-05:00</created-at>
+      <id type="integer">15</id>
+      <interfacable-id type="integer">5</interfacable-id>
+      <interfacable-type>Client</interfacable-type>
+      <ptp-ip-addr>172.19.0.6</ptp-ip-addr>
+      <updated-at type="datetime">2011-01-09T19:37:36-05:00</updated-at>
+      <vpn-ip-addr>172.19.0.5</vpn-ip-addr>
+    </vpn-network-interface>
+  </vpn-network-interfaces>
+</client>
+}

data/test/util_test.rb

@@ -0,0 +1,15 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+module ChefVPCToolkit
+
+class UtilTest < Test::Unit::TestCase
+
+  def test_hostname
+
+    assert_not_nil Util.hostname
+
+  end
+
+end
+
+end

data/test/vpn_network_manager_test.rb

@@ -0,0 +1,35 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+require 'tempfile'
+
+module ChefVPCToolkit
+
+class VpnNetworkManagerTest < Test::Unit::TestCase
+
+  def setup
+    tmpdir=TmpDir.new_tmp_dir
+    File.open(File.join(tmpdir, "gconftool-2"), 'w') do |f|
+      f.write("#!/bin/bash\nexit 0")
+      f.chmod(0755)
+    end
+    ENV['PATH']=tmpdir+":"+ENV['PATH']
+  end
+
+  def teardown
+    group_hash=CloudServersVPC.server_group_hash(SERVER_GROUP_XML)
+    VpnNetworkManager.delete_certs(group_hash['id'])
+  end
+
+  def test_configure_gconf
+    group_hash=CloudServersVPC.server_group_hash(SERVER_GROUP_XML)
+    client_hash=CloudServersVPC.client_hash(CLIENT_XML)
+    assert VpnNetworkManager.configure_gconf(group_hash, client_hash)
+  end
+
+  def test_ip_to_integer
+    assert_equal 16782252, VpnNetworkManager.ip_to_integer("172.19.0.1")
+  end
+
+end
+
+end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: chef-vpc-toolkit
 version: !ruby/object:Gem::Version 
-  hash: 13
+  hash: 11
   prerelease: false
   segments: 
   - 2
-  - 0
   - 1
-  version: 2.0.1
+  - 0
+  version: 2.1.0
 platform: ruby
 authors: 
 - Dan Prince
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-12-07 00:00:00 -05:00
+date: 2011-01-11 00:00:00 -05:00
 default_executable: chef-vpc-toolkit
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -60,6 +60,20 @@ dependencies:
         version: "0"
   type: :runtime
   version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: uuidtools
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id004
 description: The Chef VPC Toolkit is a set of Rake tasks that provide a framework to help automate the creation and configuration of cloud server groups for development or testing. Requires Cloud Servers VPC.
 email: dan.prince@rackspace.com
 executables: 
@@ -70,6 +84,8 @@ extra_rdoc_files:
 - README.rdoc
 files: 
 - .gitignore
+- .rvmrc
+- CHANGELOG
 - COPYING
 - README.rdoc
 - Rakefile
@@ -111,9 +127,13 @@ files:
 - lib/chef-vpc-toolkit/ssh_util.rb
 - lib/chef-vpc-toolkit/util.rb
 - lib/chef-vpc-toolkit/version.rb
+- lib/chef-vpc-toolkit/vpn_network_manager.rb
 - rake/chef_vpc_toolkit.rake
 - test/cloud_servers_vpc_test.rb
+- test/ssh_util_test.rb
 - test/test_helper.rb
+- test/util_test.rb
+- test/vpn_network_manager_test.rb
 has_rdoc: true
 homepage: http://github.com/rackspace/chef-vpc-toolkit
 licenses: []
@@ -149,5 +169,8 @@ signing_key:
 specification_version: 3
 summary: Rake tasks to automate and configure server groups in the cloud with Chef.
 test_files: 
+- test/util_test.rb
+- test/ssh_util_test.rb
 - test/test_helper.rb
 - test/cloud_servers_vpc_test.rb
+- test/vpn_network_manager_test.rb