cirrus-aws 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: cfe296c12d483dc3cfe49b9e7d1c6d12b03d9f6a
+  data.tar.gz: 67e5d6ef681de3f98ee9730fafde36698c069d38
+SHA512:
+  metadata.gz: 540e9f5eff1d4f146bbf4e3ff9498cbaba05e433d62fa8eb22dfa5ce9c4a487e0ba594ea71d53b53c36f21f0f600e8292df30ddc17cbd0d80fa23bb6e7a67462
+  data.tar.gz: 74c83ec54402ab291fe231c5280349a898281053e974b071aa442a3f405300664b8a88cc5a216549af7be717525550d48ae7462986a56d3611846d086d0ce877

data/.gitignore

@@ -0,0 +1,70 @@
+# bundler state
+/.bundle
+/vendor/bundle/
+/vendor/ruby/
+
+# minimal Rails specific artifacts
+db/*.sqlite3
+/db/*.sqlite3-journal
+/log/*
+/tmp/*
+
+# various artifacts
+**.war
+*.rbc
+*.sassc
+.rspec
+.redcar/
+.sass-cache
+/config/config.yml
+/config/database.yml
+/config/application.yml
+/config/secrets.yml
+/coverage.data
+/coverage/
+/db/*.javadb/
+/db/*.sqlite3
+/doc/api/
+/doc/app/
+/doc/features.html
+/doc/specs.html
+/public/cache
+/public/stylesheets/compiled
+/public/system/*
+/spec/tmp/*
+/cache
+/capybara*
+/capybara-*.html
+/gems
+/specifications
+rerun.txt
+pickle-email-*.html
+.zeus.sock
+tags
+gems.tags
+
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+#   git config --global core.excludesfile ~/.gitignore_global
+#
+# Here are some files you may want to ignore globally:
+
+# scm revert files
+**.orig
+
+# Mac finder artifacts
+.DS_Store
+
+# Netbeans project directory
+/nbproject/
+
+# RubyMine project files
+.idea
+
+# Textmate project files
+/*.tmproj
+
+# vim artifacts
+**.swp
+
+dump.rdb

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in cirrus.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Andrew Berls
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,49 @@
+# Cirrus
+
+A command-line tool to launch and provision EC2 instances. Cirrus is an experimental work-in-progress and should not be considered production-ready.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'cirrus'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install cirrus
+
+## Usage
+
+The CLI ships with two commands: `launch` and `teardown`.
+
+### Launching an instance
+Usage: `cirrus launch IMAGE_ID AWS_ACCESS_KEY AWS_SECRET_KEY REGION`
+
+This will automatically create a default Cirrus key pair and security group
+(authorizing inbound SSH and HTTP traffic), and launch an instance
+
+For example, `cirrus launch ami-ee4f77ab <access_key> <secret_key> us-west-1` will launch an instance running Ubuntu 14.04 in us-west-1 (N. California).
+
+
+### Tearing down an instance
+Usage: `cirrus teardown INSTANCE_ID AWS_ACCESS_KEY AWS_SECRET_KEY REGION`
+
+Example: `cirrus teardown i-bdc5b377 <access_key> <secret_key> us-west-1`
+
+This will terminate the specified instance and destroy its associated security groups and keypairs.
+
+That's it!
+
+## Contributing
+
+1. Fork it ( https://github.com/andrewberls/cirrus/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/bin/cirrus

@@ -0,0 +1,47 @@
+#!/usr/bin/env ruby
+
+require 'cirrus'
+
+USAGE =
+  %Q{\
+  Usage: cirrus <command> <args>
+
+  Commands:
+    launch IMAGE_ID AWS_ACCESS_KEY AWS_SECRET_KEY REGION
+    teardown INSTANCE_ID AWS_ACCESS_KEY AWS_SECRET_KEY REGION}
+
+command = ARGV[0]
+
+case command
+when 'launch'
+  ARGV.length == 5 or raise "Usage: cirrus launch IMAGE_ID AWS_ACCESS_KEY AWS_SECRET_KEY REGION"
+
+  image_id       = ARGV[1]
+  aws_access_key = ARGV[2]
+  aws_secret_key = ARGV[3]
+  region         = ARGV[4]
+
+  Cirrus.setup(
+    image_id,
+    access_key_id: aws_access_key,
+    secret_access_key: aws_secret_key,
+    region: region
+  )
+when 'teardown'
+  ARGV.length == 5 or raise "Usage: cirrus teardown INSTANCE_ID AWS_ACCESS_KEY AWS_SECRET_KEY REGION"
+
+  instance_id    = ARGV[1]
+  aws_access_key = ARGV[2]
+  aws_secret_key = ARGV[3]
+  region         = ARGV[4]
+
+  Cirrus.teardown(instance_id, {
+    access_key_id: aws_access_key,
+    secret_access_key: aws_secret_key,
+    region: region
+  })
+when '-h', '--help'
+  puts USAGE
+else
+  raise USAGE
+end

data/cirrus-aws.gemspec

@@ -0,0 +1,22 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'cirrus/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "cirrus-aws"
+  spec.version       = Cirrus::VERSION
+  spec.authors       = ["Andrew Berls"]
+  spec.email         = ["andrew.berls@gmail.com"]
+  spec.summary       = %q{A command-line tool to provision and launch AWS EC2 instances}
+  spec.description   = %q{}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.7"
+end

data/lib/cirrus/instance.rb

@@ -0,0 +1,75 @@
+module Cirrus::Instance
+  extend self
+
+  STATUS_PENDING       = :pending
+  STATUS_RUNNING       = :running
+  STATUS_SHUTTING_DOWN = :shutting_down
+  STATUS_TERMINATED    = :terminated
+
+  class UnexpectedStatusError < StandardError; end
+
+  SSH_WAIT_TIME = 45 # seconds
+
+  # Launch an instance, optionally adding tags, and wait for it to
+  # run
+  #
+  # Returns AWS::EC2::Instance
+  def launch(ec2, launch_opts, tags={})
+    puts "Launching instance (#{launch_opts[:image_id]}) ..."
+    instance = ec2.instances.create(launch_opts)
+    sleep 5 while instance.status == STATUS_PENDING
+    puts "Launched instance #{instance.id}, status: #{instance.status}"
+
+    assert_instance_status!(instance, STATUS_RUNNING)
+
+    puts "Tagging instance ..."
+    tags.each { |k, v| instance.add_tag(k, value: v) }
+
+    puts "Waiting for SSH to become available ..."
+    sleep SSH_WAIT_TIME
+
+    instance
+  end
+
+
+  # Terminate an instance and destroy its associated security groups / key pair
+  # TODO: if we have a standard Cirrus sec group / keypair, don't want to destroy them
+  def teardown(ec2, instance_id)
+    instance = ec2.instances[instance_id]
+    terminate(instance)
+
+    puts "Destroying security groups ..."
+
+    instance.security_groups.each do |group|
+      next if group.name == 'default'
+      puts "\tDestroying group #{group.id} ..."
+      group.delete
+    end
+
+    key_pair = ec2.key_pairs[instance.key_name]
+    puts "Destroying keypair #{key_pair.name} ..."
+    key_pair.delete
+  end
+
+
+  private
+
+  # Terminate an instance and wait for completion
+  def terminate(instance)
+    instance.terminate
+    puts "Instance terminated, waiting for shutdown completion ..."
+    sleep 10 while instance.status == STATUS_SHUTTING_DOWN
+
+    assert_instance_status!(instance, STATUS_TERMINATED)
+  end
+
+
+  def assert_instance_status!(instance, expected_status)
+    actual_status = instance.status
+    unless actual_status == expected_status
+      raise UnexpectedStatusError, "Expected #{expected_status}, was #{actual_status} for instance #{instance.id}"
+    end
+    nil
+  end
+
+end

data/lib/cirrus/key_pair.rb

@@ -0,0 +1,46 @@
+require 'fileutils'
+
+module Cirrus::KeyPair
+  extend self
+
+  DEFAULT_NAME = 'cirrus'
+
+  PRIVATE_KEY_PERMISSIONS = 0600
+
+  def find_or_create_default(ec2)
+    default_key_pair = ec2.key_pairs.filter("key-name", DEFAULT_NAME).first
+
+    if !default_key_pair.nil?
+      puts "Using default Cirrus key pair"
+      [default_key_pair, private_key_filename]
+    else
+      puts "Creating default Cirrus key pair ..."
+      create_default_key_pair!(ec2)
+    end
+  end
+
+  private
+
+  # Create the default key pair and write its private key to local disk
+  #
+  # Returns tuple of [AWS::EC2::KeyPair, string_private_key_filename]
+  def create_default_key_pair!(ec2)
+    key_pair_name = DEFAULT_NAME
+    key_pair = ec2.key_pairs.create(key_pair_name)
+    filename = private_key_filename
+
+    File.open(filename, 'w') do |file|
+      file.write(key_pair.private_key)
+    end
+    FileUtils.chmod(PRIVATE_KEY_PERMISSIONS, filename)
+    puts "Saved new keypair to #{filename}"
+
+    [key_pair, filename]
+  end
+
+
+  def private_key_filename
+    "#{ENV['HOME']}/.ssh/#{DEFAULT_NAME}"
+  end
+
+end

data/lib/cirrus/scp.rb

@@ -0,0 +1,26 @@
+require 'net/scp'
+require 'cirrus/ssh'
+
+module Cirrus
+  module SCP
+    extend self
+
+    class SCPUnavailable < StandardError; end
+
+    # Opens an SCP connection and yields it so that you can download
+    # and upload files.
+    def connect(host, username)
+      Cirrus::SSH.connect(host, username) do |connection|
+        scp = Net::SCP.new(connection)
+        return yield scp
+      end
+    rescue Net::SCP::Error => e
+      # If we get the exit code of 127, then this means SCP is unavailable.
+      raise SCPUnavailable if e.message =~ /\(127\)/
+
+      # Otherwise, just raise the error up
+      raise e
+    end
+
+  end
+end

data/lib/cirrus/security_group.rb

@@ -0,0 +1,31 @@
+module Cirrus
+  module SecurityGroup
+    extend self
+
+    DEFAULT_NAME = 'cirrus'
+
+    def find_or_create_default(ec2)
+      default_group = ec2.security_groups.filter('group-name', DEFAULT_NAME).first
+
+      if !default_group.nil?
+        puts "Using default Cirrus security group"
+        default_group
+      else
+        puts "Creating default Cirrus security group ..."
+        create_default_group!(ec2)
+      end
+    end
+
+    private
+
+    # Create default security group + authorize SSH / HTTP
+    # TODO: configurable allowed IP range ?
+    def create_default_group!(ec2)
+      ec2.security_groups.create(DEFAULT_NAME).tap do |g|
+        g.authorize_ingress(:tcp, 22, "0.0.0.0/0")
+        g.authorize_ingress(:tcp, 80, "0.0.0.0/0")
+      end
+    end
+
+  end
+end

data/lib/cirrus/ssh.rb

@@ -0,0 +1,110 @@
+require 'tempfile'
+require 'net/ssh'
+require 'cirrus/scp'
+
+$retry_count = 0
+
+module Cirrus
+  module SSH
+    extend self
+
+    # Open an SSH connection and yield it
+    def connect(host, username)
+      timeout = 15
+
+      common_connect_opts = {
+        auth_methods:          ["publickey"],
+        forward_agent:         false,
+        port:                  22,
+        timeout:               15,
+        user_known_hosts_file: [],
+        verbose:               :debug
+      }
+
+      begin
+        connection =
+          Timeout.timeout(timeout) do
+            begin
+              connect_opts = common_connect_opts.dup
+              connect_opts[:logger] = Logger.new(StringIO.new)
+              Net::SSH.start(host, username, connect_opts)
+            end
+          end
+      rescue Errno::EACCES
+        # This happens on connect() for unknown reasons yet...
+        raise "eacces"
+      rescue Errno::ETIMEDOUT, Timeout::Error
+        # This happens if we continued to timeout when attempting to connect.
+        if $retry_count < 3
+          $retry_count += 1
+          retry
+        else
+          raise "timeout"
+        end
+      rescue Net::SSH::AuthenticationFailed
+        # This happens if authentication failed. We wrap the error in our
+        # own exception.
+        raise "authentication"
+      rescue Net::SSH::Disconnect
+        # This happens if the remote server unexpectedly closes the
+        # connection. This is usually raised when SSH is running on the
+        # other side but can't properly setup a connection. This is
+        # usually a server-side issue.
+        raise "disconnect"
+      rescue Errno::ECONNREFUSED
+        # This is raised if we failed to connect the max amount of times
+        raise "econnrefused"
+      rescue Errno::ECONNRESET
+        # This is raised if we failed to connect the max number of times
+        # due to an ECONNRESET.
+        raise "econnreset"
+      rescue Errno::EHOSTDOWN
+        # This is raised if we get an ICMP DestinationUnknown error.
+        raise "ehostdown"
+      rescue Errno::EHOSTUNREACH
+        # This is raised if we can't work out how to route traffic.
+        raise "ehostunreach"
+      rescue Net::SSH::Exception => e
+        # This is an internal error in Net::SSH
+        raise "internal net ssh error"
+      rescue NotImplementedError
+        # This is raised if a private key type that Net-SSH doesn't support
+        # is used. Show a nicer error.
+        raise "unsupported private key type"
+      end
+
+      yield connection
+    end
+
+
+    # Start ssh-agent and add a key to the keychain
+    # TODO: avoid starting if already running
+    def add_to_keychain(private_key_path)
+      puts "Starting ssh-agent, adding keypair private key ..."
+      puts `eval $(ssh-agent)`
+      puts `ssh-add #{private_key_path}`
+    end
+
+
+    # TODO: better key handling (bootstrap with public key)
+    def bootstrap(host:, username:, private_key_path:, source_path:)
+      return unless source_path
+
+      puts "Bootstrapping instance (#{username}@#{host}) ..."
+
+      add_to_keychain(private_key_path)
+
+      tf = Tempfile.new('boxer-shell')
+      tf.write(File.read(source_path))
+      tf.rewind
+
+      source_path = tf.path
+      dest_path = "/tmp/boxer-shell"
+
+      Cirrus::SCP.connect(host, username) do |scp|
+        scp.upload!(source_path, dest_path)
+      end
+    end
+
+  end
+end

data/lib/cirrus/version.rb

@@ -0,0 +1,3 @@
+module Cirrus
+  VERSION = "0.0.1"
+end

data/lib/cirrus.rb

@@ -0,0 +1,75 @@
+require 'aws-sdk'
+
+module Cirrus
+  extend self
+
+  # Launch an instance with the default Cirrus key pair and security group,
+  # provision the instance, and wait for it to launch
+  #
+  # image_id - String identifier, ex: "ami-ee4f77ab"
+  # ec2_opts - Hash of
+  #   access_key_id - String
+  #   secret_access_key - String
+  #   region - String, ex: "us-east-1"
+  #
+  #
+  # Returns nothing
+  def setup(image_id, ec2_opts)
+    puts "Starting setup for #{ec2_opts[:region]} ..."
+
+    ec2 = AWS::EC2.new(ec2_opts)
+
+    key_pair, private_key_filename = Cirrus::KeyPair.find_or_create_default(ec2)
+
+    security_group = Cirrus::SecurityGroup.find_or_create_default(ec2)
+
+    instance_type = "m1.small"
+    launch_opts = {
+      :image_id => image_id,
+      instance_type: instance_type,
+      :key_pair => key_pair,
+      :security_groups => security_group
+      # :associate_public_ip_address => true # Only for VPC launch
+    }
+    tags = { 'Name' => "cirrus-sample-#{Time.now.to_i}" }
+    instance = Cirrus::Instance.launch(ec2, launch_opts, tags)
+
+    host = instance.public_ip_address
+
+    Cirrus::SSH.bootstrap(
+      host: host,
+      username: 'ubuntu',
+      private_key_path: private_key_filename,
+      source_path: nil
+    )
+
+    puts "Done! Provisioned instance #{instance.id} host #{host}, key #{private_key_filename}"
+  end
+
+
+  # Terminate an instance and its associated security groups / key pairs
+  #
+  # instance_id - String id, ex: "i-74f86cbe"
+  # ec2_opts    - Hash of
+  #   access_key_id - String
+  #   secret_access_key - String
+  #   region - String, ex: "us-east-1"
+  #
+  # Returns nothing
+  def teardown(instance_id, ec2_opts)
+    puts "Tearing down #{instance_id} ..."
+
+    ec2 = AWS::EC2.new(ec2_opts)
+    Cirrus::Instance.teardown(ec2, instance_id)
+
+    puts "Teardown successful for #{instance_id}!"
+  end
+
+end
+
+require "cirrus/version"
+require 'cirrus/instance'
+require 'cirrus/key_pair'
+require 'cirrus/scp'
+require 'cirrus/security_group'
+require 'cirrus/ssh'

metadata

@@ -0,0 +1,72 @@
+--- !ruby/object:Gem::Specification
+name: cirrus-aws
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Andrew Berls
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-11-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+description: ''
+email:
+- andrew.berls@gmail.com
+executables:
+- cirrus
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- bin/cirrus
+- cirrus-aws.gemspec
+- lib/cirrus.rb
+- lib/cirrus/instance.rb
+- lib/cirrus/key_pair.rb
+- lib/cirrus/scp.rb
+- lib/cirrus/security_group.rb
+- lib/cirrus/ssh.rb
+- lib/cirrus/version.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.1
+signing_key: 
+specification_version: 4
+summary: A command-line tool to provision and launch AWS EC2 instances
+test_files: []