hawser 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cf941e79bf69e2c5a377996a0b8bec222e65232a
-  data.tar.gz: 3905483927606e26b00f4cade2fff9f6535d9f08
+  metadata.gz: f37eabe7ab5a93f7ac12ae94512c90d3d5f92b5b
+  data.tar.gz: 897451652af6a7277f9f993ea68edd25b51a1b08
 SHA512:
-  metadata.gz: 0e82f6e9fa6e2ae598f2a8b4eac50893c41f5be524edc2a93e8cb92175b828ac03cc4011d49bf17cc3f5c8f019964c68dafbbc0259d44ff251a723fe57186329
-  data.tar.gz: c8790b49b61e5863e12e5fa7527cb8dfb3431e16f17d52d88af884a647bff68988a52b7b33b7443d091c6f9fdb6c26c69153d5dc4da81d387f39b7d912fac42d
+  metadata.gz: b3a8730daffd3c68e99eb12e3d6d3db06e505fb5181bb993b5e72e146b85073c05e068a49b0c562280e6928b782826d799bf0e1e23d868dc4daa6af89d036acd
+  data.tar.gz: 6b08518ebf9b91e8a670d5106b63e395dc8f43f8169904452d6a4928d2fa795fff00da35eda1ec6ecb4975479b1a57b5a46952000f598f869101a92c292efa2b

data/lib/hawser/baking-command.rb

@@ -9,6 +9,13 @@ module Hawser
 
     setting :region, "us-west-1"
 
+    setting :block_mappings, {
+      "ami" => "sda1",
+      "root" => "/dev/sda1",
+      "ephemeral0" => "sda2",
+      "swap" => "sda3"
+    }
+
     dir(:ephemeral_dir, "mnt",
         dir(:keyfile_dir, "keys",
             path(:private_key, "pk.pem"),
@@ -56,6 +63,10 @@ module Hawser
         bundle.options += ["-k", private_key.abspath ]
         bundle.options += ["-c", certificate_file.abspath ]
         bundle.options += ["--user", aws_account_id ]
+        bundle.options += ["--block-device-mapping", block_mappings.map do |name, dev|
+          "#{name}=#{dev}"
+        end.join(",")
+        ]
 
         bundle.options += ["--destination", ephemeral_dir.abspath ]
         bundle.options += ["--prefix", prefix ]
@@ -79,6 +90,12 @@ module Hawser
         register.options += ["--region", region]
         register.options += ["--aws-access-key", access_key]
         register.options += ["--aws-secret-key", secret_key]
+      }) &
+      (cmd("rm") {|rm|
+        rm.options = ["-rf", keyfile_dir.abspath]
+      }) &
+      (cmd("rm") {|rm|
+        rm.options = ["-f", File::join(ephemeral_dir.abspath, prefix || "no-such-file"), File::join(ephemeral_dir.abspath, prefix || "no-such-file") + ".part.*" ]
       })
     end
   end

data/lib/hawser/cluster.rb

@@ -2,6 +2,7 @@ require 'mattock'
 require 'hawser/credentialing'
 require 'hawser/baking'
 require 'hawser/servers'
+require 'hawser/volumes'
 
 module Hawser
   # Represents a cluster of servers on AWS
@@ -47,12 +48,25 @@ module Hawser
           creds.credentials.proxy_settings_to(servers)
         end
 
+        Hawser::Volumes.new do |volumes|
+          copy_settings_to(volumes)
+          volumes.cluster_name = name
+          creds.copy_settings_to(volumes)
+          creds.credentials.proxy_settings_to(volumes)
+        end
+
         namespace :baking do
-          task :bake => "credentials:establish"
+          task :copy_key => "credentials:establish"
+          task :copy_cert => "credentials:establish"
         end
 
         namespace :servers do
           task :list => "credentials:establish"
+          task :view => "credentials:establish"
+        end
+
+        namespace :volume do
+          task :clone => "credentials:establish"
         end
 
         desc "Make an AMI copy of the running instance at :target named :name"

data/lib/hawser/credentialing.rb

@@ -72,10 +72,11 @@ module Hawser
 
       cert = OpenSSL::X509::Certificate.new
       cert.version = 2
-      cert.serial = 2
+      cert.serial = OpenSSL::Random.random_bytes(16).each_byte.inject(0){|sum, byte| (sum << 8) + byte}
       cert.public_key = key.public_key
       cert.not_before = Time.now
       cert.not_after = cert.not_before + self.cert.lifetime.total_seconds
+      cert.sign(key, OpenSSL::Digest::SHA256.new)
 
       cert.to_pem
     end
@@ -126,12 +127,21 @@ module Hawser
       in_namespace do
         directory user_dir.abspath
 
-        file signing_cert.abspath => signing_key.abspath do |task|
+        task :umask do
+          File::umask(0077)
+        end
+
+        file signing_cert.abspath => [:umask, signing_key.abspath] do |task|
+          require 'base64'
+
           key = File::read(signing_key.abspath)
-          File.write(task.name, signing_cert_content(key))
+          cert_pem = signing_cert_content(key)
+          File.open(task.name, "wb") do |file|
+            file.print cert_pem
+          end
         end
 
-        file signing_key.abspath do |task|
+        file signing_key.abspath => :umask do |task|
           File.write(task.name, signing_key_content)
         end
 
@@ -141,14 +151,16 @@ module Hawser
           end
         end
 
-        task :store do
+        task :store => :umask do
           require 'yaml'
 
+          puts "Storing credentialing info at #{config_yaml.abspath}"
           File::open(config_yaml.abspath, "w") do |config|
             config.write YAML.dump(Hash[credentials.to_hash.map do |key,value|
               [key.to_s, value]
             end])
           end
+
         end
 
         task :iam => "get:access" do
@@ -160,9 +172,10 @@ module Hawser
         end
 
         namespace :get do
-          task :access => :load do
+          task :access => [:umask, :load] do
             if credentials.access_key.nil? or credentials.secret_key.nil?
               load_from_csv(File.read(creds_csv.abspath))
+              puts "Loaded access key id and key secret from CSV at #{creds_csv.abspath}"
             end
           end
 
@@ -181,11 +194,12 @@ module Hawser
         namespace :set do
           task :password => :iam_user do
             unless credentials.password.nil?
+              puts "Setting login password"
               iam_user.login_policy.password = credentials.password
             end
           end
 
-          task :certificate => [:iam_user, signing_cert.abspath, "get:certificate_id"] do
+          task :certificate => [:umask, :iam_user, signing_cert.abspath, "get:certificate_id"] do
             if !credentials.certificate_id.nil?
               begin
                 iam_user.signing_certificates[credentials.certificate_id].contents
@@ -194,6 +208,7 @@ module Hawser
               end
             end
 
+            puts "Uploading signing certificate at #{signing_cert.abspath}"
             cert = iam_user.signing_certificates.upload(File::read(signing_cert.abspath))
             credentials.certificate_id = cert.id
           end

data/lib/hawser/servers.rb

@@ -31,6 +31,30 @@ module Hawser
               "key_name" => instance.key_name }
           end))
         end
+
+        desc "View details for a server for #{cluster_name}"
+        task :view, [:id] do |task, args|
+          if args[:id].nil?
+            fail ":id is required"
+          end
+          require 'yaml'
+          ec2 = AWS::EC2.new(:region => region, :access_key_id => access_key, :secret_access_key => secret_key)
+
+          instance = ec2.instances.find do |inst|
+            inst.instance_id == args[:id]
+          end
+
+          if instance.nil?
+            fail "Couldn't find instance with id #{args[:id]} in #{ec2.instances.map{|inst| inst.instance_id}}"
+          end
+
+          require 'pp'
+          pp instance
+          pp instance.class.ancestors
+          puts instance.to_yaml
+          pp instance.block_device_mappings
+
+        end
       end
     end
   end

data/lib/hawser/volumes.rb

@@ -0,0 +1,102 @@
+require 'mattock'
+require 'aws-sdk'
+
+module Hawser
+  class Volumes < Mattock::Tasklib
+    default_namespace :volume
+
+    setting :cluster_name
+    setting :access_key
+    setting :secret_key
+    setting :region, "us-west-1"
+
+    def define
+      in_namespace do
+        desc "Clone <from_dev> on <from_instance> to <to_dev> on <to_instance>"
+        task :clone, [:from_instance, :from_dev, :to_instance, :to_dev] do |task, args|
+          missing = [:from_instance, :from_dev, :to_instance].find_all do |key|
+            args[key].nil?
+          end
+
+          unless missing.empty?
+            fail "Missing required arguments: #{missing.inspect}"
+          end
+
+          to_dev = args[:to_dev] || args[:from_dev]
+
+          ec2 = AWS::EC2.new(:region => region, :access_key_id => access_key, :secret_access_key => secret_key)
+
+          instances = ec2.instances
+          from_instance = instances.find do |inst|
+            inst.instance_id == args[:from_instance]
+          end
+
+          to_instance = instances.find do |inst|
+            inst.instance_id == args[:to_instance]
+          end
+
+          missing_instances = []
+          if from_instance.nil?
+            missing_instances << "Missing instance for #{args[:from_instance].inspect}"
+          end
+          if to_instance.nil?
+            missing_instances << "Missing instance for #{args[:to_instance].inspect}"
+          end
+          unless missing_instances.empty?
+            fail "Missing instances: #{missing_instances.join.inspect}"
+          end
+
+          require 'pp'
+          from_device = from_instance.block_devices.find do |dev|
+            dev[:device_name] == args[:from_dev]
+          end
+          unless from_device
+            fail "No device mapped to #{args[:from_instance]} on #{args[:from_dev]}"
+          end
+
+          if to_instance.block_devices.any?{|dev| dev[:device_name] == to_dev}
+            fail "A device is already mapped to #{args[:to_instance]} on #{to_dev}"
+          end
+
+          from_volume = ec2.volumes.find do |vol|
+            from_device[:ebs][:volume_id] == vol.id
+          end
+
+          unless from_volume
+            fail "No volume matches #{from_device[:ebs][:volume_id].inspect}"
+          end
+
+          snapshot_desc = from_volume.tags["Name"] || "From #{args[:from_instance]}:#{args[:from_dev]}"
+
+          intermediate_snapshot = from_volume.create_snapshot(snapshot_desc)
+          at_exit{ intermediate_snapshot.delete }
+
+          wait_for_status("intermediate snapshot", intermediate_snapshot, :completed)
+
+          new_volume = intermediate_snapshot.create_volume(to_instance.availability_zone)
+
+          wait_for_status("volume creation", new_volume, :available)
+
+          new_volume.attach_to(to_instance, to_dev)
+
+          wait_for_status("volume attachment", new_volume, :in_use)
+
+          puts "Done"
+        end
+      end
+
+    end
+
+    def wait_for_status(name, resource, goal)
+      puts "Waiting for #{name}"
+      until [goal, :error].include?(resource.status)
+        print "."
+        sleep 1
+      end
+
+      puts "\n  #{name} complete. Status: #{resource.status.inspect}"
+      fail if resource.status != goal
+    end
+
+  end
+end

metadata

@@ -1,29 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: hawser
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - Judson Lester
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-22 00:00:00.000000000 Z
+date: 2015-01-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>'
+    - - <
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>'
+    - - <
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: mattock
   requirement: !ruby/object:Gem::Requirement
@@ -52,6 +52,7 @@ files:
 - lib/hawser/servers.rb
 - lib/hawser/baking-command.rb
 - lib/hawser/baking.rb
+- lib/hawser/volumes.rb
 - spec/hawser_spec.rb
 - spec_help/gem_test_suite.rb
 homepage: http://nyarly.github.com/hawser
@@ -64,7 +65,7 @@ rdoc_options:
 - --main
 - doc/README
 - --title
-- hawser-0.1.1 Documentation
+- hawser-0.2.0 Documentation
 require_paths:
 - lib/
 required_ruby_version: !ruby/object:Gem::Requirement