ironfan 4.3.4 → 4.4.0

data/spec/fixtures/ec2/elb/snakeoil.crt

@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIIGKDCCBBACAgKaMA0GCSqGSIb3DQEBBQUAMIH4MQswCQYDVQQGEwJVUzETMBEG
+A1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEYMBYGA1UE
+ChMPR2V0U2F0aXNmYWN0aW9uMTYwNAYDVQQLEy1EZXBhcnRtZW50IG9mIE5lcmRz
+LCBGcmlzYmVlcywgYW5kIEtlZ2VyYXRvcnMxKzApBgNVBAMTIkdldFNhdCBOZXJk
+cyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxPTA7BgkqhkiG9w0BCQEWLm5lcmRzK2Nl
+cnRpZmljYXRlYXV0aG9yaXR5QGdldHNhdGlzZmFjdGlvbi5jb20wHhcNMTIxMDEy
+MDMyMDE3WhcNMjIxMDEwMDMyMDE3WjCBuTELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+CkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGDAWBgNVBAoTD1Nu
+YWtlIE9pbCwgSW5jLjEmMCQGA1UECxMdRGVwYXJ0bWVudCBvZiBTaGlmdHkgUHJv
+ZHVjdHMxFzAVBgNVBAMUDiouc25ha2VvaWwuY29tMSIwIAYJKoZIhvcNAQkBFhNz
+aGlmdHlAc25ha2VvaWwuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEApW4tKF5XhrsnbKEAeVqNxedNj3jWFU/ZRwl0MnyUH3y1LgrASXO25x8OrmLV
+FO4un2ufhHlxg+e1DNkurQnvIYIaDA97SPtyMg/SCerBo3F1pB6gKtgfGF8z3UTs
+z28ioXJz+5NkI864sHF7An2H1HJfU9q8xnSf4ClxdpcNVPXtz3Um4ZO33j4D393D
+KeUeZbXXprr4UN0QdCfM8/wB4KxZCRiGGvjDT4qHMr/pLxl0jWxrZwJqi+mwsVTR
+U+AQGT0K3l0pYRUO1IknOxmgbOVHGuv+iFd+mq3LSerq5eYIvi69BraE1dUC95cK
+dpOrCGxkyIRIgpBEzL3UJuMR8bMPKLojbTFQ+b86+El5S+dGugMGFH3S0wGAc8zo
+wrAZM0nmaPg+4lp3m7+tb9SdzvCWX+fPz9qEUOXTUYza2LjKpu4fj7FBY1RCxF+c
+C9Fff1mjXkq0abI1/KSbr9D8hfd2dWKF0LMX6UyySjSCjeLUBLNtB/uWwrFRzWes
+hThVz04U3pqvbMYOtzYlv3BpJLr8CTe19jt6F75TNXr8FxWadoUhtrRNioyjJuFN
+5pICWf40YswitMbw/QvC7ez6+NqyNMSTzfZGPVVFGwT97nGOrrfQO0Bj93W2STYM
+q7Ta/NYCf0LcS89EW5UU7F89YF+eKyGCwA5aBWPjm8t11qcCAwEAATANBgkqhkiG
+9w0BAQUFAAOCAgEAXLO2YmQDfNdog2AWB3u8Bbu6oM5dim/My+nacklkAPh/PeWj
+byoWdWAX8nQ+MUxG42E8BfHcHOq6iLHlYKGXV5koichsBQ52G3/9JR93aP0DeN9z
+5Xlv0bnGtwqrS/pk3uVcwE1Scf7t8Zsk6u1oGsGzBaV+5s9fnXzr0eKhqMThZRoE
+XkBnANb56FwvJTWQu1kbyMgCn0dVjY7LzXjqItLd4m3GGFnJEAzBPq9ayvFeO9QW
+hPL9p8IksFlurZD2GuvEUQJo6yUtYFDwgJOQzx3EzbCfgShInuRmhsx3yprLQNyA
++rUYiLp7TM7wbedAkBh3Qyombi6XEhs8A4Qqo9/pjqhlkgVU88XWyTCTfhjfoK+A
+zFysPZ+uiZWwXcGFMl1qlWXHmEgckKvD28YQEzibeiHapwYnjzBnmhGPN/ygzLTp
+txTSg0TBx4aRKKsRtEd5l2XtkOTYCN4ieYnLQaheq8LeP6866+HbU04E6WHpAzeY
+KLCLMOVQ1BHX8buOnhEIqXH03oIfNmmG3DFB2RCT2YWP8eJhfvOW8YlVZelD5MKX
+kBhY8KdPfW2AXdvKZ+5MzGIyGEsNKD/z4VLNnylIQD1gUdlILBkiPv3y53f7nRHg
+aKaEX1x2BZWXPeMXPCLDaer+zs2GfAMIS9OVtOZcL4BIFivUNmDzPr6h0Vg=
+-----END CERTIFICATE-----

data/spec/fixtures/ec2/elb/snakeoil.key

@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKQIBAAKCAgEApW4tKF5XhrsnbKEAeVqNxedNj3jWFU/ZRwl0MnyUH3y1LgrA
+SXO25x8OrmLVFO4un2ufhHlxg+e1DNkurQnvIYIaDA97SPtyMg/SCerBo3F1pB6g
+KtgfGF8z3UTsz28ioXJz+5NkI864sHF7An2H1HJfU9q8xnSf4ClxdpcNVPXtz3Um
+4ZO33j4D393DKeUeZbXXprr4UN0QdCfM8/wB4KxZCRiGGvjDT4qHMr/pLxl0jWxr
+ZwJqi+mwsVTRU+AQGT0K3l0pYRUO1IknOxmgbOVHGuv+iFd+mq3LSerq5eYIvi69
+BraE1dUC95cKdpOrCGxkyIRIgpBEzL3UJuMR8bMPKLojbTFQ+b86+El5S+dGugMG
+FH3S0wGAc8zowrAZM0nmaPg+4lp3m7+tb9SdzvCWX+fPz9qEUOXTUYza2LjKpu4f
+j7FBY1RCxF+cC9Fff1mjXkq0abI1/KSbr9D8hfd2dWKF0LMX6UyySjSCjeLUBLNt
+B/uWwrFRzWeshThVz04U3pqvbMYOtzYlv3BpJLr8CTe19jt6F75TNXr8FxWadoUh
+trRNioyjJuFN5pICWf40YswitMbw/QvC7ez6+NqyNMSTzfZGPVVFGwT97nGOrrfQ
+O0Bj93W2STYMq7Ta/NYCf0LcS89EW5UU7F89YF+eKyGCwA5aBWPjm8t11qcCAwEA
+AQKCAgAuOJ1nZQyheVMnl8hxH6ry+5CBIKr4I2o63dpYbNRaA9b/eUOGgk09QEEy
+2ixc/7uJEWHtep0L1MaSQ3A2Kstkmlw6uGyi1JZwhFkUKkJWL1JGO8RWlDID9j2g
+eiyMPKn5X+gmB2V4V77klaBf7sDvy9D0te3+qQEueYXZM5UnAtuiFkJ5znMWJk+g
+0e5Am2Kl2mvZiu3scgex3Jj4JpZDtwPddbuqd4zigXsK4/H8FempxfwwOM2aL/4N
+XfxqqfT1iEesH217UY3mNjf+3Eclhd4bGIryfzfBcgOVsIxXFbGlqZto78Anmq+M
+i+gBf3rPDLIQEF3OFQ8UAYnwH4uYgGlpPiIsCeNCMeVLDshttfIXLcUqVeqwuLW2
+pk9aHWWUdLv0ibfDq59smhw8tlr+tZLEy9LdDng1AfhmZX4mApDCiKpufUABNUSu
+A04K7V4UMvzthK+XJtzjtpBiGrelwX0KLPLVr+7CWPnVMhLnL+QhSUyhu1qyErH1
+kLJNwFUOvkxAsr02Rzeti3O0f+fDC7gZ9S1aDOCYPbd2g2Erl3vs1tC9aGMoPccj
+AQU5ecD7KLobp13lrkoEvVyVo90DbnFllX5bdDKGq3LTSCYrQBMJmnGJFDRDpjlV
+zLMEhQibDlMtRnjoI0RVD7kR8xd8Ys3txxaPTVbK10W5amIHYQKCAQEA1yy1s4oj
+Lw0yNvV1CnjJ22XQcQpsmOFQhU7mTY62McKSLu6ecN44IhCCykEJ1YnE5nx/GkJX
+m5ORoym9HXiVsphjNjM/hxZGW4Bf4v1XBUhziSoKO7xfpti/CW/08Oskda87plPp
+q1CUZQZ8OMXj1zgcpFLgs/udtjMl5ohqFMvwlGvDJqTTZAGpz68ClA9CpJNsWI5L
+m77iLjlHXhNLSCQQ8XnVPcRm8bhQEy2K258dx0D4oX1fcqz4HOjs1M/i7Cajhage
+vsOOaG5F2yUOZckZDQnd8S1bcmTB/WOfaebOW8Q/SQPQfRfyd4VyeP6xoTVKcz/a
+6yY9JdTH3QKylwKCAQEAxNFT7NcxbhRbGJni/BHZ4bc00O7j156U2aJfJrbcSquM
+yXucbNaLYzXQAAXlB8rV5clfTkNuBXZTYhI/eeAtvFNiImoRLBrVUSWNsCNPQ44D
+gkc+FhVjDY8A9zRG3L50dnwVihL35PJRe8B3NOcMyy6BWduhpxaIJ4IGd0lYIKlF
+ALlvzHv/AKJiF+OT8d0bO9jIwMxwgMwKUPuTK79NSEoWaGtiHIGb02huMxsGUZ9h
+mmCrFg7/oARkkccaNh6nGcabey2aoSmkbRAdf/KizqiF+Vu2cJgnkzxVS78bQFrP
++BuchNbA6hEdohE/0knRiaDVibJ4JUi5BD1uBl1OcQKCAQEAxPqWAB0WJm2jKXK8
+yXBYAfQLxF/xmGazSsY2yIs7uQPQxQwGmXak1nJc+QBfG0+6o/EWfhh7kN2ftklw
+ablI+SzNrgFuR6EZmYxEu0yGTDzOH6QPqC3DNr8261HFXoM0ZlObfKFWyVDD+FPe
+hi6KbCxe9AM21y0hbHkYWhlJW25y97xK82Zyahuns4sYBiiOLpES32KsTpCJCB3B
+epqZERqLNDP/BUN1phS/oT7Q3kqkfRK6SUO3jAhSPkzw+cSxjNO2YJXOR35IMMu6
+QWqD6qQUvb3pom6OR4N7nxaDCfSTtqhJ8vJ9+vZgLhBJAgDO5bAeTrEHHLttwOMw
+b9+XUwKCAQBQ3/tujRbAtxifyUxebC9t8sx/NkrlpUJhE7mpvOZUwJ1/hY3Ho3lv
+cQNhnwp34z91xwOks0yYbgDhgcIXoKjqhBEFNzSLPRN+3sGUKU4+4jJK7F90z6D+
+R08MRa0AtDpDHcX0EMtQhso44eOaF39IVnnMpNWORVH5ehKSHc9azHOQUqLAEgu9
+BPzt+BQpBMRWGUSVBO0N38o1cMsO5PMqy1bd3ZJZSGDxxC3UTjyQeb+voh1rWQpt
+hKCWzovUxU/A5b2qJhkuNGBeeIrGsrt31AQJbUhQiBVrCRW7pHHcRfTDbQUqCN0I
+0bOtjwz8qlyyAyb8CBwapgFw3pVBhEHhAoIBAQC2yUJQAxAg79x5Kk+29BGntZup
+CiX7FVRpw+2Qgzkw95aVzfBWUE4FUvluewoY/N6D9VhvbhcZrg9tZxgmMTMgk4+y
+ffhD9sOf2V2PO2wHCo+yMDyhBxjq7YMGVghG4jHGQbx4ySLY2TbSBMHcInZDR98L
+Cq1jjM0Nmdg4XGkKTRGatWTuI6iqxn3H7eKqUVoAkFtvSDcgXZVGXnC6dj5GelXZ
+BP2J5WJb9GWCNmU0bW2s+/HmTuICIcjMMzSt1O9b2MmxE+0xQ3glkN/ZiQ23GQgM
+H6/4GsqvPZHJB1L3gpOTm0LG/aNrzlhi89zcRKLQiAA60ELQaBsMzS2N+P5M
+-----END RSA PRIVATE KEY-----

data/spec/integration/minimal-chef-repo/chefignore

@@ -0,0 +1,41 @@
+# Put files/directories that should be ignored in this file.
+# Lines that start with '# ' are comments.
+
+## OS
+.DS_Store
+Icon?
+nohup.out
+
+## EDITORS
+\#*
+.#*
+*~
+*.sw[a-z]
+*.bak
+REVISION
+TAGS*
+tmtags
+*_flymake.*
+*_flymake
+*.tmproj
+.project
+.settings
+mkmf.log
+
+## COMPILED
+a.out
+*.o
+*.pyc
+*.so
+
+## OTHER SCM
+*/.bzr/*
+*/.hg/*
+*/.svn/*
+
+## Don't send rspecs up in cookbook
+.watchr
+.rspec
+spec/*
+spec/fixtures/*
+features/*

data/spec/integration/minimal-chef-repo/environments/_default.json

@@ -0,0 +1,12 @@
+{
+  "name": "_default",
+  "description": "Default environment for Ironfan testing",
+  "cookbook_versions": {
+  },
+  "json_class": "Chef::Environment",
+  "chef_type": "environment",
+  "default_attributes": {
+  },
+  "override_attributes": {
+  }
+}

data/spec/integration/minimal-chef-repo/knife/credentials/knife-org.rb

@@ -0,0 +1,19 @@
+#
+# Put your own AWS credentials in knife-user-ironfantester.rb, not here.
+#
+Chef::Config.instance_eval do
+  organization            "ironfantest"
+  chef_server_url         "https://api.opscode.com/organizations/#{organization}"
+  validation_client_name  "#{organization}-validator"
+  validation_key          "#{credentials_path}/#{organization}-validator.pem"
+
+  Chef::Config[:ec2_image_info] ||= {}
+  ec2_image_info.merge!({
+      %w[us-east-1  64-bit  ebs  alestic-precise] => { :image_id => 'ami-b0d309d9', :ssh_user => 'ubuntu', :bootstrap_distro => "ubuntu12.04-gems", },
+    })
+  Chef::Log.debug("Loaded #{__FILE__}, now have #{ec2_image_info.size} ec2 images")
+
+  # Don't complain about ssh known_hosts
+  knife[:host_key_verify]       = false # yeah... so 0.10.7+ uses one, 0.10.4 the other.
+  knife[:no_host_key_verify]    = true
+end

data/spec/integration/minimal-chef-repo/knife/credentials/knife-user-ironfantester.rb

@@ -0,0 +1,9 @@
+Chef::Config.instance_eval do
+  organization            "infochimps_test"
+  chef_server_url         "https://api.opscode.com/organizations/#{organization}"
+  knife[:aws_account_id]         = "346633265723"
+
+  knife[:aws_access_key_id]      = "AKIAIFPVHWHGTQDXOF6Q"
+  knife[:aws_secret_access_key]  = "f8e/XwVSIx9ApupaZaoW/xGme64YuQhKWZM/nn5Y"
+end
+

data/spec/integration/minimal-chef-repo/knife/knife.rb

@@ -0,0 +1,66 @@
+#
+# organization - selects your cloud environment.
+# username     - selects your client key and user-specific overrides
+# homebase     - default location for clusters, cookbooks and so forth
+#
+username            ENV['CHEF_USER'] || ENV['USER']
+homebase            ENV['CHEF_HOMEBASE'] ? File.expand_path(ENV['CHEF_HOMEBASE']) : File.expand_path("..", File.realdirpath(File.dirname(__FILE__)))
+
+#
+# Additional settings and overrides
+#
+
+#
+# Clusters, cookbooks and roles
+#
+cluster_path        [ "#{homebase}/clusters"  ]
+cookbook_path       [ "#{homebase}/cookbooks" ]
+role_path           [ "#{homebase}/roles"     ]
+
+#
+# Keys and cloud-specific settings.
+# Be sure all your .pem files are non-readable (mode 0600)
+#
+credentials_path    File.expand_path("credentials", File.realdirpath(File.dirname(__FILE__)))
+client_key_dir      "#{credentials_path}/client_keys"
+ec2_key_dir         "#{credentials_path}/ec2_keys"
+
+#
+# Load the vendored ironfan lib if present
+#
+if File.exists?("#{homebase}/vendor/ironfan-knife/lib")
+  $LOAD_PATH.unshift("#{homebase}/vendor/ironfan-knife/lib")
+end
+
+verbosity               1
+log_level               :info
+log_location            STDOUT
+node_name               username
+client_key              "#{credentials_path}/#{username}.pem"
+cache_type              'BasicFile'
+cache_options           :path => "/tmp/chef-checksums-#{username}"
+
+#
+# Configure client bootstrapping
+#
+bootstrap_runs_chef_client true
+bootstrap_chef_version  "~> 0.10.4"
+
+def load_if_exists(file) ; load(file) if File.exists?(file) ; end
+
+# Organization-sepecific settings -- Chef::Config[:ec2_image_info] and so forth
+#
+# This must do at least these things:
+#
+# * define Chef::Config.chef_server
+# * define Chef::Config.organization
+#
+#
+load_if_exists "#{credentials_path}/knife-org.rb"
+
+# User-specific knife info or credentials
+load_if_exists "#{credentials_path}/knife-user-#{username}.rb"
+
+[:aws_access_key_id, :aws_secret_access_key, :aws_account_id].each do |k|
+  raise "Chef::Config.knife[:#{k}] not defined, please define it in #{credentials_path}/knife-user-#{username}.rb" unless Chef::Config.knife.has_key?(k)
+end

data/spec/integration/minimal-chef-repo/roles/systemwide.rb

@@ -0,0 +1,10 @@
+name        'systemwide'
+description 'top level attributes, applies to all nodes'
+
+run_list *%w[
+  build-essential
+  motd
+  zsh
+  emacs
+  ntp
+]

data/spec/integration/spec/elb_build_spec.rb

@@ -0,0 +1,95 @@
+require_relative '../spec_helper'
+
+Ironfan.cluster "elb" do
+
+  cloud(:ec2) do
+    availability_zones ('b'..'d').map { |z| "us-east-1#{z}" }
+    flavor              't1.micro'
+    backing             'ebs'
+    image_name          'alestic-precise'
+    chef_client_script  'client.rb'
+    iam_server_certificate "snake-oil" do
+      certificate IO.read(File.expand_path('../../../fixtures/ec2/elb/snakeoil.crt', __FILE__))
+      private_key IO.read(File.expand_path('../../../fixtures/ec2/elb/snakeoil.key', __FILE__))
+    end
+    security_group      :systemwide
+    security_group      :ssh do
+      authorize_port_range(22..22)
+    end
+    mount_ephemerals
+  end
+
+  facet :web do
+    instances 2
+    cloud(:ec2) do
+
+      elastic_load_balancer "simple-elb" do
+        map_port('HTTP',   80, 'HTTP', 81)
+        map_port('HTTPS', 443, 'HTTP', 81, 'snake-oil')
+        disallowed_ciphers %w[ RC4-SHA ]
+
+        health_check do
+          ping_protocol       'HTTP'
+          ping_port           82
+          ping_path           '/healthcheck'
+          timeout             4
+          interval            10
+          unhealthy_threshold 3
+          healthy_threshold   2
+        end
+      end
+
+    end
+  end
+end
+
+
+launch_cluster 'elb' do |cluster, computers|
+  describe "the elb cluster" do
+
+    it "should have the correct number of running computers"
+    # it "should have the correct number of running computers" do
+    #   computers.size.should == cluster.facets[:web].instances
+    #   computers.values.reject { |c| c.running? }.should be_empty
+    # end
+
+    describe "the snake-oil certificate" do
+      before :each do
+        @iss = Ironfan::Provider::Ec2::IamServerCertificate.recall('ironfan-elb-snake-oil')
+      end
+
+      it "should exist"
+      # it "should exist" do
+      #   @iss.should_not be_nil
+      # end
+
+      it "should be retrievable by ARN"
+      # it "should be retrievable by ARN" do
+      #   @iss.should == Ironfan::Provider::Ec2::IamServerCertificate.recall("#{Ironfan::Provider::Ec2::IamServerCertificate::ARN_PREFIX}:#{@iss['Arn']}")
+      # end
+
+    end
+
+    describe "the ELB" do
+      before :each do
+        @elb = Ironfan::Provider::Ec2::ElasticLoadBalancer.recall('ironfan-elb-simple-elb')
+      end
+
+      it "should exist"
+      # it "should exist" do
+      #   @elb.should_not be_nil
+      # end
+
+      it "should have two instances"
+      #   @elb.instances.size.should == cluster.facets[:web].instances
+      # end
+
+      it "should use the snake-oil certificate"
+      # it "should use the snake-oil certificate" do
+      #   iss = Ironfan::Provider::Ec2::IamServerCertificate.recall('ironfan-elb-snake-oil')
+      #   @elb.listeners.map(&:ssl_id).include?(iss['Arn']).should be_true
+      # end
+    end
+
+  end
+end

data/spec/integration/spec_helper.rb

@@ -0,0 +1,16 @@
+this_dir = File.realpath(File.dirname(__FILE__))
+
+$:.unshift File.expand_path('../../lib', this_dir)
+require 'chef'
+require 'chef/knife'
+require 'fog'
+
+ENV['KNIFE_HOME'] = File.expand_path('minimal-chef-repo/knife', this_dir)
+ENV['CHEF_USER']  = 'ironfantester'
+Chef::Knife.new.configure_chef
+
+require 'ironfan'
+Ironfan.ui          = Chef::Knife::UI.new(STDOUT, STDERR, STDIN, {})
+Ironfan.chef_config = { :verbosity => 0 }
+
+Dir.glob(File.expand_path('spec_helper/*.rb', this_dir)).each { |file| load(file) }

data/spec/integration/spec_helper/launch_cluster.rb

@@ -0,0 +1,55 @@
+require 'chef/knife/cluster_launch'
+require 'chef/knife/cluster_kill'
+
+def launch_cluster(name, options = {}, &block)
+  raise "No block given!" unless block_given?
+
+  cluster = Ironfan.cluster(name)
+
+  # Make sure that the cluster is clobbered before trying to launch it
+  begin
+    Chef::Knife::ClusterKill.new(['--yes', name]).run
+  rescue Exception => e
+    Chef::Log.fatal("Unable to terminate existing instance of cluster #{name}: #{e.inspect}")
+  end
+
+  # Launch the cluster and then yield to the testing block
+  begin
+
+    # In the case of a normal shutdown, destroy the cluster to save moolah
+    RSpec.configure do |config|
+      config.after(:all) do
+        Chef::Log.info("Shutting down #{name} cluster")
+        begin
+          Chef::Knife::ClusterKill.new(['--yes', name]).run
+        rescue Exception => failed_termination
+          Chef::Log.fatal("Unable to kill cluster #{name} after test run: #{failed_termination.inspect}")
+        end
+      end
+    end
+
+    Chef::Log.info("Launching #{name} cluster")
+    launcher = Chef::Knife::ClusterLaunch.new([name])
+    launcher.run
+
+    Chef::Log.info("Running tests against #{name} cluster")
+    yield cluster, Ironfan.broker.discover!(cluster)
+
+  rescue Exception => launchfail
+
+    Chef::Log.warn("Exception occurred while launching cluster #{name}: #{launchfail.inspect}")
+
+    # Failed tests should not result in wasted Chef/IAAS resources
+    if ENV['IRONFAN_PRESERVE_TESTING_CORPSES']
+      Chef::Log.warn("Failed to launch #{name} cluster, but NOT terminating cluster so that you have a chance to inspect it")
+      Chef::Log.warn(launchfail.inspect)
+    else
+      begin
+        Chef::Knife::ClusterKill.new([name, '--yes'])
+      rescue Exception => death
+        Chef::Log.fatal("Unable to kill cluster #{name} after failed test run: #{death.inspect}")
+      end
+    end
+  end
+
+end

data/spec/ironfan/ec2/elb_spec.rb

@@ -0,0 +1,95 @@
+require 'spec_helper'
+
+require 'ironfan'
+
+cert  = IO.read(File.realpath(File.join(File.dirname(__FILE__), '../../fixtures/ec2/elb/snakeoil.crt')))
+key   = IO.read(File.realpath(File.join(File.dirname(__FILE__), '../../fixtures/ec2/elb/snakeoil.key')))
+
+describe Ironfan::Dsl::Cluster do
+  let (:cluster) do
+
+    Ironfan.cluster "sparky" do
+
+      cloud(:ec2) do
+        iam_server_certificate "snake-oil" do
+          certificate cert
+          private_key key
+        end
+      end
+
+      facet :web do
+        instances 2
+        cloud(:ec2) do
+
+          elastic_load_balancer "sparky-elb" do
+            map_port('HTTP',   80, 'HTTP', 81)
+            map_port('HTTPS', 443, 'HTTP', 81, 'snake-oil')
+            disallowed_ciphers %w[ RC4-SHA ]
+
+            health_check do
+              ping_protocol       'HTTP'
+              ping_port           82
+              ping_path           '/healthcheck'
+              timeout             4
+              interval            10
+              unhealthy_threshold 3
+              healthy_threshold   2
+            end
+          end
+
+        end
+      end
+    end
+  end
+
+  describe 'cluster definition' do
+    subject { cluster }
+
+    its(:name) { should eql "sparky" }
+    its(:environment) { should eql :_default }
+    its(:run_list) { should eql [] }
+
+    it "should have one IAM server certificate" do
+      cluster.clouds.values.first.iam_server_certificates.values.length.should == 1
+    end
+
+    describe 'facets' do
+      before { @facets = cluster.facets }
+      subject { @facets.values }
+      its(:length) { should eql 1 }
+
+      describe 'web facet' do
+        before { @facet = @facets.values.first }
+        subject { @facet }
+        its(:name) { should eql "web" }
+        describe "elastic load balancers" do
+
+          before { @elb = @facet.clouds.values.first.elastic_load_balancers.values.first }
+          subject { @elb }
+          its(:name) { should eql "sparky-elb" }
+
+          it "should have two port mappings" do
+            @elb.port_mappings.length.should == 2
+          end
+
+          it "should have just one disallowed SSL cipher" do
+            @elb.disallowed_ciphers.length.should == 1
+          end
+
+          describe "health check" do
+            before { @hc = @elb.health_check }
+            subject { @hc }
+            its(:ping_protocol) { should eql 'HTTP' }
+            its(:ping_port) { should eql 82 }
+            its(:ping_path) { should eql '/healthcheck' }
+            its(:timeout) { should eql 4 }
+            its(:interval) { should eql 10 }
+            its(:unhealthy_threshold) { should eql 3 }
+            its(:healthy_threshold) { should eql 2 }
+          end
+
+        end
+      end
+    end
+  end
+end