ironfan 6.0.1 → 6.0.3

Sign up to get free protection for your applications and to get access to all the features.
@@ -22,9 +22,9 @@ module Ironfan
22
22
 
23
23
  def initialize(attrs = {}, &blk)
24
24
  super
25
- self.cluster_role Ironfan::Dsl::Role.new(name: "#{attrs[:name]}-cluster")
26
25
  self.realm_name attrs[:owner].name unless attrs[:owner].nil?
27
26
  self.cluster_names attrs[:owner].cluster_names unless attrs[:owner].nil?
27
+ self.cluster_role Ironfan::Dsl::Role.new(name: Compute.cluster_role_name(realm_name, cluster_name))
28
28
  end
29
29
 
30
30
  # Utility method to reference all servers from constituent facets
@@ -41,6 +41,10 @@ module Ironfan
41
41
  def cluster_name
42
42
  name
43
43
  end
44
+
45
+ def full_name
46
+ "#{realm_name}-#{name}"
47
+ end
44
48
  end
45
49
  end
46
50
  end
@@ -96,7 +96,7 @@ module Ironfan
96
96
 
97
97
  def set_discovery(compute, keys)
98
98
  if server_cluster
99
- wire_to(compute, full_server_cluster, keys)
99
+ wire_to(compute, keys)
100
100
  else
101
101
  # I'm defanging automatic discovery for now.
102
102
  raise StandardError.new("must explicitly specify a server_cluster for discovery")
@@ -106,37 +106,29 @@ module Ironfan
106
106
  end
107
107
  end
108
108
 
109
- def wire_to(compute, full_server_cluster_v, keys)
110
- discovery = {discovers: keys.reverse.inject(full_server_cluster_v){|hsh,key| {key => hsh}}}
109
+ def wire_to(compute, keys)
110
+ discovery = {discovers: keys.reverse.inject(compute.realm_name){|hsh,key| {key => hsh}}}
111
111
  (compute.facet_role || compute.cluster_role).override_attributes(discovery)
112
112
 
113
- client_group_v = client_group(compute)
114
- server_group_v = security_group(full_server_cluster_v)
113
+ client_group_v = compute.full_name
114
+ server_group_v = "#{realm_name}-#{server_cluster}"
115
115
 
116
116
  group_edge(compute, client_group_v, :authorized_by_group, server_group_v)
117
- group_edge(compute, client_group_v, :authorize_group, server_group_v) if bidirectional
117
+ Chef::Log.debug("#{client_group_v} authorized by #{server_group_v}")
118
+ if bidirectional
119
+ group_edge(compute, client_group_v, :authorize_group, server_group_v)
120
+ Chef::Log.debug("#{client_group_v} authorizes #{server_group_v}")
121
+ end
118
122
 
119
123
  Chef::Log.debug("discovered #{announce_name} for #{cluster_name}: #{discovery}")
120
124
  end
121
125
 
122
126
  protected
123
127
 
124
- def client_group(compute)
125
- security_group(compute.cluster_name, (compute.name if compute.is_a?(Facet)))
126
- end
127
-
128
- def full_server_cluster
129
- server_cluster
130
- end
131
-
132
128
  def group_edge(cloud, group_1, method, group_2)
133
129
  cloud.security_group(group_1).send(method, group_2)
134
130
  Chef::Log.debug("component.rb: allowing access from security group #{group_1} to #{group_2}")
135
131
  end
136
-
137
- def security_group(*target_components)
138
- target_components.compact.join('-')
139
- end
140
132
  end
141
133
 
142
134
  module Announcement
@@ -96,6 +96,14 @@ module Ironfan
96
96
  clouds.values.first
97
97
  end
98
98
 
99
+ def self.cluster_role_name realm_name, cluster_name
100
+ "#{realm_name}-#{cluster_name}-cluster"
101
+ end
102
+
103
+ def self.facet_role_name realm_name, cluster_name, facet_name
104
+ "#{realm_name}-#{cluster_name}-#{facet_name}-facet"
105
+ end
106
+
99
107
  protected
100
108
 
101
109
  def add_to_run_list(item, placement=nil)
@@ -18,7 +18,7 @@ module Ironfan
18
18
  self.realm_name attrs[:owner].realm_name unless attrs[:owner].nil?
19
19
  self.cluster_name = attrs[:owner].cluster_name unless attrs[:owner].nil?
20
20
  self.name = attrs[:name] unless attrs[:name].nil?
21
- self.facet_role Ironfan::Dsl::Role.new(name: "#{full_name}-facet")
21
+ self.facet_role Ironfan::Dsl::Role.new(name: Compute.facet_role_name(realm_name, cluster_name, name))
22
22
  super
23
23
  (0..instances - 1).each{ |idx| server idx }
24
24
  end
@@ -28,7 +28,7 @@ module Ironfan
28
28
  end
29
29
 
30
30
  def full_name
31
- "#{cluster_name}-#{name}"
31
+ "#{realm_name}-#{cluster_name}-#{name}"
32
32
  end
33
33
  end
34
34
  end
@@ -226,8 +226,8 @@ module Ironfan
226
226
  self.cluster_name = attrs[:owner].cluster_name
227
227
  self.facet_name = attrs[:owner].name
228
228
 
229
- self.role "#{self.cluster_name}-cluster", :last
230
- self.role attrs[:owner].facet_role.name, :last
229
+ self.role Compute.cluster_role_name(realm_name, cluster_name), :last
230
+ self.role Compute.facet_role_name(realm_name, cluster_name, facet_name), :last
231
231
  end
232
232
  super
233
233
  end
@@ -4,7 +4,7 @@ module Ironfan
4
4
 
5
5
  class SecurityGroup < Ironfan::Provider::Resource
6
6
 
7
- WIDE_OPEN = Range.new(1,65535)
7
+ WIDE_OPEN = (-1..-1)
8
8
 
9
9
  delegate :_dump, :authorize_group_and_owner, :authorize_port_range,
10
10
  :collection, :collection=, :connection, :connection=, :description,
@@ -209,24 +209,23 @@ module Ironfan
209
209
  # Try an authorization, ignoring duplicates (this is easier than correlating).
210
210
  # Do so for both TCP and UDP, unless only one is specified
211
211
  def self.safely_authorize(fog_group,range,options)
212
+
212
213
  if options[:group_alias]
213
- owner, group = options[:group_alias].split(/\//)
214
- self.patiently(fog_group.name, Fog::Compute::AWS::Error, :ignore => Proc.new { |e| e.message =~ /InvalidPermission\.Duplicate/ }) do
215
- Ec2.connection.authorize_security_group_ingress(
216
- 'GroupName' => fog_group.name,
217
- 'SourceSecurityGroupName' => group,
218
- 'SourceSecurityGroupOwnerId' => owner
219
- )
220
- end
214
+ owner, group = options.delete(:group_alias).split(/\//)
215
+ Chef::Log.debug("authorizing group alias #{options[:group_alias].inspect} to group #{fog_group.name}")
216
+ group_id = Ec2.connection.security_groups.get(group).group_id
217
+ safely_authorize(fog_group, range, options.merge(group: group_id))
221
218
  elsif options[:ip_protocol]
219
+ Chef::Log.debug("authorizing to #{fog_group.name} with options #{options.inspect}")
222
220
  self.patiently(fog_group.name, Fog::Compute::AWS::Error, :ignore => Proc.new { |e| e.message =~ /InvalidPermission\.Duplicate/ }) do
223
221
  fog_group.authorize_port_range(range,options)
224
222
  end
225
223
  else
226
- safely_authorize(fog_group,range,options.merge(:ip_protocol => 'tcp'))
227
- safely_authorize(fog_group,range,options.merge(:ip_protocol => 'udp'))
228
- safely_authorize(fog_group,Range.new(-1,-1),options.merge(:ip_protocol => 'icmp')) if(range == WIDE_OPEN)
229
- return
224
+ Chef::Log.debug([
225
+ "didn't receive ip_protocol for authorization to #{fog_group.name} ",
226
+ "with options #{options.inspect}. assuming all protocols"
227
+ ].join)
228
+ safely_authorize(fog_group,range,options.merge(:ip_protocol => -1))
230
229
  end
231
230
  end
232
231
  end
@@ -1,3 +1,3 @@
1
1
  module Ironfan
2
- VERSION = '6.0.1'
2
+ VERSION = '6.0.3'
3
3
  end
@@ -177,28 +177,28 @@ describe Ironfan::Dsl::Component do
177
177
  end
178
178
 
179
179
  it 'configures the correct security groups during discovery' do
180
- foo_group = Ironfan.realm(:wap).cluster(:foo).security_group('foo')
181
- bar_group = Ironfan.realm(:wap).cluster(:bar).security_group('bar')
180
+ foo_group = Ironfan.realm(:wap).cluster(:foo).security_group('wap-foo')
181
+ bar_group = Ironfan.realm(:wap).cluster(:bar).security_group('wap-bar')
182
182
 
183
- foo_group.group_authorized_by.should include('bar')
184
- bar_group.group_authorized_by.should include('foo')
183
+ foo_group.group_authorized_by.should include('wap-bar')
184
+ bar_group.group_authorized_by.should include('wap-foo')
185
185
  end
186
186
 
187
187
  it 'configures the correct security groups during bidirectional discovery' do
188
- baz_group = Ironfan.realm(:wap).cluster(:baz).security_group('baz')
189
- bif_group = Ironfan.realm(:wap).cluster(:bif).security_group('bif')
188
+ baz_group = Ironfan.realm(:wap).cluster(:baz).security_group('wap-baz')
189
+ bif_group = Ironfan.realm(:wap).cluster(:bif).security_group('wap-bif')
190
190
 
191
- baz_group.group_authorized_by.should include('bif')
192
- baz_group.group_authorized.should include('bif')
191
+ baz_group.group_authorized_by.should include('wap-bif')
192
+ baz_group.group_authorized.should include('wap-bif')
193
193
  end
194
194
 
195
195
  it 'does not configure extra security groups during bidirectional discovery' do
196
- Ironfan.realm(:wap).cluster(:baz).security_groups.keys.should_not include('wap_bif')
196
+ Ironfan.realm(:wap).cluster(:baz).security_groups.keys.should_not include('wap-bif')
197
197
  end
198
198
 
199
199
  it 'correctly sets the server cluster even when the client and server facets differ' do
200
- bam_wak_group = Ironfan.realm(:wap).cluster(:bam).facet(:wak).security_group('bam-wak')
201
- bam_wak_group.group_authorized_by.should include('bop')
200
+ bam_wak_group = Ironfan.realm(:wap).cluster(:bam).facet(:wak).security_group('wap-bam-wak')
201
+ bam_wak_group.group_authorized_by.should include('wap-bop')
202
202
  end
203
203
 
204
204
  end
@@ -120,7 +120,7 @@ describe Ironfan::Dsl::Realm do
120
120
  it 'should create clusters with attributes correctly applied' do
121
121
  manifest.cluster_override_attributes.should == {a: 1}
122
122
  manifest.facet_override_attributes.should == {b: 1}
123
- manifest.run_list.should == %w[role[blah] role[bar-cluster] role[bar-baz-facet]]
123
+ manifest.run_list.should == %w[role[blah] role[foo-bar-cluster] role[foo-bar-baz-facet]]
124
124
  end
125
125
 
126
126
  it 'should create clusters with the correct ssh user' do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ironfan
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.0.1
4
+ version: 6.0.3
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-03-18 00:00:00.000000000 Z
12
+ date: 2014-03-19 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: chef
@@ -169,7 +169,6 @@ files:
169
169
  - CHANGELOG.md
170
170
  - ELB.md
171
171
  - Gemfile
172
- - Gemfile.lock
173
172
  - Guardfile
174
173
  - LICENSE.md
175
174
  - NOTES-REALM.md
@@ -319,7 +318,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
319
318
  version: '0'
320
319
  segments:
321
320
  - 0
322
- hash: -797623552382133081
321
+ hash: 1692087169834386324
323
322
  required_rubygems_version: !ruby/object:Gem::Requirement
324
323
  none: false
325
324
  requirements:
@@ -328,7 +327,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
328
327
  version: '0'
329
328
  segments:
330
329
  - 0
331
- hash: -797623552382133081
330
+ hash: 1692087169834386324
332
331
  requirements: []
333
332
  rubyforge_project:
334
333
  rubygems_version: 1.8.25
data/Gemfile.lock DELETED
@@ -1,193 +0,0 @@
1
- PATH
2
- remote: .
3
- specs:
4
- ironfan (6.0.1)
5
- chef (= 10.30.4)
6
- diff-lcs (= 1.2.5)
7
- excon (= 0.21.0)
8
- fog (= 1.10.1)
9
- formatador (= 0.2.4)
10
- gorillib (= 0.5.0)
11
- json (= 1.5.4)
12
- rbvmomi (= 1.8.1)
13
-
14
- GEM
15
- remote: https://rubygems.org/
16
- specs:
17
- archive-tar-minitar (0.5.2)
18
- builder (3.2.2)
19
- bunny (0.7.9)
20
- chef (10.30.4)
21
- bunny (>= 0.6.0, < 0.8.0)
22
- erubis
23
- highline (~> 1.6, >= 1.6.9)
24
- json (>= 1.4.4, <= 1.7.7)
25
- mime-types (~> 1.16)
26
- mixlib-authentication (~> 1.3)
27
- mixlib-cli (~> 1.1)
28
- mixlib-config (~> 1.1, >= 1.1.2)
29
- mixlib-log (~> 1.3)
30
- mixlib-shellout (~> 1.3)
31
- moneta (< 0.7.0)
32
- net-ssh (~> 2.6)
33
- net-ssh-multi (~> 1.1.0)
34
- ohai (>= 0.6.0, < 7.0.0)
35
- rest-client (>= 1.0.4, < 1.7.0)
36
- treetop (~> 1.4.9)
37
- uuidtools
38
- yajl-ruby (~> 1.1)
39
- chef-zero (1.5.1)
40
- hashie (~> 2.0)
41
- json
42
- mixlib-log (~> 1.3)
43
- moneta (< 0.7.0)
44
- puma (~> 1.6)
45
- coderay (1.0.9)
46
- columnize (0.3.6)
47
- configliere (0.4.18)
48
- highline (>= 1.5.2)
49
- multi_json (>= 1.1)
50
- diff-lcs (1.2.5)
51
- erubis (2.7.0)
52
- excon (0.21.0)
53
- ffi (1.9.0)
54
- fog (1.10.1)
55
- builder
56
- excon (~> 0.20)
57
- formatador (~> 0.2.0)
58
- mime-types
59
- multi_json (~> 1.0)
60
- net-scp (~> 1.1)
61
- net-ssh (>= 2.1.3)
62
- nokogiri (~> 1.5.0)
63
- ruby-hmac
64
- formatador (0.2.4)
65
- gorillib (0.5.0)
66
- configliere (>= 0.4.13)
67
- json
68
- multi_json (>= 1.1)
69
- guard (1.8.1)
70
- formatador (>= 0.2.4)
71
- listen (>= 1.0.0)
72
- lumberjack (>= 1.0.2)
73
- pry (>= 0.9.10)
74
- thor (>= 0.14.6)
75
- guard-rspec (3.0.2)
76
- guard (>= 1.8)
77
- rspec (~> 2.13)
78
- guard-yard (2.1.0)
79
- guard (>= 1.1.0)
80
- yard (>= 0.7.0)
81
- hashie (2.0.5)
82
- highline (1.6.21)
83
- ipaddress (0.8.0)
84
- json (1.5.4)
85
- linecache19 (0.5.12)
86
- ruby_core_source (>= 0.1.4)
87
- listen (1.2.2)
88
- rb-fsevent (>= 0.9.3)
89
- rb-inotify (>= 0.9)
90
- rb-kqueue (>= 0.2)
91
- lumberjack (1.0.3)
92
- method_source (0.8.1)
93
- mime-types (1.25.1)
94
- mixlib-authentication (1.3.0)
95
- mixlib-log
96
- mixlib-cli (1.4.0)
97
- mixlib-config (1.1.2)
98
- mixlib-log (1.6.0)
99
- mixlib-shellout (1.3.0)
100
- moneta (0.6.0)
101
- multi_json (1.8.2)
102
- net-scp (1.1.2)
103
- net-ssh (>= 2.6.5)
104
- net-ssh (2.8.0)
105
- net-ssh-gateway (1.2.0)
106
- net-ssh (>= 2.6.5)
107
- net-ssh-multi (1.1)
108
- net-ssh (>= 2.1.4)
109
- net-ssh-gateway (>= 0.99.0)
110
- nokogiri (1.5.11)
111
- ohai (6.20.0)
112
- ipaddress
113
- mixlib-cli
114
- mixlib-config
115
- mixlib-log
116
- mixlib-shellout
117
- systemu (~> 2.5.2)
118
- yajl-ruby
119
- oj (2.1.2)
120
- polyglot (0.3.4)
121
- pry (0.9.12.2)
122
- coderay (~> 1.0.5)
123
- method_source (~> 0.8)
124
- slop (~> 3.4)
125
- puma (1.6.3)
126
- rack (~> 1.2)
127
- rack (1.5.2)
128
- rake (10.1.0)
129
- rb-fsevent (0.9.3)
130
- rb-inotify (0.9.0)
131
- ffi (>= 0.5.0)
132
- rb-kqueue (0.2.0)
133
- ffi (>= 0.5.0)
134
- rbvmomi (1.8.1)
135
- builder
136
- nokogiri (>= 1.4.1)
137
- trollop
138
- redcarpet (2.3.0)
139
- rest-client (1.6.7)
140
- mime-types (>= 1.16)
141
- rspec (2.14.1)
142
- rspec-core (~> 2.14.0)
143
- rspec-expectations (~> 2.14.0)
144
- rspec-mocks (~> 2.14.0)
145
- rspec-core (2.14.7)
146
- rspec-expectations (2.14.4)
147
- diff-lcs (>= 1.1.3, < 2.0)
148
- rspec-mocks (2.14.4)
149
- ruby-debug-base19 (0.11.25)
150
- columnize (>= 0.3.1)
151
- linecache19 (>= 0.5.11)
152
- ruby_core_source (>= 0.1.4)
153
- ruby-debug19 (0.11.6)
154
- columnize (>= 0.3.1)
155
- linecache19 (>= 0.5.11)
156
- ruby-debug-base19 (>= 0.11.19)
157
- ruby-hmac (0.4.0)
158
- ruby_core_source (0.1.5)
159
- archive-tar-minitar (>= 0.5.2)
160
- ruby_gntp (0.3.4)
161
- simplecov (0.7.1)
162
- multi_json (~> 1.0)
163
- simplecov-html (~> 0.7.1)
164
- simplecov-html (0.7.1)
165
- slop (3.4.5)
166
- systemu (2.5.2)
167
- thor (0.18.1)
168
- treetop (1.4.15)
169
- polyglot
170
- polyglot (>= 0.3.1)
171
- trollop (2.0)
172
- uuidtools (2.1.4)
173
- yajl-ruby (1.2.0)
174
- yard (0.8.6.1)
175
-
176
- PLATFORMS
177
- ruby
178
-
179
- DEPENDENCIES
180
- bundler (~> 1.0)
181
- chef-zero
182
- guard (~> 1)
183
- guard-rspec
184
- guard-yard
185
- ironfan!
186
- oj (>= 1.2)
187
- rake
188
- redcarpet (>= 2.1)
189
- rspec (~> 2.8)
190
- ruby-debug19
191
- ruby_gntp
192
- simplecov (>= 0.5)
193
- yard (>= 0.7)