RubyGems - ironfan - Versions diffs - 6.0.4 → 6.0.5 - Mend

ironfan 6.0.4 → 6.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

data/ironfan.gemspec +2 -2
data/lib/ironfan/provider/ec2/security_group.rb +27 -3
data/lib/ironfan/provider/openstack/machine.rb +3 -11
data/lib/ironfan/provider/openstack/security_group.rb +7 -6
data/lib/ironfan/provider.rb +0 -1
data/lib/ironfan/version.rb +1 -1
metadata +8 -8

data/ironfan.gemspec CHANGED Viewed

@@ -20,8 +20,8 @@ Gem::Specification.new do |gem|
   gem.require_paths = %w[ lib ]
   gem.add_dependency('chef',       '10.30.4')
-  gem.add_dependency('fog',        '1.10.1')
-  gem.add_dependency('excon',      '0.21.0')
+  gem.add_dependency('fog',        '1.21.0')
+  gem.add_dependency('excon',      '0.32.1')
   gem.add_dependency('formatador', '0.2.4')
   gem.add_dependency('gorillib',   '0.5.0')
   gem.add_dependency('rbvmomi',    '1.8.1')

data/lib/ironfan/provider/ec2/security_group.rb CHANGED Viewed

@@ -42,7 +42,9 @@ module Ironfan
         #
         def self.load!(cluster=nil)
           Ec2.connection.security_groups.reject { |raw| raw.blank? }.each do |raw|
-            remember SecurityGroup.new(:adaptee => raw)
+            sg =  SecurityGroup.new(:adaptee => raw)
+            remember sg
+            remember(sg, :id => sg.name.gsub( /^vpc-[^:]+:/, '') )
           end
         end
@@ -211,21 +213,43 @@ module Ironfan
         def self.safely_authorize(fog_group,range,options)
           if options[:group_alias]
+            # In this case, we must first extract the group name
+            # before recursively calling this function with it.
             owner, group = options.delete(:group_alias).split(/\//)
             Chef::Log.debug("authorizing group alias #{options[:group_alias].inspect} to group #{fog_group.name}")
             group_id = Ec2.connection.security_groups.get(group).group_id
             safely_authorize(fog_group, range, options.merge(group: group_id))
           elsif options[:ip_protocol]
+            # In this case, we've received the ip_protocol. With or
+            # without a group name, we have enough information to open
+            # the security group.
             Chef::Log.debug("authorizing to #{fog_group.name} with options #{options.inspect}")
-            self.patiently(fog_group.name, Fog::Compute::AWS::Error, :ignore => Proc.new { |e| e.message =~ /InvalidPermission\.Duplicate/ }) do
+            self.patiently(fog_group.name, Fog::Compute::AWS::Error, :ignore => Proc.new { |e| e.message =~ /Duplicate/ }) do
               fog_group.authorize_port_range(range,options)
             end
           else
+            # Without an IP protocol, we'll open all of the relevant
+            # ones. On non-VPC, that means tcp, udp, and icmp. On VPC,
+            # that means -1 for all protocols.
             Chef::Log.debug([
                 "didn't receive ip_protocol for authorization to #{fog_group.name} ",
                 "with options #{options.inspect}. assuming all protocols"
               ].join)
-            safely_authorize(fog_group,range,options.merge(:ip_protocol => -1))
+            if fog_group.vpc_id.nil?
+              # Non-VPC does not support -1 for all protocols, so
+              # we'll need to do each protocol indendently. If we
+              # haven't received an ip_protocol, we'll assume the user
+              # meant to open everything.
+              safely_authorize(fog_group, 1..65535, options.merge(:ip_protocol => 'tcp'))
+              safely_authorize(fog_group, 1..65535, options.merge(:ip_protocol => 'udp'))
+              safely_authorize(fog_group, -1..-1,   options.merge(:ip_protocol => 'icmp'))
+            else
+              # In VPC, we should use only one rule to conserve rules.
+              safely_authorize(fog_group,range,options.merge(:ip_protocol => -1))
+            end
           end
         end
       end

data/lib/ironfan/provider/openstack/machine.rb CHANGED Viewed

@@ -180,7 +180,7 @@ module Ironfan
         def self.validate_resources!(computers)
           recall.each_value do |machine|
             next unless machine.users.empty? and machine.name
-            if machine.name.match("^#{computers.cluster.name}-")
+            if computers.clusters.any?{ |comp| machine.name.match("^#{comp.name}-") }
               machine.bogus << :unexpected_machine
             end
             next unless machine.bogus?
@@ -274,15 +274,7 @@ module Ironfan
         def self.launch_description(computer)
           cloud = computer.server.cloud(:openstack)
-          user_data_hsh =               {
-            :chef_server =>             Chef::Config[:chef_server_url],
-            :node_name =>               computer.name,
-            :organization =>            Chef::Config[:organization],
-            :cluster_name =>            computer.server.cluster_name,
-            :facet_name =>              computer.server.facet_name,
-            :facet_index =>             computer.server.index,
-            :client_key =>              computer.private_key
-          }
+          user_data = self.cloud_init_user_data(computer)
           # main machine info
           # note that Fog does not actually create tags when it creates a
@@ -293,7 +285,7 @@ module Ironfan
             #:vpc_id               => cloud.vpc,
             #:subnet_id            => cloud.subnet,
             :key_name             => cloud.ssh_key_name(computer),
-            :user_data            => JSON.pretty_generate(user_data_hsh),
+            :user_data            => user_data,
             #:block_device_mapping => block_device_mapping(computer),
             :availability_zone    => cloud.default_availability_zone,
             #:monitoring           => cloud.monitoring,

data/lib/ironfan/provider/openstack/security_group.rb CHANGED Viewed

@@ -181,20 +181,21 @@ module Ironfan
         #
         # Utility
         #
-        def self.ensure_groups(computer)
+        def self.ensure_groups computer
           return unless OpenStack.applicable computer
           # Ensure the security_groups include those for cluster & facet
           # FIXME: This violates the DSL's immutability; it should be
           #   something calculated from within the DSL construction
           Ironfan.todo("CODE SMELL: violation of DSL immutability: #{caller}")
           server = computer.server
-          c_group = server.security_group(computer.server.cluster_name)
-          c_group.authorized_by_group(c_group.name)
-          facet_name = "#{computer.server.cluster_name}-#{computer.server.facet_name}"
-          server.security_group(facet_name)
+          cluster_name = "#{computer.server.realm_name}-#{computer.server.cluster_name}"
+          server.security_group computer.server.realm_name
+          realm_group = server.security_group cluster_name
+          realm_group.authorized_by_group realm_group.name
+          facet_name = "#{computer.server.realm_name}-#{computer.server.cluster_name}-#{computer.server.facet_name}"
+          server.security_group facet_name
         end
         # Try an authorization, ignoring duplicates (this is easier than correlating).
         # Do so for both TCP and UDP, unless only one is specified
         def self.safely_authorize(fog_group,range,options)

data/lib/ironfan/provider.rb CHANGED Viewed

@@ -225,7 +225,6 @@ cloud_init_modules:
  - set_hostname
  - update_hostname
  - update_etc_hosts
- - write-files
  - ca-certs
  - rsyslog
  - ssh

data/lib/ironfan/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Ironfan
-  VERSION = '6.0.4'
+  VERSION = '6.0.5'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ironfan
 version: !ruby/object:Gem::Version
-  version: 6.0.4
+  version: 6.0.5
   prerelease:
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-03-20 00:00:00.000000000 Z
+date: 2014-03-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef
@@ -34,7 +34,7 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.10.1
+        version: 1.21.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -42,7 +42,7 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.10.1
+        version: 1.21.0
 - !ruby/object:Gem::Dependency
   name: excon
   requirement: !ruby/object:Gem::Requirement
@@ -50,7 +50,7 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.21.0
+        version: 0.32.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -58,7 +58,7 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.21.0
+        version: 0.32.1
 - !ruby/object:Gem::Dependency
   name: formatador
   requirement: !ruby/object:Gem::Requirement
@@ -318,7 +318,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -4288097787655203651
+      hash: -3391490905831760675
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -327,7 +327,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -4288097787655203651
+      hash: -3391490905831760675
 requirements: []
 rubyforge_project:
 rubygems_version: 1.8.25