RubyGems - kitchen-cloudstack - Versions diffs - 0.23.3 → 0.24.0 - Mend

kitchen-cloudstack 0.23.3 → 0.24.0

Files changed (6) hide show

checksums.yaml +4 -4
data/README.md +121 -116
data/kitchen-cloudstack.gemspec +30 -30
data/lib/kitchen/driver/cloudstack.rb +466 -461
data/lib/kitchen/driver/cloudstack_version.rb +26 -26
metadata +5 -5

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bb8a5089778d6b96cc77685f6abb732f03b8fc538e02f86b4e36d2f22521ee2d
-  data.tar.gz: 793147c99f63a988659d5cc492ebc133a7fe4cf489db2d9f9d5a8b098da835d2
+  metadata.gz: a8a29963edd6f603cfbd1ce31bcba93e2e10c4245b40a167d80cbffbe8bd0673
+  data.tar.gz: 451194fffeb3387191e0c526108f039ba1ef34a1531ca07d0016bd5598196aab
 SHA512:
-  metadata.gz: d7d98cd0424152196c9600380c5cfb657959eefd548a919103442f26d022f1ab2824038d460d0ca3cfc0b443671e27a21fa88e51cd8f5fcf0a654b72f3f0b81d
-  data.tar.gz: aa32c1c00c61cbe0e9809e634687f817d88354360e493e36cbf88f200583f110583516039c76a79b101d9925a73b66b160c97211b0b16c421edbce27d45a621a
+  metadata.gz: 9a99208bdcc648135777a5de9a65dddc2df67f95e78c73fc4a57bf92d7654e2ca2808c6ebc2126fdf7ecc1829ba90b763dc08060d9d39d462c98bacc735e17d9
+  data.tar.gz: 36fbd486a5c91f8820ea687b91bce2952809167799e84898cd4b11734bbd26df23566bf778ad2d21a2371a8d90697aaeee97c975972be6dfde365b64a87cb937

data/README.md CHANGED

@@ -1,116 +1,121 @@
-# <a name="title"></a> Kitchen::CloudStack
-A Test Kitchen Driver for Apache CloudStack / Citrix CloudPlatform.
-## <a name="requirements"></a> Requirements
-This Gem only requires FOG of a version greater than 1.3.1. However, as most of your knife plugins will be using newer
-versions of FOG, that shouldn't be an issue.
-## <a name="installation"></a> Installation and Setup
-Please read the [Driver usage][driver_usage] page for more details.
-## <a name="config"></a> Configuration
-Provide, at a minimum, the required driver options in your `.kitchen.yml` file:
-    driver_plugin: cloudstack
-    driver_config:
-      cloudstack_api_key: [YOUR CLOUDSTACK API KEY]
-      cloudstack_secret_key: [YOUR CLOUDSTACK SECRET KEY]
-      cloudstack_api_url: [YOUR CLOUDSTACK API URL]
-      require_chef_omnibus: latest (if you'll be using Chef)
-    OPTIONAL
-      cloudstack_expunge: [TRUE/FALSE] # Whether or not you want the instance to be expunged, default false.
-      cloudstack_sync_time: [NUMBER OF SECONDS TO WAIT FOR CLOUD-SET-GUEST-PASSWORD/SSHKEY]
-      keypair_search_directory: [PATH TO DIRECTORY (other than ~, ., and ~/.ssh) WITH KEYPAIR PEM FILE]
-      cloudstack_project_id: [PROJECT_ID] # To deploy VMs into project.
-      cloudstack_vm_public_ip: [PUBLIC_IP] # In case you use advanced networking and do static NAT manually.
-      associate_public_ip: [TRUE/FALSE] # If you want kitchen to automatically associate a public IP, default false.
-      cloudstack_create_firewall_rule: [TRUE/FALSE] # If you want Kitchen to automatically create firewall rule for public IP to reach SSH (port 22)
-      cloudstack_userdata: "#cloud-config\npackages:\n - htop\n" # double quote required.
-Then to specify different OS templates,
-    platforms:
-      cloudstack_template_id: [INSTANCE TEMPLATE ID]
-      cloudstack_serviceoffering_id: [INSTANCE SERVICE OFFERING ID]
-      cloudstack_zone_id: [INSTANCE ZONE ID]
-    OPTIONAL
-      cloudstack_network_id: [NETWORK ID FOR ISOLATED OR VPC NETWORKS]
-      cloudstack_security_group_id: [SECURITY GROUP ID FOR SHARED NETWORKS]
-      cloudstack_diskoffering_id: [INSTANCE DISK OFFERING ID]
-      cloudstack_ssh_keypair_name: [SSH KEY NAME]
-      cloudstack_sync_time: [NUMBER OF SECONDS TO WAIT FOR CLOUD-SET-GUEST-PASSWORD/SSHKEY]
-To use the CloudStack public key provider, you need to have the .PEM file located in the same directory as
-your .kitchen.yml file, your home directory (~), your .ssh directory (~/.ssh/), or specify a directory (without any
-trailing slahses) as your "keypair_search_directory" and the file be named the same as the Keypair on CloudStack
-suffixed with .pem (e.g. the Keypair named "TestKey" should be located in one of the searched directories and named
-"TestKey.pem").
-This PEM file should be the PRIVATE key, not the PUBLIC key.
-By default, a unique server name will be generated and the randomly generated password will be used, though that
-behavior can be overridden with additional options (e.g., to specify a SSH private key):
-    name: [A UNIQUE SERVER NAME]
-    public_key_path: [PATH TO YOUR SSH PUBLIC KEY]
-    username: [SSH USER]
-    port: [SSH PORT]
-host_name setting is  useful if you are facing ENAMETOOLONG exceptions in the
-chef run caused by long generated hostnames)
-    host_name: [A UNIQUE HOST NAME]
-Only disable SSL cert validation if you absolutely know what you are doing,
-but are stuck with an CloudStack deployment without valid SSL certs.
-    disable_ssl_validation: true
-### <a name="config-require-chef-omnibus"></a> require\_chef\_omnibus
-Determines whether or not a Chef [Omnibus package][chef_omnibus_dl] will be
-installed. There are several different behaviors available:
-* `true` - the latest release will be installed. Subsequent converges
-  will skip re-installing if chef is present.
-* `latest` - the latest release will be installed. Subsequent converges
-  will always re-install even if chef is present.
-* `<VERSION_STRING>` (ex: `10.24.0`) - the desired version string will
-  be passed the the install.sh script. Subsequent converges will skip if
-  the installed version and the desired version match.
-* `false` or `nil` - no chef is installed.
-The default value is unset, or `nil`.
-## <a name="development"></a> Development
-* Source hosted at [GitHub][repo]
-* Report issues/questions/feature requests on [GitHub Issues][issues]
-Pull requests are very welcome! Make sure your patches are well tested.
-Ideally create a topic branch for every separate change you make. For
-example:
-1. Fork the repo
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Added some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request
-## <a name="authors"></a> Authors
-Created and maintained by [Jeff Moody][author] (<fifthecho@gmail.com>)
-## <a name="license"></a> License
-Apache 2.0 (see [LICENSE][license])
-[author]:           https://github.com/fifthecho
-[issues]:           https://github.com/test-kitchen/kitchen-cloudstack/issues
-[license]:          https://github.com/test-kitchen/kitchen-cloudstack/blob/master/LICENSE
-[repo]:             https://github.com/test-kitchen/kitchen-cloudstack
-[driver_usage]:     http://docs.kitchen-ci.org/drivers/usage
-[chef_omnibus_dl]:  http://getchef.com/chef/install/
+# <a name="title"></a> Kitchen::CloudStack
+A Test Kitchen Driver for Apache CloudStack / Citrix CloudPlatform.
+## <a name="requirements"></a> Requirements
+This Gem only requires FOG of a version greater than 1.3.1. However, as most of your knife plugins will be using newer
+versions of FOG, that shouldn't be an issue.
+## <a name="installation"></a> Installation and Setup
+Please read the [Driver usage][driver_usage] page for more details.
+## <a name="config"></a> Configuration
+Provide, at a minimum, the required driver options in your `.kitchen.yml` file:
+    driver_plugin: cloudstack
+    driver_config:
+      cloudstack_api_key: [YOUR CLOUDSTACK API KEY]
+      cloudstack_secret_key: [YOUR CLOUDSTACK SECRET KEY]
+      cloudstack_api_url: [YOUR CLOUDSTACK API URL]
+      require_chef_omnibus: latest (if you'll be using Chef)
+    OPTIONAL
+      cloudstack_expunge: [TRUE/FALSE] # Whether or not you want the instance to be expunged, default false.
+      cloudstack_sync_time: [NUMBER OF SECONDS TO WAIT FOR CLOUD-SET-GUEST-PASSWORD/SSHKEY]
+      keypair_search_directory: [PATH TO DIRECTORY (other than ~, ., and ~/.ssh) WITH KEYPAIR PEM FILE]
+      cloudstack_project_id: [PROJECT_ID] # To deploy VMs into project.
+      cloudstack_vm_public_ip: [PUBLIC_IP] # In case you use advanced networking and do static NAT manually.
+      associate_public_ip: [TRUE/FALSE] # If you want kitchen to automatically associate a public IP, default false.
+      cloudstack_create_firewall_rule: [TRUE/FALSE] # If you want Kitchen to automatically create firewall rule for public IP to reach SSH (port 22)
+      cloudstack_userdata: "#cloud-config\npackages:\n - htop\n" # double quote required.
+Then to specify different OS templates,
+    platforms:
+      cloudstack_template_id: [INSTANCE TEMPLATE ID]
+      cloudstack_serviceoffering_id: [INSTANCE SERVICE OFFERING ID]
+      cloudstack_zone_id: [INSTANCE ZONE ID]
+    OPTIONAL
+      cloudstack_network_id: [NETWORK ID FOR ISOLATED OR VPC NETWORKS]
+      cloudstack_security_group_id: [SECURITY GROUP ID FOR SHARED NETWORKS]
+      cloudstack_affinity_group_id: [AFFINITY GROUP ID FOR DEDICATED CLUSTER]
+      cloudstack_serviceoffering_cpu: [THE NUMBER OF CPU FOR A SERVICE OFFERING THAT DOES NOT SPECIFY CPU]
+      cloudstack_serviceoffering_cpuspeed: [THE SPEED OF EACH CPU FOR A SERVICE OFFERING THAT DOES NOT SPECIFY CPU]
+      cloudstack_serviceoffering_memory: [THE AMOUNT OF MEMORY IN MB FOR A SERVICE OFFERING THAT DOES NOT SPECIFY MEMORY]
+      cloudstack_diskoffering_id: [INSTANCE DISK OFFERING ID]
+      cloudstack_diskoffering_size: [INSTANCE DISK OFFERING SIZE IN GB]
+      cloudstack_ssh_keypair_name: [SSH KEY NAME]
+      cloudstack_sync_time: [NUMBER OF SECONDS TO WAIT FOR CLOUD-SET-GUEST-PASSWORD/SSHKEY]
+To use the CloudStack public key provider, you need to have the .PEM file located in the same directory as
+your .kitchen.yml file, your home directory (\~), your .ssh directory (\~/.ssh/), or specify a directory (without any
+trailing slahses) as your "keypair_search_directory" and the file be named the same as the Keypair on CloudStack
+suffixed with .pem (e.g. the Keypair named "TestKey" should be located in one of the searched directories and named
+"TestKey.pem").
+This PEM file should be the PRIVATE key, not the PUBLIC key.
+By default, a unique server name will be generated and the randomly generated password will be used, though that
+behavior can be overridden with additional options (e.g., to specify a SSH private key):
+    name: [A UNIQUE SERVER NAME]
+    public_key_path: [PATH TO YOUR SSH PUBLIC KEY]
+    username: [SSH USER]
+    port: [SSH PORT]
+host_name setting is  useful if you are facing ENAMETOOLONG exceptions in the
+chef run caused by long generated hostnames)
+    host_name: [A UNIQUE HOST NAME]
+Only disable SSL cert validation if you absolutely know what you are doing,
+but are stuck with an CloudStack deployment without valid SSL certs.
+    disable_ssl_validation: true
+### <a name="config-require-chef-omnibus"></a> require\_chef\_omnibus
+Determines whether or not a Chef [Omnibus package][chef_omnibus_dl] will be
+installed. There are several different behaviors available:
+* `true` - the latest release will be installed. Subsequent converges
+  will skip re-installing if chef is present.
+* `latest` - the latest release will be installed. Subsequent converges
+  will always re-install even if chef is present.
+* `<VERSION_STRING>` (ex: `10.24.0`) - the desired version string will
+  be passed the the install.sh script. Subsequent converges will skip if
+  the installed version and the desired version match.
+* `false` or `nil` - no chef is installed.
+The default value is unset, or `nil`.
+## <a name="development"></a> Development
+* Source hosted at [GitHub][repo]
+* Report issues/questions/feature requests on [GitHub Issues][issues]
+Pull requests are very welcome! Make sure your patches are well tested.
+Ideally create a topic branch for every separate change you make. For
+example:
+1. Fork the repo
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request
+## <a name="authors"></a> Authors
+Created and maintained by [Jeff Moody][author] (<fifthecho@gmail.com>)
+## <a name="license"></a> License
+Apache 2.0 (see [LICENSE][license])
+[author]:           https://github.com/fifthecho
+[issues]:           https://github.com/test-kitchen/kitchen-cloudstack/issues
+[license]:          https://github.com/test-kitchen/kitchen-cloudstack/blob/master/LICENSE
+[repo]:             https://github.com/test-kitchen/kitchen-cloudstack
+[driver_usage]:     http://docs.kitchen-ci.org/drivers/usage
+[chef_omnibus_dl]:  http://getchef.com/chef/install/

data/kitchen-cloudstack.gemspec CHANGED

@@ -1,30 +1,30 @@
-# coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'kitchen/driver/cloudstack_version'
-Gem::Specification.new do |spec|
-  spec.name          = 'kitchen-cloudstack'
-  spec.version       = Kitchen::Driver::CLOUDSTACK_VERSION
-  spec.authors       = ['Jeff Moody']
-  spec.email         = ['fifthecho@gmail.com']
-  spec.description   = %q{A Test Kitchen Driver for Apache CloudStack}
-  spec.summary       = %q{Provides an interface for Test Kitchen to be able to run jobs against an Apache CloudStack cloud.}
-  spec.homepage      = 'https://github.com/test-kitchen/kitchen-cloudstack'
-  spec.license       = 'Apache-2.0'
-  spec.files         = `git ls-files`.split($/)
-  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-  spec.require_paths = ['lib']
-  spec.add_dependency 'test-kitchen', '>= 1.0.0', "< 3"
-  spec.add_dependency 'fog', '~> 1.23'
-  spec.add_development_dependency 'bundler'
-  spec.add_development_dependency 'rake'
-  spec.add_development_dependency 'cane', '~> 2'
-  spec.add_development_dependency 'tailor', '~> 1'
-  spec.add_development_dependency 'countloc'
-  spec.add_development_dependency 'pry'
-end
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'kitchen/driver/cloudstack_version'
+Gem::Specification.new do |spec|
+  spec.name          = 'kitchen-cloudstack'
+  spec.version       = Kitchen::Driver::CLOUDSTACK_VERSION
+  spec.authors       = ['Jeff Moody']
+  spec.email         = ['fifthecho@gmail.com']
+  spec.description   = %q{A Test Kitchen Driver for Apache CloudStack}
+  spec.summary       = %q{Provides an interface for Test Kitchen to be able to run jobs against an Apache CloudStack cloud.}
+  spec.homepage      = 'https://github.com/test-kitchen/kitchen-cloudstack'
+  spec.license       = 'Apache-2.0'
+  spec.files         = `git ls-files`.split($/)
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+  spec.add_dependency 'test-kitchen', '>= 1.0.0', "< 3"
+  spec.add_dependency 'fog-cloudstack', '~> 0.1.0'
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'cane', '~> 2'
+  spec.add_development_dependency 'tailor', '~> 1'
+  spec.add_development_dependency 'countloc'
+  spec.add_development_dependency 'pry'
+end

data/lib/kitchen/driver/cloudstack.rb CHANGED

@@ -1,461 +1,466 @@
-# -*- encoding: utf-8 -*-
-#
-# Author:: Jeff Moody (<fifthecho@gmail.com>)
-#
-# Copyright (C) 2013, Jeff Moody
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-require 'benchmark'
-require 'kitchen'
-require 'fog'
-require 'socket'
-require 'openssl'
-require 'base64'
-module Kitchen
-  module Driver
-    # Cloudstack driver for Kitchen.
-    #
-    # @author Jeff Moody <fifthecho@gmail.com>
-    class Cloudstack < Kitchen::Driver::SSHBase
-      default_config :name,             nil
-      default_config :username,         'root'
-      default_config :port,             '22'
-      default_config :password,         nil
-      default_config :cloudstack_create_firewall_rule, false
-      def compute
-        cloudstack_uri =  URI.parse(config[:cloudstack_api_url])
-        connection = Fog::Compute.new(
-          :provider => :cloudstack,
-          :cloudstack_api_key => config[:cloudstack_api_key],
-          :cloudstack_secret_access_key => config[:cloudstack_secret_key],
-          :cloudstack_host => cloudstack_uri.host,
-          :cloudstack_port => cloudstack_uri.port,
-          :cloudstack_path => cloudstack_uri.path,
-          :cloudstack_project_id => config[:cloudstack_project_id],
-          :cloudstack_scheme => cloudstack_uri.scheme
-        )
-      end
-      def create_server
-        options = {}
-        config[:server_name] ||= generate_name(instance.name)
-        options['displayname'] = config[:server_name]
-        options['networkids']  = config[:cloudstack_network_id]
-        options['securitygroupids'] = config[:cloudstack_security_group_id]
-        options['keypair'] = config[:cloudstack_ssh_keypair_name]
-        options['diskofferingid'] = config[:cloudstack_diskoffering_id]
-        options['name'] = config[:host_name]
-        options[:userdata] = convert_userdata(config[:cloudstack_userdata]) if config[:cloudstack_userdata]
-        options = sanitize(options)
-        options[:templateid] = config[:cloudstack_template_id]
-        options[:serviceofferingid] = config[:cloudstack_serviceoffering_id]
-        options[:zoneid] = config[:cloudstack_zone_id]
-        debug(options)
-        compute.deploy_virtual_machine(options)
-      end
-      def create(state)
-        if not config[:name]
-          # Generate what should be a unique server name
-          config[:name] = "#{instance.name}-#{Etc.getlogin}-" +
-            "#{Socket.gethostname}-#{Array.new(8){rand(36).to_s(36)}.join}"
-        end
-        if config[:disable_ssl_validation]
-          require 'excon'
-          Excon.defaults[:ssl_verify_peer] = false
-        end
-        server = create_server
-        debug(server)
-        state[:server_id] = server['deployvirtualmachineresponse'].fetch('id')
-        start_jobid = {
-          'jobid' => server['deployvirtualmachineresponse'].fetch('jobid')
-        }
-        info("CloudStack instance <#{state[:server_id]}> created.")
-        debug("Job ID #{start_jobid}")
-        # Cloning the original job id hash because running the
-        # query_async_job_result updates the hash to include
-        # more than just the job id (which I could work around, but I'm lazy).
-        jobid = start_jobid.clone
-        server_start = compute.query_async_job_result(jobid)
-        # jobstatus of zero is a running job
-        while server_start['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 0
-          debug("Job status: #{server_start}")
-          print ". "
-          sleep(10)
-          debug("Running Job ID #{jobid}")
-          debug("Start Job ID #{start_jobid}")
-          # We have to reclone on each iteration, as the hash keeps getting updated.
-          jobid = start_jobid.clone
-          server_start = compute.query_async_job_result(jobid)
-        end
-        debug("Server_Start: #{server_start} \n")
-        # jobstatus of 2 is an error response
-        if server_start['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 2
-          errortext = server_start['queryasyncjobresultresponse']
-            .fetch('jobresult')
-            .fetch('errortext')
-          error("ERROR! Job failed with #{errortext}")
-          raise ActionFailed, "Could not create server #{errortext}"
-        end
-        # jobstatus of 1 is a succesfully completed async job
-        if server_start['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 1
-          server_info = server_start['queryasyncjobresultresponse']['jobresult']['virtualmachine']
-          debug(server_info)
-          print "(server ready)"
-          keypair = nil
-          if config[:keypair_search_directory] and File.exist?(
-            "#{config[:keypair_search_directory]}/#{config[:cloudstack_ssh_keypair_name]}.pem"
-          )
-            keypair = "#{config[:keypair_search_directory]}/#{config[:cloudstack_ssh_keypair_name]}.pem"
-            debug("Keypair being used is #{keypair}")
-          elsif File.exist?("./#{config[:cloudstack_ssh_keypair_name]}.pem")
-            keypair = "./#{config[:cloudstack_ssh_keypair_name]}.pem"
-            debug("Keypair being used is #{keypair}")
-          elsif File.exist?("#{ENV["HOME"]}/#{config[:cloudstack_ssh_keypair_name]}.pem")
-            keypair = "#{ENV["HOME"]}/#{config[:cloudstack_ssh_keypair_name]}.pem"
-            debug("Keypair being used is #{keypair}")
-          elsif File.exist?("#{ENV["HOME"]}/.ssh/#{config[:cloudstack_ssh_keypair_name]}.pem")
-            keypair = "#{ENV["HOME"]}/.ssh/#{config[:cloudstack_ssh_keypair_name]}.pem"
-            debug("Keypair being used is #{keypair}")
-          elsif (!config[:cloudstack_ssh_keypair_name].nil?)
-            info("Keypair specified but not found. Using password if enabled.")
-          end
-          if config[:associate_public_ip]
-            info("Associating public ip...")
-            state[:hostname] = associate_public_ip(state, server_info)
-            info("Creating port forward...")
-            create_port_forward(state, server_info['id'])
-          else
-            state[:hostname] = default_public_ip(server_info) unless config[:associate_public_ip]
-          end
-          if keypair
-            debug("Using keypair: #{keypair}")
-            info("SSH for #{state[:hostname]} with keypair #{config[:cloudstack_ssh_keypair_name]}.")
-            ssh_key = File.read(keypair)
-            if ssh_key.split[0] == "ssh-rsa" or ssh_key.split[0] == "ssh-dsa"
-              error("SSH key #{keypair} is not a Private Key. Please modify your .kitchen.yml")
-            end
-            wait_for_sshd(state[:hostname], config[:username], {:keys => keypair})
-            debug("SSH connectivity validated with keypair.")
-            ssh = Fog::SSH.new(state[:hostname], config[:username], {:keys => keypair})
-            debug("Connecting to : #{state[:hostname]} as #{config[:username]} using keypair #{keypair}.")
-          elsif server_info.fetch('passwordenabled')
-            password = server_info.fetch('password')
-            config[:password] = password
-            # Print out IP and password so you can record it if you want.
-            info("Password for #{config[:username]} at #{state[:hostname]} is #{password}")
-            wait_for_sshd(state[:hostname], config[:username], {:password => password})
-            debug("SSH connectivity validated with cloudstack-set password.")
-            ssh = Fog::SSH.new(state[:hostname], config[:username], {:password => password})
-            debug("Connecting to : #{state[:hostname]} as #{config[:username]} using password #{password}.")
-          elsif config[:password]
-            info("Connecting with user #{config[:username]} with password #{config[:password]}")
-            wait_for_sshd(state[:hostname], config[:username], {:password => config[:password]})
-            debug("SSH connectivity validated with fixed password.")
-            ssh = Fog::SSH.new(state[:hostname], config[:username], {:password => config[:password]})
-          else
-            info("No keypair specified (or file not found) nor is this a password enabled template. You will have to manually copy your SSH public key to #{state[:hostname]} to use this Kitchen.")
-          end
-          validate_ssh_connectivity(ssh)
-          deploy_private_key(ssh)
-        end
-      end
-      def destroy(state)
-        return unless state[:server_id]
-        if config[:associate_public_ip]
-          delete_port_forward(state)
-          release_public_ip(state)
-        end
-        debug("Destroying #{state[:server_id]}")
-        server = compute.servers.get(state[:server_id])
-        expunge =
-          if !!config[:cloudstack_expunge] == config[:cloudstack_expunge]
-            config[:cloudstack_expunge]
-          else
-            false
-          end
-        if server
-          compute.destroy_virtual_machine(
-            {
-              'id' => state[:server_id],
-              'expunge' => expunge
-            }
-          )
-        end
-        info("CloudStack instance <#{state[:server_id]}> destroyed.")
-        state.delete(:server_id)
-        state.delete(:hostname)
-      end
-      def validate_ssh_connectivity(ssh)
-      rescue Errno::ETIMEDOUT
-        debug("SSH connection timed out. Retrying.")
-        sleep 2
-        false
-      rescue Errno::EPERM
-        debug("SSH connection returned error. Retrying.")
-        false
-      rescue Errno::ECONNREFUSED
-        debug("SSH connection returned connection refused. Retrying.")
-        sleep 2
-        false
-      rescue Errno::EHOSTUNREACH
-        debug("SSH connection returned host unreachable. Retrying.")
-        sleep 2
-        false
-      rescue Errno::ENETUNREACH
-        debug("SSH connection returned network unreachable. Retrying.")
-        sleep 30
-        false
-      rescue Net::SSH::Disconnect
-        debug("SSH connection has been disconnected. Retrying.")
-        sleep 15
-        false
-      rescue Net::SSH::AuthenticationFailed
-        debug("SSH authentication has failed. Password or Keys may not be in place yet. Retrying.")
-        sleep 15
-        false
-      ensure
-        sync_time = 0
-        if (config[:cloudstack_sync_time])
-          sync_time = config[:cloudstack_sync_time]
-        end
-        sleep(sync_time)
-        debug("Connecting to host and running ls")
-        ssh.run('ls')
-      end
-      def deploy_private_key(ssh)
-        debug("Deploying user private key to server using connection #{ssh} to guarantee connectivity.")
-        if File.exist?("#{ENV["HOME"]}/.ssh/id_rsa.pub")
-          user_public_key = File.read("#{ENV["HOME"]}/.ssh/id_rsa.pub")
-        elsif File.exist?("#{ENV["HOME"]}/.ssh/id_dsa.pub")
-          user_public_key = File.read("#{ENV["HOME"]}/.ssh/id_dsa.pub")
-        else
-          debug("No public SSH key for user. Skipping.")
-        end
-        if user_public_key
-          ssh.run([
-            %{mkdir .ssh},
-            %{echo "#{user_public_key}" >> ~/.ssh/authorized_keys}
-          ])
-        end
-      end
-      def generate_name(base)
-        # Generate what should be a unique server name
-        sep = '-'
-        pieces = [
-          base,
-          Etc.getlogin,
-          Socket.gethostname,
-          Array.new(8) { rand(36).to_s(36) }.join
-        ]
-        until pieces.join(sep).length <= 64 do
-          if pieces[2] && pieces[2].length > 24
-            pieces[2] = pieces[2][0..-2]
-          elsif pieces[1] && pieces[1].length > 16
-            pieces[1] = pieces[1][0..-2]
-          elsif pieces[0] && pieces[0].length > 16
-            pieces[0] = pieces[0][0..-2]
-          end
-        end
-        pieces.join sep
-      end
-      private
-      def sanitize(options)
-        options.reject { |k, v| v.nil? }
-      end
-      def convert_userdata(user_data)
-        if user_data.match /^(?:[A-Za-z0-9+\/]{4}\n?)*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/
-          user_data
-        else
-          Base64.encode64(user_data)
-        end
-      end
-      def associate_public_ip(state, server_info)
-        options = {
-          'zoneid' => config[:cloudstack_zone_id],
-          'vpcid' => get_vpc_id,
-          'networkid' => config[:cloudstack_network_id]
-        }
-        res = compute.associate_ip_address(options)
-        job_status = compute.query_async_job_result(res['associateipaddressresponse']['jobid'])
-        if job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 1
-          save_ipaddress_id(state, job_status)
-          ip_address = get_public_ip(res['associateipaddressresponse']['id'])
-        else
-          error(job_status['queryasyncjobresultresponse'].fetch('jobresult'))
-        end
-        if config[:cloudstack_create_firewall_rule]
-          info("Creating firewall rule for SSH")
-          # create firewallrule projectid=<project> cidrlist=<0.0.0.0/0 or your source> protocol=tcp startport=0 endport=65535 (or you can restrict to 22 if you want) ipaddressid=<public ip address id>
-          options = {
-            'projectid' => config[:cloudstack_project_id],
-            'cidrlist' => '0.0.0.0/0',
-            'protocol' => 'tcp',
-            'startport' => 22,
-            'endport' => 22,
-            'ipaddressid' => state[:ipaddressid]
-          }
-          res = compute.create_firewall_rule(options)
-          status = 0
-          timeout = 10
-          while status == 0
-            job_status = compute.query_async_job_result(res['createfirewallruleresponse']['jobid'])
-            status = job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i
-            timeout -= 1
-            error("Failed to create firewall rule by timeout") if timeout == 0
-            sleep 1
-          end
-          if job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 1
-            save_firewall_rule_id(state, job_status)
-            info('Firewall rule successfully created')
-          else
-            error(job_status['queryasyncjobresultresponse'])
-          end
-        end
-        ip_address
-      end
-      def create_port_forward(state, virtualmachineid)
-        options = {
-          'ipaddressid' => state[:ipaddressid],
-          'privateport' => 22,
-          'protocol' => "TCP",
-          'publicport' => 22,
-          'virtualmachineid' => virtualmachineid,
-          'networkid' => config[:cloudstack_network_id],
-          'openfirewall' => false
-        }
-        res = compute.create_port_forwarding_rule(options)
-        job_status = compute.query_async_job_result(res['createportforwardingruleresponse']['jobid'])
-        unless job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 0
-          error("Error creating port forwarding rules")
-        end
-        save_forwarding_port_rule_id(state, res['createportforwardingruleresponse']['id'])
-      end
-      def release_public_ip(state)
-        info("Disassociating public ip...")
-        begin
-          res = compute.disassociate_ip_address(state[:ipaddressid])
-        rescue Fog::Compute::Cloudstack::BadRequest => e
-          error(e) unless e.to_s.match?(/does not exist/)
-        else
-          job_status = compute.query_async_job_result(res['disassociateipaddressresponse']['jobid'])
-          unless job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 0
-            error("Error disassociating public ip")
-          end
-        end
-        if state[:firewall_rule_id]
-          info("Removing firewall rule '#{state[:firewall_rule_id]}'")
-          begin
-            res = compute.delete_firewall_rule(state[:firewall_rule_id])
-          rescue Fog::Compute::Cloudstack::BadRequest => e
-            error(e) unless e.to_s.match?(/does not exist/)
-          else
-            job_status = compute.query_async_job_result(res['deletefirewallruleresponse']['jobid'])
-            unless job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 0
-              error("Error removing firewall rule '#{state[:firewall_rule_id]}'")
-            end
-          end
-        end
-      end
-      def delete_port_forward(state)
-        info("Deleting port forwarding rules...")
-        begin
-          res = compute.delete_port_forwarding_rule(state[:forwardingruleid])
-        rescue Fog::Compute::Cloudstack::BadRequest => e
-          error(e) unless e.to_s.match?(/does not exist/)
-        else
-          job_status = compute.query_async_job_result(res['deleteportforwardingruleresponse']['jobid'])
-          unless job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 0
-            error("Error deleting port forwarding rules")
-          end
-        end
-      end
-      def get_vpc_id
-        compute.list_networks['listnetworksresponse']['network']
-          .select{|e| e['id'] == config[:cloudstack_network_id]}.first['vpcid']
-      end
-      def get_public_ip(public_ip_uuid)
-        compute.list_public_ip_addresses['listpublicipaddressesresponse']['publicipaddress']
-          .select{|e| e['id'] == public_ip_uuid}
-          .first['ipaddress']
-      end
-      def save_ipaddress_id(state, job_status)
-        state[:ipaddressid] = job_status['queryasyncjobresultresponse']
-                                .fetch('jobresult')
-                                .fetch('ipaddress')
-                                .fetch('id')
-      end
-      def save_firewall_rule_id(state, job_status)
-        state[:firewall_rule_id] = job_status['queryasyncjobresultresponse']
-                                .fetch('jobresult')
-                                .fetch('firewallrule')
-                                .fetch('id')
-      end
-      def save_forwarding_port_rule_id(state, uuid)
-        state[:forwardingruleid] = uuid
-      end
-      def default_public_ip(server_info)
-        config[:cloudstack_vm_public_ip] || server_info.fetch('nic').first.fetch('ipaddress')
-      end
-    end
-  end
-end
+# -*- encoding: utf-8 -*-
+#
+# Author:: Jeff Moody (<fifthecho@gmail.com>)
+#
+# Copyright (C) 2013, Jeff Moody
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require 'benchmark'
+require 'kitchen'
+require 'fog/cloudstack'
+require 'socket'
+require 'openssl'
+require 'base64'
+module Kitchen
+  module Driver
+    # Cloudstack driver for Kitchen.
+    #
+    # @author Jeff Moody <fifthecho@gmail.com>
+    class Cloudstack < Kitchen::Driver::SSHBase
+      default_config :name,             nil
+      default_config :username,         'root'
+      default_config :port,             '22'
+      default_config :password,         nil
+      default_config :cloudstack_create_firewall_rule, false
+      def compute
+        cloudstack_uri =  URI.parse(config[:cloudstack_api_url])
+        connection = Fog::Compute.new(
+          :provider => :cloudstack,
+          :cloudstack_api_key => config[:cloudstack_api_key],
+          :cloudstack_secret_access_key => config[:cloudstack_secret_key],
+          :cloudstack_host => cloudstack_uri.host,
+          :cloudstack_port => cloudstack_uri.port,
+          :cloudstack_path => cloudstack_uri.path,
+          :cloudstack_project_id => config[:cloudstack_project_id],
+          :cloudstack_scheme => cloudstack_uri.scheme
+        )
+      end
+      def create_server
+        options = {}
+        config[:server_name] ||= generate_name(instance.name)
+        options['displayname'] = config[:server_name]
+        options['networkids']  = config[:cloudstack_network_id]
+        options['securitygroupids'] = config[:cloudstack_security_group_id]
+        options['affinitygroupids'] = config[:cloudstack_affinity_group_id]
+        options['keypair'] = config[:cloudstack_ssh_keypair_name]
+        options['diskofferingid'] = config[:cloudstack_diskoffering_id]
+        options['size'] = config[:cloudstack_diskoffering_size]
+        options['name'] = config[:host_name]
+        options['details[0].cpuNumber'] = config[:cloudstack_serviceoffering_cpu]
+        options['details[0].cpuSpeed'] = config[:cloudstack_serviceoffering_cpuspeed]
+        options['details[0].memory'] = config[:cloudstack_serviceoffering_memory]
+        options[:userdata] = convert_userdata(config[:cloudstack_userdata]) if config[:cloudstack_userdata]
+        options = sanitize(options)
+        options[:templateid] = config[:cloudstack_template_id]
+        options[:serviceofferingid] = config[:cloudstack_serviceoffering_id]
+        options[:zoneid] = config[:cloudstack_zone_id]
+        debug(options)
+        compute.deploy_virtual_machine(options)
+      end
+      def create(state)
+        if not config[:name]
+          # Generate what should be a unique server name
+          config[:name] = "#{instance.name}-#{Etc.getlogin}-" +
+            "#{Socket.gethostname}-#{Array.new(8){rand(36).to_s(36)}.join}"
+        end
+        if config[:disable_ssl_validation]
+          require 'excon'
+          Excon.defaults[:ssl_verify_peer] = false
+        end
+        server = create_server
+        debug(server)
+        state[:server_id] = server['deployvirtualmachineresponse'].fetch('id')
+        start_jobid = {
+          'jobid' => server['deployvirtualmachineresponse'].fetch('jobid')
+        }
+        info("CloudStack instance <#{state[:server_id]}> created.")
+        debug("Job ID #{start_jobid}")
+        # Cloning the original job id hash because running the
+        # query_async_job_result updates the hash to include
+        # more than just the job id (which I could work around, but I'm lazy).
+        jobid = start_jobid.clone
+        server_start = compute.query_async_job_result(jobid)
+        # jobstatus of zero is a running job
+        while server_start['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 0
+          debug("Job status: #{server_start}")
+          print ". "
+          sleep(10)
+          debug("Running Job ID #{jobid}")
+          debug("Start Job ID #{start_jobid}")
+          # We have to reclone on each iteration, as the hash keeps getting updated.
+          jobid = start_jobid.clone
+          server_start = compute.query_async_job_result(jobid)
+        end
+        debug("Server_Start: #{server_start} \n")
+        # jobstatus of 2 is an error response
+        if server_start['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 2
+          errortext = server_start['queryasyncjobresultresponse']
+            .fetch('jobresult')
+            .fetch('errortext')
+          error("ERROR! Job failed with #{errortext}")
+          raise ActionFailed, "Could not create server #{errortext}"
+        end
+        # jobstatus of 1 is a succesfully completed async job
+        if server_start['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 1
+          server_info = server_start['queryasyncjobresultresponse']['jobresult']['virtualmachine']
+          debug(server_info)
+          print "(server ready)"
+          keypair = nil
+          if config[:keypair_search_directory] and File.exist?(
+            "#{config[:keypair_search_directory]}/#{config[:cloudstack_ssh_keypair_name]}.pem"
+          )
+            keypair = "#{config[:keypair_search_directory]}/#{config[:cloudstack_ssh_keypair_name]}.pem"
+            debug("Keypair being used is #{keypair}")
+          elsif File.exist?("./#{config[:cloudstack_ssh_keypair_name]}.pem")
+            keypair = "./#{config[:cloudstack_ssh_keypair_name]}.pem"
+            debug("Keypair being used is #{keypair}")
+          elsif File.exist?("#{ENV["HOME"]}/#{config[:cloudstack_ssh_keypair_name]}.pem")
+            keypair = "#{ENV["HOME"]}/#{config[:cloudstack_ssh_keypair_name]}.pem"
+            debug("Keypair being used is #{keypair}")
+          elsif File.exist?("#{ENV["HOME"]}/.ssh/#{config[:cloudstack_ssh_keypair_name]}.pem")
+            keypair = "#{ENV["HOME"]}/.ssh/#{config[:cloudstack_ssh_keypair_name]}.pem"
+            debug("Keypair being used is #{keypair}")
+          elsif (!config[:cloudstack_ssh_keypair_name].nil?)
+            info("Keypair specified but not found. Using password if enabled.")
+          end
+          if config[:associate_public_ip]
+            info("Associating public ip...")
+            state[:hostname] = associate_public_ip(state, server_info)
+            info("Creating port forward...")
+            create_port_forward(state, server_info['id'])
+          else
+            state[:hostname] = default_public_ip(server_info) unless config[:associate_public_ip]
+          end
+          if keypair
+            debug("Using keypair: #{keypair}")
+            info("SSH for #{state[:hostname]} with keypair #{config[:cloudstack_ssh_keypair_name]}.")
+            ssh_key = File.read(keypair)
+            if ssh_key.split[0] == "ssh-rsa" or ssh_key.split[0] == "ssh-dsa"
+              error("SSH key #{keypair} is not a Private Key. Please modify your .kitchen.yml")
+            end
+            wait_for_sshd(state[:hostname], config[:username], {:keys => keypair})
+            debug("SSH connectivity validated with keypair.")
+            ssh = Fog::SSH.new(state[:hostname], config[:username], {:keys => keypair})
+            debug("Connecting to : #{state[:hostname]} as #{config[:username]} using keypair #{keypair}.")
+          elsif server_info.fetch('passwordenabled')
+            password = server_info.fetch('password')
+            config[:password] = password
+            # Print out IP and password so you can record it if you want.
+            info("Password for #{config[:username]} at #{state[:hostname]} is #{password}")
+            wait_for_sshd(state[:hostname], config[:username], {:password => password})
+            debug("SSH connectivity validated with cloudstack-set password.")
+            ssh = Fog::SSH.new(state[:hostname], config[:username], {:password => password})
+            debug("Connecting to : #{state[:hostname]} as #{config[:username]} using password #{password}.")
+          elsif config[:password]
+            info("Connecting with user #{config[:username]} with password #{config[:password]}")
+            wait_for_sshd(state[:hostname], config[:username], {:password => config[:password]})
+            debug("SSH connectivity validated with fixed password.")
+            ssh = Fog::SSH.new(state[:hostname], config[:username], {:password => config[:password]})
+          else
+            info("No keypair specified (or file not found) nor is this a password enabled template. You will have to manually copy your SSH public key to #{state[:hostname]} to use this Kitchen.")
+          end
+          validate_ssh_connectivity(ssh)
+          deploy_private_key(ssh)
+        end
+      end
+      def destroy(state)
+        return unless state[:server_id]
+        if config[:associate_public_ip]
+          delete_port_forward(state)
+          release_public_ip(state)
+        end
+        debug("Destroying #{state[:server_id]}")
+        server = compute.servers.get(state[:server_id])
+        expunge =
+          if !!config[:cloudstack_expunge] == config[:cloudstack_expunge]
+            config[:cloudstack_expunge]
+          else
+            false
+          end
+        if server
+          compute.destroy_virtual_machine(
+            {
+              'id' => state[:server_id],
+              'expunge' => expunge
+            }
+          )
+        end
+        info("CloudStack instance <#{state[:server_id]}> destroyed.")
+        state.delete(:server_id)
+        state.delete(:hostname)
+      end
+      def validate_ssh_connectivity(ssh)
+      rescue Errno::ETIMEDOUT
+        debug("SSH connection timed out. Retrying.")
+        sleep 2
+        false
+      rescue Errno::EPERM
+        debug("SSH connection returned error. Retrying.")
+        false
+      rescue Errno::ECONNREFUSED
+        debug("SSH connection returned connection refused. Retrying.")
+        sleep 2
+        false
+      rescue Errno::EHOSTUNREACH
+        debug("SSH connection returned host unreachable. Retrying.")
+        sleep 2
+        false
+      rescue Errno::ENETUNREACH
+        debug("SSH connection returned network unreachable. Retrying.")
+        sleep 30
+        false
+      rescue Net::SSH::Disconnect
+        debug("SSH connection has been disconnected. Retrying.")
+        sleep 15
+        false
+      rescue Net::SSH::AuthenticationFailed
+        debug("SSH authentication has failed. Password or Keys may not be in place yet. Retrying.")
+        sleep 15
+        false
+      ensure
+        sync_time = 0
+        if (config[:cloudstack_sync_time])
+          sync_time = config[:cloudstack_sync_time]
+        end
+        sleep(sync_time)
+        debug("Connecting to host and running ls")
+        ssh.run('ls')
+      end
+      def deploy_private_key(ssh)
+        debug("Deploying user private key to server using connection #{ssh} to guarantee connectivity.")
+        if File.exist?("#{ENV["HOME"]}/.ssh/id_rsa.pub")
+          user_public_key = File.read("#{ENV["HOME"]}/.ssh/id_rsa.pub")
+        elsif File.exist?("#{ENV["HOME"]}/.ssh/id_dsa.pub")
+          user_public_key = File.read("#{ENV["HOME"]}/.ssh/id_dsa.pub")
+        else
+          debug("No public SSH key for user. Skipping.")
+        end
+        if user_public_key
+          ssh.run([
+            %{mkdir .ssh},
+            %{echo "#{user_public_key}" >> ~/.ssh/authorized_keys}
+          ])
+        end
+      end
+      def generate_name(base)
+        # Generate what should be a unique server name
+        sep = '-'
+        pieces = [
+          base,
+          Etc.getlogin,
+          Socket.gethostname,
+          Array.new(8) { rand(36).to_s(36) }.join
+        ]
+        until pieces.join(sep).length <= 64 do
+          if pieces[2] && pieces[2].length > 24
+            pieces[2] = pieces[2][0..-2]
+          elsif pieces[1] && pieces[1].length > 16
+            pieces[1] = pieces[1][0..-2]
+          elsif pieces[0] && pieces[0].length > 16
+            pieces[0] = pieces[0][0..-2]
+          end
+        end
+        pieces.join sep
+      end
+      private
+      def sanitize(options)
+        options.reject { |k, v| v.nil? }
+      end
+      def convert_userdata(user_data)
+        if user_data.match /^(?:[A-Za-z0-9+\/]{4}\n?)*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/
+          user_data
+        else
+          Base64.encode64(user_data)
+        end
+      end
+      def associate_public_ip(state, server_info)
+        options = {
+          'zoneid' => config[:cloudstack_zone_id],
+          'vpcid' => get_vpc_id,
+          'networkid' => config[:cloudstack_network_id]
+        }
+        res = compute.associate_ip_address(options)
+        job_status = compute.query_async_job_result(res['associateipaddressresponse']['jobid'])
+        if job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 1
+          save_ipaddress_id(state, job_status)
+          ip_address = get_public_ip(res['associateipaddressresponse']['id'])
+        else
+          error(job_status['queryasyncjobresultresponse'].fetch('jobresult'))
+        end
+        if config[:cloudstack_create_firewall_rule]
+          info("Creating firewall rule for SSH")
+          # create firewallrule projectid=<project> cidrlist=<0.0.0.0/0 or your source> protocol=tcp startport=0 endport=65535 (or you can restrict to 22 if you want) ipaddressid=<public ip address id>
+          options = {
+            'projectid' => config[:cloudstack_project_id],
+            'cidrlist' => '0.0.0.0/0',
+            'protocol' => 'tcp',
+            'startport' => 22,
+            'endport' => 22,
+            'ipaddressid' => state[:ipaddressid]
+          }
+          res = compute.create_firewall_rule(options)
+          status = 0
+          timeout = 10
+          while status == 0
+            job_status = compute.query_async_job_result(res['createfirewallruleresponse']['jobid'])
+            status = job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i
+            timeout -= 1
+            error("Failed to create firewall rule by timeout") if timeout == 0
+            sleep 1
+          end
+          if job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 1
+            save_firewall_rule_id(state, job_status)
+            info('Firewall rule successfully created')
+          else
+            error(job_status['queryasyncjobresultresponse'])
+          end
+        end
+        ip_address
+      end
+      def create_port_forward(state, virtualmachineid)
+        options = {
+          'ipaddressid' => state[:ipaddressid],
+          'privateport' => 22,
+          'protocol' => "TCP",
+          'publicport' => 22,
+          'virtualmachineid' => virtualmachineid,
+          'networkid' => config[:cloudstack_network_id],
+          'openfirewall' => false
+        }
+        res = compute.create_port_forwarding_rule(options)
+        job_status = compute.query_async_job_result(res['createportforwardingruleresponse']['jobid'])
+        unless job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 0
+          error("Error creating port forwarding rules")
+        end
+        save_forwarding_port_rule_id(state, res['createportforwardingruleresponse']['id'])
+      end
+      def release_public_ip(state)
+        info("Disassociating public ip...")
+        begin
+          res = compute.disassociate_ip_address(state[:ipaddressid])
+        rescue Fog::Compute::Cloudstack::BadRequest => e
+          error(e) unless e.to_s.match?(/does not exist/)
+        else
+          job_status = compute.query_async_job_result(res['disassociateipaddressresponse']['jobid'])
+          unless job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 0
+            error("Error disassociating public ip")
+          end
+        end
+        if state[:firewall_rule_id]
+          info("Removing firewall rule '#{state[:firewall_rule_id]}'")
+          begin
+            res = compute.delete_firewall_rule(state[:firewall_rule_id])
+          rescue Fog::Compute::Cloudstack::BadRequest => e
+            error(e) unless e.to_s.match?(/does not exist/)
+          else
+            job_status = compute.query_async_job_result(res['deletefirewallruleresponse']['jobid'])
+            unless job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 0
+              error("Error removing firewall rule '#{state[:firewall_rule_id]}'")
+            end
+          end
+        end
+      end
+      def delete_port_forward(state)
+        info("Deleting port forwarding rules...")
+        begin
+          res = compute.delete_port_forwarding_rule(state[:forwardingruleid])
+        rescue Fog::Compute::Cloudstack::BadRequest => e
+          error(e) unless e.to_s.match?(/does not exist/)
+        else
+          job_status = compute.query_async_job_result(res['deleteportforwardingruleresponse']['jobid'])
+          unless job_status['queryasyncjobresultresponse'].fetch('jobstatus').to_i == 0
+            error("Error deleting port forwarding rules")
+          end
+        end
+      end
+      def get_vpc_id
+        compute.list_networks['listnetworksresponse']['network']
+          .select{|e| e['id'] == config[:cloudstack_network_id]}.first['vpcid']
+      end
+      def get_public_ip(public_ip_uuid)
+        compute.list_public_ip_addresses['listpublicipaddressesresponse']['publicipaddress']
+          .select{|e| e['id'] == public_ip_uuid}
+          .first['ipaddress']
+      end
+      def save_ipaddress_id(state, job_status)
+        state[:ipaddressid] = job_status['queryasyncjobresultresponse']
+                                .fetch('jobresult')
+                                .fetch('ipaddress')
+                                .fetch('id')
+      end
+      def save_firewall_rule_id(state, job_status)
+        state[:firewall_rule_id] = job_status['queryasyncjobresultresponse']
+                                .fetch('jobresult')
+                                .fetch('firewallrule')
+                                .fetch('id')
+      end
+      def save_forwarding_port_rule_id(state, uuid)
+        state[:forwardingruleid] = uuid
+      end
+      def default_public_ip(server_info)
+        config[:cloudstack_vm_public_ip] || server_info.fetch('nic').first.fetch('ipaddress')
+      end
+    end
+  end
+end