knife-azure 1.0.0 → 1.0.2

data/{readme.rdoc → README.rdoc}

@@ -2,18 +2,42 @@
 
 Description: This plugin supports listing, creating, and deleting Azure instances bootstrapped with chef client.
 
+==Generating the Management Certifcate (PEM)
+The Management Certificate is required for secure communication with the Windows Azure Platform via the REST APIs.
+Follow these steps to generate the certificate
+
+1. Download the settings file from http://go.microsoft.com/fwlink/?LinkId=254432
+2. Extract the data from the ManagementCertificate field into a separate file named - cert.pfx
+3. Decode the certificate file :
+
+ base64 -d cert.pfx > cert_decoded.pfx
+
+4. Convert the decoded PFX file to a PEM file
+
+ openssl pkcs12 -in cert_decoded.pfx -out managementCertificate.pem -nodes
+
+It is possible to generate your own certificates and upload them. More Detailed Documentation about the Management Certificates is available : https://www.windowsazure.com/en-us/manage/linux/common-tasks/manage-certificates/
+
 ==Installation:
+The plugin relies on SSL for communication and hence requires the SSL certifcate is setup. The Environment variable SSL_CERT_FILE should point to the full path of the SSL Certificate file.(optional)
+
 Be sure you are running the latest version Chef. Versions earlier than 0.10.0 don’t support plugins:
 
 gem install chef
-This plugin is distributed as a Ruby Gem. To install it, run:
 
-gem install knife-azure 
+This plugin is distributed as a Ruby Gem. To install it, with missing dependencies run:
+
+bundle install
+
+If you make any changes to the knife plugin code and want to re-install the plugin:
+
+rake install
+
 Depending on your system’s configuration, you may need to run this command with root privileges.
 
 ==Requirements:
 
-Due to a bug in mixlib-authentication, Chef node names must be 91 characters or shorter. Chef uses the host name by default, however the host names provided by Azure are very long. 
+Due to a bug in mixlib-authentication, Chef node names must be 91 characters or shorter. Chef uses the host name by default, however the host names provided by Azure are very long.
 
 You must use the '-N NODE_NAME' flag with 'knife azure' to specify a node name to be used by Chef that is less than 91 characters.
 
@@ -28,15 +52,22 @@ option :azure_subscription_id,
   :long => "--azure-subscription-id ID",
   :description => "Your Azure subscription ID",
 
-option :azure_pem_file,
+option :azure_mgmt_cert,
   :short => "-p FILENAME",
-  :long => "--azure-pem-filename FILENAME",
-  :description => "Your Azure PEM file name",
+  :long => "--azure-mgmt-cert FILENAME",
+  :description => "Your Azure Management Certificate File",
 
 option :azure_host_name,
   :short => "-H HOSTNAME",
-  :long => "--azure_host_name HOSTNAME",
+  :long => "--azure-host-name HOSTNAME",
   :description => "Your Azure host name",
+  :default => "management.core.windows.net"
+
+option :verify_ssl_cert,
+  :long => "--verify-ssl-cert",
+  :description => "Verify SSL Certificates for communication over HTTPS",
+  :boolean => true,
+  :default => false
 
 Options used with the Create subcommand:
 option :chef_node_name,
@@ -72,7 +103,7 @@ option :distro,
   :short => "-d DISTRO",
   :long => "--distro DISTRO",
   :description => "Bootstrap a distro using a template",
-  :default => "chef-full"
+  :default => "ubuntu10.04-gems"
 
 option :template_file,
   :long => "--template-file TEMPLATE",
@@ -96,20 +127,29 @@ option :hosted_service_name,
   :long => "--hosted-service-name NAME",
   :description => "specifies the name for the hosted service"
 
+option :hosted_service_description,
+  :short => "-D DESCRIPTION",
+  :long => "--hosted_service_description DESCRIPTION",
+  :description => "Description for the hosted service"
+
 option :role_name,
   :short => "-R name",
   :long => "-- role-name NAME",
   :description => "specifies the name for the virtual machine"
 
 option :host_name,
-  :short => "-H NAME",
   :long => "--host-name NAME",
   :description => "specifies the host name for the virtual machine"
 
-option :media_location_prefix,
-  :short => "-m PREFIX",
-  :long => "--media-location-prefix PREFIX",
-  :description => "user account name (used for constructing os disk media link)"
+option :storage_account,
+  :short => "-a NAME",
+  :long => "--storage-account NAME",
+  :description => "specifies the name for the hosted service"
+
+option :service_location,
+  :short => "-m LOCATION",
+  :long => "--service-location LOCATION",
+  :description => "specify the Geographic location for the virtual machine and services. eg. West US, East US, North Europe East Asia etc"
 
 option :os_disk_name,
   :short => "-o DISKNAME",
@@ -138,11 +178,13 @@ option :udp_endpoints,
 
 
 ====Here are some lines with example values in a knife.rb file:
-knife[:azure_subscription_id] = "YOUR-GUID"
+knife[:azure_subscription_id] = "155a9851-88a8-49b4-98e4-58055f08f412"
 
-knife[:azure_pem_file] = "YOUR-CERT.pem"
+knife[:azure_mgmt_cert] = "ManagementCertificate.pem"
 
-knife[:azure_host_name] = "azure-api-endpoint"
+knife[:azure_host_name] = "management.core.windows.net"
+
+knife[:service_location] = 'West US'
 
 knife[:hosted_service_name]='service001'
 
@@ -150,11 +192,11 @@ knife[:role_name]='role105'
 
 knife[:host_name]='host105'
 
-knife[:ssh_user]='yoursshuser'
+knife[:ssh_user]='jetstream'
 
-knife[:ssh_password]='yoursshpw'
+knife[:ssh_password]='jetstream1!'
 
-knife[:media_location_prefix]='auxpreview104'
+knife[:storage_account]='auxpreview104'
 
 knife[:os_disk_name]='disk107'
 
@@ -184,13 +226,13 @@ knife[:role_size]='Small'
 This plugin provides the following Knife subcommands. Specific command options can be found by invoking the subcommand with a --help flag
 
 ===knife azure server create
-Provisions a new server in Azure and then perform a Chef bootstrap (using the SSH protocol). The goal of the bootstrap is to get Chef installed on the target system so it can run Chef Client with a Chef Server. The main assumption is a baseline OS installation exists (provided by the provisioning). It is primarily intended for Chef Client systems that talk to a Chef server. By default the server is bootstrapped using the ubuntu10.04-gems template. This can be overridden using the -d or --template-file command options.
+Provisions a new server in Azure and then perform a Chef bootstrap (using the SSH protocol). The goal of the bootstrap is to get Chef installed on the target system so it can run Chef Client with a Chef Server. The main assumption is a baseline OS installation exists (provided by the provisioning). It is primarily intended for Chef Client systems that talk to a Chef server. By default the server is bootstrapped using the ubuntu10.04-gems template. This can be overridden using the -d or --template-file command options. (*** Note that at the current time only CentOS is supported for bootstrapping and required the :distro to be set to centos5-gems. There is a fix in the works from Christpher Brown in mixlib-authentication I believe that fixes an RSA encryption too long error that occurs for some hostnames during bootstrap. ***)
 
 ===knife azure server delete [role_name_to_delete]
-Deletes an existing server(role) in the currently configured AWS account. PLEASE NOTE - By default, this does not delete the associated node and client objects from the Chef server. To do so, add the --purge flag.
+Deletes an existing server(role) in the currently configured Azure account. PLEASE NOTE - By default, this does not delete the associated node and client objects from the Chef server. To do so, add the --purge flag.
 
 ===knife azure server list
-Outputs a list of all servers in the currently configured AWS account. PLEASE NOTE - this shows all instances associated with the account, some of which may not be currently managed by the Chef server.
+Outputs a list of all servers in the currently configured Azure account. PLEASE NOTE - this shows all instances associated with the account, some of which may not be currently managed by the Chef server.
 
 ===knife azure server describe [role_name_to_describe]
 Outputs detail about a specific role, including all the ports that it has open
@@ -198,13 +240,13 @@ Outputs detail about a specific role, including all the ports that it has open
 ===knife azure image list
 Outputs a list of all linux images that are available to use for provisioning. You should choose one of these to use for the :source_image parameter to the server create command.
 
+
+===knife azure server describe
+Output additional information about the provisioned Virtual Machine
+
 == Understanding Azure
 Azure implements the following hierarchy - subscription=>hosted service=>deployment=>role (and the guest operating system has a hostname as well, which uses the role as its container)
 
 These are generally a one to many relationship from top to bottom, however there are two anamolies relating to the deployment
 1) a hosted service can have more than one deployment, but that seems to be an artifact of the PAAS origins of Azure. PAAS allows there to be one staging and one production deployment per hosted service. It is my understanding (and how the code works) that there should be only one deployment per hosted service. Some initial internal code I examined used the technique of looking at the "production" deployment slot to iterate for existing roles. If a create request occurs and a deployment does not exist, it is created and given the same name as the hosted service and the deployment slot is marked as "production".
 2) Azure enforces that a deployment must include the initial role when it is created. It also will not allow you to delete a role if it is the last remaining role in a deployment; in that case you are required to delete the deployment.
-
-==Tests:
-
-The tests require a subscription id to be places in spec/spec_helper.rb and the associated private key to be placed in 'AzureLinuxCert.pem' in the top level directory. Then run 'rake spec'

data/lib/azure/connection.rb

@@ -18,6 +18,7 @@
 require File.expand_path('../utility', __FILE__)
 require File.expand_path('../rest', __FILE__)
 require File.expand_path('../host', __FILE__)
+require File.expand_path('../storageaccount', __FILE__)
 require File.expand_path('../deploy', __FILE__)
 require File.expand_path('../role', __FILE__)
 require File.expand_path('../disk', __FILE__)
@@ -26,10 +27,11 @@ require File.expand_path('../image', __FILE__)
 class Azure
   class Connection
     include AzureAPI
-    attr_accessor :hosts, :rest, :images, :deploys, :roles, :disks
+    attr_accessor :hosts, :rest, :images, :deploys, :roles, :disks, :storageaccounts
     def initialize(params={})
       @rest = Rest.new(params)
       @hosts = Hosts.new(self)
+      @storageaccounts = StorageAccounts.new(self)
       @images = Images.new(self)
       @deploys = Deploys.new(self)
       @roles = Roles.new(self)

data/lib/azure/deploy.rb

@@ -45,6 +45,9 @@ class Azure
       unless @connection.hosts.exists(params[:hosted_service_name])
         @connection.hosts.create(params)
       end 
+      unless @connection.storageaccounts.exists(params[:storage_account])
+        @connection.storageaccounts.create(params)
+      end
       params['deploy_name'] = find(params[:hosted_service_name])
       if params['deploy_name'] != nil
         role = Role.new(@connection)

data/lib/azure/host.rb

@@ -77,8 +77,8 @@ class Azure
         xml.CreateHostedService('xmlns'=>'http://schemas.microsoft.com/windowsazure') {
           xml.ServiceName params[:hosted_service_name]
           xml.Label Base64.encode64(params[:hosted_service_name])
-          xml.Description params['hosted_service_description'] || 'Explicitly created hosted service'
-          xml.Location params['hosted_service_location'] || 'Windows Azure Preview'
+          xml.Description params[:hosted_service_description] || 'Explicitly created hosted service'
+          xml.Location params[:service_location] || 'West US'
         }
       end
       @connection.query_azure("hostedservices", "post", builder.to_xml)

data/lib/azure/image.rb

@@ -51,8 +51,8 @@ class Azure
       @label = image.at_css('Label').content
       @name = image.at_css('Name').content
       @os = image.at_css('OS').content
-      @eula = image.at_css('Eula').content
-      @description = image.at_css('Description').content
+      @eula = image.at_css('Eula').content if image.at_css('Eula')
+      @description = image.at_css('Description').content if image.at_css('Description')
     end
   end
 end

data/lib/azure/rest.rb

@@ -24,8 +24,9 @@ module AzureAPI
   class Rest
     def initialize(params)
       @subscription_id = params[:azure_subscription_id]
-      @pem_file = File.read find_pem(params[:azure_pem_file])
+      @pem_file = File.read find_pem(params[:azure_mgmt_cert])
       @host_name = params[:azure_host_name]
+      @verify_ssl = params[:verify_ssl_cert]
     end
     def find_pem(name)
       config_dir = Chef::Knife.chef_config_dir
@@ -60,9 +61,13 @@ module AzureAPI
     def http_setup(uri)
       http = Net::HTTP.new(uri.host, uri.port)
       store = OpenSSL::X509::Store.new
-      store.add_cert(OpenSSL::X509::Certificate.new(File.read(find_pem("cacert.pem"))))
+      store.set_default_paths
       http.cert_store = store
-      http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      if @verify_ssl
+        http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      else
+        http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      end
       http.use_ssl = true
       http.cert = OpenSSL::X509::Certificate.new(@pem_file)
       http.key = OpenSSL::PKey::RSA.new(@pem_file)

data/lib/azure/role.rb

@@ -165,7 +165,7 @@ class Azure
           }
           xml.Label Base64.encode64(params[:role_name]).strip
           xml.OSVirtualHardDisk {
-            xml.MediaLink 'http://' + params[:media_location_prefix] + 'imagestore.blob.core.azure-preview.com/os-disks/' + (params[:os_disk_name] || Time.now.strftime('disk_%Y_%m_%d_%H_%M'))
+            xml.MediaLink 'http://' + params[:storage_account] + '.blob.core.windows.net/vhds/' + (params[:os_disk_name] || Time.now.strftime('disk_%Y_%m_%d_%H_%M')) + '.vhd'
             xml.SourceImageName params[:source_image]
           }
           xml.RoleSize params[:role_size]

data/lib/azure/storageaccount.rb

@@ -0,0 +1,87 @@
+#
+# Author:: Barry Davis (barryd@jetstreamsoftware.com)
+# Copyright:: Copyright (c) 2010-2011 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+class Azure
+  class StorageAccounts
+    def initialize(connection)
+      @connection=connection
+    end
+    def all
+      storage_accounts = Array.new
+      responseXML = @connection.query_azure('storageservices')
+      servicesXML = responseXML.css('StorageServices StorageService')
+      servicesXML.each do |serviceXML|
+        storage_account = StorageAccount.new(@connection)
+        storage_accounts << storage_account.parse(serviceXML)
+      end
+      storage_accounts
+    end
+    def exists(name)
+      storageExists = false
+      self.all.each do |storage|
+        next unless storage.name == name
+        storageExists = true
+      end
+      storageExists
+    end
+    def create(params)
+      storage = StorageAccount.new(@connection)
+      storage.create(params)
+    end
+    def clear_unattached
+      self.all.each do |storage|
+        next unless storage.attached == false
+        @connection.query_azure('storageaccounts/' + storage.name, 'delete')
+      end
+    end
+  end
+end
+
+class Azure
+  class StorageAccount
+    include AzureUtility
+    attr_accessor :name, :location
+    attr_accessor :affinityGroup, :location, :georeplicationenabled
+    def initialize(connection)
+      @connection = connection
+    end
+    def parse(serviceXML)
+      @name = xml_content(serviceXML, 'ServiceName')
+      @description = xml_content(serviceXML, 'Description')
+      @label = xml_content(serviceXML, 'Label')
+      @affinitygroup = xml_content(serviceXML, 'AffinityGroup')
+      @location = xml_content(serviceXML, 'Location')
+      @georeplicationenabled = xml_content(serviceXML, 'GeoReplicationEnabled')
+      @extendpropertyname = xml_content(serviceXML, 'ExtendedProperties ExtendedProperty Name')
+      @extendpropertyvalue = xml_content(serviceXML, 'ExtendedProperties ExtendedProperty Value')
+      self
+    end
+    def create(params)
+      builder = Nokogiri::XML::Builder.new do |xml|
+        xml.CreateStorageServiceInput('xmlns'=>'http://schemas.microsoft.com/windowsazure') {
+          xml.ServiceName params[:storage_account]
+          xml.Label Base64.encode64(params[:storage_account])
+          xml.Description params[:storage_account_description] || 'Explicitly created storage service'
+          # Location defaults to 'West US'
+          xml.Location params[:service_location] || 'West US'
+        }
+      end
+      @connection.query_azure("storageservices", "post", builder.to_xml)
+    end
+  end
+end

data/lib/chef/knife/azure_base.rb

@@ -41,32 +41,36 @@ class Chef
             :description => "Your Azure subscription ID",
             :proc => Proc.new { |key| Chef::Config[:knife][:azure_subscription_id] = key }
 
-          option :azure_pem_file,
+          option :azure_mgmt_cert,
             :short => "-p FILENAME",
-            :long => "--azure-pem-filename FILENAME",
+            :long => "--azure-mgmt-cert FILENAME",
             :description => "Your Azure PEM file name",
-            :proc => Proc.new { |key| Chef::Config[:knife][:azure_pem_file] = key }
+            :proc => Proc.new { |key| Chef::Config[:knife][:azure_mgmt_cert] = key }
 
           option :azure_host_name,
             :short => "-H HOSTNAME",
-            :long => "--azure_host_name HOSTNAME",
+            :long => "--azure-host-name HOSTNAME",
             :description => "Your Azure host name",
-            :proc => Proc.new { |key| Chef::Config[:knife][:azure_host_name] = key }
-
+            :proc => Proc.new { |key| Chef::Config[:knife][:azure_host_name] = key },
+            :default => "management.core.windows.net"
+
+          option :verify_ssl_cert,
+            :long => "--verify-ssl-cert",
+            :description => "Verify SSL Certificates for communication over HTTPS",
+            :boolean => true,
+            :default => false
         end
       end
 
       def connection
         @connection ||= begin
                           connection = Azure::Connection.new(
-                            :azure_subscription_id => 
-                            config[:azure_subscription_id] || Chef::Config[:knife][:azure_subscription_id],
-                              :azure_pem_file => 
-                            config[:azure_pem_file] || Chef::Config[:knife][:azure_pem_file],
-                              :azure_host_name => 
-                            config[:azure_host_name] || Chef::Config[:knife][:azure_host_name]
+                            :azure_subscription_id => locate_config_value(:azure_subscription_id),
+                            :azure_mgmt_cert => locate_config_value(:azure_mgmt_cert),
+                            :azure_host_name => locate_config_value(:azure_host_name),
+                            :verify_ssl_cert => locate_config_value(:verify_ssl_cert)
                           )
-                        end        
+                        end
       end
 
       def locate_config_value(key)
@@ -80,12 +84,12 @@ class Chef
         end
       end
 
-      def validate!(keys=[:azure_subscription_id, :azure_pem_file, :azure_host_name])
+      def validate!(keys=[:azure_subscription_id, :azure_mgmt_cert, :azure_host_name])
         errors = []
 
         keys.each do |k|
           pretty_key = k.to_s.gsub(/_/, ' ').gsub(/\w+/){ |w| (w =~ /(ssh)|(aws)/i) ? w.upcase  : w.capitalize }
-          if Chef::Config[:knife][k].nil?
+          if locate_config_value(k).nil?
             errors << "You did not provide a valid '#{pretty_key}' value."
           end
         end
@@ -98,5 +102,3 @@ class Chef
     end
   end
 end
-
-

data/lib/chef/knife/azure_image_list.rb

@@ -18,6 +18,7 @@
 # limitations under the License.
 #
 
+require 'highline'
 require File.expand_path('../azure_base', __FILE__)
 
 class Chef
@@ -28,6 +29,10 @@ class Chef
 
       banner "knife azure image list (options)"
 
+      def h
+        @highline ||= HighLine.new
+      end
+
       def run
         $stdout.sync = true
 
@@ -35,23 +40,21 @@ class Chef
 
         image_list = [
           ui.color('Name', :bold),
-          #ui.color('Category', :bold),
-          #ui.color('Label', :bold),
-          #ui.color('OS', :bold),
-          #ui.color('Eula', :bold),
+          ui.color('Category', :bold),
+          ui.color('Label', :bold),
+          ui.color('OS', :bold),
         ]
         items = connection.images.all
         items.each do |image|
           if image.os == 'Linux'
             image_list << image.name.to_s
-            #image_list << image.category.to_s
-            #image_list << image.label.to_s
-            #image_list << image.os.to_s
-            #image_list << image.eula.to_s
+            image_list << image.category.to_s
+            image_list << image.label.to_s
+            image_list << image.os.to_s
           end
         end
-        puts ''
-        puts ui.list(image_list, :columns_across, 1)
+        puts "\n"
+        puts h.list(image_list, :columns_across, 4)
       end
     end
   end