knife-cloudstack 0.0.13 → 0.0.14

data/lib/chef/knife/cs_oscategory_list.rb

@@ -0,0 +1,78 @@
+#
+# Author:: Sander Botman (<sbotman@schubergphilis.com>)
+# Copyright:: Copyright (c) 2013 Sander Botman.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife/cs_base'
+require 'chef/knife/cs_baselist'
+
+module KnifeCloudstack
+  class CsOscategoryList < Chef::Knife
+
+    include Chef::Knife::KnifeCloudstackBase
+    include Chef::Knife::KnifeCloudstackBaseList
+
+    deps do
+      require 'knife-cloudstack/connection'
+      Chef::Knife.load_deps
+    end
+
+    banner "knife cs oscategory list (options)"
+
+    option :keyword,
+           :long => "--keyword KEY",
+           :description => "List by keyword"
+
+    def run
+      validate_base_options
+
+      if locate_config_value(:fields)
+        object_list = []
+        locate_config_value(:fields).split(',').each { |n| object_list << ui.color(("#{n}").strip, :bold) }
+      else
+        object_list = [
+          ui.color('Name', :bold),
+          ui.color('ID', :bold),
+        ]
+      end
+
+      columns = object_list.count
+      object_list = [] if locate_config_value(:noheader)
+
+      connection_result = connection.list_object(
+        "listOsCategories",
+        "oscategory",
+        locate_config_value(:filter),
+        false,
+        locate_config_value(:keyword)
+      )
+
+      output_format(connection_result)
+
+      connection_result.each do |r|
+       if locate_config_value(:fields)
+          locate_config_value(:fields).downcase.split(',').each { |n| object_list << ((r[("#{n}").strip]).to_s || 'N/A') }
+        else
+          object_list << r['name'].to_s
+          object_list << r['id'].to_s
+        end
+      end
+      puts ui.list(object_list, :uneven_columns_across, columns)
+      list_object_fields(connection_result) if locate_config_value(:fieldlist)
+    end
+
+  end
+end

data/lib/chef/knife/cs_ostype_list.rb

@@ -0,0 +1,80 @@
+#
+# Author:: Sander Botman (<sbotman@schubergphilis.com>)
+# Copyright:: Copyright (c) 2013 Sander Botman.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife/cs_base'
+require 'chef/knife/cs_baselist'
+
+module KnifeCloudstack
+  class CsOstypeList < Chef::Knife
+
+    include Chef::Knife::KnifeCloudstackBase
+    include Chef::Knife::KnifeCloudstackBaseList
+
+    deps do
+      require 'knife-cloudstack/connection'
+      Chef::Knife.load_deps
+    end
+
+    banner "knife cs ostype list (options)"
+
+    option :keyword,
+           :long => "--keyword KEY",
+           :description => "List by keyword"
+
+    def run
+      validate_base_options
+
+      if locate_config_value(:fields)
+        object_list = []
+        locate_config_value(:fields).split(',').each { |n| object_list << ui.color(("#{n}").strip, :bold) }
+      else
+        object_list = [
+          ui.color('ID', :bold),
+          ui.color('Description', :bold),
+          ui.color('OS Categorie ID', :bold)
+        ]
+      end
+
+      columns = object_list.count
+      object_list = [] if locate_config_value(:noheader)
+
+      connection_result = connection.list_object(
+        "listOsTypes",
+        "ostype",
+        locate_config_value(:filter),
+        false,
+        locate_config_value(:keyword)
+      )
+
+      output_format(connection_result)
+
+      connection_result.each do |r|
+       if locate_config_value(:fields)
+          locate_config_value(:fields).downcase.split(',').each { |n| object_list << ((r[("#{n}").strip]).to_s || 'N/A') }
+        else
+          object_list << r['id'].to_s
+          object_list << r['description'].to_s
+          object_list << r['oscategoryid'].to_s
+        end
+      end
+      puts ui.list(object_list, :uneven_columns_across, columns)
+      list_object_fields(connection_result) if locate_config_value(:fieldlist)
+    end
+
+  end
+end

data/lib/chef/knife/cs_pod_list.rb

@@ -0,0 +1,93 @@
+#
+# Author:: Sander Botman (<sbotman@schubergphilis.com>)
+# Copyright:: Copyright (c) 2013 Sander Botman.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife/cs_base'
+require 'chef/knife/cs_baselist'
+
+module KnifeCloudstack
+  class CsPodList < Chef::Knife
+
+    include Chef::Knife::KnifeCloudstackBase
+    include Chef::Knife::KnifeCloudstackBaseList
+
+    deps do
+      require 'knife-cloudstack/connection'
+      Chef::Knife.load_deps
+    end
+
+    banner "knife cs pod list (options)"
+
+    option :name,
+           :long => "--name NAME",
+           :description => "Specify router pod to list"
+
+    option :keyword,
+           :long => "--keyword KEY",
+           :description => "List by keyword"
+
+    def run
+      validate_base_options
+
+      if locate_config_value(:fields)
+        object_list = []
+        locate_config_value(:fields).split(',').each { |n| object_list << ui.color(("#{n}").strip, :bold) }
+      else
+        object_list = [
+          ui.color('Name', :bold),
+          ui.color('Zone', :bold),
+          ui.color('Gateway', :bold),
+          ui.color('Netmask', :bold),
+          ui.color('Start IP', :bold),
+          ui.color('End IP', :bold),
+          ui.color('AllocationState', :bold)
+        ]
+      end
+
+      columns = object_list.count
+      object_list = [] if locate_config_value(:noheader)
+
+      connection_result = connection.list_object(
+        "listPods",
+        "pod",
+        locate_config_value(:filter),
+        false,
+        locate_config_value(:keyword),
+        locate_config_value(:name)
+      )
+
+      output_format(connection_result)
+
+      connection_result.each do |r|
+       if locate_config_value(:fields)
+          locate_config_value(:fields).downcase.split(',').each { |n| object_list << ((r[("#{n}").strip]).to_s || 'N/A') }
+        else
+          object_list << r['name'].to_s
+          object_list << r['zonename'].to_s
+          object_list << r['gateway'].to_s
+          object_list << r['netmask'].to_s
+          object_list << r['startip'].to_s
+          object_list << r['endip'].to_s
+          object_list << r['allocationstate'].to_s
+        end
+      end
+      puts ui.list(object_list, :uneven_columns_across, columns)
+      list_object_fields(connection_result) if locate_config_value(:fieldlist)
+    end
+
+  end
+end

data/lib/chef/knife/cs_project_list.rb

@@ -0,0 +1,92 @@
+#
+# Author:: Sander Botman (<sbotman@schubergphilis.com>)
+# Copyright:: Copyright (c) 2013 Sander Botman.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife/cs_base'
+require 'chef/knife/cs_baselist'
+
+module KnifeCloudstack
+  class CsProjectList < Chef::Knife
+
+    include Chef::Knife::KnifeCloudstackBase
+    include Chef::Knife::KnifeCloudstackBaseList
+
+    deps do
+      require 'knife-cloudstack/connection'
+      Chef::Knife.load_deps
+    end
+
+    banner "knife cs project list (options)"
+
+    option :listall,
+           :long => "--listall",
+           :description => "List all projects",
+           :boolean => true
+
+    option :name,
+           :long => "--name NAME",
+           :description => "Specify project name to list"
+
+    option :keyword,
+           :long => "--keyword KEY",
+           :description => "List by keyword"
+
+    def run
+      validate_base_options
+
+      if locate_config_value(:fields)
+        object_list = []
+        locate_config_value(:fields).split(',').each { |n| object_list << ui.color(("#{n}").strip, :bold) }
+      else
+        object_list = [
+          ui.color('Name', :bold),
+          ui.color('Account', :bold),
+          ui.color('Domain', :bold),
+          ui.color('State', :bold),
+        ]
+      end
+
+      columns = object_list.count
+      object_list = [] if locate_config_value(:noheader)
+
+      connection_result = connection.list_object(
+        "listProjects",
+        "project",
+        locate_config_value(:filter),
+        locate_config_value(:listall),
+        locate_config_value(:keyword),
+        locate_config_value(:name)
+      )
+
+      output_format(connection_result)
+
+      connection_result.each do |r|
+       if locate_config_value(:fields)
+          locate_config_value(:fields).downcase.split(',').each { |n| object_list << ((r[("#{n}").strip]).to_s || 'N/A') }
+        else
+          object_list << r['name'].to_s
+          object_list << r['account'].to_s
+          object_list << r['domain'].to_s
+          object_list << r['state'].to_s
+        end
+      end
+      puts ui.list(object_list, :uneven_columns_across, columns)
+      list_object_fields(connection_result) if locate_config_value(:fieldlist)
+    end
+
+  end
+end

data/lib/chef/knife/cs_router_list.rb

@@ -0,0 +1,94 @@
+#
+# Author:: Sander Botman (<sbotman@schubergphilis.com>)
+# Copyright:: Copyright (c) 2013 Sander Botman.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/knife/cs_base'
+require 'chef/knife/cs_baselist'
+
+module KnifeCloudstack
+  class CsRouterList < Chef::Knife
+
+    include Chef::Knife::KnifeCloudstackBase
+    include Chef::Knife::KnifeCloudstackBaseList
+
+    deps do
+      require 'knife-cloudstack/connection'
+      Chef::Knife.load_deps
+    end
+
+    banner "knife cs router list (options)"
+
+    option :listall,
+           :long => "--listall",
+           :description => "List all routers",
+           :boolean => true
+
+    option :name,
+           :long => "--name NAME",
+           :description => "Specify router name to list"
+
+    option :keyword,
+           :long => "--keyword KEY",
+           :description => "List by keyword"
+
+    def run
+      validate_base_options
+
+      if locate_config_value(:fields)
+        object_list = []
+        locate_config_value(:fields).split(',').each { |n| object_list << ui.color(("#{n}").strip, :bold) }
+      else
+        object_list = [
+          ui.color('Name', :bold),
+          ui.color('Account', :bold),
+          ui.color('Domain', :bold),
+          ui.color('State', :bold),
+          ui.color('Address', :bold)
+        ]
+      end
+
+      columns = object_list.count
+      object_list = [] if locate_config_value(:noheader)
+
+      connection_result = connection.list_object(
+        "listRouters",
+        "router",
+        locate_config_value(:filter),
+        locate_config_value(:listall),
+        locate_config_value(:keyword),
+        locate_config_value(:name)
+      )
+
+      output_format(connection_result)
+
+      connection_result.each do |r|
+       if locate_config_value(:fields)
+          locate_config_value(:fields).downcase.split(',').each { |n| object_list << ((r[("#{n}").strip]).to_s || 'N/A') }
+        else
+          object_list << r['name'].to_s
+          object_list << r['account'].to_s
+          object_list << r['domain'].to_s
+          object_list << r['state'].to_s
+          object_list << r['publicip'].to_s
+        end
+      end
+      puts ui.list(object_list, :uneven_columns_across, columns)
+      list_object_fields(connection_result) if locate_config_value(:fieldlist)
+    end
+
+  end
+end

data/lib/chef/knife/cs_server_create.rb

@@ -1,6 +1,8 @@
 #
 # Author:: Ryan Holmes (<rholmes@edmunds.com>)
+# Author:: Sander Botman (<sbotman@schubergphilis.com>)
 # Copyright:: Copyright (c) 2011 Edmunds, Inc.
+# Copyright:: Copyright (c) 2013 Sander Botman.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,17 +18,13 @@
 # limitations under the License.
 #
 
-require 'chef/knife'
-require 'json'
+require 'chef/knife/cs_base'
 require 'chef/knife/winrm_base'
-require 'winrm'
-require 'httpclient'
-require 'em-winrm'
-
 
 module KnifeCloudstack
   class CsServerCreate < Chef::Knife
 
+    include Chef::Knife::KnifeCloudstackBase
     include Chef::Knife::WinrmBase
 
     # Seconds to delay between detecting ssh and initiating the bootstrap
@@ -43,11 +41,16 @@ module KnifeCloudstack
       require 'chef/knife/bootstrap_windows_ssh'
       require 'chef/knife/core/windows_bootstrap_context'
       require 'chef/knife/winrm'
-      Chef::Knife::Bootstrap.load_deps
       require 'socket'
       require 'net/ssh/multi'
+      require 'chef/knife'
+      require 'chef/knife/bootstrap'
       require 'chef/json_compat'
       require 'knife-cloudstack/connection'
+      require 'winrm'
+      require 'httpclient'
+      require 'em-winrm'
+      Chef::Knife::Bootstrap.load_deps
     end
 
     banner "knife cs server create [SERVER_NAME] (options)"
@@ -78,6 +81,15 @@ module KnifeCloudstack
            :proc => lambda { |n| n.split(',').map {|sn| sn.strip}} ,
            :default => []
 
+    option :cloudstack_hypervisor,
+           :long => '--cloudstack-hypervisor HYPERVISOR',
+           :description => "The CloudStack hypervisor type for the server"
+
+    option :cloudstack_password,
+           :long => "--cloudstack-password",
+           :description => "Enables auto-generated passwords by Cloudstack",
+           :boolean => true
+
     option :public_ip,
            :long => "--[no-]public-ip",
            :description => "Allocate a public IP for this server",
@@ -99,7 +111,6 @@ module KnifeCloudstack
            :long => "--ssh-password PASSWORD",
            :description => "The ssh password"
 
-
     option :ssh_port,
            :long => "--ssh-port PORT",
            :description => "The ssh port",
@@ -110,24 +121,6 @@ module KnifeCloudstack
            :long => "--identity-file IDENTITY_FILE",
            :description => "The SSH identity file used for authentication"
 
-    option :cloudstack_url,
-           :short => "-U URL",
-           :long => "--cloudstack-url URL",
-           :description => "The CloudStack API endpoint URL",
-           :proc => Proc.new { |u| Chef::Config[:knife][:cloudstack_url] = u }
-
-    option :cloudstack_api_key,
-           :short => "-A KEY",
-           :long => "--cloudstack-api-key KEY",
-           :description => "Your CloudStack API key",
-           :proc => Proc.new { |k| Chef::Config[:knife][:cloudstack_api_key] = k }
-
-    option :cloudstack_secret_key,
-           :short => "-K SECRET",
-           :long => "--cloudstack-secret-key SECRET",
-           :description => "Your CloudStack secret key",
-           :proc => Proc.new { |s| Chef::Config[:knife][:cloudstack_secret_key] = s }
-
     option :prerelease,
            :long => "--prerelease",
            :description => "Install the pre-release chef gems"
@@ -142,7 +135,7 @@ module KnifeCloudstack
            :long => "--distro DISTRO",
            :description => "Bootstrap a distro using a template",
            :proc => Proc.new { |d| Chef::Config[:knife][:distro] = d },
-           :default => "ubuntu10.04-gems"
+           :default => "chef-full"
 
     option :template_file,
            :long => "--template-file TEMPLATE",
@@ -163,11 +156,11 @@ module KnifeCloudstack
            :boolean => true,
            :default => false
 
-    option :no_bootstrap,
-           :long => "--no-bootstrap",
+    option :bootstrap,
+           :long => "--[no-]bootstrap",
            :description => "Disable Chef bootstrap",
            :boolean => true,
-           :default => false
+           :default => true
 
     option :port_rules,
            :short => "-p PORT_RULES",
@@ -176,46 +169,37 @@ module KnifeCloudstack
            :proc => lambda { |o| o.split(/[\s,]+/) },
            :default => []
 
-    option :cloudstack_project,
-           :short => "-P PROJECT_NAME",
-           :long => '--cloudstack-project PROJECT_NAME',
-           :description => "Cloudstack Project in which to create server",
-           :proc => Proc.new { |v| Chef::Config[:knife][:cloudstack_project] = v },
-           :default => nil
-
     option :static_nat,
-            :long => '--static-nat',
-            :description => 'Support Static NAT',
-            :boolean => true,
-            :default => false
-
-    option :use_http_ssl,
-            :long => '--[no-]use-http-ssl',
-            :description => 'Support HTTPS',
-            :boolean => true,
-            :default => true
-            
-    option :bootstrap_protocol,
-      :long => "--bootstrap-protocol protocol",
-      :description => "Protocol to bootstrap windows servers. options: winrm/ssh",
-      :default => "ssh"
+           :long => '--static-nat',
+           :description => 'Support Static NAT',
+           :boolean => true,
+           :default => false
 
-    option :fqdn,
-      :long => '--fqdn',
-      :description => "FQDN which Kerberos Understands (only for Windows Servers)"
+    option :ipfwd_rules,
+           :long => "--ipfwd-rules PORT_RULES",
+           :description => "Comma separated list of ip forwarding rules, e.g. '1024:10000:TCP,1024:2048,22'",
+           :proc => lambda { |o| o.split(/[\s,]+/) },
+           :default => []
 
+    option :fw_rules,
+           :short => "-f PORT_RULES",
+           :long => "--fw-rules PORT_RULES",
+           :description => "Comma separated list of firewall rules, e.g. '1024:10000:TCP:192.168.0.0/16,25:25:TCP:10.0.0.0/8'",
+           :proc => lambda { |o| o.split(/[\s,]+/) },
+           :default => []
 
-    def connection
-      @connection ||= CloudstackClient::Connection.new(
-          locate_config_value(:cloudstack_url),
-          locate_config_value(:cloudstack_api_key),
-          locate_config_value(:cloudstack_secret_key),
-          locate_config_value(:cloudstack_project),
-          locate_config_value(:use_http_ssl)
-      )
-    end
+    option :bootstrap_protocol,
+           :long => "--bootstrap-protocol protocol",
+           :description => "Protocol to bootstrap windows servers. options: winrm/ssh",
+           :default => "ssh"
+
+    option :fqdn,
+           :long => '--fqdn',
+           :description => "FQDN which Kerberos Understands (only for Windows Servers)"
 
     def run
+      validate_base_options
+
       Chef::Log.debug("Validate hostname and options")
       hostname = @name_args.first
       unless /^[a-zA-Z0-9][a-zA-Z0-9-]*$/.match hostname then
@@ -243,22 +227,33 @@ module KnifeCloudstack
         network: #{locate_config_value(:cloudstack_networks)}")
 
       print "\n#{ui.color("Waiting for Server to be created", :magenta)}"
+      params = {} 
+      params['hypervisor'] = locate_config_value(:cloudstack_hypervisor) if locate_config_value(:cloudstack_hypervisor)
 
       server = connection.create_server(
           hostname,
           locate_config_value(:cloudstack_service),
           locate_config_value(:cloudstack_template),
           locate_config_value(:cloudstack_zone),
-          locate_config_value(:cloudstack_networks)
+          locate_config_value(:cloudstack_networks),
+          params
       )
 
       public_ip = find_or_create_public_ip(server, connection)
 
-      puts "\n\n"
-      puts "#{ui.color('Name', :cyan)}: #{server['name']}"
-      puts "#{ui.color('Public IP', :cyan)}: #{public_ip}"
+      object_fields = []
+      object_fields << ui.color("Name:", :cyan)
+      object_fields << server['name'].to_s
+      object_fields << ui.color("Name:", :cyan) if locate_config_value(:cloudstack_password)
+      object_fields << server['password'] if locate_config_value(:cloudstack_password)
+      object_fields << ui.color("Public IP:", :cyan)
+      object_fields << public_ip
+
+      puts "\n"
+      puts ui.list(object_fields, :uneven_columns_across, 2)
+      puts "\n"
 
-      return if config[:no_bootstrap]
+      return unless config[:bootstrap]
 
       if @bootstrap_protocol == 'ssh'
         print "\n#{ui.color("Waiting for sshd", :magenta)}"
@@ -275,11 +270,20 @@ module KnifeCloudstack
         }
       end
 
+      object_fields = []
+      object_fields << ui.color("Name:", :cyan)
+      object_fields << server['name'].to_s
+      object_fields << ui.color("Public IP:", :cyan)
+      object_fields << public_ip
+      object_fields << ui.color("Environment:", :cyan)
+      object_fields << (config[:environment] || '_default')
+      object_fields << ui.color("Run List:", :cyan)
+      object_fields << config[:run_list].join(', ')
+
+      puts "\n"
+      puts ui.list(object_fields, :uneven_columns_across, 2)
       puts "\n"
-      puts "#{ui.color("Name", :cyan)}: #{server['name']}"
-      puts "#{ui.color("Public IP", :cyan)}: #{public_ip}"
-      puts "#{ui.color("Environment", :cyan)}: #{config[:environment] || '_default'}"
-      puts "#{ui.color("Run List", :cyan)}: #{config[:run_list].join(', ')}"
+
       bootstrap(server, public_ip).run
     end
 
@@ -309,29 +313,31 @@ module KnifeCloudstack
         ui.error "Cloudstack service offering not specified"
         exit 1
       end
-      if locate_config_value(:bootstrap_protocol) == 'ssh'
-        identity_file = locate_config_value :identity_file
-        ssh_user = locate_config_value :ssh_user
-        ssh_password = locate_config_value :ssh_password
-        unless identity_file || (ssh_user && ssh_password)
-          ui.error("You must specify either an ssh identity file or an ssh user and password")
-          exit 1
-        end
-        @bootstrap_protocol = 'ssh'
-      elsif locate_config_value(:bootstrap_protocol) == 'winrm'
-        if not @windows_image
-          ui.error("Only Windows Images support WinRM protocol for bootstrapping.")
-          exit 1
-        end
-        winrm_user = locate_config_value :winrm_user
-        winrm_password = locate_config_value :winrm_password
-        winrm_transport = locate_config_value :winrm_transport
-        winrm_port = locate_config_value :winrm_port
-        unless winrm_user && winrm_password && winrm_transport && winrm_port
-          ui.error("WinRM User, Password, Transport and Port are compulsory parameters")
-          exit 1
+      if config[:bootstrap]
+        if locate_config_value(:bootstrap_protocol) == 'ssh'
+          identity_file = locate_config_value :identity_file
+          ssh_user = locate_config_value :ssh_user
+          ssh_password = locate_config_value :ssh_password
+          unless identity_file || (ssh_user && ssh_password) || locate_config_value(:cloudstack_password)
+            ui.error("You must specify either an ssh identity file or an ssh user and password")
+            exit 1
+          end
+          @bootstrap_protocol = 'ssh'
+        elsif locate_config_value(:bootstrap_protocol) == 'winrm'
+          if not @windows_image
+            ui.error("Only Windows Images support WinRM protocol for bootstrapping.")
+            exit 1
+          end
+          winrm_user = locate_config_value :winrm_user
+          winrm_password = locate_config_value :winrm_password
+          winrm_transport = locate_config_value :winrm_transport
+          winrm_port = locate_config_value :winrm_port
+          unless (winrm_user && winrm_transport && winrm_port) && (locate_config_value(:cloudstack_password) || winrm_password)
+            ui.error("WinRM User, Password, Transport and Port are compulsory parameters")
+            exit 1
+          end
+          @bootstrap_protocol = 'winrm'
         end
-        @bootstrap_protocol = 'winrm'
       end
     end
 
@@ -343,7 +349,6 @@ module KnifeCloudstack
       else
         puts("\nAllocate ip address, create forwarding rules")
         ip_address = connection.associate_ip_address(server['zoneid'], locate_config_value(:cloudstack_networks))
-        #ip_address = connection.get_public_ip_address('202.2.94.158')
         puts("\nAllocated IP Address: #{ip_address['ipaddress']}")
         Chef::Log.debug("IP Address Info: #{ip_address}")
 
@@ -352,21 +357,25 @@ module KnifeCloudstack
           connection.enable_static_nat(ip_address['id'], server['id'])
         end
         create_port_forwarding_rules(ip_address, server['id'], connection)
+        create_ip_forwarding_rules(ip_address, connection)
+        create_firewall_rules(ip_address, connection)
         ip_address['ipaddress']
       end
     end
 
     def create_port_forwarding_rules(ip_address, server_id, connection)
       rules = locate_config_value(:port_rules)
-      if @bootstrap_protocol == 'ssh'
-        rules += ["#{locate_config_value(:ssh_port)}"] #SSH Port
-      elsif @bootstrap_protocol == 'winrm'
-        rules +=[locate_config_value(:winrm_port)]
-      else
-        puts("\nUnsupported bootstrap protocol : #{@bootstrap_protocol}")
-        exit 1
+      if config[:bootstrap]
+        if @bootstrap_protocol == 'ssh'
+          rules += ["#{locate_config_value(:ssh_port)}"] #SSH Port
+        elsif @bootstrap_protocol == 'winrm'
+          rules +=[locate_config_value(:winrm_port)]
+        else
+          puts("\nUnsupported bootstrap protocol : #{@bootstrap_protocol}")
+          exit 1
+        end
       end
-        return unless rules
+      return unless rules
       rules.each do |rule|
         args = rule.split(':')
         public_port = args[0]
@@ -384,6 +393,37 @@ module KnifeCloudstack
       end
     end
 
+    def create_ip_forwarding_rules(ip_address, connection)
+      rules = locate_config_value(:ipfwd_rules)
+      return unless rules
+      rules.each do |rule|
+        args = rule.split(':')
+        startport = args[0]
+        endport = args[1] || args[0]
+        protocol = args[2] || "TCP"
+        if locate_config_value :static_nat
+          Chef::Log.debug("Creating IP Forwarding Rule for
+              #{ip_address['ipaddress']} with protocol: #{protocol}, startport: #{startport}, endport: #{endport}")
+          connection.create_ip_fwd_rule(ip_address['id'], protocol, startport, endport)
+        end
+      end
+    end
+
+    def create_firewall_rules(ip_address, connection)
+      rules = locate_config_value(:fw_rules)
+      return unless rules
+      rules.each do |rule|
+        args = rule.split(':')
+        startport = args[0]
+        endport = args[1] || args[0]
+        protocol = args[2] || "TCP"
+        cidr_list = args[3] || "0.0.0.0/0"
+        Chef::Log.debug("Creating Firewall Rule for
+            #{ip_address['ipaddress']} with protocol: #{protocol}, startport: #{startport}, endport: #{endport}, cidrList: #{cidr_list}")
+        connection.create_firewall_rule(ip_address['id'], protocol, startport, endport, cidr_list)
+      end
+    end
+
     def tcp_test_winrm(hostname, port)
       TCPSocket.new(hostname, port)
       return true
@@ -433,6 +473,7 @@ module KnifeCloudstack
         s && s.close
       end
     end
+
     def is_platform_windows?
       return RUBY_PLATFORM.scan('w32').size > 0
     end
@@ -446,38 +487,43 @@ module KnifeCloudstack
         bootstrap_for_node(server, public_ip)
       end
     end
+
     def bootstrap_for_windows_node(server, fqdn)
-        if locate_config_value(:bootstrap_protocol) == 'winrm'
-            bootstrap = Chef::Knife::BootstrapWindowsWinrm.new
-            if locate_config_value(:kerberos_realm)
-              #Fetch AD/WINS based fqdn if any for Kerberos-based Auth
-              private_ip_address = connection.get_server_default_nic(server)["ipaddress"]
-              fqdn = locate_config_value(:fqdn) || fetch_server_fqdn(private_ip_address)
-            end
-            bootstrap.name_args = [fqdn]
-            bootstrap.config[:winrm_user] = locate_config_value(:winrm_user) || 'Administrator'
-            bootstrap.config[:winrm_password] = locate_config_value(:winrm_password)
-            bootstrap.config[:winrm_transport] = locate_config_value(:winrm_transport)
-            bootstrap.config[:winrm_port] = locate_config_value(:winrm_port)
-
-        elsif locate_config_value(:bootstrap_protocol) == 'ssh'
-            bootstrap = Chef::Knife::BootstrapWindowsSsh.new
-            bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
-            bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
-            bootstrap.config[:ssh_port] = locate_config_value(:ssh_port)
-            bootstrap.config[:identity_file] = locate_config_value(:identity_file)
-            bootstrap.config[:no_host_key_verify] = locate_config_value(:no_host_key_verify)
+      if locate_config_value(:bootstrap_protocol) == 'winrm'
+        bootstrap = Chef::Knife::BootstrapWindowsWinrm.new
+        if locate_config_value(:kerberos_realm)
+          #Fetch AD/WINS based fqdn if any for Kerberos-based Auth
+          private_ip_address = connection.get_server_default_nic(server)["ipaddress"]
+          fqdn = locate_config_value(:fqdn) || fetch_server_fqdn(private_ip_address)
+        end
+        bootstrap.name_args = [fqdn]
+        bootstrap.config[:winrm_user] = locate_config_value(:winrm_user) || 'Administrator'
+        locate_config_value(:cloudstack_password) ? bootstrap.config[:winrm_password] = server['password'] : bootstrap.config[:winrm_password] = locate_config_value(:winrm_password)
+        bootstrap.config[:winrm_transport] = locate_config_value(:winrm_transport)
+        bootstrap.config[:winrm_port] = locate_config_value(:winrm_port)
+      elsif locate_config_value(:bootstrap_protocol) == 'ssh'
+        bootstrap = Chef::Knife::BootstrapWindowsSsh.new
+        if locate_config_value(:cloudstack_password)
+          bootstrap.config[:ssh_user] = locate_config_value(:ssh_user) || 'Administrator'
         else
-            ui.error("Unsupported Bootstrapping Protocol. Supported : winrm, ssh")
-            exit 1
+          bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
         end
-        bootstrap.config[:chef_node_name] = config[:chef_node_name] || server['id']
-        bootstrap.config[:encrypted_data_bag_secret] = config[:encrypted_data_bag_secret]
-        bootstrap.config[:encrypted_data_bag_secret_file] = config[:encrypted_data_bag_secret_file]
-        bootstrap_common_params(bootstrap)
+        locate_config_value(:cloudstack_password) ? bootstrap.config[:ssh_password] = server['password'] : bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
+        bootstrap.config[:ssh_port] = locate_config_value(:ssh_port)
+        bootstrap.config[:identity_file] = locate_config_value(:identity_file)
+        bootstrap.config[:no_host_key_verify] = locate_config_value(:no_host_key_verify)
+      else
+        ui.error("Unsupported Bootstrapping Protocol. Supported : winrm, ssh")
+        exit 1
+      end
+      bootstrap.config[:environment] = locate_config_value(:environment)
+      bootstrap.config[:chef_node_name] = config[:chef_node_name] || server['id']
+      bootstrap.config[:encrypted_data_bag_secret] = config[:encrypted_data_bag_secret]
+      bootstrap.config[:encrypted_data_bag_secret_file] = config[:encrypted_data_bag_secret_file]
+      bootstrap_common_params(bootstrap)
     end
-    def bootstrap_common_params(bootstrap)
 
+    def bootstrap_common_params(bootstrap)
       bootstrap.config[:run_list] = config[:run_list]
       bootstrap.config[:prerelease] = config[:prerelease]
       bootstrap.config[:bootstrap_version] = locate_config_value(:bootstrap_version)
@@ -486,30 +532,25 @@ module KnifeCloudstack
       bootstrap
     end
 
-
     def bootstrap_for_node(server,fqdn)
       bootstrap = Chef::Knife::Bootstrap.new
       bootstrap.name_args = [fqdn]
-      # bootstrap.config[:run_list] = config[:run_list]
-      bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
-      bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
+      if locate_config_value(:cloudstack_password)
+        bootstrap.config[:ssh_user] = locate_config_value(:ssh_user) || 'root'
+      else
+        bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
+      end
+      locate_config_value(:cloudstack_password) ? bootstrap.config[:ssh_password] = server['password'] : bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
       bootstrap.config[:ssh_port] = locate_config_value(:ssh_port) || 22
       bootstrap.config[:identity_file] = locate_config_value(:identity_file)
-      bootstrap.config[:chef_node_name] = locate_config_value(:chef_node_name) || server.name
-      # bootstrap.config[:prerelease] = locate_config_value(:prerelease)
-      # bootstrap.config[:bootstrap_version] = locate_config_value(:bootstrap_version)
-      # bootstrap.config[:distro] = locate_config_value(:distro)
+      bootstrap.config[:chef_node_name] = locate_config_value(:chef_node_name) || server["name"]
       bootstrap.config[:use_sudo] = true unless locate_config_value(:ssh_user) == 'root'
-      # bootstrap.config[:template_file] = config[:template_file]
       bootstrap.config[:environment] = locate_config_value(:environment)
+
       # may be needed for vpc_mode
       bootstrap.config[:host_key_verify] = config[:host_key_verify]
       bootstrap_common_params(bootstrap)
     end
 
-    def locate_config_value(key)
-      key = key.to_sym
-      Chef::Config[:knife][key] || config[key]
-    end
   end
 end