knife-ec2 0.6.6 → 0.8.0

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    YTdhZGU4M2U0NDY2Mzc2NjdlMzkxNGI2ZTkxMDcyMDZjODI4Mzk1Ng==
+  data.tar.gz: !binary |-
+    NzMzNmEyMDUwM2VkNTZkOGQ0MmYxZDBjZWIyODRkMzI4MzVlZmRkOA==
+SHA512:
+  metadata.gz: !binary |-
+    OTlmZjliMzM5MjRlYzc4NGQ4ZDU4YTM4ZDVkNzIwN2VkMjJhNzY1NDdiMjk0
+    MTJlYjU4ODdiOWJmODBlODdiNzVjYTc0YTY5MWQ3YzQzYzExOWE5MTMzY2Ew
+    MDc0ZDg2NmZiNDIxMGU3ZWQxMjg2NWRhOGU3MDAwOWQ5OTFiYjE=
+  data.tar.gz: !binary |-
+    OGMwNGVlMjgwNjY5ZTAwZTk3MGZlZDU4MWExNzUzNTVjYmU5MjY5MTkxMGVi
+    NDYwNjAyYmMwMTA3NWEzNTQ3MzU5YTBmMGU1ZTg2ZWYwZWRlZmQ4ZTE2YWZj
+    MGZhMmJjZDk5MzRkNzIyNzk2ZTQyNmQxZGFkOWE3NGU3MGZhNjM=

data/CHANGELOG.md

@@ -0,0 +1,27 @@
+# knife-ec2 change log
+
+Note: this log contains only changes from knife-ec2 release 0.8.0 and later
+-- it does not contain the changes from prior release. To view change history
+prior to release 0.8.0, please visit the [source repository](https://github.com/opscode/knife-ec2/commits).
+
+## Unreleased changes
+
+None.
+
+## Last release: 0.8.0 (2014-03-10)
+
+* [KNIFE-458](https://tickets.opscode.com/browse/KNIFE-458) Docs: Increase detail about necessary
+  options for VPC instance creation
+* [KNIFE-456](https://tickets.opscode.com/browse/KNIFE-456) Documentation for :aws\_credential\_file difficult to read
+* [KNIFE-455](https://tickets.opscode.com/browse/KNIFE-455) knife ec2 may try to use private ip for vpc bootstrap even with --associate-public-ip flag
+* [KNIFE-453](https://tickets.opscode.com/browse/KNIFE-453) knife-ec2 doesn't handle aws credentials files with windows line endings
+* [KNIFE-451](https://tickets.opscode.com/browse/KNIFE-451) Update Fog version to 1.20.0
+* [KNIFE-430](https://tickets.opscode.com/browse/KNIFE-430) server creation tunnelling should wait for a valid banner before continuing
+* [KNIFE-381](https://tickets.opscode.com/browse/KNIFE-381) Gabriel Rosendorf Add ability to associate public ip with VPC
+  instance on creation
+
+## Releases prior to 0.8.0
+Please see <https://github.com/opscode/knife-ec2/commits> to view changes in
+the form of commits to the source repository for releases before 0.8.0.
+
+

data/CONTRIBUTING.md

@@ -0,0 +1,71 @@
+# Contributing to knife-ec2
+
+We are glad you want to contribute to Chef's knife-ec2 plugin! The first step is the desire to improve the project.
+
+You can find the answers to additional frequently asked questions [on the wiki](http://wiki.opscode.com/display/chef/How+to+Contribute).
+
+## Quick-contribute
+
+*   Create an account on our [bug tracker](http://tickets.opscode.com/browse/KNIFE)
+*   Sign our contributor agreement (CLA) [
+online](https://secure.echosign.com/public/hostedForm?formid=PJIF5694K6L)
+    (keep reading if you're contributing on behalf of your employer)
+* Create a ticket for your change on the [bug tracker](http://tickets.opscode.com/browse/KNIFE)
+* Link to your patch as a rebased git branch or pull request from the ticket
+* Resolve the ticket as fixed
+
+We regularly review contributions and will get back to you if we have any suggestions or concerns.
+
+## The Apache License and the CLA/CCLA
+
+Licensing is very important to open source projects, it helps ensure the software continues to be available under the terms that the author desired.
+Chef uses the Apache 2.0 license to strike a balance between open contribution and allowing you to use the software however you would like to.
+
+The license tells you what rights you have that are provided by the copyright holder. It is important that the contributor fully understands what rights
+they are licensing and agrees to them. Sometimes the copyright holder isn't the contributor, most often when the contributor is doing work for a company.
+
+To make a good faith effort to ensure these criteria are met, Opscode requires a Contributor License Agreement (CLA) or a Corporate Contributor License
+Agreement (CCLA) for all contributions. This is without exception due to some matters not being related to copyright and to avoid having to continually
+check with our lawyers about small patches.
+
+It only takes a few minutes to complete a CLA, and you retain the copyright to your contribution.
+
+You can complete our contributor agreement (CLA) [
+online](https://secure.echosign.com/public/hostedForm?formid=PJIF5694K6L).  If you're contributing on behalf of your employer, have
+your employer fill out our [Corporate CLA](https://secure.echosign.com/public/hostedForm?formid=PIE6C7AX856) instead.
+
+## Issue Tracking
+
+You can file tickets to describe the bug you'd like to fix or feature you'd
+like to add via the [knife-ec2 project](http://tickets.opscode.com/browse/KNIFE). For your contribution to be reviewed
+and merged, you **must** file a ticket.
+
+## Contribution Details
+
+Once you've created the ticket, you can make a pull request to
+knife-ec2 on GitHub at <https://github.com/opscode/knife-ec2> that references
+that ticket. 
+
+## Testing Instructions
+
+To run tests, run the following Ruby tool commands from the root of your local checkout of
+knife-ec2:
+
+    bundle install
+    bundle exec rspec spec
+    
+**All tests must pass** before your contribution can be merged. Thus it's a good idea
+to execute the tests without your change to be sure you understand how to run
+them, as well as after to validate that you've avoided regressions.
+
+All but the most trivial changes should include **at least one unit test case** to exercise the
+new / changed code; please add tests to your pull request in this common case.
+
+## Further Resources
+
+### Fog
+
+Knife-ec2 uses the Fog gem to interact with EC2's API. When there's a new
+feature of EC2 that you'd like to utilize in knife-ec2 use cases, that feature
+will probably be exposed by Fog. You can read about Fog
+at its [project page](https://github.com/fog/fog).

data/DOC_CHANGES.md

@@ -0,0 +1,21 @@
+<!---
+This file is reset everytime when a new release is done. Contents of this file is for the currently unreleased version.
+-->
+
+# knife-ec2 doc changes
+
+## Command-line flag option --associate-ip for server create
+The option --associate-ip was added to the knife-ec2 server create
+subcommand.
+
+### server create
+
+### options
+
+```
+--associate-public-ip 
+```
+
+Associate public IP address to the VPC instance so that the public IP is available
+during bootstrapping. Only valid with VPC instances.
+   

data/README.md

@@ -4,8 +4,13 @@ Knife EC2
 [![Build Status](https://travis-ci.org/opscode/knife-ec2.png?branch=master)](https://travis-ci.org/opscode/knife-ec2)
 [![Dependency Status](https://gemnasium.com/opscode/knife-ec2.png)](https://gemnasium.com/opscode/knife-ec2)
 
-This is the official Opscode Knife plugin for EC2. This plugin gives knife the ability to create, bootstrap, and manage EC2 instances.
+This is the official Chef Knife plugin for EC2. This plugin gives knife the ability to create, bootstrap, and manage EC2 instances.
 
+* Documentation: <http://docs.opscode.com/plugin_knife_ec2.html>
+* Source: <http://github.com/opscode/knife-ec2/tree/master>
+* Tickets/Issues: <http://tickets.opscode.com/browse/KNIFE>
+* IRC: `#chef` and `#chef-hacking` on Freenode
+* Mailing list: <http://lists.opscode.com>
 
 Installation
 ------------
@@ -56,10 +61,12 @@ you already have a file with these keys somewhere in this format:
     AWSAccessKeyId=Your AWS Access Key ID
     AWSSecretKey=Your AWS Secret Access Key
         
-        In this case, you can point the <tt>aws_credential_file</tt> option to
-        this file in your <tt>knife.rb</tt> file, like so:
-        
-            knife[:aws_credential_file] = "/path/to/credentials/file/in/above/format"
+In this case, you can point the <tt>aws_credential_file</tt> option to
+this file in your <tt>knife.rb</tt> file, like so:
+
+```ruby        
+knife[:aws_credential_file] = "/path/to/credentials/file/in/above/format"
+```
 
 Additionally the following options may be set in your `knife.rb`:
 
@@ -106,10 +113,10 @@ In-depth usage instructions can be found on the [Chef Wiki](http://wiki.opscode.
 
 License and Authors
 -------------------
-- Author:: Adam Jacob (<adam@opscode.com>)
+- Author:: Adam Jacob (<adam@getchef.com>)
 
 ```text
-Copyright 2009-2013 Opscode, Inc.
+Copyright 2009-2014 Opscode, Inc.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

data/knife-ec2.gemspec

@@ -8,7 +8,7 @@ Gem::Specification.new do |s|
   s.authors      = ['Adam Jacob', 'Seth Chisamore']
   s.email        = ['adam@opscode.com', 'schisamo@opscode.com']
   s.homepage     = 'https://github.com/opscode/knife-ec2'
-  s.summary      = %q{EC2 Support for Chef\'s Knife Command}
+  s.summary      = %q{EC2 Support for Chef's Knife Command}
   s.description  = s.summary
   s.license      = 'Apache 2.0'
 
@@ -16,13 +16,14 @@ Gem::Specification.new do |s|
   s.test_files   = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables  = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
 
-  s.add_dependency 'fog',           '~> 1.15.0'
-  s.add_dependency 'chef',          '>= 0.10.10'
+  s.add_dependency 'fog',           '~> 1.20.0'
   s.add_dependency 'knife-windows', '>= 0.5.12'
 
-  s.add_development_dependency 'rspec', '~> 2.14'
-  s.add_development_dependency 'rake',  '~> 10.1'
-  s.add_development_dependency 'sdoc',  '~> 0.3'
+  s.add_development_dependency 'mixlib-config', '~> 2.0'
+  s.add_development_dependency 'chef',          '>= 0.10.10'
+  s.add_development_dependency 'rspec',         '~> 2.14'
+  s.add_development_dependency 'rake',          '~> 10.1'
+  s.add_development_dependency 'sdoc',          '~> 0.3'
 
   s.require_paths = ['lib']
 end

data/lib/chef/knife/ec2_base.rb

@@ -95,7 +95,7 @@ class Chef
           # File format:
           # AWSAccessKeyId=somethingsomethingdarkside
           # AWSSecretKey=somethingsomethingcomplete
-          entries = Hash[*File.read(Chef::Config[:knife][:aws_credential_file]).split(/[=\n]/)]
+          entries = Hash[*File.read(Chef::Config[:knife][:aws_credential_file]).split(/[=\n]/).map(&:chomp)]
           Chef::Config[:knife][:aws_access_key_id] = entries['AWSAccessKeyId']
           Chef::Config[:knife][:aws_secret_access_key] = entries['AWSSecretKey']
         end

data/lib/chef/knife/ec2_server_create.rb

@@ -71,6 +71,10 @@ class Chef
         :long => "--associate-eip IP_ADDRESS",
         :description => "Associate existing elastic IP address with instance after launch"
 
+      option :dedicated_instance,
+        :long => "--dedicated_instance",
+        :description => "Launch as a Dedicated instance (VPC ONLY)"
+
       option :placement_group,
         :long => "--placement-group PLACEMENT_GROUP",
         :description => "The placement group to place a cluster compute instance",
@@ -137,11 +141,11 @@ class Chef
         :long => "--bootstrap-version VERSION",
         :description => "The version of Chef to install",
         :proc => Proc.new { |v| Chef::Config[:knife][:bootstrap_version] = v }
-      
+
       option :bootstrap_proxy,
-          :long => "--bootstrap-proxy PROXY_URL",
-          :description => "The proxy server for the node being bootstrapped",
-          :proc => Proc.new { |p| Chef::Config[:knife][:bootstrap_proxy] = p }
+        :long => "--bootstrap-proxy PROXY_URL",
+        :description => "The proxy server for the node being bootstrapped",
+        :proc => Proc.new { |p| Chef::Config[:knife][:bootstrap_proxy] = p }
 
       option :distro,
         :short => "-d DISTRO",
@@ -212,7 +216,7 @@ class Chef
         :long => "--bootstrap-protocol protocol",
         :description => "protocol to bootstrap windows servers. options: winrm/ssh",
         :proc => Proc.new { |key| Chef::Config[:knife][:bootstrap_protocol] = key },
-        :default => "winrm"
+        :default => nil
 
       option :fqdn,
         :long => "--fqdn FQDN",
@@ -245,101 +249,14 @@ class Chef
       option :server_connect_attribute,
         :long => "--server-connect-attribute ATTRIBUTE",
         :short => "-a ATTRIBUTE",
-        :description => "The EC2 server attribute to use for SSH connection",
+        :description => "The EC2 server attribute to use for SSH connection. Use this attr for creating VPC instances along with --associate-eip",
         :default => nil
 
-    def tcp_test_winrm(ip_addr, port)
-      tcp_socket = TCPSocket.new(ip_addr, port)
-      yield
-      true
-      rescue SocketError
-        sleep 2
-        false
-      rescue Errno::ETIMEDOUT
-        false
-      rescue Errno::EPERM
-        false
-      rescue Errno::ECONNREFUSED
-        sleep 2
-        false
-      rescue Errno::EHOSTUNREACH
-        sleep 2
-        false
-      rescue Errno::ENETUNREACH
-        sleep 2
-        false
-        ensure
-        tcp_socket && tcp_socket.close
-    end
-
-      def tcp_test_ssh(hostname, ssh_port)
-        tcp_socket = TCPSocket.new(hostname, ssh_port)
-        readable = IO.select([tcp_socket], nil, nil, 5)
-        if readable
-          Chef::Log.debug("sshd accepting connections on #{hostname}, banner is #{tcp_socket.gets}")
-          yield
-          true
-        else
-          false
-        end
-      rescue SocketError, Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Errno::ENETUNREACH, IOError
-        sleep 2
-        false
-      rescue Errno::EPERM, Errno::ETIMEDOUT
-        false
-      # This happens on some mobile phone networks
-      rescue Errno::ECONNRESET
-        sleep 2
-        false
-      ensure
-        tcp_socket && tcp_socket.close
-      end
-
-      def decrypt_admin_password(encoded_password, key)
-        require 'base64'
-        require 'openssl'
-        private_key = OpenSSL::PKey::RSA.new(key)
-        encrypted_password = Base64.decode64(encoded_password)
-        password = private_key.private_decrypt(encrypted_password)
-        password
-      end
-
-      def check_windows_password_available(server_id)
-        response = connection.get_password_data(server_id)
-        if not response.body["passwordData"]
-          return false
-        end
-        response.body["passwordData"]
-      end
-
-      def windows_password
-        if not locate_config_value(:winrm_password)
-          if locate_config_value(:identity_file)
-            print "\n#{ui.color("Waiting for Windows Admin password to be available", :magenta)}"
-            print(".") until check_windows_password_available(@server.id) {
-              sleep 1000 #typically is available after 30 mins
-              puts("done")
-            }
-            response = connection.get_password_data(@server.id)
-            data = File.read(locate_config_value(:identity_file))
-            config[:winrm_password] = decrypt_admin_password(response.body["passwordData"], data)
-          else
-            ui.error("Cannot find SSH Identity file, required to fetch dynamically generated password")
-            exit 1
-          end
-        else
-          locate_config_value(:winrm_password)
-        end
-      end
-
-      def load_winrm_deps
-        require 'winrm'
-        require 'em-winrm'
-        require 'chef/knife/winrm'
-        require 'chef/knife/bootstrap_windows_winrm'
-        require 'chef/knife/bootstrap_windows_ssh'
-        require 'chef/knife/core/windows_bootstrap_context'
-      end
+      option :associate_public_ip,
+        :long => "--associate-public-ip",
+        :description => "Associate public ip to VPC instance.",
+        :boolean => true,
+        :default => false
 
       def run
         $stdout.sync = true
@@ -398,7 +315,7 @@ class Chef
         begin
           create_tags(hashed_tags) unless hashed_tags.empty?
           associate_eip(elastic_ip) if config[:associate_eip]
-        rescue Fog::Compute::AWS::NotFound, Fog::Errors::Error => e
+        rescue Fog::Compute::AWS::NotFound, Fog::Errors::Error
           raise if (tries -= 1) <= 0
           ui.warn("server not ready, retrying tag application (retries left: #{tries})")
           sleep 5
@@ -407,6 +324,10 @@ class Chef
 
         if vpc_mode?
           msg_pair("Subnet ID", @server.subnet_id)
+          msg_pair("Tenancy", @server.tenancy)
+          if config[:associate_public_ip]
+            msg_pair("Public DNS Name", @server.dns_name)
+          end
           if elastic_ip
             msg_pair("Public IP Address", @server.public_ip_address)
           end
@@ -417,10 +338,10 @@ class Chef
         end
         msg_pair("Private IP Address", @server.private_ip_address)
 
-
         #Check if Server is Windows or Linux
         if is_image_windows?
           protocol = locate_config_value(:bootstrap_protocol)
+          protocol ||= 'winrm'
           # Set distro to windows-chef-client-msi
           config[:distro] = "windows-chef-client-msi" if (config[:distro].nil? || config[:distro] == "chef-full")
           if protocol == 'winrm'
@@ -439,11 +360,12 @@ class Chef
             }
             ssh_override_winrm
           end
-          bootstrap_for_windows_node(@server,ssh_connect_host).run
+          bootstrap_for_windows_node(@server, ssh_connect_host).run
         else
-            wait_for_sshd(ssh_connect_host)
-            ssh_override_winrm
-            bootstrap_for_linux_node(@server,ssh_connect_host).run
+          print "\n#{ui.color("Waiting for sshd", :magenta)}"
+          wait_for_sshd(ssh_connect_host)
+          ssh_override_winrm
+          bootstrap_for_linux_node(@server, ssh_connect_host).run
         end
 
         puts "\n"
@@ -480,6 +402,10 @@ class Chef
         end
         if vpc_mode?
           msg_pair("Subnet ID", @server.subnet_id)
+          msg_pair("Tenancy", @server.tenancy)
+          if config[:associate_public_ip]
+            msg_pair("Public DNS Name", @server.dns_name)
+          end
         else
           msg_pair("Public DNS Name", @server.dns_name)
           msg_pair("Public IP Address", @server.public_ip_address)
@@ -511,36 +437,35 @@ class Chef
       end
 
       def fetch_server_fqdn(ip_addr)
-          require 'resolv'
-          Resolv.getname(ip_addr)
+        require 'resolv'
+        Resolv.getname(ip_addr)
       end
 
       def bootstrap_for_windows_node(server, fqdn)
-        if locate_config_value(:bootstrap_protocol) == 'winrm'
-            if locate_config_value(:kerberos_realm)
-              #Fetch AD/WINS based fqdn if any for Kerberos-based Auth
-              fqdn = locate_config_value(:fqdn) || fetch_server_fqdn(server.private_ip_address)
-            end
-            bootstrap = Chef::Knife::BootstrapWindowsWinrm.new
-            bootstrap.config[:winrm_user] = locate_config_value(:winrm_user)
-            bootstrap.config[:winrm_password] = windows_password
-            bootstrap.config[:winrm_transport] = locate_config_value(:winrm_transport)
-            bootstrap.config[:kerberos_keytab_file] = locate_config_value(:kerberos_keytab_file)
-            bootstrap.config[:kerberos_realm] = locate_config_value(:kerberos_realm)
-            bootstrap.config[:kerberos_service] = locate_config_value(:kerberos_service)
-            bootstrap.config[:ca_trust_file] = locate_config_value(:ca_trust_file)
-            bootstrap.config[:winrm_port] = locate_config_value(:winrm_port)
-
+        if locate_config_value(:bootstrap_protocol) == 'winrm' || locate_config_value(:bootstrap_protocol) == nil
+          if locate_config_value(:kerberos_realm)
+            #Fetch AD/WINS based fqdn if any for Kerberos-based Auth
+            fqdn = locate_config_value(:fqdn) || fetch_server_fqdn(server.private_ip_address)
+          end
+          bootstrap = Chef::Knife::BootstrapWindowsWinrm.new
+          bootstrap.config[:winrm_user] = locate_config_value(:winrm_user)
+          bootstrap.config[:winrm_password] = windows_password
+          bootstrap.config[:winrm_transport] = locate_config_value(:winrm_transport)
+          bootstrap.config[:kerberos_keytab_file] = locate_config_value(:kerberos_keytab_file)
+          bootstrap.config[:kerberos_realm] = locate_config_value(:kerberos_realm)
+          bootstrap.config[:kerberos_service] = locate_config_value(:kerberos_service)
+          bootstrap.config[:ca_trust_file] = locate_config_value(:ca_trust_file)
+          bootstrap.config[:winrm_port] = locate_config_value(:winrm_port)
         elsif locate_config_value(:bootstrap_protocol) == 'ssh'
-            bootstrap = Chef::Knife::BootstrapWindowsSsh.new
-            bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
-            bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
-            bootstrap.config[:ssh_port] = locate_config_value(:ssh_port)
-            bootstrap.config[:identity_file] = locate_config_value(:identity_file)
-            bootstrap.config[:no_host_key_verify] = locate_config_value(:no_host_key_verify)
+          bootstrap = Chef::Knife::BootstrapWindowsSsh.new
+          bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
+          bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
+          bootstrap.config[:ssh_port] = locate_config_value(:ssh_port)
+          bootstrap.config[:identity_file] = locate_config_value(:identity_file)
+          bootstrap.config[:no_host_key_verify] = locate_config_value(:no_host_key_verify)
         else
-            ui.error("Unsupported Bootstrapping Protocol. Supported : winrm, ssh")
-            exit 1
+          ui.error("Unsupported Bootstrapping Protocol. Supported : winrm, ssh")
+          exit 1
         end
         bootstrap.name_args = [fqdn]
         bootstrap.config[:chef_node_name] = config[:chef_node_name] || server.id
@@ -572,7 +497,6 @@ class Chef
       end
 
       def validate!
-
         super([:image, :aws_ssh_key_id, :aws_access_key_id, :aws_secret_access_key])
 
         if ami.nil?
@@ -584,11 +508,22 @@ class Chef
           ui.error("You are using a VPC, security groups specified with '-G' are not allowed, specify one or more security group ids with '-g' instead.")
           exit 1
         end
+
         if !vpc_mode? and !!config[:private_ip_address]
           ui.error("You can only specify a private IP address if you are using VPC.")
           exit 1
         end
 
+        if config[:dedicated_instance] and !vpc_mode?
+          ui.error("You can only specify a Dedicated Instance if you are using VPC.")
+          exit 1
+        end
+
+        if !vpc_mode? and config[:associate_public_ip]
+          ui.error("--associate-public-ip option only applies to VPC instances, and you have not specified a subnet id.")
+          exit 1
+        end
+
         if config[:associate_eip]
           eips = connection.addresses.collect{|addr| addr if addr.domain == eip_scope}.compact
 
@@ -629,6 +564,8 @@ class Chef
         server_def[:private_ip_address] = locate_config_value(:private_ip_address) if vpc_mode?
         server_def[:placement_group] = locate_config_value(:placement_group)
         server_def[:iam_instance_profile_name] = locate_config_value(:iam_instance_profile)
+        server_def[:tenancy] = "dedicated" if vpc_mode? and locate_config_value(:dedicated_instance)
+        server_def[:associate_public_ip] = locate_config_value(:associate_public_ip) if vpc_mode? and config[:associate_public_ip]
 
         if Chef::Config[:knife][:aws_user_data]
           begin
@@ -683,9 +620,14 @@ class Chef
       end
 
       def wait_for_tunnelled_sshd(hostname)
-        print(".")
-        print(".") until tunnel_test_ssh(ssh_connect_host) {
-          sleep @initial_sleep_delay ||= (vpc_mode? ? 40 : 10)
+        initial = true
+        print(".") until tunnel_test_ssh(hostname) {
+          if initial
+            initial = false
+            sleep (vpc_mode? ? 40 : 10)
+          else
+            sleep 10
+          end
           puts("done")
         }
       end
@@ -707,18 +649,28 @@ class Chef
       end
 
       def wait_for_direct_sshd(hostname, ssh_port)
-        print(".") until tcp_test_ssh(ssh_connect_host, ssh_port) {
-          sleep @initial_sleep_delay ||= (vpc_mode? ? 40 : 10)
+        initial = true
+        print(".") until tcp_test_ssh(hostname, ssh_port) {
+          if initial
+            initial = false
+            sleep (vpc_mode? ? 40 : 10)
+          else
+            sleep 10
+          end
           puts("done")
         }
       end
 
       def ssh_connect_host
         @ssh_connect_host ||= if config[:server_connect_attribute]
-          server.send(config[:server_connect_attribute])
-        else
-          vpc_mode? ? server.private_ip_address : server.dns_name
-        end
+                                server.send(config[:server_connect_attribute])
+                              else
+                                if vpc_mode? && !config[:associate_public_ip]
+                                  server.private_ip_address
+                                else
+                                  server.dns_name
+                                end
+                              end
       end
 
       def create_tags(hashed_tags)
@@ -754,6 +706,107 @@ class Chef
           config[:identity_file] = locate_config_value(:kerberos_keytab_file)
         end
       end
+
+      def tcp_test_winrm(ip_addr, port)
+        tcp_socket = TCPSocket.new(ip_addr, port)
+        yield
+        true
+      rescue SocketError
+        sleep 2
+        false
+      rescue Errno::ETIMEDOUT
+        false
+      rescue Errno::EPERM
+        false
+      rescue Errno::ECONNREFUSED
+        sleep 2
+        false
+      rescue Errno::EHOSTUNREACH
+        sleep 2
+        false
+      rescue Errno::ENETUNREACH
+        sleep 2
+        false
+        ensure
+        tcp_socket && tcp_socket.close
+      end
+
+      def tcp_test_ssh(hostname, ssh_port)
+        tcp_socket = TCPSocket.new(hostname, ssh_port)
+        readable = IO.select([tcp_socket], nil, nil, 5)
+        if readable
+          ssh_banner = tcp_socket.gets
+          if ssh_banner.nil? or ssh_banner.empty?
+            false
+          else
+            Chef::Log.debug("sshd accepting connections on #{hostname}, banner is #{ssh_banner}")
+            yield
+            true
+          end
+        else
+          false
+        end
+      rescue SocketError, Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Errno::ENETUNREACH, IOError
+        Chef::Log.debug("ssh failed to connect: #{hostname}")
+        sleep 2
+        false
+      rescue Errno::EPERM, Errno::ETIMEDOUT
+        Chef::Log.debug("ssh timed out: #{hostname}")
+        false
+      # This happens on some mobile phone networks
+      rescue Errno::ECONNRESET
+        Chef::Log.debug("ssh reset its connection: #{hostname}")
+        sleep 2
+        false
+      ensure
+        tcp_socket && tcp_socket.close
+      end
+
+      def decrypt_admin_password(encoded_password, key)
+        require 'base64'
+        require 'openssl'
+        private_key = OpenSSL::PKey::RSA.new(key)
+        encrypted_password = Base64.decode64(encoded_password)
+        password = private_key.private_decrypt(encrypted_password)
+        password
+      end
+
+      def check_windows_password_available(server_id)
+        response = connection.get_password_data(server_id)
+        if not response.body["passwordData"]
+          return false
+        end
+        response.body["passwordData"]
+      end
+
+      def windows_password
+        if not locate_config_value(:winrm_password)
+          if locate_config_value(:identity_file)
+            print "\n#{ui.color("Waiting for Windows Admin password to be available", :magenta)}"
+            print(".") until check_windows_password_available(@server.id) {
+              sleep 1000 #typically is available after 30 mins
+              puts("done")
+            }
+            response = connection.get_password_data(@server.id)
+            data = File.read(locate_config_value(:identity_file))
+            config[:winrm_password] = decrypt_admin_password(response.body["passwordData"], data)
+          else
+            ui.error("Cannot find SSH Identity file, required to fetch dynamically generated password")
+            exit 1
+          end
+        else
+          locate_config_value(:winrm_password)
+        end
+      end
+
+      def load_winrm_deps
+        require 'winrm'
+        require 'em-winrm'
+        require 'chef/knife/winrm'
+        require 'chef/knife/bootstrap_windows_winrm'
+        require 'chef/knife/bootstrap_windows_ssh'
+        require 'chef/knife/core/windows_bootstrap_context'
+      end
     end
   end
 end

data/lib/knife-ec2/version.rb

@@ -1,6 +1,6 @@
 module Knife
   module Ec2
-    VERSION = "0.6.6"
+    VERSION = "0.8.0"
     MAJOR, MINOR, TINY = VERSION.split('.')
   end
 end

data/spec/spec_helper.rb

@@ -5,3 +5,13 @@ require 'chef/knife/ec2_server_create'
 require 'chef/knife/ec2_instance_data'
 require 'chef/knife/ec2_server_delete'
 require 'chef/knife/ec2_server_list'
+
+# Clear config between each example
+# to avoid dependencies between examples
+RSpec.configure do |c|
+  c.before(:each) do
+    Chef::Config.reset
+    Chef::Config[:knife] ={}
+  end
+end
+

data/spec/unit/ec2_server_create_spec.rb

@@ -23,7 +23,7 @@ require 'chef/knife/bootstrap_windows_winrm'
 require 'chef/knife/bootstrap_windows_ssh'
 
 describe Chef::Knife::Ec2ServerCreate do
-  before do
+  before(:each) do
     @knife_ec2_create = Chef::Knife::Ec2ServerCreate.new
     @knife_ec2_create.initial_sleep_delay = 0
     @knife_ec2_create.stub(:tcp_test_ssh).and_return(true)
@@ -494,6 +494,33 @@ describe Chef::Knife::Ec2ServerCreate do
       @knife_ec2_create.ui.stub(:error)
     end
 
+    describe "when reading aws_credential_file" do 
+      before do
+        Chef::Config[:knife].delete(:aws_access_key_id)
+        Chef::Config[:knife].delete(:aws_secret_access_key)
+
+        Chef::Config[:knife][:aws_credential_file] = '/apple/pear'
+        @access_key_id = 'access_key_id'
+        @secret_key = 'secret_key'
+      end
+
+      it "reads UNIX Line endings" do
+        File.stub(:read).
+          and_return("AWSAccessKeyId=#{@access_key_id}\nAWSSecretKey=#{@secret_key}")
+        @knife_ec2_create.validate!
+        Chef::Config[:knife][:aws_access_key_id].should == @access_key_id
+        Chef::Config[:knife][:aws_secret_access_key].should == @secret_key
+      end
+
+      it "reads DOS Line endings" do
+        File.stub(:read).
+          and_return("AWSAccessKeyId=#{@access_key_id}\r\nAWSSecretKey=#{@secret_key}")
+        @knife_ec2_create.validate!
+        Chef::Config[:knife][:aws_access_key_id].should == @access_key_id
+        Chef::Config[:knife][:aws_secret_access_key].should == @secret_key
+      end
+    end
+
     it "disallows security group names when using a VPC" do
       @knife_ec2_create.config[:subnet_id] = 'subnet-1a2b3c4d'
       @knife_ec2_create.config[:security_group_ids] = 'sg-aabbccdd'
@@ -514,6 +541,13 @@ describe Chef::Knife::Ec2ServerCreate do
 
       lambda { @knife_ec2_create.validate! }.should raise_error SystemExit
     end
+
+    it "disallows associate public ip option when not using a VPC" do
+      @knife_ec2_create.config[:associate_public_ip] = true
+      @knife_ec2_create.config[:subnet_id] = nil
+
+      lambda { @knife_ec2_create.validate! }.should raise_error SystemExit
+    end
   end
 
   describe "when creating the server definition" do
@@ -597,6 +631,37 @@ describe Chef::Knife::Ec2ServerCreate do
 
       server_def[:iam_instance_profile_name].should == nil
     end
+    
+    it 'Set Tenancy Dedicated when both VPC mode and Flag is True' do
+      @knife_ec2_create.config[:dedicated_instance] = true
+      @knife_ec2_create.stub(:vpc_mode? => true)
+      
+      server_def = @knife_ec2_create.create_server_def
+      server_def[:tenancy].should == "dedicated"
+    end
+    
+    it 'Tenancy should be default with no vpc mode even is specified' do
+      @knife_ec2_create.config[:dedicated_instance] = true
+      
+      server_def = @knife_ec2_create.create_server_def
+      server_def[:tenancy].should == nil
+    end
+    
+    it 'Tenancy should be default with vpc but not requested' do
+      @knife_ec2_create.stub(:vpc_mode? => true)
+      
+      server_def = @knife_ec2_create.create_server_def
+      server_def[:tenancy].should == nil
+    end
+    
+    it "sets associate_public_ip to true if specified and in vpc_mode" do
+      @knife_ec2_create.config[:subnet_id] = 'subnet-1a2b3c4d'
+      @knife_ec2_create.config[:associate_public_ip] = true
+      server_def = @knife_ec2_create.create_server_def
+
+      server_def[:subnet_id].should == 'subnet-1a2b3c4d'
+      server_def[:associate_public_ip].should == true
+    end
   end
 
   describe "ssh_connect_host" do
@@ -620,7 +685,6 @@ describe Chef::Knife::Ec2ServerCreate do
         @knife_ec2_create.stub(:vpc_mode? => true)
         @knife_ec2_create.ssh_connect_host.should == 'private_ip'
       end
-
     end
 
     describe "with custom server attribute" do
@@ -630,4 +694,29 @@ describe Chef::Knife::Ec2ServerCreate do
       end
     end
   end
+
+  describe "tcp_test_ssh" do
+    # Normally we would only get the header after we send a client header, e.g. 'SSH-2.0-client'
+    it "should return true if we get an ssh header" do
+      @knife_ec2_create = Chef::Knife::Ec2ServerCreate.new
+      TCPSocket.stub(:new).and_return(StringIO.new("SSH-2.0-OpenSSH_6.1p1 Debian-4"))
+      IO.stub(:select).and_return(true)
+      @knife_ec2_create.should_receive(:tcp_test_ssh).and_yield.and_return(true)
+      @knife_ec2_create.tcp_test_ssh("blackhole.ninja", 22) {nil}
+    end
+
+    it "should return false if we do not get an ssh header" do
+      @knife_ec2_create = Chef::Knife::Ec2ServerCreate.new
+      TCPSocket.stub(:new).and_return(StringIO.new(""))
+      IO.stub(:select).and_return(true)
+      @knife_ec2_create.tcp_test_ssh("blackhole.ninja", 22).should be_false
+    end
+
+    it "should return false if the socket isn't ready" do
+      @knife_ec2_create = Chef::Knife::Ec2ServerCreate.new
+      TCPSocket.stub(:new)
+      IO.stub(:select).and_return(false)
+      @knife_ec2_create.tcp_test_ssh("blackhole.ninja", 22).should be_false
+    end
+  end
 end

metadata

@@ -1,8 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: knife-ec2
 version: !ruby/object:Gem::Version
-  version: 0.6.6
-  prerelease: 
+  version: 0.8.0
 platform: ruby
 authors:
 - Adam Jacob
@@ -10,60 +9,67 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-10-31 00:00:00.000000000 Z
+date: 2014-03-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fog
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 1.15.0
+        version: 1.20.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 1.15.0
+        version: 1.20.0
 - !ruby/object:Gem::Dependency
-  name: chef
+  name: knife-windows
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.10.10
+        version: 0.5.12
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.10.10
+        version: 0.5.12
 - !ruby/object:Gem::Dependency
-  name: knife-windows
+  name: mixlib-config
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: chef
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.5.12
-  type: :runtime
+        version: 0.10.10
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.5.12
+        version: 0.10.10
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -71,7 +77,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -79,7 +84,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -87,7 +91,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -95,7 +98,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: sdoc
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -103,12 +105,11 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
         version: '0.3'
-description: EC2 Support for Chef\'s Knife Command
+description: EC2 Support for Chef's Knife Command
 email:
 - adam@opscode.com
 - schisamo@opscode.com
@@ -118,6 +119,9 @@ extra_rdoc_files: []
 files:
 - .gitignore
 - .travis.yml
+- CHANGELOG.md
+- CONTRIBUTING.md
+- DOC_CHANGES.md
 - Gemfile
 - LICENSE
 - README.md
@@ -136,28 +140,27 @@ files:
 homepage: https://github.com/opscode/knife-ec2
 licenses:
 - Apache 2.0
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 2.1.11
 signing_key: 
-specification_version: 3
-summary: EC2 Support for Chef\'s Knife Command
+specification_version: 4
+summary: EC2 Support for Chef's Knife Command
 test_files:
 - spec/spec_helper.rb
 - spec/unit/ec2_server_create_spec.rb