knife-ec2 0.8.0 → 0.10.0.rc.0

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    YTdhZGU4M2U0NDY2Mzc2NjdlMzkxNGI2ZTkxMDcyMDZjODI4Mzk1Ng==
+    YzVmMmJhMWJhZWZhNjMzNDUzOWMyOGYzNDQzNjlkNWMyMDkxNjg1Mw==
   data.tar.gz: !binary |-
-    NzMzNmEyMDUwM2VkNTZkOGQ0MmYxZDBjZWIyODRkMzI4MzVlZmRkOA==
+    OGU2MTdkOThjYjkzNjQ4MjJmMmZhNjk1YjM5MjE5ZGQzYjIxMWM4Yg==
 SHA512:
   metadata.gz: !binary |-
-    OTlmZjliMzM5MjRlYzc4NGQ4ZDU4YTM4ZDVkNzIwN2VkMjJhNzY1NDdiMjk0
-    MTJlYjU4ODdiOWJmODBlODdiNzVjYTc0YTY5MWQ3YzQzYzExOWE5MTMzY2Ew
-    MDc0ZDg2NmZiNDIxMGU3ZWQxMjg2NWRhOGU3MDAwOWQ5OTFiYjE=
+    YTM2YWE1OTM2MDc5OTI4MjlhMmEzNzAxMGQxN2FlYWI3YzFjNjFmZjg0NGQy
+    MTc3ZWU3YTJjNTM0Mjc3ZTU4NWI5ZTkxZmM3MTI2ODAwOTZjMjk2NmVlNGY5
+    ZjkzNTMzYjJiNDQ1OTU2ZGFmYzQ0MzQ0ZDYyYjA4MjdhZmU1MTk=
   data.tar.gz: !binary |-
-    OGMwNGVlMjgwNjY5ZTAwZTk3MGZlZDU4MWExNzUzNTVjYmU5MjY5MTkxMGVi
-    NDYwNjAyYmMwMTA3NWEzNTQ3MzU5YTBmMGU1ZTg2ZWYwZWRlZmQ4ZTE2YWZj
-    MGZhMmJjZDk5MzRkNzIyNzk2ZTQyNmQxZGFkOWE3NGU3MGZhNjM=
+    Njg1YTU2ZDhhYjc1NzZlOTNlZTkwZTIzYzIyZWIzMzQwZGEzYjM1YzBjN2Ew
+    OGIzMTgwY2UyYjNmODQ3ODk1ZjVjOTEyNmUxMGVjODUyYjI2ODhjYTNkNGFj
+    ODEzMmJjYmNjMTQ0NTYyOTMwNzllYzQzYzBkNzZhOGQ4MDEzOTk=

data/CHANGELOG.md

@@ -1,14 +1,20 @@
 # knife-ec2 change log
 
 Note: this log contains only changes from knife-ec2 release 0.8.0 and later
--- it does not contain the changes from prior release. To view change history
+-- it does not contain the changes from prior releases. To view change history
 prior to release 0.8.0, please visit the [source repository](https://github.com/opscode/knife-ec2/commits).
 
 ## Unreleased changes
-
 None.
 
-## Last release: 0.8.0 (2014-03-10)
+## Latest release: 0.10.0.rc.0
+* Update `knife-windows` gem dependency to `knife-windows 0.8.rc.0` for improved Windows authentication integration
+* Update `fog` gem dependency to `fog 1.23.0`
+* Provisioned IOPS support via the `--provisioned-iops` and `--ebs-volume-type` options
+* [KNIFE-464](https://tickets.opscode.com/browse/KNIFE-466) Knife ec2 should use gateway from net::ssh config if available
+* [KNIFE-422](https://tickets.opscode.com/browse/KNIFE-422) Knife ec2 server create doesn't respect identity file of gateway server from ssh\_config
+
+## Release: 0.8.0 (2014-03-10)
 
 * [KNIFE-458](https://tickets.opscode.com/browse/KNIFE-458) Docs: Increase detail about necessary
   options for VPC instance creation

data/CONTRIBUTIONS.md

@@ -0,0 +1,10 @@
+<!---
+This file is reset every time a new release is done. The contents of this file are for the currently unreleased version.
+
+Example Contribution:
+* **kalistec**: Improved file resource greatly.
+-->
+# knife-ec2 0.10.0:
+
+* **mdellanoce**: Added ability to use SSH config (KNIFE-466)
+* **victorlin**: Added ability to pass identify file for SSH Gateway on the command line (KNIFE-422)

data/DOC_CHANGES.md

@@ -4,18 +4,33 @@ This file is reset everytime when a new release is done. Contents of this file i
 
 # knife-ec2 doc changes
 
-## Command-line flag option --associate-ip for server create
-The option --associate-ip was added to the knife-ec2 server create
-subcommand.
+Documentation changes are given below for **knife-ec2 version 0.10.0**.
 
-### server create
+## Provisioned IOPS support for `server create` command
 
-### options
+Options are now available in the `knife ec2 server create` subcommand to
+specify provisioned IOPS for the created instance.
+
+### Option `--ebs-volume-type`
+
+This command line option and associated plugin configuration `:ebs_volume_type` allow you to specify an EBS volume of type `standard` or `io1` as a `string` parameter to this option. The former is the default, the latter will allow the specification of a provisioned IOPS rate through the `--provisioned-iops` option.
+
+### Option `--provisioned-iops`
+This command line option and the associated `:ebs_provisioned_iops` plugin
+confugration enables the EC2 instance to be configured with the specified
+provisioned IOPS rate given as an argument to this option. It is only valid if
+the EBS volume type is `io1` as specified by the `--ebs-volume-type` option
+for this plugin.
+
+## SSH Gateway from SSH Config
+Any available SSH Gateway settings in your SSH configuration file are now used
+by default. This includes using any SSH keys specified for the target host.
+This allows simpler command-line usage of the knife plugin with less of a need
+for complex command line invocations.
+
+## Pass seperate SSH Gateway key
+You can pass an SSH key to be used for authenticating to the SSH Gateway with
+the --ssh-gateway-identity option.
 
-```
---associate-public-ip 
-```
 
-Associate public IP address to the VPC instance so that the public IP is available
-during bootstrapping. Only valid with VPC instances.
    

data/RELEASE_NOTES.md

@@ -0,0 +1,41 @@
+<!---
+This file is reset every time a new release is done. The contents of this file are for the currently unreleased version.
+
+Example Note:
+
+## Example Heading
+Details about the thing that changed that needs to get included in the Release Notes in markdown.
+-->
+# knife-ec2 0.10.rc.0 release notes:
+This release of `knife-ec2` adds improvements around ssh configuration and EC2
+IOPS provisioning. There is also a dependency update for the `fog` and `knife-windows` gems
+to improve support for additional EC2 capabilities and Windows authentication
+enhancements respectively.
+
+Our MVP for this release is **Michael Dellanoce**, who contributed improvements
+that allow re-use of your existing SSH configuration with knife-ec2,
+particularly useful when dealing with SSH gateways. Michael, thank you for
+taking the time to develop this feature.
+
+See the [CHANGELOG](https://github.com/opscode/knife-ec2/blob/master/CHANGELOG.md) for a list of all changes in this release, and review
+[DOC_CHANGES.md](https://github.com/opscode/knife-ec2/blob/master/DOC_CHANGES.md) for relevant documentation updates.
+
+Issues with `knife-ec2` should be reported in the issue system at
+https://github.com/opscode/knife-ec2/issues. Learn more about how you can
+contribute features and bug fixes to `knife-ec2` at https://github.com/opscode/knife-ec2/blob/master/CONTRIBUTING.md.
+
+## Features added in knife-ec2 0.10.0
+
+* Provisioned IOPS support
+* SSH workstation configuration integration (from Michael Dellanoce and Victor Lin)
+
+## knife-ec2 on RubyGems and Github
+https://rubygems.org/gems/knife-ec2
+https://github.com/opscode/knife-ec2
+
+## Issues fixed in knife-ec2 0.10.0
+
+* Update `knife-windows` gem dependency to `knife-windows 0.8.0` for improved Windows authentication integration
+* Update `fog` gem dependency to `fog 1.23.0`
+* [KNIFE-464](https://tickets.opscode.com/browse/KNIFE-466) Knife ec2 should use gateway from net::ssh config if available
+* [KNIFE-422](https://tickets.opscode.com/browse/KNIFE-422) Knife ec2 server create doesn't respect identity file of gateway server from ssh\_config

data/knife-ec2.gemspec

@@ -10,14 +10,14 @@ Gem::Specification.new do |s|
   s.homepage     = 'https://github.com/opscode/knife-ec2'
   s.summary      = %q{EC2 Support for Chef's Knife Command}
   s.description  = s.summary
-  s.license      = 'Apache 2.0'
+  s.license      = 'Apache-2.0'
 
   s.files        = `git ls-files`.split("\n")
   s.test_files   = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables  = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
 
-  s.add_dependency 'fog',           '~> 1.20.0'
-  s.add_dependency 'knife-windows', '>= 0.5.12'
+  s.add_dependency 'fog',           '~> 1.23.0'
+  s.add_dependency 'knife-windows', '0.8.0.rc.0'
 
   s.add_development_dependency 'mixlib-config', '~> 2.0'
   s.add_development_dependency 'chef',          '>= 0.10.10'

data/lib/chef/knife/ec2_server_create.rb

@@ -125,9 +125,14 @@ class Chef
       option :ssh_gateway,
         :short => "-w GATEWAY",
         :long => "--ssh-gateway GATEWAY",
-        :description => "The ssh gateway server",
+        :description => "The ssh gateway server. Any proxies configured in your ssh config are automatically used by default.",
         :proc => Proc.new { |key| Chef::Config[:knife][:ssh_gateway] = key }
 
+      option :ssh_gateway_identity,
+        :long => "--ssh-gateway-identity IDENTITY_FILE",
+        :description => "The private key for ssh gateway server",
+        :proc => Proc.new { |key| Chef::Config[:knife][:ssh_gateway_identity] = key }
+
       option :identity_file,
         :short => "-i IDENTITY_FILE",
         :long => "--identity-file IDENTITY_FILE",
@@ -258,6 +263,23 @@ class Chef
         :boolean => true,
         :default => false
 
+      option :ebs_volume_type,
+        :long => "--ebs-volume-type TYPE",
+        :description => "Standard or Provisioned (io1) IOPS or General Purpose (gp2)",
+        :proc => Proc.new { |key| Chef::Config[:knife][:ebs_volume_type] = key },
+        :default => "standard"
+
+      option :ebs_provisioned_iops,
+        :long => "--provisioned-iops IOPS",
+        :description => "IOPS rate, only used when ebs volume type is 'io1'",
+        :proc => Proc.new { |key| Chef::Config[:knife][:provisioned_iops] = key },
+        :default => nil
+
+      option :auth_timeout,
+        :long => "--windows-auth-timeout MINUTES",
+        :description => "The maximum time in minutes to wait to for authentication over the transport to the node to succeed. The default value is 25 minutes.",
+        :default => 25
+
       def run
         $stdout.sync = true
 
@@ -303,7 +325,7 @@ class Chef
         msg_pair("Tags", printed_tags)
         msg_pair("SSH Key", @server.key_name)
 
-        print "\n#{ui.color("Waiting for instance", :magenta)}"
+        print "\n#{ui.color("Waiting for EC2 to create the instance", :magenta)}"
 
         # wait for instance to come up before acting against it
         @server.wait_for { print "."; ready? }
@@ -346,13 +368,13 @@ class Chef
           config[:distro] = "windows-chef-client-msi" if (config[:distro].nil? || config[:distro] == "chef-full")
           if protocol == 'winrm'
             load_winrm_deps
-            print "\n#{ui.color("Waiting for winrm", :magenta)}"
+            print "\n#{ui.color("Waiting for winrm access to become available", :magenta)}"
             print(".") until tcp_test_winrm(ssh_connect_host, locate_config_value(:winrm_port)) {
               sleep 10
               puts("done")
             }
           else
-            print "\n#{ui.color("Waiting for sshd", :magenta)}"
+            print "\n#{ui.color("Waiting for sshd access to become available", :magenta)}"
             #If FreeSSHd, winsshd etc are available
             print(".") until tcp_test_ssh(ssh_connect_host, config[:ssh_port]) {
               sleep @initial_sleep_delay ||= (vpc_mode? ? 40 : 10)
@@ -362,7 +384,7 @@ class Chef
           end
           bootstrap_for_windows_node(@server, ssh_connect_host).run
         else
-          print "\n#{ui.color("Waiting for sshd", :magenta)}"
+          print "\n#{ui.color("Waiting for sshd access to become available", :magenta)}"
           wait_for_sshd(ssh_connect_host)
           ssh_override_winrm
           bootstrap_for_linux_node(@server, ssh_connect_host).run
@@ -386,6 +408,8 @@ class Chef
           msg_pair("Root Volume ID", device_map['volumeId'])
           msg_pair("Root Device Name", device_map['deviceName'])
           msg_pair("Root Device Delete on Terminate", device_map['deleteOnTermination'])
+          msg_pair("Standard or Provisioned IOPS", device_map['volumeType'])
+          msg_pair("IOPS rate", device_map['iops'])
 
           if config[:ebs_size]
             if ami.block_device_mapping.first['volumeSize'].to_i < config[:ebs_size].to_i
@@ -456,6 +480,7 @@ class Chef
           bootstrap.config[:kerberos_service] = locate_config_value(:kerberos_service)
           bootstrap.config[:ca_trust_file] = locate_config_value(:ca_trust_file)
           bootstrap.config[:winrm_port] = locate_config_value(:winrm_port)
+          bootstrap.config[:auth_timeout] = locate_config_value(:auth_timeout)
         elsif locate_config_value(:bootstrap_protocol) == 'ssh'
           bootstrap = Chef::Knife::BootstrapWindowsSsh.new
           bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
@@ -500,7 +525,7 @@ class Chef
         super([:image, :aws_ssh_key_id, :aws_access_key_id, :aws_secret_access_key])
 
         if ami.nil?
-          ui.error("You have not provided a valid image (AMI) value.  Please note the short option for this value recently changed from '-i' to '-I'.")
+          ui.error("You have not provided a valid image (AMI) value.")
           exit 1
         end
 
@@ -532,6 +557,22 @@ class Chef
             exit 1
           end
         end
+
+        if config[:ebs_provisioned_iops] and config[:ebs_volume_type] != 'io1'
+          ui.error("--provisioned-iops option is only supported for volume type of 'io1'")
+          exit 1
+        end
+
+        if config[:ebs_volume_type] == 'io1' and config[:ebs_provisioned_iops].nil?
+          ui.error("--provisioned-iops option is required when using volume type of 'io1'")
+          exit 1
+        end
+
+        if config[:ebs_volume_type] and ! %w(gp2 io1 standard).include?(config[:ebs_volume_type])
+          ui.error("--ebs-volume-type must be 'standard' or 'io1' or 'gp2'")
+          msg opt_parser
+          exit 1
+        end
       end
 
       def tags
@@ -599,13 +640,26 @@ class Chef
                         else
                           ami_map["deleteOnTermination"]
                         end
+          iops_rate = begin
+                        if config[:ebs_provisioned_iops]
+                          Integer(config[:ebs_provisioned_iops]).to_s
+                        else
+                          ami_map["iops"].to_s
+                        end
+                      rescue ArgumentError
+                        puts "--provisioned-iops must be an integer"
+                        msg opt_parser
+                        exit 1
+                      end
 
           server_def[:block_device_mapping] =
             [{
                'DeviceName' => ami_map["deviceName"],
                'Ebs.VolumeSize' => ebs_size,
-               'Ebs.DeleteOnTermination' => delete_term
+               'Ebs.DeleteOnTermination' => delete_term,
+               'Ebs.VolumeType' => config[:ebs_volume_type],
              }]
+          server_def[:block_device_mapping].first['Ebs.Iops'] = iops_rate unless iops_rate.empty?
         end
 
         (config[:ephemeral] || []).each_with_index do |device_name, i|
@@ -616,12 +670,44 @@ class Chef
       end
 
       def wait_for_sshd(hostname)
-        config[:ssh_gateway] ? wait_for_tunnelled_sshd(hostname) : wait_for_direct_sshd(hostname, config[:ssh_port])
+        ssh_gateway = get_ssh_gateway_for(hostname)
+        ssh_gateway ? wait_for_tunnelled_sshd(ssh_gateway, hostname) : wait_for_direct_sshd(hostname, config[:ssh_port])
+      end
+
+      def get_ssh_gateway_for(hostname)
+        if config[:ssh_gateway]
+          # The ssh_gateway specified in the knife config (if any) takes
+          # precedence over anything in the SSH configuration
+          Chef::Log.debug("Using ssh gateway #{config[:ssh_gateway]} from knife config")
+          config[:ssh_gateway]
+        else
+          # Next, check if the SSH configuration has a ProxyCommand
+          # directive for this host. If there is one, parse out the
+          # host from the proxy command
+          ssh_proxy = Net::SSH::Config.for(hostname)[:proxy]
+          if ssh_proxy.respond_to?(:command_line_template)
+            # ssh gateway_hostname nc %h %p
+            proxy_pattern = /ssh\s+(\S+)\s+nc/
+            matchdata = proxy_pattern.match(ssh_proxy.command_line_template)
+            if matchdata.nil?
+              Chef::Log.debug("Unable to determine ssh gateway for '#{hostname}' from ssh config template: #{ssh_proxy.command_line_template}")
+              nil
+            else
+              # Return hostname extracted from command line template
+              Chef::Log.debug("Using ssh gateway #{matchdata[1]} from ssh config")
+              matchdata[1]
+            end
+          else
+            # Return nil if we cannot find an ssh_gateway
+            Chef::Log.debug("No ssh gateway found, making a direct connection")
+            nil
+          end
+        end
       end
 
-      def wait_for_tunnelled_sshd(hostname)
+      def wait_for_tunnelled_sshd(ssh_gateway, hostname)
         initial = true
-        print(".") until tunnel_test_ssh(hostname) {
+        print(".") until tunnel_test_ssh(ssh_gateway, hostname) {
           if initial
             initial = false
             sleep (vpc_mode? ? 40 : 10)
@@ -632,11 +718,9 @@ class Chef
         }
       end
 
-      def tunnel_test_ssh(hostname, &block)
-        gw_host, gw_user = config[:ssh_gateway].split('@').reverse
-        gw_host, gw_port = gw_host.split(':')
-        gateway = Net::SSH::Gateway.new(gw_host, gw_user, :port => gw_port || 22)
+      def tunnel_test_ssh(ssh_gateway, hostname, &block)
         status = false
+        gateway = configure_ssh_gateway(ssh_gateway)
         gateway.open(hostname, config[:ssh_port]) do |local_tunnel_port|
           status = tcp_test_ssh('localhost', local_tunnel_port, &block)
         end
@@ -648,6 +732,33 @@ class Chef
         false
       end
 
+      def configure_ssh_gateway(ssh_gateway)
+        gw_host, gw_user = ssh_gateway.split('@').reverse
+        gw_host, gw_port = gw_host.split(':')
+        gateway_options = { :port => gw_port || 22 }
+
+        # Load the SSH config for the SSH gateway host.
+        # Set the gateway user if it was not part of the
+        # SSH gateway string, and use any configured
+        # SSH keys.
+        ssh_gateway_config = Net::SSH::Config.for(gw_host)
+        gw_user ||= ssh_gateway_config[:user]
+
+        # Always use the gateway keys from the SSH Config
+        gateway_keys = ssh_gateway_config[:keys]        
+
+        # Use the keys specificed on the command line if available (overrides SSH Config)
+        if config[:ssh_gateway_identity]
+          gateway_keys = Array(locate_config_value(:ssh_gateway_identity))
+        end
+
+        unless gateway_keys.nil?
+          gateway_options[:keys] = gateway_keys
+        end
+
+        Net::SSH::Gateway.new(gw_host, gw_user, gateway_options)
+      end
+
       def wait_for_direct_sshd(hostname, ssh_port)
         initial = true
         print(".") until tcp_test_ssh(hostname, ssh_port) {

data/lib/knife-ec2/version.rb

@@ -1,6 +1,6 @@
 module Knife
   module Ec2
-    VERSION = "0.8.0"
+    VERSION = "0.10.0.rc.0"
     MAJOR, MINOR, TINY = VERSION.split('.')
   end
 end

data/spec/unit/ec2_server_create_spec.rb

@@ -17,6 +17,9 @@
 #
 
 require File.expand_path('../../spec_helper', __FILE__)
+require 'net/ssh/proxy/http'
+require 'net/ssh/proxy/command'
+require 'net/ssh/gateway'
 require 'fog'
 require 'chef/knife/bootstrap'
 require 'chef/knife/bootstrap_windows_winrm'
@@ -399,12 +402,12 @@ describe Chef::Knife::Ec2ServerCreate do
     end
 
     it "configures the bootstrap to use prerelease versions of chef if specified" do
-      @bootstrap.config[:prerelease].should be_false
+      @bootstrap.config[:prerelease].should be_falsey
 
       @knife_ec2_create.config[:prerelease] = true
 
       bootstrap = @knife_ec2_create.bootstrap_for_linux_node(@new_ec2_server, @new_ec2_server.dns_name)
-      bootstrap.config[:prerelease].should be_true
+      bootstrap.config[:prerelease].should == true
     end
 
     it "configures the bootstrap to use the desired distro-specific bootstrap script" do
@@ -412,7 +415,7 @@ describe Chef::Knife::Ec2ServerCreate do
     end
 
     it "configures the bootstrap to use sudo" do
-      @bootstrap.config[:use_sudo].should be_true
+      @bootstrap.config[:use_sudo].should == true
     end
 
     it "configured the bootstrap to use the desired template" do
@@ -486,12 +489,23 @@ describe Chef::Knife::Ec2ServerCreate do
     it "configures sets the bootstrap's run_list" do
       @bootstrap.config[:run_list].should == ['role[base]']
     end
+
+    it "configures auth_timeout for bootstrap to default to 25 minutes" do
+      expect(@knife_ec2_create.options[:auth_timeout][:default]).to eq(25)
+    end
+
+    it "configures auth_timeout for bootstrap according to plugin auth_timeout config" do
+      @knife_ec2_create.config[:auth_timeout] = 5
+      bootstrap = @knife_ec2_create.bootstrap_for_windows_node(@new_ec2_server, @new_ec2_server.dns_name)
+      expect(bootstrap.config[:auth_timeout]).to eq(5)
+    end
  end
 
   describe "when validating the command-line parameters" do
     before do
       Fog::Compute::AWS.stub(:new).and_return(@ec2_connection)
       @knife_ec2_create.ui.stub(:error)
+      @knife_ec2_create.ui.stub(:msg)
     end
 
     describe "when reading aws_credential_file" do 
@@ -548,6 +562,34 @@ describe Chef::Knife::Ec2ServerCreate do
 
       lambda { @knife_ec2_create.validate! }.should raise_error SystemExit
     end
+
+    it "disallows ebs provisioned iops option when not using ebs volume type" do
+      @knife_ec2_create.config[:ebs_provisioned_iops] = "123"
+      @knife_ec2_create.config[:ebs_volume_type] = nil
+
+      lambda { @knife_ec2_create.validate! }.should raise_error SystemExit
+    end
+
+    it "disallows ebs provisioned iops option when not using ebs volume type 'io1'" do
+      @knife_ec2_create.config[:ebs_provisioned_iops] = "123"
+      @knife_ec2_create.config[:ebs_volume_type] = "standard"
+
+      lambda { @knife_ec2_create.validate! }.should raise_error SystemExit
+    end
+
+    it "disallows ebs volume type if its other than 'io1' or 'gp2' or 'standard'" do
+      @knife_ec2_create.config[:ebs_provisioned_iops] = "123"
+      @knife_ec2_create.config[:ebs_volume_type] = 'invalid'
+
+      lambda { @knife_ec2_create.validate! }.should raise_error SystemExit
+    end
+
+    it "disallows 'io1' ebs volume type when not using ebs provisioned iops" do
+      @knife_ec2_create.config[:ebs_provisioned_iops] = nil
+      @knife_ec2_create.config[:ebs_volume_type] = 'io1'
+
+      lambda { @knife_ec2_create.validate! }.should raise_error SystemExit
+    end
   end
 
   describe "when creating the server definition" do
@@ -662,6 +704,108 @@ describe Chef::Knife::Ec2ServerCreate do
       server_def[:subnet_id].should == 'subnet-1a2b3c4d'
       server_def[:associate_public_ip].should == true
     end
+
+    context "when using ebs volume type and ebs provisioned iops rate options" do
+      before do
+        @knife_ec2_create.stub_chain(:ami, :root_device_type).and_return("ebs")
+        @knife_ec2_create.stub_chain(:ami, :block_device_mapping).and_return([{"iops" => 123}])
+        @knife_ec2_create.stub(:msg)
+        @knife_ec2_create.stub(:puts)
+      end
+
+      it "sets the specified 'standard' ebs volume type" do
+        @knife_ec2_create.config[:ebs_volume_type] = 'standard'
+        server_def = @knife_ec2_create.create_server_def
+
+        server_def[:block_device_mapping].first['Ebs.VolumeType'].should == 'standard'
+      end
+
+      it "sets the specified 'io1' ebs volume type" do
+        @knife_ec2_create.config[:ebs_volume_type] = 'io1'
+        server_def = @knife_ec2_create.create_server_def
+
+        server_def[:block_device_mapping].first['Ebs.VolumeType'].should == 'io1'
+      end
+
+      it "sets the specified 'gp2' ebs volume type" do
+        @knife_ec2_create.config[:ebs_volume_type] = 'gp2'
+        server_def = @knife_ec2_create.create_server_def
+
+        server_def[:block_device_mapping].first['Ebs.VolumeType'].should == 'gp2'
+      end
+
+      it "sets the specified ebs provisioned iops rate" do
+        @knife_ec2_create.config[:ebs_provisioned_iops] = '1234'
+        @knife_ec2_create.config[:ebs_volume_type] = 'io1'
+        server_def = @knife_ec2_create.create_server_def
+
+        server_def[:block_device_mapping].first['Ebs.Iops'].should == '1234'
+      end
+
+      it "disallows non integer ebs provisioned iops rate" do
+        @knife_ec2_create.config[:ebs_provisioned_iops] = "123abcd"
+
+        lambda { @knife_ec2_create.create_server_def }.should raise_error SystemExit
+      end
+
+      it "sets the iops rate from ami" do
+        @knife_ec2_create.config[:ebs_volume_type] = 'io1'
+        server_def = @knife_ec2_create.create_server_def
+
+        server_def[:block_device_mapping].first['Ebs.Iops'].should == '123'
+      end
+    end
+  end
+
+  describe "wait_for_sshd" do
+    let(:gateway) { 'test.gateway.com' }
+    let(:hostname) { 'test.host.com' }
+
+    it "should wait for tunnelled ssh if a ssh gateway is provided" do
+      @knife_ec2_create.stub(:get_ssh_gateway_for).and_return(gateway)
+      @knife_ec2_create.should_receive(:wait_for_tunnelled_sshd).with(gateway, hostname)
+      @knife_ec2_create.wait_for_sshd(hostname)
+    end
+
+    it "should wait for direct ssh if a ssh gateway is not provided" do
+      @knife_ec2_create.stub(:get_ssh_gateway_for).and_return(nil)
+      @knife_ec2_create.config[:ssh_port] = 22
+      @knife_ec2_create.should_receive(:wait_for_direct_sshd).with(hostname, 22)
+      @knife_ec2_create.wait_for_sshd(hostname)
+    end
+  end
+
+  describe "get_ssh_gateway_for" do
+    let(:gateway) { 'test.gateway.com' }
+    let(:hostname) { 'test.host.com' }
+
+    it "should give precedence to the ssh gateway specified in the knife configuration" do
+      Net::SSH::Config.stub(:for).and_return(:proxy => Net::SSH::Proxy::Command.new("ssh some.other.gateway.com nc %h %p"))
+      @knife_ec2_create.config[:ssh_gateway] = gateway
+      @knife_ec2_create.get_ssh_gateway_for(hostname).should == gateway
+    end
+
+    it "should return the ssh gateway specified in the ssh configuration even if the config option is not set" do
+      # This should already be false, but test this explicitly for regression
+      @knife_ec2_create.config[:ssh_gateway] = false
+      Net::SSH::Config.stub(:for).and_return(:proxy => Net::SSH::Proxy::Command.new("ssh #{gateway} nc %h %p"))
+      @knife_ec2_create.get_ssh_gateway_for(hostname).should == gateway
+    end
+
+    it "should return nil if the ssh gateway cannot be parsed from the ssh proxy command" do
+      Net::SSH::Config.stub(:for).and_return(:proxy => Net::SSH::Proxy::Command.new("cannot parse host"))
+      @knife_ec2_create.get_ssh_gateway_for(hostname).should be_nil
+    end
+
+    it "should return nil if the ssh proxy is not a proxy command" do
+      Net::SSH::Config.stub(:for).and_return(:proxy => Net::SSH::Proxy::HTTP.new("httphost.com"))
+      @knife_ec2_create.get_ssh_gateway_for(hostname).should be_nil
+    end
+
+    it "returns nil if the ssh config has no proxy" do
+      Net::SSH::Config.stub(:for).and_return(:user => "darius")
+      @knife_ec2_create.get_ssh_gateway_for(hostname).should be_nil
+    end
   end
 
   describe "ssh_connect_host" do
@@ -695,6 +839,73 @@ describe Chef::Knife::Ec2ServerCreate do
     end
   end
 
+  describe "tunnel_test_ssh" do
+    let(:gateway_host) { 'test.gateway.com' }
+    let(:gateway) { double('gateway') }
+    let(:hostname) { 'test.host.com' }
+    let(:local_port) { 23 }
+
+    before(:each) do
+      @knife_ec2_create.stub(:configure_ssh_gateway).and_return(gateway)
+    end
+
+    it "should test ssh through a gateway" do
+      @knife_ec2_create.config[:ssh_port] = 22
+      gateway.should_receive(:open).with(hostname, 22).and_yield(local_port)
+      @knife_ec2_create.should_receive(:tcp_test_ssh).with('localhost', local_port).and_return(true)
+      @knife_ec2_create.tunnel_test_ssh(gateway_host, hostname).should == true
+    end
+  end
+
+  describe "configure_ssh_gateway" do
+    let(:gateway_host) { 'test.gateway.com' }
+    let(:gateway_user) { 'gateway_user' }
+
+    it "configures a ssh gateway with no user and the default port when the SSH Config is empty" do
+      Net::SSH::Config.stub(:for).and_return({})
+      Net::SSH::Gateway.should_receive(:new).with(gateway_host, nil, :port => 22)
+      @knife_ec2_create.configure_ssh_gateway(gateway_host)
+    end
+
+    it "configures a ssh gateway with the user specified in the SSH Config" do
+      Net::SSH::Config.stub(:for).and_return({ :user => gateway_user })
+      Net::SSH::Gateway.should_receive(:new).with(gateway_host, gateway_user, :port => 22)
+      @knife_ec2_create.configure_ssh_gateway(gateway_host)
+    end
+
+    it "configures a ssh gateway with the user specified in the ssh gateway string" do
+      Net::SSH::Config.stub(:for).and_return({ :user => gateway_user })
+      Net::SSH::Gateway.should_receive(:new).with(gateway_host, 'override_user', :port => 22)
+      @knife_ec2_create.configure_ssh_gateway("override_user@#{gateway_host}")
+    end
+
+    it "configures a ssh gateway with the port specified in the ssh gateway string" do
+      Net::SSH::Config.stub(:for).and_return({})
+      Net::SSH::Gateway.should_receive(:new).with(gateway_host, nil, :port => '24')
+      @knife_ec2_create.configure_ssh_gateway("#{gateway_host}:24")
+    end
+
+    it "configures a ssh gateway with the keys specified in the SSH Config" do
+      Net::SSH::Config.stub(:for).and_return({ :keys => ['configuredkey'] })
+      Net::SSH::Gateway.should_receive(:new).with(gateway_host, nil, :port => 22, :keys => ['configuredkey'])
+      @knife_ec2_create.configure_ssh_gateway(gateway_host)
+    end
+
+    it "configures the ssh gateway with the key specified on the knife config / command line" do
+      @knife_ec2_create.config[:ssh_gateway_identity] = "/home/fireman/.ssh/gateway.pem"
+      #Net::SSH::Config.stub(:for).and_return({ :keys => ['configuredkey'] })
+      Net::SSH::Gateway.should_receive(:new).with(gateway_host, nil, :port => 22, :keys => ['/home/fireman/.ssh/gateway.pem'])
+      @knife_ec2_create.configure_ssh_gateway(gateway_host)
+    end
+
+    it "prefers the knife config over the ssh config for the gateway keys" do
+      @knife_ec2_create.config[:ssh_gateway_identity] = "/home/fireman/.ssh/gateway.pem"
+      Net::SSH::Config.stub(:for).and_return({ :keys => ['not_this_key_dude'] })
+      Net::SSH::Gateway.should_receive(:new).with(gateway_host, nil, :port => 22, :keys => ['/home/fireman/.ssh/gateway.pem'])
+      @knife_ec2_create.configure_ssh_gateway(gateway_host)
+    end
+  end
+
   describe "tcp_test_ssh" do
     # Normally we would only get the header after we send a client header, e.g. 'SSH-2.0-client'
     it "should return true if we get an ssh header" do
@@ -709,14 +920,14 @@ describe Chef::Knife::Ec2ServerCreate do
       @knife_ec2_create = Chef::Knife::Ec2ServerCreate.new
       TCPSocket.stub(:new).and_return(StringIO.new(""))
       IO.stub(:select).and_return(true)
-      @knife_ec2_create.tcp_test_ssh("blackhole.ninja", 22).should be_false
+      @knife_ec2_create.tcp_test_ssh("blackhole.ninja", 22).should be_falsey
     end
 
     it "should return false if the socket isn't ready" do
       @knife_ec2_create = Chef::Knife::Ec2ServerCreate.new
       TCPSocket.stub(:new)
       IO.stub(:select).and_return(false)
-      @knife_ec2_create.tcp_test_ssh("blackhole.ninja", 22).should be_false
+      @knife_ec2_create.tcp_test_ssh("blackhole.ninja", 22).should be_falsey
     end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: knife-ec2
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.10.0.rc.0
 platform: ruby
 authors:
 - Adam Jacob
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-03-10 00:00:00.000000000 Z
+date: 2014-09-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fog
@@ -17,28 +17,28 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 1.20.0
+        version: 1.23.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 1.20.0
+        version: 1.23.0
 - !ruby/object:Gem::Dependency
   name: knife-windows
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - '='
       - !ruby/object:Gem::Version
-        version: 0.5.12
+        version: 0.8.0.rc.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - '='
       - !ruby/object:Gem::Version
-        version: 0.5.12
+        version: 0.8.0.rc.0
 - !ruby/object:Gem::Dependency
   name: mixlib-config
   requirement: !ruby/object:Gem::Requirement
@@ -121,10 +121,12 @@ files:
 - .travis.yml
 - CHANGELOG.md
 - CONTRIBUTING.md
+- CONTRIBUTIONS.md
 - DOC_CHANGES.md
 - Gemfile
 - LICENSE
 - README.md
+- RELEASE_NOTES.md
 - Rakefile
 - knife-ec2.gemspec
 - lib/chef/knife/ec2_base.rb
@@ -139,7 +141,7 @@ files:
 - spec/unit/ec2_server_delete_spec.rb
 homepage: https://github.com/opscode/knife-ec2
 licenses:
-- Apache 2.0
+- Apache-2.0
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -152,9 +154,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ! '>'
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.1.11