knife-ec2 0.11.0.rc.0 → 0.11.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b9614eea778e1b96eac6b905998953099a1e117e
4
- data.tar.gz: 05fbdb2db4d97a775228b2b16cab1dd283408413
3
+ metadata.gz: 75bf2719d93fe8ea9a23838a6c3a92abc4375c87
4
+ data.tar.gz: 7a8cdeb7c6bfcc590423ec6e03ee884b4f63a4a7
5
5
  SHA512:
6
- metadata.gz: d51710f175d77d528c12720bc1b3251f95f28c8b4f47292bfa66dc735b1b6f5c051532d4b50577dbe1566e91f5e7002fdfc005c9bc57f9b45e98f71be589d85b
7
- data.tar.gz: fb3c50cb5f6832cc8bb9cbbd22b163ee89d5664c236a860ce05a0e446f13df8c569a9ae57f649af855ed8d26e5d5cd997ed421fc3c19c9f7214ccbb02e26fb54
6
+ metadata.gz: 01625b07776e0684ec359140a62d513d5bc4df03754a0ef09f23133efb9ee2a2b5bfa52cabc53c4af07b121f4ed43e5a0fd1bdddde4ff9abfc93fe51e65b34e4
7
+ data.tar.gz: 2e2ea55c71a4989cf3a31da873723372d0d4370801e984f102ddc99536c9b45bcc9a6018955f4f3e701c13a4872f8abaee5c9659685d1a28415ae1af402e1052
data/.gitignore CHANGED
@@ -34,4 +34,8 @@ Icon?
34
34
  *.swo
35
35
 
36
36
  Gemfile.lock
37
+ Guardfile
37
38
  .rspec
39
+
40
+ .rvmrc
41
+ .rbenv-gemsets
@@ -1,4 +1,8 @@
1
+ language: ruby
2
+ sudo: false
3
+
1
4
  rvm:
2
- - 1.9.3
3
5
  - 2.0.0
6
+ - 2.1
7
+ - 2.2
4
8
  script: bundle exec rspec --color --format progress
@@ -4,7 +4,8 @@ Note: this log contains only changes from knife-ec2 release 0.8.0 and later
4
4
  -- it does not contain the changes from prior releases. To view change history
5
5
  prior to release 0.8.0, please visit the [source repository](https://github.com/opscode/knife-ec2/commits).
6
6
 
7
- ## Latest release: 0.11.0 (2015-05-21)
7
+ ## Latest release: 0.11.0 (2015-08-24)
8
+ * [knife-ec2:#330](https://github.com/chef/knife-ec2/pull/330) Modification for attribute precedence issue
8
9
  * [knife-ec2:#293](https://github.com/chef/knife-ec2/pull/293) s3_source: Lazy load fog library
9
10
  * [knife-ec2:#284](https://github.com/chef/knife-ec2/pull/284) Enable Spot Pricing
10
11
  * [knife-ec2:#280](https://github.com/chef/knife-ec2/pull/280) Support for EBS volume encryption in knife-ec2 server create options
@@ -12,6 +13,7 @@ prior to release 0.8.0, please visit the [source repository](https://github.com/
12
13
  * [knife-ec2:#268](https://github.com/chef/knife-ec2/pull/268) Updated gemspec to use fog v1.25
13
14
  * [knife-ec2:#265](https://github.com/chef/knife-ec2/pull/265) showing error message for incorrect option input
14
15
  * [knife-ec2:#261](https://github.com/chef/knife-ec2/pull/261) Remove 'em-winrm' gem dependency
16
+ * [KNIFE-464](https://tickets.opscode.com/browse/KNIFE-464) Support EC2 STS, i.e. AWS Federation tokens for authentication
15
17
 
16
18
  ## Release: 0.10.0.rc.1 (2014-10-08)
17
19
  * [Issue:#237](https://github.com/opscode/knife-ec2/issues/237) Provide a way to the validation key and data bag secret from S3
@@ -23,7 +25,6 @@ prior to release 0.8.0, please visit the [source repository](https://github.com/
23
25
  * [KNIFE-422](https://tickets.opscode.com/browse/KNIFE-422) Knife ec2 server create doesn't respect identity file of gateway server from ssh\_config
24
26
 
25
27
  ## Release: 0.8.0 (2014-03-10)
26
-
27
28
  * [KNIFE-458](https://tickets.opscode.com/browse/KNIFE-458) Docs: Increase detail about necessary
28
29
  options for VPC instance creation
29
30
  * [KNIFE-456](https://tickets.opscode.com/browse/KNIFE-456) Documentation for :aws\_credential\_file difficult to read
@@ -37,19 +37,32 @@ a data bag secret file -- this option can be used in place of the
37
37
  This option allows the validation key to be specified as a URL. It takes a URL
38
38
  as an argument.
39
39
 
40
+ ## Option `--aws-session-token`
41
+ The option `--aws-session-token` was added for all knife-ec2 subcommands to
42
+ allow support for federation use cases utilizing EC2 STS tokens.
43
+
40
44
  ## SSH Gateway from SSH Config
41
45
  Any available SSH Gateway settings in your SSH configuration file are now used
42
46
  by default. This includes using any SSH keys specified for the target host.
43
47
  This allows simpler command-line usage of the knife plugin with less of a need
44
48
  for complex command line invocations.
45
49
 
46
- ## Pass separate SSH Gateway key
47
- You can pass an SSH key to be used for authenticating to the SSH Gateway with
48
- the --ssh-gateway-identity option.
49
-
50
50
  ## Support Spot Instances
51
51
  You can now request a spot instance at a specific price.
52
52
 
53
53
  ### Option `--spot-price`
54
54
  This option allows the maximum desired spot price to be specified. It takes a
55
55
  price in US dollars.
56
+
57
+ ## Pass separate SSH Gateway key
58
+ You can pass an SSH key to be used for authenticating to the SSH Gateway with
59
+ the --ssh-gateway-identity option.
60
+
61
+ ### options
62
+
63
+ ```
64
+ --aws-session-token
65
+ ```
66
+
67
+ Your AWS Session Token, for use with AWS STS Federation or Session Tokens.
68
+ This option is available for all subcommands.
data/README.md CHANGED
@@ -1,21 +1,29 @@
1
1
  Knife EC2
2
2
  =========
3
- [![Gem Version](https://badge.fury.io/rb/knife-ec2.png)](http://badge.fury.io/rb/knife-ec2)
4
- [![Build Status](https://travis-ci.org/opscode/knife-ec2.png?branch=master)](https://travis-ci.org/opscode/knife-ec2)
5
- [![Dependency Status](https://gemnasium.com/opscode/knife-ec2.png)](https://gemnasium.com/opscode/knife-ec2)
3
+ [![Gem Version](https://badge.fury.io/rb/knife-ec2.svg)](http://badge.fury.io/rb/knife-ec2)
4
+ [![Build Status](https://travis-ci.org/chef/knife-ec2.svg?branch=master)](https://travis-ci.org/chef/knife-ec2)
5
+ [![Dependency Status](https://gemnasium.com/chef/knife-ec2.svg)](https://gemnasium.com/chef/knife-ec2)
6
6
 
7
7
  This is the official Chef Knife plugin for EC2. This plugin gives knife the ability to create, bootstrap, and manage EC2 instances.
8
8
 
9
- * Documentation: <http://docs.opscode.com/plugin_knife_ec2.html>
10
- * Source: <http://github.com/opscode/knife-ec2/tree/master>
11
- * Tickets/Issues: <http://tickets.opscode.com/browse/KNIFE>
9
+ * Documentation: <http://docs.chef.io/plugin_knife_ec2.html>
10
+ * Source: <http://github.com/chef/knife-ec2/tree/master>
11
+ * Issues: <https://github.com/chef/knife-ec2/issues>
12
12
  * IRC: `#chef` and `#chef-hacking` on Freenode
13
- * Mailing list: <http://lists.opscode.com>
13
+ * Mailing list: <http://lists.chef.io>
14
14
 
15
15
  Note: Documentation needs to be updated in chef docs
16
16
 
17
17
  Installation
18
18
  ------------
19
+
20
+ If you're using [ChefDK](http://downloads.chef.io/chef-dk/), simply install the
21
+ Gem:
22
+
23
+ ```bash
24
+ chef gem install knife-ec2
25
+ ```
26
+
19
27
  If you're using bundler, simply add Chef and Knife EC2 to your `Gemfile`:
20
28
 
21
29
  ```ruby
@@ -48,6 +56,8 @@ If your `knife.rb` file will be checked into a SCM system (ie readable by others
48
56
  ```ruby
49
57
  knife[:aws_access_key_id] = ENV['AWS_ACCESS_KEY_ID']
50
58
  knife[:aws_secret_access_key] = ENV['AWS_SECRET_ACCESS_KEY']
59
+ # Optional if you're using Amazon's STS
60
+ knife[:aws_session_token] = ENV['AWS_SESSION_TOKEN']
51
61
  ```
52
62
 
53
63
  You also have the option of passing your AWS API Key/Secret into the individual knife subcommands using the `-A` (or `--aws-access-key-id`) `-K` (or `--aws-secret-access-key`) command options
@@ -82,7 +92,8 @@ Additionally the following options may be set in your `knife.rb`:
82
92
  - flavor
83
93
  - image
84
94
  - availability_zone
85
- - aws_ssh_key_id
95
+ - ssh_key_name
96
+ - aws_session_token
86
97
  - region
87
98
  - distro
88
99
  - template_file
@@ -108,15 +119,19 @@ knife-ec2 now includes the ability to retrieve the encrypted data bag secret and
108
119
  }
109
120
  ```
110
121
 
122
+ ### Supported URL format
123
+ - `http` or `https` based: 'http://provisioning.bucket.com/chef/my-validator.pem'
124
+ - `s3` based: 's3://chef/my-validator.pem'
125
+
111
126
  ### Use the following configuration options in `knife.rb` to set the source URLs:
112
127
  ```ruby
113
- knife[:validation_key_url] = 's3://provisioning.bucket.com/chef/my-validator.pem'
114
- knife[:s3_secret] = 's3://provisioning.bucket.com/chef/encrypted_data_bag_secret'
128
+ knife[:validation_key_url] = 'http://provisioning.bucket.com/chef/my-validator.pem'
129
+ knife[:s3_secret] = 'http://provisioning.bucket.com/chef/encrypted_data_bag_secret'
115
130
  ```
116
131
 
117
132
  ### Alternatively, URLs can be passed directly on the command line:
118
- - Validation Key: `--validation-key-url s3://provisioning.bucket.com/chef/my-validator.pem`
119
- - Encrypted Data Bag Secret: `--s3-secret s3://provisioning.bucket.com/chef/encrypted_data_bag_secret`
133
+ - Validation Key: `--validation-key-url s3://chef/my-validator.pem`
134
+ - Encrypted Data Bag Secret: `--s3-secret s3://chef/encrypted_data_bag_secret`
120
135
 
121
136
  Subcommands
122
137
  -----------
@@ -136,7 +151,7 @@ Provisions a new server in the Amazon EC2 and then perform a Chef bootstrap
136
151
  # `--spot-price` option lets you specify the spot pricing
137
152
  knife ec2 server create -I ami-173d747e -G windows -f m1.medium --user-data ~/your-user-data-file -x '.\a_local_user' -P 'yourpassword' --ssh-key your-public-key-id --spot-price price-in-USD
138
153
 
139
- View additional information on configuring Windows images for bootstrap in the documentation for [knife-windows](http://docs.opscode.com/plugin_knife_windows.html).
154
+ View additional information on configuring Windows images for bootstrap in the documentation for [knife-windows](http://docs.chef.io/plugin_knife_windows.html).
140
155
 
141
156
  #### `knife ec2 server delete`
142
157
  Deletes an existing server in the currently configured AWS account. **By default, this does not delete the associated node and client objects from the Chef server. To do so, add the `--purge` flag**
@@ -146,10 +161,10 @@ Outputs a list of all servers in the currently configured AWS account. **Note, t
146
161
 
147
162
  License and Authors
148
163
  -------------------
149
- - Author:: Adam Jacob (<adam@getchef.com>)
164
+ - Author:: Adam Jacob (<adam@chef.io>)
150
165
 
151
166
  ```text
152
- Copyright 2009-2014 Opscode, Inc.
167
+ Copyright 2009-2015 Chef Software, Inc.
153
168
 
154
169
  Licensed under the Apache License, Version 2.0 (the "License");
155
170
  you may not use this file except in compliance with the License.
@@ -32,7 +32,7 @@ https://github.com/opscode/knife-ec2
32
32
 
33
33
  ## Issues fixed in knife-ec2 0.11.0
34
34
 
35
- * Update `fog` gem dependency to `fog v1.25`
35
+ * Update `fog` gem dependency to `fog v1.29`
36
36
  * Remove 'em-winrm' gem dependency
37
37
  * [knife-ec2:#273](https://github.com/chef/knife-ec2/pull/273) Remove -s option for data bag secret and subnets
38
38
  * [knife-ec2:#265](https://github.com/chef/knife-ec2/pull/265) showing error message for incorrect option input
data/Rakefile CHANGED
@@ -30,15 +30,15 @@ begin
30
30
  require 'rdoc/task'
31
31
 
32
32
  RDoc::Task.new do |rdoc|
33
- rdoc.title = "Chef Ruby API Documentation"
34
- rdoc.main = "README.rdoc"
33
+ rdoc.title = 'Chef Ruby API Documentation'
34
+ rdoc.main = 'README.rdoc'
35
35
  rdoc.options << '--fmt' << 'shtml' # explictly set shtml generator
36
36
  rdoc.template = 'direct' # lighter template
37
- rdoc.rdoc_files.include("README.rdoc", "LICENSE", "spec/tiny_server.rb", "lib/**/*.rb")
38
- rdoc.rdoc_dir = "rdoc"
37
+ rdoc.rdoc_files.include('README.rdoc', 'LICENSE', 'spec/tiny_server.rb', 'lib/**/*.rb')
38
+ rdoc.rdoc_dir = 'rdoc'
39
39
  end
40
40
  rescue LoadError
41
- puts "sdoc is not available. (sudo) gem install sdoc to generate rdoc documentation."
41
+ puts 'sdoc is not available. (sudo) gem install sdoc to generate rdoc documentation.'
42
42
  end
43
43
 
44
44
  begin
@@ -46,7 +46,7 @@ begin
46
46
 
47
47
  task :default => :spec
48
48
 
49
- desc "Run all specs in spec directory"
49
+ desc 'Run all specs in spec directory'
50
50
  RSpec::Core::RakeTask.new(:spec) do |t|
51
51
  t.pattern = 'spec/unit/**/*_spec.rb'
52
52
  end
@@ -54,4 +54,3 @@ begin
54
54
  rescue LoadError
55
55
  STDERR.puts "\n*** RSpec not available. (sudo) gem install rspec to run unit tests. ***\n\n"
56
56
  end
57
-
@@ -1,5 +1,5 @@
1
1
  # -*- encoding: utf-8 -*-
2
- $:.push File.expand_path('../lib', __FILE__)
2
+ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
3
3
  require 'knife-ec2/version'
4
4
 
5
5
  Gem::Specification.new do |s|
@@ -8,23 +8,21 @@ Gem::Specification.new do |s|
8
8
  s.authors = ['Adam Jacob', 'Seth Chisamore']
9
9
  s.email = ['adam@opscode.com', 'schisamo@opscode.com']
10
10
  s.homepage = 'https://github.com/opscode/knife-ec2'
11
- s.summary = %q{EC2 Support for Chef's Knife Command}
11
+ s.summary = "EC2 Support for Chef's Knife Command"
12
12
  s.description = s.summary
13
13
  s.license = 'Apache-2.0'
14
14
 
15
15
  s.files = `git ls-files`.split("\n")
16
16
  s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
17
- s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
17
+ s.executables = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
18
18
 
19
- s.add_dependency 'fog', '~> 1.25.0'
19
+ s.add_dependency 'fog', '~> 1.29.0'
20
20
  s.add_dependency 'knife-windows', '>= 0.8.2'
21
21
 
22
- s.add_development_dependency 'mixlib-config', '~> 2.0'
23
- s.add_development_dependency 'chef', '>= 11.16.2', '< 12'
24
- s.add_development_dependency 'rspec', '~> 2.14'
25
- s.add_development_dependency 'rake', '~> 10.1'
26
- s.add_development_dependency 'sdoc', '~> 0.3'
22
+ s.add_development_dependency 'chef', '~> 12.0', '>= 12.2.1'
23
+ s.add_development_dependency 'rspec', '~> 3.0'
24
+ s.add_development_dependency 'rake', '~> 10.1'
25
+ s.add_development_dependency 'sdoc', '~> 0.3'
27
26
 
28
27
  s.require_paths = ['lib']
29
28
  end
30
-
@@ -51,6 +51,11 @@ class Chef
51
51
  :description => "Your AWS API Secret Access Key",
52
52
  :proc => Proc.new { |key| Chef::Config[:knife][:aws_secret_access_key] = key }
53
53
 
54
+ option :aws_session_token,
55
+ :long => "--aws-session-token TOKEN",
56
+ :description => "Your AWS Session Token, for use with AWS STS Federation or Session Tokens",
57
+ :proc => Proc.new { |key| Chef::Config[:knife][:aws_session_token] = key }
58
+
54
59
  option :region,
55
60
  :long => "--region REGION",
56
61
  :description => "Your AWS region",
@@ -75,6 +80,7 @@ class Chef
75
80
  else
76
81
  connection_settings[:aws_access_key_id] = locate_config_value(:aws_access_key_id)
77
82
  connection_settings[:aws_secret_access_key] = locate_config_value(:aws_secret_access_key)
83
+ connection_settings[:aws_session_token] = locate_config_value(:aws_session_token)
78
84
  end
79
85
  @connection ||= begin
80
86
  connection = Fog::Compute.new(connection_settings)
@@ -105,7 +105,7 @@ class Chef
105
105
  :short => "-S KEY",
106
106
  :long => "--ssh-key KEY",
107
107
  :description => "The AWS SSH key id",
108
- :proc => Proc.new { |key| Chef::Config[:knife][:aws_ssh_key_id] = key }
108
+ :proc => Proc.new { |key| Chef::Config[:knife][:ssh_key_name] = key }
109
109
 
110
110
  option :ssh_user,
111
111
  :short => "-x USERNAME",
@@ -158,15 +158,23 @@ class Chef
158
158
  option :distro,
159
159
  :short => "-d DISTRO",
160
160
  :long => "--distro DISTRO",
161
- :description => "Bootstrap a distro using a template; default is 'chef-full'",
162
- :proc => Proc.new { |d| Chef::Config[:knife][:distro] = d },
163
- :default => "chef-full"
161
+ :description => "Bootstrap a distro using a template. [DEPRECATED] Use --bootstrap-template option instead.",
162
+ :proc => Proc.new { |v|
163
+ Chef::Log.warn("[DEPRECATED] -d / --distro option is deprecated. Use --bootstrap-template option instead.")
164
+ v
165
+ }
164
166
 
165
167
  option :template_file,
166
168
  :long => "--template-file TEMPLATE",
167
- :description => "Full path to location of template to use",
168
- :proc => Proc.new { |t| Chef::Config[:knife][:template_file] = t },
169
- :default => false
169
+ :description => "Full path to location of template to use. [DEPRECATED] Use -t / --bootstrap-template option instead.",
170
+ :proc => Proc.new { |v|
171
+ Chef::Log.warn("[DEPRECATED] --template-file option is deprecated. Use -t / --bootstrap-template option instead.")
172
+ v
173
+ }
174
+
175
+ option :bootstrap_template,
176
+ :long => "--bootstrap-template TEMPLATE",
177
+ :description => "Bootstrap Chef using a built-in or custom template. Set to the full path of an erb template or use one of the built-in templates."
170
178
 
171
179
  option :ebs_size,
172
180
  :long => "--ebs-size SIZE",
@@ -302,6 +310,81 @@ class Chef
302
310
  :description => "The maximum hourly USD price for the instance",
303
311
  :default => nil
304
312
 
313
+ option :spot_request_type,
314
+ :long => "--spot-request-type TYPE",
315
+ :description => "The Spot Instance request type. Possible values are 'one-time' and 'persistent', default value is 'one-time'",
316
+ :default => "one-time"
317
+
318
+ option :aws_connection_timeout,
319
+ :long => "--aws-connection-timeout MINUTES",
320
+ :description => "The maximum time in minutes to wait to for aws connection. Default is 10 min",
321
+ :proc => proc {|t| t = t.to_i * 60; Chef::Config[:aws_connection_timeout] = t},
322
+ :default => 600
323
+
324
+ option :node_ssl_verify_mode,
325
+ :long => "--node-ssl-verify-mode [peer|none]",
326
+ :description => "Whether or not to verify the SSL cert for all HTTPS requests.",
327
+ :proc => Proc.new { |v|
328
+ valid_values = ["none", "peer"]
329
+ unless valid_values.include?(v)
330
+ raise "Invalid value '#{v}' for --node-ssl-verify-mode. Valid values are: #{valid_values.join(", ")}"
331
+ end
332
+ }
333
+
334
+ option :node_verify_api_cert,
335
+ :long => "--[no-]node-verify-api-cert",
336
+ :description => "Verify the SSL cert for HTTPS requests to the Chef server API.",
337
+ :boolean => true
338
+
339
+ option :bootstrap_no_proxy,
340
+ :long => "--bootstrap-no-proxy [NO_PROXY_URL|NO_PROXY_IP]",
341
+ :description => "Do not proxy locations for the node being bootstrapped; this option is used internally by Opscode",
342
+ :proc => Proc.new { |np| Chef::Config[:knife][:bootstrap_no_proxy] = np }
343
+
344
+ option :bootstrap_url,
345
+ :long => "--bootstrap-url URL",
346
+ :description => "URL to a custom installation script",
347
+ :proc => Proc.new { |u| Chef::Config[:knife][:bootstrap_url] = u }
348
+
349
+ option :bootstrap_install_command,
350
+ :long => "--bootstrap-install-command COMMANDS",
351
+ :description => "Custom command to install chef-client",
352
+ :proc => Proc.new { |ic| Chef::Config[:knife][:bootstrap_install_command] = ic }
353
+
354
+ option :bootstrap_wget_options,
355
+ :long => "--bootstrap-wget-options OPTIONS",
356
+ :description => "Add options to wget when installing chef-client",
357
+ :proc => Proc.new { |wo| Chef::Config[:knife][:bootstrap_wget_options] = wo }
358
+
359
+ option :bootstrap_curl_options,
360
+ :long => "--bootstrap-curl-options OPTIONS",
361
+ :description => "Add options to curl when install chef-client",
362
+ :proc => Proc.new { |co| Chef::Config[:knife][:bootstrap_curl_options] = co }
363
+
364
+ option :bootstrap_vault_file,
365
+ :long => '--bootstrap-vault-file VAULT_FILE',
366
+ :description => 'A JSON file with a list of vault(s) and item(s) to be updated'
367
+
368
+ option :bootstrap_vault_json,
369
+ :long => '--bootstrap-vault-json VAULT_JSON',
370
+ :description => 'A JSON string with the vault(s) and item(s) to be updated'
371
+
372
+ option :bootstrap_vault_item,
373
+ :long => '--bootstrap-vault-item VAULT_ITEM',
374
+ :description => 'A single vault and item to update as "vault:item"',
375
+ :proc => Proc.new { |i|
376
+ (vault, item) = i.split(/:/)
377
+ Chef::Config[:knife][:bootstrap_vault_item] ||= {}
378
+ Chef::Config[:knife][:bootstrap_vault_item][vault] ||= []
379
+ Chef::Config[:knife][:bootstrap_vault_item][vault].push(item)
380
+ Chef::Config[:knife][:bootstrap_vault_item]
381
+ }
382
+
383
+ option :use_sudo_password,
384
+ :long => "--use-sudo-password",
385
+ :description => "Execute the bootstrap via sudo with password",
386
+ :boolean => false
387
+
305
388
  def run
306
389
  $stdout.sync = true
307
390
 
@@ -317,6 +400,14 @@ class Chef
317
400
  msg_pair("Spot Request ID", spot_request.id)
318
401
  msg_pair("Spot Request Type", spot_request.request_type)
319
402
  msg_pair("Spot Price", spot_request.price)
403
+
404
+ wait_msg = "Do you want to wait for Spot Instance Request fulfillment? (Y/N) \n"
405
+ wait_msg += "Y - Wait for Spot Instance request fulfillment\n"
406
+ wait_msg += "N - Do not wait for Spot Instance request fulfillment. "
407
+ wait_msg += ui.color("[WARN :: Request would be alive on AWS ec2 side but execution of Chef Bootstrap on the target instance will get skipped.]\n", :red, :bold)
408
+ wait_msg += ui.color("\n[WARN :: For any of the above mentioned choices, (Y) - if the instance does not get allocated before the command itself times-out or (N) - user decides to exit, then in both cases user needs to manually bootstrap the instance in future after it gets allocated.]\n\n", :cyan, :bold)
409
+ confirm(wait_msg)
410
+
320
411
  print ui.color("Waiting for Spot Request fulfillment: ", :cyan)
321
412
  spot_request.wait_for do
322
413
  @spinner ||= %w{| / - \\}
@@ -365,7 +456,7 @@ class Chef
365
456
  print "\n#{ui.color("Waiting for EC2 to create the instance", :magenta)}"
366
457
 
367
458
  # wait for instance to come up before acting against it
368
- @server.wait_for { print "."; ready? }
459
+ @server.wait_for(locate_config_value(:aws_connection_timeout)) { print "."; ready? }
369
460
 
370
461
  puts("\n")
371
462
 
@@ -406,8 +497,6 @@ class Chef
406
497
  if is_image_windows?
407
498
  protocol = locate_config_value(:bootstrap_protocol)
408
499
  protocol ||= 'winrm'
409
- # Set distro to windows-chef-client-msi
410
- config[:distro] = "windows-chef-client-msi" if (config[:distro].nil? || config[:distro] == "chef-full")
411
500
  if protocol == 'winrm'
412
501
  load_winrm_deps
413
502
  print "\n#{ui.color("Waiting for winrm access to become available", :magenta)}"
@@ -495,6 +584,10 @@ class Chef
495
584
  msg_pair("JSON Attributes",config[:json_attributes]) unless !config[:json_attributes] || config[:json_attributes].empty?
496
585
  end
497
586
 
587
+ def default_bootstrap_template
588
+ is_image_windows? ? 'windows-chef-client-msi' : 'chef-full'
589
+ end
590
+
498
591
  def validation_key_path
499
592
  @validation_key_path ||= begin
500
593
  if URI(Chef::Config[:knife][:validation_key_url]).scheme == 'file'
@@ -536,8 +629,9 @@ class Chef
536
629
  def bootstrap_common_params(bootstrap)
537
630
  bootstrap.config[:run_list] = config[:run_list]
538
631
  bootstrap.config[:bootstrap_version] = locate_config_value(:bootstrap_version)
539
- bootstrap.config[:distro] = locate_config_value(:distro)
540
- bootstrap.config[:template_file] = locate_config_value(:template_file)
632
+ bootstrap.config[:distro] = locate_config_value(:distro) || default_bootstrap_template
633
+ # setting bootstrap_template value to template_file for backward compatibility
634
+ bootstrap.config[:template_file] = locate_config_value(:template_file) || locate_config_value(:bootstrap_template)
541
635
  bootstrap.config[:environment] = locate_config_value(:environment)
542
636
  bootstrap.config[:prerelease] = config[:prerelease]
543
637
  bootstrap.config[:first_boot_attributes] = locate_config_value(:json_attributes) || {}
@@ -545,6 +639,17 @@ class Chef
545
639
  bootstrap.config[:encrypted_data_bag_secret_file] = locate_config_value(:encrypted_data_bag_secret_file)
546
640
  bootstrap.config[:secret] = s3_secret || locate_config_value(:secret)
547
641
  bootstrap.config[:secret_file] = locate_config_value(:secret_file)
642
+ bootstrap.config[:node_ssl_verify_mode] = locate_config_value(:node_ssl_verify_mode)
643
+ bootstrap.config[:node_verify_api_cert] = locate_config_value(:node_verify_api_cert)
644
+ bootstrap.config[:bootstrap_no_proxy] = locate_config_value(:bootstrap_no_proxy)
645
+ bootstrap.config[:bootstrap_url] = locate_config_value(:bootstrap_url)
646
+ bootstrap.config[:bootstrap_install_command] = locate_config_value(:bootstrap_install_command)
647
+ bootstrap.config[:bootstrap_wget_options] = locate_config_value(:bootstrap_wget_options)
648
+ bootstrap.config[:bootstrap_curl_options] = locate_config_value(:bootstrap_curl_options)
649
+ bootstrap.config[:bootstrap_vault_file] = locate_config_value(:bootstrap_vault_file)
650
+ bootstrap.config[:bootstrap_vault_json] = locate_config_value(:bootstrap_vault_json)
651
+ bootstrap.config[:bootstrap_vault_item] = locate_config_value(:bootstrap_vault_item)
652
+ bootstrap.config[:use_sudo_password] = locate_config_value(:use_sudo_password)
548
653
  # Modify global configuration state to ensure hint gets set by
549
654
  # knife-bootstrap
550
655
  Chef::Config[:knife][:hints] ||= {}
@@ -593,6 +698,7 @@ class Chef
593
698
  bootstrap = Chef::Knife::Bootstrap.new
594
699
  bootstrap.name_args = [ssh_host]
595
700
  bootstrap.config[:ssh_user] = config[:ssh_user]
701
+ bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
596
702
  bootstrap.config[:ssh_port] = config[:ssh_port]
597
703
  bootstrap.config[:ssh_gateway] = config[:ssh_gateway]
598
704
  bootstrap.config[:identity_file] = config[:identity_file]
@@ -614,7 +720,13 @@ class Chef
614
720
  end
615
721
 
616
722
  def validate!
617
- super([:image, :aws_ssh_key_id, :aws_access_key_id, :aws_secret_access_key])
723
+ if Chef::Config[:knife].keys.include? :aws_ssh_key_id
724
+ Chef::Config[:knife][:ssh_key_name] = Chef::Config[:knife][:aws_ssh_key_id] if !Chef::Config[:knife][:ssh_key_name]
725
+ Chef::Config[:knife].delete(:aws_ssh_key_id)
726
+ ui.warn("Use of aws_ssh_key_id option in knife.rb config is deprecated, use ssh_key_name option instead.")
727
+ end
728
+
729
+ super([:image, :ssh_key_name, :aws_access_key_id, :aws_secret_access_key])
618
730
 
619
731
  if ami.nil?
620
732
  ui.error("You have not provided a valid image (AMI) value.")
@@ -675,17 +787,38 @@ class Chef
675
787
  ui.error("Invalid value type for knife[:security_group_ids] in knife configuration file (i.e knife.rb). Type should be array. e.g - knife[:security_group_ids] = ['sgroup1']")
676
788
  exit 1
677
789
  end
790
+ if locate_config_value(:ebs_encrypted)
791
+ error_message = ""
792
+ errors = []
793
+ # validation for flavor and ebs_encrypted
794
+ if !locate_config_value(:flavor)
795
+ ui.error("--ebs-encrypted option requires valid flavor to be specified.")
796
+ exit 1
797
+ elsif (locate_config_value(:ebs_encrypted) and ! %w(m3.medium m3.large m3.xlarge m3.2xlarge c4.large c4.xlarge
798
+ c4.2xlarge c4.4xlarge c4.8xlarge c3.large c3.xlarge c3.2xlarge
799
+ c3.4xlarge c3.8xlarge cr1.8xlarge r3.large r3.xlarge r3.2xlarge
800
+ r3.4xlarge r3.8xlarge i2.xlarge i2.2xlarge i2.4xlarge i2.8xlarge g2.2xlarge).include?(locate_config_value(:flavor)))
801
+ ui.error("--ebs-encrypted option is not supported for #{locate_config_value(:flavor)} flavor.")
802
+ exit 1
803
+ end
678
804
 
679
- if (locate_config_value(:ebs_encrypted) and !locate_config_value(:flavor))
680
- ui.error("--ebs_encrypted option requires valid flavor to be specified.")
681
- exit 1
682
- elsif (locate_config_value(:ebs_encrypted) and ! %w(m3.medium m3.large m3.xlarge m3.2xlarge c4.large c4.xlarge
683
- c4.2xlarge c4.4xlarge c4.8xlarge c3.large c3.xlarge c3.2xlarge
684
- c3.4xlarge c3.8xlarge cr1.8xlarge r3.large r3.xlarge r3.2xlarge
685
- r3.4xlarge r3.8xlarge i2.xlarge i2.2xlarge i2.4xlarge i2.8xlarge g2.2xlarge).include?(locate_config_value(:flavor)))
686
- ui.error("--ebs_encrypted option is not supported for #{locate_config_value(:flavor)} flavor.")
687
- exit 1
805
+ # validation for ebs_size and ebs_volume_type and ebs_encrypted
806
+ if !locate_config_value(:ebs_size)
807
+ errors << "--ebs-encrypted option requires valid --ebs-size to be specified."
808
+ elsif locate_config_value(:ebs_volume_type) == "gp2" and ! locate_config_value(:ebs_size).to_i.between?(1, 16384)
809
+ errors << "--ebs-size should be in between 1-16384 for 'gp2' ebs volume type."
810
+ elsif locate_config_value(:ebs_volume_type) == "io1" and ! locate_config_value(:ebs_size).to_i.between?(4, 16384)
811
+ errors << "--ebs-size should be in between 4-16384 for 'io1' ebs volume type."
812
+ elsif locate_config_value(:ebs_volume_type) == "standard" and ! locate_config_value(:ebs_size).to_i.between?(1, 1024)
813
+ errors << "--ebs-size should be in between 1-1024 for 'standard' ebs volume type."
814
+ end
815
+
816
+ if errors.each{|e| error_message = "#{error_message} #{e}"}.any?
817
+ ui.error(error_message)
818
+ exit 1
819
+ end
688
820
  end
821
+
689
822
  end
690
823
 
691
824
  def tags
@@ -711,9 +844,10 @@ class Chef
711
844
  :groups => config[:security_groups],
712
845
  :security_group_ids => locate_config_value(:security_group_ids),
713
846
  :flavor_id => locate_config_value(:flavor),
714
- :key_name => Chef::Config[:knife][:aws_ssh_key_id],
847
+ :key_name => locate_config_value(:ssh_key_name),
715
848
  :availability_zone => locate_config_value(:availability_zone),
716
- :price => locate_config_value(:spot_price)
849
+ :price => locate_config_value(:spot_price),
850
+ :request_type => locate_config_value(:spot_request_type)
717
851
  }
718
852
  server_def[:subnet_id] = locate_config_value(:subnet_id) if vpc_mode?
719
853
  server_def[:private_ip_address] = locate_config_value(:private_ip_address) if vpc_mode?
@@ -722,11 +856,11 @@ class Chef
722
856
  server_def[:tenancy] = "dedicated" if vpc_mode? and locate_config_value(:dedicated_instance)
723
857
  server_def[:associate_public_ip] = locate_config_value(:associate_public_ip) if vpc_mode? and config[:associate_public_ip]
724
858
 
725
- if Chef::Config[:knife][:aws_user_data]
859
+ if locate_config_value(:aws_user_data)
726
860
  begin
727
- server_def.merge!(:user_data => File.read(Chef::Config[:knife][:aws_user_data]))
861
+ server_def.merge!(:user_data => File.read(locate_config_value(:aws_user_data)))
728
862
  rescue
729
- ui.warn("Cannot read #{Chef::Config[:knife][:aws_user_data]}: #{$!.inspect}. Ignoring option.")
863
+ ui.warn("Cannot read #{locate_config_value(:aws_user_data)}: #{$!.inspect}. Ignoring option.")
730
864
  end
731
865
  end
732
866
 
@@ -912,7 +1046,7 @@ class Chef
912
1046
 
913
1047
  def associate_eip(elastic_ip)
914
1048
  connection.associate_address(server.id, elastic_ip.public_ip, nil, elastic_ip.allocation_id)
915
- @server.wait_for { public_ip_address == elastic_ip.public_ip }
1049
+ @server.wait_for(locate_config_value(:aws_connection_timeout)) { public_ip_address == elastic_ip.public_ip }
916
1050
  end
917
1051
 
918
1052
  def ssh_override_winrm