knife-server 0.3.3 → 1.0.0

data/lib/chef/knife/server_bootstrap_ec2.rb

@@ -22,61 +22,33 @@ class Chef
   class Knife
     class ServerBootstrapEc2 < Knife
 
+      banner "knife server bootstrap ec2 (options)"
+
       include Knife::ServerBootstrapBase
 
       deps do
         require 'knife/server/ssh'
         require 'knife/server/credentials'
         require 'knife/server/ec2_security_group'
-        require 'chef/knife/ec2_server_create'
-        require 'fog'
-        Chef::Knife::Ec2ServerCreate.load_deps
-      end
-
-      banner "knife server bootstrap ec2 (options)"
 
-      option :aws_access_key_id,
-        :short => "-A ID",
-        :long => "--aws-access-key-id KEY",
-        :description => "Your AWS Access Key ID",
-        :proc => Proc.new { |key| Chef::Config[:knife][:aws_access_key_id] = key }
-
-      option :aws_secret_access_key,
-        :short => "-K SECRET",
-        :long => "--aws-secret-access-key SECRET",
-        :description => "Your AWS API Secret Access Key",
-        :proc => Proc.new { |key| Chef::Config[:knife][:aws_secret_access_key] = key }
-      option :region,
-        :long => "--region REGION",
-        :description => "Your AWS region",
-        :default => "us-east-1",
-        :proc => Proc.new { |key| Chef::Config[:knife][:region] = key }
-
-      option :ssh_key_name,
-        :short => "-S KEY",
-        :long => "--ssh-key KEY",
-        :description => "The AWS SSH key id",
-        :proc => Proc.new { |key| Chef::Config[:knife][:aws_ssh_key_id] = key }
-
-      option :flavor,
-        :short => "-f FLAVOR",
-        :long => "--flavor FLAVOR",
-        :description => "The flavor of server (m1.small, m1.medium, etc)",
-        :proc => Proc.new { |f| Chef::Config[:knife][:flavor] = f },
-        :default => "m1.small"
-
-      option :image,
-        :short => "-I IMAGE",
-        :long => "--image IMAGE",
-        :description => "The AMI for the server",
-        :proc => Proc.new { |i| Chef::Config[:knife][:image] = i }
-
-      option :availability_zone,
-        :short => "-Z ZONE",
-        :long => "--availability-zone ZONE",
-        :description => "The Availability Zone",
-        :default => "us-east-1b",
-        :proc => Proc.new { |key| Chef::Config[:knife][:availability_zone] = key }
+        begin
+          require 'chef/knife/ec2_server_create'
+          require 'fog'
+          Chef::Knife::Ec2ServerCreate.load_deps
+
+          current_options = self.options
+          self.options = Chef::Knife::Ec2ServerCreate.options.dup
+          self.options.merge!(current_options)
+        rescue LoadError => ex
+          ui.error [
+            "Knife plugin knife-ec2 could not be loaded.",
+            "Please add the knife-ec2 gem to your Gemfile or",
+            "install the gem manually with `gem install knife-ec2'.",
+            "(#{ex.message})"
+          ].join(" ")
+          exit 1
+        end
+      end
 
       option :security_groups,
         :short => "-G X,Y,Z",
@@ -85,20 +57,6 @@ class Chef
         :default => ["infrastructure"],
         :proc => Proc.new { |groups| groups.split(',') }
 
-      option :tags,
-        :short => "-T T=V[,T=V,...]",
-        :long => "--tags Tag=Value[,Tag=Value...]",
-        :description => "The tags for this server",
-        :proc => Proc.new { |tags| tags.split(',') }
-
-      option :ebs_size,
-        :long => "--ebs-size SIZE",
-        :description => "The size of the EBS volume in GB, for EBS-backed instances"
-
-      option :ebs_no_delete_on_term,
-        :long => "--ebs-no-delete-on-term",
-        :description => "Do not delete EBS volumn on instance termination"
-
       def run
         validate!
         config_security_group
@@ -112,7 +70,9 @@ class Chef
         ENV['WEBUI_PASSWORD'] = config[:webui_password]
         ENV['AMQP_PASSWORD'] = config[:amqp_password]
         bootstrap = Chef::Knife::Ec2ServerCreate.new
-        bootstrap.config.merge!(config)
+        Chef::Knife::Ec2ServerCreate.options.keys.each do |attr|
+          bootstrap.config[attr] = config_val(attr)
+        end
         bootstrap.config[:tags] = bootstrap_tags
         bootstrap.config[:distro] = bootstrap_distro
         bootstrap
@@ -121,16 +81,16 @@ class Chef
       def ec2_connection
         @ec2_connection ||= Fog::Compute.new(
           :provider => 'AWS',
-          :aws_access_key_id => Chef::Config[:knife][:aws_access_key_id],
-          :aws_secret_access_key => Chef::Config[:knife][:aws_secret_access_key],
-          :region => Chef::Config[:knife][:region]
+          :aws_access_key_id => config_val(:aws_access_key_id),
+          :aws_secret_access_key => config_val(:aws_secret_access_key),
+          :region => config_val(:region)
         )
       end
 
       def server_dns_name
         server = ec2_connection.servers.find do |s|
           s.state == "running" &&
-            s.tags['Name'] == config[:chef_node_name] &&
+            s.tags['Name'] == config_val(:chef_node_name) &&
             s.tags['Role'] == 'chef_server'
         end
 
@@ -144,25 +104,37 @@ class Chef
           ui.error "You did not provide a valid --node-name value."
           exit 1
         end
+        if config_val(:platform) == "auto"
+          ui.error "Auto platform mode cannot be used with knife-ec2 plugin"
+          exit 1
+        end
       end
 
-      def config_security_group(name = config[:security_groups].first)
+      def config_security_group(name = nil)
+        name = config_val(:security_groups).first if name.nil?
+
         ::Knife::Server::Ec2SecurityGroup.new(ec2_connection, ui).
           configure_chef_server_group(name, :description => "#{name} group")
       end
 
       def bootstrap_tags
-        Hash[Array(config[:tags]).map { |t| t.split('=') }].
+        Hash[Array(config_val(:tags)).map { |t| t.split('=') }].
           merge({"Role" => "chef_server"}).map { |k,v| "#{k}=#{v}" }
       end
 
       def ssh_connection
-        ::Knife::Server::SSH.new(
+        opts = {
           :host => server_dns_name,
-          :user => config[:ssh_user],
-          :port => config[:ssh_port],
-          :keys => [config[:identity_file]]
-        )
+          :user => config_val(:ssh_user),
+          :port => config_val(:ssh_port),
+          :keys => [config_val(:identity_file)].compact
+        }
+        if config_val(:host_key_verify) == false
+          opts[:user_known_hosts_file] = "/dev/null"
+          opts[:paranoid] = false
+        end
+
+        ::Knife::Server::SSH.new(opts)
       end
     end
   end

data/lib/chef/knife/server_bootstrap_standalone.rb

@@ -22,6 +22,8 @@ class Chef
   class Knife
     class ServerBootstrapStandalone < Knife
 
+      banner "knife server bootstrap standalone (options)"
+
       include Knife::ServerBootstrapBase
 
       deps do
@@ -29,20 +31,17 @@ class Chef
         require 'knife/server/credentials'
         require 'chef/knife/bootstrap'
         Chef::Knife::Bootstrap.load_deps
-      end
 
-      banner "knife server bootstrap standalone (options)"
+        current_options = self.options
+        self.options = Chef::Knife::Bootstrap.options.dup
+        self.options.merge!(current_options)
+      end
 
       option :host,
         :short => "-H FQDN_OR_IP",
         :long => "--host FQDN_OR_IP",
         :description => "Hostname or IP address of host to bootstrap"
 
-      option :ssh_password,
-        :short => "-P PASSWORD",
-        :long => "--ssh-password PASSWORD",
-        :description => "The ssh password"
-
       def run
         validate!
         check_ssh_connection
@@ -57,10 +56,11 @@ class Chef
         ENV['AMQP_PASSWORD'] = config[:amqp_password]
         bootstrap = Chef::Knife::Bootstrap.new
         bootstrap.name_args = [ config[:host] ]
-        [ :chef_node_name, :ssh_user, :ssh_password, :ssh_port, :identity_file
-        ].each { |attr| bootstrap.config[attr] = config[attr] }
+        Chef::Knife::Bootstrap.options.keys.each do |attr|
+          bootstrap.config[attr] = config_val(attr)
+        end
         bootstrap.config[:distro] = bootstrap_distro
-        bootstrap.config[:use_sudo] = true unless config[:ssh_user] == "root"
+        bootstrap.config[:use_sudo] = true unless config_val(:ssh_user) == "root"
         bootstrap
       end
 
@@ -80,21 +80,27 @@ class Chef
       def check_ssh_connection
         ssh_connection.exec! "hostname -f"
       rescue Net::SSH::AuthenticationFailed
-        ui.warn("Failed to authenticate #{config[:ssh_user]} - " +
+        ui.warn("Failed to authenticate #{config_val(:ssh_user)} - " +
                 "trying password auth")
         config[:ssh_password] = ui.ask(
-          "Enter password for #{config[:ssh_user]}@#{config[:host]}: "
+          "Enter password for #{config_val(:ssh_user)}@#{config_val(:host)}: "
         ) { |q| q.echo = false }
       end
 
       def ssh_connection
-        ::Knife::Server::SSH.new(
-          :host => config[:host],
-          :user => config[:ssh_user],
-          :password => config[:ssh_password],
-          :port => config[:ssh_port],
-          :keys => [config[:identity_file]].compact
-        )
+        opts = {
+          :host => config_val(:host),
+          :user => config_val(:ssh_user),
+          :password => config_val(:ssh_password),
+          :port => config_val(:ssh_port),
+          :keys => [config_val(:identity_file)].compact
+        }
+        if config_val(:host_key_verify) == false
+          opts[:user_known_hosts_file] = "/dev/null"
+          opts[:paranoid] = false
+        end
+
+        ::Knife::Server::SSH.new(opts)
       end
     end
   end

data/lib/knife/server/credentials.rb

@@ -21,9 +21,10 @@ require 'fileutils'
 module Knife
   module Server
     class Credentials
-      def initialize(ssh, validation_key_path)
+      def initialize(ssh, validation_key_path, options = {})
         @ssh = ssh
         @validation_key_path = validation_key_path
+        @omnibus = options[:omnibus]
       end
 
       def install_validation_key(suffix = Time.now.to_i)
@@ -32,20 +33,39 @@ module Knife
                        backup_file_path(@validation_key_path, suffix))
         end
 
+        chef10_key = "/etc/chef/validation.pem"
+        omnibus_key = "/etc/chef-server/chef-validator.pem"
+
         File.open(@validation_key_path, "wb") do |f|
-          f.write(@ssh.exec!("cat /etc/chef/validation.pem"))
+          f.write(@ssh.exec!("cat #{omnibus? ? omnibus_key : chef10_key}"))
         end
       end
 
       def create_root_client
-        @ssh.exec!([
+        chef10_cmd = [
           "knife configure",
           "--initial",
           "--server-url http://127.0.0.1:4000",
           "--user root",
           '--repository ""',
           "--defaults --yes"
-        ].join(" "))
+        ].join(" ")
+
+        omnibus_cmd = [
+          "echo '#{ENV['WEBUI_PASSWORD']}' |",
+          "knife configure",
+          "--initial",
+          "--server-url http://127.0.0.1:8000",
+          "--user root",
+          '--repository ""',
+          "--admin-client-name chef-webui",
+          "--admin-client-key /etc/chef-server/chef-webui.pem",
+          "--validation-client-name chef-validator",
+          "--validation-key /etc/chef-server/chef-validator.pem",
+          "--defaults --yes"
+        ].join(" ")
+
+        @ssh.exec!(omnibus? ? omnibus_cmd : chef10_cmd)
       end
 
       def install_client_key(user, client_key_path, suffix = Time.now.to_i)
@@ -65,17 +85,34 @@ module Knife
 
       private
 
+      def omnibus?
+        @omnibus
+      end
+
       def backup_file_path(file_path, suffix)
         parts = file_path.rpartition(".")
         "#{parts[0]}.#{suffix}.#{parts[2]}"
       end
 
       def create_user_client(user)
-        @ssh.exec!([
+        chef10_cmd = [
           "knife client create",
           user,
-          "--admin --file /tmp/chef-client-#{user}.pem --disable-editing"
-        ].join(" "))
+          "--admin",
+          "--file /tmp/chef-client-#{user}.pem",
+          "--disable-editing"
+        ].join(" ")
+
+        omnibus_cmd = [
+          "knife user create",
+          user,
+          "--admin",
+          "--file /tmp/chef-client-#{user}.pem",
+          "--disable-editing",
+          "--password #{ENV['WEBUI_PASSWORD']}"
+        ].join(" ")
+
+        @ssh.exec!(omnibus? ? omnibus_cmd : chef10_cmd)
       end
     end
   end

data/lib/knife/server/ssh.rb

@@ -22,6 +22,7 @@ module Knife
   module Server
     class SSH
       DEFAULT_OPTIONS = { :user => "root", :port => "22" }.freeze
+      USER_SWITCH_COMMAND = %[sudo USER=root HOME="$(getent passwd root | cut -d : -f 6)"]
 
       def initialize(params)
         options = DEFAULT_OPTIONS.merge(params)
@@ -36,7 +37,7 @@ module Knife
           full_cmd = cmd
         else
           full_cmd = [
-            %[sudo USER=root HOME="$(getent passwd root | cut -d : -f 6)"],
+            USER_SWITCH_COMMAND,
             %[bash -c '#{cmd}']
           ].join(" ")
         end
@@ -47,6 +48,61 @@ module Knife
         end
         result
       end
+
+      # runs a script on the target host by passing it to the stdin of a sh
+      # process. returns stdout and the exit status. does not care about stderr.
+      def run_script(content)
+        user_switch = ""
+
+        unless @user == "root"
+          user_switch = USER_SWITCH_COMMAND
+        end
+
+        wrapper = <<-EOF
+        if [ -e /dev/fd/0 ]
+        then
+          #{user_switch} /bin/sh /dev/fd/0
+        elif [ -e /dev/stdin ]
+        then
+          #{user_switch} /bin/sh /dev/stdin
+        else
+          echo "Cannot find method of communicating with the shell via stdin"
+          exit 1
+        fi
+        EOF
+
+        result = ""
+        exit_status = nil
+
+        Net::SSH.start(@host, @user, @options) do |ssh|
+          ssh.open_channel do |ch|
+            ch.on_open_failed do |ch, code, desc|
+              raise "Connection Error to #{ip}: #{desc}"
+            end
+
+            ch.exec(wrapper) do |channel, type, data|
+              # spit out the shell script and close stdin so sh can do its magic.
+              channel.send_data(content)
+              channel.eof!
+
+              # then we just wait for sweet, sweet output.
+              channel.on_data do |ch2, data|
+                result << data
+              end
+
+              channel.on_request("exit-status") do |ch2, data|
+                exit_status = data.read_long
+              end
+            end
+
+            ch.wait
+          end
+
+          ssh.loop
+        end
+
+        return result, exit_status
+      end
     end
   end
 end

data/lib/knife/server/version.rb

@@ -18,6 +18,6 @@
 
 module Knife
   module Server
-    VERSION = "0.3.3"
+    VERSION = "1.0.0"
   end
 end

data/spec/chef/knife/server_bootstrap_ec2_spec.rb

@@ -33,6 +33,8 @@ describe Chef::Knife::ServerBootstrapEc2 do
     @stderr = StringIO.new
     @knife.ui.stub!(:stderr).and_return(@stderr)
     @knife.config[:chef_node_name] = "yakky"
+    @knife.config[:platform] = "omnibus"
+    @knife.config[:ssh_user] = "root"
   end
 
   let(:connection) { mock(Fog::Compute::AWS) }
@@ -102,17 +104,25 @@ describe Chef::Knife::ServerBootstrapEc2 do
       bootstrap.config[:distro].should eq("distro-praha")
     end
 
-    it "configs the bootstrap's distro to chef-server-debian by default" do
+    it "configs the bootstrap's distro to chef11/omnibus by default" do
       @knife.config.delete(:distro)
 
-      bootstrap.config[:distro].should eq("chef-server-debian")
+      bootstrap.config[:distro].should eq("chef11/omnibus")
     end
 
     it "configs the bootstrap's distro value driven off platform value" do
       @knife.config.delete(:distro)
       @knife.config[:platform] = "freebsd"
 
-      bootstrap.config[:distro].should eq("chef-server-freebsd")
+      bootstrap.config[:distro].should eq("chef11/freebsd")
+    end
+
+    it "configs the bootstrap's distro based on bootstrap_version and platform" do
+      @knife.config.delete(:distro)
+      @knife.config[:platform] = "freebsd"
+      @knife.config[:bootstrap_version] = "10"
+
+      bootstrap.config[:distro].should eq("chef10/freebsd")
     end
 
     it "configs the bootstrap's ENV with the webui password" do
@@ -251,13 +261,26 @@ describe Chef::Knife::ServerBootstrapEc2 do
       @knife.run
     end
 
-    it "installs a new validation.pem key from the server" do
+    it "installs a new validation.pem key from the chef 10 server" do
+      @knife.config[:bootstrap_version] = "10"
+      Knife::Server::SSH.should_receive(:new).with({
+        :host => "grapes.wrath", :user => "root",
+        :port => "2345", :keys => ["~/.ssh/mykey_dsa"]
+      })
+      Knife::Server::Credentials.should_receive(:new).
+        with(ssh, "/etc/chef/validation.pem", {})
+      credentials.should_receive(:install_validation_key)
+
+      @knife.run
+    end
+
+    it "installs a new validation.pem key from the omnibus server" do
       Knife::Server::SSH.should_receive(:new).with({
         :host => "grapes.wrath", :user => "root",
         :port => "2345", :keys => ["~/.ssh/mykey_dsa"]
       })
       Knife::Server::Credentials.should_receive(:new).
-        with(ssh, "/etc/chef/validation.pem")
+        with(ssh, "/etc/chef/validation.pem", {:omnibus => true})
       credentials.should_receive(:install_validation_key)
 
       @knife.run