RubyGems - kontena-cli - Versions diffs - 0.12.0 → 0.12.1 - Mend

kontena-cli 0.12.0 → 0.12.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

checksums.yaml +4 -4
data/VERSION +1 -1
data/lib/kontena/cli/grids/common.rb +15 -4
data/lib/kontena/cli/grids/list_command.rb +1 -1
data/lib/kontena/cli/master/aws/create_command.rb +7 -7
data/lib/kontena/cli/master/users/remove_command.rb +22 -0
data/lib/kontena/cli/master/users_command.rb +3 -1
data/lib/kontena/cli/nodes/aws/create_command.rb +3 -3
data/lib/kontena/cli/nodes/aws/terminate_command.rb +1 -1
data/lib/kontena/cli/services/containers_command.rb +1 -1
data/lib/kontena/cli/vault/list_command.rb +4 -2
data/lib/kontena/machine/aws.rb +3 -3
data/lib/kontena/machine/aws/common.rb +17 -1
data/lib/kontena/machine/aws/master_provisioner.rb +85 -64
data/lib/kontena/machine/aws/node_destroyer.rb +17 -5
data/lib/kontena/machine/aws/node_provisioner.rb +103 -63
data/lib/kontena/machine/cert_helper.rb +39 -0
data/spec/kontena/cli/master/users/remove_command_spec.rb +28 -0
data/spec/kontena/cli/services/containers_command_spec.rb +48 -0
metadata +8 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 09a43f90d845f6046491b8b9636cae6201fc0602
-  data.tar.gz: 357fcf2a78efd43d5371056837a188b7225bd016
+  metadata.gz: b4c7616444c2dfd31cc66c625d49168d8ab8623d
+  data.tar.gz: f28c78f100bed2695c99b12d5ed757dfd0e4eaa3
 SHA512:
-  metadata.gz: 076aa681b8e39964cbe93b9ae29279ee443f36fa0e73e6a054aef32852f93e5bb1502a318c556da5505eb6aaa13ec1b80a0d6d617b00466c8529c8f3cbeb80ba
-  data.tar.gz: 40fe038531ef0e8cda9fa1af4c1a1df6f25a79088e7f8311b3d1c29b833762d145d26441e09f9ddc105419ae414866cd077a88dfd9a51fbc0b087c2cfad64e85
+  metadata.gz: b594019efe570386ebbf644888636a28f31ed88c0fe01425322dce0057fd232f1707d70e82899aefac3576a179ebccc87726a4b90e53a5c473bc354320947dcb
+  data.tar.gz: 9202690e4f3cff809576272a11108351266b97c421c189fbfe742c4f7d0ccc1c90e143a182f754c09a586f37a4f1a23a33724ea8f848352f0167fce50045c06f

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.12.0
1	+ 0.12.1

data/lib/kontena/cli/grids/common.rb CHANGED Viewed

@@ -21,10 +21,8 @@ module Kontena::Cli::Grids
       puts "    load: #{(loads[:'1m'] || 0.0).round(2)} #{(loads[:'5m'] || 0.0).round(2)} #{(loads[:'15m'] || 0.0).round(2)}"
       mem_total = nodes.map{|n| n['mem_total'].to_i}.inject(:+)
-      mem_wired = nodes.map{|n|
-        n.dig('resource_usage', 'memory', 'active').to_f
-      }.inject(:+)
-      puts "    memory: #{to_gigabytes(mem_wired)} of #{to_gigabytes(mem_total)} GB"
+      mem_used = calculate_mem_used(nodes)
+      puts "    memory: #{to_gigabytes(mem_used)} of #{to_gigabytes(mem_total)} GB"
       total_fs = calculate_filesystem_stats(nodes)
       puts "    filesystem: #{to_gigabytes(total_fs['used'])} of #{to_gigabytes(total_fs['total'])} GB"
@@ -55,6 +53,19 @@ module Kontena::Cli::Grids
       loads
     end
+    # @param [Array<Hash>] nodes
+    # @return [Float]
+    def calculate_mem_used(nodes)
+      nodes.map{|n|
+        mem = n.dig('resource_usage', 'memory')
+        if mem
+          mem['used'] - (mem['cached'] + mem['buffers'])
+        else
+          0.0
+        end
+      }.inject(:+)
+    end
     # @param [Array<Hash>] nodes
     # @return [Hash]
     def calculate_filesystem_stats(nodes)

data/lib/kontena/cli/grids/list_command.rb CHANGED Viewed

@@ -9,7 +9,7 @@ module Kontena::Cli::Grids
       require_api_url
       if grids['grids'].size == 0
-        puts "You don't have any grids yet. Create first one with 'kontena grids create' command".colorize(:yellow)
+        puts "You don't have any grids yet. Create first one with 'kontena grid create' command".colorize(:yellow)
       end
       puts '%-30.30s %-8s %-12s %-10s' % ['Name', 'Nodes', 'Services', 'Users']

data/lib/kontena/cli/master/aws/create_command.rb CHANGED Viewed

@@ -6,18 +6,18 @@ module Kontena::Cli::Master::Aws
     option "--access-key", "ACCESS_KEY", "AWS access key ID", required: true
     option "--secret-key", "SECRET_KEY", "AWS secret key", required: true
-    option "--key-pair", "KEY_PAIR", "EC2 Key Pair", required: true
-    option "--ssl-cert", "SSL CERT", "SSL certificate file"
+    option "--key-pair", "KEY_PAIR", "EC2 key pair name", required: true
+    option "--ssl-cert", "SSL CERT", "SSL certificate file (default: generate self-signed cert)"
     option "--region", "REGION", "EC2 Region", default: 'eu-west-1'
     option "--zone", "ZONE", "EC2 Availability Zone", default: 'a'
-    option "--vpc-id", "VPC ID", "Virtual Private Cloud (VPC) ID"
-    option "--subnet-id", "SUBNET ID", "VPC option to specify subnet to launch instance into"
+    option "--vpc-id", "VPC ID", "Virtual Private Cloud (VPC) ID (default: default vpc)"
+    option "--subnet-id", "SUBNET ID", "VPC option to specify subnet to launch instance into (default: first subnet from vpc/az)"
     option "--type", "SIZE", "Instance type", default: 't2.small'
     option "--storage", "STORAGE", "Storage size (GiB)", default: '30'
-    option "--vault-secret", "VAULT_SECRET", "Secret key for Vault"
-    option "--vault-iv", "VAULT_IV", "Initialization vector for Vault"
+    option "--vault-secret", "VAULT_SECRET", "Secret key for Vault (default: generate random secret)"
+    option "--vault-iv", "VAULT_IV", "Initialization vector for Vault (default: generate random iv)"
     option "--version", "VERSION", "Define installed Kontena version", default: 'latest'
-    option "--auth-provider-url", "AUTH_PROVIDER_URL", "Define authentication provider url"
+    option "--auth-provider-url", "AUTH_PROVIDER_URL", "Define authentication provider url (optional)"
     def execute
       require 'kontena/machine/aws'

data/lib/kontena/cli/master/users/remove_command.rb ADDED Viewed

@@ -0,0 +1,22 @@
+require_relative '../../common'
+module Kontena::Cli::Master::Users
+  class RemoveCommand < Clamp::Command
+    include Kontena::Cli::Common
+    parameter "EMAIL ...", "List of emails"
+    def execute
+      require_api_url
+      token = require_token
+      email_list.each do |email|
+        begin
+          client(token).delete("users/#{email}")
+        rescue => exc
+          STDERR.puts "Failed to remove user #{email}".colorize(:red)
+          STDERR.puts exc.message
+        end
+      end
+    end
+  end
+end

data/lib/kontena/cli/master/users_command.rb CHANGED Viewed

@@ -1,12 +1,14 @@
 module Kontena::Cli::Master
-  require_relative 'users/add_role_command'
   require_relative 'users/invite_command'
+  require_relative 'users/remove_command'
   require_relative 'users/list_command'
+  require_relative 'users/add_role_command'
   require_relative 'users/remove_role_command'
   class UsersCommand < Clamp::Command
     subcommand "invite", "Invite user to Kontena Master", Users::InviteCommand
+    subcommand ["remove", "rm"], "Remove user from Kontena Master", Users::RemoveCommand
     subcommand ["list", "ls"], "List users", Users::ListCommand
     subcommand "add-role", "Add role to user", Users::AddRoleCommand
     subcommand "remove-role", "Remove role from user", Users::RemoveRoleCommand

data/lib/kontena/cli/nodes/aws/create_command.rb CHANGED Viewed

@@ -6,11 +6,11 @@ module Kontena::Cli::Nodes::Aws
     parameter "[NAME]", "Node name"
     option "--access-key", "ACCESS_KEY", "AWS access key ID", required: true
     option "--secret-key", "SECRET_KEY", "AWS secret key", required: true
+    option "--key-pair", "KEY_PAIR", "EC2 Key Pair", required: true
     option "--region", "REGION", "EC2 Region", default: 'eu-west-1'
     option "--zone", "ZONE", "EC2 Availability Zone", default: 'a'
-    option "--vpc-id", "VPC ID", "Virtual Private Cloud (VPC) ID"
-    option "--subnet-id", "SUBNET ID", "VPC option to specify subnet to launch instance into"
-    option "--key-pair", "KEY_PAIR", "EC2 Key Pair", required: true
+    option "--vpc-id", "VPC ID", "Virtual Private Cloud (VPC) ID (default: default vpc)"
+    option "--subnet-id", "SUBNET ID", "VPC option to specify subnet to launch instance into (default: first subnet in vpc/az)"
     option "--type", "SIZE", "Instance type", default: 't2.small'
     option "--storage", "STORAGE", "Storage size (GiB)", default: '30'
     option "--version", "VERSION", "Define installed Kontena version", default: 'latest'

data/lib/kontena/cli/nodes/aws/terminate_command.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module Kontena::Cli::Nodes::Aws
     parameter "NAME", "Node name"
     option "--access-key", "ACCESS_KEY", "AWS access key ID", required: true
     option "--secret-key", "SECRET_KEY", "AWS secret key", required: true
-    option "--region", "REGION", "EC2 Region", required: true
+    option "--region", "REGION", "EC2 Region", default: 'eu-west-1'
     def execute
       require_api_url

data/lib/kontena/cli/services/containers_command.rb CHANGED Viewed

@@ -18,7 +18,7 @@ module Kontena::Cli::Services
         puts "  rev: #{container['deploy_rev']}"
         puts "  node: #{container['node']['name']}"
         puts "  dns: #{container['name']}.#{current_grid}.kontena.local"
-        puts "  ip: #{container['overlay_cidr'].split('/')[0]}"
+        puts "  ip: #{container['overlay_cidr'].to_s.split('/')[0]}"
         puts "  public ip: #{container['node']['public_ip']}"
         if container['status'] == 'unknown'
           puts "  status: #{container['status'].colorize(:yellow)}"

data/lib/kontena/cli/vault/list_command.rb CHANGED Viewed

@@ -7,9 +7,11 @@ module Kontena::Cli::Vault
       require_api_url
       token = require_token
       result = client(token).get("grids/#{current_grid}/secrets")
-      puts '%-30.30s %-30.30s' % ['NAME', 'CREATED AT']
+      column_width_paddings = '%-54s %-25.25s'
+      puts column_width_paddings % ['NAME', 'CREATED AT']
       result['secrets'].each do |secret|
-        puts '%-30.30s %-30.30s' % [secret['name'], secret['created_at']]
+        puts column_width_paddings % [secret['name'], secret['created_at']]
       end
     end
   end

data/lib/kontena/machine/aws.rb CHANGED Viewed

@@ -1,13 +1,13 @@
 begin
-  require "fog/aws"
+  require "aws-sdk"
 rescue LoadError
   puts "It seems that you don't have gem for AWS API installed."
-  puts "Install it using: gem install fog-aws"
+  puts "Install it using: gem install aws-sdk"
   exit 1
 end
 require_relative 'random_name'
+require_relative 'cert_helper'
 require_relative 'aws/master_provisioner'
 require_relative 'aws/node_provisioner'
 require_relative 'aws/node_destroyer'

data/lib/kontena/machine/aws/common.rb CHANGED Viewed

@@ -20,7 +20,23 @@ module Kontena
           }
           images[region]
         end
+        # @param [String] vpc_id
+        # @param [String] zone
+        # @return [Aws::EC2::Types::Subnet, NilClass]
+        def default_subnet(vpc_id, zone)
+          ec2.subnets({
+            filters: [
+              {name: "vpc-id", values: [vpc_id]},
+              {name: "availability-zone", values: [zone]}
+            ]
+          }).first
+        end
+        # @return [Aws::EC2::Types::Vpc, NilClass]
+        def default_vpc
+          ec2.vpcs({filters: [{name: "is-default", values: ["true"]}]}).first
+        end
       end
     end
   end

data/lib/kontena/machine/aws/master_provisioner.rb CHANGED Viewed

@@ -10,35 +10,37 @@ module Kontena
       class MasterProvisioner
         include RandomName
         include Common
-        attr_reader :client, :http_client, :region
+        include Machine::CertHelper
+        attr_reader :ec2, :http_client, :region
         # @param [String] access_key_id aws_access_key_id
         # @param [String] secret_key aws_secret_access_key
         # @param [String] region
         def initialize(access_key_id, secret_key, region)
-          @client = Fog::Compute.new(
-            :provider => 'AWS',
-            :aws_access_key_id => access_key_id,
-            :aws_secret_access_key => secret_key,
-            :region => region
+          @ec2 = ::Aws::EC2::Resource.new(
+            region: region, credentials: ::Aws::Credentials.new(access_key_id, secret_key)
           )
         end
         # @param [Hash] opts
         def run!(opts)
+          ssl_cert = nil
           if opts[:ssl_cert]
             abort('Invalid ssl cert') unless File.exists?(File.expand_path(opts[:ssl_cert]))
             ssl_cert = File.read(File.expand_path(opts[:ssl_cert]))
+          else
+            ShellSpinner "Generating self-signed SSL certificate" do
+              ssl_cert = generate_self_signed_cert
+            end
           end
-          ami = resolve_ami(client.region)
+          ami = resolve_ami(region)
           abort('No valid AMI found for region') unless ami
-          opts[:vpc] = default_vpc.id unless opts[:vpc]
+          opts[:vpc] = default_vpc.vpc_id unless opts[:vpc]
           if opts[:subnet].nil?
-            subnet = default_subnet(opts[:vpc], client.region+opts[:zone])
-            opts[:subnet] = subnet.subnet_id
+            subnet = default_subnet(opts[:vpc], region+opts[:zone])
           else
-            subnet = client.subnets.get(opts[:subnet])
+            subnet = ec2.subnet(opts[:subnet])
           end
           userdata_vars = {
               ssl_cert: ssl_cert,
@@ -50,41 +52,39 @@ module Kontena
           security_group = ensure_security_group(opts[:vpc])
           name = generate_name
-          response = client.run_instances(
-              ami,
-              1,
-              1,
-              'InstanceType'  => opts[:type],
-              'SecurityGroupId' => security_group.group_id,
-              'KeyName'       => opts[:key_pair],
-              'SubnetId'      => opts[:subnet],
-              'UserData'      => user_data(userdata_vars),
-              'BlockDeviceMapping' => [
-                  {
-                      'DeviceName' => '/dev/xvda',
-                      'VirtualName' => 'Root',
-                      'Ebs.VolumeSize' => opts[:storage],
-                      'Ebs.VolumeType' => 'gp2'
-                  }
-              ]
-          )
-          instance_id = response.body['instancesSet'].first['instanceId']
-          instance = client.servers.get(instance_id)
+          ec2_instance = ec2.create_instances({
+            image_id: ami,
+            min_count: 1,
+            max_count: 1,
+            instance_type: opts[:type],
+            security_group_ids: [security_group.group_id],
+            key_name: opts[:key_pair],
+            subnet_id: subnet.subnet_id,
+            user_data: Base64.encode64(user_data(userdata_vars)),
+            block_device_mappings: [
+              {
+                device_name: '/dev/xvda',
+                virtual_name: 'Root',
+                ebs: {
+                  volume_size: opts[:storage],
+                  volume_type: 'gp2'
+                }
+              }
+            ]
+          }).first
+          ec2_instance.create_tags({
+            tags: [
+              {key: 'Name', value: name}
+            ]
+          })
           ShellSpinner "Creating AWS instance #{name.colorize(:cyan)} " do
-            instance.wait_for { ready? }
-          end
-          if opts[:ssl_cert]
-            master_url = "https://#{instance.public_ip_address}"
-          else
-            master_url = "http://#{instance.public_ip_address}"
+            sleep 5 until ec2_instance.reload.state.name == 'running'
           end
+          master_url = "https://#{ec2_instance.public_ip_address}"
           Excon.defaults[:ssl_verify_peer] = false
-          @http_client = Excon.new("#{master_url}", :connect_timeout => 10)
+          http_client = Excon.new(master_url, :connect_timeout => 10)
           ShellSpinner "Waiting for #{name.colorize(:cyan)} to start" do
-            sleep 5 until master_running?
+            sleep 5 until master_running?(http_client)
           end
           puts "Kontena Master is now running at #{master_url}"
@@ -92,38 +92,57 @@ module Kontena
         end
         ##
-        # @param [String] grid
-        # @return Fog::Compute::AWS::SecurityGroup
+        # @param [String] vpc_id
+        # @return [Aws::EC2::SecurityGroup]
         def ensure_security_group(vpc_id)
           group_name = "kontena_master"
-          if vpc_id
-            client.security_groups.all({'group-name' => group_name, 'vpc-id' => vpc_id}).first || create_security_group(group_name, vpc_id)
-          else
-            client.security_groups.get(group_name) || create_security_group(group_name)
+          sg = ec2.security_groups({
+            filters: [
+              {name: 'group-name', values: [group_name]},
+              {name: 'vpc-id', values: [vpc_id]}
+            ]
+          }).first
+          unless sg
+            ShellSpinner "Creating AWS security group" do
+              sg = create_security_group(group_name, vpc_id)
+            end
           end
+          sg
         end
         ##
         # creates security_group and authorizes default port ranges
         #
         # @param [String] name
-        # @return Fog::Compute::AWS::SecurityGroup
+        # @param [String, NilClass] vpc_id
+        # @return Aws::EC2::SecurityGroup
         def create_security_group(name, vpc_id = nil)
-          security_group = client.security_groups.new(:name => name, :description => "Kontena Master", :vpc_id => vpc_id)
-          security_group.save
-          security_group.authorize_port_range(80..80)
-          security_group.authorize_port_range(443..443)
-          security_group.authorize_port_range(22..22)
-          security_group
+          sg = ec2.create_security_group({
+            group_name: name,
+            description: "Kontena Master",
+            vpc_id: vpc_id
+          })
+          sg.authorize_ingress({
+            ip_protocol: 'tcp',
+            from_port: 443,
+            to_port: 443,
+            cidr_ip: '0.0.0.0/0'
+          })
+          sg.authorize_ingress({
+            ip_protocol: 'tcp',
+            from_port: 22,
+            to_port: 22,
+            cidr_ip: '0.0.0.0/0'
+          })
+          sg
         end
-        def default_subnet(vpc, zone)
-          client.subnets.all('vpc-id' => vpc, 'availabilityZone' => zone).first
-        end
-        def default_vpc
-          client.vpcs.all('isDefault' => true).first
+        # @return [String]
+        def region
+          ec2.client.config.region
         end
         def user_data(vars)
@@ -135,14 +154,16 @@ module Kontena
           "kontena-master-#{super}-#{rand(1..99)}"
         end
-        def master_running?
+        def master_running?(http_client)
           http_client.get(path: '/').status == 200
         rescue
           false
         end
         def erb(template, vars)
-          ERB.new(template).result(OpenStruct.new(vars).instance_eval { binding })
+          ERB.new(template).result(
+            OpenStruct.new(vars).instance_eval { binding }
+          )
         end
       end
     end

data/lib/kontena/machine/aws/node_destroyer.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module Kontena
     module Aws
       class NodeDestroyer
-        attr_reader :client, :api_client
+        attr_reader :ec2, :api_client
         # @param [Kontena::Client] api_client Kontena api client
         # @param [String] access_key_id aws_access_key_id
@@ -13,15 +13,27 @@ module Kontena
         # @param [String] region
         def initialize(api_client, access_key_id, secret_key, region = 'eu-west-1')
           @api_client = api_client
-          @client = Fog::Compute.new(:provider => 'AWS', :aws_access_key_id => access_key_id, :aws_secret_access_key => secret_key, :region => region)
+          @ec2 = ::Aws::EC2::Resource.new(
+            region: region,
+            credentials: ::Aws::Credentials.new(access_key_id, secret_key)
+          )
         end
         def run!(grid, name)
-          instance = client.servers.all({'tag:Name' => name}).first
+          instances = ec2.instances({
+            filters: [
+              {name: 'tag:Name', values: [name]}
+            ]
+          })
+          abort("Cannot find AWS instance #{name}") if instances.to_a.size == 0
+          abort("There are multiple instances with name #{name}") if instances.to_a.size > 1
+          instance = instances.first
           if instance
             ShellSpinner "Terminating AWS instance #{name.colorize(:cyan)} " do
-              instance.destroy
-              sleep 2 until client.servers.get(instance.id).state == 'terminated'
+              instance.terminate
+              until instance.reload.state.name.to_s == 'terminated'
+                sleep 2
+              end
             end
           else
             abort "Cannot find instance #{name.colorize(:cyan)} in AWS"

data/lib/kontena/machine/aws/node_provisioner.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module Kontena
         include RandomName
         include Common
-        attr_reader :client, :api_client, :region
+        attr_reader :ec2, :api_client
         # @param [Kontena::Client] api_client Kontena api client
         # @param [String] access_key_id aws_access_key_id
@@ -19,106 +19,141 @@ module Kontena
         # @param [String] region
         def initialize(api_client, access_key_id, secret_key, region)
           @api_client = api_client
-          @client = Fog::Compute.new(
-            :provider => 'AWS', :aws_access_key_id => access_key_id,
-            :aws_secret_access_key => secret_key, :region => region
+          @ec2 = ::Aws::EC2::Resource.new(
+            region: region, credentials: ::Aws::Credentials.new(access_key_id, secret_key)
           )
         end
         # @param [Hash] opts
         def run!(opts)
-          ami = resolve_ami(client.region)
+          ami = resolve_ami(region)
           abort('No valid AMI found for region') unless ami
+          opts[:vpc] = default_vpc.vpc_id unless opts[:vpc]
           security_group = ensure_security_group(opts[:grid], opts[:vpc])
           name = opts[:name ] || generate_name
-          opts[:vpc] = default_vpc.id unless opts[:vpc]
           if opts[:subnet].nil?
-            subnet = default_subnet(opts[:vpc], client.region+opts[:zone])
-            opts[:subnet] = subnet.subnet_id
+            subnet = default_subnet(opts[:vpc], region+opts[:zone])
           else
-            subnet = client.subnets.get(opts[:subnet])
+            subnet = ec2.subnet(opts[:subnet])
           end
           dns_server = aws_dns_supported?(opts[:vpc]) ? '169.254.169.253' : '8.8.8.8'
           userdata_vars = {
-              name: name,
-              version: opts[:version],
-              master_uri: opts[:master_uri],
-              grid_token: opts[:grid_token],
-              dns_server: dns_server
+            name: name,
+            version: opts[:version],
+            master_uri: opts[:master_uri],
+            grid_token: opts[:grid_token],
+            dns_server: dns_server
           }
-          response = client.run_instances(
-              ami,
-              1,
-              1,
-              'InstanceType'  => opts[:type],
-              'SecurityGroupId' => security_group.group_id,
-              'KeyName'       => opts[:key_pair],
-              'SubnetId'      => opts[:subnet],
-              'UserData'      => user_data(userdata_vars),
-              'BlockDeviceMapping' => [
-                  {
-                      'DeviceName' => '/dev/xvda',
-                      'VirtualName' => 'Root',
-                      'Ebs.VolumeSize' => opts[:storage],
-                      'Ebs.VolumeType' => 'gp2'
-                  }
-              ]
-          )
-          instance_id = response.body['instancesSet'].first['instanceId']
+          ec2_instance = ec2.create_instances({
+            image_id: ami,
+            min_count: 1,
+            max_count: 1,
+            instance_type: opts[:type],
+            security_group_ids: [security_group.group_id],
+            key_name: opts[:key_pair],
+            subnet_id: subnet.subnet_id,
+            user_data: Base64.encode64(user_data(userdata_vars)),
+            block_device_mappings: [
+              {
+                device_name: '/dev/xvda',
+                virtual_name: 'Root',
+                ebs: {
+                  volume_size: opts[:storage],
+                  volume_type: 'gp2'
+                }
+              }
+            ]
+          }).first
+          ec2_instance.create_tags({
+            tags: [
+              {key: 'Name', value: name},
+              {key: 'kontena_grid', value: opts[:grid]}
+            ]
+          })
-          instance = client.servers.get(instance_id)
           ShellSpinner "Creating AWS instance #{name.colorize(:cyan)} " do
-            instance.wait_for { ready? }
+            sleep 5 until ec2_instance.reload.state.name == 'running'
           end
-          client.create_tags(instance.id, {'Name' => name, 'kontena_grid' => opts[:grid]})
           node = nil
           ShellSpinner "Waiting for node #{name.colorize(:cyan)} join to grid #{opts[:grid].colorize(:cyan)} " do
             sleep 2 until node = instance_exists_in_grid?(opts[:grid], name)
           end
-          labels = ["region=#{client.region}", "az=#{opts[:zone]}"]
+          labels = ["region=#{region}", "az=#{opts[:zone]}"]
           set_labels(node, labels)
         end
         ##
         # @param [String] grid
-        # @return Fog::Compute::AWS::SecurityGroup
+        # @return [Aws::EC2::SecurityGroup]
         def ensure_security_group(grid, vpc_id)
           group_name = "kontena_grid_#{grid}"
-          if vpc_id
-            client.security_groups.all({'group-name' => group_name, 'vpc-id' => vpc_id}).first || create_security_group(group_name, vpc_id)
-          else
-            client.security_groups.get(group_name) || create_security_group(group_name)
+          sg = ec2.security_groups({
+            filters: [
+              {name: 'group-name', values: [group_name]},
+              {name: 'vpc-id', values: [vpc_id]}
+            ]
+          }).first
+          unless sg
+            ShellSpinner "Creating AWS security group" do
+              sg = create_security_group(group_name, vpc_id)
+            end
           end
+          sg
         end
         ##
         # creates security_group and authorizes default port ranges
         #
         # @param [String] name
-        # @return Fog::Compute::AWS::SecurityGroup
-        def create_security_group(name, vpc_id = nil)
-          security_group = client.security_groups.new(:name => name, :description => "Kontena Node", :vpc_id => vpc_id)
-          security_group.save
-          security_group.authorize_port_range(80..80)
-          security_group.authorize_port_range(443..443)
-          security_group.authorize_port_range(22..22)
-          security_group.authorize_port_range(1194..1194, ip_protocol: 'udp')
-          security_group.authorize_port_range(6783..6783, group: {security_group.owner_id => security_group.group_id}, ip_protocol: 'tcp')
-          security_group.authorize_port_range(6783..6784, group: {security_group.owner_id => security_group.group_id}, ip_protocol: 'udp')
-          security_group
-        end
-        def default_subnet(vpc, zone)
-          client.subnets.all('vpc-id' => vpc, 'availabilityZone' => zone).first
+        # @param [String] vpc_id
+        # @return [Aws::EC2::SecurityGroup]
+        def create_security_group(name, vpc_id)
+          sg = ec2.create_security_group({
+            group_name: name,
+            description: "Kontena Grid",
+            vpc_id: vpc_id
+          })
+          sg.authorize_ingress({ # SSH
+            ip_protocol: 'tcp', from_port: 22, to_port: 22, cidr_ip: '0.0.0.0/0'
+          })
+          sg.authorize_ingress({ # HTTP
+            ip_protocol: 'tcp', from_port: 80, to_port: 80, cidr_ip: '0.0.0.0/0'
+          })
+          sg.authorize_ingress({ # HTTPS
+            ip_protocol: 'tcp', from_port: 443, to_port: 443, cidr_ip: '0.0.0.0/0'
+          })
+          sg.authorize_ingress({ # OpenVPN
+            ip_protocol: 'udp', from_port: 1194, to_port: 1194, cidr_ip: '0.0.0.0/0'
+          })
+          sg.authorize_ingress({ # Overlay / Weave network
+            ip_permissions: [
+              {
+                from_port: 6783, to_port: 6783, ip_protocol: 'tcp',
+                user_id_group_pairs: [
+                  { group_id: sg.group_id, vpc_id: vpc_id }
+                ]
+              },
+              {
+                from_port: 6783, to_port: 6784, ip_protocol: 'udp',
+                user_id_group_pairs: [
+                  { group_id: sg.group_id, vpc_id: vpc_id }
+                ]
+              }
+            ]
+          })
+          sg
         end
-        def default_vpc
-          client.vpcs.all('isDefault' => true).first
+        # @return [String]
+        def region
+          ec2.client.config.region
         end
         def user_data(vars)
@@ -138,15 +173,20 @@ module Kontena
           ERB.new(template).result(OpenStruct.new(vars).instance_eval { binding })
         end
+        # @param [Hash] node
+        # @param [Array<String>] labels
         def set_labels(node, labels)
           data = {}
           data[:labels] = labels
           api_client.put("nodes/#{node['id']}", data, {}, {'Kontena-Grid-Token' => node['grid']['token']})
         end
+        # @param [String] vpc_id
+        # @return [Boolean]
         def aws_dns_supported?(vpc_id)
-          response = client.describe_vpc_attribute(vpc_id,'enableDnsSupport')
-          response.data[:body]['enableDnsSupport']
+          vpc = ec2.vpc(vpc_id)
+          response = vpc.describe_attribute({attribute: 'enableDnsSupport'})
+          response.enable_dns_support
         end
       end
     end

data/lib/kontena/machine/cert_helper.rb ADDED Viewed

@@ -0,0 +1,39 @@
+require 'openssl'
+module Kontena
+  module Machine
+    module CertHelper
+      def generate_self_signed_cert
+        key = OpenSSL::PKey::RSA.new(2048)
+        public_key = key.public_key
+        subject = "/C=FI/O=Test/OU=Test/CN=Test"
+        cert = OpenSSL::X509::Certificate.new
+        cert.subject = cert.issuer = OpenSSL::X509::Name.parse(subject)
+        cert.not_before = Time.now
+        cert.not_after = Time.now + (10 * 365 * 24 * 60 * 60)
+        cert.public_key = public_key
+        cert.serial = 0x0
+        cert.version = 2
+        ef = OpenSSL::X509::ExtensionFactory.new
+        ef.subject_certificate = cert
+        ef.issuer_certificate = cert
+        cert.extensions = [
+          ef.create_extension("basicConstraints","CA:TRUE", true),
+          ef.create_extension("subjectKeyIdentifier", "hash")
+        ]
+        cert.add_extension ef.create_extension("authorityKeyIdentifier",
+                                               "keyid:always,issuer:always")
+        cert.sign key, OpenSSL::Digest::SHA1.new
+        pem = cert.to_pem
+        pem << key.to_s
+        pem
+      end
+    end
+  end
+end

data/spec/kontena/cli/master/users/remove_command_spec.rb ADDED Viewed

@@ -0,0 +1,28 @@
+require_relative "../../../../spec_helper"
+require 'kontena/cli/master/users_command'
+require "kontena/cli/master/users/remove_command"
+describe Kontena::Cli::Master::Users::RemoveCommand do
+  include ClientHelpers
+  describe '#execute' do
+    it 'requires api url' do
+      expect(subject).to receive(:require_api_url).once
+      subject.run(['john@domain.com'])
+    end
+    it 'requires token' do
+      expect(subject).to receive(:require_token).and_return(token)
+      subject.run(['john@domain.com'])
+    end
+    it 'sends email to master' do
+      expect(client).to receive(:delete).with(
+        'users/john@domain.com'
+      )
+      subject.run(['john@domain.com'])
+    end
+  end
+end

data/spec/kontena/cli/services/containers_command_spec.rb ADDED Viewed

@@ -0,0 +1,48 @@
+require_relative "../../../spec_helper"
+require "kontena/cli/services/containers_command"
+describe Kontena::Cli::Services::ContainersCommand do
+  include ClientHelpers
+  describe '#execute' do
+    before(:each) do
+      allow(client).to receive(:get).and_return({
+        'containers' => []
+      })
+    end
+    it 'requires api url' do
+      expect(subject).to receive(:require_api_url).once
+      subject.run(['service-a'])
+    end
+    it 'requires token' do
+      expect(subject).to receive(:require_token).and_return(token)
+      subject.run(['service-a'])
+    end
+    it 'to not throw on missing "overlay_cidr" property' do
+      allow(client).to receive(:get).and_return({
+        'containers' => [
+          {'id' => "service-a-id", 'node' => {'public_ip' => ""}}
+        ]
+      })
+      expect {
+        subject.run(['service-a'])
+      }.to_not raise_error(NoMethodError)
+    end
+    it 'to not throw on nil "overlay_cidr" property' do
+      allow(client).to receive(:get).and_return({
+        'containers' => [
+          {'id' => "service-a-id", 'node' => {'public_ip' => ""}, 'overlay_cidr' => nil}
+        ]
+      })
+      expect {
+        subject.run(['service-a'])
+      }.to_not raise_error(NoMethodError)
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kontena-cli
 version: !ruby/object:Gem::Version
-  version: 0.12.0
+  version: 0.12.1
 platform: ruby
 authors:
 - Kontena, Inc
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-04-04 00:00:00.000000000 Z
+date: 2016-04-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -205,6 +205,7 @@ files:
 - lib/kontena/cli/master/users/add_role_command.rb
 - lib/kontena/cli/master/users/invite_command.rb
 - lib/kontena/cli/master/users/list_command.rb
+- lib/kontena/cli/master/users/remove_command.rb
 - lib/kontena/cli/master/users/remove_role_command.rb
 - lib/kontena/cli/master/users_command.rb
 - lib/kontena/cli/master/vagrant/create_command.rb
@@ -305,6 +306,7 @@ files:
 - lib/kontena/machine/azure/master_provisioner.rb
 - lib/kontena/machine/azure/node_destroyer.rb
 - lib/kontena/machine/azure/node_provisioner.rb
+- lib/kontena/machine/cert_helper.rb
 - lib/kontena/machine/cloud_config/cloudinit.yml
 - lib/kontena/machine/cloud_config/node_generator.rb
 - lib/kontena/machine/common.rb
@@ -339,9 +341,11 @@ files:
 - spec/kontena/cli/master/use_command_spec.rb
 - spec/kontena/cli/master/users/add_role_command_spec.rb
 - spec/kontena/cli/master/users/invite_command_spec.rb
+- spec/kontena/cli/master/users/remove_command_spec.rb
 - spec/kontena/cli/master/users/remove_role_command_spec.rb
 - spec/kontena/cli/register_command_spec.rb
 - spec/kontena/cli/services/add_secret_command_spec.rb
+- spec/kontena/cli/services/containers_command_spec.rb
 - spec/kontena/cli/services/link_command_spec.rb
 - spec/kontena/cli/services/remove_secret_command_spec.rb
 - spec/kontena/cli/services/restart_command_spec.rb
@@ -391,9 +395,11 @@ test_files:
 - spec/kontena/cli/master/use_command_spec.rb
 - spec/kontena/cli/master/users/add_role_command_spec.rb
 - spec/kontena/cli/master/users/invite_command_spec.rb
+- spec/kontena/cli/master/users/remove_command_spec.rb
 - spec/kontena/cli/master/users/remove_role_command_spec.rb
 - spec/kontena/cli/register_command_spec.rb
 - spec/kontena/cli/services/add_secret_command_spec.rb
+- spec/kontena/cli/services/containers_command_spec.rb
 - spec/kontena/cli/services/link_command_spec.rb
 - spec/kontena/cli/services/remove_secret_command_spec.rb
 - spec/kontena/cli/services/restart_command_spec.rb