kontena-plugin-aws 0.2.7 → 0.3.0.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ae87022c9186594dc522a5eced7bbd4758360822
-  data.tar.gz: eec88a482f9dfcde351b10f1ea324d7f323cb747
+  metadata.gz: 944cc0456a0dbe057a86a2662000e2ff622ec8c3
+  data.tar.gz: cc12f182b670334d33db3855c8769d9167064850
 SHA512:
-  metadata.gz: dce564e74e064e04230e13c21f3072cf86ab545fb1756439fd3165bd61776a6a03e0790f0d2b8f7e53812da399114be16f167bd6200dee915ca352220a821054
-  data.tar.gz: 529812334bef114118e1990f1a72450dcefe46f391ec4e565d2b0f5d97c7dffa125393047f4cefe4442cb7f688a75a21bd9006b9b99436b5eed756aac34c434b
+  metadata.gz: c211fc7de64b11db19d949a1e78750a7fcffbc1f6e27c67c2fef9f807172f1eb94fa7cc17656d6edd55f8c72d3f9e5f4b9f5f114df577d569554ba7eace21417
+  data.tar.gz: 45d56e46fdc4374e06a02a25af2c43b84ba647183283aa1be37f8256933eb288a855e51714dc095cc181e513fadc5600bf14975c0619d0c44cedc0df1ad519e4

data/lib/kontena/machine/aws/keypair_provisioner.rb

@@ -0,0 +1,38 @@
+require_relative 'common'
+
+module Kontena::Machine::Aws
+  class KeypairProvisioner
+
+    attr_reader :ec2, :region, :public_key, :keypair_name
+
+    # @param [String] access_key_id aws_access_key_id
+    # @param [String] secret_key aws_secret_access_key
+    # @param [String] region
+    def initialize(access_key_id, secret_key, region)
+      @ec2 = ::Aws::EC2::Resource.new(
+        region: region, credentials: ::Aws::Credentials.new(access_key_id, secret_key)
+      )
+    end
+
+    def validate_opts!(opts)
+      if opts[:public_key]
+        @public_key = opts[:public_key]
+      else
+        raise "Missing public key"
+      end
+
+      @keypair_name = opts[:keypair_name] || "kontena-#{SecureRandom.hex(4)}-#{Time.now.strftime '%Y-%m-%d'}"
+    end
+
+    # @param [Hash] opts
+    def run!(opts)
+      validate_opts!(opts)
+      ec2.import_key_pair(
+        key_name: keypair_name,
+        public_key_material: public_key,
+        dry_run: false
+      )
+    end
+  end
+end
+

data/lib/kontena/machine/aws/master_destroyer.rb

@@ -0,0 +1,46 @@
+module Kontena
+  module Machine
+    module Aws
+      class MasterDestroyer
+
+        include Kontena::Cli::ShellSpinner
+
+        attr_reader :ec2, :api_client
+
+        # @param [Kontena::Client] api_client Kontena api client
+        # @param [String] access_key_id aws_access_key_id
+        # @param [String] secret_key aws_secret_access_key
+        # @param [String] region
+        def initialize(api_client, access_key_id, secret_key, region = 'eu-west-1')
+          @api_client = api_client
+          @ec2 = ::Aws::EC2::Resource.new(
+            region: region,
+            credentials: ::Aws::Credentials.new(access_key_id, secret_key)
+          )
+        end
+
+        def run!(name)
+          instances = ec2.instances({
+            filters: [
+              {name: 'tag:Name', values: [name]}
+            ]
+          })
+          abort("Cannot find AWS instance #{name}") if instances.to_a.size == 0
+          abort("There are multiple instances with name #{name}") if instances.to_a.size > 1
+          instance = instances.first
+          if instance
+            spinner "Terminating AWS instance #{name.colorize(:cyan)} " do
+              instance.terminate
+              until instance.reload.state.name.to_s == 'terminated'
+                sleep 1
+              end
+            end
+          else
+            abort "Cannot find instance #{name.colorize(:cyan)} in AWS"
+          end
+        end
+      end
+    end
+  end
+end
+

data/lib/kontena/machine/aws/master_provisioner.rb

@@ -39,11 +39,9 @@ module Kontena::Machine::Aws
       ami = resolve_ami(region)
       abort('No valid AMI found for region') unless ami
       opts[:vpc] = default_vpc.vpc_id unless opts[:vpc]
-      if opts[:subnet].nil?
-        subnet = default_subnet(opts[:vpc], region+opts[:zone])
-      else
-        subnet = ec2.subnet(opts[:subnet])
-      end
+
+      raise "Missing :subnet option" if opts[:subnet].nil?
+      subnet = ec2.subnet(opts[:subnet])
       abort('Failed to find subnet!') unless subnet
 
       name = opts[:name] || generate_name

data/lib/kontena/machine/aws/node_destroyer.rb

@@ -41,7 +41,7 @@ module Kontena
           node = api_client.get("grids/#{grid['id']}/nodes")['nodes'].find{|n| n['name'] == name}
           if node
             spinner "Removing node #{name.colorize(:cyan)} from grid #{grid['name'].colorize(:cyan)} " do
-              api_client.delete("grids/#{grid['id']}/nodes/#{name}")
+              api_client.delete("nodes/#{grid['id']}/#{name}")
             end
           end
         end

data/lib/kontena/machine/aws/node_provisioner.rb

@@ -33,11 +33,10 @@ module Kontena::Machine::Aws
           resolve_security_groups_to_ids(opts[:security_groups], opts[:vpc]) :
           ensure_security_group(opts[:grid], opts[:vpc])
 
-      if opts[:subnet].nil?
-        subnet = default_subnet(opts[:vpc], region+opts[:zone])
-      else
-        subnet = ec2.subnet(opts[:subnet])
-      end
+      raise "Missing :subnet option" if opts[:subnet].nil?
+      subnet = ec2.subnet(opts[:subnet])
+      abort('Failed to find subnet!') unless subnet
+
       dns_server = aws_dns_supported?(opts[:vpc]) ? '169.254.169.253' : '8.8.8.8'
       instances = []
       opts[:count].to_i.times do |i|

data/lib/kontena/machine/aws.rb

@@ -18,7 +18,9 @@ end
 require 'aws-sdk'
 require 'kontena/machine/random_name'
 require 'kontena/machine/cert_helper'
+require_relative 'aws/keypair_provisioner'
 require_relative 'aws/master_provisioner'
+require_relative 'aws/master_destroyer'
 require_relative 'aws/node_provisioner'
 require_relative 'aws/node_restarter'
 require_relative 'aws/node_destroyer'

data/lib/kontena/plugin/aws/master/create_command.rb

@@ -7,64 +7,40 @@ module Kontena::Plugin::Aws::Master
     include Kontena::Plugin::Aws::Prompts
 
     option "--name", "[NAME]", "Set Master name"
-    option "--access-key", "ACCESS_KEY", "AWS access key ID", environment_variable: "AWS_ACCESS_KEY_ID"
-    option "--secret-key", "SECRET_KEY", "AWS secret access key", environment_variable: "AWS_SECRET_ACCESS_KEY"
-    option "--key-pair", "KEY_PAIR", "EC2 key pair name"
+
+    include Kontena::Plugin::Aws::Prompts::Common
+
     option "--ssl-cert", "SSL CERT", "SSL certificate file (default: generate self-signed cert)"
-    option "--region", "REGION", "EC2 Region", environment_variable: "AWS_REGION"
-    option "--zone", "ZONE", "EC2 Availability Zone (a,b,c,d,e)"
-    option "--vpc-id", "VPC ID", "Virtual Private Cloud (VPC) ID"
-    option "--subnet-id", "SUBNET ID", "VPC option to specify subnet to launch instance into (default: first subnet in vpc/az)"
-    option "--type", "SIZE", "Instance type"
-    option "--storage", "STORAGE", "Storage size (GiB)"
     option "--vault-secret", "VAULT_SECRET", "Secret key for Vault (default: generate random secret)"
     option "--vault-iv", "VAULT_IV", "Initialization vector for Vault (default: generate random iv)"
     option "--mongodb-uri", "URI", "External MongoDB uri (optional)"
-    option "--version", "VERSION", "Define installed Kontena version", default: 'latest'
-    option "--associate-public-ip-address", :flag, "Whether to associated public IP in case the VPC defaults to not doing it", default: true, attribute_name: :associate_public_ip
-    option "--security-groups", "SECURITY_GROUPS", "Comma separated list of security groups (names) where the new instance will be attached (default: create 'kontena_master' group if not already existing)"
-    option "--aws-bundled-cert", :flag, "Use CA certificate bundled in AWS SDK", default: false
 
     def execute
       require_relative '../../../machine/aws'
 
-      Aws.use_bundled_cert! if aws_bundled_cert?
-
-      aws_access_key = ask_aws_access_key
-      aws_secret_key = ask_aws_secret_key
-      aws_region = ask_aws_region(aws_access_key, aws_secret_key)
-      aws_zone = ask_aws_az(aws_access_key, aws_secret_key, aws_region)
-      aws_vpc_id = ask_aws_vpc(aws_access_key, aws_secret_key, aws_region)
-
-      exit_with_error("Could not find any Virtual Private Cloud (VPC). Please create one in the AWS console first.") unless aws_vpc_id
-      aws_subnet_id = ask_aws_subnet(aws_access_key, aws_secret_key, aws_region, aws_zone, aws_vpc_id)
-      aws_key_pair = ask_aws_key_pair(aws_access_key, aws_secret_key, aws_region)
-      aws_type = ask_aws_instance_type
-      aws_storage = ask_aws_storage
-      provisioner = provisioner(aws_access_key, aws_secret_key, aws_region)
       provisioner.run!(
-          name: name,
-          type: aws_type,
-          vpc: aws_vpc_id,
-          zone: aws_zone,
-          subnet: aws_subnet_id,
-          ssl_cert: ssl_cert,
-          storage: aws_storage,
-          version: version,
-          key_pair: aws_key_pair,
-          vault_secret: vault_secret || SecureRandom.hex(24),
-          vault_iv: vault_iv || SecureRandom.hex(24),
-          mongodb_uri: mongodb_uri,
-          associate_public_ip: associate_public_ip?,
-          security_groups: security_groups,
-          initial_admin_code: SecureRandom.hex(16)
+        name: name,
+        type: type,
+        vpc: vpc_id,
+        zone: zone,
+        subnet: subnet_id,
+        ssl_cert: ssl_cert,
+        storage: storage,
+        version: version,
+        key_pair: key_pair,
+        vault_secret: vault_secret || SecureRandom.hex(24),
+        vault_iv: vault_iv || SecureRandom.hex(24),
+        mongodb_uri: mongodb_uri,
+        associate_public_ip: associate_public_ip?,
+        security_groups: security_groups,
+        initial_admin_code: SecureRandom.hex(16)
       )
     rescue Seahorse::Client::NetworkingError => ex
       raise ex unless ex.message.match(/certificate verify failed/)
       exit_with_error Kontena::Machine::Aws.ssl_fail_message(aws_bundled_cert?)
     end
 
-    def provisioner(access_key, secret_key, region)
+    def provisioner
       Kontena::Machine::Aws::MasterProvisioner.new(access_key, secret_key, region)
     end
   end

data/lib/kontena/plugin/aws/master/terminate_command.rb

@@ -0,0 +1,40 @@
+module Kontena::Plugin::Aws::Master
+  class TerminateCommand < Kontena::Command
+    include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
+    include Kontena::Plugin::Aws::Prompts
+    prepend Kontena::Plugin::Aws::Prompts::Common::Defaults
+
+    option "--access-key", "ACCESS_KEY", "AWS access key ID", environment_variable: "AWS_ACCESS_KEY_ID"
+    option "--secret-key", "SECRET_KEY", "AWS secret access key", environment_variable: "AWS_SECRET_ACCESS_KEY"
+    option "--region", "REGION", "EC2 Region (default: node's region)", environment_variable: "AWS_REGION", attribute_name: :aws_region
+    option "--force", :flag, "Force remove", default: false, attribute_name: :forced
+    option "--aws-bundled-cert", :flag, "Use CA certificate bundled in AWS SDK", default: false
+
+    requires_current_master
+
+    def execute
+      require_current_grid
+
+      node_name = config.current_master.name
+      confirm_command(node_name) unless forced?
+
+      require_relative '../../../machine/aws'
+      Aws.use_bundled_cert! if aws_bundled_cert?
+
+      destroyer.run!(node_name)
+    rescue Seahorse::Client::NetworkingError => ex
+      raise ex unless ex.message.match(/certificate verify failed/)
+      exit_with_error Kontena::Machine::Aws.ssl_fail_message(aws_bundled_cert?)
+    end
+
+    def destroyer
+      Kontena::Machine::Aws::MasterDestroyer.new(client, access_key, secret_key, aws_region)
+    end
+
+    def default_aws_region
+      resolve_region(@node) || default_region
+    end
+  end
+end
+

data/lib/kontena/plugin/aws/master_command.rb

@@ -1,8 +1,10 @@
 require_relative 'master/create_command'
+require_relative 'master/terminate_command'
 
 class Kontena::Plugin::Aws::MasterCommand < Kontena::Command
 
   subcommand "create", "Create a new master to AWS", Kontena::Plugin::Aws::Master::CreateCommand
+  subcommand "terminate", "Destroy current master from AWS", Kontena::Plugin::Aws::Master::TerminateCommand
 
   def execute
   end

data/lib/kontena/plugin/aws/nodes/create_command.rb

@@ -5,56 +5,33 @@ module Kontena::Plugin::Aws::Nodes
     include Kontena::Plugin::Aws::Prompts
 
     parameter "[NAME]", "Node name"
-    option "--access-key", "ACCESS_KEY", "AWS access key ID", environment_variable: "AWS_ACCESS_KEY_ID"
-    option "--secret-key", "SECRET_KEY", "AWS secret access key", environment_variable: "AWS_SECRET_ACCESS_KEY"
-    option "--key-pair", "KEY_PAIR", "EC2 Key Pair"
-    option "--region", "REGION", "EC2 Region", environment_variable: "AWS_REGION"
-    option "--zone", "ZONE", "EC2 Availability Zone (a,b,c,d,e)"
-    option "--vpc-id", "VPC ID", "Virtual Private Cloud (VPC) ID (default: default vpc)"
-    option "--subnet-id", "SUBNET ID", "VPC option to specify subnet to launch instance into (default: first subnet in vpc/az)"
-    option "--type", "SIZE", "Instance type"
-    option "--storage", "STORAGE", "Storage size (GiB)"
+
+    include Kontena::Plugin::Aws::Prompts::Common
+
     option "--count", "COUNT", "How many instances to create"
-    option "--version", "VERSION", "Define installed Kontena version", default: 'latest'
-    option "--[no-]associate-public-ip-address", :flag, "Whether to associated public IP in case the VPC defaults to not doing it", default: true, attribute_name: :associate_public_ip
-    option "--security-groups", "SECURITY GROUPS", "Comma separated list of security groups (names) where the new instance will be attached (default: create grid specific group if not already existing)"
-    option "--aws-bundled-cert", :flag, "Use CA certificate bundled in AWS SDK", default: false
 
     requires_current_master
 
     def execute
       require_current_grid
       require_relative '../../../machine/aws'
-      Aws.use_bundled_cert! if aws_bundled_cert?
 
       grid = fetch_grid(current_grid)
-      aws_access_key = ask_aws_access_key
-      aws_secret_key = ask_aws_secret_key
-      aws_region = ask_aws_region(aws_access_key, aws_secret_key)
-      aws_zone = ask_aws_az(aws_access_key, aws_secret_key, aws_region)
-      aws_vpc_id = ask_aws_vpc(aws_access_key, aws_secret_key, aws_region)
-      exit_with_error("Could not find any Virtual Private Cloud (VPC). Please create one in the AWS console first.") unless aws_vpc_id
-      aws_subnet_id = ask_aws_subnet(aws_access_key, aws_secret_key, aws_region, aws_zone, aws_vpc_id)
-      aws_key_pair = ask_aws_key_pair(aws_access_key, aws_secret_key, aws_region)
-      aws_type = ask_aws_instance_type
-      aws_storage = ask_aws_storage
-      aws_count = ask_instance_count
-      provisioner = provisioner(client, aws_access_key, aws_secret_key, aws_region)
       provisioner.run!(
-          master_uri: api_url,
-          grid_token: grid['token'],
-          grid: current_grid,
-          name: name,
-          type: aws_type,
-          vpc: aws_vpc_id,
-          zone: aws_zone,
-          subnet: aws_subnet_id,
-          storage: aws_storage,
-          version: version,
-          key_pair: aws_key_pair,
-          count: aws_count,
-          associate_public_ip: associate_public_ip?,
-          security_groups: security_groups
+        master_uri: api_url,
+        grid_token: grid['token'],
+        grid: current_grid,
+        name: name,
+        type: type,
+        vpc: vpc_id,
+        zone: zone,
+        subnet: subnet_id,
+        storage: storage,
+        version: version,
+        key_pair: key_pair,
+        count: count,
+        associate_public_ip: associate_public_ip?,
+        security_groups: security_groups
       )
     rescue Seahorse::Client::NetworkingError => ex
       raise ex unless ex.message.match(/certificate verify failed/)
@@ -72,16 +49,12 @@ module Kontena::Plugin::Aws::Nodes
     # @param [String] secret_key
     # @param [String] region
     # @return [Kontena::Machine::Aws::NodeProvisioner]
-    def provisioner(client, access_key, secret_key, region)
+    def provisioner
       Kontena::Machine::Aws::NodeProvisioner.new(client, access_key, secret_key, region)
     end
 
-    def ask_instance_count
-      if self.count.nil?
-        prompt.ask('How many instances?: ', default: 1)
-      else
-        self.count
-      end
+    def default_count
+      prompt.ask('How many instances?: ', default: 1)
     end
   end
 end

data/lib/kontena/plugin/aws/nodes/restart_command.rb

@@ -3,11 +3,12 @@ module Kontena::Plugin::Aws::Nodes
     include Kontena::Cli::Common
     include Kontena::Cli::GridOptions
     include Kontena::Plugin::Aws::Prompts
+    prepend Kontena::Plugin::Aws::Prompts::Common::Defaults
 
     parameter "[NAME]", "Node name"
     option "--access-key", "ACCESS_KEY", "AWS access key ID", environment_variable: "AWS_ACCESS_KEY_ID"
     option "--secret-key", "SECRET_KEY", "AWS secret access key", environment_variable: "AWS_SECRET_ACCESS_KEY"
-    option "--region", "REGION", "EC2 Region", environment_variable: "AWS_REGION"
+    option "--region", "REGION", "EC2 Region (default: node's region)", environment_variable: "AWS_REGION", attribute_name: :aws_region
     option "--aws-bundled-cert", :flag, "Use CA certificate bundled in AWS SDK", default: false
 
     requires_current_master
@@ -15,31 +16,23 @@ module Kontena::Plugin::Aws::Nodes
     def execute
       require_current_grid
       node_name = self.name || ask_node
-      node = client.get("nodes/#{current_grid}/#{node_name}")
+      @node = client.get("nodes/#{current_grid}/#{node_name}")
 
-      aws_access_key = ask_aws_access_key
-      aws_secret_key = ask_aws_secret_key
-      aws_region = self.region || resolve_or_ask_region(node, aws_access_key, aws_secret_key)
       require_relative '../../../machine/aws'
       Aws.use_bundled_cert! if aws_bundled_cert?
 
-      restarter = restarter(aws_access_key, aws_secret_key, aws_region)
       restarter.run!(node_name)
     rescue Seahorse::Client::NetworkingError => ex
       raise ex unless ex.message.match(/certificate verify failed/)
       exit_with_error Kontena::Machine::Aws.ssl_fail_message(aws_bundled_cert?)
     end
 
-    def restarter(access_key, secret_key, region)
-      Kontena::Machine::Aws::NodeRestarter.new(access_key, secret_key, region)
+    def restarter
+      Kontena::Machine::Aws::NodeRestarter.new(access_key, secret_key, aws_region)
     end
 
-    def resolve_or_ask_region(node, access_key, secret_key)
-      if node['labels'] && region_label = node['labels'].find{ |l| l.split('=').first == 'region' }
-        region = region_label.split('=').last
-      end
-      region = ask_aws_region(access_key, secret_key) unless region
-      region
+    def default_aws_region
+      resolve_region(@node) || default_region
     end
   end
 end

data/lib/kontena/plugin/aws/nodes/terminate_command.rb

@@ -3,11 +3,12 @@ module Kontena::Plugin::Aws::Nodes
     include Kontena::Cli::Common
     include Kontena::Cli::GridOptions
     include Kontena::Plugin::Aws::Prompts
+    prepend Kontena::Plugin::Aws::Prompts::Common::Defaults
 
     parameter "[NAME]", "Node name"
     option "--access-key", "ACCESS_KEY", "AWS access key ID", environment_variable: "AWS_ACCESS_KEY_ID"
     option "--secret-key", "SECRET_KEY", "AWS secret access key", environment_variable: "AWS_SECRET_ACCESS_KEY"
-    option "--region", "REGION", "EC2 Region (default: node's region)", environment_variable: "AWS_REGION"
+    option "--region", "REGION", "EC2 Region (default: node's region)", environment_variable: "AWS_REGION", attribute_name: :aws_region
     option "--force", :flag, "Force remove", default: false, attribute_name: :forced
     option "--aws-bundled-cert", :flag, "Use CA certificate bundled in AWS SDK", default: false
 
@@ -17,33 +18,25 @@ module Kontena::Plugin::Aws::Nodes
       require_current_grid
 
       node_name = self.name || ask_node
-      node = client.get("nodes/#{current_grid}/#{node_name}")
-      aws_access_key = ask_aws_access_key
-      aws_secret_key = ask_aws_secret_key
-      aws_region = self.region || resolve_or_ask_region(node, aws_access_key, aws_secret_key)
+      @node = client.get("nodes/#{current_grid}/#{node_name}")
 
       confirm_command(node_name) unless forced?
       require_relative '../../../machine/aws'
       Aws.use_bundled_cert! if aws_bundled_cert?
 
       grid = client.get("grids/#{current_grid}")
-      destroyer = destroyer(aws_access_key, aws_secret_key, aws_region)
       destroyer.run!(grid, node_name)
     rescue Seahorse::Client::NetworkingError => ex
       raise ex unless ex.message.match(/certificate verify failed/)
       exit_with_error Kontena::Machine::Aws.ssl_fail_message(aws_bundled_cert?)
     end
 
-    def destroyer(access_key, secret_key, region)
-      Kontena::Machine::Aws::NodeDestroyer.new(client, access_key, secret_key, region)
+    def destroyer
+      Kontena::Machine::Aws::NodeDestroyer.new(client, access_key, secret_key, aws_region)
     end
 
-    def resolve_or_ask_region(node, access_key, secret_key)
-      if node['labels'] && region_label = node['labels'].find{ |l| l.split('=').first == 'region' }
-        region = region_label.split('=').last
-      end
-      region = ask_aws_region(access_key, secret_key) unless region
-      region
+    def default_aws_region
+      resolve_region(@node) || default_region
     end
   end
 end

data/lib/kontena/plugin/aws/prompts.rb

@@ -1,130 +1,153 @@
 require 'aws-sdk'
 module Kontena::Plugin::Aws::Prompts
 
-  def ask_aws_access_key
-    if self.access_key.nil?
-      prompt.ask('AWS access key: ', echo: false)
-    else
-      self.access_key
-    end
+  def aws_client
+    @aws_client ||= Aws::EC2::Client.new(access_key_id: access_key, secret_access_key: secret_key, region: region)
   end
 
-  def ask_aws_secret_key
-    if self.secret_key.nil?
-      prompt.ask('AWS secret key: ', echo: false)
-    else
-      self.secret_key
+  module Common
+    def self.included(base)
+      base.prepend Defaults
+      base.option "--access-key", "ACCESS_KEY", "AWS access key ID", environment_variable: "AWS_ACCESS_KEY_ID"
+      base.option "--secret-key", "SECRET_KEY", "AWS secret access key", environment_variable: "AWS_SECRET_ACCESS_KEY"
+      base.option "--key-pair", "KEY_PAIR", "EC2 key pair name"
+      base.option "--region", "REGION", "EC2 Region", environment_variable: "AWS_REGION"
+      base.option "--ssh-public-key", "[PATH]", "SSH public key file path"
+      base.option "--zone", "ZONE", "EC2 Availability Zone (a,b,c,d,e)"
+      base.option "--type", "SIZE", "Instance type"
+      base.option "--vpc-id", "VPC ID", "Virtual Private Cloud (VPC) ID (default: default vpc)"
+      base.option "--storage", "STORAGE", "Storage size (GiB)"
+      base.option "--subnet-id", "SUBNET ID", "VPC option to specify subnet to launch instance into (default: first subnet in vpc/az)"
+      base.option "--version", "VERSION", "Define installed Kontena version", default: 'latest'
+      base.option "--[no-]associate-public-ip-address", :flag, "Whether to associated public IP in case the VPC defaults to not doing it", default: true, attribute_name: :associate_public_ip
+      base.option "--security-groups", "SECURITY GROUPS", "Comma separated list of security groups (names) where the new instance will be attached (default: create grid specific group if not already existing)"
+      base.option "--aws-bundled-cert", :flag, "Use CA certificate bundled in AWS SDK", default: false do |bundle|
+        Aws.use_bundled_cert! if bundle
+      end
     end
-  end
 
-  def ask_aws_key_pair(access_key, secret_key, region)
-    if self.key_pair.nil?
-      prompt.select("Choose EC2 key pair: ") do |menu|
-        aws_client = ::Aws::EC2::Client.new(access_key_id: access_key, secret_access_key: secret_key, region: region)
-        aws_client.describe_key_pairs.key_pairs.each{ |key_pair|
-          menu.choice key_pair.key_name, key_pair.key_name
-        }
+    module Defaults
+      def default_access_key
+        prompt.ask('AWS access key:', echo: false)
       end
-    else
-      self.key_pair
-    end
-  end
 
-  def ask_aws_region(access_key, secret_key, default = 'eu-west-1')
-    if self.region.nil?
-      prompt.select("Choose EC2 region: ") do |menu|
-        aws_client = ::Aws::EC2::Client.new(access_key_id: access_key, secret_access_key: secret_key, region: 'eu-west-1')
-        i = 1
-        aws_client.describe_regions.regions.sort_by{|r| r.region_name }.each{ |region|
-          menu.choice region.region_name, region.region_name
-          if region.region_name == default
-            menu.default i
+      def default_secret_key
+        prompt.ask('AWS secret key:', echo: false)
+      end
+
+      CREATE_KEYPAIR_TEXT = 'Create new key pair'
+      DummyPair = Struct.new(:key_name)
+
+      def default_key_pair
+        key_pairs = aws_client.describe_key_pairs.key_pairs
+        if key_pairs.empty?
+          import_key_pair
+        else
+          key_pairs << DummyPair.new(CREATE_KEYPAIR_TEXT)
+          answer = prompt.select("Choose EC2 key pair:") do |menu|
+            key_pairs.each do |key_pair|
+              menu.choice key_pair.key_name, key_pair.key_name
+            end
           end
-          i += 1
-        }
+          answer == CREATE_KEYPAIR_TEXT ? import_key_pair : answer
+        end
       end
-    else
-      self.region
-    end
-  end
 
-  def ask_aws_az(access_key, secret_key, region)
-    if self.zone.nil?
-      prompt.select("Choose EC2 Availability Zone: ") do |menu|
-        aws_client = ::Aws::EC2::Client.new(access_key_id: access_key, secret_access_key: secret_key, region: region)
-        aws_client.describe_availability_zones.availability_zones.sort_by{|r| r.zone_name }.each{ |zone|
-          if zone.state == 'available'
-            menu.choice zone.zone_name, zone.zone_name.sub(zone.region_name, '')
+      DEFAULT_SSH_KEY_PATH = File.join(Dir.home, '.ssh', 'id_rsa.pub')
+
+      def import_key_pair
+        if ssh_public_key
+          public_key = File.read(ssh_public_key)
+        else
+          public_key = prompt.ask('SSH public key: (enter a ssh key in OpenSSH format "ssh-xxx xxxxx key_name")', default: File.exist?(DEFAULT_SSH_KEY_PATH) ? File.read(DEFAULT_SSH_KEY_PATH).strip : '') do |q|
+            q.validate /^ssh-rsa \S+ \S+$/
           end
-        }
+          key_name = public_key[/\A\S+\s+\S+\s+(\S+)\z/, 1]
+        end
+
+        prompt.yes?("Import public key '#{key_name}' to AWS?") || exit_with_error('Aborted')
+        pair = Kontena::Machine::Aws::KeypairProvisioner.new(access_key, secret_key, region).run!(public_key: public_key, keypair_name: key_name)
+        pair.name
       end
-    else
-      self.zone
-    end
-  end
 
-  def ask_aws_vpc(access_key, secret_key, region)
-    if self.vpc_id.nil?
-      aws_client = ::Aws::EC2::Client.new(access_key_id: access_key, secret_access_key: secret_key, region: region)
-      vpcs = aws_client.describe_vpcs.vpcs
-      return nil if vpcs.size == 0
-      if vpcs.size == 1 && vpcs.first.state == "available"
-        vpcs.first.vpc_id
-      else
-        prompt.select("Choose Virtual Private Cloud (VPC) ID: ") do |menu|
-          vpcs.each{ |vpc|
-            if vpc.state == 'available'
-              name = vpc.vpc_id
-              name += ' (default)' if vpc.is_default
-              menu.choice name, vpc.vpc_id
-            end
-          }
+      DEFAULT_REGION = 'eu-west-1'
+
+      def default_region_aws_client
+        @default_region_aws_client ||= Aws::EC2::Client.new(access_key_id: access_key, secret_access_key: secret_key, region: DEFAULT_REGION)
+      end
+
+      def default_region
+        STDERR.puts("in default_region_common")
+        prompt.select("Choose EC2 region:") do |menu|
+          i = 1
+          default_region_aws_client.describe_regions.regions.sort_by(&:region_name).each do |region|
+            menu.choice region.region_name, region.region_name
+            menu.default(i) if region.region_name == DEFAULT_REGION
+            i += 1
+          end
         end
       end
-    else
-      self.vpc_id
-    end
-  end
 
-  def ask_aws_subnet(access_key, secret_key, region, zone, vpc)
-    if self.subnet_id.nil?
-      aws_client = ::Aws::EC2::Client.new(access_key_id: access_key, secret_access_key: secret_key, region: region)
-      subnets_result = aws_client.describe_subnets(filters: [
-        { name: "vpc-id", values: [vpc] },
-        { name: "availability-zone", values: [zone]}
-      ])
-      subnets = subnets_result.subnets.sort_by{|s| s.cidr_block}
-      return nil if subnets.size == 0
-      if subnets.size == 1 && subnets.first.state == "available"
-        puts "Using Subnet (#{subnets.first.subnet_id})"
-        subnets.first.subnet_id
-      else
-        prompt.select("Specify subnet to launch instance into: ") do |menu|
-          subnets.each{ |subnet|
-            if subnet.state == 'available'
-              menu.choice "#{subnet.subnet_id} (#{subnet.cidr_block})", subnet.subnet_id
+      def default_zone
+        prompt.select("Choose EC2 Availability Zone:") do |menu|
+          aws_client.describe_availability_zones.availability_zones.sort_by(&:zone_name).select { |z| z.state == 'available' }.each do |zone|
+            menu.choice zone.zone_name, zone.zone_name.sub(zone.region_name, '')
+          end
+        end
+      end
+
+      DEFAULT_INSTANCE_TYPE = 't2.small'
+
+      def default_type
+        prompt.ask('Instance type:', default: DEFAULT_INSTANCE_TYPE)
+      end
+
+      def default_vpc_id
+        vpcs = aws_client.describe_vpcs.vpcs
+        exit_with_error("Could not find any Virtual Private Cloud (VPC). Please create one in the AWS console first.") if vpcs.size.zero?
+        if vpcs.size == 1 && vpcs.first.state == "available"
+          puts "Using VPC ID #{pastel.cyan(vpcs.first.vpc_id)}"
+          vpcs.first.vpc_id
+        else
+          prompt.select("Choose Virtual Private Cloud (VPC) ID:") do |menu|
+            vpcs.each do |vpc|
+              if vpc.state == 'available'
+                name = vpc.vpc_id
+                name += ' (default)' if vpc.is_default
+                menu.choice name, vpc.vpc_id
+              end
             end
-          }
+          end
         end
       end
-    else
-      self.subnet_id
-    end
-  end
 
-  def ask_aws_instance_type(default = 't2.small')
-    if self.type.nil?
-      prompt.ask('Instance type: ', default: default)
-    else
-      self.type
-    end
-  end
+      DEFAULT_STORAGE = 30
 
-  def ask_aws_storage(default = '30')
-    if self.storage.nil?
-      prompt.ask('Storage size (GiB): ', default: default)
-    else
-      self.storage
+      def default_storage
+        prompt.ask('Storage size (GiB):', default: DEFAULT_STORAGE)
+      end
+
+      def default_subnet_id
+        filters = [
+          { name: "vpc-id", values: [vpc_id] },
+          { name: "availability-zone", values: [region + zone] }
+        ]
+        subnets_result = aws_client.describe_subnets(filters: filters)
+        subnets = subnets_result.subnets.sort_by(&:cidr_block)
+        exit_with_error "Failed to find any subnets" if subnets.empty?
+        if subnets.size == 1 && subnets.first.state == "available"
+          puts "Using Subnet ID #{pastel.cyan(subnets.first.subnet_id)}"
+          subnets.first.subnet_id
+        else
+          prompt.select("Specify subnet to launch instance into:") do |menu|
+            subnets.each do |subnet|
+              if subnet.state == 'available'
+                menu.choice "#{subnet.subnet_id} (#{subnet.cidr_block})", subnet.subnet_id
+              end
+            end
+          end
+        end
+      end
     end
   end
 
@@ -135,8 +158,8 @@ module Kontena::Plugin::Aws::Prompts
         n['labels'] && n['labels'].include?('provider=aws'.freeze)
       }
       raise "Did not find any nodes with label provider=aws" if nodes.size == 0
-      prompt.select("Select node: ") do |menu|
-        nodes.sort_by{|n| n['node_number'] }.reverse.each do |node|
+      prompt.select("Select node:") do |menu|
+        nodes.sort_by{ |n| n['node_number'] }.reverse.each do |node|
           initial = node['initial_member'] ? '(initial) ' : ''
           menu.choice "#{node['name']} #{initial}", node['name']
         end
@@ -145,4 +168,13 @@ module Kontena::Plugin::Aws::Prompts
       self.name
     end
   end
+
+  def resolve_region(node)
+    STDERR.puts("in resolve_region")
+    return nil if node.nil? || node['labels'].nil?
+    node['labels'].each do |label|
+      tag, value = label.split('=', 2)
+      return value if tag == 'region'
+    end
+  end
 end

data/lib/kontena/plugin/aws.rb

@@ -1,7 +1,7 @@
 module Kontena
   module Plugin
     module Aws
-      VERSION = "0.2.7"
+      VERSION = "0.3.0.rc1"
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kontena-plugin-aws
 version: !ruby/object:Gem::Version
-  version: 0.2.7
+  version: 0.3.0.rc1
 platform: ruby
 authors:
 - Kontena, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-05-03 00:00:00.000000000 Z
+date: 2017-08-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: kontena-cli
@@ -91,12 +91,15 @@ files:
 - lib/kontena/machine/aws/cloudinit.yml
 - lib/kontena/machine/aws/cloudinit_master.yml
 - lib/kontena/machine/aws/common.rb
+- lib/kontena/machine/aws/keypair_provisioner.rb
+- lib/kontena/machine/aws/master_destroyer.rb
 - lib/kontena/machine/aws/master_provisioner.rb
 - lib/kontena/machine/aws/node_destroyer.rb
 - lib/kontena/machine/aws/node_provisioner.rb
 - lib/kontena/machine/aws/node_restarter.rb
 - lib/kontena/plugin/aws.rb
 - lib/kontena/plugin/aws/master/create_command.rb
+- lib/kontena/plugin/aws/master/terminate_command.rb
 - lib/kontena/plugin/aws/master_command.rb
 - lib/kontena/plugin/aws/node_command.rb
 - lib/kontena/plugin/aws/nodes/create_command.rb
@@ -120,9 +123,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.4.5