libvirtinator 0.0.0

data/lib/libvirtinator/config.rb

@@ -0,0 +1,44 @@
+namespace :libvirtinator do
+  # TODO: fix needing to define a stage before being able to install
+  desc 'Write example config files'
+  task :install do
+    run_locally do
+      execute "mkdir", "-p", "config/deploy", "templates/libvirtinator"
+      {
+        'examples/Capfile'                      => 'Capfile_example',
+        'examples/config/deploy.rb'             => 'config/deploy_example.rb',
+        'examples/config/sysadmins_keys.rb'     => 'config/sysadmins_keys_example.rb',
+        'examples/config/deploy/vm_name.rb'     => 'config/deploy/vm_name_example.rb',
+        'examples/first_boot.sh.erb'            => 'templates/libvirtinator/first_boot_example.sh.erb',
+        'examples/fstab.erb'                    => 'templates/libvirtinator/fstab_example.erb',
+        'examples/hostname.erb'                 => 'templates/libvirtinator/hostname_example.erb',
+        'examples/hosts.erb'                    => 'templates/libvirtinator/hosts_example.erb',
+        'examples/interfaces.erb'               => 'templates/libvirtinator/interfaces_example.erb',
+        'examples/server.xml.erb'               => 'templates/libvirtinator/server_example.xml.erb',
+        'examples/sudoers-sudo.erb'             => 'templates/libvirtinator/sudoers-sudo_example.erb',
+        'examples/vmbuilder-init.sh.erb'        => 'templates/libvirtinator/vmbuilder-init_example.sh.erb',
+        'examples/vmbuilder.cfg.erb'            => 'templates/libvirtinator/vmbuilder_example.cfg.erb',
+      }.each do |source, destination|
+        config = File.read(File.dirname(__FILE__) + "/#{source}")
+        File.open("./#{destination}", 'w') { |f| f.write(config) }
+        info "Wrote '#{destination}'"
+      end
+      info "Now remove the '_example' portion of their names or diff with existing files and add the needed lines."
+    end
+  end
+
+  desc 'Write an example VM config file'
+  task :install_vm do
+    run_locally do
+      execute "mkdir", "-p", "config/deploy"
+      {
+        'examples/config/deploy/vm_name.rb'     => 'config/deploy/vm_name_example.rb',
+      }.each do |source, destination|
+        config = File.read(File.dirname(__FILE__) + "/#{source}")
+        File.open("./#{destination}", 'w') { |f| f.write(config) }
+        info "Wrote '#{destination}'"
+      end
+      info "Now remove the '_example' portion of the name or diff with existing files and add the needed lines."
+    end
+  end
+end

data/lib/libvirtinator/examples/Capfile

@@ -0,0 +1,3 @@
+# Load DSL and Setup Up Stages
+require 'capistrano/setup'
+require 'libvirtinator'

data/lib/libvirtinator/examples/config/deploy/vm_name.rb

@@ -0,0 +1,28 @@
+set :host_machine_name,     "my-host"
+set :user,                  -> { ENV['USER'] } # SSH user
+
+role :app,                  "#{fetch(:user)}@#{fetch(:host_machine_name)}.example.com"
+
+set :base_image,            "ubuntu-14.04-v0.0.0-docker1.3.1.qcow2"
+set :node_name,             -> { fetch(:stage) }
+
+set :data_disk_enabled,     true
+set :data_disk_gb,          "50"
+set :data_disk_type,        "lv"            # "lv" or "qemu"
+set :data_disk_mount_point, "/var/www"      # inside the vm
+set :data_disk_partition,   "0"             # set to "0" for none (normal),
+                                            # set to <partition number> for legacy logical volumes w/ partitions
+set :memory_gb,             "2"
+set :cpus,                  "4"
+
+set :ip,                    "123.123.123.123"
+set :cidr,                  "123_123_123_123-27"
+
+set :node_fqdn,             -> { "#{fetch(:node_name)}.example.com" }
+set :app_fqdn,              "my-app.example.com"
+set :hostname,              "my-app"
+
+set :usergroups,            ["sysadmins"]
+fetch(:usergroups).each do |usergroup|
+  require "./config/#{usergroup}_keys.rb"
+end

data/lib/libvirtinator/examples/config/deploy.rb

@@ -0,0 +1,65 @@
+# config valid only for Capistrano 3.1
+lock '3.2.1'
+
+set :log_level, :info
+#set :log_level, :debug
+
+# Setup the host machiness you will use
+set "my_host_data_disk_vg_path",          "/dev/ubuntu-vg"
+set "my_host_dns_nameservers",            "8.8.8.8 8.8.4.4"
+set "my_host_bridge",                     "br0"
+set "my_host_root_partitions_path",       "/RootPartitions"
+
+set "my_other_host_data_disk_vg_path",    "/dev/ubuntu-vg"
+set "my_other_host_dns_nameservers",      "8.8.8.8 8.8.4.4"
+set "my_other_host_bridge",               "br0"
+set "my_other_host_root_partitions_path", "/RootPartitions"
+
+# Setup the CIDRs you will use
+set "123_123_123_123-27_network",         "123.123.123.0"
+set "123_123_123_123-27_gateway",         "123.123.123.1"
+set "123_123_123_123-27_broadcast",       "123.123.123.31"
+set "123_123_123_123-27_netmask",         "255.255.255.224"
+
+set "231_231_231_231-27_network",         "231.231.231.0"
+set "231_231_231_231-27_gateway",         "231.231.231.1"
+set "231_231_231_231-27_broadcast",       "231.231.231.31"
+set "231_231_231_231-27_netmask",         "255.255.255.224"
+
+# Global dns-search. Can be overridden by setting the same
+#   in a VM's settings file, (a config/deploy/<stage>.rb file.)
+set :dns_search,                          "example.com example2.com"
+
+# Setup vmbuilder for building a base image
+set :release_name,                        "ubuntu-14.04-v0.0.1-docker1.3.1"
+set :vmbuilder_run_command,               -> {
+  [ "kvm", "ubuntu",
+    "-o",
+    "--debug",
+    "--verbose",
+    "--dest=/tmp/#{fetch(:release_name)}",
+    "--config=templates/#{fetch(:release_name)}.cfg",
+    "--execscript=templates/#{fetch(:release_name)}-init.sh",
+    "--firstboot=/tmp/first_boot.sh",
+    "--rootsize=15360",
+    "--swapsize=2048"
+  ].join(' ')
+}
+
+
+## Settings that shouldn't need changed:
+set :nbd_run_file,          -> { "/var/lock/#{fetch(:node_name)}.nbd" }
+set :nbd_lock_file,         -> { "/var/lock/qemu-nbd-#{fetch(:nbd)}" }
+set :dev_nbd,               -> { "/dev/#{fetch(:nbd)}" }
+set :dev_nbdp1,             -> { "/dev/#{fetch(:nbd)}p1" }
+set :dns_nameservers,       -> { fetch("#{fetch(:host_machine_name)}_dns_nameservers") }
+set :bridge,                -> { fetch("#{fetch(:host_machine_name)}_bridge") }
+set :root_partitions_path,  -> { fetch("#{fetch(:host_machine_name)}_root_partitions_path") }
+set :base_image_path,       -> { "#{fetch(:root_partitions_path)}/#{fetch(:base_image)}" }
+set :root_image_path,       -> { "#{fetch(:root_partitions_path)}/#{fetch(:node_name)}-root.qcow2" }
+set :mount_point,           -> { "#{fetch(:root_partitions_path)}/#{fetch(:node_name)}-root.qcow2_mnt" }
+set :data_disk_vg_path,     -> { fetch("#{fetch(:host_machine_name)}_data_disk_vg_path") }
+set :data_disk_lv_name,     -> { "#{fetch(:node_name)}-data" }
+set :data_disk_lv_path,     -> { "#{fetch(:data_disk_vg_path)}/#{fetch(:data_disk_lv_name)}" }
+set :data_disk_qemu_path,   -> { "#{fetch(:root_partitions_path)}/#{fetch(:node_name)}-data.qcow2" }
+

data/lib/libvirtinator/examples/config/sysadmins_keys.rb

@@ -0,0 +1,20 @@
+set :sysadmins, [
+  {
+    "name"      => "username",
+    "disabled"  => false,
+    "groups"    => ["sudo", "docker"],
+    "ssh_keys"  => [
+      "ssh-rsa blahblahblah username@computer",
+      "ssh-rsa blahblahblahother username@computer2"
+    ]
+  },
+  {
+    "name"      => "username-other",
+    "disabled"  => false,
+    "groups"    => ["sudo", "docker"],
+    "ssh_keys"  => [
+      "ssh-rsa blahblahblah username-other@computer",
+      "ssh-rsa blahblahblahother username-other@computer2"
+    ]
+  }
+]

data/lib/libvirtinator/examples/first_boot.sh.erb

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+# Delete the ubuntu user's password
+passwd -d ubuntu
+
+# Regenerate ssh keys
+rm /etc/ssh/ssh_host*key*
+dpkg-reconfigure -fnoninteractive -pcritical openssh-server

data/lib/libvirtinator/examples/fstab.erb

@@ -0,0 +1,8 @@
+# /etc/fstab: static file system information.
+# <file system> <mount point> <type> <options> <dump> <pass>
+proc            /proc         proc    defaults  0     0
+/dev/vda1       /             ext4    defaults  0     0
+/dev/vda2       swap          swap    defaults  0     0
+<% if @data_disk_enabled %>
+/dev/vdb<%= @data_disk_partition unless @data_disk_partition == "0" %>        <%= @data_disk_mount_point %>         ext4    defaults  0     2
+<% end %>

data/lib/libvirtinator/examples/hostname.erb

@@ -0,0 +1 @@
+<%= @hostname %>

data/lib/libvirtinator/examples/hosts.erb

@@ -0,0 +1,11 @@
+127.0.0.1 localhost
+127.0.1.1 <%= @node_fqdn %> <%= @node_name %>
+127.0.1.1 <%= @app_fqdn %> <%= @hostname %>
+
+# The following lines are desirable for IPv6 capable hosts
+::1 ip6-localhost ip6-loopback
+fe00::0 ip6-localnet
+ff00::0 ip6-mcastprefix
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
+ff02::3 ip6-allhosts

data/lib/libvirtinator/examples/interfaces.erb

@@ -0,0 +1,17 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+auto eth0
+iface eth0 inet static
+  network         <%= @network %>
+  gateway         <%= @gateway %>
+  address         <%= @ip %>
+  broadcast       <%= @broadcast %>
+  netmask         <%= @netmask %>
+  dns-nameservers <%= @dns_nameservers %>
+  dns-search      <%= @dns_search %>

data/lib/libvirtinator/examples/server.xml.erb

@@ -0,0 +1,57 @@
+<domain type='kvm'>
+  <name><%= @node_name %></name>
+  <memory><%= @memory_gb %></memory>
+  <currentMemory><%= @memory_gb %></currentMemory>
+  <vcpu><%= @cpus %></vcpu>
+  <os>
+    <type>hvm</type>
+    <type arch='x86_64' machine='pc-0.12'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <features>
+    <acpi/>
+  </features>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/kvm</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2'/>
+      <source file='<%= @root_image_path %>'/>
+      <target dev='vda' bus='virtio'/>
+    </disk>
+    <% if @data_disk_enabled %>
+      <% if @data_disk_type == "lv" %>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source file='<%= @data_disk_lv_path %>'/>
+      <target dev='vdb' bus='virtio'/>
+    </disk>
+      <% end %>
+      <% if @data_disk_type == "qemu" %>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2'/>
+      <source file='<%= @data_disk_qemu_path %>'/>
+      <target dev='vdb' bus='virtio'/>
+    </disk>
+      <% end %>
+    <% end %>
+    <interface type='bridge'>
+      <source bridge='<%= @bridge %>'/>
+      <model type='virtio'/>
+    </interface>
+    <input type='mouse' bus='ps2'/>
+    <graphics type='vnc' port='-1' autoport='yes' listen='127.0.0.1'/>
+    <video>
+      <model type='cirrus' vram='9216' heads='1'/>
+    </video>
+    <serial type='pty'>
+      <target port='0'/>
+    </serial>
+    <console type='pty'>
+      <target port='0'/>
+    </console>
+  </devices>
+</domain>

data/lib/libvirtinator/examples/sudoers-sudo.erb

@@ -0,0 +1,2 @@
+%sudo   ALL=(ALL) ALL
+# %sudo   ALL=(ALL) NOPASSWD: ALL

data/lib/libvirtinator/examples/vmbuilder-init.sh.erb

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+chroot $1 apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
+chroot $1 sh -c "echo deb https://get.docker.com/ubuntu docker main > /etc/apt/sources.list.d/docker.list"
+chroot $1 apt-get purge -y grub
+chroot $1 apt-get update -qq
+chroot $1 apt-get install -y lxc-docker grub-pc
+chroot $1 sed -i'' -e"s/GRUB_CMDLINE_LINUX=.*/GRUB_CMDLINE_LINUX=\"cgroup_enable=memory swapaccount=1\"/" /etc/default/grub
+chroot $1 update-grub

data/lib/libvirtinator/examples/vmbuilder.cfg.erb

@@ -0,0 +1,16 @@
+[DEFAULT]
+arch       = amd64
+tmpfs      = -
+user       = ubuntu
+name       = ubuntu
+execscript = /tmp/init.sh
+firstboot  = /tmp/first_boot.sh
+
+[ubuntu]
+mirror     = http://archive.ubuntu.com/ubuntu
+flavour    = virtual
+suite      = trusty
+domain     = example.com
+components = main,restricted,universe,multiverse
+removepkg  = grub
+addpkg     = openssh-server, unattended-upgrades, acpid, aptitude, language-pack-en-base, bwm-ng, htop, iotop, bzip2, file, unzip, zip, rar, unrar, nmap, man-db, curl, tmux, git-core, vim, locate, ipcalc, sl, nagios-plugins-basic, wget, rsync, tcpdump, mtr, apparmor, cgroup-lite, apt-transport-https, linux-image-generic, grub-pc

data/lib/libvirtinator/image.rb

@@ -0,0 +1,185 @@
+namespace :image do
+  desc "Build a base qcow2 image."
+  task :build_base do
+    on roles(:app) do
+      as :root do
+        ["first_boot.sh", "vmbuilder-init.sh", "vmbuilder.cfg"].each do |file|
+          template = File.new(File.expand_path("templates/#{file}.erb")).read
+          generated_config_file = ERB.new(template).result(binding)
+          upload! StringIO.new(generated_config_file), "/tmp/#{file}"
+          execute("chown", "-R", "root:root", "/tmp/#{file}")
+          execute("chmod", "770", "/tmp/#{file}")
+        end
+        # rootsize & swapsize settings do not get picked up in cfg file, so set here
+        if test "vmbuilder", fetch(:vmbuilder_run_command)
+          execute "mv /tmp/#{fetch(:release_name)}/*.qcow2 /tmp/#{fetch(:release_name)}/#{fetch(:release_name)}.qcow2"
+          info("Build finished successfully!")
+          info("You probably want to run 'cp /tmp/#{fetch(:release_name)}/#{fetch(:release_name)}.qcow2 <root partitions path>'.")
+          info("If you ran this on a Ubuntu 14.04 or later host, you'll probabaly want to make the image compatible " +
+              "with older versions of qemu using a command like this: 'sudo qemu-img amend -f qcow2 -o compat=0.10 #{fetch(:release_name)}.qcow2'.")
+        end
+        execute "rm", "/tmp/first_boot.sh", "-f"
+      end
+    end
+  end
+
+  #desc "Mount qcow2 image by creating a run file holding the nbd needed."
+  task :mount do
+    on roles(:app) do
+      as :root do
+        if test "[", "-f", fetch(:nbd_run_file), "]"
+          unless test "[", "-f", fetch(:nbd_lock_file), "]"
+            unless test "mountpoint", "-q", fetch(:mount_point)
+              info "Removing leftover run file"
+              execute "rm", fetch(:nbd_run_file), "-f"
+              unless test "[", "-f", fetch(:nbd_run_file), "]"
+                Rake::Task['image:mount'].reenable
+                return Rake::Task['image:mount'].invoke
+              end
+            end
+          end
+          raise "nbd run file already exists. is it already connected?"
+        end
+        info "Mounting #{fetch(:root_image_path)} on #{fetch(:mount_point)}"
+        set :nbd_connected, false
+        until fetch(:nbd_connected)
+          Rake::Task['image:connect_to_unused_nbd'].reenable
+          Rake::Task['image:connect_to_unused_nbd'].invoke
+        end
+        raise "Mount point #{fetch(:mount_point)} is already mounted" if test "mountpoint", "-q", fetch(:mount_point)
+        execute "mkdir", "-p", fetch(:mount_point)
+        execute "mount", fetch(:dev_nbdp1), fetch(:mount_point)
+        raise "Failed to mount #{fetch(:mount_point)}" unless test "mountpoint", "-q", fetch(:mount_point)
+        info "Mounted #{fetch(:root_image_path)} on #{fetch(:mount_point)} using #{fetch(:dev_nbd)}"
+      end
+    end
+  end
+
+  #desc "Un-mount qcow2 image"
+  task :umount do
+    on roles(:app) do
+      as :root do
+        if test "[", "-f", fetch(:nbd_run_file), "]"
+          info "found #{fetch(:nbd_run_file)}"
+        else
+          info "Unable to read #{fetch(:nbd_run_file)}"
+        end
+        set :nbd, capture("cat", fetch(:nbd_run_file)).chomp
+        unless test "mountpoint", "-q", fetch(:mount_point)
+          info "#{fetch(:mount_point)} is not mounted"
+        end
+        info "Unmounting root image #{fetch(:root_image_path)}"
+        execute "umount", fetch(:mount_point)
+        if test "mountpoint", "-q", fetch(:mount_point)
+          info "Failed to umount #{fetch(:mount_point)}"
+        end
+        Rake::Task['image:disconnect_from_nbd'].invoke
+        execute "rm", fetch(:mount_point), "-rf"
+        raise "Failed to remove #{fetch(:mount_point)}" if test "[", "-d", fetch(:mount_point), "]"
+      end
+    end
+  end
+
+  desc "Find the base image for each root qcow2 image."
+  task :list_bases do
+    on roles(:app) do
+      as :root do
+        set :files, -> { capture("ls", "#{fetch(:root_partitions_path)}/*.qcow2" ).split }
+        if fetch(:files, "").empty?
+          fatal "Error: No qcow2 files found in #{fetch(:root_partitions_path)}"
+          exit
+        end
+        fetch(:files).each do |image_file|
+          backing_file = ""
+          capture("qemu-img info #{image_file}").each_line do |line|
+            if line =~ /backing\ file:/
+              backing_file = line.split[2]
+            end
+          end
+          unless backing_file.empty?
+            info "#{backing_file} < #{image_file}"
+          else
+            info "No backing file found for #{image_file}"
+          end
+        end
+      end
+    end
+  end
+
+  task :connect_to_unused_nbd do
+    on roles(:app) do
+      as :root do
+        set :prelock, -> { "#{fetch(:nbd_lock_file)}.prelock" }
+        begin
+          raise "Error: #{fetch(:root_image_path)} not found!" unless test "[", "-f", fetch(:root_image_path), "]"
+          set :nbd, "nbd#{rand(16)}"
+          info "Randomly trying the #{fetch(:nbd)} network block device"
+          if test "[", "-f", fetch(:prelock), "]"
+            info "Another process is checking #{fetch(:nbd)}. Trying again..."
+            set :nbd_connected, false
+            return
+          else
+            execute "touch", fetch(:prelock)
+            info "Checking for qemu-nbd created lock file"
+            if test "[", "-f", fetch(:nbd_lock_file), "]"
+              info "#{fetch(:dev_nbd)} lockfile already in place - nbd device may be in use. Trying again..."
+              set :nbd_connected, false
+              return
+            end
+            if test "[", "-b", fetch(:dev_nbdp1), "]"
+              info "nbd device in use but no lockfile, Trying again..."
+              set :nbd_connected, false
+              return
+            end
+            info "Found unused block device"
+
+            execute "qemu-nbd", "-c", fetch(:dev_nbd), fetch(:root_image_path)
+            info "Waiting for block device to come online . . . "
+            begin
+              Timeout::timeout(20) do
+                until test "[", "-b", fetch(:dev_nbdp1), "]"
+                  sleep 3
+                end
+                execute "echo", fetch(:nbd), ">", fetch(:nbd_run_file)
+                info "device online"
+                set :nbd_connected, true
+              end
+            rescue TimeoutError
+              fatal "Error: unable to create block dev #{fetch(:dev_nbd)}, trying again..."
+              set :nbd_connected, false
+              return
+              #raise "unable to create block device #{fetch(:dev_nbd)}"
+            end
+          end
+        ensure
+          execute "rm", fetch(:prelock), "-f"
+        end
+      end
+    end
+  end
+
+  task :disconnect_from_nbd do
+    on roles(:app) do
+      as :root do
+        execute "qemu-nbd", "-d", fetch(:dev_nbd)
+        info "Waiting for block device to go offline . . . "
+        begin
+          Timeout::timeout(20) do
+            while test "[", "-b", fetch(:dev_nbdp1), "]"
+              print ". "
+              sleep 3
+            end
+            info "block device offline"
+          end
+        rescue TimeoutError
+          info "Error: unable to free block dev #{fetch(:dev_nbd)}"
+          execute "rm", fetch(:nbd_run_file), "-rf"
+          execute "touch", fetch(:nbd_lock_file)
+          exit 1
+        end
+        raise "failed to free #{fetch(:dev_nbd)}" if test "[", "-b", fetch(:dev_nbdp1), "]"
+        execute "rm", fetch(:nbd_run_file), "-rf"
+      end
+    end
+  end
+end

data/lib/libvirtinator/lv.rb

@@ -0,0 +1,45 @@
+namespace :lv do
+  desc "Remove a logical volume and recreate it."
+  task :recreate do
+    on roles(:app) do
+      as :root do
+        if test "[", "-b", fetch(:data_disk_lv_path), "]"
+          ask :yes_no, "Are you sure you want to delete and recreate the logical volume #{fetch(:data_disk_lv_path)}?"
+          if fetch(:yes_no).chomp.downcase == "yes"
+            execute "lvremove", "--force", fetch(:data_disk_lv_path)
+            sleep 1
+          end
+        else
+          warn "Error: #{fetch(:data_disk_lv_path)} not found, yet you called lv:recreate!"
+        end
+        Rake::Task["lv:create"].invoke
+      end
+    end
+  end
+
+  #desc "Create a logical volume."
+  task :create do
+    on roles(:app) do
+      as :root do
+        if test "lvcreate", fetch(:data_disk_vg_path), "-L", "#{fetch(:data_disk_gb)}G", "-n", fetch(:data_disk_lv_name)
+          Rake::Task["lv:mkfs"].invoke
+        else
+          fatal "Error running lvcreate!"
+          exit
+        end
+      end
+    end
+  end
+
+  #desc "Create an ext4 filesystem."
+  task :mkfs do
+    on roles(:app) do
+      as :root do
+        unless test "[", "-b", fetch(:data_disk_lv_path), "]"
+          raise "Tried to create filesystem but path does not exist!"
+        end
+        execute "mkfs.ext4", "-q", "-m", "0", fetch(:data_disk_lv_path)
+      end
+    end
+  end
+end

data/lib/libvirtinator/users.rb

@@ -0,0 +1,55 @@
+namespace :users do
+
+  task :load_settings do
+    set :path, ""
+    until File.exists?(fetch(:path)) and (! File.directory?(fetch(:path)))
+      ask :path, "Which private key has SSH access to the VM? Specifiy an absolute path"
+    end
+    SSHKit::Backend::Netssh.configure do |ssh|
+      ssh.ssh_options = {
+        keys: fetch(:path),
+        forward_agent: false,
+        auth_methods: %w(publickey)
+      }
+    end
+  end
+
+  desc "Idempotently setup unix admin users using SSH with sudo rights."
+  task :setup => :load_settings do
+    on "#{fetch(:user)}@#{fetch(:ip)}" do
+      as :root do
+        fetch(:usergroups).each do |usergroup|
+          usergroup = usergroup.to_sym
+          next if fetch(usergroup).nil? or fetch(usergroup).empty?
+          fetch(usergroup).each do |user|
+            key_file = "/home/#{user['name']}/.ssh/authorized_keys"
+            if user['disabled']
+              if test "id", "-u", user['name']
+                execute "bash", "-c", "\"echo", "''", ">", "#{key_file}\""
+                execute "passwd", "-d", user['name']
+                info "Disabled user #{user['name']}"
+              end
+            else
+              unless test "id", "-u", user['name']
+                exit unless test "adduser", "--disabled-password", "--gecos", "\'\'", user['name']
+              end
+              execute "usermod", "-s", "'/bin/bash'", user['name']
+              user['groups'].each do |group|
+                execute "usermod", "-a", "-G", group, user['name']
+              end
+              execute "mkdir", "-p", "/home/#{user['name']}/.ssh"
+              execute "chown", "#{user['name']}.", "-R", "/home/#{user['name']}"
+              execute "chmod", "700", "/home/#{user['name']}/.ssh"
+              content = StringIO.new("#{user['ssh_keys'].join("\n\n")}\n")
+              upload! content, "/tmp/temp_authorized_keys"
+              execute "mv", "/tmp/temp_authorized_keys", "/home/#{user['name']}/.ssh/authorized_keys"
+              execute "chown", "#{user['name']}.", "#{key_file}"
+              execute "chmod", "600", "#{key_file}"
+            end
+          end
+        end
+      info "Finished setting up users"
+      end
+    end
+  end
+end

data/lib/libvirtinator/vm.rb

@@ -0,0 +1,411 @@
+require 'socket'
+require 'timeout'
+require 'erb'
+
+namespace :vm do
+  desc "Check the current status of a VM"
+  task :status do
+    on roles(:app) do
+      as :root do
+        if test("virsh", "list", "--all", "|", "grep", "-q", "#{fetch(:node_name)}")
+          if test("virsh", "list", "|", "grep", "-q", "#{fetch(:node_name)}")
+            info "VM #{fetch(:node_name)} exists and is running on #{host}"
+          else
+            info "VM #{fetch(:node_name)} is defined but not running on #{host}"
+          end
+        else
+          info "VM #{fetch(:node_name)} is undefined on #{host}"
+        end
+        if system "bash -c \"ping -c 3 -w 5 #{fetch(:ip)} &> /dev/null\""
+          begin
+            Timeout::timeout(5) do
+              (TCPSocket.open(fetch(:ip),22) rescue nil)
+              info "The IP #{fetch(:ip)} is responding to ping and SSH"
+            end
+          rescue TimeoutError
+            info "The IP #{fetch(:ip)} is responding to ping but not SSH"
+          end
+        else
+          info "The IP #{fetch(:ip)} is not responding to ping"
+        end
+      end
+    end
+  end
+
+  desc "Start a copy-on-write Virtual Machine from a base image."
+  task :start do
+    on roles(:app) do
+      info "Preparing to start #{fetch(:node_name)}"
+      Rake::Task['vm:ensure_nbd_module'].invoke
+      Rake::Task['vm:ensure_root_partitions_path'].invoke
+      Rake::Task['vm:ensure_vm_not_running'].invoke
+      Rake::Task['vm:ensure_ip_no_ping'].invoke
+      Rake::Task['vm:ensure_vm_not_defined'].invoke
+      Rake::Task['vm:verify_base'].invoke
+      Rake::Task['vm:remove_root_image'].invoke
+      Rake::Task['vm:create_root_image'].invoke
+      begin
+        Rake::Task["image:mount"].invoke
+        Rake::Task['vm:update_root_image'].invoke
+      ensure
+        Rake::Task["image:umount"].invoke
+      end
+      Rake::Task['vm:create_data'].invoke
+      Rake::Task['vm:define_domain'].invoke
+      Rake::Task['vm:start_domain'].invoke
+      Rake::Task['vm:reset_known_hosts_on_host'].invoke
+      Rake::Task['vm:setup_agent_forwarding'].invoke
+      Rake::Task['vm:wait_for_ping'].invoke
+      Rake::Task['vm:wait_for_ssh_alive'].invoke
+      Rake::Task['users:setup'].invoke
+      info "Say, you don't say? Are we finished?"
+    end
+  end
+
+  task :ensure_root_partitions_path do
+    on roles(:app) do
+      as :root do
+        dir = fetch(:root_partitions_path)
+        unless test "[", "-d", dir, "]"
+          fatal "Error: root partitions path #{dir} is not a directory!" && raise
+        end
+      end
+    end
+  end
+
+  task :ensure_nbd_module do
+    on roles(:app) do
+      as :root do
+        unless test("lsmod | grep -q nbd")
+          info 'Running modprobe nbd'
+          execute "modprobe", "nbd"
+          sleep 0.5
+          unless test("lsmod | grep -q nbd")
+            fatal "Error: Unable to modprobe nbd!" && raise
+          end
+        end
+      end
+    end
+  end
+
+  task :ensure_vm_not_running do
+    on roles(:app) do
+      as :root do
+        if test("virsh", "list", "|", "grep", "-q", "#{fetch(:node_name)}")
+          fatal "The VM #{fetch(:node_name)} is already running!" && raise
+        end
+      end
+    end
+  end
+
+  task :ensure_ip_no_ping do
+    run_locally do
+      info "Attempting to ping #{fetch(:ip)}"
+      if system "bash -c \"ping -c 3 -w 5 #{fetch(:ip)} &> /dev/null\""
+        fatal "The IP #{fetch(:ip)} is already pingable!"
+        raise
+      else
+        info "No ping returned, continuing"
+      end
+    end
+  end
+
+  task :ensure_vm_not_defined do
+    on roles(:app) do
+      as :root do
+        if test("virsh", "list", "--all", "|", "grep", "-q", "#{fetch(:node_name)}")
+          set :yes_or_no, ""
+          until fetch(:yes_or_no).chomp.downcase == "yes" or fetch(:yes_or_no).chomp.downcase == "no"
+            ask :yes_or_no, "The VM #{fetch(:node_name)} is defined but not running! Do you want to undefine/redefine it?"
+          end
+          unless fetch(:yes_or_no).chomp.downcase == "yes"
+            exit
+          else
+            execute "virsh", "undefine", fetch(:node_name)
+          end
+        end
+      end
+    end
+  end
+
+  task :verify_base do
+    on roles(:app) do
+      as :root do
+        unless test "[", "-f", fetch(:base_image_path), "]"
+          fatal "Error: cannot find the base image #{fetch(:base_image_path)}" && raise
+        end
+        raise unless test("chown", "libvirt-qemu:kvm", fetch(:base_image_path))
+      end
+    end
+  end
+
+  task :remove_root_image do
+    on roles(:app) do
+      as :root do
+        # use 'cap <server> create recreate_root=true' to recreate the root image
+        if ENV['recreate_root'] == "true"
+          if test "[", "-f", root_image_path, "]"
+            set :yes_or_no, ""
+            until fetch(:yes_or_no).chomp.downcase == "yes" or fetch(:yes_or_no).chomp.downcase == "no"
+              ask :yes_or_no, "Are you sure you want to remove the existing #{root_image_path} file?"
+            end
+            if fetch(:yes_or_no).chomp.downcase == "yes"
+              info "Removing old image"
+              execute "rm", root_image_path
+            end
+          end
+        end
+      end
+    end
+  end
+
+  task :create_root_image do
+    on roles(:app) do
+      as :root do
+        unless test "[", "-f", fetch(:root_image_path), "]"
+          info "Creating new image"
+          execute "qemu-img", "create", "-b", fetch(:base_image_path), "-f", "qcow2", fetch(:root_image_path)
+        else
+          set :yes_or_no, ""
+          until fetch(:yes_or_no).chomp.downcase == "yes" or fetch(:yes_or_no).chomp.downcase == "no"
+            ask :yes_or_no, "#{fetch(:root_image_path)} already exists, do you want to continue to update it's configuration?"
+          end
+          if fetch(:yes_or_no).chomp.downcase == "yes"
+            info "Updating file on an existing image."
+          else
+            exit
+          end
+        end
+      end
+    end
+  end
+
+  task :update_root_image do
+    on roles(:app) do
+      as :root do
+        mount_point = fetch(:mount_point)
+        raise if mount_point.nil?
+        set :logs_path,         -> { fetch(:internal_logs_path) }
+        @internal_logs_path     = fetch(:logs_path)
+        @node_name              = fetch(:node_name)
+        @node_fqdn              = fetch(:node_fqdn)
+        @app_fqdn               = fetch(:app_fqdn)
+        @hostname               = fetch(:hostname)
+        @data_disk_enabled      = fetch(:data_disk_enabled)
+        @data_disk_partition    = fetch(:data_disk_partition)
+        @data_disk_mount_point  = fetch(:data_disk_mount_point)
+        @network                = fetch("#{fetch(:cidr)}_network")
+        @gateway                = fetch("#{fetch(:cidr)}_gateway")
+        @ip                     = fetch(:ip)
+        @broadcast              = fetch("#{fetch(:cidr)}_broadcast")
+        @netmask                = fetch("#{fetch(:cidr)}_netmask")
+        @dns_nameservers        = fetch(:dns_nameservers)
+        @dns_search             = fetch(:dns_search)
+        {
+          "sudoers-sudo"      => "#{mount_point}/etc/sudoers.d/sudo",
+          "hosts"             => "#{mount_point}/etc/hosts",
+          "hostname"          => "#{mount_point}/etc/hostname",
+          "fstab"             => "#{mount_point}/etc/fstab",
+          "interfaces"        => "#{mount_point}/etc/network/interfaces",
+        }.each do |file, path|
+          template = File.new(File.expand_path("./templates/libvirtinator/#{file}.erb")).read
+          generated_config_file = ERB.new(template).result(binding)
+          upload! StringIO.new(generated_config_file), "/tmp/#{file}.file"
+          execute("mv", "/tmp/#{file}.file", path)
+          execute("chown", "root:root", path)
+        end
+        execute "sed", "-i\"\"", "\"/PermitRootLogin/c\\PermitRootLogin no\"",
+          "#{mount_point}/etc/ssh/sshd_config"
+        execute "chmod", "440", "#{mount_point}/etc/sudoers.d/*"
+        execute "echo", "-e", "\"\n#includedir /etc/sudoers.d\n\"", ">>",
+          "#{mount_point}/etc/sudoers"
+        user = fetch(:user)
+        begin
+          execute "bash", "-c", "\"for", "m", "in", "'sys'", "'dev'", "'proc';",
+            "do", "mount", "/$m", "#{mount_point}/$m", "-o", "bind;", "done\""
+          execute "chroot", mount_point, "/bin/bash", "-c",
+            "\"if", "!", "id", user, "&>", "/dev/null;", "then",
+            "useradd", "--user-group", "--shell",
+            "/bin/bash", "--create-home", "#{user};", "fi\""
+          execute "chroot", mount_point, "/bin/bash", "-c",
+            "\"usermod", "-a", "-G", "sudo", "#{user}\""
+          execute "mkdir", "-p", "#{mount_point}/home/#{user}/.ssh"
+          execute "chroot", mount_point, "/bin/bash", "-c",
+            "\"chown", "#{user}:#{user}", "/home/#{user}", "/home/#{user}/.ssh\""
+          execute "chmod", "700", "#{mount_point}/home/#{user}/.ssh"
+          set :path, ""
+          until File.exists? fetch(:path) and ! File.directory? fetch(:path)
+            ask :path, "Which public key should we install in #{user}'s authorized_keys file? Specifiy an absolute path"
+          end
+          upload! File.open(fetch(:path)), "/tmp/pubkeys"
+          execute "mv", "/tmp/pubkeys", "#{mount_point}/home/#{user}/.ssh/authorized_keys"
+          execute "chroot", mount_point, "/bin/bash", "-c",
+            "\"chown", "#{user}:#{user}", "/home/#{user}/.ssh/authorized_keys\""
+          execute "chmod", "600", "#{mount_point}/home/#{user}/.ssh/authorized_keys"
+          execute "mkdir", "-p", "#{mount_point}#{fetch(:data_disk_mount_point)}" if fetch(:data_disk_enabled)
+        ensure
+          execute "bash", "-c", "\"for", "m", "in", "'sys'", "'dev'", "'proc';",
+          "do", "umount", "#{mount_point}/$m;", "done\""
+        end
+      end
+    end
+  end
+
+  task :create_data do
+    on roles(:app) do
+      as 'root' do
+        unless fetch(:data_disk_enabled)
+          info "Not using a separate data disk."
+          break
+        end
+        if fetch(:data_disk_type) == "qemu"
+          if ! test("[", "-f", fetch(:data_disk_qemu_path), "]") or ENV['recreate_data'] == "true"
+            execute "guestfish", "--new", "disk:#{fetch(:data_disk_gb)}G << _EOF_
+  mkfs ext4 /dev/vda
+  _EOF_"
+            execute "qemu-img", "convert", "-O", "qcow2", "test1.img", "test1.qcow2"
+            execute "rm", "test1.img"
+            execute "mv", "test1.qcow2", fetch(:data_disk_qemu_path)
+          end
+        elsif fetch(:data_disk_type) == "lv"
+          if ENV['recreate_data'] == "true"
+            if test "[", "-b", fetch(:data_disk_lv_path), "]"
+              Rake::Task['lv:recreate'].invoke
+            else
+              Rake::Task['lv:create'].invoke
+            end
+          else
+            if test "[", "-b", fetch(:data_disk_lv_path), "]"
+              info "Found and using existing logical volume #{fetch(:data_disk_lv_path)}"
+            else
+              Rake::Task['lv:create'].invoke
+            end
+          end
+        else
+          fatal "No recognized disk type (lv, qemu), yet size is greater than zero!"
+          fatal "Fixed this by adding a recognized disk type (lv, qemu) to your config."
+          raise
+        end
+      end
+    end
+  end
+
+  task :define_domain do
+    on roles(:app) do
+      as 'root' do
+        # instance variables needed for ERB
+        @node_name              = fetch(:node_name)
+        @memory_gb              = fetch(:memory_gb).to_i * 1024 * 1024
+        @cpus                   = fetch(:cpus)
+        @root_image_path        = fetch(:root_image_path)
+        @data_disk_enabled      = fetch(:data_disk_enabled)
+        @data_disk_type         = fetch(:data_disk_type)
+        @data_disk_lv_path      = fetch(:data_disk_lv_path)
+        @data_disk_qemu_path    = fetch(:data_disk_qemu_path)
+        @bridge                 = fetch(:bridge)
+        template = File.new(File.expand_path("templates/libvirtinator/server.xml.erb")).read
+        generated_config_file = ERB.new(template).result(binding)
+        upload! StringIO.new(generated_config_file), "/tmp/server.xml"
+        execute "virsh", "define", "/tmp/server.xml"
+        execute "rm", "/tmp/server.xml", "-rf"
+      end
+    end
+  end
+
+  task :start_domain do
+    on roles(:app) do
+      as 'root' do
+        execute "virsh", "start", "#{fetch(:node_name)}"
+      end
+    end
+  end
+
+  # Keep this to aid with users setup
+  task :reset_known_hosts_on_host do
+    run_locally do
+      user = if ENV['SUDO_USER']; ENV['SUDO_USER']; else; ENV['USER']; end
+      execute "sudo", "-u", user, "ssh-keygen", "-R", "#{fetch(:node_name)}"
+      execute "sudo", "-u", user, "ssh-keygen", "-R", "#{fetch(:node_fqdn)}"
+      execute "sudo", "-u", user, "ssh-keygen", "-R", "#{fetch(:hostname)}"
+      execute "sudo", "-u", user, "ssh-keygen", "-R", "#{fetch(:app_fqdn)}"
+      execute "sudo", "-u", user, "ssh-keygen", "-R", "#{fetch(:ip)}"
+    end
+  end
+
+  task :wait_for_ping do
+    run_locally do
+      info "Waiting for VM to respond to ping.."
+      begin
+        Timeout::timeout(30) do
+          until system "bash -c \"ping -c 3 -w 5 #{fetch(:ip)} &> /dev/null\"" do
+            print ' ...'
+          end
+          info "Ping alive!"
+        end
+      rescue Timeout::Error
+        puts
+        set :yes_or_no, ""
+        until fetch(:yes_or_no).chomp.downcase == "yes" or fetch(:yes_or_no).chomp.downcase == "no"
+          ask :yes_or_no, "Networking on the VM has not come up in 30 seconds, would you like to wait another 30?"
+        end
+        if fetch(:yes_or_no).chomp.downcase == "yes"
+          Rake::Task['vm:wait_for_ping'].reenable
+          return Rake::Task['vm:wait_for_ping'].invoke
+        else
+          warn "Exiting.."
+          exit
+        end
+      end
+    end
+  end
+
+  task :setup_agent_forwarding do
+    run_locally do
+      lines = <<-eos
+\nHost #{fetch(:node_fqdn)}
+  ForwardAgent yes
+Host #{fetch(:hostname)}
+  ForwardAgent yes
+Host #{fetch(:app_fqdn)}
+  ForwardAgent yes
+Host #{fetch(:ip)}
+  ForwardAgent yes
+Host #{fetch(:node_name)}
+  ForwardAgent yes\n
+      eos
+      {ENV['USER'] => "/home/#{ENV['USER']}/.ssh"}.each do |user, dir|
+        if File.directory?(dir)
+          unless File.exists?("#{dir}/config")
+            execute "sudo", "-u", "#{user}", "touch", "#{dir}/config"
+            execute "chmod", "600", "#{dir}/config"
+          end
+          execute "echo", "-e", "\"#{lines}\"", ">>", "#{dir}/config"
+        end
+      end
+    end
+  end
+
+  task :wait_for_ssh_alive do
+    run_locally do
+      info "Waiting for VM SSH alive.."
+      begin
+        Timeout::timeout(30) do
+          (print "..."; sleep 3) until (TCPSocket.open(fetch(:ip),22) rescue nil)
+        end
+      rescue TimeoutError
+        set :yes_or_no, ""
+        until fetch(:yes_or_no).chomp.downcase == "yes" or fetch(:yes_or_no).chomp.downcase == "no"
+          ask :yes_or_no, "SSH on the VM has not come up in 30 seconds, would you like to wait another 30?"
+        end
+        if fetch(:yes_or_no).chomp.downcase == "yes"
+          Rake::Task['vm:wait_for_ssh_alive'].reenable
+          return Rake::Task['vm:wait_for_ssh_alive'].invoke
+        else
+          warn "Exiting.."
+          exit
+        end
+      end
+      info "SSH alive!"
+    end
+  end
+end

data/lib/libvirtinator.rb

@@ -0,0 +1,5 @@
+load 'libvirtinator/config.rb'
+load 'libvirtinator/vm.rb'
+load 'libvirtinator/users.rb'
+load 'libvirtinator/image.rb'
+load 'libvirtinator/lv.rb'

metadata

@@ -0,0 +1,81 @@
+--- !ruby/object:Gem::Specification
+name: libvirtinator
+version: !ruby/object:Gem::Version
+  version: 0.0.0
+  prerelease: 
+platform: ruby
+authors:
+- david amick
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-11-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: capistrano
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.2.1
+description: An Opinionated libvirt VM Deployment gem
+email: davidamick@ctisolutionsinc.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/libvirtinator.rb
+- lib/libvirtinator/config.rb
+- lib/libvirtinator/vm.rb
+- lib/libvirtinator/users.rb
+- lib/libvirtinator/image.rb
+- lib/libvirtinator/lv.rb
+- lib/libvirtinator/examples/Capfile
+- lib/libvirtinator/examples/config/deploy.rb
+- lib/libvirtinator/examples/config/deploy/vm_name.rb
+- lib/libvirtinator/examples/config/sysadmins_keys.rb
+- lib/libvirtinator/examples/first_boot.sh.erb
+- lib/libvirtinator/examples/fstab.erb
+- lib/libvirtinator/examples/hostname.erb
+- lib/libvirtinator/examples/hosts.erb
+- lib/libvirtinator/examples/interfaces.erb
+- lib/libvirtinator/examples/server.xml.erb
+- lib/libvirtinator/examples/sudoers-sudo.erb
+- lib/libvirtinator/examples/vmbuilder-init.sh.erb
+- lib/libvirtinator/examples/vmbuilder.cfg.erb
+homepage: https://github.com/snarlysodboxer/libvirtinator
+licenses:
+- GNU
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: 1.9.3
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements:
+- Docker ~1.3.1
+rubyforge_project: 
+rubygems_version: 1.8.23.2
+signing_key: 
+specification_version: 3
+summary: Deploy libvirt VMs
+test_files: []