ponyup 0.0.2

data/.gitignore

@@ -0,0 +1,3 @@
+/Rakefile
+Berksfile.lock
+dna.json

data/README.md

@@ -0,0 +1,62 @@
+# Pony Up
+A friendly DSL on top of [Rake][rake] to define and launch your cloud services.
+Uses [Fog][fog] to talk to the cloud.
+
+This is all for AWS right now.
+
+# Philosophy
+* Infrastructure as code
+* Start with basic building blocks: security groups, hosts, etc
+* Everything at a higher level can be done by chef
+* Provide the transition from lower layer (fog) to apps (chef)
+
+# Overview
+
+### ~/.fog
+
+First, set up your ~/.fog file with credentials and defaults:
+
+    :production:
+      :aws_access_key_id: XXXXXXXXXXXXXXXXX
+      :aws_secret_access_key: XXXXXXXXXXXXXXXXXX
+      :region: us-east-1
+      :key_name: production
+      :image_id: ami-9b85eef2
+      :flavor_id: t1.micro
+
+Your key_name field should have a matching ~/.ssh/{key_name}.pem file. If you
+name the group in fog anything other than `default` you will need to use the
+FOG_CREDENTIAL environment variable when running rake.
+
+
+### Rakefile
+
+    require_relative 'lib/ponyup'
+
+    security 'web', [80, 8080]
+
+    host 'appserver', 'web', 'recipe[appserver]'
+
+    task :default => :ponyup
+
+### Invocation
+
+To set up your full set of hosts and security groups:
+
+    rake FOG_CREDENTIAL=production
+
+To tear down your server:
+
+    rake host:appserver:destroy [FOG_CREDENTIAL=...]
+
+To see all availabe tasks:
+
+    rake -D
+
+# Examples
+
+There are examples in the [exmaples/][examples] directory.
+
+[fog]: http://fog.io/
+[rake]: http://rake.rubyforge.org/
+[examples]: http://github.com/xtoddx/ponyup/tree/master/examples

data/Rakefile.sample

@@ -0,0 +1,6 @@
+require_relative 'lib/ponyup'
+
+security 'ssh', 22
+secrity 'web', 80
+
+host 'appserver', ['ssh', 'web']

data/examples/chefserver/Berksfile

@@ -0,0 +1,3 @@
+site :opscode
+
+cookbook 'chef-server'

data/examples/chefserver/README.md

@@ -0,0 +1,15 @@
+# Ponyup Example: Chef Server
+
+The first thing you probably want to do in the cloud is run a chef server that
+all your instances launched in the future can connect to. This is that initail
+step.
+
+### Requirements
+
+* knife-solo, bootstraps the server node w/o an existing chef server
+* berkshelf, for specifying cookbooks in a plaintext format
+
+### Running
+
+    rake [FOG_CREDENTIAL=staging]
+

data/examples/chefserver/Rakefile

@@ -0,0 +1,11 @@
+require_relative '../../lib/ponyup'
+
+# 22 lets us run `knife solo bootstrap ...`
+# 443 is for the actual chef traffic.
+security 'chef', [22, 443]
+
+# The runlist is specified in dna.json, not here.
+# This is a limitation of knife-solo.
+host 'chefserver', 'chef', runlist='', knife_solo: true, attributes: 'dna.json'
+
+task :default => :ponyup

data/examples/chefserver/dna.json.example

@@ -0,0 +1 @@
+{"chef-server": {"api_fqdn": "chef.us-east-1.mycloudhosting.com"} }

data/lib/ponyup.rb

@@ -0,0 +1,191 @@
+require 'fog'
+
+Fog.credential = (ENV['FOG_CREDENTIAL'] || :staging).to_sym
+
+# Define a security group.
+#
+# To define a group that allows public access:
+#
+#     security 'vulnerable', [22, 80]
+#     security 'webish', 443
+#
+# To define an internal network accessible by instances on other groups:
+#
+#     security 'shadows', [], vulnerable: [22]
+#     security 'shadows', nil, vulnerable: 22
+#
+# To define a group that allows both public and internal net traffic:
+#
+#     security 'hybrid', 22, shadows: 8080
+#     security 'hybrid', [22, 80], shadows: 8080
+#
+def security name, public_ports=[], group_ports={}
+  security_namespace = SecurityRecord.define name, public_ports, group_ports
+  CloudRunner.add_component security_namespace
+end
+
+# Define a server.
+#
+# Options: key_name, image_id, size, knife_solo, attributes (filename)
+#
+def host name, security_groups, runlist, options={}
+  host_namespace = HostRecord.define name, security_groups, runlist, options
+  CloudRunner.add_component host_namespace
+end
+
+class CloudRunner # :nodoc:
+  extend Rake::DSL
+  def self.add_component namespace
+    task 'ponyup' => "#{namespace}:create"
+    task 'ponydown' => "#{namespace}:destroy"
+  end
+end
+
+class SecurityRecord # :nodoc:
+  extend Rake::DSL
+
+  # Return the namespace as string
+  def self.define name, public_ports, group_ports
+    namespace :security do
+      namespace name do
+        desc "Create #{name} security group"
+        task :create do
+          SecurityRecord.create name, public_ports, group_ports
+        end
+
+        desc "Delete #{name} security group"
+        task :destroy do
+          SecurityRecord.destroy name
+        end
+      end
+    end
+    "security:#{name}"
+  end
+
+  def self.create name, public_ports, group_ports
+    public_ports = Array(public_ports)
+    group = Fog::Compute[:aws].security_groups.get(name)
+    if group
+      delete_all_rules(group)
+    else
+      group = Fog::Compute[:aws].security_groups.new(name: name,
+                                        description: "Autmated Group #{name}")
+      group.save
+    end
+    unless public_ports.empty?
+      add_public_ports(group, public_ports)
+    end
+    unless group_ports.empty?
+      group_ports.each do |extern_group, ports|
+        ports = Array(ports)
+        add_group_ports(group, extern_group, ports)
+      end
+    end
+  end
+
+  def self.destroy name, ports
+    if group=Fog::Compute[:aws].security_groups.get(name)
+      group.delete
+    end
+  end
+
+  def self.add_public_ports group, ports
+    ports.each do |range|
+      range = range.respond_to?(:min) ? range : (range .. range)
+      group.authorize_port_range(range)
+    end
+  end
+
+  def self.add_group_ports group, other_name, ports
+    external_group = Fog::Compute[:aws].security_groups.get(other_name)
+    aws_spec = {external_group.owner_id => external_group.name}
+    ports.each do |port|
+      range = port.respond_to?(:min) ? port : (port .. port)
+      group.authorize_port_range range, group: aws_spec
+    end
+  end
+
+  def self.delete_all_rules group
+    group.ip_permissions.each do |perm|
+      ports = (perm['fromPort'] .. perm['toPort'])
+      if perm['groups'].any?
+        perm['groups'].each do |g|
+          group_spec = {g['userId'] => g['groupId']}
+          group.revoke_port_range(ports, group: group_spec)
+        end
+      else
+        group.revoke_port_range(ports)
+      end
+    end
+  end
+end
+
+class HostRecord # :nodoc:
+  extend Rake::DSL
+
+  def self.define name, security_groups, runlist=[], options={}
+    namespace :host do
+      namespace name do
+        desc "Launch #{name} in the cloud"
+        task :spinup do
+          HostRecord.launch name, security_groups, options
+        end
+
+        desc "Provision #{name} with chef"
+        task :provision do
+          HostRecord.provision name, runlist, options
+        end
+
+        desc "Create #{name} host"
+        task :create => [:spinup, :provision]
+
+        desc "Delete #{name} security group"
+        task :destroy do
+          HostRecord.destroy name
+        end
+      end
+    end
+    "host:#{name}"
+  end
+
+  def self.launch name, security_groups, options
+    if existing=get_instance(name)
+      existing.destroy
+    end
+    key = options[:key_name] || Fog.credentials[:key_name]
+    size = options[:size] || Fog.credentials[:size]
+    image = options[:image_id] || Fog.credentials[:image_id]
+    server = Fog::Compute[:aws].servers.create(groups: security_groups,
+                                               key_name: key,
+                                               flavor_id: size,
+                                               image_id: image,
+                                               tags: {'Name' => name})
+    Fog.wait_for { server.reload ; server.ready? }
+  end
+
+  def self.provision name, runlist, options
+    return if runlist.to_s.empty? && !options[:knife_solo]
+    instance = get_instance(name)
+    key_name = options[:key_name] || Fog.credentials[:key_name]
+    if options[:knife_solo]
+      system "knife solo bootstrap ubuntu@#{instance.dns_name} " +
+             "#{options[:attributes]} " +
+             "--identity-file ~/.ssh/#{key_name}.pem --node-name #{name}" +
+             "--run-list #{runlist}"
+    else
+      system "knife bootstrap #{instance.dns_name} " +
+             "--identity-file ~/.ssh/#{key_name}.pem --forward-agent " +
+             "--ssh-user ubuntu --sudo --node-name #{name} " +
+             "--run-list #{runlist}"
+    end
+  end
+
+  def self.destroy name
+    get_instance(name).destroy
+  end
+
+  def self.get_instance name
+    Fog::Compute[:aws].servers.all('tag:Name' => name,
+                                   'instance-state-name' => 'running').first
+  end
+end

data/ponyup.gemspec

@@ -0,0 +1,23 @@
+Gem::Specification.new do |s|
+  s.specification_version = 2
+  s.required_rubygems_version = Gem::Requirement.new('>= 0')
+
+  s.name = 'ponyup'
+  s.version = '0.0.2'
+  s.date = '2014-01-21'
+  s.summary = 'Manage virtual machines from cloud setup to chef provisioning'
+  s.description = 'Ponyup uses fog to manipulate clouds to get the them to the point you want use chef for provisioning, and then uses kinfe to bootstrap the nodes'
+  s.authors = ['xtoddx']
+  s.email = 'xtoddx@gmail.com'
+  s.homepage = 'http://github.com/xtoddx/ponyup'
+  s.license = 'MIT'
+  s.require_paths = %w[lib]
+  s.extra_rdoc_files = %w[README.md]
+
+  s.files = `git ls-files`.split("\n")
+  s.test_files = `git ls-files -- {spec,tests}/*`.split("\n")
+
+  s.add_dependency('fog', '>= 1.19.0')
+  #s.add_dependency('chef', '>= 11.8.2')
+  #s.add_dependency('knife-solo', '>= 0.4.1')
+end

metadata

@@ -0,0 +1,73 @@
+--- !ruby/object:Gem::Specification
+name: ponyup
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+  prerelease: 
+platform: ruby
+authors:
+- xtoddx
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-01-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: fog
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.19.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.19.0
+description: Ponyup uses fog to manipulate clouds to get the them to the point you
+  want use chef for provisioning, and then uses kinfe to bootstrap the nodes
+email: xtoddx@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- README.md
+files:
+- .gitignore
+- README.md
+- Rakefile.sample
+- examples/chefserver/Berksfile
+- examples/chefserver/README.md
+- examples/chefserver/Rakefile
+- examples/chefserver/dna.json.example
+- lib/ponyup.rb
+- ponyup.gemspec
+homepage: http://github.com/xtoddx/ponyup
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.25
+signing_key: 
+specification_version: 2
+summary: Manage virtual machines from cloud setup to chef provisioning
+test_files: []
+has_rdoc: