rouster 0.5 → 0.7

data/Rakefile

@@ -1,65 +1,83 @@
 require sprintf('%s/%s', File.dirname(File.expand_path(__FILE__)), 'path_helper')
 require 'rubygems'
 require 'rake/testtask'
+require 'reek/rake/task'
 
-task :buildgem do
+desc 'build the gem'
+task :build do
   sh 'gem build rouster.gemspec'
 end
 
+desc 'cleanup environment'
+task :clean do
+  sh 'rm /tmp/rouster-*'
+end
+
 task :default do
   sh 'ruby test/basic.rb'
 end
 
+desc 'run the example demo'
 task :demo do
   sh 'ruby examples/demo.rb'
 end
 
+desc 'rdoc generation'
 task :doc do
   sh 'rdoc --line-numbers lib/*'
 end
 
 task :examples do
   Dir['examples/**/*.rb'].each do |example|
-	  sh "ruby #{example}"
-	end
+    sh "ruby #{example}"
+  end
 end
 
-task :reek do
-  sh "reek lib/**/*.rb"
+desc 'shortcut to vagrant destroy -f'
+task :vdestroy do
+  sh 'vagrant destroy -f'
 end
 
-Rake::TestTask.new do |t|
-  t.name = 'test'
-  t.libs << 'lib'
-  t.test_files = FileList['test/**/test_*.rb']
-  t.verbose = true
+Reek::Rake::Task.new do |t|
+  t.config_file   = sprintf('%s/.reek', File.dirname(__FILE__))
+  #t.source_files  = FileList.new('lib/**/*.rb', 'plugins/**/*.rb')
+  t.source_files  = FileList.new('lib/**/*.rb')
+  t.reek_opts     = '--no-wiki-links'
+  t.fail_on_error = false
+  t.verbose       = true
 end
 
-Rake::TestTask.new do |t|
-  t.name = 'unit'
-  t.libs << 'lib'
-  t.test_files = FileList['test/unit/**/test_*.rb']
-  t.verbose = true
-end
+namespace :test do
+  Rake::TestTask.new(:all => :vdestroy) do |t|
+    t.description = 'run all tests'
+    t.libs << 'lib'
+    t.test_files = FileList['test/**/test_*.rb']
+  end
 
-Rake::TestTask.new do |t|
-  t.name = 'functional'
-  t.libs << 'lib'
-  t.test_files = FileList['test/functional/**/test_*.rb']
-  t.verbose = true
-end
+  Rake::TestTask.new do |t|
+    t.name = 'unit'
+    t.description = 'run unit tests'
+    t.libs << 'lib'
+    t.test_files = FileList['test/unit/**/test_*.rb']
+  end
 
-Rake::TestTask.new do |t|
-  t.name = 'deltas'
-  t.libs << 'lib'
-  t.test_files = FileList['test/functional/deltas/test_*.rb']
-  t.verbose = true
-end
+  Rake::TestTask.new(:functional => :vdestroy) do |t|
+    t.description = 'run functional tests'
+    t.libs << 'lib'
+    t.test_files = FileList['test/functional/**/test_*.rb']
+  end
 
-Rake::TestTask.new do |t|
-  t.name = 'puppet'
-  t.libs << 'lib'
-  t.test_files = FileList['test/puppet/test*.rb']
-  t.verbose = true
-end
+  Rake::TestTask.new(:deltas => :vdestroy) do |t|
+    t.description = 'run delta tests'
+    t.libs << 'lib'
+    t.test_files = FileList['test/functional/deltas/test_*.rb']
+  end
 
+  Rake::TestTask.new do |t|
+    t.name        = 'puppet'
+    t.description = 'run puppet tests'
+    t.libs << 'lib'
+    t.test_files  = FileList['test/puppet/test*.rb']
+    t.verbose = true
+  end
+end

data/Vagrantfile

@@ -1,17 +1,35 @@
 # stripped down example piab Vagrantfile for rouster
 
-box_url  = 'http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210.box'
-box_name = 'centos6'
-boxes    = [:ppm, :app]
+boxes = {
+  :ppm   => {
+    :box_name => 'centos6',
+    :box_url  => 'http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210.box',
+  },
+  :app   => {
+    :box_name => 'centos6',
+    :box_url  => 'http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210.box',
+  },
+
+  :ubuntu12  => {
+      :box_name => 'ubuntu12',
+      :box_url => 'http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210.box',
+  },
+
+  :ubuntu13     => {
+    :box_name => 'ubuntu13',
+    :box_url  => 'http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-1310-x64-virtualbox-puppet.box',
+  },
+
+}
 
 Vagrant::Config.run do |config|
-  boxes.each do |box|
+  boxes.each_pair do |box,hash|
     config.vm.define box do |worker|
 
-      worker.vm.box            = box_name
-      worker.vm.box_url        = box_url
-      worker.vm.host_name      = box.to_s
-      worker.vm.network        :hostonly, sprintf('10.0.1.%s', rand(253).to_i + 1)
+      worker.vm.box            = hash[:box_name]
+      worker.vm.box_url        = hash[:box_url]
+      worker.vm.host_name      = hash[:box_name]
+      worker.vm.network        :hostonly, sprintf('10.0.1.%s', rand(253).to_i + 2)
       worker.ssh.forward_agent = true
 
       if box.to_s.eql?('ppm') and File.directory?('../puppet')

data/examples/aws.rb

@@ -0,0 +1,85 @@
+require sprintf('%s/../%s', File.dirname(File.expand_path(__FILE__)), 'path_helper')
+
+require 'rouster'
+require 'plugins/aws' # brings in fog and some helpers
+
+aws_already_running = Rouster.new(
+  :name        => 'aws-already-running',
+  :passthrough => {
+    :type     => :aws,
+    :instance => 'your-instance-id',
+    :key      => sprintf('%s/.ssh/id_rsa-aws', ENV['HOME'])
+  },
+  :verbosity => 1,
+)
+
+a = aws_already_running.run('ls -l /etc/hosts; who')
+
+aws = Rouster.new(
+  :name      => 'aws-testing',
+  :sudo      => false,
+  :passthrough => {
+    # all required settings
+    :type            => :aws,
+    :keypair         => 'your-keypair-name',
+    :security_groups => 'integration-testing',
+    :key             => sprintf('%s/.ssh/id_rsa-aws', ENV['HOME']),
+    :userdata        => 'foo',
+
+    # optional, setting to be explicit
+    :ami                   => 'your-ami-id',
+    :dns_propagation_sleep => 20,
+    :min_count             => 1, # TODO don't know how to actually handle multiple machines.. just do the same thing on all of the hosts?
+    :max_count             => 1,
+    :region                => 'us-west-2',
+    :size                  => 't1.micro',
+    :ssh_port              => 22,
+    :user                  => 'ec2-user',
+
+    :key_id       => ENV['AWS_ACCESS_KEY_ID'],
+    :secret_key   => ENV['AWS_SECRET_ACCESS_KEY'],
+  },
+  :sshtunnel => false,
+  :verbosity => 1,
+)
+
+p "up(): #{aws.up}"
+
+aws_clone = Rouster.new(
+  :name => 'aws-testing-clone',
+  :passthrough => {
+    :type     => :aws,
+    :key      => sprintf('%s/.ssh/id_rsa-aws', ENV['HOME']),
+    :instance => aws.aws_get_instance,
+  },
+  :verbosity => 1,
+)
+
+[ aws, aws_already_running, aws_clone ].each do |a|
+  p "aws_get_ami: #{a.aws_get_ami}"
+  p "aws_get_instance: #{a.aws_get_instance}"
+
+  p "status: #{a.status}"
+  p "aws_status: #{a.aws_status}" # TODO merge this into status
+
+  p "aws_get_ip(:internal, :public): #{a.aws_get_ip(:internal, :public)}"
+  p "aws_get_ip(:internal, :private): #{a.aws_get_ip(:internal, :private)}"
+  p "aws_get_ip(:aws, :public): #{a.aws_get_ip(:aws, :public)}"
+  p "aws_get_ip(:aws, :private): #{a.aws_get_ip(:aws, :private)}"
+
+  p "aws_get_hostname(:internal, :public): #{a.aws_get_hostname(:internal, :public)}"
+  p "aws_get_hostname(:internal, :private): #{a.aws_get_hostname(:internal, :private)}"
+  p "aws_get_hostname(:aws, :public): #{a.aws_get_hostname(:aws, :public)}"
+  p "aws_get_hostname(:aws, :private): #{a.aws_get_hostname(:aws, :private)}"
+
+  p "run(uptime): #{a.run('uptime')}"
+  p "get(/etc/hosts): #{a.get('/etc/hosts')}"
+  p "put(/etc/hosts, /tmp): #{a.put('/etc/hosts', '/tmp')}"
+
+  p "aws_get_userdata: #{a.aws_get_userdata}"
+  p "aws_get_metadata: #{a.aws_get_metadata}"
+
+  p 'DBGZ' if nil?
+end
+
+exit

data/examples/openstack.rb

@@ -0,0 +1,61 @@
+require sprintf('%s/../%s', File.dirname(File.expand_path(__FILE__)), 'path_helper')
+
+require 'rouster'
+require 'plugins/openstack' # brings in fog and some helpers
+
+ostack = Rouster.new(
+  :name      => 'ostack-testing',
+  :sudo      => false,
+  :logfile   => true,
+  :passthrough => {
+    :type                => :openstack,                                   # Indicate OpenStack provider
+    :openstack_auth_url  => 'http://hostname.acme.com:5000/v2.0/tokens',  # OpenStack API endpoint
+    :openstack_username  => 'some_user',                                  # OpenStack console username
+    :openstack_tenant    => 'tenant_id',                                  # Tenant ID
+    :user                => 'ssh_user_id',                                # SSH login ID
+    :keypair             => 'openstack_key_name',                         # Name of ssh keypair in OpenStack
+    :image_ref           => 'c0340afb-577d-1234-87b2-aebdd6d1838f',       # Image ID in OpenStack
+    :flavor_ref          => '547d9af5-096c-1234-98df-7d23162556b8',       # Flavor ID in OpenStack
+    :openstack_api_key   => 'secret_openstack_key',                       # OpenStack console password
+    :key                 => '/path/to/ssh_keys.pem',                      # SSH key filename
+  },
+  :sshtunnel => false,
+  :verbosity => 1,
+)
+
+p "UP(): #{ostack.up}"
+p "STATUS(): #{ostack.status}"
+
+ostack_copy = Rouster.new(
+  :name      => 'ostack-copy',
+  :sudo      => false,
+  :logfile   => true,
+  :passthrough => {
+    :type                => :openstack,                                   # Indicate OpenStack provider
+    :openstack_auth_url  => 'http://hostname.acme.com:5000/v2.0/tokens',  # OpenStack API endpoint
+    :openstack_username  => 'some_user',                                  # OpenStack console username
+    :openstack_tenant    => 'tenant_id',                                  # Tenant ID
+    :user                => 'ssh_user_id',                                # SSH login ID
+    :keypair             => 'openstack_key_name',                         # Name of ssh keypair in OpenStack
+    :openstack_api_key   => 'secret_openstack_key',                       # OpenStack console password
+    :instance            => ostack.ostack_get_instance_id,                # ID of a running OpenStack instance.
+  },
+  :sshtunnel => false,
+  :verbosity => 1,
+)
+
+[ ostack, ostack_copy ].each do |o|
+  p "ostack_get_instance_id: #{o.ostack_get_instance_id}"
+
+  p "status: #{o.status}"
+
+  p "ostack_get_ip(): #{o.ostack_get_ip()}"
+
+  p "run(uptime): #{o.run('uptime')}"
+  p "get(/etc/hosts): #{o.get('/etc/hosts')}"
+  p "put(/etc/hosts, /tmp): #{o.put('/etc/hosts', '/tmp')}"
+
+end
+
+p "DESTROY(): #{ostack.destroy}"
+exit

data/examples/passthrough.rb

@@ -0,0 +1,71 @@
+require sprintf('%s/../%s', File.dirname(File.expand_path(__FILE__)), 'path_helper')
+
+require 'rouster'
+require 'rouster/puppet'
+require 'rouster/tests'
+
+verbosity = ENV['VERBOSE'].nil? ? 4 : 0
+
+# .inspect of this is blank for sshkey and status, looks ugly, but is ~accurate.. fix this?
+local = Rouster.new(
+  :name        => 'local',
+  :sudo        => false,
+  :passthrough => { :type => :local },
+  :verbosity   => verbosity,
+)
+
+remote = Rouster.new(
+  :name => 'remote',
+  :sudo => false,
+  :passthrough => {
+    :type => :remote,
+    :host => `hostname`.chomp, # yep, the remote is actually local.. perhaps the right :type would be 'ssh' vs 'shellout' instead..
+    :user => ENV['USER'],
+    :key  => sprintf('%s/.ssh/id_dsa', ENV['HOME']),
+  },
+  :verbosity => verbosity,
+)
+
+sudo = Rouster.new(
+  :name        => 'sudo',
+  :sudo        => true,
+  :passthrough => { :type => :local },
+  :verbosity   => verbosity,
+)
+
+vagrant = Rouster.new(
+  :name        => 'ppm',
+  :sudo        => true,
+  :verbosity   => verbosity,
+)
+
+workers = [ local, remote, vagrant ]
+
+workers = [vagrant]
+
+workers.each do |r|
+  p r
+
+  ## vagrant command testing
+  r.up()
+  r.suspend()
+  #r.destroy()
+  r.up()
+
+  p r.status() # why is this giving us nil after initial call? want to blame caching, but not sure
+
+  r.is_vagrant_running?()
+  r.sandbox_available?()
+
+  if r.sandbox_available?()
+    r.sandbox_on()
+    r.sandbox_off()
+    r.sandbox_rollback()
+    r.sandbox_commit()
+  end
+
+  p r.run('echo foo')
+
+end
+
+exit

data/lib/rouster.rb

@@ -7,11 +7,12 @@ require 'net/ssh'
 require sprintf('%s/../%s', File.dirname(File.expand_path(__FILE__)), 'path_helper')
 
 require 'rouster/tests'
+require 'rouster/vagrant'
 
 class Rouster
 
   # sporadically updated version number
-  VERSION = 0.50
+  VERSION = 0.70
 
   # custom exceptions -- what else do we want them to include/do?
   class ArgumentError        < StandardError; end # thrown by methods that take parameters from users
@@ -20,42 +21,66 @@ class Rouster
   class ExternalError        < StandardError; end # thrown when external dependencies do not respond as expected
   class LocalExecutionError  < StandardError; end # thrown by _run()
   class RemoteExecutionError < StandardError; end # thrown by run()
+  class PassthroughError     < StandardError; end # thrown by anything Passthrough related (mostly vagrant.rb)
   class SSHConnectionError   < StandardError; end # thrown by available_via_ssh() -- and potentially _run()
 
-  attr_accessor :facts, :sudo, :verbosity
-  attr_reader :cache, :cache_timeout, :deltas, :exitcode, :log, :name, :output, :passthrough, :sshkey, :unittest, :vagrantfile
+  attr_accessor :facts, :last_puppet_run
+  attr_reader :cache, :cache_timeout, :deltas, :exitcode, :logger, :name, :output, :passthrough, :retries, :sshkey, :unittest, :vagrantbinary, :vagrantfile
 
   ##
   # initialize - object instantiation
   #
   # parameters
-  # * <name> - the name of the VM as specified in the Vagrantfile
-  # * [cache_timeout] - integer specifying how long Rouster should cache status() and is_available_via_ssh?() results, default is false
-  # * [passthrough] - boolean of whether this is a VM or passthrough, default is false -- passthrough is not completely implemented
-  # * [sshkey] - the full or relative path to a SSH key used to auth to VM -- defaults to location Vagrant installs to (ENV[VAGRANT_HOME} or ]~/.vagrant.d/)
-  # * [sshtunnel] - boolean of whether or not to instantiate the SSH tunnel upon upping the VM, default is true
-  # * [sudo] - boolean of whether or not to prefix commands run in VM with 'sudo', default is true
-  # * [vagrantfile] - the full or relative path to the Vagrantfile to use, if not specified, will look for one in 5 directories above current location
-  # * [verbosity] - DEBUG (0) < INFO (1) < WARN (2) < ERROR (3) < FATAL (4)
+  # * <name>                - the name of the VM as specified in the Vagrantfile
+  # * [cache_timeout]       - integer specifying how long Rouster should cache status() and is_available_via_ssh?() results, default is false
+  # * [logfile]             - allows logging to an external file, if passed true, generates a dynamic filename, otherwise uses what is passed, default is false
+  # * [passthrough]         - boolean of whether this is a VM or passthrough, default is false -- passthrough is not completely implemented
+  # * [retries]             - integer specifying number of retries Rouster should attempt when running external (currently only vagrant()) commands
+  # * [sshkey]              - the full or relative path to a SSH key used to auth to VM -- defaults to location Vagrant installs to (ENV[VAGRANT_HOME} or ]~/.vagrant.d/)
+  # * [sshtunnel]           - boolean of whether or not to instantiate the SSH tunnel upon upping the VM, default is true
+  # * [sudo]                - boolean of whether or not to prefix commands run in VM with 'sudo', default is true
+  # * [vagrantfile]         - the full or relative path to the Vagrantfile to use, if not specified, will look for one in 5 directories above current location
+  # * [vagrant_concurrency] - boolean controlling whether Rouster will attempt to run `vagrant *` if another vagrant process is already running, default is false
+  # * [vagrant_reboot]      - particularly sticky systems restart better if Vagrant does it for us, default is false
+  # * [verbosity]           - an integer representing console level logging, or an array of integers representing console,file level logging - DEBUG (0) < INFO (1) < WARN (2) < ERROR (3) < FATAL (4)
   def initialize(opts = nil)
-    @cache_timeout = opts[:cache_timeout].nil? ? false : opts[:cache_timeout]
-    @name          = opts[:name]
-    @passthrough   = opts[:passthrough].nil? ? false : opts[:passthrough]
-    @sshkey        = opts[:sshkey]
-    @sshtunnel     = opts[:sshtunnel].nil? ? true : opts[:sshtunnel]
-    @unittest      = opts[:unittest].nil? ? false : opts[:unittest]
-    @vagrantfile   = opts[:vagrantfile].nil? ? traverse_up(Dir.pwd, 'Vagrantfile', 5) : opts[:vagrantfile]
-    @verbosity     = opts[:verbosity].is_a?(Integer) ? opts[:verbosity] : 4
-
-    if opts.has_key?(:sudo)
-      @sudo = opts[:sudo]
-    elsif @passthrough.eql?(true)
-      @sudo = false
+    @cache_timeout       = opts[:cache_timeout].nil? ? false : opts[:cache_timeout]
+    @logfile             = opts[:logfile].nil? ? false : opts[:logfile]
+    @name                = opts[:name]
+    @passthrough         = opts[:passthrough].nil? ? false : opts[:passthrough]
+    @retries             = opts[:retries].nil? ? 0 : opts[:retries]
+    @sshkey              = opts[:sshkey]
+    @sshtunnel           = opts[:sshtunnel].nil? ? true : opts[:sshtunnel]
+    @unittest            = opts[:unittest].nil? ? false : opts[:unittest]
+    @vagrantfile         = opts[:vagrantfile].nil? ? traverse_up(Dir.pwd, 'Vagrantfile', 5) : opts[:vagrantfile]
+    @vagrant_concurrency = opts[:vagrant_concurrency].nil? ? false : opts[:vagrant_concurrency]
+    @vagrant_reboot      = opts[:vagrant_reboot].nil? ? false : opts[:vagrant_reboot]
+
+    # TODO kind of want to invert this, 0 = trace, 1 = debug, 2 = info, 3 = warning, 4 = error
+    # could do `fixed_ordering = [4, 3, 2, 1, 0]` and use user input as index instead, so an input of 4 (which should be more verbose), yields 0
+    if opts[:verbosity]
+      # TODO decide how to handle this case -- currently #2 is implemented
+      # - option 1, if passed a single integer, use that level for both loggers
+      # - option 2, if passed a single integer, use that level for stdout, and a hardcoded level (probably INFO) to logfile
+
+      # kind of want to do if opts[:verbosity].respond_to?(:[]), but for 1.87 compatability, going this way..
+      if ! opts[:verbosity].is_a?(Array) or opts[:verbosity].is_a?(Integer)
+        @verbosity_console = opts[:verbosity].to_i
+        @verbosity_logfile = 2
+      elsif opts[:verbosity].is_a?(Array)
+        # TODO more error checking here when we are sure this is the right way to go
+        @verbosity_console = opts[:verbosity][0].to_i
+        @verbosity_logfile = opts[:verbosity][1].to_i
+        @logfile = true if @logfile.eql?(false) # overriding the default setting
+      end
     else
-      @sudo = true
+      @verbosity_console = 3
+      @verbosity_logfile = 2 # this is kind of arbitrary, but won't actually be created unless opts[:logfile] is also passed
     end
 
-    @ostype = nil
+    @ostype    = nil
+    @osversion = nil
+
     @output = Array.new
     @cache  = Hash.new
     @deltas = Hash.new
@@ -68,38 +93,155 @@ class Rouster
     require 'log4r/config'
     Log4r.define_levels(*Log4r::Log4rConfig::LogLevels)
 
-    @log            = Log4r::Logger.new(sprintf('rouster:%s', @name))
-    @log.outputters = Log4r::Outputter.stderr
-    @log.level      = @verbosity
+    @logger            = Log4r::Logger.new(sprintf('rouster:%s', @name))
+    @logger.outputters << Log4r::Outputter.stderr
+    #@log.outputters << Log4r::Outputter.stdout
 
-    @log.debug('Vagrantfile and VM name validation..')
-    unless File.file?(@vagrantfile)
-      raise InternalError.new(sprintf('specified Vagrantfile [%s] does not exist', @vagrantfile))
+    if @logfile
+      @logfile = @logfile.eql?(true) ? sprintf('/tmp/rouster-%s.%s.%s.log', @name, Time.now.to_i, $$) : @logfile
+      @logger.outputters << Log4r::FileOutputter.new(sprintf('rouster:%s', @name), :filename => @logfile, :level => @verbosity_logfile)
     end
 
-    raise InternalError.new() if @name.nil?
-
-    return if opts[:unittest].eql?(true) # quick return if we're a unit test
+    @logger.outputters[0].level = @verbosity_console # can't set this when instantiating a .std* logger, and want the FileOutputter at a different level
 
-    # this is breaking test/functional/test_caching.rb test_ssh_caching (if the VM was not running when the test started)
-    # it slows down object instantiation, but is a good test to ensure the machine name is valid..
-    begin
-      self.status()
-    rescue Rouster::LocalExecutionError
-      raise InternalError.new()
+    if opts.has_key?(:sudo)
+      @sudo = opts[:sudo]
+    elsif @passthrough.class.eql?(Hash)
+      @logger.debug(sprintf('passthrough without sudo specification, defaulting to false'))
+      @sudo = false
+    else
+      @sudo = true
     end
 
-    begin
-      self._run('which vagrant')
-    rescue
-      raise ExternalError.new('vagrant not found in path')
-    end
+    if @passthrough
+      @vagrantbinary = 'vagrant' # hacky fix to is_vagrant_running?() grepping, doesn't need to actually be in $PATH
+      @sshtunnel     = opts[:sshtunnel].nil? ? false : @sshtunnel # unless user has specified it, non-local passthroughs default to not open tunnel
+
+      defaults = {
+        :paranoid          => false, # valid overrides are: false, true, :very, or :secure
+        :ssh_sleep_ceiling => 9,
+        :ssh_sleep_time    => 10,
+      }
+
+      @passthrough = defaults.merge(@passthrough)
+
+      if @passthrough.class != Hash
+        raise ArgumentError.new('passthrough specification should be hash')
+      elsif @passthrough[:type].nil?
+        raise ArgumentError.new('passthrough :type must be specified, :local, :remote or :aws allowed')
+      elsif @passthrough[:type].eql?(:local)
+        @logger.debug('instantiating a local passthrough worker')
+        @sshtunnel = opts[:sshtunnel].nil? ? true : opts[:sshtunnel] # override default, if local, open immediately
+
+      elsif @passthrough[:type].eql?(:remote)
+        @logger.debug('instantiating a remote passthrough worker')
+
+        [:host, :user, :key].each do |r|
+          raise ArgumentError.new(sprintf('remote passthrough requires[%s] specification', r)) if @passthrough[r].nil?
+        end
+
+        raise ArgumentError.new('remote passthrough requires valid :key specification, should be path to private half') unless File.file?(@passthrough[:key])
+        @sshkey = @passthrough[:key] # TODO refactor so that you don't have to do this..
+
+      elsif @passthrough[:type].eql?(:aws) or @passthrough[:type].eql?(:raiden)
+        @logger.debug(sprintf('instantiating an %s passthrough worker', @passthrough[:type]))
+
+        aws_defaults = {
+          :ami                   => 'ami-7bdaa84b', # RHEL 6.5 x64 in us-west-2
+          :dns_propagation_sleep => 30, # how much time to wait after ELB creation before attempting to connect
+          :elb_cleanup           => false,
+          :key_id                => ENV['AWS_ACCESS_KEY_ID'],
+          :min_count             => 1,
+          :max_count             => 1,
+          :region                => 'us-west-2',
+          :secret_key            => ENV['AWS_SECRET_ACCESS_KEY'],
+          :size                  => 't1.micro',
+          :ssh_port              => 22,
+          :user                  => 'ec2-user',
+        }
+
+        if @passthrough.has_key?(:ami)
+          @logger.debug(':ami specified, will start new EC2 instance')
+
+          @passthrough[:security_groups] = @passthrough[:security_groups].is_a?(Array) ? @passthrough[:security_groups] : [ @passthrough[:security_groups] ]
+
+          @passthrough = aws_defaults.merge(@passthrough)
+
+          [:ami, :size, :user, :region, :key, :keypair, :key_id, :secret_key, :security_groups].each do |r|
+            raise ArgumentError.new(sprintf('AWS passthrough requires %s specification', r)) if @passthrough[r].nil?
+          end
+
+        elsif @passthrough.has_key?(:instance)
+          @logger.debug(':instance specified, will connect to existing EC2 instance')
+
+          @passthrough = aws_defaults.merge(@passthrough)
+
+          if @passthrough[:type].eql?(:aws)
+            @passthrough[:host] = self.aws_describe_instance(@passthrough[:instance])['dnsName']
+          else
+            @passthrough[:host] = self.find_ssh_elb(true)
+          end
+
+          [:instance, :key, :user, :host].each do |r|
+            raise ArgumentError.new(sprintf('AWS passthrough requires [%s] specification', r)) if @passthrough[r].nil?
+          end
+
+        else
+          raise ArgumentError.new('AWS passthrough requires either :ami or :instance specification')
+        end
+
+        raise ArgumentError.new('AWS passthrough requires valid :sshkey specification, should be path to private half') unless File.file?(@passthrough[:key])
+        @sshkey = @passthrough[:key]
+      elsif @passthrough[:type].eql?(:openstack)
+        @logger.debug(sprintf('instantiating an %s passthrough worker', @passthrough[:type]))
+        @sshkey = @passthrough[:key]
+
+        ostack_defaults = {
+          :ssh_port => 22,
+        }
+        @passthrough = ostack_defaults.merge(@passthrough)
+
+        [:openstack_auth_url, :openstack_username, :openstack_tenant, :openstack_api_key,
+          :key ].each do |r|
+            raise ArgumentError.new(sprintf('OpenStack passthrough requires %s specification', r)) if @passthrough[r].nil?
+        end
 
-    @log.debug('SSH key discovery and viability tests..')
-    if @sshkey.nil?
-      if @passthrough.eql?(true)
-        raise InternalError.new('must specify sshkey when using a passthrough host')
+        if @passthrough.has_key?(:image_ref)
+          @logger.debug(':image_ref specified, will start new Nova instance')
+        elsif @passthrough.has_key?(:instance)
+          @logger.debug(':instance specified, will connect to existing OpenStack instance')
+          inst_details = self.ostack_describe_instance(@passthrough[:instance])
+          raise ArgumentError.new(sprintf('No such instance found in OpenStack - %s', @passthrough[:instance])) if inst_details.nil?
+          inst_details.addresses.each_key do |address_key|
+            if defined?(inst_details.addresses[address_key].first['addr'])
+              @passthrough[:host] = inst_details.addresses[address_key].first['addr']
+              break
+            end
+          end
+        end
       else
+        raise ArgumentError.new(sprintf('passthrough :type [%s] unknown, allowed: :aws, :openstack, :local, :remote', @passthrough[:type]))
+      end
+
+    else
+
+      @logger.debug('Vagrantfile and VM name validation..')
+      unless File.file?(@vagrantfile)
+        raise ArgumentError.new(sprintf('specified Vagrantfile [%s] does not exist', @vagrantfile))
+      end
+
+      raise ArgumentError.new('name of Vagrant VM not specified') if @name.nil?
+
+      return if opts[:unittest].eql?(true) # quick return if we're a unit test
+
+      begin
+        @vagrantbinary = self._run('which vagrant').chomp!
+      rescue
+        raise ExternalError.new('vagrant not found in path')
+      end
+
+      @logger.debug('SSH key discovery and viability tests..')
+      if @sshkey.nil?
         # ref the key from the vagrant home dir if it's been overridden
         @sshkey = sprintf('%s/insecure_private_key', ENV['VAGRANT_HOME']) if ENV['VAGRANT_HOME']
         @sshkey = sprintf('%s/.vagrant.d/insecure_private_key', ENV['HOME']) unless ENV['VAGRANT_HOME']
@@ -111,14 +253,18 @@ class Rouster
       raise InternalError.new('ssh key does not exist') unless File.file?(@sshkey)
       self.check_key_permissions(@sshkey)
     rescue => e
-      raise InternalError.new("specified key [#{@sshkey}] has bad permissions. Vagrant exception: [#{e.message}]")
+
+      unless self.is_passthrough? and @passthrough[:type].eql?(:local)
+        raise InternalError.new("specified key [#{@sshkey}] has bad permissions. Vagrant exception: [#{e.message}]")
+      end
+
     end
 
     if @sshtunnel
       self.up()
     end
 
-    @log.info('Rouster object successfully instantiated')
+    @logger.info('Rouster object successfully instantiated')
   end
 
 
@@ -127,86 +273,15 @@ class Rouster
   #
   # overloaded method to return useful information about Rouster objects
   def inspect
+    s = self.status()
     "name [#{@name}]:
       is_available_via_ssh?[#{self.is_available_via_ssh?}],
       passthrough[#{@passthrough}],
       sshkey[#{@sshkey}],
-      status[#{self.status()}],
+      status[#{s}],
       sudo[#{@sudo}],
       vagrantfile[#{@vagrantfile}],
-      verbosity[#{@verbosity}]\n"
-  end
-
-  ## Vagrant methods
-
-  ##
-  # up
-  # runs `vagrant up` from the Vagrantfile path
-  # if :sshtunnel is passed to the object during instantiation, the tunnel is created here as well
-  def up
-    @log.info('up()')
-    self.vagrant(sprintf('up %s', @name))
-
-    @ssh_info = nil # in case the ssh-info has changed, a la destroy/rebuild
-    self.connect_ssh_tunnel() if @sshtunnel
-  end
-
-  ##
-  # destroy
-  # runs `vagrant destroy <name>` from the Vagrantfile path
-  def destroy
-    @log.info('destroy()')
-    disconnect_ssh_tunnel
-    self.vagrant(sprintf('destroy -f %s', @name))
-  end
-
-  ##
-  # status
-  #
-  # runs `vagrant status <name>` from the Vagrantfile path
-  # parses the status and provider out of output, but only status is returned
-  def status
-    status = nil
-
-    if @cache_timeout
-      if @cache.has_key?(:status)
-        if (Time.now.to_i - @cache[:status][:time]) < @cache_timeout
-          @log.debug(sprintf('using cached status[%s] from [%s]', @cache[:status][:status], @cache[:status][:time]))
-          return @cache[:status][:status]
-        end
-      end
-    end
-
-    @log.info('status()')
-    self.vagrant(sprintf('status %s', @name))
-
-    # else case here is handled by non-0 exit code
-    if self.get_output().match(/^#{@name}\s*(.*\s?\w+)\s\((.+)\)$/)
-      # vagrant 1.2+, $1 = status, $2 = provider
-      status = $1
-    elsif self.get_output().match(/^#{@name}\s+(.+)$/)
-      # vagrant 1.2-, $1 = status
-      status = $1
-    end
-
-    if @cache_timeout
-      @cache[:status] = Hash.new unless @cache[:status].class.eql?(Hash)
-      @cache[:status][:time] = Time.now.to_i
-      @cache[:status][:status] = status
-      @log.debug(sprintf('caching status[%s] at [%s]', @cache[:status][:status], @cache[:status][:time]))
-    end
-
-    return status
-  end
-
-  ##
-  # suspend
-  #
-  # runs `vagrant suspend <name>` from the Vagrantfile path
-  def suspend
-    @log.info('suspend()')
-    disconnect_ssh_tunnel()
-    self.vagrant(sprintf('suspend %s', @name))
+      verbosity console[#{@verbosity_console}] / log[#{@verbosity_logfile} - #{@logfile}]\n"
   end
 
   ## internal methods
@@ -233,10 +308,28 @@ class Rouster
     expected_exitcode = [expected_exitcode] unless expected_exitcode.class.eql?(Array) # yuck, but 2.0 no longer coerces strings into single element arrays
 
     cmd = sprintf('%s%s; echo ec[$?]', self.uses_sudo? ? 'sudo ' : '', command)
-    @log.info(sprintf('vm running: [%s]', cmd))
+    @logger.info(sprintf('vm running: [%s]', cmd)) # TODO decide whether this should be changed in light of passthroughs.. 'remotely'?
+
+    0.upto(@retries) do |try|
+      begin
+        if self.is_passthrough? and self.passthrough[:type].eql?(:local)
+          output = `#{cmd}`
+        else
+          output = @ssh.exec!(cmd)
+        end
+
+        break
+      rescue => e
+        @logger.error(sprintf('failed to run [%s] with [%s], attempt[%s/%s]', cmd, e, try, retries)) if self.retries > 0
+        sleep 10 # TODO need to expose this as a variable
+      end
 
-    output = @ssh.exec!(cmd)
-    if output.match(/ec\[(\d+)\]/)
+    end
+
+    if output.nil?
+      output    = "error gathering output, last logged output[#{self.get_output()}]"
+      @exitcode = 256
+    elsif output.match(/ec\[(\d+)\]/)
       @exitcode = $1.to_i
       output.gsub!(/ec\[(\d+)\]\n/, '')
     else
@@ -244,9 +337,10 @@ class Rouster
     end
 
     self.output.push(output)
-    @log.debug(sprintf('output: [%s]', output))
+    @logger.debug(sprintf('output: [%s]', output))
 
     unless expected_exitcode.member?(@exitcode)
+      # TODO technically this could be a 'LocalPassthroughExecutionError' now too if local passthrough.. should we update?
       raise RemoteExecutionError.new("output[#{output}], exitcode[#{@exitcode}], expected[#{expected_exitcode}]")
     end
 
@@ -266,7 +360,7 @@ class Rouster
     if @cache_timeout
       if @cache.has_key?(:is_available_via_ssh?)
         if (Time.now.to_i - @cache[:is_available_via_ssh?][:time]) < @cache_timeout
-          @log.debug(sprintf('using cached is_available_via_ssh?[%s] from [%s]', @cache[:is_available_via_ssh?][:status], @cache[:is_available_via_ssh?][:time]))
+          @logger.debug(sprintf('using cached is_available_via_ssh?[%s] from [%s]', @cache[:is_available_via_ssh?][:status], @cache[:is_available_via_ssh?][:time]))
           return @cache[:is_available_via_ssh?][:status]
         end
       end
@@ -274,96 +368,32 @@ class Rouster
 
     if @ssh.nil? or @ssh.closed?
       begin
-        self.connect_ssh_tunnel()
-      rescue Rouster::InternalError, Net::SSH::Disconnect => e
+        res = self.connect_ssh_tunnel()
+      rescue Rouster::InternalError, Net::SSH::Disconnect, Errno::ECONNREFUSED, Errno::ECONNRESET => e
         res = false
       end
 
     end
 
-    if res.nil?
+    if res.nil? or res.is_a?(Net::SSH::Connection::Session)
       begin
         self.run('echo functional test of SSH tunnel')
+          res = true
       rescue
         res = false
       end
     end
 
-    res = true if res.nil?
-
     if @cache_timeout
       @cache[:is_available_via_ssh?] = Hash.new unless @cache[:is_available_via_ssh?].class.eql?(Hash)
       @cache[:is_available_via_ssh?][:time] = Time.now.to_i
       @cache[:is_available_via_ssh?][:status] = res
-      @log.debug(sprintf('caching is_available_via_ssh?[%s] at [%s]', @cache[:is_available_via_ssh?][:status], @cache[:is_available_via_ssh?][:time]))
+      @logger.debug(sprintf('caching is_available_via_ssh?[%s] at [%s]', @cache[:is_available_via_ssh?][:status], @cache[:is_available_via_ssh?][:time]))
     end
 
     res
   end
 
-  ##
-  # sandbox_available?
-  #
-  # returns true or false after attempting to find out if the sandbox
-  # subcommand is available
-  def sandbox_available?
-    if @cache.has_key?(:sandbox_available?)
-      @log.debug(sprintf('using cached sandbox_available?[%s]', @cache[:sandbox_available?]))
-      return @cache[:sandbox_available?]
-    end
-
-    @log.info('sandbox_available()')
-    self._run(sprintf('cd %s; vagrant', File.dirname(@vagrantfile))) # calling 'vagrant' without parameters to determine available faces
-
-    sandbox_available = false
-    if self.get_output().match(/^\s+sandbox$/)
-      sandbox_available = true
-    end
-
-    @cache[:sandbox_available?] = sandbox_available
-    @log.debug(sprintf('caching sandbox_available?[%s]', @cache[:sandbox_available?]))
-    @log.error('sandbox support is not available, please install the "sahara" gem first, https://github.com/jedi4ever/sahara') unless sandbox_available
-
-    return sandbox_available
-  end
-
-  ##
-  # sandbox_on
-  # runs `vagrant sandbox on` from the Vagrantfile path
-  def sandbox_on
-    # TODO should we raise() if sandbox is unavailable?
-    self.vagrant(sprintf('sandbox on %s', @name)) if self.sandbox_available?
-  end
-
-  ##
-  # sandbox_off
-  # runs `vagrant sandbox off` from the Vagrantfile path
-  def sandbox_off
-    self.vagrant(sprintf('sandbox off %s', @name)) if self.sandbox_available?
-  end
-
-  ##
-  # sandbox_rollback
-  # runs `vagrant sandbox rollback` from the Vagrantfile path
-  def sandbox_rollback
-    if self.sandbox_available?
-      self.disconnect_ssh_tunnel
-      self.vagrant(sprintf('sandbox rollback %s', @name))
-      self.connect_ssh_tunnel
-    end
-  end
-
-  ##
-  # sandbox_commit
-  # runs `vagrant sandbox commit` from the Vagrantfile path
-  def sandbox_commit
-    if self.sandbox_available?
-      self.disconnect_ssh_tunnel
-      self.vagrant(sprintf('sandbox commit %s', @name))
-      self.connect_ssh_tunnel
-    end
-  end
-
   ##
   # get_ssh_info
   #
@@ -375,6 +405,7 @@ class Rouster
     h = Hash.new()
 
     if @ssh_info.class.eql?(Hash)
+      @logger.debug('using cached SSH info')
       h = @ssh_info
     else
 
@@ -388,8 +419,8 @@ class Rouster
         elsif line.match(/Port (\d*?)$/)
           h[:ssh_port] = $1
         elsif line.match(/IdentityFile (.*?)$/)
-          # TODO what to do if the user has specified @sshkey ?
           h[:identity_file] = $1
+          @logger.info(sprintf('vagrant specified key[%s] differs from provided[%s], will use both', @sshkey, h[:identity_file]))
         end
       end
 
@@ -406,14 +437,56 @@ class Rouster
   #
   # raises its own InternalError if the machine isn't running, otherwise returns Net::SSH connection object
   def connect_ssh_tunnel
-    @log.debug('opening SSH tunnel..')
 
-    status = self.status()
-    if status.eql?('running')
-      self.get_ssh_info()
-      @ssh = Net::SSH.start(@ssh_info[:hostname], @ssh_info[:user], :port => @ssh_info[:ssh_port], :keys => [@sshkey], :paranoid => false)
+    if self.is_passthrough?
+      if @passthrough[:type].eql?(:local)
+        @logger.debug("local passthroughs don't need ssh tunnel, shell execs are used")
+        return false
+      elsif @passthrough[:host].nil?
+        @logger.info(sprintf('not attempting to connect, no known hostname for[%s]', self.passthrough))
+        return false
+      else
+        ceiling    = @passthrough[:ssh_sleep_ceiling]
+        sleep_time = @passthrough[:ssh_sleep_time]
+
+        0.upto(ceiling) do |try|
+          @logger.debug(sprintf('opening remote SSH tunnel[%s]..', @passthrough[:host]))
+          begin
+            @ssh = Net::SSH.start(
+              @passthrough[:host],
+              @passthrough[:user],
+              :port => @passthrough[:ssh_port],
+              :keys => [ @passthrough[:key] ], # TODO this should be @sshkey
+              :paranoid => false
+            )
+            break
+          rescue => e
+            raise e if try.eql?(ceiling) # eventually want to throw a SocketError
+            @logger.debug(sprintf('failed to open tunnel[%s], trying again in %ss', e.message, sleep_time))
+            sleep sleep_time
+          end
+        end
+      end
+      @logger.debug(sprintf('successfully opened SSH tunnel to[%s]', passthrough[:host]))
+
     else
-      raise InternalError.new(sprintf('VM is not running[%s], unable open SSH tunnel', status))
+      # not a passthrough, normal connection
+      status = self.status()
+
+      if status.eql?('running')
+        self.get_ssh_info()
+        @logger.debug('opening VM SSH tunnel..')
+        @ssh = Net::SSH.start(
+          @ssh_info[:hostname],
+          @ssh_info[:user],
+          :port => @ssh_info[:ssh_port],
+          :keys => [ @sshkey, @ssh_info[:identity_file] ].uniq, # try to use what the user specified first, but fall back to what vagrant says
+          :paranoid => false
+        )
+      else
+        # TODO will we ever hit this? or will we be thrown first?
+        raise InternalError.new(sprintf('VM is not running[%s], unable open SSH tunnel', status))
+      end
     end
 
     @ssh
@@ -425,7 +498,7 @@ class Rouster
   # shuts down the persistent Net::SSH tunnel
   #
   def disconnect_ssh_tunnel
-    @log.debug('closing SSH tunnel..')
+    @logger.debug('closing SSH tunnel..')
 
     @ssh.shutdown! unless @ssh.nil?
     @ssh = nil
@@ -441,30 +514,61 @@ class Rouster
       return @ostype
     end
 
-    res   = nil
-    uname = self.run('uname -a')
-
-    case uname
-      when /Darwin/i
-        res = :osx
-      when /Sun|Solaris/i
-        res =:solaris
-      when /Ubuntu/i
-        res = :ubuntu
-      when /Debian/i
-        res = :debian
-      else
-        if self.is_file?('/etc/redhat-release')
-          res = :redhat
-        else
-          res = nil
+    res = :invalid
+
+    Rouster.os_files.each_pair do |os, f|
+      [ f ].flatten.each do |candidate|
+        if self.is_file?(candidate)
+          next if candidate.eql?('/etc/os-release') and ! self.is_in_file?(candidate, os.to_s, 'i') # CentOS detection
+          @logger.debug(sprintf('determined OS to be[%s] via[%s]', os, candidate))
+          res = os
         end
+      end
+      break unless res.eql?(:invalid)
     end
 
+    @logger.error(sprintf('unable to determine OS, looking for[%s]', Rouster.os_files)) if res.eql?(:invalid)
+
     @ostype = res
     res
   end
 
+  ##
+  # os_version
+  #
+  #
+  def os_version(os_type)
+    return @osversion if @osversion
+
+    res = :invalid
+
+    [ Rouster.os_files[os_type] ].flatten.each do |candidate|
+      if self.is_file?(candidate)
+        next if candidate.eql?('/etc/os-release') and ! self.is_in_file?(candidate, os_type.to_s, 'i') # CentOS detection
+        contents = self.run(sprintf('cat %s', candidate))
+        if os_type.eql?(:ubuntu)
+          version = $1 if contents.match(/.*VERSION\="(\d+\.\d+).*"/) # VERSION="13.10, Saucy Salamander"
+          res = version unless version.nil?
+        elsif os_type.eql?(:rhel)
+          version = $1 if contents.match(/.*VERSION\="(\d+)"/) # VERSION="7 (Core)"
+          version = $1 if version.nil? and contents.match(/.*(\d+.\d+)/) # CentOS release 6.4 (Final)
+          res = version unless version.nil?
+        elsif os_type.eql?(:osx)
+          version = $1 if contents.match(/<key>ProductVersion<\/key>.*<string>(.*)<\/string>/m) # <key>ProductVersion</key>\n          <string>10.12.1</string>
+          res = version unless version.nil?
+        end
+
+      end
+      break unless res.eql?(:invalid)
+    end
+
+    @logger.error(sprintf('unable to determine OS version, looking for[%s]', Rouster.os_files[os_type])) if res.eql?(:invalid)
+
+    @osversion = res
+
+    res
+  end
+
   ##
   # get
   #
@@ -481,7 +585,7 @@ class Rouster
     # TODO what happens when we pass a wildcard as remote_file?
 
     local_file = local_file.nil? ? File.basename(remote_file) : local_file
-    @log.debug(sprintf('scp from VM[%s] to host[%s]', remote_file, local_file))
+    @logger.debug(sprintf('scp from VM[%s] to host[%s]', remote_file, local_file))
 
     begin
       @ssh.scp.download!(remote_file, local_file)
@@ -502,7 +606,7 @@ class Rouster
   # * [remote_file] - full or relative path (based on ~vagrant) of filename to upload to
   def put(local_file, remote_file=nil)
     remote_file = remote_file.nil? ? File.basename(local_file) : remote_file
-    @log.debug(sprintf('scp from host[%s] to VM[%s]', local_file, remote_file))
+    @logger.debug(sprintf('scp from host[%s] to VM[%s]', local_file, remote_file))
 
     raise FileTransferError.new(sprintf('unable to put[%s], local file does not exist', local_file)) unless File.file?(local_file)
 
@@ -512,6 +616,7 @@ class Rouster
       raise FileTransferError.new(sprintf('unable to put[%s], exception[%s]', local_file, e.message()))
     end
 
+    return true
   end
 
   ##
@@ -519,7 +624,7 @@ class Rouster
   #
   # convenience getter for @passthrough truthiness
   def is_passthrough?
-    self.passthrough.eql?(true)
+    @passthrough.class.eql?(Hash)
   end
 
   ##
@@ -527,7 +632,7 @@ class Rouster
   #
   # convenience getter for @sudo truthiness
   def uses_sudo?
-     self.sudo.eql?(true)
+     @sudo.eql?(true)
   end
 
   ##
@@ -535,7 +640,7 @@ class Rouster
   #
   # destroy and then up the machine in question
   def rebuild
-    @log.debug('rebuild()')
+    @logger.debug('rebuild()')
     self.destroy
     self.up
   end
@@ -547,31 +652,41 @@ class Rouster
   #
   # parameters
   # * [wait] - number of seconds to wait until is_available_via_ssh?() returns true before assuming failure
-  def restart(wait=nil)
-    @log.debug('restart()')
+  def restart(wait=nil, expected_exitcodes = [0])
+    @logger.debug('restart()')
 
-    if self.is_passthrough? and self.passthrough.eql?(local)
-      @log.warn(sprintf('intercepted [restart] sent to a local passthrough, no op'))
+    if self.is_passthrough? and self.passthrough[:type].eql?(:local)
+      @logger.warn(sprintf('intercepted [restart] sent to a local passthrough, no op'))
       return nil
     end
 
-    case os_type
-      when :osx
-        self.run('shutdown -r now')
-      when :redhat, :ubuntu, :debian
-        self.run('/sbin/shutdown -rf now')
-      when :solaris
-        self.run('shutdown -y -i5 -g0')
-      else
-        raise InternalError.new(sprintf('unsupported OS[%s]', @ostype))
+    if @vagrant_reboot
+      # leading vagrant handle this through 'reload --no-provision'
+      self.reload
+    else
+      # trying to do it ourselves
+      case os_type
+        when :osx
+          self.run('shutdown -r now', expected_exitcodes)
+        when :rhel, :ubuntu
+          if os_type.eql?(:rhel) and os_version(os_type).match(/7/)
+            self.run('shutdown --halt --reboot now', expected_exitcodes << 256)
+          else
+            self.run('shutdown -rf now')
+          end
+        when :solaris
+          self.run('shutdown -y -i5 -g0', expected_exitcodes)
+        else
+          raise InternalError.new(sprintf('unsupported OS[%s]', @ostype))
+      end
     end
 
     @ssh, @ssh_info = nil # severing the SSH tunnel, getting ready in case this box is brought back up on a different port
 
     if wait
       inc = wait.to_i / 10
-      0..wait.each do |e|
-        @log.debug(sprintf('waiting for reboot: round[%s], step[%s], total[%s]', e, inc, wait))
+      0.upto(9) do |e|
+        @logger.debug(sprintf('waiting for reboot: round[%s], step[%s], total[%s]', e, inc, wait))
         return true if self.is_available_via_ssh?()
         sleep inc
       end
@@ -593,37 +708,26 @@ class Rouster
   # parameters
   # * <command> - command to be run
   def _run(command)
-    tmp_file = sprintf('/tmp/rouster.%s.%s', Time.now.to_i, $$)
+    tmp_file = sprintf('/tmp/rouster-cmd_output.%s.%s', Time.now.to_i, $$)
     cmd      = sprintf('%s > %s 2> %s', command, tmp_file, tmp_file) # this is a holdover from Salesforce::Vagrant, can we use '2&>1' here?
     res      = `#{cmd}` # what does this actually hold?
 
-    @log.info(sprintf('host running: [%s]', cmd))
+    @logger.info(sprintf('host running: [%s]', cmd))
 
     output = File.read(tmp_file)
     File.delete(tmp_file) or raise InternalError.new(sprintf('unable to delete [%s]: %s', tmp_file, $!))
 
+    self.output.push(output)
+    @logger.debug(sprintf('output: [%s]', output))
+
     unless $?.success?
       raise LocalExecutionError.new(sprintf('command [%s] exited with code [%s], output [%s]', cmd, $?.to_i(), output))
     end
 
-    self.output.push(output)
-    @log.debug(sprintf('output: [%s]', output))
-
     @exitcode = $?.to_i()
     output
   end
 
-  ##
-  # vagrant
-  #
-  # abstraction layer to call vagrant faces
-  #
-  # parameters
-  # * <face> - vagrant face to call (include arguments)
-  def vagrant(face)
-    self._run(sprintf('cd %s; vagrant %s', File.dirname(@vagrantfile), face))
-  end
-
   ##
   # get_output
   #
@@ -663,7 +767,7 @@ class Rouster
   def traverse_up(startdir=Dir.pwd, filename=nil, levels=10)
     raise InternalError.new('must specify a filename') if filename.nil?
 
-    @log.debug(sprintf('traverse_up() looking for [%s] in [%s], up to [%s] levels', filename, startdir, levels)) unless @log.nil?
+    @logger.debug(sprintf('traverse_up() looking for [%s] in [%s], up to [%s] levels', filename, startdir, levels)) unless @logger.nil?
 
     dirs  = startdir.split('/')
     count = 0
@@ -692,6 +796,11 @@ class Rouster
   def check_key_permissions(key, fix=false)
     allowed_modes = ['0400', '0600']
 
+    if key.match(/\.pub$/)
+      # if this is the public half of the key, be more permissive
+      allowed_modes << '0644'
+    end
+
     raw   = self._run(sprintf('ls -l %s', key))
     perms = self.parse_ls_string(raw)
 
@@ -716,6 +825,15 @@ class Rouster
     nil
   end
 
+  def self.os_files
+    {
+      :ubuntu  => '/etc/os-release', # debian too
+      :solaris => '/etc/release',
+      :rhel    => ['/etc/os-release', '/etc/redhat-release'], # and centos
+      :osx     => '/System/Library/CoreServices/SystemVersion.plist',
+    }
+  end
+
 end
 
 class Object