some 0.0.1 → 0.0.2

data/README.md

@@ -0,0 +1,112 @@
+# some - sumo clone for NIFTY Cloud
+
+## 概要
+
+[adamwiggins/sumo](http://github.com/adamwiggins/sumo) の NIFTY Cloud バージョンです。
+NIFTY Cloud 上で手軽にサーバーを立ち上げることができます。
+
+    $ some launch
+    ---> Launch instance...       4acef29d (7.9s)
+    ---> Acquire hostname...      XXX.XXX.XXX.XXX (79.2s)
+    ---> Wait for ssh...          done (0.0s)
+    
+    Logging you in via ssh.  Type 'exit' or Ctrl-D to return to your local system.
+    ------------------------------------------------------------------------------
+    Enter passphrase for key '/home/tily/.some/keypair.pem':
+    [root@localhost ~]#
+
+要らなくなったらすぐに削除できます。
+
+    $ some terminate XXX.XXX.XXX.XXX
+    ---> Wait to stop...          done (16.2s)
+    XXX.XXX.XXX.XXX scheduled for termination
+
+一覧を取得して SSH ログインしたりも簡単にできます。
+
+    $ some list
+    XXX.XXX.XXX.XXX                                    21b61298     running
+    YYY.YYY.YYY.YYY                                    923d7772     running
+    ZZZ.ZZZ.ZZZ.ZZZ                                    dec83cd3     running
+    $ some ssh 21b61298
+    Enter passphrase for key '/home/tily/.some/keypair.pem':
+    Last login: Fri Apr  5 16:24:02 2013 from AAA.AAA.AAA.AAA
+    [root@localhost ~]#
+
+## インストール・設定
+
+下記コマンドでインストールできます。
+
+    gem install some
+
+インストールが終わったら ~/.sumo/config.yml に設定ファイルを作成しましょう。
+最小限下記を書けば使えます。
+
+    ---
+    access_key: (ここにアクセスキーを書く)
+    secret_key: (ここにシークレットキーを書く)
+
+設定できる項目をフルで書くとこんな感じになります。
+
+    ---
+    access_key: (デフォルト値なし)
+    secret_key: (デフォルト値なし)
+    user: root (デフォルト値)
+    password: password (デフォルト値)
+    instance_size: mini (デフォルト値)
+    ami: 26 (デフォルト値)
+    availability_zone: west-11 (デフォルト値)
+    cookbooks_url: (デフォルト値なし、次節参照)
+    role: (デフォルト値なし、次節参照)
+
+## Chef でサービスをインストールする
+
+少し頑張れば vagrant みたいなこともできます。
+まずはグローバルからアクセスできる場所に cookbooks.tgz を置きましょう。
+例：http://some.ncss.nifty.com/cookbooks.tgz
+
+次に設定ファイル (~/.sumo/config.yml) にロールを定義しておきます。
+
+    cookbooks_url: http://some.ncss.nifty.com/cookbooks.tgz
+    role:
+      mysql: |
+        {
+          "run_list": [
+            "recipe[mysql::server]"
+          ],
+          "mysql": {
+            "server_root_password": "mysql",
+            "server_debian_password": "mysql",
+            "server_repl_password": "mysql"
+          }
+        }
+
+ここまでやればコマンド一発でサーバー作成・Chef インストール・Chef 実行まで行えます。
+
+    $ some launch mysql
+    ---> Launch instance...       d7f764b7 (7.6s)
+    ---> Acquire hostname...      175.184.23.139 (89.4s)
+    ---> Wait for ssh...          done (0.0s)
+    ---> Bootstrap chef...        done (42.8s)
+    ---> Setup mysql...           done (195.0s)
+
+なお、上記を個別に実施することも可能です。
+
+    $ some launch
+    ---> Launch instance...       923d7772 (8.0s)
+    ---> Acquire hostname...      XXX.XXX.XXX.XXX (90.5s)
+    ---> Wait for ssh...          done (0.0s)
+    
+    $ some bootstrap 923d7772
+    ---> Bootstrap chef...        done (46.0s)
+    
+    $ some role mysql 923d7772
+    ---> Setup mysql...           done (184.6s)
+
+## 詳細
+
+ * サーバー作成の際に something という名前の SSH キーと FW を作成します
+ * SSH キーは ~/.some/keypair.pem に保存されます
+
+## ライセンス
+
+[sumo](http://github.com/adamwiggins/sumo) と同じく MIT ライセンスで公開します。

data/Rakefile

@@ -10,7 +10,7 @@ Jeweler::Tasks.new do |s|
 	s.rubyforge_project = "some"
 	s.files = FileList["[A-Z]*", "{bin,lib,spec}/**/*"]
 	s.executables = %w(some)
-	s.add_dependency "nifty-cloud-sdk"
+	s.add_dependency "nifty-cloud-sdk", "1.11.beta1"
 	s.add_dependency "thor"
 end
 

data/TODO

@@ -1,2 +1,5 @@
- * インデント直す
- * ポート開ける用の cookbooks 作る
+ * 
+----------------------------------------
+ * motd
+ * hostname
+ * nifty_cloud

data/VERSION

@@ -1 +1 @@
-0.0.1
+0.0.2

data/bin/some

@@ -14,21 +14,7 @@ class CLI < Thor
 
 		if role
 			task("Bootstrap chef") { some.bootstrap_chef(host) }
-			role.split(',').each do |role|
-				task("Setup #{role}") { some.setup_role(host, role) }
-			end
-
-			resources = some.resources(host)
-			unless resources.empty?
-				task("Open firewall") do
-					ports = resources.map { |r| r.match(/:(\d+)\//)[1] }
-					ports.each { |port| some.open_firewall(port) }
-					"ports " + ports.join(", ")
-				end
-			end
-
-			puts
-			display_resources(host)
+			task("Setup #{role}") { some.setup_role(host, role) }
 		else
 			puts "\nLogging you in via ssh.  Type 'exit' or Ctrl-D to return to your local system."
 			puts '-' * 78
@@ -43,13 +29,6 @@ class CLI < Thor
 		connect_ssh hostname
 	end
 
-	desc "resources [<instance_id or hostname>]", "show resources exported by an instance"
-	def resources(id=nil)
-		inst = some.find(id) || some.running.first || abort("No running instances")
-		hostname = inst[:hostname] || wait_for_hostname(inst[:instance_id])
-		display_resources(inst[:hostname])
-	end
-
 	desc "bootstrap", "bootstrap chef and cookbooks"
 	def bootstrap(id=nil)
 		inst = some.find(id) || some.running.first || abort("No running instances")
@@ -76,15 +55,29 @@ class CLI < Thor
 	desc "terminate [<instance_id or hostname>]", "terminate specified instance or first available"
 	def terminate(id=nil)
 		inst = some.find(id) || (some.running | some.pending).first || abort("No running or pending instances")
-                if inst[:status] != 'stopped'
-                        task 'Wait to stop' do
-                                some.wait_to_stop(inst[:instance_id])
-                        end
-                end
+		if inst[:status] != 'stopped'
+			task 'Wait to stop' do
+				some.wait_to_stop(inst[:instance_id])
+			end
+		end
 		some.terminate(inst[:instance_id])
 		puts "#{inst[:hostname] || inst[:instance_id]} scheduled for termination"
 	end
 
+	desc "openfw <port>", "open firewall"
+	def openfw(port)
+		raise ArgumentError unless port
+		some.open_firewall(port)
+		puts "port #{port} scheduled for open"
+	end
+
+	desc "closefw <port>", "close firewall"
+	def closefw(port)
+		raise ArgumentError unless port
+		some.close_firewall(port)
+		puts "port #{port} scheduled for open"
+	end
+
 	no_tasks do
 		def some
 			@some ||= Some.new
@@ -111,16 +104,6 @@ class CLI < Thor
 				puts "\nType 'some terminate' if you're done with this instance."
 			end
 		end
-
-		def display_resources(host)
-			resources = some.resources(host)
-			unless resources.empty?
-				puts "Your instance is exporting the following resources:"
-				resources.each do |resource|
-					puts "  #{resource}"
-				end
-			end
-		end
 	end
 end
 

data/lib/some.rb

@@ -19,7 +19,8 @@ class Some
 			:key_name => 'something',
 			:security_group => 'something',
 			:availability_zone => config['availability_zone'],
-                        :disable_api_termination => false
+			:disable_api_termination => false,
+			:accounting_type => 2
 		)
 		result.instancesSet.item[0].instanceId
 	end
@@ -149,13 +150,11 @@ class Some
 
 	def wait_to_stop(instance_id)
 		raise ArgumentError unless instance_id
-                api.stop_instances(:instance_id => [ instance_id ])
-                puts "waiting for #{instance_id} to stop "
+		api.stop_instances(:instance_id => [ instance_id ])
 		loop do
-                        print '.'
 			if inst = instance_info(instance_id)
 				if inst[:status] == 'stopped'
-                                        break
+					break
 				end
 			end
 			sleep 5
@@ -177,45 +176,30 @@ class Some
 
 	def bootstrap_chef(hostname)
 		commands = [
-                        "curl -L https://www.opscode.com/chef/install.sh | bash",
-                        "mkdir -p /var/chef/cookbooks /etc/chef",
-                        "echo json_attribs \\'/etc/chef/dna.json\\' > /etc/chef/solo.rb"
+			"curl -L https://www.opscode.com/chef/install.sh | bash",
+			"mkdir -p /var/chef/cookbooks /etc/chef",
+			"echo json_attribs \\'/etc/chef/dna.json\\' > /etc/chef/solo.rb"
 		]
 		ssh(hostname, commands)
 	end
 
 	def setup_role(hostname, role)
 		commands = [
-                        "echo \'#{config['role'][role]}\' > /etc/chef/dna.json",
+			"echo \'#{config['role'][role]}\' > /etc/chef/dna.json",
 			"chef-solo -r #{config['cookbooks_url']}"
 		]
 		ssh(hostname, commands)
 	end
 
 	def ssh(hostname, cmds)
-                Net::SSH.start(hostname, config['user'], :keys => [keypair_file], :passphrase => config['password']) do |ssh|
-                        File.open("#{ENV['HOME']}/.some/ssh.log", 'w') do |f|
-                                f.write(ssh.exec!(cmds.join(' && ')))
-                        end
-                end
-		# TODO: abort "failed\nCheck ~/.some/ssh.log for the output"
-	end
-
-	def resources(hostname)
-		@resources ||= {}
-		@resources[hostname] ||= fetch_resources(hostname)
-	end
-
-	def fetch_resources(hostname)
-		cmd = "ssh -i #{keypair_file} #{config['user']}@#{hostname} 'cat /root/resources' 2>&1"
-		out = IO.popen(cmd, 'r') { |pipe| pipe.read }
-		abort "failed to read resources, output:\n#{out}" unless $?.success?
-		parse_resources(out, hostname)
-	end
-
-	def parse_resources(raw, hostname)
-		raw.split("\n").map do |line|
-			line.gsub(/localhost/, hostname)
+		STDOUT.puts
+		Net::SSH.start(hostname, config['user'], :keys => [keypair_file], :passphrase => config['password']) do |ssh|
+			File.open("#{ENV['HOME']}/.some/ssh.log", 'w') do |f|
+				ssh.exec!(cmds.join(' && ')) do |ch, stream, data|
+					f.write(data)
+					STDOUT.print data
+				end
+			end
 		end
 	end
 
@@ -232,7 +216,7 @@ class Some
 			'user' => 'root',
 			'ami' => 26,
 			'availability_zone' => 'east-12',
-                        'password' => 'password'
+			'password' => 'password'
 		}
 	end
 
@@ -259,37 +243,77 @@ class Some
 	def create_security_group
 		api.create_security_group(:group_name => 'something', :group_description => 'Something')
 	rescue NIFTY::ResponseError => e
-                if e.message != "The groupName 'something' already exists."
-                        raise e
-                end
+		if e.message != "The groupName 'something' already exists."
+			raise e
+		end
 	end
 
 	def open_firewall(port)
-		api.authorize_security_group_ingress(
+		target = {
 			:group_name => 'something',
-                        :ip_permissions => {
-			        :ip_protocol => 'tcp',
-			        :from_port => port,
-			        :to_port => port,
-			        :cidr_ip => '0.0.0.0/0'
-                        }
-		)
-	rescue NIFTY::ResponseError => e
-                raise e
+			:ip_permissions => {
+				:ip_protocol => 'TCP',
+				:in_out => 'IN',
+				:from_port => port,
+				:to_port => port,
+				:cidr_ip => '0.0.0.0/0'
+			}
+		}
+		return if find_security_group_ingress(target)
+		api.authorize_security_group_ingress(target)
+	end
+
+	def close_firewall(port)
+		target = {
+			:group_name => 'something',
+			:ip_permissions => {
+				:ip_protocol => 'TCP',
+				:in_out => 'IN',
+				:from_port => port,
+				:to_port => port,
+				:cidr_ip => '0.0.0.0/0'
+			}
+		}
+		return unless find_security_group_ingress(target)
+		api.revoke_security_group_ingress(target)
+	end
+
+	def find_security_group_ingress(target)
+		res = api.describe_security_groups
+		security_group = res.securityGroupInfo.item.find {|security_group|
+			security_group.groupName == target[:group_name]
+		}
+		return nil if !security_group || !security_group.ipPermissions
+		security_group.ipPermissions.item.find {|ip_permission|
+			flag = (
+				ip_permission.ipProtocol == target[:ip_permissions][:ip_protocol] &&
+				ip_permission.inOut == target[:ip_permissions][:in_out]
+			)
+			# also compare from_port when ip_protocol is not ICMP but TCP or UDP
+			if target[:ip_permissions][:ip_protocol] != 'ICMP'
+				flag = flag && (ip_permission.fromPort == target[:ip_permissions][:from_port].to_s)
+			end
+			if ip_permission.groups
+				flag = flag && (ip_permission.groups.item.first.groupName == target[:ip_permissions][:group_name])
+			else
+				flag = flag && (ip_permission.ipRanges.item.first.cidrIp == target[:ip_permissions][:cidr_ip])
+			end
+			flag
+		}
 	end
 
 	def api
-                @api ||= NIFTY::Cloud::Base.new(
-                        :access_key => config['access_key'], 
-                        :secret_key => config['secret_key'], 
-                        :server => server,
-                        :path => '/api'
-                )
+		@api ||= NIFTY::Cloud::Base.new(
+			:access_key => config['access_key'], 
+			:secret_key => config['secret_key'], 
+			:server => server,
+			:path => '/api'
+		)
 	end
 	
 	def server
-	        zone = config['availability_zone']
-	        host = zone.slice(0, zone.length - 1)
-	        "#{host}.cp.cloud.nifty.com"
-  end
+		zone = config['availability_zone']
+		host = zone.slice(0, zone.length - 1)
+		"#{host}.cp.cloud.nifty.com"
+	end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: some
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
   prerelease: 
 platform: ruby
 authors:
@@ -9,22 +9,22 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-04-05 00:00:00.000000000Z
+date: 2013-04-06 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nifty-cloud-sdk
-  requirement: &259249220 !ruby/object:Gem::Requirement
+  requirement: &75338600 !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ! '>='
+    - - =
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.11.beta1
   type: :runtime
   prerelease: false
-  version_requirements: *259249220
+  version_requirements: *75338600
 - !ruby/object:Gem::Dependency
   name: thor
-  requirement: &259248640 !ruby/object:Gem::Requirement
+  requirement: &75337980 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,17 +32,17 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *259248640
+  version_requirements: *75337980
 description: sumo clone for NIFTY Cloud
 email: tidnlyam@gmail.com
 executables:
 - some
 extensions: []
 extra_rdoc_files:
-- README.rdoc
+- README.md
 - TODO
 files:
-- README.rdoc
+- README.md
 - Rakefile
 - TODO
 - VERSION

data/README.rdoc

@@ -1,123 +0,0 @@
-= Tired of wrestling with server provisioning?  Sumo!
-
-Want to fire up a one-off EC2 instance, pronto?  ec2-run-instances got you down?  Try Sumo.
-
-    $ sumo launch
-    ---> Launching instance...    i-4f809c26 (1.5s)
-    ---> Acquiring hostname...    ec2-67-202-17-178.compute-1.amazonaws.com (26.7s)
-
-    Logging you in via ssh.  Type 'exit' or Ctrl-D to return to your local system.
-    ------------------------------------------------------------------------------
-    Linux domU-12-31-39-04-31-37 2.6.21.7-2.fc8xen #1 SMP Fri Feb 15 12:39:36 EST 2008 i686
-    ...
-    root@domU-12-31-39-04-31-37:~# 
-
-Later...
-
-    $ sumo terminate
-    ec2-67-202-17-178.compute-1.amazonaws.com scheduled for termination
-
-You can manage multiple instances via "sumo list" and specifying hostname or instance id as arguments to the ssh or terminate commands.
-
-== Service installation with Chef
-
-The launch command takes an argument, which is a server role (from roles/#{role}.json inside your cookbooks repo):
-
-    $ sumo launch redis
-    ---> Launch instance...       i-b96c73d0 (1.3s)
-    ---> Acquire hostname...      ec2-75-101-191-220.compute-1.amazonaws.com (36.1s)
-    ---> Wait for ssh...          done (9.0s)
-    ---> Bootstrap chef...        done (61.3s)
-    ---> Setup redis...           done (11.9s)
-    ---> Opening firewall...      ports 6379 (5.2s)
-
-    Your instance is exporting the following resources:
-      Redis: redis://:8452cdd98f428c972f08@ec2-75-101-191-220.compute-1.amazonaws.com:6379/0
-
-The instance can assume multiple roles if you like:
-
-    $ sumo launch redis,solr,couchdb
-
-== Setup
-
-Dependencies:
-
-    $ sudo gem install amazon-ec2 thor
-
-Then create ~/.sumo/config.yml containing:
-
-    ---
-    access_id: <your amazon access key id>
-    access_secret: <your amazon secret access key>
-
-Optional config you can include any of the following in your config.yml:
-
-    user: root
-    ami: ami-ed46a784
-     availability_zone: us-east-1b
-    cookbooks_url: git://github.com/adamwiggins/chef-cookbooks.git
-
-You'll need Bacon and Mocha if you want to run the specs, and Jewler if you want to create gems.
-
-== Managing volumes
-
-Create and attach a volume to your running instance:
-
-   $ sumo create_volume
-   ---> Create 5MB volume...     vol-8a9c6ae3 (1.1s)
-   $ sumo volumes
-   vol-8a9c6ae3    5MB  available
-   $ sumo attach
-   ---> Attach vol-8a9c6ae3 to i-bc32cbd4 as /dev/sdc1... done (0.6s)
-
-Log in to format and mount the volume:
-
-   $ sumo ssh
-   root@ip-10-251-122-175:~# mkfs.ext3 /dev/sdc1
-   mke2fs 1.41.4 (27-Jan-2009)
-   Filesystem label=
-   OS type: Linux
-   Block size=4096 (log=2)
-   ...
-   $ mkdir /myvol
-   $ mount /dev/sdc1 /myvol
-   $ echo "I'm going to persist to a volume" > /myvol/hello.txt
-
-To detach from a running instance (perhaps so you can attach elsewhere):
-
-   $ sumo detatch
-   ---> Detach vol-8a9c6ae3...   done (0.6s)
-
-Destroy it if you no longer want the data stored on it:
-
-   $ sumo destroy_volume
-   ---> Destroy volume...        done (0.8s)
-
-== Some details you might want to know
-
-Sumo creates its own keypair named sumo, which is stored in ~/.ssh/keypair.pem.  Amazon doesn't let you upload your own ssh public key, which is lame, so this is the best option for making the launch-and-connect process a single step.
-
-It will also create an Amazon security group called sumo, so that it can lower the firewall for services you configure via cookbook roles.
-
-If you run any production machines from your EC2 account, I recommend setting up a separate account for use with Sumo.  It does not prompt for confirmation when terminating an instance or differentiate between instances started by it vs. instances started by other tools.
-
-== Anti-features
-
-Sumo is not a cloud management tool, a monitor tool, or anything more than a way to get an instance up right quick.  If you're looking for a way to manage a cluster of production instances, try one of these fine tools.
-
-* Pool Party
-* RightScale
-* Engine Yard Cloud
-* Cloudkick
-
-== Meta
-
-Created by Adam Wiggins
-
-Patches contributed by Orion Henry, Blake Mizerany, Jesse Newland, Gert Goet,
-and Tim Lossen
-
-Released under the MIT License: http://www.opensource.org/licenses/mit-license.php
-
-http://github.com/adamwiggins/sumo
-