tengine_resource 0.5.13

data/lib/tengine/resource/credential.rb

@@ -0,0 +1,156 @@
+# -*- coding: utf-8 -*-
+require 'mongoid'
+require 'selectable_attr'
+
+class Tengine::Resource::Credential
+  autoload :Ec2, 'tengine/resource/credential/ec2'
+
+  include Mongoid::Document
+  include Mongoid::Timestamps
+  include Tengine::Core::SelectableAttr
+  include Tengine::Core::CollectionAccessible
+  include Tengine::Core::Validation
+  include Tengine::Core::FindByName
+
+  field :name, :type => String
+  field :description, :type => String
+  field :auth_type_cd, :type => String
+  field :auth_values, :type => Hash
+  map_yaml_accessor :auth_values
+
+  # これは秋間のselectable_attrを使ってます
+  # see http://github.com/akm/selectable_attr
+  #     http://github.com/akm/selectable_attr_rails
+  # EC2での認証については以下などを参照してください。
+  #     http://builder.japan.zdnet.com/member/u502383/blog/2008/08/08/entry_27012840/
+  selectable_attr :auth_type_cd do
+    entry "01", :ssh_password  , "SSHパスワード認証"   , :for_launch => false
+    entry "02", :ssh_public_key, "SSH公開鍵認証"       , :for_launch => false
+    # entry "03", :ec2_access_key, "EC2 アクセスキー認証", :for_launch => true
+    # entry "04", :ec2_x509_cert, "EC2 X.509認証"
+    # entry "05", :tama, "Tama", :for_launch => true
+  end
+
+  validates :name, :presence => true, :uniqueness => true, :format => BASE_NAME.options
+  validates :auth_type_cd, :presence => true
+
+  index :name, :unique => true
+
+  index([ [:_id, Mongo::ASCENDING], [:auth_type_cd, Mongo::ASCENDING], ])
+  index([ [:_id, Mongo::ASCENDING], [:auth_type_cd, Mongo::DESCENDING], ])
+  index([ [:_id, Mongo::ASCENDING], [:description, Mongo::ASCENDING], ])
+  index([ [:_id, Mongo::ASCENDING], [:description, Mongo::DESCENDING], ])
+
+  before_validation :prepare_auth_values_default # auth_valuesの各値がnilならデフォルト値を設定します
+  validate{|c| c.validate_auth_values}
+
+  SECRET_AUTH_VALUES_KEYS = %w[password passphrase private_keys secret_access_key]
+
+  def secure_auth_values
+    if result = auth_values.stringify_keys!
+      SECRET_AUTH_VALUES_KEYS.each{|key| result.delete(key)}
+    end
+    result
+  end
+
+  class AuthField
+    attr_reader :name, :type_key, :optional, :default
+    def initialize(name, type_key, options = {})
+      @name, @type_key = name.to_s, type_key.to_sym
+      @options = options || {}
+      @optional = !!@options[:optional]
+      @default = @options[:default]
+    end
+    def validate(credential, hash)
+      unless optional
+        credential.errors.add(:auth_values, "#{name.inspect} can't be blank") if hash[name].blank?
+      end
+    end
+    def optional?
+      @optional
+    end
+
+    def eql?(other)
+      self.name <=> other.to_s
+    end
+    def hash
+      self.name.hash
+    end
+    def to_s
+      self.name
+    end
+  end
+
+  AUTH_TYPE_KEY_TO_FIELDS = {
+    # Net::SSHにはたくさんのオプションがあります
+    # http://net-ssh.rubyforge.org/ssh/v2/api/classes/Net/SSH.html
+
+    # {:username => "goku", :password =>"xxx"}
+    :ssh_password => [
+      AuthField.new(:username, :string),
+      AuthField.new(:password, :secret),
+    ].freeze,
+
+    # {:username => "goku", :private_keys =>"xxx", :passphrase => "xxxx"}
+    :ssh_public_key => [
+      AuthField.new(:username    , :string),
+      AuthField.new(:private_keys, :text),
+      AuthField.new(:passphrase  , :secret, :optional => true),
+    ].freeze,
+
+    # {:access_key => "xxxxx", :secret_access_key =>"xxxxx"}
+    :ec2_access_key => [
+      AuthField.new(:access_key, :string),
+      AuthField.new(:secret_access_key, :string),
+      AuthField.new(:default_region, :string, :default => "us-east-1"),
+    ].freeze,
+  }.freeze
+
+  def validate_auth_values
+    if auth_type_key
+      hash = self.auth_values.stringify_keys!
+      fields = AUTH_TYPE_KEY_TO_FIELDS[auth_type_key]
+      fields.each do |field|
+        field.validate(self, hash)
+      end
+    end
+  end
+
+  ALL_FILED_NAMES = AUTH_TYPE_KEY_TO_FIELDS.values.flatten.map(&:name)
+  def prepare_auth_values_default
+    if auth_type_key
+      hash = self.auth_values.stringify_keys!
+      fields = AUTH_TYPE_KEY_TO_FIELDS[auth_type_key]
+      fields.each do |field|
+        if default_value = field.default
+          hash[field.name] ||= default_value
+        end
+      end
+      (ALL_FILED_NAMES - AUTH_TYPE_KEY_TO_FIELDS[auth_type_key].map(&:name)).each do |field_name|
+        hash.delete(field_name)
+        hash.delete(field_name.to_s)
+      end
+    end
+  end
+
+  def for_launch?
+    raise NotImplementedError, "deprecated API"
+  end
+
+  def launch_options(connect_options = {})
+    raise NotImplementedError, "deprecated API"
+  end
+
+  def connect(*args, &block)
+    raise NotImplementedError, "deprecated API"
+  end
+
+  class << self
+    def find_or_create_by_name!(attrs = {}, &block)
+      result = self.first(:conditions => {:name => attrs[:name]})
+      result ||= self.create!(attrs)
+      result
+    end
+  end
+
+end

data/lib/tengine/resource/credential/ec2.rb

@@ -0,0 +1,5 @@
+# -*- coding: utf-8 -*-
+module Tengine::Resource::Credential::Ec2
+  autoload :Dummy, 'tengine/resource/credential/ec2/dummy'
+  autoload :LaunchOptions, 'tengine/resource/credential/ec2/launch_options'
+end

data/lib/tengine/resource/credential/ec2/dummy.rb

@@ -0,0 +1,148 @@
+# -*- coding: utf-8 -*-
+# EC2に実際には接続しないであたかも接続しているかのように見せるためのダミーです。
+#
+# 環境変数EC2_DUMMYがtrueの場合に、RightAws::Ec2の代わりにこのクラスからインスタンスが生成されます。
+# 起動してから環境変数EC2_DUMMY_INTERVALで指定された秒数が経過したインスタンス(のダミー)はちゃんとrunningになるようになっています。
+#
+# [10/08/19 13:06:41] akimatter: モックはtestでしか使えません。
+# [10/08/19 13:08:47] akimatter: developmentでは、RightAws::Ec2のインスタンスの代わりのダミー(一般的にはモックって言うけど、specのモックと区別して敢えてダミーします)を使うようにするべきかも。
+# [10/08/19 13:09:19] akimatter: ただし、developmentでもダミーではなくEC2にちゃんと繋ぎたい場合もあるので、
+# [10/08/19 13:09:41] akimatter: 環境変数か何かの設定でこれらの動作が変わる方が良いかと思います。
+class Tengine::Resource::Credential::Ec2::Dummy
+  cattr_accessor :last_instance_index
+  @@last_instance_index = 0
+
+  # クラス変数で生成しているインスタンスを保持したいところですが、
+  # それだとdevelopmentモードでクラスがロードされる度に保持している内容がクリア
+  # されてしまうのでNGでした。
+  # 他に影響を与えないように実装する手段が他に思いつかなかったので、グローバル変数を使います。
+  # cattr_accessor :instances
+  # @@instances = {}
+  def self.instances
+    $ec2_dummy_instances ||= {}
+  end
+  def self.instances=(value)
+    $ec2_dummy_instances = value
+  end
+
+  def instances
+    self.class.instances
+  end
+
+  def initialize(access_key, secret_access_key, options = {})
+    @access_key, @secret_access_key = access_key, secret_access_key
+    @options = options || {}
+  end
+
+  STATIC_ATTRS = {
+    :aws_reservation_id=>"r-71a46435",
+    :aws_owner=>"000000000888",
+    :aws_ramdisk_id=>"ari-c12e7f84",
+    :aws_product_codes=>[],
+    :monitoring_state=>"disabled",
+    :aws_instance_type=>"m1.small",
+    :root_device_type=>"instance-store",
+    :aws_reason=>"",
+    :aws_kernel_id=>"aki-773c6d32",
+    :aws_availability_zone=>"us-west-1a"
+  }
+
+  def launch_instances(image_id, options)
+    launch_time = Time.zone.now
+    count = options.delete(:min_count) || 1
+    options.delete(:max_count) # :max_countは無視
+    idx = 0
+    result = []
+    count.times do
+      instance_index = (self.class.last_instance_index += 1)
+      instanceid = "i-DMY%05d" % instance_index
+      instance_hash = {
+        :aws_instance_id => instanceid,
+        :aws_image_id => image_id,
+        :state_reason_code=>"pending",
+        :ssh_key_name => options[:key_name],
+        :aws_groups => options[:group_ids],
+        :state_reason_message=>"pending",
+        :aws_state_code=>0,
+        :dns_name=>"",
+        :private_dns_name => "",
+        :aws_launch_time => launch_time.iso8601,
+        :aws_state => "pending",
+        :ami_launch_index => idx.to_s,
+      }.update(STATIC_ATTRS.dup)
+      idx += 1
+      result << instance_hash
+      instances[instanceid] = instance_hash
+    end
+    result
+  end
+
+  def describe_instances(instance_ids = [])
+    update_instances
+    if instance_ids.empty?
+      instances.values.sort_by{|hash| hash[:aws_instance_id]}
+    else
+      instance_ids.map{|id| instances[id]}
+    end
+  end
+
+  def terminate_instances(instance_ids)
+    update_instances
+    instance_ids.each do |instance_id|
+      update_status_running(instance_id) # 停止する前に一度はrunningにしておく
+      hash = instances[instance_id]
+      hash.update(
+        :state_reason_code=>"Client.UserInitiatedShutdown",
+        :state_reason_message=>"Client.UserInitiatedShutdown: User initiated shutdown",
+        :aws_state_code=>48,
+        :dns_name=>"",
+        :private_dns_name=>"",
+        :aws_state=>"terminated"
+        )
+      hash.delete(:ip_address)
+      hash.delete(:private_ip_address)
+    end
+    instance_ids.map do |instance_id|
+      {
+        :aws_prev_state_name => "running",
+        :aws_instance_id => instance_id,
+        :aws_current_state_code => 32,
+        :aws_current_state_name => "shutting-down",
+        :aws_prev_state_code => 16
+      }
+    end
+  end
+
+  private
+  UPDATE_INTERVAL = (ENV['EC2_DUMMY_INTERVAL'] || 30).to_i.seconds
+
+  def update_instances
+    t = Time.zone.now
+    instances.each do |instanceid, hash|
+      next unless hash[:aws_state] == "pending"
+      launch_time = Time.zone.parse(hash[:aws_launch_time])
+      next if (t - launch_time) < UPDATE_INTERVAL
+      update_status_running(instanceid)
+    end
+  end
+
+  def update_status_running(instance_id)
+    hash = instances[instance_id]
+    unless hash
+      raise ArgumentError, "No instance found for #{instance_id.inspect}. " << instances.keys.map(&:to_s).join("\n") << " exist."
+    end
+    instance_index = hash[:aws_instance_id].sub(/^i\-DMY/, '').to_i
+    hash.update(
+      :aws_state_code=>16,
+      :dns_name=>"ec2-184-72-20-#{instance_index}.us-west-1.compute.amazonaws.com",
+      :ip_address=>"184.72.20.#{instance_index}",
+      :private_dns_name=>"ip-10-162-153-#{instance_index}.us-west-1.compute.internal",
+      :private_ip_address=>"10.162.153.#{instance_index}",
+      :aws_state=>"running",
+      :architecture=>"i386"
+      )
+    hash.delete(:state_reason_message)
+    hash.delete(:state_reason_code)
+  end
+
+end

data/lib/tengine/resource/credential/ec2/launch_options.rb

@@ -0,0 +1,179 @@
+# -*- coding: utf-8 -*-
+class Tengine::Resource::Credential::Ec2::LaunchOptions
+
+  def initialize(credential)
+    @credential = credential
+  end
+
+  LAUNCH_OPTIONS_KEYS = %w(current_region regions availability_zones key_pairs
+    security_groups images instance_types kernel_ids ramdisk_ids)
+
+  def launch_options(connection, current_region)
+    @connection, @current_region = connection, current_region
+    LAUNCH_OPTIONS_KEYS.inject({}){|dest, m| dest[m] = send(m); dest}
+  ensure
+    @connection, @current_region = nil, nil
+  end
+
+  attr_reader :current_region
+
+  DEFAULT_REGION_CAPTIONS = {
+    "us-east-1"      => "US East" ,
+    "us-west-1"      => "US West" ,
+    "eu-west-1"      => "EU West" ,
+    "ap-southeast-1" => "Asia Pacific"
+  }.freeze
+
+  def regions
+    # ["eu-west-1", "us-east-1", "us-west-1", "ap-southeast-1"]
+    raw = @connection.describe_regions
+    raw.inject([]) do |dest, region|
+      dest << {"name" => region, "caption" => DEFAULT_REGION_CAPTIONS[region]}
+    end
+  end
+
+  def availability_zones
+    # [
+    #   {:region_name=>"us-east-1", :zone_name=>"us-east-1a", :zone_state=>"available"},
+    #   {:region_name=>"us-east-1", :zone_name=>"us-east-1b", :zone_state=>"available"},
+    #   {:region_name=>"us-east-1", :zone_name=>"us-east-1c", :zone_state=>"available"},
+    #   {:region_name=>"us-east-1", :zone_name=>"us-east-1d", :zone_state=>"available"}
+    # ]
+    raw = @connection.describe_availability_zones
+    raw.map{|h| h[:zone_name]}.sort
+  end
+
+  def key_pairs
+    # [{:aws_key_name=>"west-dev01", :aws_fingerprint=>"7c:89:2f:c9:4a:1c:02:65:1b:14:dc:a5:c9:a0:da:fb:46:08:4a:99"}]
+    raw = @connection.describe_key_pairs
+    raw.map{|h| h[:aws_key_name]}
+  end
+
+  def security_groups
+    # [
+    #   { :aws_owner=>"892601002221", :aws_group_name=>"default", :aws_description=>"default group",
+    #     :aws_perms=>[{:owner=>"892601002221", :group=>"default"}, {:from_port=>"22", :to_port=>"22", :cidr_ips=>"0.0.0.0/0", :protocol=>"tcp"}]},
+    #   { :aws_owner=>"892601002221", :aws_group_name=>"ruby-dev", :aws_description=>"for developmewnt with ruby",
+    #     :aws_perms=>[{:from_port=>"80", :to_port=>"80", :cidr_ips=>"0.0.0.0/0", :protocol=>"tcp"}]}
+    # ]
+    raw = @connection.describe_security_groups
+    raw.map{|h| h[:aws_group_name]}
+  end
+
+  def images
+    # [
+    #   {
+    #     :aws_id=>"ami-5189d814",
+    #     :aws_architecture=>"i386", :root_device_type=>"instance-store",
+    #     :root_device_name=>"/dev/sda1",
+    #     :aws_location=>"akm2000-us-west-2/dev-20100521-01.manifest.xml",
+    #     :aws_image_type=>"machine", :aws_state=>"available",
+    #     :aws_owner=>"892601002221", :aws_is_public=>false,
+    #     :aws_kernel_id=>"aki-773c6d32", :aws_ramdisk_id=>"ari-c12e7f84",
+    #   },
+    # ]
+    saved_images = Tengine::Resource::VirtualServerImage.all
+    # raw_images = @connection.describe_images_by_owner('self')
+    raw_images = @connection.describe_images(saved_images.map(&:provided_id).uniq.compact) #クラスタに登録されているAMI
+    # raw_images += @connection.describe_images_by_executable_by("self") # 実行可能なAMI
+    amiid_to_hash = raw_images.inject({}){|d, hash| d[hash[:aws_id]] = hash; d}
+    result = saved_images.map do |saved_image|
+      if ami = amiid_to_hash[saved_image.provided_id]
+        {
+          'id' => saved_image.id,
+          'name' => ami[:aws_id],
+          'caption' => saved_image.description,
+          'aws_architecture' => ami[:aws_architecture],
+          'aws_arch_root_dev' => to_aws_arch_root_dev(ami),
+        }
+      else
+        nil
+      end
+    end
+    result.compact.uniq
+  end
+
+  def instance_types
+    # rawなし
+    INSTANCE_TYPES
+  end
+
+  def kernel_ids
+    # [
+    #   {
+    #     :aws_id=>"aki-233c6d66",
+    #     :aws_architecture=>"i386", :root_device_type=>"instance-store",
+    #     :aws_location=>"ec2-paid-ibm-images-us-west-1/vmlinuz-2.6.16.60-0.29-xenpae.i386.manifest.xml",
+    #     :aws_image_type=>"kernel", :aws_state=>"available", :aws_owner=>"470254534024",
+    #     :aws_is_public=>true, :image_owner_alias=>"amazon",
+    #   },
+    # ]
+    raw = amazon_images.select{|img| img[:aws_image_type] == 'kernel'}
+    raw.inject({}) do |dest, hash|
+      key = hash[:aws_architecture]
+      dest[key] ||= []
+      dest[key] << hash[:aws_id]
+      dest
+    end
+  end
+
+  def ramdisk_ids
+    # [
+    #   {
+    #     :aws_id=>"ari-2d3c6d68",
+    #     :aws_architecture=>"i386", :root_device_type=>"instance-store",
+    #     :aws_location=>"ec2-paid-ibm-images-us-west-1/initrd-2.6.16.60-0.29-xenpae.i386.manifest.xml",
+    #     :aws_image_type=>"ramdisk", :aws_state=>"available", :aws_owner=>"470254534024",
+    #     :aws_is_public=>true, :image_owner_alias=>"amazon"
+    #   },
+    # ]
+    raw = amazon_images.select{|img| img[:aws_image_type] == 'ramdisk'}
+    raw.inject({}) do |dest, hash|
+      key = hash[:aws_architecture]
+      dest[key] ||= []
+      dest[key] << hash[:aws_id]
+      dest
+    end
+  end
+
+  private
+
+  def amazon_images
+    @amazon_images ||= @connection.describe_images_by_owner('amazon')
+  end
+
+
+  def to_aws_arch_root_dev(hash)
+    "#{hash[:aws_architecture]}_#{hash[:root_device_type]}"
+  end
+
+  INSTANCE_TYPES = {
+    'i386_instance-store' => [
+      { "value" => "m1.small"  , "caption" => "Small" },
+      { "value" => "c1.medium" , "caption" => "High-CPU Medium" },
+    ].freeze,
+    'i386_ebs' => [
+      { "value" => "t1.micro"  , "caption" => "Micro" },
+      { "value" => "m1.small"  , "caption" => "Small" },
+      { "value" => "c1.medium" , "caption" => "High-CPU Medium" },
+    ].freeze,
+    'x86_64_instance-store' => [
+      { "value" => "m1.large"  , "caption" => "Large" },
+      { "value" => "m1.xlarge" , "caption" => "Extra Large" },
+      { "value" => "m2.xlarge" , "caption" => "High-Memory Extra Large" },
+      { "value" => "m2.2xlarge", "caption" => "High-Memory Double Extra Large" },
+      { "value" => "m2.4xlarge", "caption" => "High-Memory Quadruple Extra Large" },
+      { "value" => "c1.xlarge" , "caption" => "High-CPU Extra Large" },
+    ].freeze,
+    'x86_64_ebs' => [
+      { "value" => "t1.micro"  , "caption" => "Micro" },
+      { "value" => "m1.large"  , "caption" => "Large" },
+      { "value" => "m1.xlarge" , "caption" => "Extra Large" },
+      { "value" => "m2.xlarge" , "caption" => "High-Memory Extra Large" },
+      { "value" => "m2.2xlarge", "caption" => "High-Memory Double Extra Large" },
+      { "value" => "m2.4xlarge", "caption" => "High-Memory Quadruple Extra Large" },
+      { "value" => "c1.xlarge" , "caption" => "High-CPU Extra Large" },
+    ].freeze,
+  }.freeze
+
+end