toft 0.0.2

data/lib/toft.rb

@@ -0,0 +1,38 @@
+require 'toft/node_controller'
+require 'toft/file_checker'
+require 'toft/chef/chef_attributes'
+require 'toft/chef/chef_runner'
+
+module Toft
+  class << self
+    attr_accessor :cookbook_path, :role_path
+  end
+  
+  def create_node(hostname, ip)
+    NodeController.instance.create_node(hostname, ip)
+  end
+  
+  def find(hostname)
+    NodeController.instance.nodes[hostname]
+  end
+  
+  def destroy_node(hostname)
+    NodeController.instance.destroy_node(hostname)
+  end
+  
+  def node_count
+    NodeController.instance.nodes.size
+  end
+end
+
+class NilClass
+  def blank?
+    true
+  end
+end
+
+class String
+  def blank?
+    empty?
+  end
+end

data/scripts/bash/install-chef-ubuntu.sh

@@ -0,0 +1,11 @@
+echo "deb http://apt.opscode.com/ `lsb_release -cs`-0.10 main" | tee /etc/apt/sources.list.d/opscode.list
+
+mkdir -p /etc/apt/trusted.gpg.d
+gpg --keyserver keys.gnupg.net --recv-keys 83EF826A
+gpg --export packages@opscode.com | tee /etc/apt/trusted.gpg.d/opscode-keyring.gpg > /dev/null
+apt-get update
+apt-get install ucf --force-yes -y
+yes | apt-get install opscode-keyring --force-yes -y # permanent upgradeable keyring
+
+export DEBIAN_FRONTEND=noninteractive
+apt-get install chef --force-yes -qy 

data/scripts/bash/install-rvm.sh

@@ -0,0 +1,79 @@
+function load_rvm {
+	cat <<-EOF >> ~/.profile
+[[ -s ~/.rvm/scripts/rvm ]] && . ~/.rvm/scripts/rvm
+EOF
+	. ~/.profile
+}
+
+function install_rvm {
+  log "installing rvm"
+  bash < <(curl -s https://rvm.beginrescueend.com/install/rvm)
+  echo 'export rvm_project_rvmrc=1' >> $HOME/.rvmrc
+  load_rvm
+}
+
+function check_rvm {
+  load_rvm
+  hash rvm || install_rvm
+  log "rvm installed"
+}
+
+function fix_rvm_readline_for_macos_tiger {
+  if [[ `uname` == 'Darwin' ]] && [[ `uname -r` == 11* ]]; then
+    (cd "$HOME/.rvm/src/readline-6.0" && \
+      sed -i "" -e"s/darwin\[89\]\*\|darwin10\*/darwin\[89\]\*\|darwin1\[01\]\*/g" support/shobj-conf && \
+      ./configure --prefix="$HOME/.rvm/usr/" && \
+      make clean && \
+      make && \
+      make install)
+  fi
+}
+
+function install_xslt {
+  [[ -d "$HOME/.rvm/usr/include/libxslt" ]] || \
+    ( cd /tmp && \
+    rm -rf libxslt-1.1.26 && \
+    wget -c ftp://xmlsoft.org/libxml2/libxslt-1.1.26.tar.gz && \
+    tar -zxvf libxslt-1.1.26.tar.gz && \
+    cd libxslt-1.1.26 && \
+    ./configure --prefix="$HOME/.rvm/usr" --with-libxml-prefix="$HOME/.rvm/usr" && \
+    make && \
+    make install )
+}
+
+function install_ruby {
+  log "installing ruby"
+  rvm pkg install libxml2 && \
+  rvm pkg install openssl && \
+  rvm pkg install ncurses && \
+  rvm pkg install readline && \
+  fix_rvm_readline_for_macos_tiger && \
+  install_xslt && \
+  rvm install ruby-1.8.7-p352 -C "--with-readline-dir=$HOME/.rvm/usr --with-xml-dir=$HOME/.rvm/usr --with-openssl-dir=$HOME/.rvm/usr" && \
+  rvm use 1.8.7-p352 &&
+}
+
+function check_ruby {
+  rvm list | grep 1.8.7-p352 > /dev/null || install_ruby
+  log "ruby installed"
+}
+
+function install_bundler {
+  log "installing bundler"
+  gem sources | grep "http://rubygems.org/" || gem sources -a http://rubygems.org/ && \
+  gem sources | grep "http://gems.rubyforge.org/" || gem sources -a http://gems.rubyforge.org/ && \
+  gem install bundler --no-ri --no-rdoc
+}
+
+function check_bundler {
+  which bundle | grep 1.8.7-p352 > /dev/null || install_bundler
+  log "bundler installed"
+}
+
+function ruby_environment {
+  check_rvm && \
+  check_ruby && \
+  check_bundler
+}
+
+ruby_environment

data/scripts/cookbooks/lxc/attributes/default.rb

@@ -0,0 +1 @@
+default[:network][:gateway_ip] = "192.168.20.1"

data/scripts/cookbooks/lxc/files/default/lxc-create-ubuntu-image

@@ -0,0 +1,61 @@
+#!/bin/bash
+
+cache="/var/cache/lxc/ubuntu"
+suite=lucid
+
+arch=$(arch)
+if [ "$arch" == "x86_64" ]; then
+    arch=amd64
+fi
+
+if [ "$arch" == "i686" ]; then
+    arch=i386
+fi
+
+if [ -e "$cache/$suite-$arch.tar.gz" ]; then
+	echo "Cache rootfs already exists!"
+	exit 0
+fi
+
+chef_packages=ruby,rubygems1.8,ruby-dev,libopenssl-ruby,build-essential,wget,ssl-cert
+packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,dhcp3-client,ssh,lsb-release,wget,gpgv,gnupg,sudo,$chef_packages
+
+# check the mini ubuntu was not already downloaded
+mkdir -p "$cache/partial-$arch"
+if [ $? -ne 0 ]; then
+	echo "Failed to create '$cache/partial-$arch' directory"
+	exit 1
+fi
+
+# download a mini ubuntu into a cache
+echo "Downloading ubuntu minimal ..."
+debootstrap --verbose --variant=minbase --components=main,universe --arch=$arch --include=$packages $suite $cache/partial-$arch
+if [ $? -ne 0 ]; then
+	echo "Failed to download the rootfs, aborting."
+	exit 1
+fi
+
+mv "$cache/partial-$arch" "$cache/rootfs-$arch"
+echo "Download complete."
+
+# install chef
+cat <<EOF > "$cache/rootfs-$arch/tmp/install-chef-ubuntu.sh"
+echo "deb http://apt.opscode.com/ $suite-0.10 main" | tee /etc/apt/sources.list.d/opscode.list
+
+mkdir -p /etc/apt/trusted.gpg.d
+gpg --keyserver keys.gnupg.net --recv-keys 83EF826A
+gpg --export packages@opscode.com | tee /etc/apt/trusted.gpg.d/opscode-keyring.gpg > /dev/null
+apt-get update
+apt-get install ucf --force-yes -y
+yes | apt-get install opscode-keyring --force-yes -y # permanent upgradeable keyring
+
+export DEBIAN_FRONTEND=noninteractive
+apt-get install chef --force-yes -qy
+EOF
+chroot "$cache/rootfs-$arch" bash /tmp/install-chef-ubuntu.sh
+
+# compress root image
+(cd $cache/rootfs-$arch && tar zcf $suite-$arch.tar.gz .)
+mv $cache/rootfs-$arch/$suite-$arch.tar.gz $cache
+
+

data/scripts/cookbooks/lxc/recipes/default.rb

@@ -0,0 +1,42 @@
+%w{lxc bridge-utils debootstrap}.each do |pkg|
+  package "#{pkg}"
+end
+
+bash "set up networking" do
+  code <<-EOH
+brctl addbr br0
+ifconfig br0 #{node.network.gateway_ip} netmask 255.255.255.0 up
+iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+sysctl -w net.ipv4.ip_forward=1
+EOH
+  not_if "ip link ls dev br0"
+end
+
+directory "/cgroup" do
+  action :create
+end
+
+mount "/cgroup" do
+  device "cgroup"
+  fstype "cgroup"
+  pass 0
+  action [:mount, :enable]
+end
+
+template "/usr/lib/lxc/templates/lxc-lucid-chef" do
+  source "lxc-lucid-chef"
+  mode "0755"
+  action :create
+end
+
+cookbook_file "/usr/local/bin/lxc-create-ubuntu-image" do
+  source "lxc-create-ubuntu-image"
+  mode "0755"
+end
+
+bash "create ubuntu rootfs image ... this will take a while" do
+  code <<-EOH
+/usr/local/bin/lxc-create-ubuntu-image
+EOH
+end
+ 

data/scripts/cookbooks/lxc/templates/default/lxc-lucid-chef

@@ -0,0 +1,328 @@
+#!/bin/bash
+
+configure_ubuntu()
+{
+    rootfs=$1
+    hostname=$2
+
+	# add host root ssh access
+    mkdir $rootfs/root/.ssh
+    chmod 0600 $rootfs/root/.ssh
+	cat <<-EOF > $rootfs/root/.ssh/authorized_keys
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCguB7XL3ARzLZYLsIMZe4UUO371m+H5C6V8MhtmSlgXtgHDo7eZhNSm5zCeoyGd32OKeLxuxCCEkXfDDF1aa2a6twcASE3pmWNdnBS7auiOH4P7g+eQ4Aw9v7DdESbIVgHF/NDiAEFFdmApYNM3oCX2FhEVNVKxkkIokUr4axYFJzmJ6Xoi5Sd8JtPC85FZVXqDucZDnHQlOcCkbSo0UOmsWQGwtu8eUHoDeUG0dB8ntb9xlBeLctdrAPhuFYCX8IfFkdcakkzv61ETPbKE6g9wdTDC/TEep7/AHGYmarziRnwKiVOL1jnE1coOJLqy8wOC3dKGmRZy9D4sTc+FRV root insecure public key
+	EOF
+
+	# copy host resolve 
+    rm $rootfs/etc/resolv.conf
+    cp /etc/resolv.conf $rootfs/etc/resolv.conf
+
+	# add default route to host
+	cat <<EOF > $rootfs/etc/rc.local
+#!/bin/sh -e
+route add default gw <%= node.network.gateway_ip %>
+exit 0
+EOF
+
+    # disable selinux in ubuntu
+    mkdir -p $rootfs/selinux
+    echo 0 > $rootfs/selinux/enforce
+
+    # set the hostname
+    cat <<EOF > $rootfs/etc/hostname
+$hostname
+EOF
+    # set minimal hosts
+    cat <<EOF > $rootfs/etc/hosts
+127.0.0.1 localhost $hostname
+EOF
+
+    # provide the lxc service
+    cat <<EOF > $rootfs/etc/init/lxc.conf
+# fake some events needed for correct startup other services
+
+description     "Container Upstart"
+
+start on startup
+
+script
+        rm -rf /var/run/*.pid
+        rm -rf /var/run/network/*
+        /sbin/initctl emit stopped JOB=udevtrigger --no-wait
+        /sbin/initctl emit started JOB=udev --no-wait
+end script
+EOF
+
+    # fix buggus runlevel with sshd
+    cat <<EOF > $rootfs/etc/init/ssh.conf
+# ssh - OpenBSD Secure Shell server
+#
+# The OpenSSH server provides secure shell access to the system.
+
+description	"OpenSSH server"
+
+start on filesystem
+stop on runlevel [!2345]
+
+expect fork
+respawn
+respawn limit 10 5
+umask 022
+# replaces SSHD_OOM_ADJUST in /etc/default/ssh
+oom never
+
+pre-start script
+    test -x /usr/sbin/sshd || { stop; exit 0; }
+    test -e /etc/ssh/sshd_not_to_be_run && { stop; exit 0; }
+    test -c /dev/null || { stop; exit 0; }
+
+    mkdir -p -m0755 /var/run/sshd
+end script
+
+# if you used to set SSHD_OPTS in /etc/default/ssh, you can change the
+# 'exec' line here instead
+exec /usr/sbin/sshd
+EOF
+
+    cat <<EOF > $rootfs/etc/init/console.conf
+# console - getty
+#
+# This service maintains a console on tty1 from the point the system is
+# started until it is shut down again.
+
+start on stopped rc RUNLEVEL=[2345]
+stop on runlevel [!2345]
+
+respawn
+exec /sbin/getty -8 38400 /dev/console
+EOF
+
+    cat <<EOF > $rootfs/lib/init/fstab
+# /lib/init/fstab: lxc system fstab
+none            /spu                      spufs           gid=spu,optional                  0 0
+none            /tmp                      none            defaults                          0 0
+none            /var/lock                 tmpfs           nodev,noexec,nosuid,showthrough   0 0
+none            /lib/init/rw              tmpfs           mode=0755,nosuid,optional         0 0
+EOF
+
+
+
+    # reconfigure some services
+    if [ -z "$LANG" ]; then
+	chroot $rootfs locale-gen en_US.UTF-8
+	chroot $rootfs update-locale LANG=en_US.UTF-8
+    else
+	chroot $rootfs locale-gen $LANG
+	chroot $rootfs update-locale LANG=$LANG
+    fi
+
+    # remove pointless services in a container
+    chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove
+
+    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls u*.conf); do mv $f $f.orig; done'
+    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls tty[2-9].conf); do mv $f $f.orig; done'
+    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls plymouth*.conf); do mv $f $f.orig; done'
+    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls hwclock*.conf); do mv $f $f.orig; done'
+    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls module*.conf); do mv $f $f.orig; done'
+
+    echo "Set root password to 'root'"
+    echo "root:root" | chroot $rootfs chpasswd
+
+    return 0
+}
+
+copy_ubuntu()
+{
+    cache=$1
+    arch=$2
+    rootfs=$3
+
+    # make a local copy of the miniubuntu
+    echo -n "Extracting rootfs image to $rootfs ..."
+    mkdir $rootfs
+    tar zxf $cache/lucid-$arch.tar.gz -C $rootfs || return 1
+    return 0
+}
+
+install_ubuntu()
+{
+    cache="/var/cache/lxc/ubuntu"
+    rootfs=$1
+    mkdir -p /var/lock/subsys/
+    (
+	flock -n -x 200
+	if [ $? -ne 0 ]; then
+	    echo "Cache repository is busy."
+	    return 1
+	fi
+
+	arch=$(arch)
+	if [ "$arch" == "x86_64" ]; then
+	    arch=amd64
+	fi
+
+	if [ "$arch" == "i686" ]; then
+	    arch=i386
+	fi
+
+	echo "Checking image cache in $cache/rootfs-$arch ... "
+	if [ ! -e "$cache/rootfs-$arch" ]; then
+	    if [ $? -ne 0 ]; then
+		echo "Failed to download 'ubuntu base'"
+		return 1
+	    fi
+	fi
+
+	copy_ubuntu $cache $arch $rootfs
+	if [ $? -ne 0 ]; then
+	    echo "Failed to copy rootfs"
+	    return 1
+	fi
+
+	return 0
+
+	) 200>/var/lock/subsys/lxc
+
+    return $?
+}
+
+copy_configuration()
+{
+    path=$1
+    rootfs=$2
+    name=$3
+
+    cat <<EOF >> $path/config
+lxc.utsname = $name
+
+lxc.tty = 4
+lxc.pts = 1024
+lxc.rootfs = $rootfs
+lxc.mount  = $path/fstab
+
+lxc.cgroup.devices.deny = a
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+lxc.cgroup.devices.allow = c 4:0 rwm
+lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+# rtc
+lxc.cgroup.devices.allow = c 254:0 rwm
+EOF
+
+    cat <<EOF > $path/fstab
+proc            $rootfs/proc         proc    nodev,noexec,nosuid 0 0
+devpts          $rootfs/dev/pts      devpts defaults 0 0
+sysfs           $rootfs/sys          sysfs defaults  0 0
+EOF
+
+    if [ $? -ne 0 ]; then
+	echo "Failed to add configuration"
+	return 1
+    fi
+
+    return 0
+}
+
+clean()
+{
+    cache="/var/cache/lxc/ubuntu"
+
+    if [ ! -e $cache ]; then
+	exit 0
+    fi
+
+    # lock, so we won't purge while someone is creating a repository
+    (
+	flock -n -x 200
+	if [ $? != 0 ]; then
+	    echo "Cache repository is busy."
+	    exit 1
+	fi
+
+	echo -n "Purging the download cache..."
+	rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
+	exit 0
+
+    ) 200>/var/lock/subsys/lxc
+}
+
+usage()
+{
+    cat <<EOF
+$1 -h|--help -p|--path=<path> --clean
+EOF
+    return 0
+}
+
+options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
+if [ $? -ne 0 ]; then
+    usage $(basename $0)
+    exit 1
+fi
+eval set -- "$options"
+
+while true
+do
+    case "$1" in
+	-h|--help)      usage $0 && exit 0;;
+	-p|--path)      path=$2; shift 2;;
+	-n|--name)      name=$2; shift 2;;
+	-c|--clean)     clean=$2; shift 2;;
+	--)             shift 1; break ;;
+        *)              break ;;
+    esac
+done
+
+if [ ! -z "$clean" -a -z "$path" ]; then
+    clean || exit 1
+    exit 0
+fi
+
+type debootstrap
+if [ $? -ne 0 ]; then
+    echo "'debootstrap' command is missing"
+    exit 1
+fi
+
+if [ -z "$path" ]; then
+    echo "'path' parameter is required"
+    exit 1
+fi
+
+if [ "$(id -u)" != "0" ]; then
+    echo "This script should be run as 'root'"
+    exit 1
+fi
+
+rootfs=$path/rootfs
+
+install_ubuntu $rootfs
+if [ $? -ne 0 ]; then
+    echo "failed to install ubuntu"
+    exit 1
+fi
+
+configure_ubuntu $rootfs $name
+if [ $? -ne 0 ]; then
+    echo "failed to configure ubuntu for a container"
+    exit 1
+fi
+
+copy_configuration $path $rootfs $name
+if [ $? -ne 0 ]; then
+    echo "failed write configuration file"
+    exit 1
+fi
+
+if [ ! -z $clean ]; then
+    clean || exit 1
+    exit 0
+fi

data/spec/spec_helper.rb

@@ -0,0 +1,4 @@
+$:.unshift(File.dirname(__FILE__) + '/../lib')
+$:.unshift(File.dirname(__FILE__))
+
+require 'toft/chef/chef_attributes'

data/spec/tuft/chef_attributes_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+require 'cucumber/ast/table'
+
+describe "ChefAttributes" do
+  it "should parse chef dot connected attributes" do
+    ca = Toft::ChefAttributes.new(Cucumber::Ast::Table.new([[]]))
+    ca.add_attribute "one.two.three", "some"
+    ca.add_attribute "one.four", "another"
+    ca.attributes["one"]["two"]["three"].should == "some"
+    ca.attributes["one"]["four"].should == "another"
+  end
+  
+  it "should parse cucumber chef attributes ast table" do
+    table = Cucumber::Ast::Table.new([
+              ["key", "value"],
+              ["one.four", "one"],
+              ["one.two.three", "some"]
+            ])
+    ca = Toft::ChefAttributes.new(table)
+    ca.attributes["one"]["four"].should == "one"
+    ca.attributes["one"]["two"]["three"].should == "some"
+  end
+  
+  it "should return json" do
+    table = Cucumber::Ast::Table.new([
+              ["key", "value"],
+              ["one.four", "one"],
+              ["one.two.three", "some"]
+            ])
+    ca = Toft::ChefAttributes.new(table)
+    ca.to_json.should == "{\"one\":{\"two\":{\"three\":\"some\"},\"four\":\"one\"}}"
+  end
+end