Skip to content

Instantly share code, notes, and snippets.

@mikehale

mikehale/create_server.rb

Created September 28, 2011 17:15
Show Gist options
  • Save mikehale/1248532 to your computer and use it in GitHub Desktop.
Save mikehale/1248532 to your computer and use it in GitHub Desktop.
Download ZIP
Provision a Ubuntu 10.04 LTS (lucid) 256 server on Rackspace CloudServers with ssh password logins disabled
Raw
create_server.rb
#!/usr/bin/env ruby
# This script provisions a Ubuntu 10.04 LTS (lucid) 256 server on
# Rackspace CloudServers with ssh password logins disabled and only
# the
# public key at ~/.ssh/id_rsa.pub authorized to login. The server will
# be terminated after 60 seconds. You need a CloudServers username and
# api_key to test this script.
require 'rubygems'
require 'fog'
require 'net/ssh'
unless ENV['RACKSPACE_API_KEY'] and ENV['RACKSPACE_USERNAME']
puts "RACKSPACE_API_KEY and or RACKSPACE_USERNAME env variable(s) not set"
exit
end
def data_file(path)
unless @files_by_name
@data ||= DATA.readlines.join
contents = @data.split(/^##.+\n/); contents.shift
names = @data.scan(/^## (.+)$/).map{|e| e.first }
@files_by_name = names.inject({}){|m,e| m[e] = contents.shift; m}
end
{"path" => path, "contents" => @files_by_name[path]}
end
compute = Fog::Compute.new(
:provider => 'Rackspace',
:rackspace_api_key => ENV['RACKSPACE_API_KEY'],
:rackspace_username => ENV['RACKSPACE_USERNAME']
)
server = compute.servers.create(
:flavor_id => 1, # 256MB
:image_id => 49, # Ubuntu 10.04 LTS 64bit
:personality => [
{
'path' => "/root/.ssh/authorized_keys",
'contents' => File.read(File.expand_path("~/.ssh/id_rsa.pub"))
},
data_file("/etc/ssh/sshd_config"),
data_file("/var/lib/misc/bootstrap.sh")
]
)
puts "Creating #{server.name} (#{compute.images.get(server.image_id).name} #{compute.flavors.get(server.flavor_id).name})"
server.wait_for { ready? }
Net::SSH.start(server.addresses["public"].first, 'root') do |ssh|
ssh.exec!("/bin/bash /var/lib/misc/bootstrap.sh") do |channel, stream, data|
print data
end
end
puts "root@#{server.addresses["public"].first} is ready"
sleep 45
server.destroy
__END__
## /etc/ssh/sshd_config
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 768
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 120
PermitRootLogin without-password
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
PasswordAuthentication no
X11Forwarding no
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes
## /var/lib/misc/bootstrap.sh
#!/bin/bash
if [ ! -f /usr/bin/chef-client ]; then
apt-get update
apt-get install -y ruby ruby1.8-dev build-essential wget libruby-extras libruby1.8-extras
cd /tmp
wget http://production.cf.rubygems.org/rubygems/rubygems-1.6.2.tgz
tar zxf rubygems-1.6.2.tgz
cd rubygems-1.6.2
ruby setup.rb --no-format-executable
gem update --no-rdoc --no-ri
gem install ohai --no-rdoc --no-ri --verbose
gem install chef --no-rdoc --no-ri --verbose
fi
@gorsuch
Copy link

gorsuch commented Oct 2, 2011

Thanks for sharing this - I especially like the data_file trick. I put it to use on a toy project this evening.

@mikehale
Copy link
Author

mikehale commented Oct 3, 2011 via email

@freerobby
Copy link

Thanks a bunch for this. FYI you now need to call Base64.encode64() on any file contents that you create via the :personality key.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment