pkgme service

Merge lp:~james-w/pkgme-service/fab-deploy-tasks into lp:pkgme-service

fab-deploy-tasks
Merge into trunk

Proposed by James Westby on 2012-01-18

Status:	Superseded
Proposed branch:	lp:~james-w/pkgme-service/fab-deploy-tasks
Merge into:	lp:pkgme-service
Diff against target:	860 lines (+806/-0) 10 files modified dev_config/apply (+48/-0) dev_config/manifests/pkgme_service.pp (+167/-0) dev_config/templates/celeryd.default.erb (+16/-0) dev_config/templates/celeryd.initscript.erb (+247/-0) dev_config/templates/django.wsgi.erb (+19/-0) dev_config/templates/httpd.conf.erb (+12/-0) dev_config/templates/production_credentials.cfg.erb (+27/-0) dev_config/templates/production_paths.py.erb (+13/-0) fabtasks/__init__.py (+1/-0) fabtasks/deploy.py (+256/-0)
To merge this branch:	bzr merge lp:~james-w/pkgme-service/fab-deploy-tasks
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
canonical-consumer-applications		2012-01-18	Pending
Review via email: mp+89164@code.launchpad.net

This proposal has been superseded by a proposal from 2012-01-18.

Commit message

Add fab tasks for dev deployment.

lp:~james-w/pkgme-service/fab-deploy-tasks updated on 2012-01-19

29. By James Westby on 2012-01-19: Merge puppet improvements.
30. By James Westby on 2012-01-19: Merge puppet fixes.
31. By James Westby on 2012-01-19: Set the security group of the created instance so it is accessible.
32. By James Westby on 2012-01-19: Delete the security group before the instance.
33. By James Westby on 2012-01-19: Add a list_running_ec2_instances command.

Unmerged revisions

33. By James Westby on 2012-01-19: Add a list_running_ec2_instances command.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

James Westby

canonical-consumer-applications

 === added directory 'dev_config'
 === added file 'dev_config/apply'
 --- dev_config/apply	1970-01-01 00:00:00 +0000
 +++ dev_config/apply	2012-01-18 23:50:28 +0000
@@ -0,0 +1,48 @@
++#!/bin/bash
++
++set -e
++
++CREDS_FILE="${HOME}/credentials"
++
++has_cred() {
++  CRED="$1"
++  if [ -f "$CREDS_FILE" ]; then
++      if grep -q "$CRED" "$CREDS_FILE"; then
++          return 0
++      fi
++  fi
++  return 1
++}
++
++get_cred() {
++  CRED="$1"
++  VALUE="$(grep "$CRED" "$CREDS_FILE" | sed -e 's/[^=]*=//')"
++  echo $VALUE
++}
++
++generate_cred() {
++  CRED="$1"
++  VALUE="${RANDOM}"
++  echo "${CRED}=${VALUE}" >> $CREDS_FILE
++  get_cred $CRED
++}
++
++get_cred_or_generate() {
++  CRED="$1"
++  if has_cred "$CRED"; then
++      get_cred "$CRED"
++  else
++      generate_cred "$CRED"
++  fi
++}
++
++RABBIT_PASSWORD=$(get_cred_or_generate "RABBIT_PASSWORD")
++POSTGRES_PASSWORD=$(get_cred_or_generate "POSTGRES_PASSWORD")
++DJANGO_SECRET_KEY=$(get_cred_or_generate "DJANGO_SECRET_KEY")
++
++export FACTER_basedir="${HOME}/pkgme-service"
++export FACTER_django_secret_key=$DJANGO_SECRET_KEY
++export FACTER_postgres_password=$POSTGRES_PASSWORD
++export FACTER_rabbit_password=$RABBIT_PASSWORD
++
++sudo -E puppet --templatedir "${HOME}/pkgme-service/dev_config/templates" "${HOME}/pkgme-service/dev_config/manifests/pkgme_service.pp"
 === added directory 'dev_config/manifests'
 === added file 'dev_config/manifests/pkgme_service.pp'
 --- dev_config/manifests/pkgme_service.pp	1970-01-01 00:00:00 +0000
 +++ dev_config/manifests/pkgme_service.pp	2012-01-18 23:50:28 +0000
@@ -0,0 +1,167 @@
++$rabbit_user = "pkgme"
++$rabbit_vhost = "pkgme-service"
++$rabbit_host = "localhost"
++$rabbit_port = "5672"
++
++$wsgi_user = "pkgme"
++$wsgi_processes = 2
++$wsgi_threads = 2
++
++$postgres_user = "pkgme"
++$postgres_database = "pkgme_service"
++$postgres_host = "localhost"
++$postgres_port = "5432"
++
++
++group {"pkgme":
++   ensure => 'present',
++}
++
++user {"pkgme":
++   comment => 'This user was created by Puppet',
++   ensure => 'present',
++   gid => 'pkgme',
++   require => Group["pkgme"],
++}
++
++exec { "psql -c \"create user $postgres_user with password '$::postgres_password'\"":
++  path => ["/usr/bin", "/bin"],
++  user => "postgres",
++  unless => "psql -c \"select usename from pg_user where usename = '$postgres_user'\" | grep -q $postgres_user",
++}
++
++exec { "psql -c 'create database $postgres_database owner $postgres_user'":
++  path => ["/usr/bin", "/bin"],
++  user => "postgres",
++  require => Exec["psql -c \"create user $postgres_user with password '$::postgres_password'\""],
++  unless => "psql -c \"select datname from pg_database where datname = '$postgres_database'\" | grep -q $postgres_database",
++}
++
++exec { "psql -c 'grant all privileges on database $postgres_database to $postgres_user'":
++  path => ["/usr/bin"],
++  user => "postgres",
++  require => Exec["psql -c 'create database $postgres_database owner $postgres_user'"],
++}
++
++file { "$::basedir/django_project/production_credentials.cfg":
++  content => template("production_credentials.cfg.erb"),
++  owner => "pkgme",
++  group => "pkgme",
++  mode => 640,
++  require => [
++      Group["pkgme"],
++      Exec["psql -c 'grant all privileges on database $postgres_database to $postgres_user'"],
++  ],
++}
++
++file { "$::basedir/django_project/production_paths.py":
++  content => template("production_paths.py.erb"),
++  owner => root,
++  group => "pkgme",
++  mode => 644,
++  require => Group["pkgme"],
++}
++
++file { "$::basedir/pkgme.log":
++  owner => "pkgme",
++  group => "pkgme",
++  mode => 644,
++  ensure => present,
++}
++
++exec { "python ./manage.py syncdb --noinput":
++  cwd => "$::basedir/django_project",
++  path => ["/usr/bin"],
++  user => "pkgme",
++  environment => "HOME=$::basedir",
++  require => [
++             File["$::basedir/django_project/production_credentials.cfg"],
++             File["$::basedir/django_project/production_paths.py"],
++             File["$::basedir/pkgme.log"],
++             ],
++  logoutput => on_failure,
++  loglevel => err,
++}
++
++exec { "python ./manage.py migrate":
++  cwd => "$::basedir/django_project",
++  path => ["/usr/bin"],
++  user => "pkgme",
++  environment => "HOME=$::basedir",
++  require => Exec["python ./manage.py syncdb --noinput"],
++}
++
++#exec { "python ./manage.py collectstatic --noinput":
++#  cwd => "$::basedir/django_project",
++#  path => ["/usr/bin"],
++#  require => [
++#             File["$::basedir/django_project/production_credentials.cfg"],
++#             File["$::basedir/django_project/production_paths.py"],
++#             ],
++#}
++
++file { "$::basedir/django_project/django.wsgi":
++  content => template("django.wsgi.erb"),
++  require => [
++    File["$::basedir/django_project/production_credentials.cfg"],
++    File["$::basedir/django_project/production_paths.py"],
++  ]
++}
++
++file { "/etc/apache2/httpd.conf":
++  content => template("httpd.conf.erb"),
++}
++
++exec { "/etc/init.d/apache2 reload":
++  user => root,
++  require => [
++    File["/etc/apache2/httpd.conf"],
++    File["$::basedir/django_project/django.wsgi"],
++  ],
++}
++
++$celeryd_default_file = "/etc/default/pkgme-service-celeryd"
++
++file { "/etc/init.d/pkgme-service-celeryd":
++  content => template("celeryd.initscript.erb"),
++  mode => 755,
++  owner => root,
++}
++
++file { $celeryd_default_file:
++  content => template("celeryd.default.erb"),
++  owner => root,
++  mode => 644,
++}
++
++exec { "rabbitmqctl add_user $rabbit_user $::rabbit_password":
++  path => ["/usr/sbin", "/bin", "/usr/bin"],
++  user => root,
++  unless => "rabbitmqctl list_users | grep -q \"\\<$rabbit_user\\>\"",
++}
++
++exec { "rabbitmqctl add_vhost $rabbit_vhost":
++  path => ["/usr/sbin", "/bin", "/usr/bin"],
++  user => root,
++  unless => "rabbitmqctl list_vhosts | grep -q \"\\<$rabbit_vhost\\>\"",
++}
++
++exec { "rabbitmqctl set_permissions -p $rabbit_vhost $rabbit_user .\\* .\\* .\\*":
++  path => ["/usr/sbin", "/bin", "/usr/bin"],
++  user => root,
++  require => [
++    Exec["rabbitmqctl add_user $rabbit_user $::rabbit_password"],
++    Exec["rabbitmqctl add_vhost $rabbit_vhost"],
++  ],
++  unless => "rabbitmqctl list_permissions -p $rabbit_vhost | grep -q \"^\\<$rabbit_user\\>\"",
++}
++
++service { "pkgme-service-celeryd":
++  ensure => running,
++  hasrestart => true,
++  hasstatus => true,
++  subscribe => [
++     File['/etc/init.d/pkgme-service-celeryd'],
++     File['/etc/default/pkgme-service-celeryd'],
++  ],
++}
 === added directory 'dev_config/templates'
 === added file 'dev_config/templates/celeryd.default.erb'
 --- dev_config/templates/celeryd.default.erb	1970-01-01 00:00:00 +0000
 +++ dev_config/templates/celeryd.default.erb	2012-01-18 23:50:28 +0000
@@ -0,0 +1,16 @@
++# 0 = start on boot; 1 = don't start on boot
++NO_START="0"
++
++CELERYD_CHDIR="<%= basedir %>"
++
++CELERYD="$CELERYD_CHDIR/django_project/manage.py celeryd"
++
++CELERYD_LOG_FILE="<%= basedir %>/celery.log"
++
++CELERYD_PID_FILE="<%= basedir %>/celery.pid"
++
++CELERYD_USER="pkgme"
++
++CELERYD_GROUP="pkgme"
++
++export PYTHONPATH=<%= basedir %>:<%= basedir %>/src:<%= basedir %>/sourcecode/pkgme:<%= basedir %>/sourcecode/pkgme-binary
 === added file 'dev_config/templates/celeryd.initscript.erb'
 --- dev_config/templates/celeryd.initscript.erb	1970-01-01 00:00:00 +0000
 +++ dev_config/templates/celeryd.initscript.erb	2012-01-18 23:50:28 +0000
@@ -0,0 +1,247 @@
++#!/bin/bash -e
++# ============================================
++#  celeryd - Starts the Celery worker daemon.
++# ============================================
++#
++# :Usage: /etc/init.d/celeryd {start|stop|force-reload|restart|try-restart|status}
++#
++# :Configuration file: /etc/default/celeryd
++#
++# To configure celeryd you probably need to tell it where to chdir.
++#
++# EXAMPLE CONFIGURATION
++# =====================
++#
++# this is an example configuration for a Python project:
++#
++# /etc/default/celeryd:
++#
++#   # Where to chdir at start.
++#   CELERYD_CHDIR="/opt/Myproject/"
++#
++#   # Extra arguments to celeryd
++#   CELERYD_OPTS="--time-limit=300"
++#
++#   # Name of the celery config module.#
++#   CELERY_CONFIG_MODULE="celeryconfig"
++#
++# EXAMPLE DJANGO CONFIGURATION
++# ============================
++#
++#   # Where the Django project is.
++#   CELERYD_CHDIR="/opt/Project/"
++#
++#   # Name of the projects settings module.
++#   export DJANGO_SETTINGS_MODULE="settings"
++#
++#   # Path to celeryd
++#   CELERYD="/opt/Project/manage.py"
++#
++#   # Extra arguments to manage.py
++#   CELERYD_OPTS="celeryd"
++#
++# AVAILABLE OPTIONS
++# =================
++#
++#   * CELERYD_OPTS
++#       Additional arguments to celeryd, see `celeryd --help` for a list.
++#
++#   * CELERYD_CHDIR
++#       Path to chdir at start. Default is to stay in the current directory.
++#
++#   * CELERYD_PID_FILE
++#       Full path to the pidfile. Default is /var/run/celeryd.pid.
++#
++#   * CELERYD_LOG_FILE
++#       Full path to the celeryd logfile. Default is /var/log/celeryd.log
++#
++#   * CELERYD_LOG_LEVEL
++#       Log level to use for celeryd. Default is INFO.
++#
++#   * CELERYD
++#       Path to the celeryd program. Default is `celeryd`.
++#       You can point this to an virtualenv, or even use manage.py for django.
++#
++#   * CELERYD_USER
++#       User to run celeryd as. Default is current user.
++#
++#   * CELERYD_GROUP
++#       Group to run celeryd as. Default is current user.
++#
++#   * VIRTUALENV
++#       Full path to the virtualenv environment to activate. Default is none.
++
++### BEGIN INIT INFO
++# Provides:          celeryd
++# Required-Start:    $network $local_fs $remote_fs
++# Required-Stop:     $network $local_fs $remote_fs
++# Default-Start:     2 3 4 5
++# Default-Stop:      0 1 6
++# Short-Description: celery task worker daemon
++### END INIT INFO
++
++set -e
++
++DEFAULT_CELERYD="/usr/bin/celeryd"
++
++# /etc/init.d/ssh: start and stop the celery task worker daemon.
++
++. /lib/lsb/init-functions
++
++DEFAULT_FILE="<%= celeryd_default_file %>"
++
++if test -f "$DEFAULT_FILE"; then
++    . "$DEFAULT_FILE"
++fi
++
++if [ "$NO_START" != "0" -a "$1" != "stop" ]; then
++    if [ "$VERBOSE" != "no" ]; then
++        log_warning_msg "Not starting celeryd - edit $DEFAULT_FILE and change NO_START to be 0."
++    fi
++    exit 0
++fi
++
++
++CELERYD_LOG_FILE=${CELERYD_LOG_FILE:-${CELERYD_LOGFILE:-"/var/log/celeryd.log"}}
++CELERYD_PID_FILE=${CELERYD_PID_FILE:-${CELERYD_PIDFILE:-"/var/run/celeryd.pid"}}
++CELERYD_LOG_LEVEL=${CELERYD_LOG_LEVEL:-${CELERYD_LOGLEVEL:-"INFO"}}
++
++CELERYD=${CELERYD:-$DEFAULT_CELERYD}
++
++export CELERY_LOADER
++
++CELERYD_OPTS="$CELERYD_OPTS -f $CELERYD_LOG_FILE -l $CELERYD_LOG_LEVEL"
++
++if [ -n "$2" ]; then
++    CELERYD_OPTS="$CELERYD_OPTS $2"
++fi
++
++mkdir -p $(dirname "$CELERYD_PID_FILE")
++mkdir -p $(dirname "$CELERYD_LOG_FILE")
++
++# Extra start-stop-daemon options, like user/group.
++if [ -n "$CELERYD_USER" ]; then
++    DAEMON_OPTS="$DAEMON_OPTS --chuid $CELERYD_USER"
++    chown "$CELERYD_USER" $(dirname "$CELERYD_LOG_FILE")
++fi
++if [ -n "$CELERYD_GROUP" ]; then
++    DAEMON_OPTS="$DAEMON_OPTS --group $CELERYD_GROUP"
++fi
++
++if [ -n "$CELERYD_CHDIR" ]; then
++    DAEMON_OPTS="$DAEMON_OPTS --chdir $CELERYD_CHDIR"
++fi
++
++
++# Are we running from init?
++run_by_init() {
++    ([ "$previous" ] && [ "$runlevel" ]) || [ "$runlevel" = S ]
++}
++
++
++check_dev_null() {
++    if [ ! -c /dev/null ]; then
++    if [ "$1" = log_end_msg ]; then
++        log_end_msg 1 || true
++    fi
++    if ! run_by_init; then
++        log_action_msg "/dev/null is not a character device!"
++    fi
++    exit 1
++    fi
++}
++
++
++export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
++
++
++stop_worker () {
++    cmd="start-stop-daemon --stop \
++                           --quiet \
++                           $* \
++                           --pidfile $CELERYD_PID_FILE"
++    if $cmd; then
++        log_end_msg 0
++    else
++        log_end_msg 1
++    fi
++}
++
++start_worker () {
++    cmd="start-stop-daemon --start $DAEMON_OPTS \
++                           --quiet \
++                           --oknodo \
++                           --background \
++                           --make-pidfile \
++                           $* \
++                           --pidfile $CELERYD_PID_FILE
++                           --exec $CELERYD -- $CELERYD_OPTS"
++    if [ -n "$VIRTUALENV" ]; then
++        source $VIRTUALENV/bin/activate
++    fi
++    if $cmd; then
++        log_end_msg 0
++    else
++        log_end_msg 1
++    fi
++}
++
++
++
++case "$1" in
++  start)
++    check_dev_null
++    log_daemon_msg "Starting celery task worker server" "celeryd"
++    start_worker
++    ;;
++  stop)
++    log_daemon_msg "Stopping celery task worker server" "celeryd"
++    stop_worker --oknodo
++    ;;
++
++  reload|force-reload)
++    echo "Use start+stop"
++    ;;
++
++  restart)
++    log_daemon_msg "Restarting celery task worker server" "celeryd"
++    stop_worker --oknodo --retry 30
++    check_dev_null log_end_msg
++    start_worker
++    ;;
++
++  try-restart)
++    log_daemon_msg "Restarting celery task worker server" "celeryd"
++    set +e
++    stop_worker --retry 30
++    RET="$?"
++    set -e
++    case $RET in
++        0)
++        # old daemon stopped
++        check_dev_null log_end_msg
++        start_worker
++        ;;
++        1)
++        # daemon not running
++        log_progress_msg "(not running)"
++        log_end_msg 0
++        ;;
++        *)
++        # failed to stop
++        log_progress_msg "(failed to stop)"
++        log_end_msg 1
++        ;;
++    esac
++    ;;
++
++  status)
++    status_of_proc -p $CELERYD_PID_FILE $CELERYD celeryd && exit 0 || exit $?
++    ;;
++
++  *)
++    log_action_msg "Usage: /etc/init.d/celeryd {start|stop|force-reload|restart|try-restart|status}"
++    exit 1
++esac
++
++exit 0
 === added file 'dev_config/templates/django.wsgi.erb'
 --- dev_config/templates/django.wsgi.erb	1970-01-01 00:00:00 +0000
 +++ dev_config/templates/django.wsgi.erb	2012-01-18 23:50:28 +0000
@@ -0,0 +1,19 @@
++import os
++import sys
++
++extra_paths = [
++    '<%= basedir %>',
++    '<%= basedir %>/src',
++    '<%= basedir %>/django_project',
++    '<%= basedir %>/sourcecode/pkgme',
++    '<%= basedir %>/sourcecode/pkgme-binary',
++]
++for path in extra_paths:
++    if path not in sys.path:
++        sys.path.append(path)
++
++os.environ['PKGME_LOG_DIR'] = '<%= basedir %>'
++os.environ['DJANGO_SETTINGS_MODULE'] = 'django_project.settings'
++
++import django.core.handlers.wsgi
++application = django.core.handlers.wsgi.WSGIHandler()
 === added file 'dev_config/templates/httpd.conf.erb'
 --- dev_config/templates/httpd.conf.erb	1970-01-01 00:00:00 +0000
 +++ dev_config/templates/httpd.conf.erb	2012-01-18 23:50:28 +0000
@@ -0,0 +1,12 @@
++#Alias /assets/ /srv/<%= basedir %>/project/static/
++#
++#<Directory /srv/<%= basedir %>/project/static>
++#Order deny,allow
++#Allow from all
++#</Directory>
++
++WSGIDaemonProcess <%= basedir %> user=<%= wsgi_user %> processes=<%= wsgi_processes %> threads=<%= wsgi_threads %>
++WSGIProcessGroup <%= basedir %>
++WSGIPassAuthorization On
++
++WSGIScriptAlias / <%= basedir %>/django_project/django.wsgi
 === added file 'dev_config/templates/production_credentials.cfg.erb'
 --- dev_config/templates/production_credentials.cfg.erb	1970-01-01 00:00:00 +0000
 +++ dev_config/templates/production_credentials.cfg.erb	2012-01-18 23:50:28 +0000
@@ -0,0 +1,27 @@
++[django]
++databases = databases
++secret_key = <%= django_secret_key %>
++
++[databases]
++default = default_database
++
++[default_database]
++engine = django.db.backends.postgresql_psycopg2
++name = <%= postgres_database %>
++user = <%= postgres_user %>
++password = <%= postgres_password %>
++host = <%= postgres_host %>
++port = <%= postgres_port %>
++
++[celery]
++broker_host = <%= rabbit_host %>
++broker_port = <%= rabbit_port %>
++broker_user = <%= rabbit_user %>
++broker_password = <%= rabbit_password %>
++broker_vhost = <%= rabbit_vhost %>
++
++[djpkgme]
++myapps_consumer_secret =
++myapps_consumer_key =
++myapps_token =
++myapps_token_secret =
 === added file 'dev_config/templates/production_paths.py.erb'
 --- dev_config/templates/production_paths.py.erb	1970-01-01 00:00:00 +0000
 +++ dev_config/templates/production_paths.py.erb	2012-01-18 23:50:28 +0000
@@ -0,0 +1,13 @@
++import os
++import sys
++
++for path in [
++    '<%= basedir %>/sourcecode/pkgme-binary',
++    '<%= basedir %>/sourcecode/pkgme',
++    '<%= basedir %>/django_project',
++    '<%= basedir %>/src',
++    '<%= basedir %>',
++    ]:
++    sys.path.insert(0, path)
++
++os.environ['PKGME_LOG_DIR'] = '<%= basedir %>'
 === modified file 'fabtasks/__init__.py'
 --- fabtasks/__init__.py	2011-08-29 23:50:07 +0000
 +++ fabtasks/__init__.py	2012-01-18 23:50:28 +0000
@@ -1,2 +1,3 @@
  from .bootstrap import *
++from .deploy import *
  from .django import *
 === added file 'fabtasks/deploy.py'
 --- fabtasks/deploy.py	1970-01-01 00:00:00 +0000
 +++ fabtasks/deploy.py	2012-01-18 23:50:28 +0000
@@ -0,0 +1,256 @@
++from datetime import datetime
++import os
++import subprocess
++import time
++
++from fabric.api import env, run
++from fabric.utils import abort, puts
++
++from boto import ec2
++
++
++RELEASE = 'lucid'
++ARCH = 'amd64'
++FS_TYPE = 'ebs'
++INSTANCE_TYPE = 't1.micro'
++USERNAME = 'ubuntu'
++REGION_NAME = 'us-east-1'
++
++NAME_PREFIX = "fab/pkgme-service"
++
++
++def _get_aws_credentials():
++    """Get the AWS credentials for the user from ~/.ec2/aws_id.
++
++    :returns: a tuple of access key id, secret access key
++    """
++    key_id = None
++    secret_access_key = None
++    with open(os.path.expanduser("~/.ec2/aws_id")) as f:
++        for i, line in enumerate(f.readlines()):
++            if i == 0:
++               key_id = line.strip()
++            if i == 1:
++               secret_access_key = line.strip()
++    if key_id is None:
++        raise AssertionError("Missing key id in ~/.ec2/aws_id")
++    if secret_access_key is None:
++        raise AssertionError("Missing secret access key in ~/.ec2/aws_id")
++    return key_id, secret_access_key
++
++
++def _get_ami_id(region_name):
++    """Get the AMI to use for a particular region.
++
++    This consults the ubuntu-cloudimg-query tool to find out the best
++    AMI to use for a particular region.
++
++    :returns: the ami id (as a string)
++    """
++    proc = subprocess.Popen(
++        ['ubuntu-cloudimg-query', RELEASE, ARCH, FS_TYPE, region_name],
++        stdout=subprocess.PIPE)
++    stdout, _ = proc.communicate()
++    if proc.returncode != 0:
++        raise AssertionError("calling ubuntu-cloudimg-query failed")
++    return stdout.strip()
++
++
++def _new_ec2_instance(keypair):
++    """Starts a new ec2 instance, giving the specified keypair access.
++
++    This will use the AWS credentials from ~/.ec2/aws_id, and the
++    AMI recommended by ubuntu-cloudimg-query.
++
++    :returns: the boto Instance object of the launched instance. It
++        will be in a state where it can be accessed over ssh.
++    """
++    key_id, secret_access_key = _get_aws_credentials()
++    ami_id = _get_ami_id(REGION_NAME)
++    conn = ec2.connect_to_region(REGION_NAME, aws_access_key_id=key_id,
++        aws_secret_access_key=secret_access_key)
++    image = conn.get_image(ami_id)
++    reservation = image.run(instance_type=INSTANCE_TYPE, key_name=keypair)
++    instance = reservation.instances[0]
++    puts("Waiting for instance %s to start..." % instance.id)
++    while True:
++        time.sleep(10)
++        instance.update()
++        if instance.state != 'pending':
++           break
++    if instance.state != 'running':
++        raise AssertionError("Instance failed to start")
++    puts("Instance started as %s" % instance.dns_name)
++    puts("Waiting for ssh to come up")
++    # FIXME: use something better than a sleep to determine this.
++    time.sleep(30)
++    now = datetime.utcnow()
++    instance.add_tag("name", "%s/%s" % (NAME_PREFIX, now.isoformat()))
++    return instance
++
++
++def deploy_to_ec2(branch="lp:pkgme-service", use_staging_deps=True, pkgme_branch="lp:pkgme", pkgme_binary_branch="lp:pkgme-binary", keypair='ec2-keypair'):
++    """Deploy to a new ec2 instance.
++
++    This command will spin up an ec2 instance, and deploy to it.
++
++    To run this command you must first set up an ec2 account.
++
++        http://aws.amazon.com/ec2/
++
++    Once you have that create access keys for this to use. Go to
++
++        https://aws-portal.amazon.com/gp/aws/developer/account?ie=UTF8&action=access-key
++
++    and create an access key. Then create a file at ~/.ec2/aws_id and
++    put the "Access Key ID" on the first line, and the "Secret Access Key" on
++    the second line (with nothing else on either line.)
++
++    Next you will need an ec2 keypair. Go to the EC2 console at
++
++        https://console.aws.amazon.com/ec2/home?region=us-east-1
++
++    click on "Key Pairs" and then "Create Key Pair", name the keypair "ec2-keypair".
++    Save the resulting file as
++
++        ~/.ec2/ec2-keypair.pem
++
++    Now you are ready to deploy, so run
++
++       fab deploy_to_ec2:keypair=ec2-keypair -i ~/.ec2/ec2-keypair.pem
++
++    and wait.
++
++    Note that you will be responsible for terminating the instance after
++    use (see the destroy_ec2_instances command.)
++
++    You can also specify the following arguments:
++
++      * branch: the branch to deploy, defaults to lp:pkgme-service. To
++          test some in-progress work push to lp:~you/pkgme-service/something
++          and then specify that as the branch.
++
++      * pkgme_branch: the branch of pkgme to deploy, defaults to
++        lp:pkgme.
++
++      * pkgme_binary_branch: the branch of pkgme-binary to deploy,
++        defaults to lp:pkgme-binary.
++
++      * use_staging_deps: whether to use the staging PPA for
++        dependencies, as well as the production one, defaults to True.
++
++    Arguments are all specified by attaching them to the command name, e.g.
++
++      fab deploy_to_ec2:keypair=ec2-keypair,branch=lp:~me/pkgme-service/something
++    """
++    instance = _new_ec2_instance(keypair)
++    _set_instance_as_host(instance)
++    deploy_to_existing(branch=branch, use_staging_deps=use_staging_deps, pkgme_branch=pkgme_branch, pkgme_binary_branch=pkgme_binary_branch)
++
++
++def _set_instance_as_host(instance):
++    """Set the host to be acted on by fab to this instance."""
++    env.host_string = "%s@%s:22" % (USERNAME, instance.dns_name)
++
++
++def deploy_to_existing(branch="lp:pkgme-service", use_staging_deps=True, pkgme_branch="lp:pkgme", pkgme_binary_branch="lp:pkgme-binary"):
++    """Deploy to an existing instance.
++
++    This command will deploy to an existing instance. Don't use it on an
++    instance you care about as it may overwrite anything.
++
++    To specify the host to deploy to use the -H option of fab:
++
++      fab -H ubuntu@<host> deploy_to_existing
++
++    You can also specify the following arguments:
++
++      * branch: the branch to deploy, defaults to lp:pkgme-service. To
++          test some in-progress work push to lp:~you/pkgme-service/something
++          and then specify that as the branch.
++
++      * pkgme_branch: the branch of pkgme to deploy, defaults to
++        lp:pkgme.
++
++      * pkgme_binary_branch: the branch of pkgme-binary to deploy,
++        defaults to lp:pkgme-binary.
++
++      * use_staging_deps: whether to use the staging PPA for
++        dependencies, as well as the production one, defaults to True.
++
++    Arguments are all specified by attaching them to the command name, e.g.
++
++      fab deploy_to_ec2:keypair=ec2-keypair,branch=lp:~me/pkgme-service/something
++    """
++    # Get the puppet used by IS
++    run('sudo add-apt-repository ppa:canonical-sysadmins/puppet')
++    # Add our dependency PPA
++    run('sudo add-apt-repository ppa:canonical-ca-hackers/production')
++    if use_staging_deps:
++        # Add our dependency staging PPA
++        run('sudo add-apt-repository ppa:canonical-ca-hackers/staging')
++    run('sudo apt-get update -q')
++    # Upgrade the base system in case we are shipping any updates in
++    # our PPAs
++    run('sudo apt-get dist-upgrade -q -y --force-yes')
++    # Avoid a debconf note when installing rabbitmq-server on lucid
++    run('echo "rabbitmq-server rabbitmq-server/upgrade_previous note" | sudo debconf-set-selections')
++    # Install the dependencies needed to get puppet going
++    # TODO: move the rest of the dependencies to puppet
++    run('sudo apt-get install -q -y --force-yes pkgme-service-dependencies bzr apache2 libapache2-mod-wsgi rabbitmq-server postgresql-8.4 puppet')
++    # Grab the branches
++    # TODO: investigate re-using IS' config-manager config
++    run('bzr branch -q %s pkgme-service' % branch)
++    run('bzr branch -q %s pkgme-service/sourcecode/pkgme' % pkgme_branch)
++    run('bzr branch -q %s pkgme-service/sourcecode/pkgme-binary' % pkgme_binary_branch)
++    run('cd pkgme-service/sourcecode/pkgme && python setup.py build')
++    run('cd pkgme-service/sourcecode/pkgme-binary && python setup.py build')
++    # Grab canonical-memento and use it?
++    # Run puppet to set everything else up.
++    run('./pkgme-service/example_config/apply')
++
++
++def _get_started_ec2_instances():
++    """Get the ec2 instances started from here."""
++    key_id, secret_access_key = _get_aws_credentials()
++    conn = ec2.connect_to_region(REGION_NAME, aws_access_key_id=key_id,
++        aws_secret_access_key=secret_access_key)
++    for reservation in conn.get_all_instances():
++        for instance in reservation.instances:
++            if instance.state == 'running':
++                tags = getattr(instance, "tags", {})
++                if "name" in tags:
++                    name = tags["name"]
++                    if name.startswith(NAME_PREFIX):
++                        yield instance
++
++
++def destroy_ec2_instances():
++    """Destroy any ec2 instances created by this deployment."""
++    for instance in _get_started_ec2_instances():
++        puts("Stopping %s" % instance.id)
++        instance.terminate()
++
++
++def last_ec2_launched():
++    """Cause other commands to act on the last ec2 instance launched from here.
++
++    Use this in a list of commands to have the rest of the commands act on the
++    last ec2 instance launched with deploy_to_ec2, e.g.
++
++        fab -i ~/.ec2/ec2-keypair.pem last_ec2_launched -- ls
++
++    This will then run ls on that instance.
++    """
++    def get_date(instance):
++        return instance.tags["name"][len(NAME_PREFIX):]
++    last_instance = None
++    for instance in _get_started_ec2_instances():
++        if last_instance is None:
++            last_instance = instance
++        else:
++            if get_date(instance) > get_date(last_instance):
++                last_instance = instance
++    if last_instance is None:
++        abort("No instances found.")
++    _set_instance_as_host(last_instance)