Class: Azure::Role

Inherits:

Object

• Object
• Azure::Role

Includes:

AzureUtility

Defined in:

lib/azure/service_management/role.rb

Constant Summary

TCP_ENDPOINTS_MAPPING =

{ '3389' => 'Remote Desktop',
'5986' => 'PowerShell',
'22' => 'SSH',
'21' => 'FTP',
'25' => 'SMTP',
'53' => 'DNS',
'80' => 'HTTP',
'110' => 'POP3',
'143' => 'IMAP',
'389' => 'LDAP',
'443' => 'HTTPs',
'587' => 'SMTPS',
'995' => 'POP3S',
'993' => 'IMAPS',
'1433' => 'MSSQL',
'3306' => 'MySQL'
}

Instance Attribute Summary

• #connection ⇒ Object

  Returns the value of attribute connection.

• #deployname ⇒ Object

  Returns the value of attribute deployname.

• #hostedservicename ⇒ Object

  Returns the value of attribute hostedservicename.

• #hostname ⇒ Object

  Returns the value of attribute hostname.

• #ipaddress ⇒ Object

  Returns the value of attribute ipaddress.

• #name ⇒ Object

  Returns the value of attribute name.

• #os_type ⇒ Object

  Returns the value of attribute os_type.

• #os_version ⇒ Object

  Returns the value of attribute os_version.

• #publicipaddress ⇒ Object

  Returns the value of attribute publicipaddress.

• #role_xml ⇒ Object

  Returns the value of attribute role_xml.

• #size ⇒ Object

  Returns the value of attribute size.

• #sshport ⇒ Object

  Returns the value of attribute sshport.

• #status ⇒ Object

  Returns the value of attribute status.

• #tcpports ⇒ Object

  Returns the value of attribute tcpports.

• #thumbprint ⇒ Object

  Returns the value of attribute thumbprint.

• #udpports ⇒ Object

  Returns the value of attribute udpports.

• #winrmport ⇒ Object

  Returns the value of attribute winrmport.

Instance Method Summary

• #add_endpoints_to_xml(xml, endpoints, params) ⇒ Object
• #create(params, roleXML) ⇒ Object
• #fetch_thumbprint ⇒ Object
• #find_deploy(params) ⇒ Object
• #initialize(connection) ⇒ Role constructor

  A new instance of Role.

• #parse(roleXML, hostedservicename, deployname) ⇒ Object
• #parse_endpoint_from_params(protocol, azure_vm_name, endpoint_param_string) ⇒ Object

  Expects endpoint_param_string to be in the form localport:publicport:lb_set_name:lb_probe_path Only localport is mandatory.

• #parse_role_list_xml(roleListXML) ⇒ Object
• #setup(params) ⇒ Object
• #setup_extension(params) ⇒ Object
• #update(name, params, roleXML) ⇒ Object
• #update_role_xml_for_extension(roleXML, params) ⇒ Object

Methods included from AzureUtility

#error_from_response_xml, #xml_content

Constructor Details

#initialize(connection) ⇒ Role

Returns a new instance of Role.

# File 'lib/azure/service_management/role.rb', line 205

def initialize(connection)
  @connection = connection
end

Instance Attribute Details

#connection ⇒ Object

Returns the value of attribute connection.

# File 'lib/azure/service_management/role.rb', line 181

def connection
  @connection
end

#deployname ⇒ Object

Returns the value of attribute deployname.

# File 'lib/azure/service_management/role.rb', line 182

def deployname
  @deployname
end

#hostedservicename ⇒ Object

Returns the value of attribute hostedservicename.

# File 'lib/azure/service_management/role.rb', line 182

def hostedservicename
  @hostedservicename
end

#hostname ⇒ Object

Returns the value of attribute hostname.

# File 'lib/azure/service_management/role.rb', line 184

def hostname
  @hostname
end

#ipaddress ⇒ Object

Returns the value of attribute ipaddress.

# File 'lib/azure/service_management/role.rb', line 181

def ipaddress
  @ipaddress
end

#name ⇒ Object

Returns the value of attribute name.

# File 'lib/azure/service_management/role.rb', line 181

def name
  @name
end

#os_type ⇒ Object

Returns the value of attribute os_type.

# File 'lib/azure/service_management/role.rb', line 185

def os_type
  @os_type
end

#os_version ⇒ Object

Returns the value of attribute os_version.

# File 'lib/azure/service_management/role.rb', line 185

def os_version
  @os_version
end

#publicipaddress ⇒ Object

Returns the value of attribute publicipaddress.

# File 'lib/azure/service_management/role.rb', line 181

def publicipaddress
  @publicipaddress
end

#role_xml ⇒ Object

Returns the value of attribute role_xml.

# File 'lib/azure/service_management/role.rb', line 185

def role_xml
  @role_xml
end

#size ⇒ Object

Returns the value of attribute size.

# File 'lib/azure/service_management/role.rb', line 181

def size
  @size
end

#sshport ⇒ Object

Returns the value of attribute sshport.

# File 'lib/azure/service_management/role.rb', line 182

def sshport
  @sshport
end

#status ⇒ Object

Returns the value of attribute status.

# File 'lib/azure/service_management/role.rb', line 181

def status
  @status
end

#tcpports ⇒ Object

Returns the value of attribute tcpports.

# File 'lib/azure/service_management/role.rb', line 184

def tcpports
  @tcpports
end

#thumbprint ⇒ Object

Returns the value of attribute thumbprint.

# File 'lib/azure/service_management/role.rb', line 182

def thumbprint
  @thumbprint
end

#udpports ⇒ Object

Returns the value of attribute udpports.

# File 'lib/azure/service_management/role.rb', line 184

def udpports
  @udpports
end

#winrmport ⇒ Object

Returns the value of attribute winrmport.

# File 'lib/azure/service_management/role.rb', line 183

def winrmport
  @winrmport
end

Instance Method Details

#add_endpoints_to_xml(xml, endpoints, params) ⇒ Object

# File 'lib/azure/service_management/role.rb', line 279

def add_endpoints_to_xml(xml, endpoints, params)
  existing_endpoints = find_deploy(params).input_endpoints

  endpoints.each do |ep|

    if existing_endpoints
      existing_endpoints.each do |eep|
        ep = eep if eep['LoadBalancedEndpointSetName'] && ep['LoadBalancedEndpointSetName'] && ( eep['LoadBalancedEndpointSetName'] == ep['LoadBalancedEndpointSetName'] )
      end
    end

    if ep['Port'] == params[:port] && ep['Protocol'].downcase == 'tcp'
      puts("Skipping tcp-endpoints: #{ep['LocalPort']} because this port is already in use by ssh/winrm endpoint in current VM.")
      next
    end

    xml.InputEndpoint {
      xml.LoadBalancedEndpointSetName ep['LoadBalancedEndpointSetName'] if ep['LoadBalancedEndpointSetName']
      xml.LocalPort ep['LocalPort']
      xml.Name ep['Name']
      xml.Port ep['Port']
      if ep['LoadBalancerProbe']
        xml.LoadBalancerProbe {
          xml.Path ep['LoadBalancerProbe']['Path'] if ep['LoadBalancerProbe']['Path']
          xml.Port ep['LoadBalancerProbe']['Port']
          xml.Protocol ep['LoadBalancerProbe']['Protocol']
          xml.IntervalInSeconds ep['LoadBalancerProbe']['IntervalInSeconds'] if ep['LoadBalancerProbe']['IntervalInSeconds']
          xml.TimeoutInSeconds ep['LoadBalancerProbe']['TimeoutInSeconds'] if ep['LoadBalancerProbe']['TimeoutInSeconds']
        }
      end
      xml.Protocol ep['Protocol']
      xml.EnableDirectServerReturn ep['EnableDirectServerReturn'] if ep['EnableDirectServerReturn']
      xml.LoadBalancerName ep['LoadBalancerName'] if ep['LoadBalancerName']
      xml.IdleTimeoutInMinutes ep['IdleTimeoutInMinutes'] if ep['IdleTimeoutInMinutes']
    }
  end
end

#create(params, roleXML) ⇒ Object

# File 'lib/azure/service_management/role.rb', line 560

def create(params, roleXML)
  servicecall = "hostedservices/#{params[:azure_dns_name]}/deployments" +
  "/#{params['deploy_name']}/roles"
  @connection.query_azure(servicecall, "post", roleXML.to_xml)
end

#fetch_thumbprint ⇒ Object

# File 'lib/azure/service_management/role.rb', line 317

def fetch_thumbprint
  query_result = connection.query_azure("hostedservices/#{@hostedservicename}/deployments/#{@hostedservicename}/roles/#{@name}")
  query_result.at_css("DefaultWinRmCertificateThumbprint").nil? ? '' : query_result.at_css("DefaultWinRmCertificateThumbprint").text
end

#find_deploy(params) ⇒ Object

# File 'lib/azure/service_management/role.rb', line 275

def find_deploy(params)
  @connection.hosts.find(params[:azure_dns_name]).deploys[0] # TODO this relies on the 'production only' bug.
end

#parse(roleXML, hostedservicename, deployname) ⇒ Object

# File 'lib/azure/service_management/role.rb', line 209

def parse(roleXML, hostedservicename, deployname)
  @name = xml_content(roleXML, 'RoleName')
  @status = xml_content(roleXML, 'InstanceStatus')
  @size = xml_content(roleXML, 'InstanceSize')
  @ipaddress = xml_content(roleXML, 'IpAddress')
  @hostname = xml_content(roleXML, 'HostName')
  @hostedservicename = hostedservicename
  @deployname = deployname
  @thumbprint = fetch_thumbprint
  @tcpports = Array.new
  @udpports = Array.new

  endpoints = roleXML.css('InstanceEndpoint')
  @publicipaddress = xml_content(endpoints[0], 'Vip') if !endpoints.empty?
  endpoints.each do |endpoint|
    if xml_content(endpoint, 'Name').downcase == 'ssh'
      @sshport = xml_content(endpoint, 'PublicPort')
    elsif xml_content(endpoint, 'Name').downcase == 'winrm'
      @winrmport = xml_content(endpoint, 'PublicPort')
    else
      hash = Hash.new
      hash['Name'] = xml_content(endpoint, 'Name')
      hash['Vip'] = xml_content(endpoint, 'Vip')
      hash['PublicPort'] = xml_content(endpoint, 'PublicPort')
      hash['LocalPort'] = xml_content(endpoint, 'LocalPort')

      if xml_content(endpoint, 'Protocol') == 'tcp'
        @tcpports << hash
      else # == 'udp'
        @udpports << hash
      end
    end
  end
end

#parse_endpoint_from_params(protocol, azure_vm_name, endpoint_param_string) ⇒ Object

Expects endpoint_param_string to be in the form localport:publicport:lb_set_name:lb_probe_path Only localport is mandatory.

# File 'lib/azure/service_management/role.rb', line 253

def parse_endpoint_from_params(protocol, azure_vm_name, endpoint_param_string)
  fields = endpoint_param_string.split(':').map(&:strip)
  hash = {}
  hash['LocalPort'] = fields[0]
  hash['Port'] = fields[1] || fields[0]
  hash['LoadBalancerName'] = fields[2] if fields[2] != 'EXTERNAL' # TODO: hackity hack.. Shouldn't use magic words.
  hash['LoadBalancedEndpointSetName'] = fields[3]
  hash['Protocol'] = protocol
  if TCP_ENDPOINTS_MAPPING.include?(hash['Port']) && protocol == 'TCP'
    hash['Name'] = TCP_ENDPOINTS_MAPPING[hash['Port']]
  else
    hash['Name'] = "#{protocol}Endpoint_chef_#{fields[0]}"
  end
  if fields[2]
    hash['LoadBalancerProbe'] = {}
    hash['LoadBalancerProbe']['Path'] = fields[4]
    hash['LoadBalancerProbe']['Port'] = fields[0]
    hash['LoadBalancerProbe']['Protocol'] = fields[4] ? 'HTTP' : protocol
  end
  hash
end

#parse_role_list_xml(roleListXML) ⇒ Object

# File 'lib/azure/service_management/role.rb', line 244

def parse_role_list_xml(roleListXML)
  @role_xml = roleListXML
  os_disk_xml = roleListXML.css('OSVirtualHardDisk')
  @os_type = xml_content(os_disk_xml, 'OS')
  @os_version = xml_content(os_disk_xml, 'SourceImageName')
end

#setup(params) ⇒ Object

# File 'lib/azure/service_management/role.rb', line 322

def setup(params)
  azure_user_domain_name = params[:azure_user_domain_name] || params[:azure_domain_name]
  builder = Nokogiri::XML::Builder.new do |xml|
    xml.PersistentVMRole(
      'xmlns'=>'http://schemas.microsoft.com/windowsazure',
      'xmlns:i'=>'http://www.w3.org/2001/XMLSchema-instance'
    ) {
      xml.RoleName {xml.text params[:azure_vm_name]}
      xml.OsVersion('i:nil' => 'true')
      xml.RoleType 'PersistentVMRole'

      xml.ConfigurationSets {
        if params[:os_type] == 'Linux'
          xml.ConfigurationSet('i:type' => 'LinuxProvisioningConfigurationSet') {
            xml.ConfigurationSetType 'LinuxProvisioningConfiguration'
            xml.HostName params[:azure_vm_name]
            xml.UserName params[:ssh_user]
            unless params[:identity_file].nil?
              xml.DisableSshPasswordAuthentication 'true'
              xml.SSH {
                 xml.PublicKeys {
                   xml.PublicKey {
                     xml.Fingerprint params[:fingerprint].to_s.upcase
                     xml.Path '/home/' + params[:ssh_user] + '/.ssh/authorized_keys'
                   }
                 }
              }
            else
              xml.UserPassword params[:ssh_password]
              xml.DisableSshPasswordAuthentication 'false'
            end
          }
        elsif params[:os_type] == 'Windows'
          xml.ConfigurationSet('i:type' => 'WindowsProvisioningConfigurationSet') {
            xml.ConfigurationSetType 'WindowsProvisioningConfiguration'
            xml.ComputerName params[:azure_vm_name]
            xml.AdminPassword params[:admin_password]
            xml.ResetPasswordOnFirstLogon 'false'
            xml.EnableAutomaticUpdates 'false'
            if params[:azure_domain_name]
              xml.DomainJoin {
                xml.Credentials {
                  xml.Domain azure_user_domain_name
                 xml.Username params[:azure_domain_user]
                xml.Password params[:azure_domain_passwd]
               }
               xml.JoinDomain params[:azure_domain_name]
               xml.MachineObjectOU params[:azure_domain_ou_dn] if params[:azure_domain_ou_dn]
              }
            end
              if params[:bootstrap_proto].downcase == 'winrm'
                if params[:ssl_cert_fingerprint]
                  xml.StoredCertificateSettings {
                    xml.CertificateSetting {
                      xml.StoreLocation "LocalMachine"
                      xml.StoreName "My"
                      xml.Thumbprint params[:ssl_cert_fingerprint]
                    }
                  }
                end
                xml.WinRM {
                  xml.Listeners {
                   if params[:winrm_transport] == "ssl" || params[:ssl_cert_fingerprint]
                    xml.Listener {
                      xml.CertificateThumbprint params[:ssl_cert_fingerprint] if params[:ssl_cert_fingerprint]
                      xml.Protocol 'Https'
                    }
                    else
                    xml.Listener {
                      xml.Protocol 'Http'
                    }
                    end
                  }
                }
              end
            xml.AdminUsername params[:winrm_user]
            if params[:bootstrap_proto].downcase == 'winrm' && (params[:winrm_max_timeout] || params[:winrm_max_memoryPerShell])
              xml.AdditionalUnattendContent {
                xml.Passes {
                  xml.UnattendPass {
                    xml.PassName 'oobeSystem'
                    xml.Components {
                      xml.UnattendComponent {
                        xml.ComponentName 'Microsoft-Windows-Shell-Setup'
                        xml.ComponentSettings {
                          xml.ComponentSetting {
                            xml.SettingName 'AutoLogon'
                            xml.Content Base64.encode64(
                              Nokogiri::XML::Builder.new do |auto_logon_xml|
                                auto_logon_xml.AutoLogon {
                                  auto_logon_xml.Username params[:winrm_user]
                                  auto_logon_xml.Password {
                                    auto_logon_xml.Value params[:admin_password]
                                    auto_logon_xml.PlainText true
                                  }
                                  auto_logon_xml.LogonCount 1
                                  auto_logon_xml.Enabled true
                                }
                              end.to_xml(save_with: Nokogiri::XML::Node::SaveOptions::NO_DECLARATION)
                            ).strip
                          }
                          xml.ComponentSetting {
                            xml.SettingName 'FirstLogonCommands'
                            xml.Content Base64.encode64(
                              Nokogiri::XML::Builder.new do |first_logon_xml|
                                first_logon_xml.FirstLogonCommands {
                                  if params[:winrm_max_timeout]
                                    first_logon_xml.SynchronousCommand('wcm:action' => 'add') {
                                      first_logon_xml.Order 1
                                      first_logon_xml.CommandLine "cmd.exe /c winrm set winrm/config @{MaxTimeoutms=\"#{params[:winrm_max_timeout]}\"}"
                                      first_logon_xml.Description "Bump WinRM max timeout to #{params[:winrm_max_timeout]} milliseconds"
                                    }
                                  end

                                  if params[:winrm_max_memoryPerShell]
                                    first_logon_xml.SynchronousCommand('wcm:action' => 'add') {
                                      first_logon_xml.Order 2
                                      first_logon_xml.CommandLine "cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB=\"#{params[:winrm_max_memoryPerShell]}\"}"
                                      first_logon_xml.Description "Bump WinRM max memory per shell to #{params[:winrm_max_memoryPerShell]} MB"
                                    }
                                  end
                                }
                              end.to_xml(save_with: Nokogiri::XML::Node::SaveOptions::NO_DECLARATION)
                            ).strip
                          }
                        }
                      }
                    }
                  }
                }
              }
            end
          }
        end

        xml.ConfigurationSet('i:type' => 'NetworkConfigurationSet') {
          xml.ConfigurationSetType 'NetworkConfiguration'
          xml.InputEndpoints {

            #1. bootstrap_proto = 'winrm' for windows => Set winrm port
            #2. bootstrap_proto = 'ssh' for windows and linux => Set ssh port
            #3. bootstrap_proto = 'cloud-api' for windows and linux => Set no port
            if params[:os_type] == 'Windows' and params[:bootstrap_proto].downcase == 'winrm'
              xml.InputEndpoint {
              if params[:winrm_transport] == "ssl"
                xml.LocalPort '5986'
              else
                xml.LocalPort '5985'
              end
              xml.Name 'WinRM'
              xml.Port params[:port]
              xml.Protocol 'TCP'
            }
            elsif(params[:bootstrap_proto].downcase == 'ssh')
              xml.InputEndpoint {
              xml.LocalPort '22'
              xml.Name 'SSH'
              xml.Port params[:port]
              xml.Protocol 'TCP'
            }
            end
            all_endpoints = Array.new

            if params[:tcp_endpoints]
              params[:tcp_endpoints].split(',').map(&:strip).each do |endpoint|
                all_endpoints << parse_endpoint_from_params('TCP', params[:azure_vm_name], endpoint)
              end
            end
            if params[:udp_endpoints]
              params[:udp_endpoints].split(',').map(&:strip).each do |endpoint|
                all_endpoints << parse_endpoint_from_params('UDP', params[:azure_vm_name], endpoint)
              end
            end
            add_endpoints_to_xml(xml, all_endpoints, params) if all_endpoints.any?
          }
          if params[:azure_subnet_name]
            xml.SubnetNames {
              xml.SubnetName params[:azure_subnet_name]
            }
          end
        }
      }

      # Azure resource extension support
      if params[:bootstrap_proto] == 'cloud-api'
        xml.ResourceExtensionReferences {
          xml.ResourceExtensionReference {
            xml.ReferenceName params[:chef_extension]
            xml.Publisher params[:chef_extension_publisher]
            xml.Name params[:chef_extension]
            xml.Version params[:chef_extension_version]
            xml.ResourceExtensionParameterValues {
              if params[:chef_extension_public_param]
                xml.ResourceExtensionParameterValue {
                  xml.Key "PublicParams"
                  xml.Value Base64.encode64(params[:chef_extension_public_param].to_json)
                  xml.Type "Public"
                }
              end
              if params[:chef_extension_private_param]
                xml.ResourceExtensionParameterValue {
                  xml.Key "PrivateParams"
                  xml.Value Base64.encode64(params[:chef_extension_private_param].to_json)
                  xml.Type "Private"
                }
              end
            }
            xml.State "Enable"
          }
        }
      end

      if params[:azure_availability_set]
        xml.AvailabilitySetName params[:azure_availability_set]
      end

      xml.VMImageName params[:azure_source_image] if params[:is_vm_image]

      xml.Label Base64.encode64(params[:azure_vm_name]).strip

      #OSVirtualHardDisk not required in case azure_source_image is a VMImage
      unless(params[:is_vm_image])
        xml.OSVirtualHardDisk {
          disk_name = params[:azure_os_disk_name] || "disk_" + SecureRandom.uuid
          xml.DiskName disk_name
          domain_suffix = params[:azure_api_host_name] ? params[:azure_api_host_name].scan(/core.*/)[0] : ''
          xml.MediaLink 'http://' + params[:azure_storage_account] + '.blob.' + domain_suffix + '/vhds/' + disk_name + '.vhd'
          xml.SourceImageName params[:azure_source_image]
        }
      end

      xml.RoleSize params[:azure_vm_size]
      xml.ProvisionGuestAgent true if params[:bootstrap_proto] == 'cloud-api'
    }
  end
  builder.doc
end

#setup_extension(params) ⇒ Object

# File 'lib/azure/service_management/role.rb', line 566

def setup_extension(params)
  ## add Chef Extension config in role_xml retrieved from the server
  puts "Adding Chef Extension config in server role..."
  role_xml = update_role_xml_for_extension(params[:role_xml], params)

  ## role_xml can't be used for update as it has additional tags like
  ## role_name, osversion etc. which update API does not support, also the
  ## xml is the child of parent node 'Deployment' in XML, so instead of
  ## modifying the role_xml to fit for our requirements, we create
  ## new XML (with Chef Extension config and other pre-existing VM config)
  ## using the required values of the updated role_xml
  builder = Nokogiri::XML::Builder.new do |xml|
    xml.PersistentVMRole(
      'xmlns' => 'http://schemas.microsoft.com/windowsazure',
      'xmlns:i' => 'http://www.w3.org/2001/XMLSchema-instance'
    ) {
        xml.ConfigurationSets role_xml.at_css('ConfigurationSets').children if !role_xml.at_css('ConfigurationSets').nil?
        xml.ResourceExtensionReferences role_xml.at_css('ResourceExtensionReferences').children if !role_xml.at_css('ResourceExtensionReferences').nil?
        xml.AvailabilitySetName role_xml.at_css('AvailabilitySetName').children if !role_xml.at_css('AvailabilitySetName').nil?
        xml.DataVirtualHardDisks role_xml.at_css('DataVirtualHardDisks').children if !role_xml.at_css('DataVirtualHardDisks').nil?
        xml.OSVirtualHardDisk role_xml.at_css('OSVirtualHardDisk').children if !role_xml.at_css('OSVirtualHardDisk').nil?
        xml.RoleSize role_xml.at_css('RoleSize').children if !role_xml.at_css('RoleSize').nil?
        xml.ProvisionGuestAgent role_xml.at_css('ProvisionGuestAgent').children if !role_xml.at_css('ProvisionGuestAgent').nil?
    }
  end

  builder.doc.to_xml.gsub("&lt\;","<").gsub("&gt\;",">")
end

#update(name, params, roleXML) ⇒ Object

# File 'lib/azure/service_management/role.rb', line 707

def update(name, params, roleXML)
  puts "Updating server role..."
  servicecall = "hostedservices/#{params[:azure_dns_name]}" +
  "/deployments/#{params[:deploy_name]}/roles/#{name}"
  ret_val = @connection.query_azure(servicecall, 'put', roleXML, '', true, true, 'application/xml')
  error_code, error_message = error_from_response_xml(ret_val)
  if error_code.length > 0
    Chef::Log.debug(ret_val.to_s)
    raise 'Unable to update role:' + error_code + ' : ' + error_message
  end
end

#update_role_xml_for_extension(roleXML, params) ⇒ Object

# File 'lib/azure/service_management/role.rb', line 595

def update_role_xml_for_extension(roleXML, params)
  ## check if 'ResourceExtensionReferences' node already exist in the XML,
  ## if no add it, else retrieve the object of the existing node
  add_resource_extension_references = roleXML.at_css('ResourceExtensionReferences').nil?

  if add_resource_extension_references
    resource_extension_references = Nokogiri::XML::Node.new('ResourceExtensionReferences', roleXML)
  else
    resource_extension_references = roleXML.css('ResourceExtensionReferences')
  end

  ## check if Azure Chef Extension is already installed on the given server,
  ## if no than install it, else raise error saying that the extension is
  ## already installed
  ext = nil
  if !add_resource_extension_references
    if !resource_extension_references.at_css('ReferenceName').nil?
      resource_extension_references.css('ReferenceName').each { |node| ext = node if node.content == params[:chef_extension] }
    end
  end

  add_resource_extension_reference = ext.nil?

  ## create Azure Chef Extension config and add it in the role_xml
  if add_resource_extension_reference
    resource_extension_reference = Nokogiri::XML::Node.new('ResourceExtensionReference', roleXML)

    reference_name = Nokogiri::XML::Node.new('ReferenceName', roleXML)
    reference_name.content = params[:chef_extension]
    resource_extension_reference.add_child(reference_name)

    publisher = Nokogiri::XML::Node.new('Publisher', roleXML)
    publisher.content = params[:chef_extension_publisher]
    resource_extension_reference.add_child(publisher)

    name = Nokogiri::XML::Node.new('Name', roleXML)
    name.content = params[:chef_extension]
    resource_extension_reference.add_child(name)

    version = Nokogiri::XML::Node.new('Version', roleXML)
    version.content = params[:chef_extension_version]
    resource_extension_reference.add_child(version)

    resource_extension_parameter_values = Nokogiri::XML::Node.new('ResourceExtensionParameterValues', roleXML)
    if params[:chef_extension_public_param]
      resource_extension_parameter_value = Nokogiri::XML::Node.new('ResourceExtensionParameterValue', roleXML)

      key = Nokogiri::XML::Node.new('Key', roleXML)
      key.content = 'PublicParams'
      resource_extension_parameter_value.add_child(key)

      value = Nokogiri::XML::Node.new('Value', roleXML)
      value.content = Base64.encode64(params[:chef_extension_public_param].to_json)
      resource_extension_parameter_value.add_child(value)

      type = Nokogiri::XML::Node.new('Type', roleXML)
      type.content = 'Public'
      resource_extension_parameter_value.add_child(type)

      resource_extension_parameter_values.add_child(resource_extension_parameter_value)
    end

    if params[:chef_extension_private_param]
      resource_extension_parameter_value = Nokogiri::XML::Node.new('ResourceExtensionParameterValue', roleXML)

      key = Nokogiri::XML::Node.new('Key', roleXML)
      key.content = 'PrivateParams'
      resource_extension_parameter_value.add_child(key)

      value = Nokogiri::XML::Node.new('Value', roleXML)
      value.content = Base64.encode64(params[:chef_extension_private_param].to_json)
      resource_extension_parameter_value.add_child(value)

      type = Nokogiri::XML::Node.new('Type', roleXML)
      type.content = 'Private'
      resource_extension_parameter_value.add_child(type)

      resource_extension_parameter_values.add_child(resource_extension_parameter_value)
    end

    resource_extension_reference.add_child(resource_extension_parameter_values)

    state = Nokogiri::XML::Node.new('State', roleXML)
    state.content = 'enable'
    resource_extension_reference.add_child(state)

    if add_resource_extension_references
      resource_extension_references.add_child(resource_extension_reference)
    else
      resource_extension_references.last.add_child(resource_extension_reference)
    end

    roleXML.add_child(resource_extension_references) if add_resource_extension_references

    add_provision_guest_agent = roleXML.at_css('ProvisionGuestAgent').nil?

    if add_provision_guest_agent
      provision_guest_agent = Nokogiri::XML::Node.new('ProvisionGuestAgent', roleXML)
      provision_guest_agent.content = true
    else
      provision_guest_agent = roleXML.css('ProvisionGuestAgent')
      provision_guest_agent.first.content = true
    end

    roleXML.add_child(provision_guest_agent) if add_provision_guest_agent
  else ## raise error as Chef Extension is already installed on the server
    raise "Chef Extension is already installed on the server #{params[:azure_vm_name]}."
  end

  roleXML
end