merge trunk

37 files changed, 1476 insertions, 201 deletions

diff --git a/nova/api/ec2/cloud.py b/nova/api/ec2/cloud.py
index 40a9da0e7..e257e44e7 100644
--- a/nova/api/ec2/cloud.py
+++ b/nova/api/ec2/cloud.py
@@ -959,7 +959,7 @@ class CloudController(object):
             raise exception.NotFound(_('Image %s not found') % image_id)
         internal_id = image['id']
         del(image['id'])
-        raise Exception(image)
+
         image['properties']['is_public'] = (operation_type == 'add')
         return self.image_service.update(context, internal_id, image)
 
diff --git a/nova/api/openstack/__init__.py b/nova/api/openstack/__init__.py
index ce3cff337..0244bc93c 100644
--- a/nova/api/openstack/__init__.py
+++ b/nova/api/openstack/__init__.py
@@ -128,8 +128,11 @@ class Versions(wsgi.Application):
     def __call__(self, req):
         """Respond to a request for all OpenStack API versions."""
         response = {
-                "versions": [
-                    dict(status="CURRENT", id="v1.0")]}
+            "versions": [
+                dict(status="DEPRECATED", id="v1.0"),
+                dict(status="CURRENT", id="v1.1"),
+            ],
+        }
         metadata = {
             "application/xml": {
                 "attributes": dict(version=["status", "id"])}}
diff --git a/nova/api/openstack/auth.py b/nova/api/openstack/auth.py
index f3a9bdeca..5aa5e099b 100644
--- a/nova/api/openstack/auth.py
+++ b/nova/api/openstack/auth.py
@@ -69,6 +69,8 @@ class AuthMiddleware(wsgi.Middleware):
             return faults.Fault(webob.exc.HTTPUnauthorized())
 
         req.environ['nova.context'] = context.RequestContext(user, account)
+        version = req.path.split('/')[1].replace('v', '')
+        req.environ['api.version'] = version
         return self.application
 
     def has_authentication(self, req):
diff --git a/nova/api/openstack/common.py b/nova/api/openstack/common.py
index 74ac21024..d6679de01 100644
--- a/nova/api/openstack/common.py
+++ b/nova/api/openstack/common.py
@@ -74,3 +74,7 @@ def get_image_id_from_image_hash(image_service, context, image_hash):
         if abs(hash(image_id)) == int(image_hash):
             return image_id
     raise exception.NotFound(image_hash)
+
+
+def get_api_version(req):
+    return req.environ.get('api.version')
diff --git a/nova/api/openstack/flavors.py b/nova/api/openstack/flavors.py
index f3d040ba3..1c440b3a9 100644
--- a/nova/api/openstack/flavors.py
+++ b/nova/api/openstack/flavors.py
@@ -36,7 +36,7 @@ class Controller(wsgi.Controller):
 
     def index(self, req):
         """Return all flavors in brief."""
-        return dict(flavors=[dict(id=flavor['id'], name=flavor['name'])
+        return dict(flavors=[dict(id=flavor['flavorid'], name=flavor['name'])
                              for flavor in self.detail(req)['flavors']])
 
     def detail(self, req):
@@ -48,6 +48,7 @@ class Controller(wsgi.Controller):
         """Return data about the given flavor id."""
         ctxt = req.environ['nova.context']
         values = db.instance_type_get_by_flavor_id(ctxt, id)
+        values['id'] = values['flavorid']
         return dict(flavor=values)
         raise faults.Fault(exc.HTTPNotFound())
 
diff --git a/nova/api/openstack/servers.py b/nova/api/openstack/servers.py
index dc28a0782..830bc2659 100644
--- a/nova/api/openstack/servers.py
+++ b/nova/api/openstack/servers.py
@@ -13,9 +13,11 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
+import base64
 import hashlib
 import json
 import traceback
+from xml.dom import minidom
 
 from webob import exc
 
@@ -27,70 +29,19 @@ from nova import wsgi
 from nova import utils
 from nova.api.openstack import common
 from nova.api.openstack import faults
+from nova.api.openstack.views import servers as servers_views
+from nova.api.openstack.views import addresses as addresses_views
 from nova.auth import manager as auth_manager
 from nova.compute import instance_types
 from nova.compute import power_state
+from nova.quota import QuotaError
 import nova.api.openstack
 
 
 LOG = logging.getLogger('server')
-
-
 FLAGS = flags.FLAGS
 
 
-def _translate_detail_keys(inst):
-    """ Coerces into dictionary format, mapping everything to Rackspace-like
-    attributes for return"""
-    power_mapping = {
-        None: 'build',
-        power_state.NOSTATE: 'build',
-        power_state.RUNNING: 'active',
-        power_state.BLOCKED: 'active',
-        power_state.SUSPENDED: 'suspended',
-        power_state.PAUSED: 'paused',
-        power_state.SHUTDOWN: 'active',
-        power_state.SHUTOFF: 'active',
-        power_state.CRASHED: 'error',
-        power_state.FAILED: 'error'}
-    inst_dict = {}
-
-    mapped_keys = dict(status='state', imageId='image_id',
-        flavorId='instance_type', name='display_name', id='id')
-
-    for k, v in mapped_keys.iteritems():
-        inst_dict[k] = inst[v]
-
-    inst_dict['status'] = power_mapping[inst_dict['status']]
-    inst_dict['addresses'] = dict(public=[], private=[])
-
-    # grab single private fixed ip
-    private_ips = utils.get_from_path(inst, 'fixed_ip/address')
-    inst_dict['addresses']['private'] = private_ips
-
-    # grab all public floating ips
-    public_ips = utils.get_from_path(inst, 'fixed_ip/floating_ips/address')
-    inst_dict['addresses']['public'] = public_ips
-
-    # Return the metadata as a dictionary
-    metadata = {}
-    for item in inst['metadata']:
-        metadata[item['key']] = item['value']
-    inst_dict['metadata'] = metadata
-
-    inst_dict['hostId'] = ''
-    if inst['host']:
-        inst_dict['hostId'] = hashlib.sha224(inst['host']).hexdigest()
-
-    return dict(server=inst_dict)
-
-
-def _translate_keys(inst):
-    """ Coerces into dictionary format, excluding all model attributes
-    save for id and name """
-    return dict(server=dict(id=inst['id'], name=inst['display_name']))
-
-
 class Controller(wsgi.Controller):
     """ The Server API controller for the OpenStack API """
 
@@ -98,36 +49,49 @@ class Controller(wsgi.Controller):
         'application/xml': {
             "attributes": {
                 "server": ["id", "imageId", "name", "flavorId", "hostId",
-                           "status", "progress", "adminPass"]}}}
+                           "status", "progress", "adminPass", "flavorRef",
+                           "imageRef"]}}}
 
     def __init__(self):
         self.compute_api = compute.API()
         self._image_service = utils.import_object(FLAGS.image_service)
         super(Controller, self).__init__()
 
+    def ips(self, req, id):
+        try:
+            instance = self.compute_api.get(req.environ['nova.context'], id)
+        except exception.NotFound:
+            return faults.Fault(exc.HTTPNotFound())
+
+        builder = addresses_views.get_view_builder(req)
+        return builder.build(instance)
+
     def index(self, req):
         """ Returns a list of server names and ids for a given user """
-        return self._items(req, entity_maker=_translate_keys)
+        return self._items(req, is_detail=False)
 
     def detail(self, req):
         """ Returns a list of server details for a given user """
-        return self._items(req, entity_maker=_translate_detail_keys)
+        return self._items(req, is_detail=True)
 
-    def _items(self, req, entity_maker):
+    def _items(self, req, is_detail):
         """Returns a list of servers for a given user.
 
-        entity_maker - either _translate_detail_keys or _translate_keys
+        builder - the response model builder
         """
         instance_list = self.compute_api.get_all(req.environ['nova.context'])
         limited_list = common.limited(instance_list, req)
-        res = [entity_maker(inst)['server'] for inst in limited_list]
-        return dict(servers=res)
+        builder = servers_views.get_view_builder(req)
+        servers = [builder.build(inst, is_detail)['server']
+                for inst in limited_list]
+        return dict(servers=servers)
 
     def show(self, req, id):
         """ Returns server details by server id """
         try:
             instance = self.compute_api.get(req.environ['nova.context'], id)
-            return _translate_detail_keys(instance)
+            builder = servers_views.get_view_builder(req)
+            return builder.build(instance, is_detail=True)
         except exception.NotFound:
             return faults.Fault(exc.HTTPNotFound())
 
@@ -141,15 +105,19 @@ class Controller(wsgi.Controller):
 
     def create(self, req):
         """ Creates a new server for a given user """
-        env = self._deserialize(req.body, req.get_content_type())
+        env = self._deserialize_create(req)
         if not env:
             return faults.Fault(exc.HTTPUnprocessableEntity())
 
         context = req.environ['nova.context']
+
+        key_name = None
+        key_data = None
         key_pairs = auth_manager.AuthManager.get_key_pairs(context)
-        if not key_pairs:
-            raise exception.NotFound(_("No keypairs defined"))
-        key_pair = key_pairs[0]
+        if key_pairs:
+            key_pair = key_pairs[0]
+            key_name = key_pair['name']
+            key_data = key_pair['public_key']
 
         image_id = common.get_image_id_from_image_hash(self._image_service,
             context, env['server']['imageId'])
@@ -166,20 +134,29 @@ class Controller(wsgi.Controller):
             for k, v in env['server']['metadata'].items():
                 metadata.append({'key': k, 'value': v})
 
-        instances = self.compute_api.create(
-            context,
-            instance_types.get_by_flavor_id(env['server']['flavorId']),
-            image_id,
-            kernel_id=kernel_id,
-            ramdisk_id=ramdisk_id,
-            display_name=env['server']['name'],
-            display_description=env['server']['name'],
-            key_name=key_pair['name'],
-            key_data=key_pair['public_key'],
-            metadata=metadata,
-            onset_files=env.get('onset_files', []))
-
-        server = _translate_keys(instances[0])
+        personality = env['server'].get('personality')
+        injected_files = []
+        if personality:
+            injected_files = self._get_injected_files(personality)
+
+        try:
+            instances = self.compute_api.create(
+                context,
+                instance_types.get_by_flavor_id(env['server']['flavorId']),
+                image_id,
+                kernel_id=kernel_id,
+                ramdisk_id=ramdisk_id,
+                display_name=env['server']['name'],
+                display_description=env['server']['name'],
+                key_name=key_name,
+                key_data=key_data,
+                metadata=metadata,
+                injected_files=injected_files)
+        except QuotaError as error:
+            self._handle_quota_errors(error)
+
+        builder = servers_views.get_view_builder(req)
+        server = builder.build(instances[0], is_detail=False)
         password = "%s%s" % (server['server']['name'][:4],
                              utils.generate_password(12))
         server['server']['adminPass'] = password
@@ -187,6 +164,62 @@ class Controller(wsgi.Controller):
                                             password)
         return server
 
+    def _deserialize_create(self, request):
+        """
+        Deserialize a create request
+
+        Overrides normal behavior in the case of xml content
+        """
+        if request.content_type == "application/xml":
+            deserializer = ServerCreateRequestXMLDeserializer()
+            return deserializer.deserialize(request.body)
+        else:
+            return self._deserialize(request.body, request.get_content_type())
+
+    def _get_injected_files(self, personality):
+        """
+        Create a list of injected files from the personality attribute
+
+        At this time, injected_files must be formatted as a list of
+        (file_path, file_content) pairs for compatibility with the
+        underlying compute service.
+        """
+        injected_files = []
+
+        for item in personality:
+            try:
+                path = item['path']
+                contents = item['contents']
+            except KeyError as key:
+                expl = _('Bad personality format: missing %s') % key
+                raise exc.HTTPBadRequest(explanation=expl)
+            except TypeError:
+                expl = _('Bad personality format')
+                raise exc.HTTPBadRequest(explanation=expl)
+            try:
+                contents = base64.b64decode(contents)
+            except TypeError:
+                expl = _('Personality content for %s cannot be decoded') % path
+                raise exc.HTTPBadRequest(explanation=expl)
+            injected_files.append((path, contents))
+        return injected_files
+
+    def _handle_quota_errors(self, error):
+        """
+        Reraise quota errors as api-specific http exceptions
+        """
+        if error.code == "OnsetFileLimitExceeded":
+            expl = _("Personality file limit exceeded")
+            raise exc.HTTPBadRequest(explanation=expl)
+        if error.code == "OnsetFilePathLimitExceeded":
+            expl = _("Personality file path too long")
+            raise exc.HTTPBadRequest(explanation=expl)
+        if error.code == "OnsetFileContentLimitExceeded":
+            expl = _("Personality file content too long")
+            raise exc.HTTPBadRequest(explanation=expl)
+        # if the original error is okay, just reraise it
+        raise error
+
     def update(self, req, id):
         """ Updates the server name or password """
         if len(req.body) == 0:
@@ -476,3 +509,79 @@ class Controller(wsgi.Controller):
                 _("Ramdisk not found for image %(image_id)s") % locals())
 
         return kernel_id, ramdisk_id
+
+
+class ServerCreateRequestXMLDeserializer(object):
+    """
+    Deserializer to handle xml-formatted server create requests.
+
+    Handles standard server attributes as well as optional metadata
+    and personality attributes
+    """
+
+    def deserialize(self, string):
+        """Deserialize an xml-formatted server create request"""
+        dom = minidom.parseString(string)
+        server = self._extract_server(dom)
+        return {'server': server}
+
+    def _extract_server(self, node):
+        """Marshal the server attribute of a parsed request"""
+        server = {}
+        server_node = self._find_first_child_named(node, 'server')
+        for attr in ["name", "imageId", "flavorId"]:
+            server[attr] = server_node.getAttribute(attr)
+        metadata = self._extract_metadata(server_node)
+        if metadata is not None:
+            server["metadata"] = metadata
+        personality = self._extract_personality(server_node)
+        if personality is not None:
+            server["personality"] = personality
+        return server
+
+    def _extract_metadata(self, server_node):
+        """Marshal the metadata attribute of a parsed request"""
+        metadata_node = self._find_first_child_named(server_node, "metadata")
+        if metadata_node is None:
+            return None
+        metadata = {}
+        for meta_node in self._find_children_named(metadata_node, "meta"):
+            key = meta_node.getAttribute("key")
+            metadata[key] = self._extract_text(meta_node)
+        return metadata
+
+    def _extract_personality(self, server_node):
+        """Marshal the personality attribute of a parsed request"""
+        personality_node = \
+                self._find_first_child_named(server_node, "personality")
+        if personality_node is None:
+            return None
+        personality = []
+        for file_node in self._find_children_named(personality_node, "file"):
+            item = {}
+            if file_node.hasAttribute("path"):
+                item["path"] = file_node.getAttribute("path")
+            item["contents"] = self._extract_text(file_node)
+            personality.append(item)
+        return personality
+
+    def _find_first_child_named(self, parent, name):
+        """Search a nodes children for the first child with a given name"""
+        for node in parent.childNodes:
+            if node.nodeName == name:
+                return node
+        return None
+
+    def _find_children_named(self, parent, name):
+        """Return all of a nodes children who have the given name"""
+        for node in parent.childNodes:
+            if node.nodeName == name:
+                yield node
+
+    def _extract_text(self, node):
+        """Get the text field contained by the given node"""
+        if len(node.childNodes) == 1:
+            child = node.childNodes[0]
+            if child.nodeType == child.TEXT_NODE:
+                return child.nodeValue
+        return ""
diff --git a/nova/api/openstack/views/__init__.py b/nova/api/openstack/views/__init__.py
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/nova/api/openstack/views/__init__.py
diff --git a/nova/api/openstack/views/addresses.py b/nova/api/openstack/views/addresses.py
new file mode 100644
index 000000000..9d392aace
--- /dev/null
+++ b/nova/api/openstack/views/addresses.py
@@ -0,0 +1,54 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2010-2011 OpenStack LLC.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from nova import utils
+from nova.api.openstack import common
+
+
+def get_view_builder(req):
+    '''
+    A factory method that returns the correct builder based on the version of
+    the api requested.
+    '''
+    version = common.get_api_version(req)
+    if version == '1.1':
+        return ViewBuilder_1_1()
+    else:
+        return ViewBuilder_1_0()
+
+
+class ViewBuilder(object):
+    ''' Models a server addresses response as a python dictionary.'''
+
+    def build(self, inst):
+        raise NotImplementedError()
+
+
+class ViewBuilder_1_0(ViewBuilder):
+    def build(self, inst):
+        private_ips = utils.get_from_path(inst, 'fixed_ip/address')
+        public_ips = utils.get_from_path(inst, 'fixed_ip/floating_ips/address')
+        return dict(public=public_ips, private=private_ips)
+
+
+class ViewBuilder_1_1(ViewBuilder):
+    def build(self, inst):
+        private_ips = utils.get_from_path(inst, 'fixed_ip/address')
+        private_ips = [dict(version=4, addr=a) for a in private_ips]
+        public_ips = utils.get_from_path(inst, 'fixed_ip/floating_ips/address')
+        public_ips = [dict(version=4, addr=a) for a in public_ips]
+        return dict(public=public_ips, private=private_ips)
diff --git a/nova/api/openstack/views/flavors.py b/nova/api/openstack/views/flavors.py
new file mode 100644
index 000000000..dd2e75a7a
--- /dev/null
+++ b/nova/api/openstack/views/flavors.py
@@ -0,0 +1,51 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2010-2011 OpenStack LLC.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from nova.api.openstack import common
+
+
+def get_view_builder(req):
+    '''
+    A factory method that returns the correct builder based on the version of
+    the api requested.
+    '''
+    version = common.get_api_version(req)
+    base_url = req.application_url
+    if version == '1.1':
+        return ViewBuilder_1_1(base_url)
+    else:
+        return ViewBuilder_1_0()
+
+
+class ViewBuilder(object):
+    def __init__(self):
+        pass
+
+    def build(self, flavor_obj):
+        raise NotImplementedError()
+
+
+class ViewBuilder_1_1(ViewBuilder):
+    def __init__(self, base_url):
+        self.base_url = base_url
+
+    def generate_href(self, flavor_id):
+        return "%s/flavors/%s" % (self.base_url, flavor_id)
+
+
+class ViewBuilder_1_0(ViewBuilder):
+    pass
diff --git a/nova/api/openstack/views/images.py b/nova/api/openstack/views/images.py
new file mode 100644
index 000000000..2369a8f9d
--- /dev/null
+++ b/nova/api/openstack/views/images.py
@@ -0,0 +1,51 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2010-2011 OpenStack LLC.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from nova.api.openstack import common
+
+
+def get_view_builder(req):
+    '''
+    A factory method that returns the correct builder based on the version of
+    the api requested.
+    '''
+    version = common.get_api_version(req)
+    base_url = req.application_url
+    if version == '1.1':
+        return ViewBuilder_1_1(base_url)
+    else:
+        return ViewBuilder_1_0()
+
+
+class ViewBuilder(object):
+    def __init__(self):
+        pass
+
+    def build(self, image_obj):
+        raise NotImplementedError()
+
+
+class ViewBuilder_1_1(ViewBuilder):
+    def __init__(self, base_url):
+        self.base_url = base_url
+
+    def generate_href(self, image_id):
+        return "%s/images/%s" % (self.base_url, image_id)
+
+
+class ViewBuilder_1_0(ViewBuilder):
+    pass
diff --git a/nova/api/openstack/views/servers.py b/nova/api/openstack/views/servers.py
new file mode 100644
index 000000000..261acfed0
--- /dev/null
+++ b/nova/api/openstack/views/servers.py
@@ -0,0 +1,132 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2010-2011 OpenStack LLC.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+import hashlib
+from nova.compute import power_state
+from nova.api.openstack import common
+from nova.api.openstack.views import addresses as addresses_view
+from nova.api.openstack.views import flavors as flavors_view
+from nova.api.openstack.views import images as images_view
+from nova import utils
+
+
+def get_view_builder(req):
+    '''
+    A factory method that returns the correct builder based on the version of
+    the api requested.
+    '''
+    version = common.get_api_version(req)
+    addresses_builder = addresses_view.get_view_builder(req)
+    if version == '1.1':
+        flavor_builder = flavors_view.get_view_builder(req)
+        image_builder = images_view.get_view_builder(req)
+        return ViewBuilder_1_1(addresses_builder, flavor_builder,
+                               image_builder)
+    else:
+        return ViewBuilder_1_0(addresses_builder)
+
+
+class ViewBuilder(object):
+    '''
+    Models a server response as a python dictionary.
+    Abstract methods: _build_image, _build_flavor
+    '''
+
+    def __init__(self, addresses_builder):
+        self.addresses_builder = addresses_builder
+
+    def build(self, inst, is_detail):
+        """
+        Coerces into dictionary format, mapping everything to
+        Rackspace-like attributes for return
+        """
+        if is_detail:
+            return self._build_detail(inst)
+        else:
+            return self._build_simple(inst)
+
+    def _build_simple(self, inst):
+            return dict(server=dict(id=inst['id'], name=inst['display_name']))
+
+    def _build_detail(self, inst):
+        power_mapping = {
+            None: 'build',
+            power_state.NOSTATE: 'build',
+            power_state.RUNNING: 'active',
+            power_state.BLOCKED: 'active',
+            power_state.SUSPENDED: 'suspended',
+            power_state.PAUSED: 'paused',
+            power_state.SHUTDOWN: 'active',
+            power_state.SHUTOFF: 'active',
+            power_state.CRASHED: 'error',
+            power_state.FAILED: 'error'}
+        inst_dict = {}
+
+        #mapped_keys = dict(status='state', imageId='image_id',
+        #    flavorId='instance_type', name='display_name', id='id')
+
+        mapped_keys = dict(status='state', name='display_name', id='id')
+
+        for k, v in mapped_keys.iteritems():
+            inst_dict[k] = inst[v]
+
+        inst_dict['status'] = power_mapping[inst_dict['status']]
+        inst_dict['addresses'] = self.addresses_builder.build(inst)
+
+        # Return the metadata as a dictionary
+        metadata = {}
+        for item in inst['metadata']:
+            metadata[item['key']] = item['value']
+        inst_dict['metadata'] = metadata
+
+        inst_dict['hostId'] = ''
+        if inst['host']:
+            inst_dict['hostId'] = hashlib.sha224(inst['host']).hexdigest()
+
+        self._build_image(inst_dict, inst)
+        self._build_flavor(inst_dict, inst)
+
+        return dict(server=inst_dict)
+
+    def _build_image(self, response, inst):
+        raise NotImplementedError()
+
+    def _build_flavor(self, response, inst):
+        raise NotImplementedError()
+
+
+class ViewBuilder_1_0(ViewBuilder):
+    def _build_image(self, response, inst):
+        response["imageId"] = inst["image_id"]
+
+    def _build_flavor(self, response, inst):
+        response["flavorId"] = inst["instance_type"]
+
+
+class ViewBuilder_1_1(ViewBuilder):
+    def __init__(self, addresses_builder, flavor_builder, image_builder):
+        ViewBuilder.__init__(self, addresses_builder)
+        self.flavor_builder = flavor_builder
+        self.image_builder = image_builder
+
+    def _build_image(self, response, inst):
+        image_id = inst["image_id"]
+        response["imageRef"] = self.image_builder.generate_href(image_id)
+
+    def _build_flavor(self, response, inst):
+        flavor_id = inst["instance_type"]
+        response["flavorRef"] = self.flavor_builder.generate_href(flavor_id)
diff --git a/nova/auth/dbdriver.py b/nova/auth/dbdriver.py
index d8dad8edd..d1e3f2ed5 100644
--- a/nova/auth/dbdriver.py
+++ b/nova/auth/dbdriver.py
@@ -162,6 +162,8 @@ class DbDriver(object):
             values['description'] = description
 
         db.project_update(context.get_admin_context(), project_id, values)
+        if not self.is_in_project(manager_uid, project_id):
+            self.add_to_project(manager_uid, project_id)
 
     def add_to_project(self, uid, project_id):
         """Add user to project"""
diff --git a/nova/auth/ldapdriver.py b/nova/auth/ldapdriver.py
index 5da7751a0..647f70db1 100644
--- a/nova/auth/ldapdriver.py
+++ b/nova/auth/ldapdriver.py
@@ -275,6 +275,8 @@ class LdapDriver(object):
             attr.append((self.ldap.MOD_REPLACE, 'description', description))
         dn = self.__project_to_dn(project_id)
         self.conn.modify_s(dn, attr)
+        if not self.is_in_project(manager_uid, project_id):
+            self.add_to_project(manager_uid, project_id)
 
     @sanitize
     def add_to_project(self, uid, project_id):
diff --git a/nova/compute/api.py b/nova/compute/api.py
index 61f8b2a6a..32577af82 100644
--- a/nova/compute/api.py
+++ b/nova/compute/api.py
@@ -80,13 +80,32 @@ class API(base.Base):
                         topic,
                         {"method": "get_network_topic", "args": {'fake': 1}})
 
+    def _check_injected_file_quota(self, context, injected_files):
+        """
+        Enforce quota limits on injected files
+
+        Raises a QuotaError if any limit is exceeded
+        """
+        if injected_files is None:
+            return
+        limit = quota.allowed_injected_files(context)
+        if len(injected_files) > limit:
+            raise quota.QuotaError(code="OnsetFileLimitExceeded")
+        path_limit = quota.allowed_injected_file_path_bytes(context)
+        content_limit = quota.allowed_injected_file_content_bytes(context)
+        for path, content in injected_files:
+            if len(path) > path_limit:
+                raise quota.QuotaError(code="OnsetFilePathLimitExceeded")
+            if len(content) > content_limit:
+                raise quota.QuotaError(code="OnsetFileContentLimitExceeded")
+
     def create(self, context, instance_type,
                image_id, kernel_id=None, ramdisk_id=None,
                min_count=1, max_count=1,
                display_name='', display_description='',
                key_name=None, key_data=None, security_group='default',
                availability_zone=None, user_data=None, metadata=[],
-               onset_files=None):
+               injected_files=None):
         """Create the number of instances requested if quota and
         other arguments check out ok."""
 
@@ -124,6 +143,8 @@ class API(base.Base):
                 LOG.warn(msg)
                 raise quota.QuotaError(msg, "MetadataLimitExceeded")
 
+        self._check_injected_file_quota(context, injected_files)
+
         image = self.image_service.show(context, image_id)
 
         os_type = None
@@ -225,7 +246,7 @@ class API(base.Base):
                       "args": {"topic": FLAGS.compute_topic,
                                "instance_id": instance_id,
                                "availability_zone": availability_zone,
-                               "onset_files": onset_files}})
+                               "injected_files": injected_files}})
 
         for group_id in security_groups:
             self.trigger_security_group_members_refresh(elevated, group_id)
diff --git a/nova/compute/manager.py b/nova/compute/manager.py
index 0cab10fc3..92deca813 100644
--- a/nova/compute/manager.py
+++ b/nova/compute/manager.py
@@ -34,7 +34,6 @@ terminating it.
                   :func:`nova.utils.import_object`
 """
 
-import base64
 import datetime
 import os
 import random
@@ -180,7 +179,7 @@ class ComputeManager(manager.Manager):
         """Launch a new instance with specified options."""
         context = context.elevated()
         instance_ref = self.db.instance_get(context, instance_id)
-        instance_ref.onset_files = kwargs.get('onset_files', [])
+        instance_ref.injected_files = kwargs.get('injected_files', [])
         if instance_ref['name'] in self.driver.list_instances():
             raise exception.Error(_("Instance has already been created"))
         LOG.audit(_("instance %s: starting..."), instance_id,
@@ -359,15 +358,10 @@ class ComputeManager(manager.Manager):
             LOG.warn(_('trying to inject a file into a non-running '
                     'instance: %(instance_id)s (state: %(instance_state)s '
                     'expected: %(expected_state)s)') % locals())
-        # Files/paths *should* be base64-encoded at this point, but
-        # double-check to make sure.
-        b64_path = utils.ensure_b64_encoding(path)
-        b64_contents = utils.ensure_b64_encoding(file_contents)
-        plain_path = base64.b64decode(b64_path)
         nm = instance_ref['name']
-        msg = _('instance %(nm)s: injecting file to %(plain_path)s') % locals()
+        msg = _('instance %(nm)s: injecting file to %(path)s') % locals()
         LOG.audit(msg)
-        self.driver.inject_file(instance_ref, b64_path, b64_contents)
+        self.driver.inject_file(instance_ref, path, file_contents)
 
     @exception.wrap_exception
     @checks_instance_lock
diff --git a/nova/console/manager.py b/nova/console/manager.py
index 57c75cf4f..bfa571ea9 100644
--- a/nova/console/manager.py
+++ b/nova/console/manager.py
@@ -69,7 +69,7 @@ class ConsoleProxyManager(manager.Manager):
         except exception.NotFound:
             logging.debug(_("Adding console"))
             if not password:
-                password = self.driver.generate_password()
+                password = utils.generate_password(8)
             if not port:
                 port = self.driver.get_port(context)
             console_data = {'instance_name': name,
diff --git a/nova/console/xvp.py b/nova/console/xvp.py
index 68d8c8565..0cedfbb13 100644
--- a/nova/console/xvp.py
+++ b/nova/console/xvp.py
@@ -91,10 +91,6 @@ class XVPConsoleProxy(object):
         """Trim password to length, and encode"""
         return self._xvp_encrypt(password)
 
-    def generate_password(self, length=8):
-        """Returns random console password"""
-        return os.urandom(length * 2).encode('base64')[:length]
-
     def _rebuild_xvp_conf(self, context):
         logging.debug(_("Rebuilding xvp conf"))
         pools = [pool for pool in
diff --git a/nova/db/api.py b/nova/db/api.py
index 0aa846d61..3cb0e5811 100644
--- a/nova/db/api.py
+++ b/nova/db/api.py
@@ -353,6 +353,11 @@ def fixed_ip_get_all(context):
     return IMPL.fixed_ip_get_all(context)
 
 
+def fixed_ip_get_all_by_host(context, host):
+    """Get all defined fixed ips used by a host."""
+    return IMPL.fixed_ip_get_all_by_host(context, host)
+
+
 def fixed_ip_get_by_address(context, address):
     """Get a fixed ip by address or raise if it does not exist."""
     return IMPL.fixed_ip_get_by_address(context, address)
diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py
index 56998ce05..9d9b86c1d 100644
--- a/nova/db/sqlalchemy/api.py
+++ b/nova/db/sqlalchemy/api.py
@@ -672,6 +672,22 @@ def fixed_ip_get_all(context, session=None):
     return result
 
 
+@require_admin_context
+def fixed_ip_get_all_by_host(context, host=None):
+    session = get_session()
+
+    result = session.query(models.FixedIp).\
+                    join(models.FixedIp.instance).\
+                    filter_by(state=1).\
+                    filter_by(host=host).\
+                    all()
+
+    if not result:
+        raise exception.NotFound(_('No fixed ips for this host defined'))
+
+    return result
+
+
 @require_context
 def fixed_ip_get_by_address(context, address, session=None):
     if not session:
@@ -746,6 +762,15 @@ def instance_create(context, values):
     context - request context object
     values - dict containing column values.
     """
+    metadata = values.get('metadata')
+    metadata_refs = []
+    if metadata:
+        for metadata_item in metadata:
+            metadata_ref = models.InstanceMetadata()
+            metadata_ref.update(metadata_item)
+            metadata_refs.append(metadata_ref)
+    values['metadata'] = metadata_refs
+
     instance_ref = models.Instance()
     instance_ref.update(values)
 
diff --git a/nova/db/sqlalchemy/models.py b/nova/db/sqlalchemy/models.py
index 162f6fded..1845e85eb 100644
--- a/nova/db/sqlalchemy/models.py
+++ b/nova/db/sqlalchemy/models.py
@@ -161,7 +161,7 @@ class Certificate(BASE, NovaBase):
 class Instance(BASE, NovaBase):
     """Represents a guest vm."""
     __tablename__ = 'instances'
-    onset_files = []
+    injected_files = []
 
     id = Column(Integer, primary_key=True, autoincrement=True)
 
diff --git a/nova/exception.py b/nova/exception.py
index 93c5fe3d7..4e2bbdbaf 100644
--- a/nova/exception.py
+++ b/nova/exception.py
@@ -46,7 +46,7 @@ class Error(Exception):
 
 
 class ApiError(Error):
-    def __init__(self, message='Unknown', code='Unknown'):
+    def __init__(self, message='Unknown', code='ApiError'):
         self.message = message
         self.code = code
         super(ApiError, self).__init__('%s: %s' % (code, message))
diff --git a/nova/quota.py b/nova/quota.py
index 6b52a97fa..2b24c0b5b 100644
--- a/nova/quota.py
+++ b/nova/quota.py
@@ -37,6 +37,12 @@ flags.DEFINE_integer('quota_floating_ips', 10,
                      'number of floating ips allowed per project')
 flags.DEFINE_integer('quota_metadata_items', 128,
                      'number of metadata items allowed per instance')
+flags.DEFINE_integer('quota_max_injected_files', 5,
+                     'number of injected files allowed')
+flags.DEFINE_integer('quota_max_injected_file_content_bytes', 10 * 1024,
+                     'number of bytes allowed per injected file')
+flags.DEFINE_integer('quota_max_injected_file_path_bytes', 255,
+                     'number of bytes allowed per injected file path')
 
 
 def get_quota(context, project_id):
@@ -46,6 +52,7 @@ def get_quota(context, project_id):
             'gigabytes': FLAGS.quota_gigabytes,
             'floating_ips': FLAGS.quota_floating_ips,
             'metadata_items': FLAGS.quota_metadata_items}
+
     try:
         quota = db.quota_get(context, project_id)
         for key in rval.keys():
@@ -106,6 +113,21 @@ def allowed_metadata_items(context, num_metadata_items):
     return min(num_metadata_items, num_allowed_metadata_items)
 
 
+def allowed_injected_files(context):
+    """Return the number of injected files allowed"""
+    return FLAGS.quota_max_injected_files
+
+
+def allowed_injected_file_content_bytes(context):
+    """Return the number of bytes allowed per injected file content"""
+    return FLAGS.quota_max_injected_file_content_bytes
+
+
+def allowed_injected_file_path_bytes(context):
+    """Return the number of bytes allowed in an injected file path"""
+    return FLAGS.quota_max_injected_file_path_bytes
+
+
 class QuotaError(exception.ApiError):
     """Quota Exceeeded"""
     pass
diff --git a/nova/rpc.py b/nova/rpc.py
index fbb90299b..58715963a 100644
--- a/nova/rpc.py
+++ b/nova/rpc.py
@@ -311,7 +311,7 @@ def _pack_context(msg, context):
 
 def call(context, topic, msg):
     """Sends a message on a topic and wait for a response"""
-    LOG.debug(_("Making asynchronous call..."))
+    LOG.debug(_("Making asynchronous call on %s ..."), topic)
     msg_id = uuid.uuid4().hex
     msg.update({'_msg_id': msg_id})
     LOG.debug(_("MSG_ID is %s") % (msg_id))
@@ -352,7 +352,7 @@ def call(context, topic, msg):
 
 def cast(context, topic, msg):
     """Sends a message on a topic without waiting for a response"""
-    LOG.debug(_("Making asynchronous cast..."))
+    LOG.debug(_("Making asynchronous cast on %s..."), topic)
     _pack_context(msg, context)
     conn = Connection.instance()
     publisher = TopicPublisher(connection=conn, topic=topic)
diff --git a/nova/tests/api/openstack/fakes.py b/nova/tests/api/openstack/fakes.py
index 7cb974bb2..a08fe385a 100644
--- a/nova/tests/api/openstack/fakes.py
+++ b/nova/tests/api/openstack/fakes.py
@@ -69,8 +69,6 @@ def fake_auth_init(self, application):
 @webob.dec.wsgify
 def fake_wsgi(self, req):
     req.environ['nova.context'] = context.RequestContext(1, 1)
-    if req.body:
-        req.environ['inst_dict'] = json.loads(req.body)
     return self.application
 
 
@@ -81,14 +79,22 @@ def wsgi_app(inner_application=None):
     api = openstack.FaultWrapper(auth.AuthMiddleware(
               ratelimiting.RateLimitingMiddleware(inner_application)))
     mapper['/v1.0'] = api
+    mapper['/v1.1'] = api
     mapper['/'] = openstack.FaultWrapper(openstack.Versions())
     return mapper
 
 
-def stub_out_key_pair_funcs(stubs):
+def stub_out_key_pair_funcs(stubs, have_key_pair=True):
     def key_pair(context, user_id):
         return [dict(name='key', public_key='public_key')]
-    stubs.Set(nova.db, 'key_pair_get_all_by_user', key_pair)
+
+    def no_key_pair(context, user_id):
+        return []
+
+    if have_key_pair:
+        stubs.Set(nova.db, 'key_pair_get_all_by_user', key_pair)
+    else:
+        stubs.Set(nova.db, 'key_pair_get_all_by_user', no_key_pair)
 
 
 def stub_out_image_service(stubs):
diff --git a/nova/tests/api/openstack/test_flavors.py b/nova/tests/api/openstack/test_flavors.py
index 8280a505f..30326dc50 100644
--- a/nova/tests/api/openstack/test_flavors.py
+++ b/nova/tests/api/openstack/test_flavors.py
@@ -15,6 +15,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
+import json
 import stubout
 import webob
 
@@ -50,3 +51,5 @@ class FlavorsTest(test.TestCase):
         req = webob.Request.blank('/v1.0/flavors/1')
         res = req.get_response(fakes.wsgi_app())
         self.assertEqual(res.status_int, 200)
+        body = json.loads(res.body)
+        self.assertEqual(body['flavor']['id'], 1)
diff --git a/nova/tests/api/openstack/test_servers.py b/nova/tests/api/openstack/test_servers.py
index 5d7a208e9..a5fd4140f 100644
--- a/nova/tests/api/openstack/test_servers.py
+++ b/nova/tests/api/openstack/test_servers.py
@@ -15,12 +15,16 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
+import base64
 import datetime
 import json
+import unittest
+from xml.dom import minidom
 
 import stubout
 import webob
 
+from nova import context
 from nova import db
 from nova import flags
 from nova import test
@@ -78,7 +82,7 @@ def stub_instance(id, user_id=1, private_address=None, public_addresses=None):
         "admin_pass": "",
         "user_id": user_id,
         "project_id": "",
-        "image_id": 10,
+        "image_id": "10",
         "kernel_id": "",
         "ramdisk_id": "",
         "launch_index": 0,
@@ -91,7 +95,7 @@ def stub_instance(id, user_id=1, private_address=None, public_addresses=None):
         "local_gb": 0,
         "hostname": "",
         "host": None,
-        "instance_type": "",
+        "instance_type": "1",
         "user_data": "",
         "reservation_id": "",
         "mac_address": "",
@@ -176,6 +180,25 @@ class ServersTest(test.TestCase):
         self.assertEqual(len(addresses["private"]), 1)
         self.assertEqual(addresses["private"][0], private)
 
+    def test_get_server_by_id_with_addresses_v1_1(self):
+        private = "192.168.0.3"
+        public = ["1.2.3.4"]
+        new_return_server = return_server_with_addresses(private, public)
+        self.stubs.Set(nova.db.api, 'instance_get', new_return_server)
+        req = webob.Request.blank('/v1.1/servers/1')
+        req.environ['api.version'] = '1.1'
+        res = req.get_response(fakes.wsgi_app())
+        res_dict = json.loads(res.body)
+        self.assertEqual(res_dict['server']['id'], '1')
+        self.assertEqual(res_dict['server']['name'], 'server1')
+        addresses = res_dict['server']['addresses']
+        self.assertEqual(len(addresses["public"]), len(public))
+        self.assertEqual(addresses["public"][0],
+            {"version": 4, "addr": public[0]})
+        self.assertEqual(len(addresses["private"]), 1)
+        self.assertEqual(addresses["private"][0],
+            {"version": 4, "addr": private})
+
     def test_get_server_list(self):
         req = webob.Request.blank('/v1.0/servers')
         res = req.get_response(fakes.wsgi_app())
@@ -216,7 +239,8 @@ class ServersTest(test.TestCase):
         servers = json.loads(res.body)['servers']
         self.assertEqual([s['id'] for s in servers], [1, 2])
 
-    def test_create_instance(self):
+    def _test_create_instance_helper(self):
+        """Shared implementation for tests below that create instance"""
         def instance_create(context, inst):
             return {'id': '1', 'display_name': 'server_test'}
 
@@ -271,6 +295,13 @@ class ServersTest(test.TestCase):
 
         self.assertEqual(res.status_int, 200)
 
+    def test_create_instance(self):
+        self._test_create_instance_helper()
+
+    def test_create_instance_no_key_pair(self):
+        fakes.stub_out_key_pair_funcs(self.stubs, have_key_pair=False)
+        self._test_create_instance_helper()
+
     def test_update_no_body(self):
         req = webob.Request.blank('/v1.0/servers/1')
         req.method = 'PUT'
@@ -328,19 +359,32 @@ class ServersTest(test.TestCase):
         res = req.get_response(fakes.wsgi_app())
         self.assertEqual(res.status, '404 Not Found')
 
-    def test_get_all_server_details(self):
+    def test_get_all_server_details_v1_0(self):
         req = webob.Request.blank('/v1.0/servers/detail')
         res = req.get_response(fakes.wsgi_app())
         res_dict = json.loads(res.body)
 
-        i = 0
-        for s in res_dict['servers']:
+        for i, s in enumerate(res_dict['servers']):
             self.assertEqual(s['id'], i)
             self.assertEqual(s['hostId'], '')
             self.assertEqual(s['name'], 'server%d' % i)
-            self.assertEqual(s['imageId'], 10)
+            self.assertEqual(s['imageId'], '10')
+            self.assertEqual(s['flavorId'], '1')
+            self.assertEqual(s['metadata']['seq'], i)
+
+    def test_get_all_server_details_v1_1(self):
+        req = webob.Request.blank('/v1.1/servers/detail')
+        req.environ['api.version'] = '1.1'
+        res = req.get_response(fakes.wsgi_app())
+        res_dict = json.loads(res.body)
+
+        for i, s in enumerate(res_dict['servers']):
+            self.assertEqual(s['id'], i)
+            self.assertEqual(s['hostId'], '')
+            self.assertEqual(s['name'], 'server%d' % i)
+            self.assertEqual(s['imageRef'], 'http://localhost/v1.1/images/10')
+            self.assertEqual(s['flavorRef'], 'http://localhost/v1.1/flavors/1')
             self.assertEqual(s['metadata']['seq'], i)
-            i += 1
 
     def test_get_all_server_details_with_host(self):
         '''
@@ -599,5 +643,538 @@ class ServersTest(test.TestCase):
         res = req.get_response(fakes.wsgi_app())
         self.assertEqual(res.status_int, 400)
 
+
+class TestServerCreateRequestXMLDeserializer(unittest.TestCase):
+
+    def setUp(self):
+        self.deserializer = servers.ServerCreateRequestXMLDeserializer()
+
+    def test_minimal_request(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1"/>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"server": {
+                "name": "new-server-test",
+                "imageId": "1",
+                "flavorId": "1",
+                }}
+        self.assertEquals(request, expected)
+
+    def test_request_with_empty_metadata(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <metadata/>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"server": {
+                "name": "new-server-test",
+                "imageId": "1",
+                "flavorId": "1",
+                "metadata": {},
+                }}
+        self.assertEquals(request, expected)
+
+    def test_request_with_empty_personality(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <personality/>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"server": {
+                "name": "new-server-test",
+                "imageId": "1",
+                "flavorId": "1",
+                "personality": [],
+                }}
+        self.assertEquals(request, expected)
+
+    def test_request_with_empty_metadata_and_personality(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <metadata/>
+    <personality/>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"server": {
+                "name": "new-server-test",
+                "imageId": "1",
+                "flavorId": "1",
+                "metadata": {},
+                "personality": [],
+                }}
+        self.assertEquals(request, expected)
+
+    def test_request_with_empty_metadata_and_personality_reversed(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <personality/>
+    <metadata/>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"server": {
+                "name": "new-server-test",
+                "imageId": "1",
+                "flavorId": "1",
+                "metadata": {},
+                "personality": [],
+                }}
+        self.assertEquals(request, expected)
+
+    def test_request_with_one_personality(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <personality>
+        <file path="/etc/conf">aabbccdd</file>
+    </personality>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = [{"path": "/etc/conf", "contents": "aabbccdd"}]
+        self.assertEquals(request["server"]["personality"], expected)
+
+    def test_request_with_two_personalities(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+<personality><file path="/etc/conf">aabbccdd</file>
+<file path="/etc/sudoers">abcd</file></personality></server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = [{"path": "/etc/conf", "contents": "aabbccdd"},
+                    {"path": "/etc/sudoers", "contents": "abcd"}]
+        self.assertEquals(request["server"]["personality"], expected)
+
+    def test_request_second_personality_node_ignored(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <personality>
+        <file path="/etc/conf">aabbccdd</file>
+    </personality>
+    <personality>
+        <file path="/etc/ignoreme">anything</file>
+    </personality>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = [{"path": "/etc/conf", "contents": "aabbccdd"}]
+        self.assertEquals(request["server"]["personality"], expected)
+
+    def test_request_with_one_personality_missing_path(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+<personality><file>aabbccdd</file></personality></server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = [{"contents": "aabbccdd"}]
+        self.assertEquals(request["server"]["personality"], expected)
+
+    def test_request_with_one_personality_empty_contents(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+<personality><file path="/etc/conf"></file></personality></server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = [{"path": "/etc/conf", "contents": ""}]
+        self.assertEquals(request["server"]["personality"], expected)
+
+    def test_request_with_one_personality_empty_contents_variation(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+<personality><file path="/etc/conf"/></personality></server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = [{"path": "/etc/conf", "contents": ""}]
+        self.assertEquals(request["server"]["personality"], expected)
+
+    def test_request_with_one_metadata(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <metadata>
+        <meta key="alpha">beta</meta>
+    </metadata>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"alpha": "beta"}
+        self.assertEquals(request["server"]["metadata"], expected)
+
+    def test_request_with_two_metadata(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <metadata>
+        <meta key="alpha">beta</meta>
+        <meta key="foo">bar</meta>
+    </metadata>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"alpha": "beta", "foo": "bar"}
+        self.assertEquals(request["server"]["metadata"], expected)
+
+    def test_request_with_metadata_missing_value(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <metadata>
+        <meta key="alpha"></meta>
+    </metadata>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"alpha": ""}
+        self.assertEquals(request["server"]["metadata"], expected)
+
+    def test_request_with_two_metadata_missing_value(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <metadata>
+        <meta key="alpha"/>
+        <meta key="delta"/>
+    </metadata>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"alpha": "", "delta": ""}
+        self.assertEquals(request["server"]["metadata"], expected)
+
+    def test_request_with_metadata_missing_key(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <metadata>
+        <meta>beta</meta>
+    </metadata>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"": "beta"}
+        self.assertEquals(request["server"]["metadata"], expected)
+
+    def test_request_with_two_metadata_missing_key(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <metadata>
+        <meta>beta</meta>
+        <meta>gamma</meta>
+    </metadata>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"": "gamma"}
+        self.assertEquals(request["server"]["metadata"], expected)
+
+    def test_request_with_metadata_duplicate_key(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <metadata>
+        <meta key="foo">bar</meta>
+        <meta key="foo">baz</meta>
+    </metadata>
+</server>"""
+        request = self.deserializer.deserialize(serial_request)
+        expected = {"foo": "baz"}
+        self.assertEquals(request["server"]["metadata"], expected)
+
+    def test_canonical_request_from_docs(self):
+        serial_request = """
+<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"
+ name="new-server-test" imageId="1" flavorId="1">
+    <metadata>
+        <meta key="My Server Name">Apache1</meta>
+    </metadata>
+    <personality>
+        <file path="/etc/banner.txt">\
+ICAgICAgDQoiQSBjbG91ZCBkb2VzIG5vdCBrbm93IHdoeSBp\
+dCBtb3ZlcyBpbiBqdXN0IHN1Y2ggYSBkaXJlY3Rpb24gYW5k\
+IGF0IHN1Y2ggYSBzcGVlZC4uLkl0IGZlZWxzIGFuIGltcHVs\
+c2lvbi4uLnRoaXMgaXMgdGhlIHBsYWNlIHRvIGdvIG5vdy4g\
+QnV0IHRoZSBza3kga25vd3MgdGhlIHJlYXNvbnMgYW5kIHRo\
+ZSBwYXR0ZXJucyBiZWhpbmQgYWxsIGNsb3VkcywgYW5kIHlv\
+dSB3aWxsIGtub3csIHRvbywgd2hlbiB5b3UgbGlmdCB5b3Vy\
+c2VsZiBoaWdoIGVub3VnaCB0byBzZWUgYmV5b25kIGhvcml6\
+b25zLiINCg0KLVJpY2hhcmQgQmFjaA==</file>
+    </personality>
+</server>"""
+        expected = {"server": {
+            "name": "new-server-test",
+            "imageId": "1",
+            "flavorId": "1",
+            "metadata": {
+                "My Server Name": "Apache1",
+            },
+            "personality": [
+                {
+                    "path": "/etc/banner.txt",
+                    "contents": """\
+ICAgICAgDQoiQSBjbG91ZCBkb2VzIG5vdCBrbm93IHdoeSBp\
+dCBtb3ZlcyBpbiBqdXN0IHN1Y2ggYSBkaXJlY3Rpb24gYW5k\
+IGF0IHN1Y2ggYSBzcGVlZC4uLkl0IGZlZWxzIGFuIGltcHVs\
+c2lvbi4uLnRoaXMgaXMgdGhlIHBsYWNlIHRvIGdvIG5vdy4g\
+QnV0IHRoZSBza3kga25vd3MgdGhlIHJlYXNvbnMgYW5kIHRo\
+ZSBwYXR0ZXJucyBiZWhpbmQgYWxsIGNsb3VkcywgYW5kIHlv\
+dSB3aWxsIGtub3csIHRvbywgd2hlbiB5b3UgbGlmdCB5b3Vy\
+c2VsZiBoaWdoIGVub3VnaCB0byBzZWUgYmV5b25kIGhvcml6\
+b25zLiINCg0KLVJpY2hhcmQgQmFjaA==""",
+                },
+            ],
+        }}
+        request = self.deserializer.deserialize(serial_request)
+        self.assertEqual(request, expected)
+
+
+class TestServerInstanceCreation(test.TestCase):
+
+    def setUp(self):
+        super(TestServerInstanceCreation, self).setUp()
+        self.stubs = stubout.StubOutForTesting()
+        fakes.FakeAuthManager.auth_data = {}
+        fakes.FakeAuthDatabase.data = {}
+        fakes.stub_out_auth(self.stubs)
+        fakes.stub_out_key_pair_funcs(self.stubs)
+        self.allow_admin = FLAGS.allow_admin_api
+
+    def tearDown(self):
+        self.stubs.UnsetAll()
+        FLAGS.allow_admin_api = self.allow_admin
+        super(TestServerInstanceCreation, self).tearDown()
+
+    def _setup_mock_compute_api_for_personality(self):
+
+        class MockComputeAPI(object):
+
+            def __init__(self):
+                self.injected_files = None
+
+            def create(self, *args, **kwargs):
+                if 'injected_files' in kwargs:
+                    self.injected_files = kwargs['injected_files']
+                else:
+                    self.injected_files = None
+                return [{'id': '1234', 'display_name': 'fakeinstance'}]
+
+            def set_admin_password(self, *args, **kwargs):
+                pass
+
+        def make_stub_method(canned_return):
+            def stub_method(*args, **kwargs):
+                return canned_return
+            return stub_method
+
+        compute_api = MockComputeAPI()
+        self.stubs.Set(nova.compute, 'API', make_stub_method(compute_api))
+        self.stubs.Set(nova.api.openstack.servers.Controller,
+            '_get_kernel_ramdisk_from_image', make_stub_method((1, 1)))
+        self.stubs.Set(nova.api.openstack.common,
+            'get_image_id_from_image_hash', make_stub_method(2))
+        return compute_api
+
+    def _create_personality_request_dict(self, personality_files):
+        server = {}
+        server['name'] = 'new-server-test'
+        server['imageId'] = 1
+        server['flavorId'] = 1
+        if personality_files is not None:
+            personalities = []
+            for path, contents in personality_files:
+                personalities.append({'path': path, 'contents': contents})
+            server['personality'] = personalities
+        return {'server': server}
+
+    def _get_create_request_json(self, body_dict):
+        req = webob.Request.blank('/v1.0/servers')
+        req.content_type = 'application/json'
+        req.method = 'POST'
+        req.body = json.dumps(body_dict)
+        return req
+
+    def _run_create_instance_with_mock_compute_api(self, request):
+        compute_api = self._setup_mock_compute_api_for_personality()
+        response = request.get_response(fakes.wsgi_app())
+        return compute_api, response
+
+    def _format_xml_request_body(self, body_dict):
+        server = body_dict['server']
+        body_parts = []
+        body_parts.extend([
+            '<?xml version="1.0" encoding="UTF-8"?>',
+            '<server xmlns="http://docs.rackspacecloud.com/servers/api/v1.0"',
+            ' name="%s" imageId="%s" flavorId="%s">' % (
+                    server['name'], server['imageId'], server['flavorId'])])
+        if 'metadata' in server:
+            metadata = server['metadata']
+            body_parts.append('<metadata>')
+            for item in metadata.iteritems():
+                body_parts.append('<meta key="%s">%s</meta>' % item)
+            body_parts.append('</metadata>')
+        if 'personality' in server:
+            personalities = server['personality']
+            body_parts.append('<personality>')
+            for file in personalities:
+                item = (file['path'], file['contents'])
+                body_parts.append('<file path="%s">%s</file>' % item)
+            body_parts.append('</personality>')
+        body_parts.append('</server>')
+        return ''.join(body_parts)
+
+    def _get_create_request_xml(self, body_dict):
+        req = webob.Request.blank('/v1.0/servers')
+        req.content_type = 'application/xml'
+        req.accept = 'application/xml'
+        req.method = 'POST'
+        req.body = self._format_xml_request_body(body_dict)
+        return req
+
+    def _create_instance_with_personality_json(self, personality):
+        body_dict = self._create_personality_request_dict(personality)
+        request = self._get_create_request_json(body_dict)
+        compute_api, response = \
+            self._run_create_instance_with_mock_compute_api(request)
+        return request, response, compute_api.injected_files
+
+    def _create_instance_with_personality_xml(self, personality):
+        body_dict = self._create_personality_request_dict(personality)
+        request = self._get_create_request_xml(body_dict)
+        compute_api, response = \
+            self._run_create_instance_with_mock_compute_api(request)
+        return request, response, compute_api.injected_files
+
+    def test_create_instance_with_no_personality(self):
+        request, response, injected_files = \
+                self._create_instance_with_personality_json(personality=None)
+        self.assertEquals(response.status_int, 200)
+        self.assertEquals(injected_files, [])
+
+    def test_create_instance_with_no_personality_xml(self):
+        request, response, injected_files = \
+                self._create_instance_with_personality_xml(personality=None)
+        self.assertEquals(response.status_int, 200)
+        self.assertEquals(injected_files, [])
+
+    def test_create_instance_with_personality(self):
+        path = '/my/file/path'
+        contents = '#!/bin/bash\necho "Hello, World!"\n'
+        b64contents = base64.b64encode(contents)
+        personality = [(path, b64contents)]
+        request, response, injected_files = \
+            self._create_instance_with_personality_json(personality)
+        self.assertEquals(response.status_int, 200)
+        self.assertEquals(injected_files, [(path, contents)])
+
+    def test_create_instance_with_personality_xml(self):
+        path = '/my/file/path'
+        contents = '#!/bin/bash\necho "Hello, World!"\n'
+        b64contents = base64.b64encode(contents)
+        personality = [(path, b64contents)]
+        request, response, injected_files = \
+            self._create_instance_with_personality_xml(personality)
+        self.assertEquals(response.status_int, 200)
+        self.assertEquals(injected_files, [(path, contents)])
+
+    def test_create_instance_with_personality_no_path(self):
+        personality = [('/remove/this/path',
+            base64.b64encode('my\n\file\ncontents'))]
+        body_dict = self._create_personality_request_dict(personality)
+        del body_dict['server']['personality'][0]['path']
+        request = self._get_create_request_json(body_dict)
+        compute_api, response = \
+            self._run_create_instance_with_mock_compute_api(request)
+        self.assertEquals(response.status_int, 400)
+        self.assertEquals(compute_api.injected_files, None)
+
+    def _test_create_instance_with_personality_no_path_xml(self):
+        personality = [('/remove/this/path',
+            base64.b64encode('my\n\file\ncontents'))]
+        body_dict = self._create_personality_request_dict(personality)
+        request = self._get_create_request_xml(body_dict)
+        request.body = request.body.replace(' path="/remove/this/path"', '')
+        compute_api, response = \
+            self._run_create_instance_with_mock_compute_api(request)
+        self.assertEquals(response.status_int, 400)
+        self.assertEquals(compute_api.injected_files, None)
+
+    def test_create_instance_with_personality_no_contents(self):
+        personality = [('/test/path',
+            base64.b64encode('remove\nthese\ncontents'))]
+        body_dict = self._create_personality_request_dict(personality)
+        del body_dict['server']['personality'][0]['contents']
+        request = self._get_create_request_json(body_dict)
+        compute_api, response = \
+            self._run_create_instance_with_mock_compute_api(request)
+        self.assertEquals(response.status_int, 400)
+        self.assertEquals(compute_api.injected_files, None)
+
+    def test_create_instance_with_personality_not_a_list(self):
+        personality = [('/test/path', base64.b64encode('test\ncontents\n'))]
+        body_dict = self._create_personality_request_dict(personality)
+        body_dict['server']['personality'] = \
+            body_dict['server']['personality'][0]
+        request = self._get_create_request_json(body_dict)
+        compute_api, response = \
+            self._run_create_instance_with_mock_compute_api(request)
+        self.assertEquals(response.status_int, 400)
+        self.assertEquals(compute_api.injected_files, None)
+
+    def test_create_instance_with_personality_with_non_b64_content(self):
+        path = '/my/file/path'
+        contents = '#!/bin/bash\necho "Oh no!"\n'
+        personality = [(path, contents)]
+        request, response, injected_files = \
+            self._create_instance_with_personality_json(personality)
+        self.assertEquals(response.status_int, 400)
+        self.assertEquals(injected_files, None)
+
+    def test_create_instance_with_null_personality(self):
+        personality = None
+        body_dict = self._create_personality_request_dict(personality)
+        body_dict['server']['personality'] = None
+        request = self._get_create_request_json(body_dict)
+        compute_api, response = \
+            self._run_create_instance_with_mock_compute_api(request)
+        self.assertEquals(response.status_int, 200)
+
+    def test_create_instance_with_three_personalities(self):
+        files = [
+            ('/etc/sudoers', 'ALL ALL=NOPASSWD: ALL\n'),
+            ('/etc/motd', 'Enjoy your root access!\n'),
+            ('/etc/dovecot.conf', 'dovecot\nconfig\nstuff\n'),
+            ]
+        personality = []
+        for path, content in files:
+            personality.append((path, base64.b64encode(content)))
+        request, response, injected_files = \
+            self._create_instance_with_personality_json(personality)
+        self.assertEquals(response.status_int, 200)
+        self.assertEquals(injected_files, files)
+
+    def test_create_instance_personality_empty_content(self):
+        path = '/my/file/path'
+        contents = ''
+        personality = [(path, contents)]
+        request, response, injected_files = \
+            self._create_instance_with_personality_json(personality)
+        self.assertEquals(response.status_int, 200)
+        self.assertEquals(injected_files, [(path, contents)])
+
+    def test_create_instance_admin_pass_json(self):
+        request, response, dummy = \
+            self._create_instance_with_personality_json(None)
+        self.assertEquals(response.status_int, 200)
+        response = json.loads(response.body)
+        self.assertTrue('adminPass' in response['server'])
+        self.assertTrue(response['server']['adminPass'].startswith('fake'))
+
+    def test_create_instance_admin_pass_xml(self):
+        request, response, dummy = \
+            self._create_instance_with_personality_xml(None)
+        self.assertEquals(response.status_int, 200)
+        dom = minidom.parseString(response.body)
+        server = dom.childNodes[0]
+        self.assertEquals(server.nodeName, 'server')
+        self.assertTrue(server.getAttribute('adminPass').startswith('fake'))
+
+
 if __name__ == "__main__":
     unittest.main()
diff --git a/nova/tests/db/fakes.py b/nova/tests/db/fakes.py
index f21cabf8c..2d102aca1 100644
--- a/nova/tests/db/fakes.py
+++ b/nova/tests/db/fakes.py
@@ -30,13 +30,33 @@ def stub_out_db_instance_api(stubs, injected=True):
     """ Stubs out the db API for creating Instances """
 
     INSTANCE_TYPES = {
-        'm1.tiny': dict(memory_mb=512, vcpus=1, local_gb=0, flavorid=1),
-        'm1.small': dict(memory_mb=2048, vcpus=1, local_gb=20, flavorid=2),
+        'm1.tiny': dict(memory_mb=512,
+                        vcpus=1,
+                        local_gb=0,
+                        flavorid=1,
+                        rxtx_cap=1),
+        'm1.small': dict(memory_mb=2048,
+                         vcpus=1,
+                         local_gb=20,
+                         flavorid=2,
+                         rxtx_cap=2),
         'm1.medium':
-            dict(memory_mb=4096, vcpus=2, local_gb=40, flavorid=3),
-        'm1.large': dict(memory_mb=8192, vcpus=4, local_gb=80, flavorid=4),
+            dict(memory_mb=4096,
+                 vcpus=2,
+                 local_gb=40,
+                 flavorid=3,
+                 rxtx_cap=3),
+        'm1.large': dict(memory_mb=8192,
+                         vcpus=4,
+                         local_gb=80,
+                         flavorid=4,
+                         rxtx_cap=4),
         'm1.xlarge':
-            dict(memory_mb=16384, vcpus=8, local_gb=160, flavorid=5)}
+            dict(memory_mb=16384,
+                 vcpus=8,
+                 local_gb=160,
+                 flavorid=5,
+                 rxtx_cap=5)}
 
     flat_network_fields = {
         'id': 'fake_flat',
diff --git a/nova/tests/test_auth.py b/nova/tests/test_auth.py
index 2a7817032..885596f56 100644
--- a/nova/tests/test_auth.py
+++ b/nova/tests/test_auth.py
@@ -299,6 +299,13 @@ class AuthManagerTestCase(object):
                 self.assertEqual('test2', project.project_manager_id)
                 self.assertEqual('new desc', project.description)
 
+    def test_modify_project_adds_new_manager(self):
+        with user_and_project_generator(self.manager):
+            with user_generator(self.manager, name='test2'):
+                self.manager.modify_project('testproj', 'test2', 'new desc')
+                project = self.manager.get_project('testproj')
+                self.assertTrue('test2' in project.member_ids)
+
     def test_can_delete_project(self):
         with user_generator(self.manager):
             self.manager.create_project('testproj', 'test1')
diff --git a/nova/tests/test_quota.py b/nova/tests/test_quota.py
index 45b544753..c65bc459d 100644
--- a/nova/tests/test_quota.py
+++ b/nova/tests/test_quota.py
@@ -33,6 +33,12 @@ FLAGS = flags.FLAGS
 
 
 class QuotaTestCase(test.TestCase):
+
+    class StubImageService(object):
+
+        def show(self, *args, **kwargs):
+            return {"properties": {}}
+
     def setUp(self):
         super(QuotaTestCase, self).setUp()
         self.flags(connection_type='fake',
@@ -193,3 +199,67 @@ class QuotaTestCase(test.TestCase):
                                             instance_type='m1.small',
                                             image_id='fake',
                                             metadata=metadata)
+
+    def test_allowed_injected_files(self):
+        self.assertEqual(
+                quota.allowed_injected_files(self.context),
+                FLAGS.quota_max_injected_files)
+
+    def _create_with_injected_files(self, files):
+        api = compute.API(image_service=self.StubImageService())
+        api.create(self.context, min_count=1, max_count=1,
+                instance_type='m1.small', image_id='fake',
+                injected_files=files)
+
+    def test_no_injected_files(self):
+        api = compute.API(image_service=self.StubImageService())
+        api.create(self.context, instance_type='m1.small', image_id='fake')
+
+    def test_max_injected_files(self):
+        files = []
+        for i in xrange(FLAGS.quota_max_injected_files):
+            files.append(('/my/path%d' % i, 'config = test\n'))
+        self._create_with_injected_files(files)  # no QuotaError
+
+    def test_too_many_injected_files(self):
+        files = []
+        for i in xrange(FLAGS.quota_max_injected_files + 1):
+            files.append(('/my/path%d' % i, 'my\ncontent%d\n' % i))
+        self.assertRaises(quota.QuotaError,
+                          self._create_with_injected_files, files)
+
+    def test_allowed_injected_file_content_bytes(self):
+        self.assertEqual(
+                quota.allowed_injected_file_content_bytes(self.context),
+                FLAGS.quota_max_injected_file_content_bytes)
+
+    def test_max_injected_file_content_bytes(self):
+        max = FLAGS.quota_max_injected_file_content_bytes
+        content = ''.join(['a' for i in xrange(max)])
+        files = [('/test/path', content)]
+        self._create_with_injected_files(files)  # no QuotaError
+
+    def test_too_many_injected_file_content_bytes(self):
+        max = FLAGS.quota_max_injected_file_content_bytes
+        content = ''.join(['a' for i in xrange(max + 1)])
+        files = [('/test/path', content)]
+        self.assertRaises(quota.QuotaError,
+                          self._create_with_injected_files, files)
+
+    def test_allowed_injected_file_path_bytes(self):
+        self.assertEqual(
+                quota.allowed_injected_file_path_bytes(self.context),
+                FLAGS.quota_max_injected_file_path_bytes)
+
+    def test_max_injected_file_path_bytes(self):
+        max = FLAGS.quota_max_injected_file_path_bytes
+        path = ''.join(['a' for i in xrange(max)])
+        files = [(path, 'config = quotatest')]
+        self._create_with_injected_files(files)  # no QuotaError
+
+    def test_too_many_injected_file_path_bytes(self):
+        max = FLAGS.quota_max_injected_file_path_bytes
+        path = ''.join(['a' for i in xrange(max + 1)])
+        files = [(path, 'config = quotatest')]
+        self.assertRaises(quota.QuotaError,
+                          self._create_with_injected_files, files)
diff --git a/nova/tests/test_utils.py b/nova/tests/test_utils.py
index 34a407f1a..e08d229b0 100644
--- a/nova/tests/test_utils.py
+++ b/nova/tests/test_utils.py
@@ -14,11 +14,89 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
+import os
+import tempfile
+
 from nova import test
 from nova import utils
 from nova import exception
 
 
+class ExecuteTestCase(test.TestCase):
+    def test_retry_on_failure(self):
+        fd, tmpfilename = tempfile.mkstemp()
+        _, tmpfilename2 = tempfile.mkstemp()
+        try:
+            fp = os.fdopen(fd, 'w+')
+            fp.write('''#!/bin/sh
+# If stdin fails to get passed during one of the runs, make a note.
+if ! grep -q foo
+then
+    echo 'failure' > "$1"
+fi
+# If stdin has failed to get passed during this or a previous run, exit early.
+if grep failure "$1"
+then
+    exit 1
+fi
+runs="$(cat $1)"
+if [ -z "$runs" ]
+then
+    runs=0
+fi
+runs=$(($runs + 1))
+echo $runs > "$1"
+exit 1
+''')
+            fp.close()
+            os.chmod(tmpfilename, 0755)
+            self.assertRaises(exception.ProcessExecutionError,
+                              utils.execute,
+                              tmpfilename, tmpfilename2, attempts=10,
+                              process_input='foo',
+                              delay_on_retry=False)
+            fp = open(tmpfilename2, 'r+')
+            runs = fp.read()
+            fp.close()
+            self.assertNotEquals(runs.strip(), 'failure', 'stdin did not '
+                                                          'always get passed '
+                                                          'correctly')
+            runs = int(runs.strip())
+            self.assertEquals(runs, 10,
+                              'Ran %d times instead of 10.' % (runs,))
+        finally:
+            os.unlink(tmpfilename)
+            os.unlink(tmpfilename2)
+
+    def test_unknown_kwargs_raises_error(self):
+        self.assertRaises(exception.Error,
+                          utils.execute,
+                          '/bin/true', this_is_not_a_valid_kwarg=True)
+
+    def test_no_retry_on_success(self):
+        fd, tmpfilename = tempfile.mkstemp()
+        _, tmpfilename2 = tempfile.mkstemp()
+        try:
+            fp = os.fdopen(fd, 'w+')
+            fp.write('''#!/bin/sh
+# If we've already run, bail out.
+grep -q foo "$1" && exit 1
+# Mark that we've run before.
+echo foo > "$1"
+# Check that stdin gets passed correctly.
+grep foo
+''')
+            fp.close()
+            os.chmod(tmpfilename, 0755)
+            utils.execute(tmpfilename,
+                          tmpfilename2,
+                          process_input='foo',
+                          attempts=2)
+        finally:
+            os.unlink(tmpfilename)
+            os.unlink(tmpfilename2)
+
+
 class GetFromPathTestCase(test.TestCase):
     def test_tolerates_nones(self):
         f = utils.get_from_path
diff --git a/nova/tests/test_volume.py b/nova/tests/test_volume.py
index 1b1d72092..5d68ca2ae 100644
--- a/nova/tests/test_volume.py
+++ b/nova/tests/test_volume.py
@@ -336,8 +336,8 @@ class ISCSITestCase(DriverTestCase):
         self.mox.StubOutWithMock(self.volume.driver, '_execute')
         for i in volume_id_list:
             tid = db.volume_get_iscsi_target_num(self.context, i)
-            self.volume.driver._execute("sudo ietadm --op show --tid=%(tid)d"
-                                        % locals())
+            self.volume.driver._execute("sudo", "ietadm", "--op", "show",
+                                        "--tid=%(tid)d" % locals())
 
         self.stream.truncate(0)
         self.mox.ReplayAll()
@@ -355,8 +355,9 @@ class ISCSITestCase(DriverTestCase):
         # the first vblade process isn't running
         tid = db.volume_get_iscsi_target_num(self.context, volume_id_list[0])
         self.mox.StubOutWithMock(self.volume.driver, '_execute')
-        self.volume.driver._execute("sudo ietadm --op show --tid=%(tid)d"
-            % locals()).AndRaise(exception.ProcessExecutionError())
+        self.volume.driver._execute("sudo", "ietadm", "--op", "show",
+                                    "--tid=%(tid)d" % locals()
+                                 ).AndRaise(exception.ProcessExecutionError())
 
         self.mox.ReplayAll()
         self.assertRaises(exception.ProcessExecutionError,
diff --git a/nova/tests/test_xenapi.py b/nova/tests/test_xenapi.py
index 0f8f3f602..25ffcd012 100644
--- a/nova/tests/test_xenapi.py
+++ b/nova/tests/test_xenapi.py
@@ -385,6 +385,14 @@ class XenAPIVMTestCase(test.TestCase):
         #consistent with bridge specified in nova db
         self.network = network_bk
 
+    def test_spawn_with_network_qos(self):
+        self._create_instance()
+        for vif_ref in xenapi_fake.get_all('VIF'):
+            vif_rec = xenapi_fake.get_record('VIF', vif_ref)
+            self.assertEquals(vif_rec['qos_algorithm_type'], 'ratelimit')
+            self.assertEquals(vif_rec['qos_algorithm_params']['kbps'],
+                              str(4 * 1024))
+
     def tearDown(self):
         super(XenAPIVMTestCase, self).tearDown()
         self.manager.delete_project(self.project)
diff --git a/nova/utils.py b/nova/utils.py
index 87e726394..499af2039 100644
--- a/nova/utils.py
+++ b/nova/utils.py
@@ -133,13 +133,14 @@ def fetchfile(url, target):
 
 
 def execute(*cmd, **kwargs):
-    process_input = kwargs.get('process_input', None)
-    addl_env = kwargs.get('addl_env', None)
-    check_exit_code = kwargs.get('check_exit_code', 0)
-    stdin = kwargs.get('stdin', subprocess.PIPE)
-    stdout = kwargs.get('stdout', subprocess.PIPE)
-    stderr = kwargs.get('stderr', subprocess.PIPE)
-    attempts = kwargs.get('attempts', 1)
+    process_input = kwargs.pop('process_input', None)
+    addl_env = kwargs.pop('addl_env', None)
+    check_exit_code = kwargs.pop('check_exit_code', 0)
+    delay_on_retry = kwargs.pop('delay_on_retry', True)
+    attempts = kwargs.pop('attempts', 1)
+    if len(kwargs):
+        raise exception.Error(_('Got unknown keyword args '
+                                'to utils.execute: %r') % kwargs)
     cmd = map(str, cmd)
 
     while attempts > 0:
@@ -149,8 +150,11 @@ def execute(*cmd, **kwargs):
             env = os.environ.copy()
             if addl_env:
                 env.update(addl_env)
-            obj = subprocess.Popen(cmd, stdin=stdin,
-                    stdout=stdout, stderr=stderr, env=env)
+            obj = subprocess.Popen(cmd,
+                                   stdin=subprocess.PIPE,
+                                   stdout=subprocess.PIPE,
+                                   stderr=subprocess.PIPE,
+                                   env=env)
             result = None
             if process_input != None:
                 result = obj.communicate(process_input)
@@ -176,7 +180,8 @@ def execute(*cmd, **kwargs):
                 raise
             else:
                 LOG.debug(_("%r failed. Retrying."), cmd)
-                greenthread.sleep(random.randint(20, 200) / 100.0)
+                if delay_on_retry:
+                    greenthread.sleep(random.randint(20, 200) / 100.0)
 
 
 def ssh_execute(ssh, cmd, process_input=None,
@@ -262,13 +267,25 @@ def generate_mac():
     return ':'.join(map(lambda x: "%02x" % x, mac))
 
 
-def generate_password(length=20):
-    """Generate a random sequence of letters and digits
-    to be used as a password. Note that this is not intended
-    to represent the ultimate in security.
+# Default symbols to use for passwords. Avoids visually confusing characters.
+# ~6 bits per symbol
+DEFAULT_PASSWORD_SYMBOLS = ("23456789"  # Removed: 0,1
+                            "ABCDEFGHJKLMNPQRSTUVWXYZ"  # Removed: I, O
+                            "abcdefghijkmnopqrstuvwxyz")  # Removed: l
+
+
+# ~5 bits per symbol
+EASIER_PASSWORD_SYMBOLS = ("23456789"  # Removed: 0, 1
+                           "ABCDEFGHJKLMNPQRSTUVWXYZ")  # Removed: I, O
+
+
+def generate_password(length=20, symbols=DEFAULT_PASSWORD_SYMBOLS):
+    """Generate a random password from the supplied symbols.
+
+    Believed to be reasonably secure (with a reasonable password length!)
     """
-    chrs = string.letters + string.digits
-    return "".join([random.choice(chrs) for i in xrange(length)])
+    r = random.SystemRandom()
+    return "".join([r.choice(symbols) for _i in xrange(length)])
 
 
 def last_octet(address):
@@ -518,6 +535,9 @@ def synchronized(name):
     def wrap(f):
         @functools.wraps(f)
         def inner(*args, **kwargs):
+            LOG.debug(_("Attempting to grab %(lock)s for method "
+                        "%(method)s..." % {"lock": name,
+                                           "method": f.__name__}))
             lock = lockfile.FileLock(os.path.join(FLAGS.lock_path,
                                                   'nova-%s.lock' % name))
             with lock:
@@ -526,18 +546,6 @@ def synchronized(name):
     return wrap
 
 
-def ensure_b64_encoding(val):
-    """Safety method to ensure that values expected to be base64-encoded
-    actually are. If they are, the value is returned unchanged. Otherwise,
-    the encoded value is returned.
-    """
-    try:
-        dummy = base64.decode(val)
-        return val
-    except TypeError:
-        return base64.b64encode(val)
-
-
 def get_from_path(items, path):
     """ Returns a list of items matching the specified path.  Takes an
     XPath-like expression e.g. prop1/prop2/prop3, and for each item in items,
diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py
index 7994e9547..e80b9fbdf 100644
--- a/nova/virt/libvirt_conn.py
+++ b/nova/virt/libvirt_conn.py
@@ -502,7 +502,7 @@ class LibvirtConnection(object):
                 cmd = 'netcat', '0.0.0.0', port, '-w', '1'
                 try:
                     stdout, stderr = utils.execute(*cmd, process_input='')
-                except ProcessExecutionError:
+                except exception.ProcessExecutionError:
                     return port
             raise Exception(_('Unable to find an open port'))
 
@@ -984,32 +984,44 @@ class LibvirtConnection(object):
 
         xml = self._conn.getCapabilities()
         xml = libxml2.parseDoc(xml)
-        nodes = xml.xpathEval('//cpu')
+        nodes = xml.xpathEval('//host/cpu')
         if len(nodes) != 1:
             raise exception.Invalid(_("Invalid xml. '<cpu>' must be 1,"
                                       "but %d\n") % len(nodes)
                                       + xml.serialize())
 
         cpu_info = dict()
-        cpu_info['arch'] = xml.xpathEval('//cpu/arch')[0].getContent()
-        cpu_info['model'] = xml.xpathEval('//cpu/model')[0].getContent()
-        cpu_info['vendor'] = xml.xpathEval('//cpu/vendor')[0].getContent()
 
-        topology_node = xml.xpathEval('//cpu/topology')[0].get_properties()
+        arch_nodes = xml.xpathEval('//host/cpu/arch')
+        if arch_nodes:
+            cpu_info['arch'] = arch_nodes[0].getContent()
+
+        model_nodes = xml.xpathEval('//host/cpu/model')
+        if model_nodes:
+            cpu_info['model'] = model_nodes[0].getContent()
+
+        vendor_nodes = xml.xpathEval('//host/cpu/vendor')
+        if vendor_nodes:
+            cpu_info['vendor'] = vendor_nodes[0].getContent()
+
+        topology_nodes = xml.xpathEval('//host/cpu/topology')
         topology = dict()
-        while topology_node != None:
-            name = topology_node.get_name()
-            topology[name] = topology_node.getContent()
-            topology_node = topology_node.get_next()
-
-        keys = ['cores', 'sockets', 'threads']
-        tkeys = topology.keys()
-        if list(set(tkeys)) != list(set(keys)):
-            ks = ', '.join(keys)
-            raise exception.Invalid(_("Invalid xml: topology(%(topology)s) "
-                                      "must have %(ks)s") % locals())
-
-        feature_nodes = xml.xpathEval('//cpu/feature')
+        if topology_nodes:
+            topology_node = topology_nodes[0].get_properties()
+            while topology_node:
+                name = topology_node.get_name()
+                topology[name] = topology_node.getContent()
+                topology_node = topology_node.get_next()
+
+            keys = ['cores', 'sockets', 'threads']
+            tkeys = topology.keys()
+            if set(tkeys) != set(keys):
+                ks = ', '.join(keys)
+                raise exception.Invalid(_("Invalid xml: topology"
+                                          "(%(topology)s) must have "
+                                          "%(ks)s") % locals())
+
+        feature_nodes = xml.xpathEval('//host/cpu/feature')
         features = list()
         for nodes in feature_nodes:
             features.append(nodes.get_properties().getContent())
@@ -1597,6 +1609,8 @@ class IptablesFirewallDriver(FirewallDriver):
 
         self.iptables.ipv4['filter'].add_chain('sg-fallback')
         self.iptables.ipv4['filter'].add_rule('sg-fallback', '-j DROP')
+        self.iptables.ipv6['filter'].add_chain('sg-fallback')
+        self.iptables.ipv6['filter'].add_rule('sg-fallback', '-j DROP')
 
     def setup_basic_filtering(self, instance):
         """Use NWFilter from libvirt for this."""
diff --git a/nova/virt/xenapi/vm_utils.py b/nova/virt/xenapi/vm_utils.py
index e308072fb..7e976e37a 100644
--- a/nova/virt/xenapi/vm_utils.py
+++ b/nova/virt/xenapi/vm_utils.py
@@ -233,7 +233,8 @@ class VMHelper(HelperBase):
             raise StorageError(_('Unable to destroy VBD %s') % vbd_ref)
 
     @classmethod
-    def create_vif(cls, session, vm_ref, network_ref, mac_address, dev="0"):
+    def create_vif(cls, session, vm_ref, network_ref, mac_address,
+                   dev="0", rxtx_cap=0):
         """Create a VIF record.  Returns a Deferred that gives the new
         VIF reference."""
         vif_rec = {}
@@ -244,8 +245,9 @@ class VMHelper(HelperBase):
         vif_rec['MAC'] = mac_address
         vif_rec['MTU'] = '1500'
         vif_rec['other_config'] = {}
-        vif_rec['qos_algorithm_type'] = ''
-        vif_rec['qos_algorithm_params'] = {}
+        vif_rec['qos_algorithm_type'] = "ratelimit" if rxtx_cap else ''
+        vif_rec['qos_algorithm_params'] = \
+                {"kbps": str(rxtx_cap * 1024)} if rxtx_cap else {}
         LOG.debug(_('Creating VIF for VM %(vm_ref)s,'
                 ' network %(network_ref)s.') % locals())
         vif_ref = session.call_xenapi('VIF.create', vif_rec)
diff --git a/nova/virt/xenapi/vmops.py b/nova/virt/xenapi/vmops.py
index b82efc512..e3160e71e 100644
--- a/nova/virt/xenapi/vmops.py
+++ b/nova/virt/xenapi/vmops.py
@@ -19,6 +19,7 @@
 Management class for VM-related functions (spawn, reboot, etc).
 """
 
+import base64
 import json
 import M2Crypto
 import os
@@ -136,19 +137,20 @@ class VMOps(object):
         LOG.info(_('Spawning VM %(instance_name)s created %(vm_ref)s.')
                  % locals())
 
-        def _inject_onset_files():
-            onset_files = instance.onset_files
-            if onset_files:
+        def _inject_files():
+            injected_files = instance.injected_files
+            if injected_files:
                 # Check if this is a JSON-encoded string and convert if needed.
-                if isinstance(onset_files, basestring):
+                if isinstance(injected_files, basestring):
                     try:
-                        onset_files = json.loads(onset_files)
+                        injected_files = json.loads(injected_files)
                     except ValueError:
-                        LOG.exception(_("Invalid value for onset_files: '%s'")
-                                % onset_files)
-                        onset_files = []
+                        LOG.exception(
+                            _("Invalid value for injected_files: '%s'")
+                                % injected_files)
+                        injected_files = []
                 # Inject any files, if specified
-                for path, contents in instance.onset_files:
+                for path, contents in instance.injected_files:
                     LOG.debug(_("Injecting file path: '%s'") % path)
                     self.inject_file(instance, path, contents)
         # NOTE(armando): Do we really need to do this in virt?
@@ -164,7 +166,7 @@ class VMOps(object):
                 if state == power_state.RUNNING:
                     LOG.debug(_('Instance %s: booted'), instance_name)
                     timer.stop()
-                    _inject_onset_files()
+                    _inject_files()
                     return True
             except Exception, exc:
                 LOG.warn(exc)
@@ -408,17 +410,16 @@ class VMOps(object):
             raise RuntimeError(resp_dict['message'])
         return resp_dict['message']
 
-    def inject_file(self, instance, b64_path, b64_contents):
+    def inject_file(self, instance, path, contents):
         """Write a file to the VM instance. The path to which it is to be
-        written and the contents of the file need to be supplied; both should
+        written and the contents of the file need to be supplied; both will
         be base64-encoded to prevent errors with non-ASCII characters being
         transmitted. If the agent does not support file injection, or the user
         has disabled it, a NotImplementedError will be raised.
         """
-        # Files/paths *should* be base64-encoded at this point, but
-        # double-check to make sure.
-        b64_path = utils.ensure_b64_encoding(b64_path)
-        b64_contents = utils.ensure_b64_encoding(b64_contents)
+        # Files/paths must be base64-encoded for transmission to agent
+        b64_path = base64.b64encode(path)
+        b64_contents = base64.b64encode(contents)
 
         # Need to uniquely identify this request.
         transaction_id = str(uuid.uuid4())
@@ -743,8 +744,12 @@ class VMOps(object):
         Creates vifs for an instance
 
         """
-        vm_ref = self._get_vm_opaque_ref(instance.id)
+        vm_ref = self._get_vm_opaque_ref(instance['id'])
+        admin_context = context.get_admin_context()
+        flavor = db.instance_type_get_by_name(admin_context,
+                                              instance.instance_type)
         logging.debug(_("creating vif(s) for vm: |%s|"), vm_ref)
+        rxtx_cap = flavor['rxtx_cap']
         if networks is None:
             networks = db.network_get_all_by_instance(admin_context,
                                                       instance['id'])
@@ -772,7 +777,8 @@ class VMOps(object):
                     device = "0"
 
                 VMHelper.create_vif(self._session, vm_ref, network_ref,
-                                    instance.mac_address, device)
+                                    instance.mac_address, device,
+                                    rxtx_cap=rxtx_cap)
 
     def reset_network(self, instance):
         """
diff --git a/nova/volume/driver.py b/nova/volume/driver.py
index 7b4bacdec..779b46755 100644
--- a/nova/volume/driver.py
+++ b/nova/volume/driver.py
@@ -207,8 +207,8 @@ class AOEDriver(VolumeDriver):
         (shelf_id,
          blade_id) = self.db.volume_get_shelf_and_blade(context,
                                                         _volume['id'])
-        self._execute("sudo aoe-discover")
-        out, err = self._execute("sudo aoe-stat", check_exit_code=False)
+        self._execute('sudo', 'aoe-discover')
+        out, err = self._execute('sudo', 'aoe-stat', check_exit_code=False)
         device_path = 'e%(shelf_id)d.%(blade_id)d' % locals()
         if out.find(device_path) >= 0:
             return "/dev/etherd/%s" % device_path
@@ -224,8 +224,8 @@ class AOEDriver(VolumeDriver):
         (shelf_id,
          blade_id) = self.db.volume_get_shelf_and_blade(context,
                                                         volume_id)
-        cmd = "sudo vblade-persist ls --no-header"
-        out, _err = self._execute(cmd)
+        cmd = ('sudo', 'vblade-persist', 'ls', '--no-header')
+        out, _err = self._execute(*cmd)
         exported = False
         for line in out.split('\n'):
             param = line.split(' ')
@@ -318,8 +318,8 @@ class ISCSIDriver(VolumeDriver):
         iscsi_name = "%s%s" % (FLAGS.iscsi_target_prefix, volume['name'])
         volume_path = "/dev/%s/%s" % (FLAGS.volume_group, volume['name'])
         self._execute('sudo', 'ietadm', '--op', 'new',
-                      '--tid=%s --params Name=%s' %
-                      (iscsi_target, iscsi_name))
+                      '--tid=%s' % iscsi_target,
+                      '--params', 'Name=%s' % iscsi_name)
         self._execute('sudo', 'ietadm', '--op', 'new',
                       '--tid=%s' % iscsi_target,
                       '--lun=0', '--params',
@@ -500,7 +500,8 @@ class ISCSIDriver(VolumeDriver):
 
         tid = self.db.volume_get_iscsi_target_num(context, volume_id)
         try:
-            self._execute("sudo ietadm --op show --tid=%(tid)d" % locals())
+            self._execute('sudo', 'ietadm', '--op', 'show',
+                          '--tid=%(tid)d' % locals())
         except exception.ProcessExecutionError, e:
             # Instances remount read-only in this case.
             # /etc/init.d/iscsitarget restart and rebooting nova-volume
@@ -551,7 +552,7 @@ class RBDDriver(VolumeDriver):
     def delete_volume(self, volume):
         """Deletes a logical volume."""
         self._try_execute('rbd', '--pool', FLAGS.rbd_pool,
-                          'rm', voluname['name'])
+                          'rm', volume['name'])
 
     def local_path(self, volume):
         """Returns the path of the rbd volume."""