Merge pull request #693 from puppetlabs/release_prep_3-8-0

Added a action to generate release notes
Update release.yml
2026-01-26 10:08:40 -05:00 · 2026-01-14 23:11:26 +05:30 · 2026-01-14 23:10:14 +05:30 · 2026-01-14 23:00:09 +05:30 · 2026-01-14 22:54:47 +05:30 · 2026-01-14 22:47:55 +05:30
89 changed files with 8355 additions and 9614 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -1,13 +0,0 @@
 **/*.yml
 **/*.yaml
 **/*.md
 **/*example
 **/Dockerfile*
 Gemfile.lock
 Rakefile
 Vagrantfile
 coverage
 docs
 examples
 scripts
 vendor
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -3,6 +3,11 @@ updates:
 - package-ecosystem: bundler
  directory: "/"
  schedule:
-    interval: daily
+    interval: weekly
-    time: "13:00"
+  open-pull-requests-limit: 10
 - package-ecosystem: github-actions
  directory: "/"
  schedule:
    interval: weekly
  open-pull-requests-limit: 10
--- a/.github/workflows/auto_release_prep.yml
+++ b/.github/workflows/auto_release_prep.yml
@ -0,0 +1,12 @@
 name: Automated release prep
 on:
  workflow_dispatch:
 jobs:
  auto_release_prep:
    uses: puppetlabs/release-engineering-repo-standards/.github/workflows/auto_release_prep.yml@v1
    secrets: inherit
    with:
      project-type: ruby
      version-file-path: lib/vmpooler/version.rb
--- a/.github/workflows/dependabot_merge.yml
+++ b/.github/workflows/dependabot_merge.yml
@ -0,0 +1,8 @@
 name: Dependabot auto-merge
 on: pull_request
 jobs:
  dependabot_merge:
    uses: puppetlabs/release-engineering-repo-standards/.github/workflows/dependabot_merge.yml@v1
    secrets: inherit
--- a/.github/workflows/ensure_label.yml
+++ b/.github/workflows/ensure_label.yml
@ -0,0 +1,8 @@
 name: Ensure label
 on: pull_request
 jobs:
  ensure_label:
    uses: puppetlabs/release-engineering-repo-standards/.github/workflows/ensure_label.yml@v1
    secrets: inherit
--- a/.github/workflows/lightstep.yml
+++ b/.github/workflows/lightstep.yml
@ -1,29 +0,0 @@
 name: Verify Pre-Deploy Status
 on: pull_request
 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      # Checkout repo
      - name: Checkout
        uses: actions/checkout@v2
      # Run checks
      - name: Lightstep Pre-Deploy Check
        uses: lightstep/lightstep-action-predeploy@v0.2.6
        id: lightstep-predeploy
        with:
          lightstep_api_key: ${{ secrets.LIGHTSTEP_API_KEY }}
          pagerduty_api_token: ${{ secrets.PAGERDUTY_API_TOKEN }}
      # Output status as a comment
      - name: Add a Comment
        uses: unsplash/comment-on-pr@master
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          msg: ${{ steps.lightstep-predeploy.outputs.lightstep_predeploy_md }}
          check_for_duplicate_msg: true
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -0,0 +1,58 @@
 name: Release Gem
 on: workflow_dispatch
 jobs:
  release:
    runs-on: ubuntu-latest
    if: github.repository == 'puppetlabs/vmpooler'
    steps:
      - uses: actions/checkout@v4
      - name: Get Current Version
        uses: actions/github-script@v7
        id: cv
        with:
          script: |
            const { data: response } = await github.rest.repos.getLatestRelease({
              owner: context.repo.owner,
              repo: context.repo.repo,
            })
            console.log(`The latest release is ${response.tag_name}`)
            return response.tag_name
          result-encoding: string
      - name: Get Next Version
        id: nv
        run: |
          version=$(grep VERSION lib/vmpooler/version.rb |rev |cut -d "'" -f2 |rev)
          echo "version=$version" >> $GITHUB_OUTPUT
          echo "Found version $version from lib/vmpooler/version.rb"
      - name: Tag Release
        uses: ncipollo/release-action@v1
        with:
          tag: ${{ steps.nv.outputs.version }}
          token: ${{ secrets.GITHUB_TOKEN }}
          bodyfile: release-notes.md
          draft: false
          prerelease: false
      # This step should closely match what is used in `docker/Dockerfile` in vmpooler-deployment
      - name: Install Ruby jruby-9.4.12.1
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: 'jruby-9.4.12.1'
      - name: Build gem
        run: gem build *.gemspec
      - name: Publish gem
        run: |
          mkdir -p $HOME/.gem
          touch $HOME/.gem/credentials
          chmod 0600 $HOME/.gem/credentials
          printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
          gem push *.gem
        env:
          GEM_HOST_API_KEY: '${{ secrets.RUBYGEMS_AUTH_TOKEN }}'
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@ -0,0 +1,39 @@
 name: Security
 on:
  workflow_dispatch:
  push:
    branches:
      - main
 jobs:
  scan:
    name: Mend Scanning
    runs-on: ubuntu-latest
    steps:
    - name: checkout repo content
      uses: actions/checkout@v4
      with:
        fetch-depth: 1
    - name: setup ruby
      uses: ruby/setup-ruby@v1
      with:
        ruby-version: 2.7
    # setup a package lock if one doesn't exist, otherwise do nothing
    - name: check lock
      run: '[ -f "Gemfile.lock" ] && echo "package lock file exists, skipping" || bundle lock'
    # install java
    - uses: actions/setup-java@v4
      with:
        distribution: 'temurin' # See 'Supported distributions' for available options
        java-version: '17'
    # download mend
    - name: download_mend
      run: curl -o wss-unified-agent.jar https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar
    - name: run mend
      run: java -jar wss-unified-agent.jar
      env:
        WS_APIKEY: ${{ secrets.MEND_API_KEY }}
        WS_WSS_URL: https://saas-eu.whitesourcesoftware.com/agent
        WS_USERKEY: ${{ secrets.MEND_TOKEN }}
        WS_PRODUCTNAME: RE
        WS_PROJECTNAME: ${{ github.event.repository.name }}
--- a/.github/workflows/testing.yml
+++ b/.github/workflows/testing.yml
@ -10,7 +10,7 @@ name: Testing
 on:
  pull_request:
    branches:
-      - master
+      - main
 jobs:
  rubocop:
@ -18,9 +18,9 @@ jobs:
    strategy:
      matrix:
        ruby-version:
-          - '2.5.8'
+          - 'jruby-9.4.12.1'
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Set up Ruby
      uses: ruby/setup-ruby@v1
      with:
@ -34,10 +34,9 @@ jobs:
    strategy:
      matrix:
        ruby-version:
-          - '2.5.8'
+          - 'jruby-9.4.12.1'
          - 'jruby-9.2.12.0'
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Set up Ruby
      uses: ruby/setup-ruby@v1
      with:
--- a/.github_changelog_generator
+++ b/.github_changelog_generator
@ -0,0 +1,5 @@
 project=vmpooler
 user=puppetlabs
 exclude_labels=maintenance
 github-api=https://api.github.com
 release-branch=main
--- a/.gitignore
+++ b/.gitignore
@ -1,9 +1,9 @@
 .bundle/
 .vagrant/
-results.xml
+coverage/
 vendor/
 .dccache
 .ruby-version
 Gemfile.lock
 Gemfile.local
-vendor
+results.xml
 /vmpooler.yaml
 .bundle
 coverage
--- a/.lightstep.yml
+++ b/.lightstep.yml
@ -1,10 +0,0 @@
 organization: Puppet Inc
 project: puppet-inc-prod
 conditions: 
  # API /status error >0%
  - SZcJVQfy
 integrations:
  pagerduty:
    # VMPooler service
    service: P714ID4
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -66,6 +66,7 @@ Style/Next:
  Enabled: false
 Metrics/ParameterLists:
  Max: 10
  MaxOptionalParameters: 10
 Style/GuardClause:
  Enabled: false
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@ -12,7 +12,7 @@
 # SupportedStyles: with_first_parameter, with_fixed_indentation
 Layout/ParameterAlignment:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 9
 # Cop supports --auto-correct.
@ -21,13 +21,13 @@ Layout/ParameterAlignment:
 Layout/CaseIndentation:
  Exclude:
    - 'lib/vmpooler/api/helpers.rb'
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Cop supports --auto-correct.
 Layout/ClosingParenthesisIndentation:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Cop supports --auto-correct.
@ -58,14 +58,14 @@ Layout/EmptyLinesAroundModuleBody:
 Layout/FirstHashElementIndentation:
  Exclude:
    - 'lib/vmpooler/api/helpers.rb'
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Cop supports --auto-correct.
 # Configuration parameters: Width, IgnoredPatterns.
 Layout/IndentationWidth:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Cop supports --auto-correct.
@ -73,7 +73,7 @@ Layout/IndentationWidth:
 # SupportedStyles: symmetrical, new_line, same_line
 Layout/MultilineMethodCallBraceLayout:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Cop supports --auto-correct.
@ -87,14 +87,14 @@ Layout/SpaceAroundEqualsInParameterDefault:
 # Cop supports --auto-correct.
 Layout/SpaceAroundKeyword:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Cop supports --auto-correct.
 # Configuration parameters: AllowForAlignment.
 Layout/SpaceAroundOperators:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 8
 # Cop supports --auto-correct.
@ -109,14 +109,14 @@ Layout/SpaceInsideHashLiteralBraces:
 # Cop supports --auto-correct.
 Layout/SpaceInsideParens:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 2
 # Configuration parameters: AllowSafeAssignment.
 Lint/AssignmentInCondition:
  Exclude:
    - 'lib/vmpooler/api/helpers.rb'
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 2
 Lint/SuppressedException:
@ -148,7 +148,7 @@ Lint/UselessAssignment:
 Style/AndOr:
  Exclude:
    - 'lib/vmpooler/api/helpers.rb'
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 Style/CaseEquality:
@ -169,7 +169,7 @@ Style/For:
 Style/HashSyntax:
  Exclude:
    - 'lib/vmpooler/api/helpers.rb'
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 4
 # Cop supports --auto-correct.
@ -177,7 +177,7 @@ Style/HashSyntax:
 Style/IfUnlessModifier:
  Exclude:
    - 'lib/vmpooler/api/helpers.rb'
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 3
 # Cop supports --auto-correct.
@ -185,13 +185,13 @@ Style/IfUnlessModifier:
 # SupportedStyles: both, prefix, postfix
 Style/NegatedIf:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 3
 # Cop supports --auto-correct.
 Style/Not:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Cop supports --auto-correct.
@ -200,26 +200,26 @@ Style/Not:
 Style/NumericPredicate:
  Exclude:
    - 'spec/**/*'
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 2
 # Cop supports --auto-correct.
 Style/ParallelAssignment:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Cop supports --auto-correct.
 # Configuration parameters: AllowSafeAssignment.
 Style/ParenthesesAroundCondition:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 2
 # Cop supports --auto-correct.
 Style/PerlBackrefs:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Configuration parameters: NamePrefix, NamePrefixBlacklist, NameWhitelist.
@ -235,7 +235,7 @@ Naming/PredicateName:
 # Cop supports --auto-correct.
 Style/RedundantParentheses:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 2
 # Cop supports --auto-correct.
@ -256,7 +256,7 @@ Style/RedundantSelf:
 # SupportedStyles: single_quotes, double_quotes
 Style/StringLiterals:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Cop supports --auto-correct.
@ -271,7 +271,7 @@ Style/TernaryParentheses:
 # SupportedStyles: snake_case, camelCase
 Naming/VariableName:
  Exclude:
-    - 'lib/vmpooler/api/v1.rb'
+    - 'lib/vmpooler/api/v3.rb'
 # Offense count: 1
 # Cop supports --auto-correct.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/6
+++ b/6
@ -1,10 +1,10 @@
-# This will cause DIO to be assigned review of any opened PRs against
+# This will cause RE to be assigned review of any opened PRs against
 # the branches containing this file.
 # See https://help.github.com/en/articles/about-code-owners for info on how to
 # take ownership of parts of the code base that should be reviewed by another
 # team.
-# DIO will be the default owners for everything in the repo.
+# RE will be the default owners for everything in the repo.
-*                                     @puppetlabs/dio
+*                                     @puppetlabs/release-engineering
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -1,9 +1,6 @@
 # How to contribute
-Third-party patches are essential for keeping vmpooler great. We want to keep it as easy as possible to contribute changes that
+Third-party patches are essential for keeping VMPooler great. We want to keep it as easy as possible to contribute changes that get things working in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things.
 get things working in your environment. There are a few guidelines that we
 need contributors to follow so that we can have a chance of keeping on
 top of things.
 ## Getting Started
@ -18,16 +15,13 @@ top of things.
 * Create a topic branch from where you want to base your work.
  * This is usually the master branch.
-  * Only target release branches if you are certain your fix must be on that
+  * Only target release branches if you are certain your fix must be on that branch.
-    branch.
+  * To quickly create a topic branch based on master: `git checkout -b fix/master/my_contribution master`. Please avoid working directly on the `master` branch.
  * To quickly create a topic branch based on master; `git checkout -b
    fix/master/my_contribution master`. Please avoid working directly on the
    `master` branch.
 * Make commits of logical units.
 * Check for unnecessary whitespace with `git diff --check` before committing.
 * Make sure your commit messages are in the proper format.
-````
+```plain
 (POOLER-1234) Make the example in CONTRIBUTING imperative and concrete
 Without this patch applied the example commit message in the CONTRIBUTING
@ -39,7 +33,7 @@ top of things.
 The first line is a real life imperative statement with a ticket number
 from our issue tracker.  The body describes the behavior without the patch,
 why this is a problem, and how the patch fixes the problem when applied.
-````
+```
 * Make sure you have added the necessary tests for your changes.
 * Run _all_ the tests to assure nothing else was accidentally broken.
@ -48,12 +42,9 @@ top of things.
 ### Documentation
-For changes of a trivial nature to comments and documentation, it is not
+For changes of a trivial nature to comments and documentation, it is not always necessary to create a new ticket in Jira. In this case, it is appropriate to start the first line of a commit with '(doc)' instead of a ticket number.
 always necessary to create a new ticket in Jira. In this case, it is
 appropriate to start the first line of a commit with '(doc)' instead of
 a ticket number.
-````
+```plain
 (doc) Add documentation commit example to CONTRIBUTING
 There is no example for contributing a documentation commit
@ -64,20 +55,19 @@ a ticket number.
 place of what would have been the ticket number in a
 non-documentation related commit. The body describes the nature of
 the new documentation or comments added.
-````
+```
 ## Submitting Changes
-* Sign the [Contributor License Agreement](http://links.puppetlabs.com/cla).
+* Sign the Contributor License Agreement.
 * Push your changes to a topic branch in your fork of the repository.
 * Submit a pull request to the repository in the puppetlabs organization.
 * Update your Jira ticket to mark that you have submitted code and are ready for it to be reviewed (Status: Ready for Merge).
  * Include a link to the pull request in the ticket.
-* The Puppet SRE team looks at Pull Requests on a regular basis.
+* The Puppet Release Engineering team looks at Pull Requests on a regular basis.
-* After feedback has been given we expect responses within two weeks. After two
+* After feedback has been given we expect responses within two weeks. After two weeks we may close the pull request if it isn't showing any activity.
  weeks we may close the pull request if it isn't showing any activity.
-# Additional Resources
+## Additional Resources
 * [Puppet Labs community guildelines](http://docs.puppetlabs.com/community/community_guidelines.html)
 * [Bug tracker (Jira)](http://tickets.puppetlabs.com)
--- a/4
+++ b/4
@ -3,11 +3,11 @@ source ENV['GEM_SOURCE'] || 'https://rubygems.org'
 gemspec
 # Evaluate Gemfile.local if it exists
-if File.exists? "#{__FILE__}.local"
+if File.exist? "#{__FILE__}.local"
  instance_eval(File.read("#{__FILE__}.local"))
 end
 # Evaluate ~/.gemfile if it exists
-if File.exists?(File.join(Dir.home, '.gemfile'))
+if File.exist?(File.join(Dir.home, '.gemfile'))
  instance_eval(File.read(File.join(Dir.home, '.gemfile')))
 end
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -0,0 +1,219 @@
 PATH
  remote: .
  specs:
    vmpooler (3.8.1)
      concurrent-ruby (~> 1.1)
      connection_pool (~> 2.4)
      deep_merge (~> 1.2)
      net-ldap (~> 0.16)
      opentelemetry-exporter-jaeger (= 0.23.0)
      opentelemetry-instrumentation-concurrent_ruby (= 0.21.1)
      opentelemetry-instrumentation-http_client (= 0.22.2)
      opentelemetry-instrumentation-rack (= 0.23.4)
      opentelemetry-instrumentation-redis (= 0.25.3)
      opentelemetry-instrumentation-sinatra (= 0.23.2)
      opentelemetry-resource_detectors (= 0.24.2)
      opentelemetry-sdk (~> 1.8)
      pickup (~> 0.0.11)
      prometheus-client (>= 2, < 5)
      puma (>= 5.0.4, < 7)
      rack (>= 2.2, < 4.0)
      rake (~> 13.0)
      redis (~> 5.0)
      sinatra (>= 2, < 4)
      spicy-proton (~> 2.1)
      statsd-ruby (~> 1.4)
 GEM
  remote: https://rubygems.org/
  specs:
    ast (2.4.3)
    base64 (0.1.2)
    bindata (2.5.1)
    builder (3.3.0)
    climate_control (1.2.0)
    coderay (1.1.3)
    concurrent-ruby (1.3.5)
    connection_pool (2.5.3)
    deep_merge (1.2.2)
    diff-lcs (1.6.2)
    docile (1.4.1)
    faraday (2.13.1)
      faraday-net_http (>= 2.0, < 3.5)
      json
      logger
    faraday-net_http (3.4.0)
      net-http (>= 0.5.0)
    ffi (1.17.2-java)
    google-cloud-env (2.2.1)
      faraday (>= 1.0, < 3.a)
    json (2.12.2)
    json (2.12.2-java)
    language_server-protocol (3.17.0.5)
    logger (1.7.0)
    method_source (1.1.0)
    mock_redis (0.37.0)
    mustermann (3.0.3)
      ruby2_keywords (~> 0.0.1)
    net-http (0.6.0)
      uri
    net-ldap (0.19.0)
    nio4r (2.7.4)
    nio4r (2.7.4-java)
    opentelemetry-api (1.5.0)
    opentelemetry-common (0.20.1)
      opentelemetry-api (~> 1.0)
    opentelemetry-exporter-jaeger (0.23.0)
      opentelemetry-api (~> 1.1)
      opentelemetry-common (~> 0.20)
      opentelemetry-sdk (~> 1.2)
      opentelemetry-semantic_conventions
      thrift
    opentelemetry-instrumentation-base (0.22.3)
      opentelemetry-api (~> 1.0)
      opentelemetry-registry (~> 0.1)
    opentelemetry-instrumentation-concurrent_ruby (0.21.1)
      opentelemetry-api (~> 1.0)
      opentelemetry-instrumentation-base (~> 0.22.1)
    opentelemetry-instrumentation-http_client (0.22.2)
      opentelemetry-api (~> 1.0)
      opentelemetry-common (~> 0.20.0)
      opentelemetry-instrumentation-base (~> 0.22.1)
    opentelemetry-instrumentation-rack (0.23.4)
      opentelemetry-api (~> 1.0)
      opentelemetry-common (~> 0.20.0)
      opentelemetry-instrumentation-base (~> 0.22.1)
    opentelemetry-instrumentation-redis (0.25.3)
      opentelemetry-api (~> 1.0)
      opentelemetry-common (~> 0.20.0)
      opentelemetry-instrumentation-base (~> 0.22.1)
    opentelemetry-instrumentation-sinatra (0.23.2)
      opentelemetry-api (~> 1.0)
      opentelemetry-common (~> 0.20.0)
      opentelemetry-instrumentation-base (~> 0.22.1)
      opentelemetry-instrumentation-rack (~> 0.21)
    opentelemetry-registry (0.4.0)
      opentelemetry-api (~> 1.1)
    opentelemetry-resource_detectors (0.24.2)
      google-cloud-env
      opentelemetry-sdk (~> 1.0)
    opentelemetry-sdk (1.8.0)
      opentelemetry-api (~> 1.1)
      opentelemetry-common (~> 0.20)
      opentelemetry-registry (~> 0.2)
      opentelemetry-semantic_conventions
    opentelemetry-semantic_conventions (1.11.0)
      opentelemetry-api (~> 1.0)
    parallel (1.27.0)
    parser (3.3.8.0)
      ast (~> 2.4.1)
      racc
    pickup (0.0.11)
    prism (1.4.0)
    prometheus-client (4.2.4)
      base64
    pry (0.15.2)
      coderay (~> 1.1)
      method_source (~> 1.0)
    pry (0.15.2-java)
      coderay (~> 1.1)
      method_source (~> 1.0)
      spoon (~> 0.0)
    puma (6.6.0)
      nio4r (~> 2.0)
    puma (6.6.0-java)
      nio4r (~> 2.0)
    racc (1.8.1)
    racc (1.8.1-java)
    rack (2.2.17)
    rack-protection (3.2.0)
      base64 (>= 0.1.0)
      rack (~> 2.2, >= 2.2.4)
    rack-test (2.2.0)
      rack (>= 1.3)
    rainbow (3.1.1)
    rake (13.3.0)
    redis (5.4.0)
      redis-client (>= 0.22.0)
    redis-client (0.24.0)
      connection_pool
    regexp_parser (2.10.0)
    rexml (3.4.1)
    rspec (3.13.1)
      rspec-core (~> 3.13.0)
      rspec-expectations (~> 3.13.0)
      rspec-mocks (~> 3.13.0)
    rspec-core (3.13.4)
      rspec-support (~> 3.13.0)
    rspec-expectations (3.13.5)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.13.0)
    rspec-mocks (3.13.5)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.13.0)
    rspec-support (3.13.4)
    rubocop (1.56.4)
      base64 (~> 0.1.1)
      json (~> 2.3)
      language_server-protocol (>= 3.17.0)
      parallel (~> 1.10)
      parser (>= 3.2.2.3)
      rainbow (>= 2.2.2, < 4.0)
      regexp_parser (>= 1.8, < 3.0)
      rexml (>= 3.2.5, < 4.0)
      rubocop-ast (>= 1.28.1, < 2.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (>= 2.4.0, < 3.0)
    rubocop-ast (1.44.1)
      parser (>= 3.3.7.2)
      prism (~> 1.4)
    ruby-progressbar (1.13.0)
    ruby2_keywords (0.0.5)
    simplecov (0.22.0)
      docile (~> 1.1)
      simplecov-html (~> 0.11)
      simplecov_json_formatter (~> 0.1)
    simplecov-html (0.13.1)
    simplecov_json_formatter (0.1.4)
    sinatra (3.2.0)
      mustermann (~> 3.0)
      rack (~> 2.2, >= 2.2.4)
      rack-protection (= 3.2.0)
      tilt (~> 2.0)
    spicy-proton (2.1.15)
      bindata (~> 2.3)
    spoon (0.0.6)
      ffi
    statsd-ruby (1.5.0)
    thor (1.3.2)
    thrift (0.22.0)
    tilt (2.6.0)
    unicode-display_width (2.6.0)
    uri (1.0.3)
    yarjuf (2.0.0)
      builder
      rspec (~> 3)
 PLATFORMS
  arm64-darwin-22
  arm64-darwin-23
  arm64-darwin-25
  universal-java-11
  universal-java-17
  x86_64-darwin-22
  x86_64-linux
 DEPENDENCIES
  climate_control (>= 0.2.0)
  mock_redis (= 0.37.0)
  pry
  rack-test (>= 0.6)
  rspec (>= 3.2)
  rubocop (~> 1.56.0)
  simplecov (>= 0.11.2)
  thor (~> 1.0, >= 1.0.1)
  vmpooler!
  yarjuf (>= 2.0)
 BUNDLED WITH
   2.4.18
--- a/PROVIDER_API.md
+++ b/PROVIDER_API.md
@ -1,83 +0,0 @@
 # Provider API
 ## Create a new provider gem from scratch
 ### Requirements
 1. the provider code will need to be in lib/vmpooler/providers directory of your gem regardless of your gem name
 2. the main provider code file should be named the same at the name of the provider. ie. (vpshere == lib/vmpooler/providers/vsphere.rb)
 3. The gem must be installed on the same machine as vmpooler
 4. The provider name must be referenced in the vmpooler config file in order for it to be loaded.
 5. Your gem name or repository name should contain vmpooler-<name>-provider so the community can easily search provider plugins
   for vmpooler.
 ### 1. Use bundler to create the provider scaffolding
 ```
 bundler gem --test=rspec --no-exe --no-ext vmpooler-spoof-provider
 cd vmpooler-providers-spoof/
 mkdir -p ./lib/vmpooler/providers
 cd ./lib/vmpooler/providers
 touch spoof.rb
 ```
 There may be some boilerplate files there were generated, just delete those.
 ### 2. Create the main provider file
 Ensure the main provider file uses the following code.
 ```ruby
 # lib/vmpooler/providers/spoof.rb
 require 'yaml'
 require 'vmpooler/providers/base'
 module Vmpooler
  class PoolManager
    class Provider
      class Spoof < Vmpooler::PoolManager::Provider::Base
      # at this time it is not documented which methods should be implemented
      # have a look at the vmpooler/providers/vpshere provider for examples
      end
    end
  end
 end
 ```
 ### 3. Fill out your gemspec
 Ensure you fill out your gemspec file to your specifications.  If you need a dependency please make sure you require them.
 `spec.add_dependency "vmware", "~> 1.15"`.
 At a minimum you may want to add the vmpooler gem as a dev dependency so you can use it during testing.
 `spec.add_dev_dependency "vmpooler", "~> 1.15"`
 or in your Gemfile
 ```ruby
 gem 'vmpooler', github: 'puppetlabs/vmpooler'
 ```
 Also make sure this dependency can be loaded by jruby.  If the dependency cannot be used by jruby don't use it.
 ### 4. Create some tests
 Your provider code should be tested before releasing.  Copy and refactor some tests from the vmpooler gem under 
 `spec/unit/providers/dummy_spec.rb`
 ### 5. Publish
 Think your provider gem is good enough for others?  Publish it and tell us on Slack or update this doc with a link to your gem.
 ## Available Third Party Providers
 Be the first to update this list.  Create a provider today!
 ## Example provider
 You can use the following [repo as an example](https://github.com/logicminds/vmpooler-vsphere-provider) of how to setup your provider gem.
--- a/README.md
+++ b/README.md
@ -1,41 +1,101 @@
-![vmpooler](https://raw.github.com/sschneid/vmpooler/master/lib/vmpooler/public/img/logo.gif)
+![VMPooler](lib/vmpooler/public/img/logo.png)
-# vmpooler
+# VMPooler
-vmpooler provides configurable 'pools' of instantly-available (running) virtual machines.
+- [VMPooler](#vmpooler)
  - [Usage](#usage)
    - [Migrating to v3](#migrating-to-v3)
    - [v2.0.0 note](#v200-note)
  - [Installation](#installation)
    - [Dependencies](#dependencies)
      - [Redis](#redis)
      - [Other gems](#other-gems)
  - [Configuration](#configuration)
  - [Components](#components)
    - [API](#api)
    - [Dashboard](#dashboard)
  - [Related tools and resources](#related-tools-and-resources)
    - [Command-line Utility](#command-line-utility)
    - [Vagrant plugin](#vagrant-plugin)
  - [Development](#development)
    - [docker-compose](#docker-compose)
    - [Running docker-compose inside Vagrant](#running-docker-compose-inside-vagrant)
    - [URLs when using docker-compose](#urls-when-using-docker-compose)
  - [Update the Gemfile Lock](#update-the-gemfile-lock)
  - [Releasing](#releasing)
  - [License](#license)
 VMPooler provides configurable 'pools' of instantly-available (pre-provisioned) and/or on-demand (provisioned on request) virtual machines.
 ## Usage
-At [Puppet, Inc.](http://puppet.com) we run acceptance tests on thousands of disposable VMs every day. Vmpooler manages the lifecycle of these VMs from request through deletion, with options available to pool ready instances, and provision on demand.
+At [Puppet, Inc.](http://puppet.com) we run acceptance tests on thousands of disposable VMs every day. VMPooler manages the life cycle of these VMs from request through deletion, with options available to pool ready instances, and provision on demand.
 The recommended method for deploying VMPooler is via [https://github.com/puppetlabs/vmpooler-deployment](vmpooler-deployment).
 ### Migrating to v3
 Starting with the v3.x release, management of DNS records is implemented as DNS plugins, similar to compute providers. This means each pool configuration should be pointing to a configuration object in `:dns_config` to determine it's method of record management.
 For those using the global `DOMAIN` environment variable or global `:config.domain` key, this means records were not previously being managed by VMPooler (presumably managed via dynamic dns), so it's value should be moved to `:dns_configs:<INSERT_YOUR_OWN_SYMBOL>:domain` with the value for `dns_class` for the config set to `dynamic-dns`.
 For example, the following < v3.x configuration:
 ```yaml
 :config:
  domain: 'example.com'
 ```
 becomes:
 ```yaml
 :dns_configs:
  :example:
    dns_class: dynamic-dns
    domain: 'example.com'
 ```
 Then any pools that should have records created via the dns config above should now reference the named dns config in the `dns_plugin` key:
 ```yaml
 :pools:
  - name: 'debian-8-x86_64'
    dns_plugin: 'example'
 ```
 For those using the GCE provider, [vmpooler-provider-gce](https://github.com/puppetlabs/vmpooler-provider-gce), as of version 1.x the DNS management has been decoupled. See <https://github.com/puppetlabs/vmpooler-provider-gce#migrating-to-v1>
 ### v2.0.0 note
 As of version 2.0.0, all providers other than the dummy one are now separate gems. Historically the vSphere provider was included within VMPooler itself. That code has been moved to the [puppetlabs/vmpooler-provider-vsphere](https://github.com/puppetlabs/vmpooler-provider-vsphere) repository and the `vmpooler-provider-vsphere` gem. To migrate from VMPooler 1.x to 2.0 you will need to ensure that `vmpooler-provider-vsphere` is installed along side the `vmpooler` gem. See the  [Provider API](docs/PROVIDER_API.md) docs for more information.
 ## Installation
-### Prerequisites
+The recommended method of installation is via the Helm chart located in [puppetlabs/vmpooler-deployment](https://github.com/puppetlabs/vmpooler-deployment). That repository also provides Docker images of VMPooler.
 vmpooler is available as a gem
 To use the gem `gem install vmpooler`
 ### Dependencies
-Vmpooler requires a [Redis](http://redis.io/) server. This is the datastore used for vmpooler's inventory and queueing services.
+#### Redis
-### Configuration
+VMPooler requires a [Redis](http://redis.io/) server. This is the data store used for VMPooler's inventory and queuing services.
-Configuration for vmpooler may be provided via environment variables, or a configuration file.
+#### Other gems
-Note on jruby 9.2.11.x: We have found when running vmpooler on jruby 9.2.11.x we occasionally encounter a stack overflow error that causes the pool\_manager application component to fail and stop doing work. To address this issue on jruby 9.2.11.x we recommend setting the jruby option 'invokedynamic.yield=false'. To set this with jruby 9.2.11.1 you can specify the environment variable 'JRUBY\_OPTS' with the value '-Xinvokedynamic.yield=false'.
+VMPooler itself and the dev environment talked about below require additional Ruby gems to function. You can update the currently required ones for VMPooler by running `./update-gemfile-lock.sh`. The gems for the dev environment can be updated by running `./docker/update-gemfile-lock.sh`. These scripts will utilize the container on the FROM line of the Dockerfile to update the Gemfile.lock in the root of this repo and in the docker folder, respectively.
-The provided configuration defaults are reasonable for  small vmpooler instances with a few pools. If you plan to run a large vmpooler instance it is important to consider configuration values appropriate for the instance of your size in order to avoid starving the provider, or redis, of connections.
+## Configuration
-As of vmpooler 0.13.x redis uses a connection pool to improve efficiency and ensure thread safe usage. At Puppet, we run an instance with about 100 pools at any given time. We have to provide it with 200 redis connections to the redis connection pool, and a timeout for connections of 40 seconds, to avoid timeouts. Because metrics are generated for connection available and waited your metrics provider will need to be able to cope with this volume. Statsd is recommended to ensure metrics get delivered reliably.
+Configuration for VMPooler may be provided via environment variables, or a configuration file.
-Please see this [configuration](docs/configuration.md) document for more details about configuring vmpooler via environment variables.
+The provided configuration defaults are reasonable for  small VMPooler instances with a few pools. If you plan to run a large VMPooler instance it is important to consider configuration values appropriate for the instance of your size in order to avoid starving the provider, or Redis, of connections.
 VMPooler uses a connection pool for Redis to improve efficiency and ensure thread safe usage. At Puppet, we run an instance with about 100 pools at any given time. We have to provide it with 200 Redis connections to the Redis connection pool, and a timeout for connections of 40 seconds, to avoid timeouts. Because metrics are generated for connection available and waited, your metrics provider will need to be able to cope with this volume. Prometheus or StatsD is recommended to ensure metrics get delivered reliably.
 Please see this [configuration](docs/configuration.md) document for more details about configuring VMPooler via environment variables.
 The following YAML configuration sets up two pools, `debian-7-i386` and `debian-7-x86_64`, which contain 5 running VMs each:
-```
+```yaml
 ---
 :providers:
  :vsphere:
@ -68,45 +128,13 @@ The following YAML configuration sets up two pools, `debian-7-i386` and `debian-
 See the provided YAML configuration example, [vmpooler.yaml.example](vmpooler.yaml.example), for additional configuration options and parameters or for supporting multiple providers.
-### Running via Docker
+## Components
-A [Dockerfile](/docker/Dockerfile) is included in this repository to allow running vmpooler inside a Docker container. A configuration file can be used via volume mapping, and specifying the destination as the configuration file via environment variables, or the application can be configured with environment variables alone. The Dockerfile provides an entrypoint so you may choose whether to run API, or manager services. The default behavior will run both. To build and run:
+VMPooler provides an API and web front-end (dashboard) on port `:4567`.  See the provided YAML configuration example, [vmpooler.yaml.example](vmpooler.yaml.example), to specify an alternative port to listen on.
 ```
 docker build -t vmpooler . && docker run -e VMPOOLER_CONFIG -p 80:4567 -it vmpooler
 ```
 To run only the API and dashboard
 ```
 docker run -p 80:4567 -it vmpooler api
 ```
 To run only the manager component
 ```
 docker run -it vmpooler manager
 ```
 ### docker-compose
 A docker-compose file is provided to support running vmpooler easily via docker-compose. This is useful for development because your local code is used to build the gem used in the docker-compose environment.
 ```
 docker-compose -f docker/docker-compose.yml up
 ```
 ### Running Docker inside Vagrant
 A vagrantfile is included in this repository. Please see [vagrant instructions](docs/vagrant.md) for details.
 ## API and Dashboard
 vmpooler provides an API and web front-end (dashboard) on port `:4567`.  See the provided YAML configuration example, [vmpooler.yaml.example](vmpooler.yaml.example), to specify an alternative port to listen on.
 ### API
-vmpooler provides a REST API for VM management.  See the [API documentation](docs/API.md) for more information.
+VMPooler provides a REST API for VM management.  See the [API documentation](docs/API.md) for more information.
 ### Dashboard
@ -116,23 +144,71 @@ A dashboard is provided to offer real-time statistics and historical graphs.  It
 [Graphite](http://graphite.wikidot.com/) is required for historical data retrieval.  See the provided YAML configuration example, [vmpooler.yaml.example](vmpooler.yaml.example), for details.
-## Command-line Utility
+## Related tools and resources
- [vmfloaty](https://github.com/briancain/vmfloaty) is a ruby based CLI tool and scripting library written in ruby.
+### Command-line Utility
-## Vagrant plugin
+- [vmfloaty](https://github.com/puppetlabs/vmfloaty) is a ruby based CLI tool and scripting library. We consider it the primary way for users to interact with VMPooler.
- [vagrant-vmpooler](https://github.com/briancain/vagrant-vmpooler) Use Vagrant to create and manage your vmpooler instances.
+### Vagrant plugin
-## Development and further documentation
+- [vagrant-vmpooler](https://github.com/briancain/vagrant-vmpooler): Use Vagrant to create and manage your VMPooler instances.
-For more information about setting up a development instance of vmpooler or other subjects, see the [docs/](docs) directory.
+## Development
-## Build status
+### docker-compose
-[![Build Status](https://travis-ci.org/puppetlabs/vmpooler.png?branch=master)](https://travis-ci.org/puppetlabs/vmpooler)
+A docker-compose file is provided to support running VMPooler and associated tools locally. This is useful for development because your local code is used to build the gem used in the docker-compose environment. The compose environment also pulls in the latest providers via git. Details of this setup are stored in the `docker/` folder.
 ```bash
 docker-compose -f docker/docker-compose.yml build && \
 docker-compose -f docker/docker-compose.yml up
 ```
 ### Running docker-compose inside Vagrant
 A Vagrantfile is included in this repository so as to provide a reproducible development environment.
 ```bash
 vagrant up
 vagrant ssh
 cd /vagrant
 docker-compose -f docker/docker-compose.yml build && \
 docker-compose -f docker/docker-compose.yml up
 ```
 The Vagrant environment also contains multiple rubies you can utilize for spec test and the like. You can see a list of the pre-installed ones when you log in as part of the message of the day.
 For more information about setting up a development instance of VMPooler or other subjects, see the [docs/](docs) directory.
 ### URLs when using docker-compose
 | Endpoint          | URL                                                                   |
 |-------------------|-----------------------------------------------------------------------|
 | Redis Commander   | [http://localhost:8079](http://localhost:8079)                        |
 | API               | [http://localhost:8080/api/v1]([http://localhost:8080/api/v1)         |
 | Dashboard         | [http://localhost:8080/dashboard/](http://localhost:8080/dashboard/)  |
 | Metrics (API)     | [http://localhost:8080/prometheus]([http://localhost:8080/prometheus) |
 | Metrics (Manager) | [http://localhost:8081/prometheus]([http://localhost:8081/prometheus) |
 | Jaeger            | [http://localhost:8082](http://localhost:8082)                        |
 Additionally, the Redis instance can be accessed at `localhost:6379`.
 ## Update the Gemfile Lock
 To update the `Gemfile.lock` run `./update-gemfile-lock`.
 Verify, and update if needed, that the docker tag in the script and GitHub action workflows matches what is used in the [vmpooler-deployment Dockerfile](https://github.com/puppetlabs/vmpooler-deployment/blob/main/docker/Dockerfile).
 ## Releasing
 Follow these steps to publish a new GitHub release, and build and push the gem to <https://rubygems.org>.
 1. Bump the "VERSION" in `lib/vmpooler/version.rb` appropriately based on changes in `CHANGELOG.md` since the last release.
 2. Run `./release-prep` to update `Gemfile.lock` and `CHANGELOG.md`.
 3. Commit and push changes to a new branch, then open a pull request against `main` and be sure to add the "maintenance" label.
 4. After the pull request is approved and merged, then navigate to Actions --> Release Gem --> run workflow --> Branch: main --> Run workflow.
 ## License
-vmpooler is distributed under the [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.html).  See the [LICENSE](LICENSE) file for more details.
+VMPooler is distributed under the [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.html).  See the [LICENSE](LICENSE) file for more details.
--- a/2
+++ b/2
@ -2,6 +2,8 @@
 Vagrant.configure("2") do |config|
  config.vm.box = "genebean/centos-7-rvm-multi"
  config.vm.network "forwarded_port", guest: 4567, host: 4567 # for when not running docker-compose
  config.vm.network "forwarded_port", guest: 6379, host: 6379 # Redis
  config.vm.network "forwarded_port", guest: 8079, host: 8079 # Redis Commander
  config.vm.network "forwarded_port", guest: 8080, host: 8080 # VMPooler api in docker-compose
  config.vm.network "forwarded_port", guest: 8081, host: 8081 # VMPooler manager in docker-compose
  config.vm.network "forwarded_port", guest: 8082, host: 8082 # Jaeger in docker-compose
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@ -1,29 +0,0 @@
 # Run vmpooler in a Docker container!  Configuration can either be embedded
 # and built within the current working directory, or stored in a
 # VMPOOLER_CONFIG environment value and passed to the Docker daemon.
 #
 # BUILD:
 #   docker build -t vmpooler .
 #
 # RUN:
 #   docker run -e VMPOOLER_CONFIG -p 80:4567 -it vmpooler
 FROM jruby:9.2-jdk
 ARG vmpooler_version=0.11.3
 COPY docker/docker-entrypoint.sh /usr/local/bin/
 ENV LOGFILE=/dev/stdout \
      RACK_ENV=production
 RUN apt-get update -qq && \
    apt-get install -y --no-install-recommends make && \
    apt-get clean autoclean && \
    apt-get autoremove -y && \
    rm -rf /var/lib/apt/lists/*
 RUN gem install vmpooler -v ${vmpooler_version} && \
      chmod +x /usr/local/bin/docker-entrypoint.sh
 ENTRYPOINT ["docker-entrypoint.sh"]
--- a/docker/Dockerfile-aio
+++ b/docker/Dockerfile-aio
@ -1,39 +0,0 @@
 # Run vmpooler in a Docker container!  Configuration can either be embedded
 # and built within the current working directory, or stored in a
 # VMPOOLER_CONFIG environment value and passed to the Docker daemon.
 #
 # BUILD:
 #   docker build -t vmpooler .
 #
 # RUN:
 #   docker run -e VMPOOLER_CONFIG -p 80:4567 -it vmpooler
 FROM jruby:9.2.9-jdk
 RUN mkdir -p /var/lib/vmpooler
 WORKDIR /var/lib/vmpooler
 RUN echo "deb http://httpredir.debian.org/debian jessie main" >/etc/apt/sources.list.d/jessie-main.list
 RUN apt-get update -qq && \
    apt-get install -y --no-install-recommends make redis-server && \
    apt-get clean autoclean && \
    apt-get autoremove -y && \
    rm -rf /var/lib/apt/lists/*
 ADD Gemfile* /var/lib/vmpooler/
 RUN bundle install --system
 RUN ln -s /opt/jruby/bin/jruby /usr/bin/jruby
 COPY . /var/lib/vmpooler
 ENV VMPOOLER_LOG /var/log/vmpooler.log
 CMD \
    /etc/init.d/redis-server start \
    && /var/lib/vmpooler/scripts/vmpooler_init.sh start \
    && while [ ! -f ${VMPOOLER_LOG} ]; do sleep 1; done ; \
    tail -f ${VMPOOLER_LOG}
--- a/docker/Dockerfile_local
+++ b/docker/Dockerfile_local
@ -1,30 +0,0 @@
 # Run vmpooler in a Docker container!  Configuration can either be embedded
 # and built within the current working directory, or stored in a
 # VMPOOLER_CONFIG environment value and passed to the Docker daemon.
 #
 # BUILD:
 #   docker build -t vmpooler .
 #
 # RUN:
 #   docker run -e VMPOOLER_CONFIG -p 80:4567 -it vmpooler
 FROM jruby:9.2-jdk
 COPY docker/docker-entrypoint.sh /usr/local/bin/
 COPY ./ ./
 ENV RACK_ENV=production
 RUN apt-get update -qq && \
    apt-get install -y --no-install-recommends make && \
    apt-get clean autoclean && \
    apt-get autoremove -y && \
    rm -rf /var/lib/apt/lists/*
 RUN gem install bundler && \
    bundle install && \
    gem build vmpooler.gemspec && \
    gem install vmpooler*.gem && \
    chmod +x /usr/local/bin/docker-entrypoint.sh
 ENTRYPOINT ["docker-entrypoint.sh"]
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@ -1,73 +0,0 @@
 # For local development run with a dummy provider
 version: '3.8'
 services:
  vmpooler-api:
    build:
      context: ../
      dockerfile: docker/Dockerfile_local
    volumes:
      - type: bind
        source: ${PWD}/vmpooler.yaml
        target: /etc/vmpooler/vmpooler.yaml
    ports:
      - "8080:4567"
    networks:
      - redis-net
    environment:
      - VMPOOLER_DEBUG=true # for use of dummy auth
      - VMPOOLER_CONFIG_FILE=/etc/vmpooler/vmpooler.yaml
      - REDIS_SERVER=redislocal
      - LOGFILE=/dev/null
      - JRUBY_OPTS=-Xinvokedynamic.yield=false
      - VMPOOLER_TRACING_ENABLED=true
      - VMPOOLER_TRACING_JAEGER_HOST=http://jaeger-aio:14268/api/traces
    image: vmpooler-local
    command: api
    depends_on:
      - redislocal
  vmpooler-manager:
    build:
      context: ../
      dockerfile: docker/Dockerfile_local
    volumes:
      - type: bind
        source: ${PWD}/vmpooler.yaml
        target: /etc/vmpooler/vmpooler.yaml
    ports:
      - "8081:4567"
    networks:
      - redis-net
    environment:
      - VMPOOLER_DEBUG=true # for use of dummy auth
      - VMPOOLER_CONFIG_FILE=/etc/vmpooler/vmpooler.yaml
      - REDIS_SERVER=redislocal
      - LOGFILE=/dev/null
      - JRUBY_OPTS=-Xinvokedynamic.yield=false
      - VMPOOLER_TRACING_ENABLED=true
      - VMPOOLER_TRACING_JAEGER_HOST=http://jaeger-aio:14268/api/traces
    image: vmpooler-local
    command: manager
    depends_on:
      - redislocal
  redislocal:
    image: redis
    # Uncomment this if you don't want the redis data to persist
    #command: "redis-server --save '' --appendonly no"
    ports:
      - "6379:6379"
    networks:
      - redis-net
  jaeger-aio:
    image: jaegertracing/all-in-one:1.18
    ports:
      - "14250:14250"
      - "8082:16686"
    networks:
      - redis-net
    user: '1001'
    read_only: true
    cap_drop:
      - ALL
 networks:
  redis-net:
--- a/docker/docker-entrypoint.sh
+++ b/docker/docker-entrypoint.sh
@ -1,6 +0,0 @@
 #!/bin/sh
 set -e
 set -- vmpooler "$@"
 exec "$@"
--- a/docs/API-v3.md
+++ b/docs/API-v3.md
@ -12,6 +12,30 @@
 vmpooler provides a REST API for VM management.  The following examples use `curl` for communication.
 ## Major change in V3 versus V2
 The api/v1 and api/v2 endpoints have been removed. Additionally, the generic api endpoint that reroutes to a versioned endpoint has been removed.
 The api/v3 endpoint removes the deprecated "domain" key returned in some of the operations like getting a VM, etc. If there is a "domain" configured in the top level configuration or for a specific provider,
 the hostname now returns an FQDN including that domain. That is to say, we can now have multiple, different domains for each pool instead of only a single domain for all pools, or a domain restricted to a particular provider.
 Clients using some of the direct API paths (without specifying api/v1 or api/v2) will now now need to specify the versioned endpoint (api/v3).
 ## Major change in V2 versus V1
 The api/v2 endpoint removes a separate "domain" key returned in some of the operations like getting a VM, etc. If there is a "domain" configured in the top level configuration or for a specific provider,
 the hostname now returns an FQDN including that domain. That is to say, we can now have multiple, different domains for each provider instead of only one.
 Clients using some of the direct API paths (without specifying api/v1 or api/v2) will still be redirected to v1, but this behavior is notw deprecated and will be changed to v2 in the next major version.
 ### updavig clients from v1 to v2
 Clients need to update their paths to using api/v2 instead of api/v1. Please note the API responses that used to return a "domain" key, will no longer have a separate "domain" key and now return
 the FQDN (includes the domain in the hostname).
 One way to support both v1 and v2 in the client logic is to look for a "domain" and append it to the hostname if it exists (existing v1 behavior). If the "domain" key does not exist, you can use the hostname 
 as is since it is a FQDN (v2 behavor).
 #### Token operations <a name="token"></a>
 Token-based authentication can be used when requesting or modifying VMs.  The `/token` route can be used to create, query, or delete tokens.  See the provided YAML configuration example, [vmpooler.yaml.example](vmpooler.yaml.example), for information on configuring an authentication store to use when performing token operations.
@ -26,7 +50,7 @@ Return codes:
 * 404  when config:auth not found or other error
 ```
-$ curl -u jdoe --url vmpooler.example.com/api/v1/token
+$ curl -u jdoe --url vmpooler.example.com/api/v3/token
 Enter host password for user 'jdoe':
 ```
 ```json
@ -48,7 +72,7 @@ Return codes:
 * 404  when config:auth not found
 ```
-$ curl -X POST -u jdoe --url vmpooler.example.com/api/v1/token
+$ curl -X POST -u jdoe --url vmpooler.example.com/api/v3/token
 Enter host password for user 'jdoe':
 ```
 ```json
@ -67,7 +91,7 @@ Return codes:
 * 404  when config:auth or token not found
 ```
-$ curl --url vmpooler.example.com/api/v1/token/utpg2i2xswor6h8ttjhu3d47z53yy47y
+$ curl --url vmpooler.example.com/api/v3/token/utpg2i2xswor6h8ttjhu3d47z53yy47y
 ```
 ```json
 {
@ -96,7 +120,7 @@ Return codes:
 * 404  when config:auth not found
 ```
-$ curl -X DELETE -u jdoe --url vmpooler.example.com/api/v1/token/utpg2i2xswor6h8ttjhu3d47z53yy47y
+$ curl -X DELETE -u jdoe --url vmpooler.example.com/api/v3/token/utpg2i2xswor6h8ttjhu3d47z53yy47y
 Enter host password for user 'jdoe':
 ```
 ```json
@ -115,7 +139,7 @@ Return codes:
 * 200  OK
 ```
-$ curl --url vmpooler.example.com/api/v1/vm
+$ curl --url vmpooler.example.com/api/v3/vm
 ```
 ```json
 [
@ -136,21 +160,20 @@ Return codes:
 * 503  when the vm failed to allocate a vm, or the pool is empty
 ```
-$ curl -d '{"debian-7-i386":"2","debian-7-x86_64":"1"}' --url vmpooler.example.com/api/v1/vm
+$ curl -d '{"debian-7-i386":"2","debian-7-x86_64":"1"}' --url vmpooler.example.com/api/v3/vm
 ```
 ```json
 {
  "ok": true,
  "debian-7-i386": {
    "hostname": [
-      "o41xtodlvnvu5cw",
+      "o41xtodlvnvu5cw.example.com",
-      "khirruvwfjlmx3y"
+      "khirruvwfjlmx3y.example.com"
    ]
  },
  "debian-7-x86_64": {
-    "hostname": "y91qbrpbfj6d13q"
+    "hostname": "y91qbrpbfj6d13q.example.com"
-  },
+  }
  "domain": "example.com"
 }
 ```
@ -166,22 +189,21 @@ Return codes:
 * 503  when the vm failed to allocate a vm, or the pool is empty
 ```
-$ curl -d --url vmpooler.example.com/api/v1/vm/debian-7-i386
+$ curl -d --url vmpooler.example.com/api/v3/vm/debian-7-i386
 ```
 ```json
 {
  "ok": true,
  "debian-7-i386": {
-    "hostname": "fq6qlpjlsskycq6"
+    "hostname": "fq6qlpjlsskycq6.example.com"
-  },
+  }
  "domain": "example.com"
 }
 ```
 Multiple VMs can be requested by using multiple query parameters in the URL:
 ```
-$ curl -d --url vmpooler.example.com/api/v1/vm/debian-7-i386+debian-7-i386+debian-7-x86_64
+$ curl -d --url vmpooler.example.com/api/v3/vm/debian-7-i386+debian-7-i386+debian-7-x86_64
 ```
 ```json
@ -189,14 +211,13 @@ $ curl -d --url vmpooler.example.com/api/v1/vm/debian-7-i386+debian-7-i386+debia
  "ok": true,
  "debian-7-i386": {
    "hostname": [
-      "sc0o4xqtodlul5w",
+      "sc0o4xqtodlul5w.example.com",
-      "4m4dkhqiufnjmxy"
+      "4m4dkhqiufnjmxy.example.com"
    ]
  },
  "debian-7-x86_64": {
-    "hostname": "zb91y9qbrbf6d3q"
+    "hostname": "zb91y9qbrbf6d3q.example.com"
-  },
+  }
  "domain": "example.com"
 }
 ```
@ -211,7 +232,7 @@ Return codes:
 * 404  when requesting an invalid VM hostname
 ```
-$ curl --url vmpooler.example.com/api/v1/vm/pxpmtoonx7fiqg6
+$ curl --url vmpooler.example.com/api/v3/vm/pxpmtoonx7fiqg6
 ```
 ```json
 {
@ -227,7 +248,6 @@ $ curl --url vmpooler.example.com/api/v1/vm/pxpmtoonx7fiqg6
      "user": "jdoe"
    },
    "ip": "192.168.0.1",
    "domain": "example.com",
    "host": "host1.example.com",
    "migrated": "true"
  }
@ -256,7 +276,7 @@ Return codes:
 * 400  when supplied PUT parameters fail validation
 ```
-$ curl -X PUT -d '{"lifetime":"2"}' --url vmpooler.example.com/api/v1/vm/fq6qlpjlsskycq6
+$ curl -X PUT -d '{"lifetime":"2"}' --url vmpooler.example.com/api/v3/vm/fq6qlpjlsskycq6
 ```
 ```json
 {
@ -265,7 +285,7 @@ $ curl -X PUT -d '{"lifetime":"2"}' --url vmpooler.example.com/api/v1/vm/fq6qlpj
 ```
 ```
-$ curl -X PUT -d '{"tags":{"department":"engineering","user":"jdoe"}}' --url vmpooler.example.com/api/v1/vm/fq6qlpjlsskycq6
+$ curl -X PUT -d '{"tags":{"department":"engineering","user":"jdoe"}}' --url vmpooler.example.com/api/v3/vm/fq6qlpjlsskycq6
 ```
 ```json
 {
@ -283,7 +303,7 @@ Return codes:
 * 404  when requesting an invalid VM hostname
 ```
-$ curl -X DELETE --url vmpooler.example.com/api/v1/vm/fq6qlpjlsskycq6
+$ curl -X DELETE --url vmpooler.example.com/api/v3/vm/fq6qlpjlsskycq6
 ```
 ```json
 {
@ -303,7 +323,7 @@ Return codes:
 * 404  when requesting an invalid VM hostname or size is not an integer
 ````
-$ curl -X POST -H X-AUTH-TOKEN:a9znth9dn01t416hrguu56ze37t790bl --url vmpooler.example.com/api/v1/vm/fq6qlpjlsskycq6/disk/8
+$ curl -X POST -H X-AUTH-TOKEN:a9znth9dn01t416hrguu56ze37t790bl --url vmpooler.example.com/api/v3/vm/fq6qlpjlsskycq6/disk/8
 ````
 ````json
 {
@ -317,7 +337,7 @@ $ curl -X POST -H X-AUTH-TOKEN:a9znth9dn01t416hrguu56ze37t790bl --url vmpooler.e
 Provisioning and attaching disks can take a moment, but once the task completes it will be reflected in a `GET /vm/<hostname>` query:
 ````
-$ curl --url vmpooler.example.com/api/v1/vm/fq6qlpjlsskycq6
+$ curl --url vmpooler.example.com/api/v3/vm/fq6qlpjlsskycq6
 ````
 ````json
 {
@ -329,8 +349,7 @@ $ curl --url vmpooler.example.com/api/v1/vm/fq6qlpjlsskycq6
    "state": "running",
    "disk": [
      "+8gb"
-    ],
+    ]
    "domain": "delivery.puppetlabs.net"
  }
 }
@ -348,7 +367,7 @@ Return codes:
 * 404  when requesting an invalid VM hostname
 ````
-$ curl -X POST -H X-AUTH-TOKEN:a9znth9dn01t416hrguu56ze37t790bl --url vmpooler.example.com/api/v1/vm/fq6qlpjlsskycq6/snapshot
+$ curl -X POST -H X-AUTH-TOKEN:a9znth9dn01t416hrguu56ze37t790bl --url vmpooler.example.com/api/v3/vm/fq6qlpjlsskycq6/snapshot
 ````
 ````json
 {
@ -362,7 +381,7 @@ $ curl -X POST -H X-AUTH-TOKEN:a9znth9dn01t416hrguu56ze37t790bl --url vmpooler.e
 Snapshotting a live VM can take a moment, but once the snapshot task completes it will be reflected in a `GET /vm/<hostname>` query:
 ````
-$ curl --url vmpooler.example.com/api/v1/vm/fq6qlpjlsskycq6
+$ curl --url vmpooler.example.com/api/v3/vm/fq6qlpjlsskycq6
 ````
 ````json
 {
@ -374,8 +393,7 @@ $ curl --url vmpooler.example.com/api/v1/vm/fq6qlpjlsskycq6
    "state": "running",
    "snapshots": [
      "n4eb4kdtp7rwv4x158366vd9jhac8btq"
-    ],
+    ]
    "domain": "delivery.puppetlabs.net"
  }
 }
 ````
@ -390,7 +408,7 @@ Return codes:
 * 404  when requesting an invalid VM hostname or snapshot is not valid
 ````
-$ curl X POST -H X-AUTH-TOKEN:a9znth9dn01t416hrguu56ze37t790bl --url vmpooler.example.com/api/v1/vm/fq6qlpjlsskycq6/snapshot/n4eb4kdtp7rwv4x158366vd9jhac8btq
+$ curl X POST -H X-AUTH-TOKEN:a9znth9dn01t416hrguu56ze37t790bl --url vmpooler.example.com/api/v3/vm/fq6qlpjlsskycq6/snapshot/n4eb4kdtp7rwv4x158366vd9jhac8btq
 ````
 ````json
 {
@ -405,7 +423,7 @@ $ curl X POST -H X-AUTH-TOKEN:a9znth9dn01t416hrguu56ze37t790bl --url vmpooler.ex
 A "live" status endpoint, representing the current state of the service.
 ```
-$ curl --url vmpooler.example.com/api/v1/status
+$ curl --url vmpooler.example.com/api/v3/status
 ```
 ```json
 {
@ -457,7 +475,7 @@ The top level sections are: "capacity", "queue", "clone", "boot", "pools" and "s
 If the query parameter 'view' is provided, it will be used to select which top level
 element to compute and return. Select them by specifying which one you want in a comma 
 separated list.
-For example `vmpooler.example.com/api/v1/status?view=capacity,boot`
+For example `vmpooler.example.com/api/v3/status?view=capacity,boot`
 ##### GET /summary[?from=YYYY-MM-DD[&to=YYYY-MM-DD]]
@ -474,7 +492,7 @@ Return codes:
 ```
-$ curl --url vmpooler.example.com/api/v1/summary
+$ curl --url vmpooler.example.com/api/v3/summary
 ```
 ```json
 {
@ -566,7 +584,7 @@ $ curl --url vmpooler.example.com/api/v1/summary
 ```
-$ curl -G -d 'from=2015-03-10' -d 'to=2015-03-11' --url vmpooler.example.com/api/v1/summary
+$ curl -G -d 'from=2015-03-10' -d 'to=2015-03-11' --url vmpooler.example.com/api/v3/summary
 ```
 ```json
 {
@ -630,9 +648,9 @@ $ curl -G -d 'from=2015-03-10' -d 'to=2015-03-11' --url vmpooler.example.com/api
 ```
 You can also query only the specific top level section you want by including it after `summary/`.
-The valid sections are "boot", "clone" or "tag" eg. `vmpooler.example.com/api/v1/summary/boot/`.
+The valid sections are "boot", "clone" or "tag" eg. `vmpooler.example.com/api/v3/summary/boot/`.
 You can further drill-down the data by specifying the second level parameter to query eg
-`vmpooler.example.com/api/v1/summary/tag/created_by`
+`vmpooler.example.com/api/v3/summary/tag/created_by`
 ##### GET /poolstat?pool=FOO
@ -644,7 +662,7 @@ Return codes
 * 200  OK 
 ```
-$ curl https://vmpooler.example.com/api/v1/poolstat?pool=centos-6-x86_64
+$ curl https://vmpooler.example.com/api/v3/poolstat?pool=centos-6-x86_64
 ```
 ```json
 {
@ -669,7 +687,7 @@ Return codes
 * 200  OK 
 ```
-$ curl https://vmpooler.example.com/api/v1/totalrunning
+$ curl https://vmpooler.example.com/api/v3/totalrunning
 ```
 ```json
@ -691,7 +709,7 @@ Return codes
 * 400  No configuration found  
 ```
-$ curl https://vmpooler.example.com/api/v1/config
+$ curl https://vmpooler.example.com/api/v3/config
 ```
 ```json
 {
@ -735,7 +753,7 @@ Responses:
 * 404 - An unknown error occurred
 * 405 - The endpoint is disabled because experimental features are disabled
 ```
-$ curl -X POST -H "Content-Type: application/json" -d '{"debian-7-i386":"2","debian-7-x86_64":"1"}' --url https://vmpooler.example.com/api/v1/config/poolsize
+$ curl -X POST -H "Content-Type: application/json" -d '{"debian-7-i386":"2","debian-7-x86_64":"1"}' --url https://vmpooler.example.com/api/v3/config/poolsize
 ```
 ```json
 {
@ -743,6 +761,28 @@ $ curl -X POST -H "Content-Type: application/json" -d '{"debian-7-i386":"2","deb
 }
 ```
 ##### DELETE /config/poolsize/&lt;pool&gt;
 Delete an overridden pool size. This results in the values from VMPooler's config being used.
 Return codes:
 * 200 - when nothing was changed but no error occurred
 * 201 - size reset successful
 * 401 - when not authorized
 * 404 - pool does not exist
 * 405 - The endpoint is disabled because experimental features are disabled
 ```
 $ curl -X DELETE -u jdoe --url vmpooler.example.com/api/v3/poolsize/almalinux-8-x86_64
 ```
 ```json
 {
    "ok": true,
    "pool_size_before_overrides": 2,
    "pool_size_before_reset": 4
 }
 ```
 ##### POST /config/pooltemplate
 Change the template configured for a pool, and replenish the pool with instances built from the new template.
@ -767,7 +807,7 @@ Responses:
 * 404 - An unknown error occurred
 * 405 - The endpoint is disabled because experimental features are disabled
 ```
-$ curl -X POST -H "Content-Type: application/json" -d '{"debian-7-i386":"templates/debian-7-i386"}' --url https://vmpooler.example.com/api/v1/config/pooltemplate
+$ curl -X POST -H "Content-Type: application/json" -d '{"debian-7-i386":"templates/debian-7-i386"}' --url https://vmpooler.example.com/api/v3/config/pooltemplate
 ```
 ```json
 {
@ -775,6 +815,28 @@ $ curl -X POST -H "Content-Type: application/json" -d '{"debian-7-i386":"templat
 }
 ```
 ##### DELETE /config/pooltemplate/&lt;pool&gt;
 Delete an overridden pool template. This results in the values from VMPooler's config being used.
 Return codes:
 * 200 - when nothing was changed but no error occurred
 * 201 - template reset successful
 * 401 - when not authorized
 * 404 - pool does not exist
 * 405 - The endpoint is disabled because experimental features are disabled
 ```
 $ curl -X DELETE -u jdoe --url vmpooler.example.com/api/v3/pooltemplate/almalinux-8-x86_64
 ```
 ```json
 {
    "ok": true,
    "template_before_overrides": "templates/almalinux-8-x86_64-0.0.2",
    "template_before_reset": "templates/almalinux-8-x86_64-0.0.3-beta"
 }
 ```
 ##### POST /poolreset
 Clear all pending and ready instances in a pool, and deploy replacements
@ -793,7 +855,7 @@ Responses:
 * 404 - An unknown error occurred
 * 405 - The endpoint is disabled because experimental features are disabled
 ```
-$ curl -X POST -H "Content-Type: application/json" -d '{"debian-7-i386":"1"}' --url https://vmpooler.example.com/api/v1/poolreset
+$ curl -X POST -H "Content-Type: application/json" -d '{"debian-7-i386":"1"}' --url https://vmpooler.example.com/api/v3/poolreset
 ```
 ```json
 {
@ -821,7 +883,7 @@ Responses:
 * 404 - A pool was requested, which is not available in the running configuration, or an unknown error occurred.
 * 409 - A request of the matching ID has already been created
 ```
-$ curl -X POST -H "Content-Type: application/json" -d '{"debian-7-i386":"4"}' --url https://vmpooler.example.com/api/v1/ondemandvm
+$ curl -X POST -H "Content-Type: application/json" -d '{"debian-7-i386":"4"}' --url https://vmpooler.example.com/api/v3/ondemandvm
 ```
 ```json
 {
@ -843,7 +905,7 @@ Responses:
 * 202 - The request is not ready yet
 * 404 - The request can not be found, or an unknown error occurred
 ```
-$ curl https://vmpooler.example.com/api/v1/ondemandvm/e3ff6271-d201-4f31-a315-d17f4e15863a
+$ curl https://vmpooler.example.com/api/v3/ondemandvm/e3ff6271-d201-4f31-a315-d17f4e15863a
 ```
 ```json
 {
@ -883,7 +945,7 @@ Responses:
 * 401 - No auth token provided, or provided auth token is not valid, and auth is enabled
 * 404 - The request can not be found, or an unknown error occurred.
 ```
-$ curl -X DELETE https://vmpooler.example.com/api/v1/ondemandvm/e3ff6271-d201-4f31-a315-d17f4e15863a
+$ curl -X DELETE https://vmpooler.example.com/api/v3/ondemandvm/e3ff6271-d201-4f31-a315-d17f4e15863a
 ```
 ```json
 {
--- a/docs/PROVIDER_API.md
+++ b/docs/PROVIDER_API.md
@ -0,0 +1,100 @@
 # Provider API
 Providers facilitate VMPooler interacting with some other system that can create virtual machines. A single VMPooler instance can utilize one or more providers and can have multiple instances of the same provider. An example of having multiple instances of the same provider is when you need to interact with multiple vCenters from the same VMPooler instance.
 ## Known Providers
 - `vmpooler-provider-vsphere` provides the ability to use VMware as a source of VMs. Its code can be found in the [puppetlabs/vmpooler-provider-vsphere](https://github.com/puppetlabs/vmpooler-provider-vsphere) repository.
 Know of others? Please submit a pull request to update this list or reach out to us on the Puppet community Slack.
 Want to create a new one? See below!
 ## Create a new provider gem from scratch
 ### Requirements
 1. the provider code will need to be in lib/vmpooler/providers directory of your gem regardless of your gem name
 2. the main provider code file should be named the same at the name of the provider. For example, the `vpshere` provider's main file is `lib/vmpooler/providers/vsphere.rb`.
 3. The gem must be installed on the same machine as VMPooler
 4. The provider name must be referenced in the VMPooler config file in order for it to be loaded.
 5. Your gem name and repository name should be `vmpooler-provider-<provider name>` so the community can easily search provider plugins.
 The resulting directory structure should resemble this:
 ```bash
 lib/
 ├── vmpooler/
 │   └── providers/
 │       └── <provider name>.rb
 └── vmpooler-provider-<provider name>/
    └── version.rb
 ```
 ### 1. Use bundler to create the provider scaffolding
 ```bash
 bundler gem --test=rspec --no-exe --no-ext vmpooler-provider-spoof
 cd vmpooler-providers-spoof/
 mkdir -p ./lib/vmpooler/providers
 touch ./lib/vmpooler/providers/spoof.rb
 mkdir ./lib/vmpooler-providers-spoof
 touch ./lib/vmpooler-providers-spoof/version.rb
 ```
 There may be some boilerplate files generated, just delete those.
 ### 2. Create the main provider file
 Ensure the main provider file uses the following code.
 ```ruby
 # lib/vmpooler/providers/spoof.rb
 require 'yaml'
 require 'vmpooler/providers/base'
 module Vmpooler
  class PoolManager
    class Provider
      class Spoof < Vmpooler::PoolManager::Provider::Base
        # At this time it is not documented which methods should be implemented
        # have a look at the https://github.com/puppetlabs/vmpooler-provider-vsphere
        #for an example
      end
    end
  end
 end
 ```
 ### 3. Create the version file
 Ensure you have a version file similar this:
 ```ruby
 # frozen_string_literal: true
 # lib/vmpooler-provider-vsphere/version.rb 
 module VmpoolerProviderSpoof
  VERSION = '1.0.0'
 end
 ```
 ### 4. Fill out your gemspec
 Ensure you fill out your gemspec file to your specifications.  If you need a dependency, please make sure you require it.
 `spec.add_dependency "foo", "~> 1.15"`.
 At a minimum you may want to add the `vmpooler` gem as a dev dependency so you can use it during testing.
 `spec.add_dev_dependency "vmpooler", "~> 2.0"`
 Also make sure this dependency can be loaded by JRuby.  If the dependency cannot be used by JRuby don't use it.
 ### 5. Create some tests
 Your provider code should be tested before releasing. Copy and refactor some tests from the `vmpooler` gem under `spec/unit/providers/dummy_spec.rb`.
 ### 6. Publish
 Think your provider gem is good enough for others?  Publish it and tell us on Slack or update this doc with a link to your gem.
--- a/docs/README.md
+++ b/docs/README.md
@ -1,5 +0,0 @@
 # Documentation for vmpooler
 * [Setting up a Development Environment](dev-setup.md)
 * [API Documentation](API.md)
--- a/docs/configuration.md
+++ b/docs/configuration.md
@ -19,11 +19,6 @@ Provide the entire configuration as a blob of yaml. Individual parameters passed
 Path to a the file to use when loading the vmpooler configuration. This is only evaluated if `VMPOOLER_CONFIG` has not been specified.
 ### DOMAIN
 If set, returns a top-level 'domain' JSON key in POST requests
 (optional)
 ### REDIS\_SERVER
 The redis server to use for vmpooler.
@ -170,9 +165,12 @@ This can also be set per pool.
 ### PURGE\_UNCONFIGURED\_FOLDERS
-Enable purging of VMs and folders detected within the base folder path that are not configured for the provider
+Deprecated, see PURGE\_UNCONFIGURED\_RESOURCES
-Only a single layer of folders and their child VMs are evaluated from detected base folder paths
+
-A base folder path for 'vmpooler/redhat-7' would be 'vmpooler'
+### PURGE\_UNCONFIGURED\_RESOURCES
 Enable purging of VMs (and other resources) detected within the provider that are not explicitly configured.
 Implementation is provider-dependent
 When enabled in the global configuration then purging is enabled for all providers
 Expects a boolean value
 (optional; default: false)
@ -248,6 +246,18 @@ This can be a string providing a single DN. For multiple DNs please specify the
 The LDAP object-type used to designate a user object.
 (optional)
 ### LDAP\_SERVICE_ACCOUNT\_HASH
 A hash containing the following parameters for a service account to perform the
 initial bind. After the initial bind, then a search query is performed using the
 'base' and 'user_object', then re-binds as the returned user.
 - :user_dn: The full distinguished name (DN) of the service account used to bind.
 - :password: The password for the service account used to bind.
 (optional)
 ### SITE\_NAME
 The name of your deployment.
--- a/docs/dev-setup.md
+++ b/docs/dev-setup.md
@ -1,236 +0,0 @@
 # Setting up a vmpooler development environment
 ## Docker is the preferred development environment
 The docker compose file is the easiest way to get vmpooler running with any local code changes. The docker compose file expects to find a vmpooler.yaml configuration file in the root vmpooler directory. The file is mapped into the running container for the vmpooler application. This file primarily contains the pools configuration. Nearly all other configuration can be supplied with environment variables.
 ## Requirements for local installation directly on your system (not recommended)
 * Supported on OSX, Windows and Linux
 * Ruby or JRuby
  Note - It is recommended to user Bundler instead of installing gems into the system repository
 * A local Redis server
  Either a containerized instance of Redis or a local version is fine.
 ## Setup source and ruby
 * Clone repository, either from your own fork or the original source
 * Perform a bundle install
 ```
 ~/ > git clone https://github.com/puppetlabs/vmpooler.git
 Cloning into 'vmpooler'...
 remote: Counting objects: 3411, done.
 ...
 ~/ > cd vmpooler
 ~/vmpooler/ > bundle install
 Fetching gem metadata from https://rubygems.org/.........
 Fetching version metadata from https://rubygems.org/..
 Resolving dependencies...
 Installing rake 12.0.0
 ...
 Bundle complete! 16 Gemfile dependencies, 37 gems now installed.
 ```
 ## Setup environment variables
 ### `VMPOOLER_DEBUG`
 Setting the `VMPOOLER_DEBUG` environment variable will instruct vmpooler to:
 * Output log messages to STDOUT
 * Allow the use of the dummy authentication method
 * Add interrupt traps so you can stop vmpooler when run interactively
 Linux, OSX
 ```bash
 ~/vmpooler/ > export VMPOOLER_DEBUG=true
 ```
 Windows (PowerShell)
 ```powershell
 C:\vmpooler > $ENV:VMPOOLER_DEBUG = 'true'
 ```
 ### `VMPOOLER_CONFIG`
 When `VMPOOLER_CONFIG` is set, vmpooler will read its configuration from the content of the environment variable.
 Note that this variable does not point to a different configuration file, but stores the contents of a configuration file. You may use `VMPOOLER_CONFIG_FILE` instead to specify a filename.
 ### `VMPOOLER_CONFIG_FILE`
 When `VMPOOLER_CONFIG_FILE` is set, vmpooler will read its configuration from the file specified in the environment variable.
 Note that this variable points to a different configuration file, unlike `VMPOOLER_CONFIG`.
 ## Setup vmpooler Configuration
 You can create a `vmpooler.yaml` file, set the `VMPOOLER_CONFIG` environment variable with the equivalent content, or set the `VMPOOLER_CONFIG_FILE` environment variable with the name of another configuration file to use. `VMPOOLER_CONFIG` takes precedence over `VMPOOLER_CONFIG_FILE`.
 Example minimal configuration file:
 ```yaml
 ---
 :providers:
  :dummy:
 :redis:
  server: 'localhost'
 :auth:
   provider: dummy
 :tagfilter:
  url: '(.*)\/'
 :config:
  site_name: 'vmpooler'
  # Need to change this on Windows
  logfile: '/var/log/vmpooler.log'
  task_limit: 10
  timeout: 15
  vm_lifetime: 12
  vm_lifetime_auth: 24
  allowed_tags:
    - 'created_by'
    - 'project'
  domain: 'example.com'
  prefix: 'poolvm-'
 # Uncomment the lines below to suppress metrics to STDOUT
 # :statsd:
 #   server: 'localhost'
 #   prefix: 'vmpooler'
 #   port: 8125
 :pools:
  - name: 'pool01'
    size: 5
    provider: dummy
  - name: 'pool02'
    size: 5
    provider: dummy
 ```
 ## Running vmpooler locally
 * Run `bundle exec ruby vmpooler`
  If using JRuby, you may need to use `bundle exec jruby vmpooler`
 You should see output similar to:
 ```
 ~/vmpooler/ > bundle exec ruby vmpooler
 [2017-06-16 14:50:31] starting vmpooler
 [2017-06-16 14:50:31] [!] Creating provider 'dummy'
 [2017-06-16 14:50:31] [dummy] ConnPool - Creating a connection pool of size 1 with timeout 10
 [2017-06-16 14:50:31] [*] [disk_manager] starting worker thread
 [2017-06-16 14:50:31] [*] [snapshot_manager] starting worker thread
 [2017-06-16 14:50:31] [*] [pool01] starting worker thread
 [2017-06-16 14:50:31] [*] [pool02] starting worker thread
 [2017-06-16 14:50:31] [dummy] ConnPool - Creating a connection object ID 1784
 == Sinatra (v1.4.8) has taken the stage on 4567 for production with backup from Puma
 *** SIGUSR2 not implemented, signal based restart unavailable!
 *** SIGUSR1 not implemented, signal based restart unavailable!
 *** SIGHUP not implemented, signal based logs reopening unavailable!
 Puma starting in single mode...
 * Version 3.9.1 (ruby 2.3.1-p112), codename: Private Caller
 * Min threads: 0, max threads: 16
 * Environment: development
 * Listening on tcp://0.0.0.0:4567
 Use Ctrl-C to stop
 [2017-06-16 14:50:31] [!] [pool02] is empty
 [2017-06-16 14:50:31] [!] [pool01] is empty
 [2017-06-16 14:50:31] [ ] [pool02] Starting to clone 'poolvm-nexs1w50m4djap5'
 [2017-06-16 14:50:31] [ ] [pool01] Starting to clone 'poolvm-r543eibo4b6tjer'
 [2017-06-16 14:50:31] [ ] [pool01] Starting to clone 'poolvm-neqmu7wj7aukyjy'
 [2017-06-16 14:50:31] [ ] [pool02] Starting to clone 'poolvm-nsdnrhhy22lnemo'
 [2017-06-16 14:50:31] [ ] [pool01] 'poolvm-r543eibo4b6tjer' is being cloned from ''
 [2017-06-16 14:50:31] [ ] [pool01] 'poolvm-neqmu7wj7aukyjy' is being cloned from ''
 [2017-06-16 14:50:31] [ ] [pool02] 'poolvm-nexs1w50m4djap5' is being cloned from ''
 [2017-06-16 14:50:31] [ ] [pool01] Starting to clone 'poolvm-edzlp954lyiozli'
 [2017-06-16 14:50:31] [ ] [pool01] Starting to clone 'poolvm-nb0uci0yrwbxr6x'
 [2017-06-16 14:50:31] [ ] [pool02] Starting to clone 'poolvm-y2yxgnovaneymvy'
 [2017-06-16 14:50:31] [ ] [pool01] Starting to clone 'poolvm-nur59d25s1y8jko'
 ...
 ```
 ### Common Errors
 * Forget to set VMPOOLER_DEBUG environment variable
 vmpooler will fail to start with an error similar to below
 ```
 ~/vmpooler/ > bundle exec ruby vmpooler
 ~/vmpooler/lib/vmpooler.rb:44:in `config': Dummy authentication should not be used outside of debug mode; please set environment variable VMPOOLER_DEBUG to 'true' if you want to use dummy authentication (RuntimeError)
        from vmpooler:8:in `<main>'
 ...
 ```
 * Error in vmpooler configuration
 If there is an error in the vmpooler configuration file, or any other fatal error in the Pool Manager, vmpooler will appear to be running but no log information is displayed.  This is due to the error not being displayed until you press `Ctrl-C` and then suddenly you can see the cause of the issue.
 For example, when running vmpooler on Windows, but with a unix style filename for the vmpooler log
 ```powershell
 C:\vmpooler > bundle exec ruby vmpooler
 [2017-06-16 14:49:57] starting vmpooler
 == Sinatra (v1.4.8) has taken the stage on 4567 for production with backup from Puma
 *** SIGUSR2 not implemented, signal based restart unavailable!
 *** SIGUSR1 not implemented, signal based restart unavailable!
 *** SIGHUP not implemented, signal based logs reopening unavailable!
 Puma starting in single mode...
 * Version 3.9.1 (ruby 2.3.1-p112), codename: Private Caller
 * Min threads: 0, max threads: 16
 * Environment: development
 * Listening on tcp://0.0.0.0:4567
 Use Ctrl-C to stop
 # [ NOTHING ELSE IS LOGGED ]
 ```
 Once `Ctrl-C` is pressed the error is shown
 ```powershell
 ...
 == Sinatra has ended his set (crowd applauds)
 Shutting down.
 C:/tools/ruby2.3.1x64/lib/ruby/2.3.0/open-uri.rb:37:in `initialize': No such file or directory @ rb_sysopen - /var/log/vmpooler.log (Errno::ENOENT)
        from C:/tools/ruby2.3.1x64/lib/ruby/2.3.0/open-uri.rb:37:in `open'
        from C:/tools/ruby2.3.1x64/lib/ruby/2.3.0/open-uri.rb:37:in `open'
        from C:/vmpooler/lib/vmpooler/logger.rb:17:in `log'
        from C:/vmpooler/lib/vmpooler/pool_manager.rb:709:in `execute!'
        from vmpooler:26:in `block in <main>'
 ```
 ## Default vmpooler URLs
 | Endpoint  | URL                                                                  |
 |-----------|----------------------------------------------------------------------|
 | Dashboard | [http://localhost:4567/dashboard/](http://localhost:4567/dashboard/) |
 | API       | [http://localhost:4567/api/v1]([http://localhost:4567/api/v1)        |
 ## Use the vmpooler API locally
 Once a local vmpooler instance is running you can use any tool you need to interact with the API.  The dummy authentication provider will allow a user to connect if the username and password are not the same:
 * Authentication is successful for username `Alice` with password `foo`
 * Authentication will fail for username `Alice` with password `Alice`
 Like normal vmpooler, tokens will be created for the user and can be used for regular vmpooler operations.
--- a/docs/vagrant.md
+++ b/docs/vagrant.md
@ -1,45 +0,0 @@
 A [Vagrantfile](Vagrantfile) is also included in this repository so that you dont have to run Docker on your local computer.
 To use it run:
 ```
 vagrant up
 vagrant ssh
 docker run -p 8080:4567 -v /vagrant/vmpooler.yaml.example:/var/lib/vmpooler/vmpooler.yaml -it --rm --name pooler vmpooler
 ```
 To run vmpooler with the example dummy provider you can replace the above docker command with this:
 ```
 docker run -e VMPOOLER_DEBUG=true -p 8080:4567 -v /vagrant/vmpooler.yaml.dummy-example:/var/lib/vmpooler/vmpooler.yaml -e VMPOOLER_LOG='/var/log/vmpooler/vmpooler.log' -it --rm --name pooler vmpooler
 ```
 Either variation will allow you to access the dashboard from [localhost:8080](http://localhost:8080/).
 ### Running directly in Vagrant
 You can also run vmpooler directly in the Vagrant box. To do so run this:
 ```
 vagrant up
 vagrant ssh
 cd /vagrant
 # Do this if using the dummy provider
 export VMPOOLER_DEBUG=true
 cp vmpooler.yaml.dummy-example vmpooler.yaml
 # vmpooler needs a redis server.
 sudo yum -y install redis
 sudo systemctl start redis
 # Optional: Choose your ruby version or use jruby
 # ruby 2.4.x is used by default
 rvm list
 rvm use jruby-9.1.7.0
 gem install bundler
 bundle install
 bundle exec ruby vmpooler
 ```
 When run this way you can access vmpooler from your local computer via [localhost:4567](http://localhost:4567/).
--- a/examples/vmpooler.yaml.dummy-example.aliasedpools
+++ b/examples/vmpooler.yaml.dummy-example.aliasedpools
@ -17,15 +17,20 @@
  logfile: '/Users/samuel/workspace/vmpooler/vmpooler.log'
  task_limit: 10
  timeout: 15
  timeout_notification: 5
  vm_checktime: 1
  vm_lifetime: 12
  vm_lifetime_auth: 24
  allowed_tags:
    - 'created_by'
    - 'project'
  domain: 'example.com'
  prefix: 'poolvm-'
 :dns_configs:
  :example:
    dns_class: dynamic-dns
    domain: 'example.com'
 :pools:
  - name: 'debian-7-i386'
    alias: [ 'debian-7-32' ]
@ -34,8 +39,10 @@
    datastore: 'vmstorage'
    size: 5
    timeout: 15
    timeout_notification: 5
    ready_ttl: 1440
    provider: dummy
    dns_plugin: 'example'
  - name: 'debian-7-i386-stringalias'
    alias: 'debian-7-32-stringalias'
    template: 'Templates/debian-7-i386'
@ -43,8 +50,10 @@
    datastore: 'vmstorage'
    size: 5
    timeout: 15
    timeout_notification: 5
    ready_ttl: 1440
    provider: dummy
    dns_plugin: 'example'
  - name: 'debian-7-x86_64'
    alias: [ 'debian-7-64', 'debian-7-amd64' ]
    template: 'Templates/debian-7-x86_64'
@ -52,16 +61,20 @@
    datastore: 'vmstorage'
    size: 5
    timeout: 15
    timeout_notification: 5
    ready_ttl: 1440
    provider: dummy
    dns_plugin: 'example'
  - name: 'debian-7-i386-noalias'
    template: 'Templates/debian-7-i386'
    folder: 'Pooled VMs/debian-7-i386'
    datastore: 'vmstorage'
    size: 5
    timeout: 15
    timeout_notification: 5
    ready_ttl: 1440
    provider: dummy
    dns_plugin: 'example'
  - name: 'debian-7-x86_64-alias-otherpool-extended'
    alias: [ 'debian-7-x86_64' ]
    template: 'Templates/debian-7-x86_64'
@ -69,6 +82,7 @@
    datastore: 'other-vmstorage'
    size: 5
    timeout: 15
    timeout_notification: 5
    ready_ttl: 1440
    provider: dummy
-
+    dns_plugin: 'example'
--- a/lib/vmpooler.rb
+++ b/lib/vmpooler.rb
@ -3,11 +3,11 @@
 module Vmpooler
  require 'concurrent'
  require 'date'
  require 'deep_merge'
  require 'json'
  require 'net/ldap'
  require 'open-uri'
  require 'pickup'
  require 'rbvmomi'
  require 'redis'
  require 'set'
  require 'sinatra/base'
@ -17,6 +17,7 @@ module Vmpooler
  # Dependencies for tracing
  require 'opentelemetry-instrumentation-concurrent_ruby'
  require 'opentelemetry-instrumentation-http_client'
  require 'opentelemetry-instrumentation-redis'
  require 'opentelemetry-instrumentation-sinatra'
  require 'opentelemetry-sdk'
@ -32,8 +33,8 @@ module Vmpooler
    if ENV['VMPOOLER_CONFIG']
      config_string = ENV['VMPOOLER_CONFIG']
      # Parse the YAML config into a Hash
-      # Whitelist the Symbol class
+      # Allow the Symbol class
-      parsed_config = YAML.safe_load(config_string, [Symbol])
+      parsed_config = YAML.safe_load(config_string, permitted_classes: [Symbol])
    else
      # Take the name of the config file either from an ENV variable or from the filepath argument
      config_file = ENV['VMPOOLER_CONFIG_FILE'] || filepath
@ -42,8 +43,9 @@ module Vmpooler
      if parsed_config[:config]['extra_config']
        extra_configs = parsed_config[:config]['extra_config'].split(',')
        extra_configs.each do |config|
          puts "loading extra_config file #{config}"
          extra_config = YAML.load_file(config)
-          parsed_config.merge!(extra_config)
+          parsed_config.deep_merge(extra_config)
        end
      end
    end
@ -74,18 +76,25 @@ module Vmpooler
    parsed_config[:config]['prefix']                             = ENV['PREFIX'] || parsed_config[:config]['prefix'] || ''
    parsed_config[:config]['logfile']                            = ENV['LOGFILE'] if ENV['LOGFILE']
    parsed_config[:config]['site_name']                          = ENV['SITE_NAME'] if ENV['SITE_NAME']
-    parsed_config[:config]['domain']                             = ENV['DOMAIN'] if ENV['DOMAIN']
+    if !parsed_config[:config]['domain'].nil? || !ENV['DOMAIN'].nil?
      puts '[!] [error] The "domain" config setting has been removed in v3. Please see the docs for migrating the domain config to use a dns plugin at https://github.com/puppetlabs/vmpooler/blob/main/README.md#migrating-to-v3'
      exit 1
    end
    parsed_config[:config]['clone_target']                       = ENV['CLONE_TARGET'] if ENV['CLONE_TARGET']
    parsed_config[:config]['timeout']                            = string_to_int(ENV['TIMEOUT']) if ENV['TIMEOUT']
    parsed_config[:config]['timeout_notification']               = string_to_int(ENV['TIMEOUT_NOTIFICATION']) if ENV['TIMEOUT_NOTIFICATION']
    parsed_config[:config]['vm_lifetime_auth']                   = string_to_int(ENV['VM_LIFETIME_AUTH']) if ENV['VM_LIFETIME_AUTH']
    parsed_config[:config]['max_tries']                          = string_to_int(ENV['MAX_TRIES']) if ENV['MAX_TRIES']
    parsed_config[:config]['retry_factor']                       = string_to_int(ENV['RETRY_FACTOR']) if ENV['RETRY_FACTOR']
    parsed_config[:config]['create_folders']                     = true?(ENV['CREATE_FOLDERS']) if ENV['CREATE_FOLDERS']
    parsed_config[:config]['experimental_features']              = ENV['EXPERIMENTAL_FEATURES'] if ENV['EXPERIMENTAL_FEATURES']
    parsed_config[:config]['purge_unconfigured_folders']         = ENV['PURGE_UNCONFIGURED_FOLDERS'] if ENV['PURGE_UNCONFIGURED_FOLDERS']
    parsed_config[:config]['usage_stats']                        = ENV['USAGE_STATS'] if ENV['USAGE_STATS']
    parsed_config[:config]['request_logger']                     = ENV['REQUEST_LOGGER'] if ENV['REQUEST_LOGGER']
    parsed_config[:config]['create_template_delta_disks']        = ENV['CREATE_TEMPLATE_DELTA_DISKS'] if ENV['CREATE_TEMPLATE_DELTA_DISKS']
    parsed_config[:config]['purge_unconfigured_resources']       = ENV['PURGE_UNCONFIGURED_RESOURCES'] if ENV['PURGE_UNCONFIGURED_RESOURCES']
    parsed_config[:config]['purge_unconfigured_resources']       = ENV['PURGE_UNCONFIGURED_FOLDERS'] if ENV['PURGE_UNCONFIGURED_FOLDERS']
    # ENV PURGE_UNCONFIGURED_FOLDERS deprecated, will be removed in version 3
    puts '[!] [deprecation] rename ENV var \'PURGE_UNCONFIGURED_FOLDERS\' to \'PURGE_UNCONFIGURED_RESOURCES\'' if ENV['PURGE_UNCONFIGURED_FOLDERS']
    set_linked_clone(parsed_config)
    parsed_config[:redis]                            = parsed_config[:redis] || {}
@ -95,7 +104,7 @@ module Vmpooler
    parsed_config[:redis]['data_ttl']                = string_to_int(ENV['REDIS_DATA_TTL']) || parsed_config[:redis]['data_ttl'] || 168
    parsed_config[:redis]['connection_pool_size']    = string_to_int(ENV['REDIS_CONNECTION_POOL_SIZE']) || parsed_config[:redis]['connection_pool_size'] || 10
    parsed_config[:redis]['connection_pool_timeout'] = string_to_int(ENV['REDIS_CONNECTION_POOL_TIMEOUT']) || parsed_config[:redis]['connection_pool_timeout'] || 5
-    parsed_config[:redis]['reconnect_attempts']      = string_to_int(ENV['REDIS_RECONNECT_ATTEMPTS']) || parsed_config[:redis]['reconnect_attempts'] || 10
+    parsed_config[:redis]['reconnect_attempts']      = string_array_to_array(ENV['REDIS_RECONNECT_ATTEMPTS']) || parsed_config[:redis]['reconnect_attempts'] || 10
    parsed_config[:statsd]           = parsed_config[:statsd] || {} if ENV['STATSD_SERVER']
    parsed_config[:statsd]['server'] = ENV['STATSD_SERVER'] if ENV['STATSD_SERVER']
@ -119,17 +128,32 @@ module Vmpooler
      parsed_config[:auth][:ldap]['port']        = string_to_int(ENV['LDAP_PORT']) if ENV['LDAP_PORT']
      parsed_config[:auth][:ldap]['base']        = ENV['LDAP_BASE'] if ENV['LDAP_BASE']
      parsed_config[:auth][:ldap]['user_object'] = ENV['LDAP_USER_OBJECT'] if ENV['LDAP_USER_OBJECT']
      if parsed_config[:auth]['provider'] == 'ldap' && parsed_config[:auth][:ldap].key?('encryption')
        parsed_config[:auth][:ldap]['encryption'] = parsed_config[:auth][:ldap]['encryption']
      elsif parsed_config[:auth]['provider'] == 'ldap'
        parsed_config[:auth][:ldap]['encryption'] = {}
      end
    end
    # Create an index of pool aliases
    parsed_config[:pool_names] = Set.new
    unless parsed_config[:pools]
      puts 'loading pools configuration from redis, since the config[:pools] is empty'
      redis = new_redis(parsed_config[:redis]['server'], parsed_config[:redis]['port'], parsed_config[:redis]['password'])
      parsed_config[:pools] = load_pools_from_redis(redis)
    end
    # Marshal.dump is paired with Marshal.load to create a copy that has its own memory space
    # so that each can be edited independently
    # rubocop:disable Security/MarshalLoad
    # retain a copy of the pools that were observed at startup
    serialized_pools = Marshal.dump(parsed_config[:pools])
    parsed_config[:pools_at_startup] = Marshal.load(serialized_pools)
    # Create an index of pools by title
    parsed_config[:pool_index] = pool_index(parsed_config[:pools])
    # rubocop:enable Security/MarshalLoad
    parsed_config[:pools].each do |pool|
      parsed_config[:pool_names] << pool['name']
@ -186,8 +210,13 @@ module Vmpooler
  end
  def self.new_redis(host = 'localhost', port = nil, password = nil, redis_reconnect_attempts = 10)
-    Redis.new(host: host, port: port, password: password, reconnect_attempts: redis_reconnect_attempts, reconnect_delay: 1.5,
+    Redis.new(
-              reconnect_delay_max: 10.0)
+      host: host,
      port: port,
      password: password,
      reconnect_attempts: redis_reconnect_attempts,
      connect_timeout: 300
    )
  end
  def self.pools(conf)
@ -212,6 +241,13 @@ module Vmpooler
    Integer(s)
  end
  def self.string_array_to_array(s)
    # Returns an array from an array like string
    return if s.nil?
    JSON.parse(s)
  end
  def self.true?(obj)
    obj.to_s.downcase == 'true'
  end
@ -236,18 +272,19 @@ module Vmpooler
    if tracing_enabled.eql?('false')
      puts "Exporting of traces has been disabled so the span processor has been se to a 'NoopSpanExporter'"
      span_processor = OpenTelemetry::SDK::Trace::Export::BatchSpanProcessor.new(
-        exporter: OpenTelemetry::SDK::Trace::Export::NoopSpanExporter.new
+        OpenTelemetry::SDK::Trace::Export::NoopSpanExporter.new
      )
    else
      puts "Exporting of traces will be done over HTTP in binary Thrift format to #{tracing_jaeger_host}"
      span_processor = OpenTelemetry::SDK::Trace::Export::BatchSpanProcessor.new(
-        exporter: OpenTelemetry::Exporter::Jaeger::CollectorExporter.new(endpoint: tracing_jaeger_host)
+        OpenTelemetry::Exporter::Jaeger::CollectorExporter.new(endpoint: tracing_jaeger_host)
      )
    end
    OpenTelemetry::SDK.configure do |c|
      c.use 'OpenTelemetry::Instrumentation::Sinatra'
      c.use 'OpenTelemetry::Instrumentation::ConcurrentRuby'
      c.use 'OpenTelemetry::Instrumentation::HttpClient'
      c.use 'OpenTelemetry::Instrumentation::Redis'
      c.add_span_processor(span_processor)
--- a/lib/vmpooler/api.rb
+++ b/lib/vmpooler/api.rb
@ -3,7 +3,7 @@
 module Vmpooler
  class API < Sinatra::Base
    # Load API components
-    %w[helpers dashboard reroute v1 request_logger healthcheck].each do |lib|
+    %w[helpers dashboard v3 request_logger healthcheck].each do |lib|
      require "vmpooler/api/#{lib}"
    end
    # Load dashboard components
@ -52,8 +52,7 @@ module Vmpooler
        use Vmpooler::Dashboard
        use Vmpooler::API::Dashboard
-        use Vmpooler::API::Reroute
+        use Vmpooler::API::V3
        use Vmpooler::API::V1
      end
      # Get thee started O WebServer
--- a/lib/vmpooler/api/helpers.rb
+++ b/lib/vmpooler/api/helpers.rb
@ -1,24 +1,34 @@
 # frozen_string_literal: true
 require 'vmpooler/api/input_validator'
 module Vmpooler
  class API
    module Helpers
      include InputValidator
      def tracer
        @tracer ||= OpenTelemetry.tracer_provider.tracer('api', Vmpooler::VERSION)
      end
      def has_token?
        request.env['HTTP_X_AUTH_TOKEN'].nil? ? false : true
      end
      def valid_token?(backend)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          return false unless has_token?
          backend.exists?("vmpooler__token__#{request.env['HTTP_X_AUTH_TOKEN']}") ? true : false
        end
      end
      def validate_token(backend)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          if valid_token?(backend)
-          backend.hset("vmpooler__token__#{request.env['HTTP_X_AUTH_TOKEN']}", 'last', Time.now)
+            backend.hset("vmpooler__token__#{request.env['HTTP_X_AUTH_TOKEN']}", 'last', Time.now.to_s)
            return true
          end
@ -30,8 +40,10 @@ module Vmpooler
          headers['WWW-Authenticate'] = 'Basic realm="Authentication required"'
          halt 401, JSON.pretty_generate(result)
        end
      end
      def validate_auth(backend)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          return if authorized?
          content_type :json
@ -41,8 +53,10 @@ module Vmpooler
          headers['WWW-Authenticate'] = 'Basic realm="Authentication required"'
          halt 401, JSON.pretty_generate(result)
        end
      end
      def authorized?
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          @auth ||= Rack::Auth::Basic::Request.new(request.env)
          if @auth.provided? and @auth.basic? and @auth.credentials
@ -55,29 +69,62 @@ module Vmpooler
          return false
        end
      end
      def authenticate_ldap(port, host, encryption_hash, user_object, base, username_str, password_str, service_account_hash = nil)
        tracer.in_span(
          "Vmpooler::API::Helpers.#{__method__}",
          attributes: {
            'net.peer.name' => host,
            'net.peer.port' => port,
            'net.transport' => 'ip_tcp',
            'enduser.id' => username_str
          },
          kind: :client
        ) do
          if service_account_hash
            username = service_account_hash[:user_dn]
            password = service_account_hash[:password]
          else
            username = "#{user_object}=#{username_str},#{base}"
            password = password_str
          end
      def authenticate_ldap(port, host, user_object, base, username_str, password_str)
          ldap = Net::LDAP.new(
            :host => host,
            :port => port,
-          :encryption => {
+            :encryption => encryption_hash,
            :method => :start_tls,
            :tls_options => { :ssl_version => 'TLSv1' }
          },
            :base => base,
            :auth => {
              :method => :simple,
-            :username => "#{user_object}=#{username_str},#{base}",
+              :username => username,
-            :password => password_str
+              :password => password
            }
          )
-        return true if ldap.bind
+          if service_account_hash
-
+            return true if ldap.bind_as(
              :base => base,
              :filter => "(#{user_object}=#{username_str})",
              :password => password_str
            )
          elsif ldap.bind
            return true
          else
            return false
          end
          return false
        end
      end
      def authenticate(auth, username_str, password_str)
        tracer.in_span(
          "Vmpooler::API::Helpers.#{__method__}",
          attributes: {
            'enduser.id' => username_str
          }
        ) do
          case auth['provider']
          when 'dummy'
            return (username_str != password_str)
@ -86,6 +133,11 @@ module Vmpooler
            ldap_port = auth[:ldap]['port'] || 389
            ldap_user_obj = auth[:ldap]['user_object']
            ldap_host = auth[:ldap]['host']
            ldap_encryption_hash = auth[:ldap]['encryption'] || {
              :method => :start_tls,
              :tls_options => { :ssl_version => 'TLSv1' }
            }
            service_account_hash = auth[:ldap]['service_account_hash']
            unless ldap_base.is_a? Array
              ldap_base = ldap_base.split
@ -100,10 +152,12 @@ module Vmpooler
                result = authenticate_ldap(
                  ldap_port,
                  ldap_host,
                  ldap_encryption_hash,
                  search_user_obj,
                  search_base,
                  username_str,
-                password_str
+                  password_str,
                  service_account_hash
                )
                return true if result
              end
@ -112,19 +166,23 @@ module Vmpooler
            return false
          end
        end
      end
      def export_tags(backend, hostname, tags)
-        backend.pipelined do
+        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          backend.pipelined do |pipeline|
            tags.each_pair do |tag, value|
              next if value.nil? or value.empty?
-            backend.hset("vmpooler__vm__#{hostname}", "tag:#{tag}", value)
+              pipeline.hset("vmpooler__vm__#{hostname}", "tag:#{tag}", value)
-            backend.hset("vmpooler__tag__#{Date.today}", "#{hostname}:#{tag}", value)
+              pipeline.hset("vmpooler__tag__#{Date.today}", "#{hostname}:#{tag}", value)
            end
          end
        end
      end
      def filter_tags(tags)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          return unless Vmpooler::API.settings.config[:tagfilter]
          tags.each_pair do |tag, value|
@ -135,6 +193,7 @@ module Vmpooler
          tags
        end
      end
      def mean(list)
        s = list.map(&:to_f).reduce(:+).to_f
@ -145,40 +204,41 @@ module Vmpooler
        /^\d{4}-\d{2}-\d{2}$/ === date_str
      end
-      def hostname_shorten(hostname, domain=nil)
+      def hostname_shorten(hostname)
-        if domain && hostname =~ /^[\w-]+\.#{domain}$/
+        hostname[/[^.]+/]
          hostname = hostname[/[^.]+/]
        end
        hostname
      end
      def get_task_times(backend, task, date_str)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          backend.hvals("vmpooler__#{task}__" + date_str).map(&:to_f)
        end
      end
      # Takes the pools and a key to run scard on
      # returns an integer for the total count
      def get_total_across_pools_redis_scard(pools, key, backend)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          # using pipelined is much faster than querying each of the pools and adding them
          # as we get the result.
-        res = backend.pipelined do
+          res = backend.pipelined do |pipeline|
            pools.each do |pool|
-            backend.scard(key + pool['name'])
+              pipeline.scard(key + pool['name'])
            end
          end
          res.inject(0) { |m, x| m + x }.to_i
        end
      end
      # Takes the pools and a key to run scard on
      # returns a hash with each pool name as key and the value being the count as integer
      def get_list_across_pools_redis_scard(pools, key, backend)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          # using pipelined is much faster than querying each of the pools and adding them
          # as we get the result.
          temp_hash = {}
-        res = backend.pipelined do
+          res = backend.pipelined do |pipeline|
            pools.each do |pool|
-            backend.scard(key + pool['name'])
+              pipeline.scard(key + pool['name'])
            end
          end
          pools.each_with_index do |pool, i|
@ -186,16 +246,18 @@ module Vmpooler
          end
          temp_hash
        end
      end
      # Takes the pools and a key to run hget on
      # returns a hash with each pool name as key and the value as string
      def get_list_across_pools_redis_hget(pools, key, backend)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          # using pipelined is much faster than querying each of the pools and adding them
          # as we get the result.
          temp_hash = {}
-        res = backend.pipelined do
+          res = backend.pipelined do |pipeline|
            pools.each do |pool|
-            backend.hget(key, pool['name'])
+              pipeline.hget(key, pool['name'])
            end
          end
          pools.each_with_index do |pool, i|
@ -203,8 +265,10 @@ module Vmpooler
          end
          temp_hash
        end
      end
      def get_capacity_metrics(pools, backend)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          capacity = {
              current: 0,
              total: 0,
@ -223,9 +287,12 @@ module Vmpooler
          capacity
        end
      end
      def get_queue_metrics(pools, backend)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          queue = {
              requested: 0,
              pending: 0,
              cloning: 0,
              booting: 0,
@ -235,20 +302,42 @@ module Vmpooler
              total: 0
          }
-        queue[:pending]   = get_total_across_pools_redis_scard(pools, 'vmpooler__pending__', backend)
+          # Use a single pipeline to fetch all queue counts at once for better performance
-        queue[:ready]     = get_total_across_pools_redis_scard(pools, 'vmpooler__ready__', backend)
+          results = backend.pipelined do |pipeline|
-        queue[:running]   = get_total_across_pools_redis_scard(pools, 'vmpooler__running__', backend)
+            # Order matters - we'll use indices to extract values
-        queue[:completed] = get_total_across_pools_redis_scard(pools, 'vmpooler__completed__', backend)
+            pools.each do |pool|
              pipeline.scard("vmpooler__provisioning__request#{pool['name']}")    # 0..n-1
              pipeline.scard("vmpooler__provisioning__processing#{pool['name']}") # n..2n-1
              pipeline.scard("vmpooler__odcreate__task#{pool['name']}")           # 2n..3n-1
              pipeline.scard("vmpooler__pending__#{pool['name']}")                # 3n..4n-1
              pipeline.scard("vmpooler__ready__#{pool['name']}")                  # 4n..5n-1
              pipeline.scard("vmpooler__running__#{pool['name']}")                # 5n..6n-1
              pipeline.scard("vmpooler__completed__#{pool['name']}")              # 6n..7n-1
            end
            pipeline.get('vmpooler__tasks__clone')           # 7n
            pipeline.get('vmpooler__tasks__ondemandclone')   # 7n+1
          end
-        queue[:cloning] = backend.get('vmpooler__tasks__clone').to_i + backend.get('vmpooler__tasks__ondemandclone').to_i
+          n = pools.length
          # Safely extract results with default to empty array if slice returns nil
          queue[:requested] = (results[0...n] || []).sum(&:to_i) +
                              (results[n...(2 * n)] || []).sum(&:to_i) +
                              (results[(2 * n)...(3 * n)] || []).sum(&:to_i)
          queue[:pending]   = (results[(3 * n)...(4 * n)] || []).sum(&:to_i)
          queue[:ready]     = (results[(4 * n)...(5 * n)] || []).sum(&:to_i)
          queue[:running]   = (results[(5 * n)...(6 * n)] || []).sum(&:to_i)
          queue[:completed] = (results[(6 * n)...(7 * n)] || []).sum(&:to_i)
          queue[:cloning]   = (results[7 * n] || 0).to_i + (results[7 * n + 1] || 0).to_i
          queue[:booting]   = queue[:pending].to_i - queue[:cloning].to_i
          queue[:booting]   = 0 if queue[:booting] < 0
-        queue[:total]   = queue[:pending].to_i + queue[:ready].to_i + queue[:running].to_i + queue[:completed].to_i
+          queue[:total]     = queue[:requested] + queue[:pending].to_i + queue[:ready].to_i + queue[:running].to_i + queue[:completed].to_i
          queue
        end
      end
      def get_tag_metrics(backend, date_str, opts = {})
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          opts = {:only => false}.merge(opts)
          tags = {}
@ -273,8 +362,10 @@ module Vmpooler
          tags
        end
      end
      def get_tag_summary(backend, from_date, to_date, opts = {})
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          opts = {:only => false}.merge(opts)
          result = {
@ -303,8 +394,10 @@ module Vmpooler
          result
        end
      end
      def get_task_metrics(backend, task_str, date_str, opts = {})
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          opts = {:bypool => false, :only => false}.merge(opts)
          task = {
@ -369,8 +462,10 @@ module Vmpooler
          task
        end
      end
      def get_task_summary(backend, task_str, from_date, to_date, opts = {})
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          opts = {:bypool => false, :only => false}.merge(opts)
          task_sym = task_str.to_sym
@ -450,6 +545,7 @@ module Vmpooler
          result
        end
      end
      def pool_index(pools)
        pools_hash = {}
@ -462,12 +558,14 @@ module Vmpooler
      end
      def template_ready?(pool, backend)
        tracer.in_span("Vmpooler::API::Helpers.#{__method__}") do
          prepared_template = backend.hget('vmpooler__template__prepared', pool['name'])
          return false if prepared_template.nil?
          return true if pool['template'] == prepared_template
          return false
        end
      end
      def is_integer?(x)
        Integer(x)
@ -477,10 +575,19 @@ module Vmpooler
      end
      def open_socket(host, domain = nil, timeout = 1, port = 22, &_block)
-        Timeout.timeout(timeout) do
+        tracer.in_span(
          "Vmpooler::API::Helpers.#{__method__}",
          attributes: {
            'net.peer.port' => port,
            'net.transport' => 'ip_tcp'
          },
          kind: :client
        ) do
          target_host = host
          target_host = "#{host}.#{domain}" if domain
-          sock = TCPSocket.new target_host, port
+          span = OpenTelemetry::Trace.current_span
          span.set_attribute('net.peer.name', target_host)
          sock = TCPSocket.new(target_host, port, connect_timeout: timeout)
          begin
            yield sock if block_given?
          ensure
@ -488,16 +595,6 @@ module Vmpooler
          end
        end
      end
      def vm_ready?(vm_name, domain = nil)
        begin
          open_socket(vm_name, domain)
        rescue StandardError => _e
          return false
        end
        true
      end
    end
  end
 end
--- a/lib/vmpooler/api/input_validator.rb
+++ b/lib/vmpooler/api/input_validator.rb
@ -0,0 +1,159 @@
 # frozen_string_literal: true
 module Vmpooler
  class API
    # Input validation helpers to enhance security
    module InputValidator
      # Maximum lengths to prevent abuse
      MAX_HOSTNAME_LENGTH = 253
      MAX_TAG_KEY_LENGTH = 50
      MAX_TAG_VALUE_LENGTH = 255
      MAX_REASON_LENGTH = 500
      MAX_POOL_NAME_LENGTH = 100
      MAX_TOKEN_LENGTH = 64
      # Valid patterns
      HOSTNAME_PATTERN = /\A[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?(\.[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)* \z/ix.freeze
      POOL_NAME_PATTERN = /\A[a-zA-Z0-9_-]+\z/.freeze
      TAG_KEY_PATTERN = /\A[a-zA-Z0-9_\-.]+\z/.freeze
      TOKEN_PATTERN = /\A[a-zA-Z0-9\-_]+\z/.freeze
      INTEGER_PATTERN = /\A\d+\z/.freeze
      class ValidationError < StandardError; end
      # Validate hostname format and length
      def validate_hostname(hostname)
        return error_response('Hostname is required') if hostname.nil? || hostname.empty?
        return error_response('Hostname too long') if hostname.length > MAX_HOSTNAME_LENGTH
        return error_response('Invalid hostname format') unless hostname.match?(HOSTNAME_PATTERN)
        true
      end
      # Validate pool/template name
      def validate_pool_name(pool_name)
        return error_response('Pool name is required') if pool_name.nil? || pool_name.empty?
        return error_response('Pool name too long') if pool_name.length > MAX_POOL_NAME_LENGTH
        return error_response('Invalid pool name format') unless pool_name.match?(POOL_NAME_PATTERN)
        true
      end
      # Validate tag key and value
      def validate_tag(key, value)
        return error_response('Tag key is required') if key.nil? || key.empty?
        return error_response('Tag key too long') if key.length > MAX_TAG_KEY_LENGTH
        return error_response('Invalid tag key format') unless key.match?(TAG_KEY_PATTERN)
        if value
          return error_response('Tag value too long') if value.length > MAX_TAG_VALUE_LENGTH
          # Sanitize value to prevent injection attacks
          sanitized_value = value.gsub(/[^\w\s\-.@:\/]/, '')
          return error_response('Tag value contains invalid characters') if sanitized_value != value
        end
        true
      end
      # Validate token format
      def validate_token_format(token)
        return error_response('Token is required') if token.nil? || token.empty?
        return error_response('Token too long') if token.length > MAX_TOKEN_LENGTH
        return error_response('Invalid token format') unless token.match?(TOKEN_PATTERN)
        true
      end
      # Validate integer parameter
      def validate_integer(value, name = 'value', min: nil, max: nil)
        return error_response("#{name} is required") if value.nil?
        value_str = value.to_s
        return error_response("#{name} must be a valid integer") unless value_str.match?(INTEGER_PATTERN)
        int_value = value.to_i
        return error_response("#{name} must be at least #{min}") if min && int_value < min
        return error_response("#{name} must be at most #{max}") if max && int_value > max
        int_value
      end
      # Validate VM request count
      def validate_vm_count(count)
        validated = validate_integer(count, 'VM count', min: 1, max: 100)
        return validated if validated.is_a?(Hash) # error response
        validated
      end
      # Validate disk size
      def validate_disk_size(size)
        validated = validate_integer(size, 'Disk size', min: 1, max: 2048)
        return validated if validated.is_a?(Hash) # error response
        validated
      end
      # Validate lifetime (TTL) in hours
      def validate_lifetime(lifetime)
        validated = validate_integer(lifetime, 'Lifetime', min: 1, max: 168) # max 1 week
        return validated if validated.is_a?(Hash) # error response
        validated
      end
      # Validate reason text
      def validate_reason(reason)
        return true if reason.nil? || reason.empty?
        return error_response('Reason too long') if reason.length > MAX_REASON_LENGTH
        # Sanitize to prevent XSS/injection
        sanitized = reason.gsub(/[<>"']/, '')
        return error_response('Reason contains invalid characters') if sanitized != reason
        true
      end
      # Sanitize JSON body to prevent injection
      def sanitize_json_body(body)
        return {} if body.nil? || body.empty?
        begin
          parsed = JSON.parse(body)
          return error_response('Request body must be a JSON object') unless parsed.is_a?(Hash)
          # Limit depth and size to prevent DoS
          return error_response('Request body too complex') if json_depth(parsed) > 5
          return error_response('Request body too large') if body.length > 10_240 # 10KB max
          parsed
        rescue JSON::ParserError => e
          error_response("Invalid JSON: #{e.message}")
        end
      end
      # Check if validation result is an error
      def validation_error?(result)
        result.is_a?(Hash) && result['ok'] == false
      end
      private
      def error_response(message)
        { 'ok' => false, 'error' => message }
      end
      def json_depth(obj, depth = 0)
        return depth unless obj.is_a?(Hash) || obj.is_a?(Array)
        return depth + 1 if obj.empty?
        if obj.is_a?(Hash)
          depth + 1 + obj.values.map { |v| json_depth(v, 0) }.max
        else
          depth + 1 + obj.map { |v| json_depth(v, 0) }.max
        end
      end
    end
  end
 end
--- a/lib/vmpooler/api/rate_limiter.rb
+++ b/lib/vmpooler/api/rate_limiter.rb
@ -0,0 +1,116 @@
 # frozen_string_literal: true
 module Vmpooler
  class API
    # Rate limiter middleware to protect against abuse
    # Uses Redis to track request counts per IP and token
    class RateLimiter
      DEFAULT_LIMITS = {
        global_per_ip: { limit: 100, period: 60 }, # 100 requests per minute per IP
        authenticated: { limit: 500, period: 60 }, # 500 requests per minute with token
        vm_creation: { limit: 20, period: 60 },    # 20 VM creations per minute
        vm_deletion: { limit: 50, period: 60 }     # 50 VM deletions per minute
      }.freeze
      def initialize(app, redis, config = {})
        @app = app
        @redis = redis
        @config = DEFAULT_LIMITS.merge(config[:rate_limits] || {})
        @enabled = config.fetch(:rate_limiting_enabled, true)
      end
      def call(env)
        return @app.call(env) unless @enabled
        request = Rack::Request.new(env)
        client_id = identify_client(request)
        endpoint_type = classify_endpoint(request)
        # Check rate limits
        return rate_limit_response(client_id, endpoint_type) if rate_limit_exceeded?(client_id, endpoint_type, request)
        # Track the request
        increment_request_count(client_id, endpoint_type)
        @app.call(env)
      end
      private
      def identify_client(request)
        # Prioritize token-based identification for authenticated requests
        token = request.env['HTTP_X_AUTH_TOKEN']
        return "token:#{token}" if token && !token.empty?
        # Fall back to IP address
        ip = request.ip || request.env['REMOTE_ADDR'] || 'unknown'
        "ip:#{ip}"
      end
      def classify_endpoint(request)
        path = request.path
        method = request.request_method
        return :vm_creation if method == 'POST' && path.include?('/vm')
        return :vm_deletion if method == 'DELETE' && path.include?('/vm')
        return :authenticated if request.env['HTTP_X_AUTH_TOKEN']
        :global_per_ip
      end
      def rate_limit_exceeded?(client_id, endpoint_type, _request)
        limit_config = @config[endpoint_type] || @config[:global_per_ip]
        key = "vmpooler__ratelimit__#{endpoint_type}__#{client_id}"
        current_count = @redis.get(key).to_i
        current_count >= limit_config[:limit]
      rescue StandardError => e
        # If Redis fails, allow the request through (fail open)
        warn "Rate limiter Redis error: #{e.message}"
        false
      end
      def increment_request_count(client_id, endpoint_type)
        limit_config = @config[endpoint_type] || @config[:global_per_ip]
        key = "vmpooler__ratelimit__#{endpoint_type}__#{client_id}"
        @redis.pipelined do |pipeline|
          pipeline.incr(key)
          pipeline.expire(key, limit_config[:period])
        end
      rescue StandardError => e
        # Log error but don't fail the request
        warn "Rate limiter increment error: #{e.message}"
      end
      def rate_limit_response(client_id, endpoint_type)
        limit_config = @config[endpoint_type] || @config[:global_per_ip]
        key = "vmpooler__ratelimit__#{endpoint_type}__#{client_id}"
        begin
          ttl = @redis.ttl(key)
        rescue StandardError
          ttl = limit_config[:period]
        end
        headers = {
          'Content-Type' => 'application/json',
          'X-RateLimit-Limit' => limit_config[:limit].to_s,
          'X-RateLimit-Remaining' => '0',
          'X-RateLimit-Reset' => (Time.now.to_i + ttl).to_s,
          'Retry-After' => ttl.to_s
        }
        body = JSON.pretty_generate({
                                      'ok' => false,
                                      'error' => 'Rate limit exceeded',
                                      'limit' => limit_config[:limit],
                                      'period' => limit_config[:period],
                                      'retry_after' => ttl
                                    })
        [429, headers, [body]]
      end
    end
  end
 end
--- a/lib/vmpooler/api/reroute.rb
+++ b/lib/vmpooler/api/reroute.rb
@ -1,73 +0,0 @@
 # frozen_string_literal: true
 module Vmpooler
  class API
    class Reroute < Sinatra::Base
      api_version = '1'
      get '/status/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/status")
      end
      get '/summary/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/summary")
      end
      get '/summary/:route/?:key?/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/summary/#{params[:route]}/#{params[:key]}")
      end
      get '/token/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/token")
      end
      post '/token/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/token")
      end
      get '/token/:token/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/token/#{params[:token]}")
      end
      delete '/token/:token/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/token/#{params[:token]}")
      end
      get '/vm/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/vm")
      end
      post '/vm/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/vm")
      end
      post '/vm/:template/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/vm/#{params[:template]}")
      end
      get '/vm/:hostname/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/vm/#{params[:hostname]}")
      end
      delete '/vm/:hostname/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/vm/#{params[:hostname]}")
      end
      put '/vm/:hostname/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/vm/#{params[:hostname]}")
      end
      post '/vm/:hostname/snapshot/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/vm/#{params[:hostname]}/snapshot")
      end
      post '/vm/:hostname/snapshot/:snapshot/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/vm/#{params[:hostname]}/snapshot/#{params[:snapshot]}")
      end
      put '/vm/:hostname/disk/:size/?' do
        call env.merge('PATH_INFO' => "/api/v#{api_version}/vm/#{params[:hostname]}/disk/#{params[:size]}")
      end
    end
  end
 end
--- a/lib/vmpooler/api/v1.rb
+++ b/lib/vmpooler/api/v1.rb
--- a/lib/vmpooler/api/v3.rb
+++ b/lib/vmpooler/api/v3.rb
--- a/lib/vmpooler/dns.rb
+++ b/lib/vmpooler/dns.rb
@ -0,0 +1,91 @@
 # frozen_string_literal: true
 require 'pathname'
 module Vmpooler
  class Dns
    # Load one or more VMPooler DNS plugin gems by name
    #
    # @param names [Array<String>] The list of gem names to load
    def self.load_by_name(names)
      names = Array(names)
      instance = new
      names.map { |name| instance.load_from_gems(name) }.flatten
    end
    # Returns the plugin class for the specified dns config by name
    #
    # @param config [Object] The entire VMPooler config object
    # @param name [Symbol] The name of the dns config key to get the dns class
    # @return [String] The plugin class for the specifid dns config
    def self.get_dns_plugin_class_by_name(config, name)
      dns_configs = config[:dns_configs].keys
      plugin_class = ''
      dns_configs.map do |dns_config_name|
        plugin_class = config[:dns_configs][dns_config_name]['dns_class'] if dns_config_name.to_s == name
      end
      plugin_class
    end
    # Returns the domain for the specified pool
    #
    # @param config [String] - the full config structure
    # @param pool_name [String] - the name of the pool
    # @return [String] - domain name for pool, which is set via reference to the dns_configs block
    def self.get_domain_for_pool(config, pool_name)
      pool = config[:pools].find { |p| p['name'] == pool_name }
      pool_dns_config = pool['dns_plugin']
      dns_configs = config[:dns_configs].keys
      dns_configs.map do |dns_config_name|
        return config[:dns_configs][dns_config_name]['domain'] if dns_config_name.to_s == pool_dns_config
      end
    end
    # Returns the plugin domain for the specified dns config by name
    #
    # @param config [Object] The entire VMPooler config object
    # @param name [Symbol] The name of the dns config key to get the dns domain
    # @return [String] The domain for the specifid dns config
    def self.get_dns_plugin_domain_by_name(config, name)
      dns_configs = config[:dns_configs].keys
      dns_configs.map do |dns_config_name|
        return config[:dns_configs][dns_config_name]['domain'] if dns_config_name.to_s == name
      end
    end
    # Returns a list of DNS plugin classes specified in the vmpooler configuration
    #
    # @param config [Object] The entire VMPooler config object
    # @return nil || [Array<String>] A list of DNS plugin classes
    def self.get_dns_plugin_config_classes(config)
      return nil unless config[:dns_configs]
      dns_configs = config[:dns_configs].keys
      dns_plugins = dns_configs.map do |dns_config_name|
        if config[:dns_configs][dns_config_name] && config[:dns_configs][dns_config_name]['dns_class']
          config[:dns_configs][dns_config_name]['dns_class'].to_s
        else
          dns_config_name.to_s
        end
      end.compact.uniq
      # dynamic-dns is not actually a class, it's just used as a value to denote
      # that dynamic dns is used so no loading or record management is needed
      dns_plugins.delete('dynamic-dns')
      dns_plugins
    end
    # Load a single DNS plugin gem by name
    #
    # @param name [String] The name of the DNS plugin gem to load
    # @return [String] The full require path to the specified gem
    def load_from_gems(name = nil)
      require_path = "vmpooler/dns/#{name.gsub('-', '/')}"
      require require_path
      require_path
    end
  end
 end
--- a/lib/vmpooler/dns/base.rb
+++ b/lib/vmpooler/dns/base.rb
@ -0,0 +1,81 @@
 # frozen_string_literal: true
 module Vmpooler
  class PoolManager
    class Dns
      class Base
        # These defs must be overidden in child classes
        # Helper Methods
        # Global Logger object
        attr_reader :logger
        # Global Metrics object
        attr_reader :metrics
        # Provider options passed in during initialization
        attr_reader :dns_options
        def initialize(config, logger, metrics, redis_connection_pool, name, options)
          @config = config
          @logger = logger
          @metrics = metrics
          @redis = redis_connection_pool
          @dns_plugin_name = name
          @dns_options = options
          logger.log('s', "[!] Creating dns plugin '#{name}'")
        end
        def pool_config(pool_name)
          # Get the configuration of a specific pool
          @config[:pools].each do |pool|
            return pool if pool['name'] == pool_name
          end
          nil
        end
        # Returns this dns plugin's configuration
        #
        # @returns [Hashtable] This dns plugins's configuration from the config file.  Returns nil if the dns plugin config does not exist
        def dns_config
          @config[:dns_configs].each do |dns|
            # Convert the symbol from the config into a string for comparison
            return (dns[1].nil? ? {} : dns[1]) if dns[0].to_s == @dns_plugin_name
          end
          nil
        end
        def global_config
          # This entire VM Pooler config
          @config
        end
        def name
          @dns_plugin_name
        end
        def get_ip(vm_name)
          @redis.with_metrics do |redis|
            redis.hget("vmpooler__vm__#{vm_name}", 'ip')
          end
        end
        # returns
        #   Array[String] : Array of pool names this provider services
        def provided_pools
          @config[:pools].select { |pool| pool['dns_config'] == name }.map { |pool| pool['name'] }
        end
        def create_or_replace_record(hostname)
          raise("#{self.class.name} does not implement create_or_replace_record #{hostname}")
        end
        def delete_record(hostname)
          raise("#{self.class.name} does not implement delete_record for #{hostname}")
        end
      end
    end
  end
 end
--- a/lib/vmpooler/metrics/promstats.rb
+++ b/lib/vmpooler/metrics/promstats.rb
@ -165,33 +165,33 @@ module Vmpooler
          },
          user: {
            mtype: M_COUNTER,
-            torun: %i[manager],
+            torun: %i[api],
-            docstring: 'Number of pool instances this user created created',
+            docstring: 'Number of pool instances and the operation performed by a user',
-            param_labels: %i[user poolname]
+            param_labels: %i[user operation poolname]
          },
          usage_litmus: {
            mtype: M_COUNTER,
-            torun: %i[manager],
+            torun: %i[api],
-            docstring: 'Pools by Litmus job usage',
+            docstring: 'Number of pool instances and the operation performed by Litmus jobs',
-            param_labels: %i[user poolname]
+            param_labels: %i[user operation poolname]
          },
          usage_jenkins_instance: {
            mtype: M_COUNTER,
-            torun: %i[manager],
+            torun: %i[api],
-            docstring: 'Pools by Jenkins instance usage',
+            docstring: 'Number of pool instances and the operation performed by Jenkins instances',
-            param_labels: %i[jenkins_instance value_stream poolname]
+            param_labels: %i[jenkins_instance value_stream operation poolname]
          },
          usage_branch_project: {
            mtype: M_COUNTER,
-            torun: %i[manager],
+            torun: %i[api],
-            docstring: 'Pools by branch/project usage',
+            docstring: 'Number of pool instances and the operation performed by Jenkins branch/project',
-            param_labels: %i[branch project poolname]
+            param_labels: %i[branch project operation poolname]
          },
          usage_job_component: {
            mtype: M_COUNTER,
-            torun: %i[manager],
+            torun: %i[api],
-            docstring: 'Pools by job/component usage',
+            docstring: 'Number of pool instances and the operation performed by Jenkins job/component',
-            param_labels: %i[job_name component_to_test poolname]
+            param_labels: %i[job_name component_to_test operation poolname]
          },
          checkout: {
            mtype: M_COUNTER,
@ -329,6 +329,30 @@ module Vmpooler
            buckets: REDIS_CONNECT_BUCKETS,
            docstring: 'vmpooler redis connection wait time',
            param_labels: %i[type provider]
          },
          vmpooler_health: {
            mtype: M_GAUGE,
            torun: %i[manager],
            docstring: 'vmpooler health check metrics',
            param_labels: %i[metric_path]
          },
          vmpooler_purge: {
            mtype: M_GAUGE,
            torun: %i[manager],
            docstring: 'vmpooler purge metrics',
            param_labels: %i[metric_path]
          },
          vmpooler_destroy: {
            mtype: M_GAUGE,
            torun: %i[manager],
            docstring: 'vmpooler destroy metrics',
            param_labels: %i[poolname]
          },
          vmpooler_clone: {
            mtype: M_GAUGE,
            torun: %i[manager],
            docstring: 'vmpooler clone metrics',
            param_labels: %i[poolname]
          }
        }
      end
--- a/lib/vmpooler/pool_manager.rb
+++ b/lib/vmpooler/pool_manager.rb
--- a/lib/vmpooler/providers/base.rb
+++ b/lib/vmpooler/providers/base.rb
@ -58,6 +58,10 @@ module Vmpooler
          nil
        end
        def dns_config(dns_config_name)
          Vmpooler::Dns.get_dns_plugin_domain_by_name(@config, dns_config_name)
        end
        # returns
        #   [Hashtable] : The entire VMPooler configuration
        def global_config
@ -212,6 +216,22 @@ module Vmpooler
          raise("#{self.class.name} does not implement vm_ready?")
        end
        # tag_vm_user This method is called once we know who is using the VM (it is running). This method enables seeing
        # who is using what in the provider pools.
        # This method should be implemented in the providers, if it is not implemented, this base method will be called
        # and should be a noop. The implementation should check if the vm has a user (as per redis) and add a new tag
        # with the information.
        # inputs
        #   [String] pool_name : Name of the pool
        #   [String] vm_name   : Name of the VM to check if ready
        # returns
        #   [Boolean] : true if successful, false if an error occurred and it should retry
        def tag_vm_user(_pool_name, _vm_name)
          # noop by design. If the provider does not implement this method, this base method is called (because inherited)
          # and should basically do nothing.
          true
        end
        # inputs
        #   [String] pool_name : Name of the pool
        #   [String] vm_name   : Name of the VM to check if it exists
@ -226,7 +246,7 @@ module Vmpooler
        # returns
        #   nil when successful. Raises error when encountered
        def create_template_delta_disks(_pool)
-          raise("#{self.class.name} does not implement create_template_delta_disks")
+          puts("#{self.class.name} does not implement create_template_delta_disks")
        end
        # inputs
@ -237,8 +257,19 @@ module Vmpooler
          raise("#{self.class.name} does not implement get_target_datacenter_from_config")
        end
-        def purge_unconfigured_folders(_base_folders, _configured_folders, _whitelist)
+        def purge_unconfigured_resources(_allowlist)
-          raise("#{self.class.name} does not implement purge_unconfigured_folders")
+          raise("#{self.class.name} does not implement purge_unconfigured_resources")
        end
        def get_vm_ip_address(vm_name, pool_name)
          raise("#{self.class.name} does not implement get_vm_ip_address for vm #{vm_name} in pool #{pool_name}")
        end
        # DEPRECATED if a provider does not implement the new method, it will hit this base class method
        # and return a deprecation message
        def purge_unconfigured_folders(_deprecated, _deprecated2, allowlist)
          logger.log('s', '[!] purge_unconfigured_folders was renamed to purge_unconfigured_resources, please update your provider implementation')
          purge_unconfigured_resources(allowlist)
        end
      end
    end
--- a/lib/vmpooler/providers/vsphere.rb
+++ b/lib/vmpooler/providers/vsphere.rb
--- a/lib/vmpooler/public/img/logo.png
+++ b/lib/vmpooler/public/img/logo.png
--- a/lib/vmpooler/public/lib/dashboard.js
+++ b/lib/vmpooler/public/lib/dashboard.js
@ -29,10 +29,10 @@ Date.prototype.yyyymmdd = function() {
 var data_url = {
  'capacity': '/dashboard/stats/vmpooler/pool',
-  'pools'   : '/api/v1/vm',
+  'pools'   : '/api/v3/vm',
  'running' : '/dashboard/stats/vmpooler/running',
-  'status'  : '/api/v1/status',
+  'status'  : '/api/v3/status',
-  'summary' : '/api/v1/summary'
+  'summary' : '/api/v3/summary'
 };
--- a/lib/vmpooler/util/parsing.rb
+++ b/lib/vmpooler/util/parsing.rb
@ -1,6 +1,6 @@
 # frozen_string_literal: true
-# utility class shared between apps
+# utility class shared between apps api and pool_manager
 module Vmpooler
  class Parsing
    def self.get_platform_pool_count(requested, &_block)
--- a/lib/vmpooler/version.rb
+++ b/lib/vmpooler/version.rb
@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Vmpooler
-  VERSION = '1.0.0'
+  VERSION = '3.8.1'
 end
--- a/release-notes.md
+++ b/release-notes.md
@ -0,0 +1,15 @@
 ## [3.8.1](https://github.com/puppetlabs/vmpooler/tree/3.8.1) (2026-01-14)
 [Full Changelog](https://github.com/puppetlabs/vmpooler/compare/3.7.0...3.8.1)
 **Implemented enhancements:**
 - \(P4DEVOPS-9434\) Add rate limiting and input validation security enhancements [\#690](https://github.com/puppetlabs/vmpooler/pull/690) ([mahima-singh](https://github.com/mahima-singh))
 - \(P4DEVOPS-8570\) Add Phase 2 optimizations: status API caching and improved Redis pipelining [\#689](https://github.com/puppetlabs/vmpooler/pull/689) ([mahima-singh](https://github.com/mahima-singh))
 - \(P4DEVOPS-8567\) Add DLQ, auto-purge, and health checks for Redis queues [\#688](https://github.com/puppetlabs/vmpooler/pull/688) ([mahima-singh](https://github.com/mahima-singh))
 - Add retry logic for immediate clone failures [\#687](https://github.com/puppetlabs/vmpooler/pull/687) ([mahima-singh](https://github.com/mahima-singh))
 **Fixed bugs:**
 - \(P4DEVOPS-8567\) Prevent VM allocation for already-deleted request-ids [\#688](https://github.com/puppetlabs/vmpooler/pull/688) ([mahima-singh](https://github.com/mahima-singh))
 - Prevent re-queueing requests already marked as failed [\#687](https://github.com/puppetlabs/vmpooler/pull/687) ([mahima-singh](https://github.com/mahima-singh))
--- a/16
+++ b/16
@ -0,0 +1,16 @@
 #!/usr/bin/env bash
 # The container tag should closely match what is used in `docker/Dockerfile` in vmpooler-deployment
 #
 # Update Gemfile.lock
 docker run -t --rm \
  -v $(pwd):/app \
  jruby:9.4.12.1-jdk11 \
  /bin/bash -c 'apt-get update -qq && apt-get install -y --no-install-recommends git make netbase && cd /app && gem install bundler && bundle install --jobs 3; echo "LOCK_FILE_UPDATE_EXIT_CODE=$?"'
 # Update Changelog
 docker run -t --rm -e CHANGELOG_GITHUB_TOKEN -v $(pwd):/usr/local/src/your-app \
  githubchangeloggenerator/github-changelog-generator:1.16.4 \
  github_changelog_generator --future-release $(grep VERSION lib/vmpooler/version.rb |rev |cut -d "'" -f2 |rev) \
  --token $CHANGELOG_GITHUB_TOKEN --release-branch main
--- a/scripts/create_template_deltas.rb
+++ b/scripts/create_template_deltas.rb
@ -1,98 +0,0 @@
 #!/usr/bin/ruby
 require 'rubygems'
 require 'rbvmomi'
 require 'yaml'
 def load_configuration( file_array )
  file_array.each do |file|
    file = File.expand_path( file )
    if File.exists?( file )
      return YAML.load_file( file )
    end
  end
  return false
 end
 def create_template_deltas( folder )
  config = load_configuration( [ 'vmpooler.yaml', '~/.vmpooler' ] ) || nil
  abort 'No config file (./vmpooler.yaml or ~/.vmpooler) found!' unless config
  vim = RbVmomi::VIM.connect(
    :host     => config[ :providers ][ :vsphere ][ "server" ],
    :user     => config[ :providers ][ :vsphere ][ "username" ],
    :password => config[ :providers ][ :vsphere ][ "password" ],
    :ssl      => true,
    :insecure => true,
  ) or abort "Unable to connect to #{config[ :vsphere ][ "server" ]}!"
  containerView = vim.serviceContent.viewManager.CreateContainerView( {
    :container => vim.serviceContent.rootFolder,
    :recursive => true,
    :type      => [ 'VirtualMachine' ]
  } )
  datacenter = vim.serviceInstance.find_datacenter
  base = datacenter.vmFolder
  case base
    when RbVmomi::VIM::Folder
      base = base.childEntity.find { |f| f.name == folder }
    else
      abort "Unexpected object type encountered (#{base.class}) while finding folder!"
  end
  unless base
    abort "Folder #{ARGV[0]} not found!"
  end
  base.childEntity.each do |vm|
    print vm.name
    begin
      disks = vm.config.hardware.device.grep( RbVmomi::VIM::VirtualDisk )
    rescue
      puts ' !'
      next
    end
    begin
      disks.select { |d| d.backing.parent == nil }.each do |disk|
        linkSpec = {
          :deviceChange => [
            {
              :operation => :remove,
              :device => disk
            },
            {
              :operation => :add,
              :fileOperation => :create,
              :device => disk.dup.tap { |x|
                x.backing = x.backing.dup
                x.backing.fileName = "[#{disk.backing.datastore.name}]"
                x.backing.parent = disk.backing
              }
            }
          ]
        }
        vm.ReconfigVM_Task( :spec => linkSpec ).wait_for_completion
      end
      puts " \u2713"
    rescue
      puts ' !'
    end
  end
  vim.close
 end
 if ARGV[0]
  create_template_deltas( ARGV[0] )
 else
  puts "Usage: #{$0} <folder>"
 end
--- a/spec/fixtures/extra_config1.yaml
+++ b/spec/fixtures/extra_config1.yaml
@ -0,0 +1,4 @@
 ---
 :providers:
  :alice:
    foo: "foo"
--- a/spec/fixtures/extra_config2.yaml
+++ b/spec/fixtures/extra_config2.yaml
@ -0,0 +1,12 @@
 ---
 :providers:
  :bob:
    foo: "foo_bob"
    bar: "bar"
 :pools:
  - name: 'pool05'
    size: 5
    provider: dummy
    dns_plugin: 'example'
    ready_ttl: 5
--- a/spec/fixtures/vmpooler.yaml
+++ b/spec/fixtures/vmpooler.yaml
@ -23,9 +23,13 @@
  allowed_tags:
    - 'created_by'
    - 'project'
  domain: 'example.com'
  prefix: 'poolvm-'
 :dns_configs:
  :example:
    dns_class: dynamic-dns
    domain: 'example.com'
 # Uncomment the lines below to suppress metrics to STDOUT
 # :statsd:
 #   server: 'localhost'
@ -36,8 +40,10 @@
  - name: 'pool01'
    size: 5
    provider: dummy
    dns_plugin: 'example'
    ready_ttl: 5
  - name: 'pool02'
    size: 5
    provider: dummy
    dns_plugin: 'example'
    ready_ttl: 5
--- a/spec/fixtures/vmpooler2.yaml
+++ b/spec/fixtures/vmpooler2.yaml
@ -23,9 +23,13 @@
  allowed_tags:
    - 'created_by'
    - 'project'
  domain: 'example.com'
  prefix: 'poolvm-'
 :dns_configs:
  :example:
    dns_class: dynamic-dns
    domain: 'example.com'
 # Uncomment the lines below to suppress metrics to STDOUT
 # :statsd:
 #   server: 'localhost'
@ -36,8 +40,10 @@
  - name: 'pool03'
    size: 5
    provider: dummy
    dns_plugin: 'example'
    ready_ttl: 5
  - name: 'pool04'
    size: 5
    provider: dummy
    dns_plugin: 'example'
    ready_ttl: 5
--- a/spec/fixtures/vmpooler_domain.yaml
+++ b/spec/fixtures/vmpooler_domain.yaml
@ -0,0 +1,45 @@
 ---
 :providers:
  :dummy:
 :redis:
  server: 'localhost'
 :auth:
   provider: dummy
 :tagfilter:
  url: '(.*)\/'
 :config:
  site_name: 'vmpooler'
  # Need to change this on Windows
  logfile: '/var/log/vmpooler.log'
  task_limit: 10
  timeout: 15
  vm_checktime: 1
  vm_lifetime: 12
  vm_lifetime_auth: 24
  allowed_tags:
    - 'created_by'
    - 'project'
  domain: 'example.com'
  prefix: 'poolvm-'
 # Uncomment the lines below to suppress metrics to STDOUT
 # :statsd:
 #   server: 'localhost'
 #   prefix: 'vmpooler'
 #   port: 8125
 :pools:
  - name: 'pool01'
    size: 5
    provider: dummy
    dns_plugin: 'example'
    ready_ttl: 5
  - name: 'pool02'
    size: 5
    provider: dummy
    dns_plugin: 'example'
    ready_ttl: 5
--- a/spec/helpers.rb
+++ b/spec/helpers.rb
@ -14,6 +14,16 @@ class MockLogger
  end
 end
 class MockPoolManagerDnsBase
  def delete_record(hostname)
  end
  def create_or_replace_record(hostname)
  end
 end
 def expect_json(ok = true, http = 200)
  expect(last_response.header['Content-Type']).to eq('application/json')
--- a/spec/integration/api/v3/config_spec.rb
+++ b/spec/integration/api/v3/config_spec.rb
@ -1,7 +1,7 @@
 require 'spec_helper'
 require 'rack/test'
-describe Vmpooler::API::V1 do
+describe Vmpooler::API::V3 do
  include Rack::Test::Methods
  def app()
@ -26,6 +26,10 @@ describe Vmpooler::API::V1 do
        {'name' => 'pool1', 'size' => 5, 'template' => 'templates/pool1', 'clone_target' => 'default_cluster'},
        {'name' => 'pool2', 'size' => 10}
      ],
      pools_at_startup: [
        {'name' => 'pool1', 'size' => 5, 'template' => 'templates/pool1', 'clone_target' => 'default_cluster'},
        {'name' => 'pool2', 'size' => 10}
      ],
      statsd: { 'prefix' => 'stats_prefix'},
      alias: { 'poolone' => 'pool1' },
      pool_names: [ 'pool1', 'pool2', 'poolone' ]
@ -33,7 +37,7 @@ describe Vmpooler::API::V1 do
  }
  describe '/config/pooltemplate' do
-    let(:prefix) { '/api/v1' }
+    let(:prefix) { '/api/v3' }
    let(:metrics) { Vmpooler::Metrics::DummyStatsd.new }
    let(:current_time) { Time.now }
@ -45,6 +49,47 @@ describe Vmpooler::API::V1 do
      create_token('abcdefghijklmnopqrstuvwxyz012345', 'jdoe', current_time)
    end
    describe 'DELETE /config/pooltemplate/:pool' do
      it 'resets a pool template' do
        post "#{prefix}/config/pooltemplate", '{"pool1":"templates/new_template"}'
        delete "#{prefix}/config/pooltemplate/pool1"
        expect_json(ok = true, http = 201)
        expected = {
          ok: true,
          template_before_reset: 'templates/new_template',
          template_before_overrides: 'templates/pool1'
        }
        expect(last_response.body).to eq(JSON.pretty_generate(expected))
      end
      it 'succeeds when the pool has not been overridden' do
        delete "#{prefix}/config/pooltemplate/pool1"
        expect_json(ok = true, http = 200)
      end
      it 'fails on nonexistent pools' do
        delete "#{prefix}/config/pooltemplate/poolpoolpool"
        expect_json(ok = false, http = 404)
      end
      context 'with experimental features disabled' do
        before(:each) do
          config[:config]['experimental_features'] = false
        end
        it 'should return 405' do
          delete "#{prefix}/config/pooltemplate/pool1"
          expect_json(ok = false, http = 405)
          expected = { ok: false }
          expect(last_response.body).to eq(JSON.pretty_generate(expected))
        end
      end
    end
    describe 'POST /config/pooltemplate' do
      it 'updates a pool template' do
        post "#{prefix}/config/pooltemplate", '{"pool1":"templates/new_template"}'
@ -142,6 +187,56 @@ describe Vmpooler::API::V1 do
    end
    describe 'DELETE /config/poolsize' do
      it 'resets a pool size' do
        post "#{prefix}/config/poolsize", '{"pool1":"2"}'
        delete "#{prefix}/config/poolsize/pool1"
        expect_json(ok = true, http = 201)
        expected = {
          ok: true,
          pool_size_before_reset: 2,
          pool_size_before_overrides: 5
        }
        expect(last_response.body).to eq(JSON.pretty_generate(expected))
      end
      it 'fails when a specified pool does not exist' do
        delete "#{prefix}/config/poolsize/pool10"
        expect_json(ok = false, http = 404)
        expected = { ok: false }
        expect(last_response.body).to eq(JSON.pretty_generate(expected))
      end
      it 'succeeds when a pool has not been overridden' do
        delete "#{prefix}/config/poolsize/pool1"
        expect_json(ok = true, http = 200)
        expected = {
          ok: true,
          pool_size_before_reset: 5,
          pool_size_before_overrides: 5
        }
        expect(last_response.body).to eq(JSON.pretty_generate(expected))
      end
      context 'with experimental features disabled' do
        before(:each) do
          config[:config]['experimental_features'] = false
        end
        it 'should return 405' do
          delete "#{prefix}/config/poolsize/pool1"
          expect_json(ok = false, http = 405)
          expected = { ok: false }
          expect(last_response.body).to eq(JSON.pretty_generate(expected))
        end
      end
    end
    describe 'POST /config/poolsize' do
      it 'changes a pool size' do
        post "#{prefix}/config/poolsize", '{"pool1":"2"}'
@ -293,7 +388,7 @@ describe Vmpooler::API::V1 do
    end
    describe 'GET /config' do
-      let(:prefix) { '/api/v1' }
+      let(:prefix) { '/api/v3' }
      it 'returns pool configuration when set' do
        get "#{prefix}/config"
--- a/spec/integration/api/v3/ondemandvm_spec.rb
+++ b/spec/integration/api/v3/ondemandvm_spec.rb
@ -1,7 +1,7 @@
 require 'spec_helper'
 require 'rack/test'
-describe Vmpooler::API::V1 do
+describe Vmpooler::API::V3 do
  include Rack::Test::Methods
  def app()
@ -15,7 +15,7 @@ describe Vmpooler::API::V1 do
  end
  describe '/ondemandvm' do
-    let(:prefix) { '/api/v1' }
+    let(:prefix) { '/api/v3' }
    let(:metrics) { Vmpooler::Metrics::DummyStatsd.new }
    let(:config) {
      {
@ -28,16 +28,25 @@ describe Vmpooler::API::V1 do
            'compute2' => 0
          }
        },
        dns_configs: {
          :mock => {
            'dns_class' => 'mock',
            'domain' => 'example.com'
          }
        },
        pools: [
-          {'name' => 'pool1', 'size' => 0, 'clone_target' => 'compute1'},
+          {'name' => 'pool1', 'size' => 0, 'clone_target' => 'compute1', 'dns_plugin' => 'mock'},
-          {'name' => 'pool2', 'size' => 0, 'clone_target' => 'compute2'},
+          {'name' => 'pool2', 'size' => 0, 'clone_target' => 'compute2', 'dns_plugin' => 'mock'},
-          {'name' => 'pool3', 'size' => 0, 'clone_target' => 'compute1'}
+          {'name' => 'pool3', 'size' => 0, 'clone_target' => 'compute1', 'dns_plugin' => 'mock'}
        ],
        alias: {
          'poolone' => ['pool1'],
          'pool2' => ['pool1']
        },
-        pool_names: [ 'pool1', 'pool2', 'pool3', 'poolone' ]
+        pool_names: [ 'pool1', 'pool2', 'pool3', 'poolone' ],
        providers: {
          :dummy => {},
        }
      }
    }
    let(:current_time) { Time.now }
@ -111,24 +120,6 @@ describe Vmpooler::API::V1 do
            expect(redis).to receive(:hset).with("vmpooler__odrequest__#{uuid}", 'requested', 'pool2:pool1:1')
            post "#{prefix}/ondemandvm", '{"pool2":"1"}'
          end
          context 'with domain set in the config' do
            let(:domain) { 'example.com' }
            before(:each) do
              config[:config]['domain'] = domain
            end
            it 'should include domain in the return reply' do
              post "#{prefix}/ondemandvm", '{"poolone":"1"}'
              expect_json(true, 201)
              expected = {
                "ok": true,
                "request_id": uuid,
                "domain": domain
              }
              expect(last_response.body).to eq(JSON.pretty_generate(expected))
            end
          end
        end
        context 'with a resource request that exceeds the specified limit' do
@ -262,35 +253,12 @@ describe Vmpooler::API::V1 do
              "ready": true,
              "pool1": {
                "hostname": [
-                  vmname
+                  "#{vmname}.example.com"
                ]
              }
            }
            expect(last_response.body).to eq(JSON.pretty_generate(expected))
          end
          context 'with domain set' do
            let(:domain) { 'example.com' }
            before(:each) do
              config[:config]['domain'] = domain
            end
            it 'should include the domain in the result' do
              get "#{prefix}/ondemandvm/#{uuid}"
              expected = {
                "ok": true,
                "request_id": uuid,
                "ready": true,
                "pool1": {
                  "hostname": [
                    vmname
                  ]
                },
                "domain": domain
              }
              expect(last_response.body).to eq(JSON.pretty_generate(expected))
            end
          end
        end
        context 'with a deleted request' do
--- a/spec/integration/api/v3/poolreset.rb
+++ b/spec/integration/api/v3/poolreset.rb
@ -1,7 +1,7 @@
 require 'spec_helper'
 require 'rack/test'
-describe Vmpooler::API::V1 do
+describe Vmpooler::API::V3 do
  include Rack::Test::Methods
  def app()
@ -30,7 +30,7 @@ describe Vmpooler::API::V1 do
  }
  describe '/poolreset' do
-    let(:prefix) { '/api/v1' }
+    let(:prefix) { '/api/v3' }
    let(:metrics) { Vmpooler::Metrics::DummyStatsd.new }
    let(:current_time) { Time.now }
--- a/spec/integration/api/v3/status_spec.rb
+++ b/spec/integration/api/v3/status_spec.rb
@ -5,7 +5,7 @@ def has_set_tag?(vm, tag, value)
  value == redis.hget("vmpooler__vm__#{vm}", "tag:#{tag}")
 end
-describe Vmpooler::API::V1 do
+describe Vmpooler::API::V3 do
  include Rack::Test::Methods
  def app()
@ -17,10 +17,12 @@ describe Vmpooler::API::V1 do
  # https://rubydoc.info/gems/sinatra/Sinatra/Base#reset!-class_method 
  before(:each) do
    app.reset!
    # Clear status cache to prevent test interference
    Vmpooler::API::V3.clear_status_cache
  end
  describe 'status and metrics endpoints' do
-    let(:prefix) { '/api/v1' }
+    let(:prefix) { '/api/v3' }
    let(:config) {
      {
--- a/spec/integration/api/v3/token_spec.rb
+++ b/spec/integration/api/v3/token_spec.rb
@ -1,7 +1,7 @@
 require 'spec_helper'
 require 'rack/test'
-describe Vmpooler::API::V1 do
+describe Vmpooler::API::V3 do
  include Rack::Test::Methods
  def app()
@ -16,7 +16,7 @@ describe Vmpooler::API::V1 do
  end
  describe '/token' do
-    let(:prefix) { '/api/v1' }
+    let(:prefix) { '/api/v3' }
    let(:current_time) { Time.now }
    let(:config) { { 
      config: {}
@ -111,7 +111,7 @@ describe Vmpooler::API::V1 do
  end
  describe '/token/:token' do
-    let(:prefix) { '/api/v1' }
+    let(:prefix) { '/api/v3' }
    let(:current_time) { Time.now }
    before(:each) do
--- a/spec/integration/api/v3/vm_hostname_spec.rb
+++ b/spec/integration/api/v3/vm_hostname_spec.rb
@ -5,7 +5,7 @@ def has_set_tag?(vm, tag, value)
  value == redis.hget("vmpooler__vm__#{vm}", "tag:#{tag}")
 end
-describe Vmpooler::API::V1 do
+describe Vmpooler::API::V3 do
  include Rack::Test::Methods
  def app()
@ -20,7 +20,7 @@ describe Vmpooler::API::V1 do
  end
  describe '/vm/:hostname' do
-    let(:prefix) { '/api/v1' }
+    let(:prefix) { '/api/v3' }
    let(:metrics) { Vmpooler::Metrics::DummyStatsd.new }
    let(:config) {
--- a/spec/integration/api/v3/vm_spec.rb
+++ b/spec/integration/api/v3/vm_spec.rb
@ -1,7 +1,7 @@
 require 'spec_helper'
 require 'rack/test'
-describe Vmpooler::API::V1 do
+describe Vmpooler::API::V3 do
  include Rack::Test::Methods
  def app()
@ -16,7 +16,7 @@ describe Vmpooler::API::V1 do
  end
  describe '/vm' do
-    let(:prefix) { '/api/v1' }
+    let(:prefix) { '/api/v3' }
    let(:metrics) { Vmpooler::Metrics::DummyStatsd.new }
    let(:config) {
      {
@ -24,10 +24,29 @@ describe Vmpooler::API::V1 do
          'site_name' => 'test pooler',
          'vm_lifetime_auth' => 2
        },
        providers: {
          vsphere: {},
          gce: {},
          foo: {}
        },
        dns_configs: {
          :one => {
            'dns_class' => 'mock',
            'domain' => 'one.example.com'
          },
          :two => {
            'dns_class' => 'mock',
            'domain' => 'two.example.com'
          },
          :three => {
            'dns_class' => 'mock',
            'domain' => 'three.example.com'
          }
        },
        pools: [
-          {'name' => 'pool1', 'size' => 5},
+          {'name' => 'pool1', 'size' => 5, 'provider' => 'vsphere', 'dns_plugin' => 'one'},
-          {'name' => 'pool2', 'size' => 10},
+          {'name' => 'pool2', 'size' => 10, 'provider' => 'gce', 'dns_plugin' => 'two'},
-          {'name' => 'pool3', 'size' => 10}
+          {'name' => 'pool3', 'size' => 10, 'provider' => 'foo', 'dns_plugin' => 'three'}
        ],
        statsd: { 'prefix' => 'stats_prefix'},
        alias: { 'poolone' => ['pool1'] },
@ -79,7 +98,7 @@ describe Vmpooler::API::V1 do
        expected = {
          ok: true,
          pool1: {
-            hostname: vmname
+            hostname: "#{vmname}.one.example.com"
          }
        }
@ -97,7 +116,7 @@ describe Vmpooler::API::V1 do
        expected = {
          ok: true,
          poolone: {
-            hostname: vmname
+            hostname: "#{vmname}.one.example.com"
          }
        }
@ -124,8 +143,7 @@ describe Vmpooler::API::V1 do
      end
      it 'returns 503 for empty pool referenced by alias' do
-        create_ready_vm 'pool1', vmname, redis
+        create_ready_vm 'pool2', vmname, redis
        post "#{prefix}/vm/poolone"
        post "#{prefix}/vm/poolone"
        expected = { ok: false }
@ -146,10 +164,10 @@ describe Vmpooler::API::V1 do
        expected = {
          ok: true,
          pool1: {
-            hostname: vmname
+            hostname: "#{vmname}.one.example.com"
          },
          pool2: {
-            hostname: 'qrstuvwxyz012345'
+            hostname: 'qrstuvwxyz012345.two.example.com'
          }
        }
@ -177,8 +195,8 @@ describe Vmpooler::API::V1 do
        result = JSON.parse(last_response.body)
        expect(result['ok']).to eq(true)
-        expect(result['pool1']['hostname']).to include('1abcdefghijklmnop', '2abcdefghijklmnop')
+        expect(result['pool1']['hostname']).to include('1abcdefghijklmnop.one.example.com', '2abcdefghijklmnop.one.example.com')
-        expect(result['pool2']['hostname']).to eq('qrstuvwxyz012345')
+        expect(result['pool2']['hostname']).to eq('qrstuvwxyz012345.two.example.com')
        expect_json(ok = true, http = 200)
      end
@ -206,8 +224,8 @@ describe Vmpooler::API::V1 do
        result = JSON.parse(last_response.body)
        expect(result['ok']).to eq(true)
-        expect(result['pool1']['hostname']).to include('1abcdefghijklmnop', '2abcdefghijklmnop')
+        expect(result['pool1']['hostname']).to include('1abcdefghijklmnop.one.example.com', '2abcdefghijklmnop.one.example.com')
-        expect(result['pool2']['hostname']).to include('1qrstuvwxyz012345', '2qrstuvwxyz012345', '3qrstuvwxyz012345')
+        expect(result['pool2']['hostname']).to include('1qrstuvwxyz012345.two.example.com', '2qrstuvwxyz012345.two.example.com', '3qrstuvwxyz012345.two.example.com')
        expect_json(ok = true, http = 200)
      end
@ -232,7 +250,7 @@ describe Vmpooler::API::V1 do
        result = JSON.parse(last_response.body)
        expect(result['ok']).to eq(true)
-        expect(result['genericpool']['hostname']).to include('1abcdefghijklmnop', '2abcdefghijklmnop', '1qrstuvwxyz012345')
+        expect(result['genericpool']['hostname']).to include('1abcdefghijklmnop.one.example.com', '2abcdefghijklmnop.two.example.com', '1qrstuvwxyz012345.three.example.com')
        expect_json(ok = true, http = 200)
      end
@ -249,7 +267,7 @@ describe Vmpooler::API::V1 do
        expected = {
          ok: true,
          "pool1": {
-            "hostname": "1abcdefghijklmnop"
+            "hostname": "1abcdefghijklmnop.one.example.com"
          }
        }
@ -338,7 +356,7 @@ describe Vmpooler::API::V1 do
      end
      it 'returns the second VM when the first fails to respond' do
-        create_ready_vm 'pool1', vmname, redis
+        create_running_vm 'pool1', vmname, redis
        create_ready_vm 'pool1', "2#{vmname}", redis
        allow_any_instance_of(Vmpooler::API::Helpers).to receive(:open_socket).with(vmname, nil).and_raise('mockerror')
@ -350,7 +368,7 @@ describe Vmpooler::API::V1 do
        expected = {
          ok: true,
          pool1: {
-            hostname: "2#{vmname}"
+            hostname: "2#{vmname}.one.example.com"
          }
        }
@ -375,7 +393,7 @@ describe Vmpooler::API::V1 do
          expected = {
            ok: true,
            pool1: {
-              hostname: 'abcdefghijklmnop'
+              hostname: 'abcdefghijklmnop.one.example.com'
            }
          }
          expect(last_response.body).to eq(JSON.pretty_generate(expected))
@ -401,7 +419,7 @@ describe Vmpooler::API::V1 do
          expected = {
            ok: true,
            pool1: {
-              hostname: 'abcdefghijklmnop'
+              hostname: 'abcdefghijklmnop.one.example.com'
            }
          }
          expect(last_response.body).to eq(JSON.pretty_generate(expected))
@ -422,7 +440,7 @@ describe Vmpooler::API::V1 do
          expected = {
            ok: true,
            pool1: {
-              hostname: 'abcdefghijklmnop'
+              hostname: 'abcdefghijklmnop.one.example.com'
            }
          }
          expect(last_response.body).to eq(JSON.pretty_generate(expected))
--- a/spec/integration/api/v3/vm_template_spec.rb
+++ b/spec/integration/api/v3/vm_template_spec.rb
@ -1,7 +1,7 @@
 require 'spec_helper'
 require 'rack/test'
-describe Vmpooler::API::V1 do
+describe Vmpooler::API::V3 do
  include Rack::Test::Methods
  def app()
@ -16,7 +16,7 @@ describe Vmpooler::API::V1 do
  end
  describe '/vm/:template' do
-    let(:prefix) { '/api/v1' }
+    let(:prefix) { '/api/v3' }
    let(:metrics) { Vmpooler::Metrics::DummyStatsd.new }
    let(:config) {
      {
@ -24,10 +24,17 @@ describe Vmpooler::API::V1 do
          'site_name' => 'test pooler',
          'vm_lifetime_auth' => 2,
        },
        dns_configs: {
          :example => {
            'dns_class' => 'mock',
            'domain' => 'example.com'
          }
        },
        providers: { vsphere: {} },
        pools: [
-          {'name' => 'pool1', 'size' => 5},
+          {'name' => 'pool1', 'size' => 5, 'provider' => 'vsphere', 'dns_plugin' => 'example'},
-          {'name' => 'pool2', 'size' => 10},
+          {'name' => 'pool2', 'size' => 10, 'provider' => 'vsphere', 'dns_plugin' => 'example'},
-          {'name' => 'poolone', 'size' => 0}
+          {'name' => 'poolone', 'size' => 1, 'provider' => 'vsphere', 'dns_plugin' => 'example'}
        ],
        statsd: { 'prefix' => 'stats_prefix'},
        alias: { 'poolone' => 'pool1' },
@ -59,7 +66,7 @@ describe Vmpooler::API::V1 do
        expected = {
          ok: true,
          pool1: {
-            hostname: 'abcdefghijklmnop'
+            hostname: 'abcdefghijklmnop.example.com'
          }
        }
@ -76,7 +83,7 @@ describe Vmpooler::API::V1 do
        expected = {
          ok: true,
          poolone: {
-            hostname: 'abcdefghijklmnop'
+            hostname: 'abcdefghijklmnop.example.com'
          }
        }
        expect_json(ok = true, http = 200)
@ -104,7 +111,7 @@ describe Vmpooler::API::V1 do
      end
      it 'returns 503 for empty pool referenced by alias' do
-        create_ready_vm 'pool1', 'abcdefghijklmnop', redis
+        create_ready_vm 'pool2', 'abcdefghijklmnop', redis
        post "#{prefix}/vm/poolone"
        expected = { ok: false }
@ -125,10 +132,10 @@ describe Vmpooler::API::V1 do
        expected = {
          ok: true,
          pool1: {
-            hostname: 'abcdefghijklmnop'
+            hostname: 'abcdefghijklmnop.example.com'
          },
          pool2: {
-            hostname: 'qrstuvwxyz012345'
+            hostname: 'qrstuvwxyz012345.example.com'
          }
        }
@ -150,17 +157,17 @@ describe Vmpooler::API::V1 do
        expected = {
          ok: true,
          pool1: {
-            hostname: [ '1abcdefghijklmnop', '2abcdefghijklmnop' ]
+            hostname: [ '1abcdefghijklmnop.example.com', '2abcdefghijklmnop.example.com' ]
          },
          pool2: {
-            hostname: [ '1qrstuvwxyz012345', '2qrstuvwxyz012345', '3qrstuvwxyz012345' ]
+            hostname: [ '1qrstuvwxyz012345.example.com', '2qrstuvwxyz012345.example.com', '3qrstuvwxyz012345.example.com' ]
          }
        }
        result = JSON.parse(last_response.body)
        expect(result['ok']).to eq(true)
-        expect(result['pool1']['hostname']).to include('1abcdefghijklmnop', '2abcdefghijklmnop')
+        expect(result['pool1']['hostname']).to include('1abcdefghijklmnop.example.com', '2abcdefghijklmnop.example.com')
-        expect(result['pool2']['hostname']).to include('1qrstuvwxyz012345', '2qrstuvwxyz012345', '3qrstuvwxyz012345')
+        expect(result['pool2']['hostname']).to include('1qrstuvwxyz012345.example.com', '2qrstuvwxyz012345.example.com', '3qrstuvwxyz012345.example.com')
        expect_json(ok = true, http = 200)
      end
@ -264,7 +271,7 @@ describe Vmpooler::API::V1 do
          expected = {
            ok: true,
            pool1: {
-              hostname: 'abcdefghijklmnop'
+              hostname: 'abcdefghijklmnop.example.com'
            }
          }
@ -290,7 +297,7 @@ describe Vmpooler::API::V1 do
          expected = {
            ok: true,
            pool1: {
-              hostname: 'abcdefghijklmnop'
+              hostname: 'abcdefghijklmnop.example.com'
            }
          }
          expect(last_response.body).to eq(JSON.pretty_generate(expected))
@ -310,7 +317,7 @@ describe Vmpooler::API::V1 do
          expected = {
            ok: true,
            pool1: {
-              hostname: 'abcdefghijklmnop'
+              hostname: 'abcdefghijklmnop.example.com'
            }
          }
          expect_json(ok = true, http = 200)
--- a/spec/rbvmomi_helper.rb
+++ b/spec/rbvmomi_helper.rb
@ -1,922 +0,0 @@
 # -----------------------------------------------------------------------------------------------------------------
 # Managed Objects (https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/index-mo_types.html)
 # -----------------------------------------------------------------------------------------------------------------
 MockClusterComputeResource = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.ClusterComputeResource.html
  # From MockClusterComputeResource
  :actionHistory, :configuration, :drsFault, :drsRecommendation, :migrationHistory, :recommendation,
  # From ComputeResource
  :resourcePool,
  # From ManagedEntity
  :name
 )
 MockComputeResource = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.ComputeResource.html
  # From ComputeResource
  :configurationEx, :datastore, :host, :network, :resourcePool, :summary,
  # From ManagedEntity
  :name
 )
 MockContainerView = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.view.ContainerView.html
  # From ContainerView
  :container, :recursive, :type
 ) do
  def _search_tree(layer)
    results = []
    layer.children.each do |child|
      if type.any? { |t| child.is_a?(RbVmomi::VIM.const_get(t)) }
        results << child
      end
      if recursive && child.respond_to?(:children)
          results += _search_tree(child)
      end
    end
    results
  end
  def view
    _search_tree(container)
  end
  def DestroyView
  end
 end
 MockDatacenter = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.Datacenter.html
  # From Datacenter
  :datastore, :datastoreFolder, :hostFolder, :network, :networkFolder, :vmFolder,
  # From ManagedEntity
  :name
 ) do
  # From RBVMOMI::VIM::Datacenter https://github.com/vmware/rbvmomi/blob/master/lib/rbvmomi/vim/Datacenter.rb
  # Find the Datastore with the given +name+.
  def find_datastore name
    datastore.find { |x| x.name == name }
  end
 end
 MockNetwork = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.Network.html
  # From Network
  :host, :name, :summary, :vm
 )
 MockVirtualVmxnet3 = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.device.VirtualVmxnet.html
  # From VirtualEthenetCard
  :addressType,
  # From VirtualDevice
  :key, :deviceInfo, :backing, :connectable
 )
 MockDatastore = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.Datastore.html
  # From Datastore
  :browser, :capability, :host, :info, :iormConfiguration, :summary, :vm,
  # From ManagedEntity
  :name
 )
 MockFolder = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.Folder.html
  # From Folder
  :childEntity, :childType,
  # From ManagedEntity
  :name
 ) do
  # From RBVMOMI::VIM::Folder https://github.com/vmware/rbvmomi/blob/master/lib/rbvmomi/vim/Folder.rb#L107-L110
  def children
    childEntity
  end
  # https://github.com/vmware/rbvmomi/blob/master/lib/rbvmomi/vim/Folder.rb#L9-L12
  def find(name, type=Object)
    # Fake the searchIndex
    childEntity.each do |child|
      if child.name == name
        if child.kind_of?(type)
          return child
        else
          return nil
        end
      end
    end
    nil
  end
 end
 MockHostSystem = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.HostSystem.html
  # From HostSystem
  :capability, :config, :configManager, :datastore, :datastoreBrowser, :hardware, :network, :runtime, :summary, :systemResources, :vm,
  # From ManagedEntity
  :overallStatus, :name, :parent,
  # From ManagedObject
  :configIssue
 )
 MockPropertyCollector = Struct.new(
  # https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.wssdk.apiref.doc%2Fvmodl.query.PropertyCollector.html
  # PropertyCollector
  :filter
 )
 MockResourcePool = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.ResourcePool.html
  # From ResourcePool
  :childConfiguration, :config, :owner, :resourcePool, :runtime, :summary, :vm,
  # From ManagedEntity
  :name
 )
 MockSearchIndex = Object
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.SearchIndex.html
 MockServiceInstance = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.ServiceInstance.html
  # From ServiceInstance
  :capability, :content, :serverClock
 ) do
  # From ServiceInstance 
  # Mock the CurrentTime method so that it appears the ServiceInstance is valid.
  def CurrentTime
    Time.now
  end
  # From RBVMOMI::VIM::ServiceInstance https://github.com/vmware/rbvmomi/blob/master/lib/rbvmomi/vim/ServiceInstance.rb
  def find_datacenter(path=nil)
    # In our mocked instance, DataCenters are always in the root Folder.
    # If path is nil the first DC is returned otherwise match by name
    content.rootFolder.childEntity.each do |child|
      if child.is_a?(RbVmomi::VIM::Datacenter)
        return child if path.nil? || child.name == path
      end
    end
    nil
  end
 end
 MockTask = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.Task.html
  # From Task
  :info,
 ) do
  # From RBVMOMI https://github.com/vmware/rbvmomi/blob/master/lib/rbvmomi/vim/Task.rb
  # Mock the with 'Not Implemented'
  def wait_for_completion
    raise(RuntimeError,'Not Implemented')
  end
 end
 MockViewManager = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.view.ViewManager.html
  # From ViewManager
  :viewList,
 ) do
  # From ViewManager 
  def CreateContainerView(options)
    mock_RbVmomi_VIM_ContainerView({
      :container => options[:container],
      :recursive => options[:recursive],
      :type => options[:type],
    })
  end
 end
 MockVirtualDiskManager = Object
 # https://pubs.vmware.com/vsphere-55/index.jsp#com.vmware.wssdk.apiref.doc/vim.VirtualDiskManager.html
 MockVirtualMachine = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.VirtualMachine.html
  # From VirtualMachine
  :config, :runtime, :snapshot, :summary,
  # From ManagedEntity
  :name,
  # From RbVmomi::VIM::ManagedEntity
  # https://github.com/vmware/rbvmomi/blob/master/lib/rbvmomi/vim/ManagedEntity.rb
  :path
 )
 MockVirtualMachineSnapshot = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.Snapshot.html
  # From VirtualMachineSnapshot
  :config
 )
 # -------------------------------------------------------------------------------------------------------------
 # Data Objects (https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/index-do_types.html)
 # -------------------------------------------------------------------------------------------------------------
 MockDescription = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.Description.html
  # From Description
  :label, :summary
 )
 MockVirtualEthernetCardNetworkBackingInfo = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.device.VirtualEthernetCard.NetworkBackingInfo.html
  # From VirtualEthernetCardNetworkBackingInfo
  :network,
  # From VirtualDeviceBackingInfo
  :deviceName, :useAutoDetect
 )
 MockVirtualDeviceConnectInfo = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.device.VirtualDevice.ConnectInfo.html
  # From VirtualDeviceConnectInfo
  :allowGuestControl, :connected, :startConnected
 )
 MockVirtualMachineConfigSpec = Struct.new(
  # https://pubs.vmware.com/vi3/sdk/ReferenceGuide/vim.vm.ConfigSpec.html
  # From VirtualMachineConfigSpec
  :deviceChange, :annotation, :extraConfig
 )
 MockVirtualMachineRelocateSpec = Struct.new(
  # https://pubs.vmware.com/vi3/sdk/ReferenceGuide/vim.vm.RelocateSpec.html
  # From VirtualMachineRelocateSpec
  :datastore, :diskMoveType, :pool
 )
 MockDynamicProperty = Struct.new(
  # https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.wssdk.apiref.doc%2Fvmodl.DynamicProperty.html
  # From DynamicProperty
  :name, :val
 )
 MockHostCpuPackage = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.host.CpuPackage.html
  # From HostCpuPackage
  :busHz, :cpuFeature, :description, :hz, :index, :threadId, :vendor
 )
 MockHostHardwareSummary = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.host.Summary.HardwareSummary.html
  # From HostHardwareSummary
  :cpuMhz, :numCpuCores, :numCpuPkgs, :memorySize
 )
 MockHostListSummary = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.host.Summary.html
  # From HostListSummary
  :quickStats, :hardware
 )
 MockHostListSummaryQuickStats = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.host.Summary.QuickStats.html
  # From HostListSummaryQuickStats
  :overallCpuUsage, :overallMemoryUsage
 )
 MockHostRuntimeInfo = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.host.RuntimeInfo.html
  # From HostRuntimeInfo
  :bootTime, :connectionState, :healthSystemRuntime, :inMaintenanceMode, :powerState, :tpmPcrValues
 )
 MockHostSystemHostHardwareInfo = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.host.HardwareInfo.html
  # From HostHardwareInfo
  :biosInfo, :cpuFeature, :cpuInfo, :cpuPkg, :cpuPowerManagementInfo, :memorySize, :numaInfo, :pciDevice, :systemInfo
 )
 MockObjectContent = Struct.new(
  # https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.wssdk.apiref.doc%2Fvmodl.query.PropertyCollector.ObjectContent.html
  # From ObjectContent
  :missingSet, :obj, :propSet
 )
 MockRetrieveResult = Struct.new(
  # https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.wssdk.apiref.doc%2Fvmodl.query.PropertyCollector.RetrieveResult.html
  # From RetrieveResult
  :objects, :token
 )
 MockServiceContent = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.ServiceInstanceContent.html#field_detail
  # From ServiceContent
  :propertyCollector, :rootFolder, :searchIndex, :viewManager, :virtualDiskManager
 )
 MockVirtualDevice = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.device.VirtualDevice.html
  # From VirtualDevice
  :deviceInfo, :controllerKey, :key, :backing, :connectable, :unitNumber
 )
 MockVirtualDisk = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.device.VirtualDisk.html
  # From VirtualDisk
  :capacityInKB, :shares,
  # From VirtualDevice
  :deviceInfo, :controllerKey, :key, :backing, :connectable, :unitNumber
 )
 MockVirtualHardware = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.VirtualHardware.html
  # From VirtualHardware
  :device
 )
 MockVirtualMachineConfigInfo = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.ConfigInfo.html
  # From VirtualMachineConfigInfo
  :hardware
 )
 MockVirtualMachineFileLayoutExFileInfo = Struct.new(
  # https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.wssdk.apiref.doc%2Fvim.vm.FileLayoutEx.FileInfo.html
  # From VirtualMachineFileLayoutExFileInfo
  :key, :name, :size, :type, :uniqueSize
 )
 MockVirtualMachineGuestSummary = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.Summary.GuestSummary.html
  # From VirtualMachineGuestSummary
  :hostName
 )
 MockVirtualMachineRuntimeInfo = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.RuntimeInfo.html
  # From VirtualMachineRuntimeInfo
  :bootTime, :cleanPowerOff, :connectionState, :faultToleranceState, :host, :maxCpuUsage, :maxMemoryUsage, :memoryOverhead,
  :needSecondaryReason, :numMksConnections, :powerState, :question, :recordReplayState, :suspendInterval, :suspendTime, :toolsInstallerMounted
 )
 MockVirtualMachineSnapshotInfo = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.SnapshotInfo.html
  # From MockVirtualMachineSnapshotInfo
  :currentSnapshot, :rootSnapshotList
 )
 MockVirtualMachineSnapshotTree = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.SnapshotTree.html
  # From VirtualMachineSnapshotTree
  :backupManifest, :childSnapshotList, :createTime, :description, :id, :name, :quiesced, :replaySupported,
  :snapshot, :state, :vm
 )
 MockVirtualMachineSummary = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.Summary.html
  # From VirtualMachineSummary
  :config, :customValue, :guest, :quickStats, :runtime, :storage, :vm
 )
 MockVirtualSCSIController = Struct.new(
  # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.device.VirtualSCSIController.html
  # From VirtualSCSIController
  :hotAddRemove, :scsiCtlrUnitNumber, :sharedBus,
  # From VirtualDevice
  :deviceInfo, :controllerKey, :key, :backing, :connectable, :unitNumber
 )
 # --------------------
 # RBVMOMI only Objects
 # --------------------
 MockRbVmomiVIMConnection = Struct.new(
  # https://github.com/vmware/rbvmomi/blob/master/lib/rbvmomi/vim.rb
  :serviceInstance, :serviceContent, :rootFolder, :root
 ) do
  # From https://github.com/vmware/rbvmomi/blob/master/lib/rbvmomi/vim.rb
  # Alias to serviceContent.searchIndex
  def searchIndex
    serviceContent.searchIndex
  end
  # Alias to serviceContent.propertyCollector
  def propertyCollector
    serviceContent.propertyCollector
  end
 end
 # -------------------------------------------------------------------------------------------------------------
 # Mocking Methods
 # -------------------------------------------------------------------------------------------------------------
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.ClusterComputeResource.html
 def mock_RbVmomi_VIM_ClusterComputeResource(options = {})
  options[:name]  = 'Cluster' + rand(65536).to_s if options[:name].nil?
  mock = MockClusterComputeResource.new()
  mock.name = options[:name]
  # All cluster compute resources have a root Resource Pool
  mock.resourcePool = mock_RbVmomi_VIM_ResourcePool({:name => options[:name]})
  allow(mock).to receive(:is_a?) do |expected_type|
    expected_type == RbVmomi::VIM::ClusterComputeResource
  end
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.view.ContainerView.html
 def mock_RbVmomi_VIM_ContainerView(options = {})
  mock = MockContainerView.new()
  mock.container = options[:container]
  mock.recursive = options[:recursive]
  mock.type = options[:type]
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.ComputeResource.html
 def mock_RbVmomi_VIM_ComputeResource(options = {})
  options[:name]  = 'Compute' + rand(65536).to_s if options[:name].nil?
  options[:hosts] = [{}] if options[:hosts].nil?
  mock = MockComputeResource.new()
  mock.name = options[:name]
  mock.host = []
  # A compute resource must have at least one host.
  options[:hosts].each do |host_options|
    mock_host = mock_RbVmomi_VIM_HostSystem(host_options)
    mock_host.parent = mock
    mock.host << mock_host
  end
  allow(mock).to receive(:is_a?) do |expected_type|
    expected_type == RbVmomi::VIM::ComputeResource
  end
  mock
 end
 # https://github.com/vmware/rbvmomi/blob/master/lib/rbvmomi/vim.rb
 def mock_RbVmomi_VIM_Connection(options = {})
  options[:serviceInstance] = {} if options[:serviceInstance].nil?
  options[:serviceContent]  = {} if options[:serviceContent].nil?
  mock = MockRbVmomiVIMConnection.new()
  mock.serviceContent = mock_RbVmomi_VIM_ServiceContent(options[:serviceContent])
  options[:serviceInstance][:servicecontent] = mock.serviceContent if options[:serviceInstance][:servicecontent].nil?
  mock.serviceInstance = mock_RbVmomi_VIM_ServiceInstance(options[:serviceInstance])
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.Datastore.html
 def mock_RbVmomi_VIM_Datacenter(options = {})
  options[:hostfolder_tree] = {} if options[:hostfolder_tree].nil?
  options[:vmfolder_tree]   = {} if options[:vmfolder_tree].nil?
  # Currently don't support mocking datastore tree
  options[:datastores]      = [] if options[:datastores].nil?
  options[:name]            = 'Datacenter' + rand(65536).to_s if options[:name].nil?
  options[:networks]        = [] if options[:networks].nil?
  mock = MockDatacenter.new()
  mock.name = options[:name]
  mock.hostFolder = mock_RbVmomi_VIM_Folder({ :name => 'hostFolderRoot'})
  mock.vmFolder = mock_RbVmomi_VIM_Folder({ :name => 'vmFolderRoot'})
  mock.datastore = []
  mock.network = []
  # Create vmFolder hierarchy
  recurse_folder_tree(options[:vmfolder_tree],mock.vmFolder.childEntity)
  # Create hostFolder hierarchy
  recurse_folder_tree(options[:hostfolder_tree],mock.hostFolder.childEntity)
  # Create mock Datastores
  options[:datastores].each do |datastorename|
    mock_ds = mock_RbVmomi_VIM_Datastore({ :name => datastorename })
    mock.datastore << mock_ds
  end
  # Create mock Networks
  options[:networks].each do |networkname|
    mock_nw = mock_RbVmomi_VIM_Network({ :name => networkname })
    mock.network << mock_nw
  end
  allow(mock).to receive(:is_a?) do |expected_type|
    expected_type == RbVmomi::VIM::Datacenter
  end
  mock
 end
 def recurse_folder_tree(tree, root_object)
  tree.keys.each do |foldername|
    folder_options = tree[foldername].nil? ? {} : tree[foldername]
    folder_options[:name] = foldername if folder_options[:name].nil?
    case folder_options[:object_type]
    when 'vm'
      child_object = mock_RbVmomi_VIM_VirtualMachine({ :name => folder_options[:name]})
    when 'compute_resource'
      child_object = mock_RbVmomi_VIM_ComputeResource({ :name => folder_options[:name]})
    when 'cluster_compute_resource'
      child_object = mock_RbVmomi_VIM_ClusterComputeResource({ :name => folder_options[:name]})
    when 'resource_pool'
      child_object =  mock_RbVmomi_VIM_ResourcePool({ :name => folder_options[:name]})
    else
      child_object = mock_RbVmomi_VIM_Folder({:name => foldername})
    end
    # Recursively create children - Default is the child_object is a Folder
    case folder_options[:object_type]
    when 'cluster_compute_resource'
      # Append children into the root Resource Pool for a cluster, instead of directly into the cluster itself.
      recurse_folder_tree(folder_options[:children],child_object.resourcePool.resourcePool) unless folder_options[:children].nil?
    when 'resource_pool'
      recurse_folder_tree(folder_options[:children],child_object.resourcePool) unless folder_options[:children].nil?
    else
      recurse_folder_tree(folder_options[:children],child_object.childEntity) unless folder_options[:children].nil?
    end
    root_object << child_object
  end
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.Datastore.html
 def mock_RbVmomi_VIM_Datastore(options = {})
  options[:name] = 'Datastore' + rand(65536).to_s if options[:name].nil?
  mock = MockDatastore.new()
  mock.name = options[:name]
  allow(mock).to receive(:is_a?) do |expected_type|
    expected_type == RbVmomi::VIM::Datastore
  end
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.Network.html
 def mock_RbVmomi_VIM_Network(options = {})
  options[:name] = 'Network' + rand(65536).to_s if options[:name].nil?
  mock = MockNetwork.new()
  mock.name = options[:name]
  allow(mock).to receive(:is_a?) do |expected_type|
    expected_type == RbVmomi::VIM::Network
  end
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.device.VirtualVmxnet3.html
 def mock_RbVmomi_VIM_VirtualVmxnet3(options = {})
  options[:key] = rand(65536) if options[:key].nil?
  options[:deviceInfo] = MockDescription.new()
  options[:backing] = MockVirtualEthernetCardNetworkBackingInfo.new()
  options[:addressType] = 'assigned'
  options[:connectable] = MockVirtualDeviceConnectInfo.new()
  mock = MockVirtualVmxnet3.new()
  mock.key = options[:key]
  mock.deviceInfo = options[:deviceInfo]
  mock.backing = options[:backing]
  mock.addressType = options[:addressType]
  mock.connectable = options[:connectable]
  allow(mock).to receive(:instance_of?) do |expected_type|
    expected_type == RbVmomi::VIM::VirtualVmxnet3
  end
  mock
 end
 # https://pubs.vmware.com/vi3/sdk/ReferenceGuide/vim.vm.RelocateSpec.html
 def mock_RbVmomi_VIM_VirtualMachineRelocateSpec(options = {})
  options[:datastore] = 'Datastore' + rand(65536).to_s if options[:datastore].nil?
  options[:diskMoveType] = :moveChildMostDiskBacking
  options[:pool] = 'Pool' + rand(65536).to_s if options[:pool].nil?
  mock = MockVirtualMachineRelocateSpec.new
  mock.datastore = mock_RbVmomi_VIM_Datastore({ :name => options[:datastore]})
  mock.diskMoveType = options[:diskMoveType]
  mock.pool = mock_RbVmomi_VIM_ResourcePool({:name => options[:pool]})
  allow(mock).to receive(:is_a?).and_return(RbVmomi::VIM::VirtualMachineRelocateSpec)
  mock
 end
 # https://pubs.vmware.com/vi3/sdk/ReferenceGuide/vim.vm.ConfigSpec.html
 def mock_RbVmomi_VIM_VirtualMachineConfigSpec(options = {})
  options[:device] = mock_RbVmomi_VIM_VirtualVmxnet3()
  mock = MockVirtualMachineConfigSpec.new
  mock.deviceChange = []
  mock.deviceChange << { operation: :edit, device: options[:device]}
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.Datastore.html
 def mock_RbVmomi_VIM_Folder(options = {})
  options[:name] = 'Folder' + rand(65536).to_s if options[:name].nil?
  mock = MockFolder.new()
  mock.name = options[:name]
  mock.childEntity = []
  allow(mock).to receive(:is_a?) do |expected_type|
    expected_type == RbVmomi::VIM::Folder
  end
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.HostSystem.html
 def mock_RbVmomi_VIM_HostSystem(options = {})
  options[:memory_size]          = 4294967296 if options[:memory_size].nil? # 4GB RAM
  options[:num_cpu]              = 1 if options[:num_cpu].nil?
  options[:num_cores_per_cpu]    = 1 if options[:num_cores_per_cpu].nil?
  options[:cpu_speed]            = 2048 if options[:cpu_speed].nil? # 2.0 GHz 
  options[:cpu_model]            = 'Intel(R) Xeon(R) CPU E5-2697 v4 @ 2.0GHz' if options[:cpu_model].nil?
  options[:maintenance_mode]     = false if options[:maintenance_mode].nil?
  options[:overall_status]       = 'green' if options[:overall_status].nil?
  options[:overall_cpu_usage]    = 1 if options[:overall_cpu_usage].nil?
  options[:overall_memory_usage] = 1 if options[:overall_memory_usage].nil?
  options[:name]                 = 'HOST' + rand(65536).to_s if options[:name].nil?
  options[:config_issue]         = [] if options[:config_issue].nil?
  mock = MockHostSystem.new()
  mock.name = options[:name]
  mock.summary = MockHostListSummary.new()
  mock.summary.quickStats = MockHostListSummaryQuickStats.new()
  mock.summary.hardware = MockHostHardwareSummary.new()
  mock.hardware = MockHostSystemHostHardwareInfo.new()
  mock.runtime = MockHostRuntimeInfo.new()
  mock.hardware.cpuPkg = []
  (1..options[:num_cpu]).each do |cpuid|
    mockcpu = MockHostCpuPackage.new()
    mockcpu.hz = options[:cpu_speed] * 1024 * 1024
    mockcpu.description = options[:cpu_model]
    mockcpu.index = 0
    mock.hardware.cpuPkg << mockcpu
  end
  mock.runtime.inMaintenanceMode = options[:maintenance_mode]
  mock.overallStatus = options[:overall_status]
  mock.configIssue = options[:config_issue]
  mock.summary.hardware.memorySize = options[:memory_size]
  mock.hardware.memorySize = options[:memory_size]
  mock.summary.hardware.cpuMhz = options[:cpu_speed]
  mock.summary.hardware.numCpuCores = options[:num_cpu] * options[:num_cores_per_cpu]
  mock.summary.hardware.numCpuPkgs = options[:num_cpu]
  mock.summary.quickStats.overallCpuUsage = options[:overall_cpu_usage]
  mock.summary.quickStats.overallMemoryUsage = options[:overall_memory_usage]
  mock
 end
 # https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.wssdk.apiref.doc%2Fvmodl.query.PropertyCollector.RetrieveResult.html
 def mock_RbVmomi_VIM_RetrieveResult(options = {})
  options[:response] = [] if options[:response].nil?
  mock = MockRetrieveResult.new()
  mock.objects = []
  options[:response].each do |response|
    mock_objectdata = MockObjectContent.new()
    mock_objectdata.propSet = []
    mock_objectdata.obj = response[:object] 
    # Mock the object properties
    response.each do |key,value|
      unless key == :object
        mock_property = MockDynamicProperty.new()
        mock_property.name = key
        mock_property.val = value
        mock_objectdata.propSet << mock_property
      end
    end
    mock.objects << mock_objectdata
  end
  mock
 end
 # https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.wssdk.apiref.doc%2Fvmodl.query.PropertyCollector.html
 def mock_RbVmomi_VIM_PropertyCollector(options = {})
  mock = MockPropertyCollector.new()
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.ServiceInstanceContent.html#field_detail
 def mock_RbVmomi_VIM_ServiceContent(options = {})
  options[:propertyCollector] = {} if options[:propertyCollector].nil?
  options[:datacenters]       = [] if options[:datacenters].nil?
  mock = MockServiceContent.new()
  mock.searchIndex = MockSearchIndex.new()
  mock.viewManager = MockViewManager.new()
  mock.virtualDiskManager = MockVirtualDiskManager.new()
  mock.rootFolder = mock_RbVmomi_VIM_Folder({ :name => 'RootFolder' })
  mock.propertyCollector = mock_RbVmomi_VIM_PropertyCollector(options[:propertyCollector])
  # Create the DCs in this ServiceContent
  options[:datacenters].each do |dc_options|
    mock_dc = mock_RbVmomi_VIM_Datacenter(dc_options)
    mock.rootFolder.childEntity << mock_dc
  end
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk41pubs/ApiReference/vim.ServiceInstance.html
 def mock_RbVmomi_VIM_ServiceInstance(options = {})
  mock = MockServiceInstance.new()
  mock.content = options[:servicecontent]
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.Task.html
 def mock_RbVmomi_VIM_Task(options = {})
  mock = MockTask.new()
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.ResourcePool.html
 def mock_RbVmomi_VIM_ResourcePool(options = {})
  options[:name] = 'ResourcePool' + rand(65536).to_s if options[:name].nil?
  mock = MockResourcePool.new()
  mock.name = options[:name]
  mock.resourcePool = []
  allow(mock).to receive(:is_a?) do |expected_type|
    expected_type == RbVmomi::VIM::ResourcePool
  end
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.device.VirtualDisk.html
 def mock_RbVmomi_VIM_VirtualDisk(options = {})
  options[:controllerKey] = rand(65536) if options[:controllerKey].nil?
  options[:key]           = rand(65536) if options[:key].nil?
  options[:label]         = 'SCSI' + rand(65536).to_s if options[:label].nil?
  options[:unitNumber]    = rand(65536) if options[:unitNumber].nil?
  mock = MockVirtualDisk.new()
  mock.deviceInfo = MockDescription.new()
  mock.deviceInfo.label = options[:label]
  mock.controllerKey = options[:controllerKey]
  mock.key = options[:key]
  mock.unitNumber = options[:unitNumber]
  allow(mock).to receive(:is_a?) do |expected_type|
    expected_type == RbVmomi::VIM::VirtualDisk
  end
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.VirtualMachine.html
 def mock_RbVmomi_VIM_VirtualMachine(options = {})
  options[:snapshot_tree] = nil if options[:snapshot_tree].nil?
  options[:name] = 'VM' + rand(65536).to_s if options[:name].nil?
  options[:path] = [] if options[:path].nil?
  mock = MockVirtualMachine.new()
  mock.config = MockVirtualMachineConfigInfo.new()
  mock.config.hardware = MockVirtualHardware.new([])
  mock.summary = MockVirtualMachineSummary.new()
  mock.summary.runtime = MockVirtualMachineRuntimeInfo.new()
  mock.summary.guest = MockVirtualMachineGuestSummary.new()
  mock.runtime = mock.summary.runtime
  mock.name = options[:name]
  mock.summary.guest.hostName = options[:hostname]
  mock.runtime.bootTime = options[:boottime]
  mock.runtime.powerState = options[:powerstate]
  unless options[:snapshot_tree].nil?
    mock.snapshot = MockVirtualMachineSnapshotInfo.new()
    mock.snapshot.rootSnapshotList = []
    index = 0
    # Create a recursive snapshot tree
    recurse_snapshot_tree(options[:snapshot_tree],mock.snapshot.rootSnapshotList,index)
  end
  # Create an array of items that describe the path of the VM from the root folder
  # all the way to the VM itself
  mock.path = []
  options[:path].each do |path_item|
    mock_item = nil
    case path_item[:type]
    when 'folder'
      mock_item = mock_RbVmomi_VIM_Folder({ :name => path_item[:name] })
    when 'datacenter'
      mock_item = mock_RbVmomi_VIM_Datacenter({ :name => path_item[:name] })
    else
      raise("Unknown mock type #{path_item[:type]} for mock_RbVmomi_VIM_VirtualMachine")
    end
    mock.path << [mock_item,path_item[:name]]
  end
  mock.path << [mock,options[:name]]
  allow(mock).to receive(:is_a?) do |expected_type|
    expected_type == RbVmomi::VIM::VirtualMachine
  end
  mock
 end
 def recurse_snapshot_tree(tree, root_object, index)
  tree.keys.each do |snapshotname|
    snap_options = tree[snapshotname].nil? ? {} : tree[snapshotname]
    snap = MockVirtualMachineSnapshotTree.new()
    snap.id = index
    snap.name = snapshotname
    snap.childSnapshotList = []
    snap.description = "Snapshot #{snapshotname}"
    snap.snapshot = snap_options[:ref] unless snap_options[:ref].nil?
    # Recursively create chilren
    recurse_snapshot_tree(snap_options[:children],snap.childSnapshotList,index) unless snap_options[:children].nil?
    root_object << snap
    index += 1
  end
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.device.VirtualDevice.html
 def mock_RbVmomi_VIM_VirtualMachineDevice(options = {})
  mock = MockVirtualDevice.new()
  mock.deviceInfo = MockDescription.new()
  mock.deviceInfo.label = options[:label]
  mock
 end
 # https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.wssdk.apiref.doc%2Fvim.vm.FileLayoutEx.FileInfo.html
 def mock_RbVmomi_VIM_VirtualMachineFileLayoutExFileInfo(options = {})
  options[:key] = rand(65536).to_s if options[:key].nil?
  mock = MockVirtualMachineFileLayoutExFileInfo.new()
  mock.key = options[:key]
  mock.name = options[:name]
  mock.size = options[:size]
  mock.type = options[:type]
  mock.uniqueSize = options[:uniqueSize]
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.Snapshot.html
 def mock_RbVmomi_VIM_VirtualMachineSnapshot(options = {})
  mock = MockVirtualMachineSnapshot.new()
  mock
 end
 # https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/vim.vm.device.VirtualSCSIController.html
 def mock_RbVmomi_VIM_VirtualSCSIController(options = {})
  options[:controllerKey]      = rand(65536) if options[:controllerKey].nil?
  options[:key]                = rand(65536) if options[:key].nil?
  options[:label]              = 'SCSI' + rand(65536).to_s if options[:label].nil?
  options[:scsiCtlrUnitNumber] = 7 if options[:scsiCtlrUnitNumber].nil?
  mock = MockVirtualSCSIController.new()
  mock.deviceInfo = MockDescription.new()
  mock.deviceInfo.label = options[:label]
  mock.controllerKey = options[:controllerKey]
  mock.key = options[:key]
  mock.scsiCtlrUnitNumber = options[:scsiCtlrUnitNumber]
  allow(mock).to receive(:is_a?) do |expected_type|
    expected_type == RbVmomi::VIM::VirtualSCSIController
  end
  mock
 end
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@ -3,8 +3,6 @@ SimpleCov.start do
  add_filter '/spec/'
 end
 require 'helpers'
 require 'rbvmomi_helper'
 require 'rbvmomi'
 require 'rspec'
 require 'vmpooler'
 require 'redis'
--- a/spec/unit/api/helpers_spec.rb
+++ b/spec/unit/api/helpers_spec.rb
@ -16,14 +16,12 @@ describe Vmpooler::API::Helpers do
  describe '#hostname_shorten' do
    [
-        ['example.com', 'not-example.com', 'example.com'],
+        ['example.com', 'example'],
-        ['example.com', 'example.com', 'example.com'],
+        ['sub.example.com', 'sub'],
-        ['sub.example.com', 'example.com', 'sub'],
+        ['adjective-noun.example.com', 'adjective-noun'],
-        ['adjective-noun.example.com', 'example.com', 'adjective-noun'],
+        ['abc123.example.com', 'abc123']
-        ['abc123.example.com', 'example.com', 'abc123'],
+    ].each do |hostname, expected|
-        ['example.com', nil, 'example.com']
+      it { expect(subject.hostname_shorten(hostname)).to eq expected }
    ].each do |hostname, domain, expected|
      it { expect(subject.hostname_shorten(hostname, domain)).to eq expected }
    end
  end
@ -118,7 +116,7 @@ describe Vmpooler::API::Helpers do
      allow(redis).to receive(:pipelined).with(no_args).and_return [0]
      allow(redis).to receive(:get).and_return 0
-      expect(subject.get_queue_metrics([], redis)).to eq({pending: 0, cloning: 0, booting: 0, ready: 0, running: 0, completed: 0, total: 0})
+      expect(subject.get_queue_metrics([], redis)).to eq({requested: 0, pending: 0, cloning: 0, booting: 0, ready: 0, running: 0, completed: 0, total: 0})
    end
    it 'adds pool queues correctly' do
@ -127,10 +125,14 @@ describe Vmpooler::API::Helpers do
          {'name' => 'p2'}
      ]
-      allow(redis).to receive(:pipelined).with(no_args).and_return [1,1]
+      # Mock returns 7*2 + 2 = 16 results (7 queue types for 2 pools + 2 global counters)
-      allow(redis).to receive(:get).and_return(1,0)
+      # For each pool: [request, processing, odcreate, pending, ready, running, completed]
      # Plus 2 global counters: clone (1), ondemandclone (0)
      # Results array: [1,1, 1,1, 1,1, 1,1, 1,1, 1,1, 1,1, 1, 0]
      #                [req,  proc,  odc,   pend, rdy,  run,  comp, clone, odc]
      allow(redis).to receive(:pipelined).with(no_args).and_return [1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0]
-      expect(subject.get_queue_metrics(pools, redis)).to eq({pending: 2, cloning: 1, booting: 1, ready: 2, running: 2, completed: 2, total: 8})
+      expect(subject.get_queue_metrics(pools, redis)).to eq({requested: 6, pending: 2, cloning: 1, booting: 1, ready: 2, running: 2, completed: 2, total: 14})
    end
    it 'sets booting to 0 when negative calculation' do
@ -139,10 +141,10 @@ describe Vmpooler::API::Helpers do
          {'name' => 'p2'}
      ]
-      allow(redis).to receive(:pipelined).with(no_args).and_return [1,1]
+      # Mock returns 7*2 + 2 = 16 results with clone=5 to cause negative booting
-      allow(redis).to receive(:get).and_return(5,0)
+      allow(redis).to receive(:pipelined).with(no_args).and_return [1,1,1,1,1,1,1,1,1,1,1,1,1,1,5,0]
-      expect(subject.get_queue_metrics(pools, redis)).to eq({pending: 2, cloning: 5, booting: 0, ready: 2, running: 2, completed: 2, total: 8})
+      expect(subject.get_queue_metrics(pools, redis)).to eq({requested: 6, pending: 2, cloning: 5, booting: 0, ready: 2, running: 2, completed: 2, total: 14})
    end
  end
@ -264,23 +266,87 @@ describe Vmpooler::API::Helpers do
        }
      }
      let(:default_port) { 389 }
      let(:default_encryption) do
        {
          :method => :start_tls,
          :tls_options => { :ssl_version => 'TLSv1' }
        }
      end
      context 'without a service account' do
        it 'should attempt ldap authentication' do
-        expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base, username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base, username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should return true when authentication is successful' do
-        expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base, username_str, password_str).and_return(true)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base, username_str, password_str, nil).and_return(true)
          expect(subject.authenticate(auth, username_str, password_str)).to be true
        end
        it 'should return false when authentication fails' do
-        expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base, username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base, username_str, password_str, nil).and_return(false)
          expect(subject.authenticate(auth, username_str, password_str)).to be false
        end
      end
      context 'with a service account' do
        let(:service_account_hash) do
          {
            :user_dn => 'cn=Service Account,ou=users,dc=example,dc=com',
            :password => 's3cr3t'
          }
        end
        let(:auth) {
          {
            'provider' => 'ldap',
            ldap: {
              'host' => host,
              'base' => base,
              'user_object' => user_object,
              'service_account_hash' => service_account_hash
            }
          }
        }
        it 'should attempt ldap authentication' do
          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base, username_str, password_str, service_account_hash)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should return true when authentication is successful' do
          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base, username_str, password_str, service_account_hash).and_return(true)
          expect(subject.authenticate(auth, username_str, password_str)).to be true
        end
        it 'should return false when authentication fails' do
          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base, username_str, password_str, service_account_hash).and_return(false)
          expect(subject.authenticate(auth, username_str, password_str)).to be false
        end
      end
      context 'with an alternate ssl_version' do
        let(:secure_encryption) do
          {
            :method => :start_tls,
            :tls_options => { :ssl_version => 'TLSv1_2' }
          }
        end
        before(:each) do
          auth[:ldap]['encryption'] = secure_encryption
        end
        it 'should specify the alternate ssl_version when authenticating' do
          expect(subject).to receive(:authenticate_ldap).with(default_port, host, secure_encryption, user_object, base, username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
      end
      context 'with an alternate port' do
        let(:alternate_port) { 636 }
@ -289,7 +355,27 @@ describe Vmpooler::API::Helpers do
        end
        it 'should specify the alternate port when authenticating' do
-          expect(subject).to receive(:authenticate_ldap).with(alternate_port, host, user_object, base, username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(alternate_port, host, default_encryption, user_object, base, username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
      end
      context 'with simple_tls and port 636' do
        let(:secure_port) { 636 }
        let(:secure_encryption) do
          {
            :method => :simple_tls,
            :tls_options => { :ssl_version => 'TLSv1_2' }
          }
        end
        before(:each) do
          auth[:ldap]['port'] = secure_port
          auth[:ldap]['encryption'] = secure_encryption
        end
        it 'should specify the secure port and encryption options when authenticating' do
          expect(subject).to receive(:authenticate_ldap).with(secure_port, host, secure_encryption, user_object, base, username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
@ -307,36 +393,36 @@ describe Vmpooler::API::Helpers do
        end
        it 'should attempt to bind with each base' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base[0], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base[0], username_str, password_str, nil)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base[1], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base[1], username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should not search the second base when the first binds' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base[0], username_str, password_str).and_return(true)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base[0], username_str, password_str, nil).and_return(true)
-          expect(subject).to_not receive(:authenticate_ldap).with(default_port, host, user_object, base[1], username_str, password_str)
+          expect(subject).to_not receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base[1], username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should search the second base when the first bind fails' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base[1], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base[1], username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should return true when any bind succeeds' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base[1], username_str, password_str).and_return(true)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base[1], username_str, password_str, nil).and_return(true)
          expect(subject.authenticate(auth, username_str, password_str)).to be true
        end
        it 'should return false when all bind attempts fail' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object, base[1], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object, base[1], username_str, password_str, nil).and_return(false)
          expect(subject.authenticate(auth, username_str, password_str)).to be false
        end
@ -354,36 +440,36 @@ describe Vmpooler::API::Helpers do
        end
        it 'should attempt to bind with each user object' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base, username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base, username_str, password_str, nil)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base, username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base, username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should not search the second user object when the first binds' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base, username_str, password_str).and_return(true)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base, username_str, password_str, nil).and_return(true)
-          expect(subject).to_not receive(:authenticate_ldap).with(default_port, host, user_object[1], base, username_str, password_str)
+          expect(subject).to_not receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base, username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should search the second user object when the first bind fails' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base, username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base, username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base, username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base, username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should return true when any bind succeeds' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base, username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base, username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base, username_str, password_str).and_return(true)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base, username_str, password_str, nil).and_return(true)
          expect(subject.authenticate(auth, username_str, password_str)).to be true
        end
        it 'should return false when all bind attempts fail' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base, username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base, username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base, username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base, username_str, password_str, nil).and_return(false)
          expect(subject.authenticate(auth, username_str, password_str)).to be false
        end
@ -408,64 +494,64 @@ describe Vmpooler::API::Helpers do
        end
        it 'should attempt to bind with each user object and base' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[0], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[0], username_str, password_str, nil)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[0], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[0], username_str, password_str, nil)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[1], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[1], username_str, password_str, nil)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[1], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[1], username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should not continue searching when the first combination binds' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[0], username_str, password_str).and_return(true)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[0], username_str, password_str, nil).and_return(true)
-          expect(subject).to_not receive(:authenticate_ldap).with(default_port, host, user_object[1], base[0], username_str, password_str)
+          expect(subject).to_not receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[0], username_str, password_str, nil)
-          expect(subject).to_not receive(:authenticate_ldap).with(default_port, host, user_object[0], base[1], username_str, password_str)
+          expect(subject).to_not receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[1], username_str, password_str, nil)
-          expect(subject).to_not receive(:authenticate_ldap).with(default_port, host, user_object[1], base[1], username_str, password_str)
+          expect(subject).to_not receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[1], username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should search the remaining combinations when the first bind fails' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[0], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[0], username_str, password_str, nil)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[1], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[1], username_str, password_str, nil)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[1], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[1], username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should search the remaining combinations when the first two binds fail' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[1], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[1], username_str, password_str, nil)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[1], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[1], username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should search the remaining combination when the first three binds fail' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[1], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[1], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[1], username_str, password_str)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[1], username_str, password_str, nil)
          subject.authenticate(auth, username_str, password_str)
        end
        it 'should return true when any bind succeeds' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[1], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[1], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[1], username_str, password_str).and_return(true)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[1], username_str, password_str, nil).and_return(true)
          expect(subject.authenticate(auth, username_str, password_str)).to be true
        end
        it 'should return false when all bind attempts fail' do
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[0], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[0], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[0], base[1], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[0], base[1], username_str, password_str, nil).and_return(false)
-          expect(subject).to receive(:authenticate_ldap).with(default_port, host, user_object[1], base[1], username_str, password_str).and_return(false)
+          expect(subject).to receive(:authenticate_ldap).with(default_port, host, default_encryption, user_object[1], base[1], username_str, password_str, nil).and_return(false)
          expect(subject.authenticate(auth, username_str, password_str)).to be false
        end
@ -493,16 +579,25 @@ describe Vmpooler::API::Helpers do
    let(:base) { 'ou=users,dc=example,dc=com' }
    let(:username_str) { 'admin' }
    let(:password_str) { 's3cr3t' }
    let(:encryption) do
      {
        :method => :start_tls,
        :tls_options => { :ssl_version => 'TLSv1' }
      }
    end
    let(:service_account_hash) do
      {
        :user_dn => 'cn=Service Account,ou=users,dc=example,dc=com',
        :password => 's3cr3t'
      }
    end
    let(:ldap) { double('ldap') }
    it 'should create a new ldap connection' do
      allow(ldap).to receive(:bind)
      expect(Net::LDAP).to receive(:new).with(
        :host => host,
        :port => port,
-        :encryption => {
+        :encryption => encryption,
          :method => :start_tls,
          :tls_options => { :ssl_version => 'TLSv1' }
        },
        :base => base,
        :auth => {
          :method => :simple,
@ -511,21 +606,35 @@ describe Vmpooler::API::Helpers do
        }
      ).and_return(ldap)
-      subject.authenticate_ldap(port, host, user_object, base, username_str, password_str)
+      subject.authenticate_ldap(port, host, encryption, user_object, base, username_str, password_str)
    end
    it 'should return true when a bind is successful' do
      expect(Net::LDAP).to receive(:new).and_return(ldap)
      expect(ldap).to receive(:bind).and_return(true)
-      expect(subject.authenticate_ldap(port, host, user_object, base, username_str, password_str)).to be true
+      expect(subject.authenticate_ldap(port, host, encryption, user_object, base, username_str, password_str)).to be true
    end
    it 'should return false when a bind fails' do
      expect(Net::LDAP).to receive(:new).and_return(ldap)
      expect(ldap).to receive(:bind).and_return(false)
-      expect(subject.authenticate_ldap(port, host, user_object, base, username_str, password_str)).to be false
+      expect(subject.authenticate_ldap(port, host, encryption, user_object, base, username_str, password_str)).to be false
    end
    it 'should return true when a bind_as is successful' do
      expect(Net::LDAP).to receive(:new).and_return(ldap)
      expect(ldap).to receive(:bind_as).and_return(true)
      expect(subject.authenticate_ldap(port, host, encryption, user_object, base, username_str, password_str, service_account_hash)).to be true
    end
    it 'should return false when a bind_as fails' do
      expect(Net::LDAP).to receive(:new).and_return(ldap)
      expect(ldap).to receive(:bind_as).and_return(false)
      expect(subject.authenticate_ldap(port, host, encryption, user_object, base, username_str, password_str, service_account_hash)).to be false
    end
  end
--- a/spec/unit/api/input_validator_spec.rb
+++ b/spec/unit/api/input_validator_spec.rb
@ -0,0 +1,184 @@
 # frozen_string_literal: true
 require 'spec_helper'
 require 'rack/test'
 require 'vmpooler/api/input_validator'
 describe Vmpooler::API::InputValidator do
  let(:test_class) do
    Class.new do
      include Vmpooler::API::InputValidator
    end
  end
  let(:validator) { test_class.new }
  describe '#validate_hostname' do
    it 'accepts valid hostnames' do
      expect(validator.validate_hostname('test-host.example.com')).to be true
      expect(validator.validate_hostname('host123')).to be true
    end
    it 'rejects invalid hostnames' do
      result = validator.validate_hostname('invalid_host!')
      expect(result['ok']).to be false
      expect(result['error']).to include('Invalid hostname format')
    end
    it 'rejects hostnames that are too long' do
      long_hostname = 'a' * 300
      result = validator.validate_hostname(long_hostname)
      expect(result['ok']).to be false
      expect(result['error']).to include('too long')
    end
    it 'rejects empty hostnames' do
      result = validator.validate_hostname('')
      expect(result['ok']).to be false
      expect(result['error']).to include('required')
    end
  end
  describe '#validate_pool_name' do
    it 'accepts valid pool names' do
      expect(validator.validate_pool_name('centos-7-x86_64')).to be true
      expect(validator.validate_pool_name('ubuntu-2204')).to be true
    end
    it 'rejects invalid pool names' do
      result = validator.validate_pool_name('invalid pool!')
      expect(result['ok']).to be false
      expect(result['error']).to include('Invalid pool name format')
    end
    it 'rejects pool names that are too long' do
      result = validator.validate_pool_name('a' * 150)
      expect(result['ok']).to be false
      expect(result['error']).to include('too long')
    end
  end
  describe '#validate_tag' do
    it 'accepts valid tags' do
      expect(validator.validate_tag('project', 'test-123')).to be true
      expect(validator.validate_tag('owner', 'user@example.com')).to be true
    end
    it 'rejects tags with invalid keys' do
      result = validator.validate_tag('invalid key!', 'value')
      expect(result['ok']).to be false
      expect(result['error']).to include('Invalid tag key format')
    end
    it 'rejects tags with invalid characters in value' do
      result = validator.validate_tag('key', 'value<script>')
      expect(result['ok']).to be false
      expect(result['error']).to include('invalid characters')
    end
    it 'rejects tags that are too long' do
      result = validator.validate_tag('key', 'a' * 300)
      expect(result['ok']).to be false
      expect(result['error']).to include('too long')
    end
  end
  describe '#validate_vm_count' do
    it 'accepts valid VM counts' do
      expect(validator.validate_vm_count(5)).to eq(5)
      expect(validator.validate_vm_count('10')).to eq(10)
    end
    it 'rejects counts less than 1' do
      result = validator.validate_vm_count(0)
      expect(result['ok']).to be false
      expect(result['error']).to include('at least 1')
    end
    it 'rejects counts greater than 100' do
      result = validator.validate_vm_count(150)
      expect(result['ok']).to be false
      expect(result['error']).to include('at most 100')
    end
    it 'rejects non-integer values' do
      result = validator.validate_vm_count('abc')
      expect(result['ok']).to be false
      expect(result['error']).to include('valid integer')
    end
  end
  describe '#validate_disk_size' do
    it 'accepts valid disk sizes' do
      expect(validator.validate_disk_size(50)).to eq(50)
      expect(validator.validate_disk_size('100')).to eq(100)
    end
    it 'rejects sizes less than 1' do
      result = validator.validate_disk_size(0)
      expect(result['ok']).to be false
    end
    it 'rejects sizes greater than 2048' do
      result = validator.validate_disk_size(3000)
      expect(result['ok']).to be false
    end
  end
  describe '#validate_lifetime' do
    it 'accepts valid lifetimes' do
      expect(validator.validate_lifetime(24)).to eq(24)
      expect(validator.validate_lifetime('48')).to eq(48)
    end
    it 'rejects lifetimes greater than 168 hours (1 week)' do
      result = validator.validate_lifetime(200)
      expect(result['ok']).to be false
      expect(result['error']).to include('at most 168')
    end
  end
  describe '#sanitize_json_body' do
    it 'parses valid JSON' do
      result = validator.sanitize_json_body('{"key": "value"}')
      expect(result).to eq('key' => 'value')
    end
    it 'rejects invalid JSON' do
      result = validator.sanitize_json_body('{invalid}')
      expect(result['ok']).to be false
      expect(result['error']).to include('Invalid JSON')
    end
    it 'rejects non-object JSON' do
      result = validator.sanitize_json_body('["array"]')
      expect(result['ok']).to be false
      expect(result['error']).to include('must be a JSON object')
    end
    it 'rejects deeply nested JSON' do
      deep_json = '{"a":{"b":{"c":{"d":{"e":{"f":"too deep"}}}}}}'
      result = validator.sanitize_json_body(deep_json)
      expect(result['ok']).to be false
      expect(result['error']).to include('too complex')
    end
    it 'rejects bodies that are too large' do
      large_json = '{"data":"' + ('a' * 20000) + '"}'
      result = validator.sanitize_json_body(large_json)
      expect(result['ok']).to be false
      expect(result['error']).to include('too large')
    end
  end
  describe '#validation_error?' do
    it 'returns true for error responses' do
      error = { 'ok' => false, 'error' => 'test error' }
      expect(validator.validation_error?(error)).to be true
    end
    it 'returns false for successful responses' do
      expect(validator.validation_error?(true)).to be false
      expect(validator.validation_error?(5)).to be false
    end
  end
 end
--- a/spec/unit/dns/base_spec.rb
+++ b/spec/unit/dns/base_spec.rb
@ -0,0 +1,172 @@
 require 'spec_helper'
 require 'vmpooler/dns/base'
 # This spec does not really exercise code paths but is merely used
 # to enforce that certain methods are defined in the base classes
 describe 'Vmpooler::PoolManager::Dns::Base' do
  let(:logger) { MockLogger.new }
  let(:metrics) { Vmpooler::Metrics::DummyStatsd.new }
  let(:config) { {} }
  let(:dns_plugin_name) { 'base' }
  let(:dns_options) { { 'param' => 'value' } }
  let(:fake_vm) {
    fake_vm = {}
    fake_vm['name'] = 'vm1'
    fake_vm['hostname'] = 'vm1'
    fake_vm['template'] = 'pool1'
    fake_vm['boottime'] = Time.now
    fake_vm['powerstate'] = 'PoweredOn'
    fake_vm
  }
  let(:redis_connection_pool) { Vmpooler::PoolManager::GenericConnectionPool.new(
    metrics: metrics,
    connpool_type: 'redis_connection_pool',
    connpool_provider: 'testprovider',
    size: 1,
    timeout: 5
  ) { MockRedis.new }
  }
  subject { Vmpooler::PoolManager::Dns::Base.new(config, logger, metrics, redis_connection_pool, dns_plugin_name, dns_options) }
  # Helper attr_reader methods
  describe '#logger' do
    it 'should come from the provider initialization' do
      expect(subject.logger).to be(logger)
    end
  end
  describe '#metrics' do
    it 'should come from the provider initialization' do
      expect(subject.metrics).to be(metrics)
    end
  end
  describe '#dns_options' do
    it 'should come from the provider initialization' do
      expect(subject.dns_options).to be(dns_options)
    end
  end
  describe '#pool_config' do
    let(:poolname) { 'pool1' }
    let(:config) { YAML.load(<<-EOT
 ---
 :pools:
  - name: '#{poolname}'
    alias: [ 'mockpool' ]
    template: 'Templates/pool1'
    folder: 'Pooler/pool1'
    datastore: 'datastore0'
    size: 5
    timeout: 10
    ready_ttl: 1440
    clone_target: 'cluster1'
 EOT
      )
    }
    context 'Given a pool that does not exist' do
      it 'should return nil' do
        expect(subject.pool_config('missing_pool')).to be_nil
      end
    end
    context 'Given a pool that does exist' do
      it 'should return the pool\'s configuration' do
        result = subject.pool_config(poolname)
        expect(result['name']).to eq(poolname)
      end
    end
  end
  describe '#dns_config' do
    let(:poolname) { 'pool1' }
    let(:config) { YAML.load(<<-EOT
 ---
 :dns_configs:
  :#{dns_plugin_name}:
    option1: 'value1'
 EOT
      )
    }
    context 'Given a dns plugin with no configuration' do
    let(:config) { YAML.load(<<-EOT
 ---
 :dns_configs:
  :bad_dns:
    option1: 'value1'
    option2: 'value1'
 EOT
      )
    }
      it 'should return nil' do
        expect(subject.dns_config).to be_nil
      end
    end
    context 'Given a correct dns config name' do
      it 'should return the dns\'s configuration' do
        result = subject.dns_config
        expect(result['option1']).to eq('value1')
      end
    end
  end
  describe '#global_config' do
    it 'should come from the dns initialization' do
      expect(subject.global_config).to be(config)
    end
  end
  describe '#name' do
    it "should come from the dns initialization" do
      expect(subject.name).to eq(dns_plugin_name)
    end
  end
  describe '#get_ip' do
    it 'calls redis hget with vm name and ip' do
      redis_connection_pool.with do |redis|
        expect(redis).to receive(:hget).with("vmpooler__vm__vm1", 'ip')
      end
      subject.get_ip(fake_vm['name'])
    end
  end
  describe '#provided_pools' do
    let(:config) { YAML.load(<<-EOT
 ---
 :pools:
  - name: 'pool1'
    dns_config: 'base'
  - name: 'pool2'
    dns_config: 'base'
  - name: 'otherpool'
    dns_config: 'other provider'
  - name: 'no name'
 EOT
      )
    }
    it "should return pools serviced by this provider" do
      expect(subject.provided_pools).to eq(['pool1','pool2'])
    end
  end
  describe '#create_or_replace_record' do
    it 'should raise error' do
      expect{subject.create_or_replace_record('pool')}.to raise_error(/does not implement create_or_replace_record/)
    end
  end
  describe '#delete_record' do
    it 'should raise error' do
      expect{subject.delete_record('pool')}.to raise_error(/does not implement delete_record/)
    end
  end
 end
--- a/spec/unit/dns_spec.rb
+++ b/spec/unit/dns_spec.rb
@ -0,0 +1,62 @@
 require 'spec_helper'
 describe 'Vmpooler::Dns' do
  let(:dns_class) { 'mock-dnsservice' }
  let(:dns_config_name) { 'mock' }
  let(:pool) { 'pool1' }
  let(:config) { YAML.load(<<~EOT
  ---
  :dns_configs:
    :mock:
      dns_class: 'mock'
      domain: 'example.com'
  :pools:
    - name: 'pool1'
      dns_plugin: 'mock'
 EOT
  )}
  subject { Vmpooler::Dns.new }
  describe '.get_dns_plugin_class_by_name' do
    it 'returns the plugin class for the specified config' do
      result = Vmpooler::Dns.get_dns_plugin_class_by_name(config, dns_config_name)
      expect(result).to eq('mock')
    end
  end
  describe '.get_domain_for_pool' do
    it 'returns the domain for the specified pool' do
      result = Vmpooler::Dns.get_domain_for_pool(config, pool)
      expect(result).to eq('example.com')
    end
  end
  describe '.get_dns_plugin_domain_by_name' do
    it 'returns the domain for the specified config' do
      result = Vmpooler::Dns.get_dns_plugin_domain_by_name(config, dns_config_name)
      expect(result).to eq('example.com')
    end
  end
  describe '.get_dns_plugin_config_classes' do
    it 'returns the list of dns plugin classes' do
      result = Vmpooler::Dns.get_dns_plugin_config_classes(config)
      expect(result).to eq(['mock'])
    end
  end
  describe '#load_from_gems' do
    let(:gem_name) { 'mock-dnsservice' }
    let(:translated_gem_name) { 'mock/dnsservice' }
    before(:each) do
      allow(subject).to receive(:require).with(gem_name).and_return(true)
    end
    it 'loads the specified gem' do
      expect(subject).to receive(:require).with("vmpooler/dns/#{translated_gem_name}")
      result = subject.load_from_gems(gem_name)
      expect(result).to eq("vmpooler/dns/#{translated_gem_name}")
    end
  end
 end
--- a/spec/unit/env_config.rb
+++ b/spec/unit/env_config.rb
@ -22,13 +22,12 @@ describe 'Vmpooler' do
        ['prefix', test_string, ""],
        ['logfile', test_string, nil],
        ['site_name', test_string, nil],
        ['domain', test_string, nil],
        ['clone_target', test_string, nil],
        ['create_folders', test_bool, nil],
        ['create_template_delta_disks', test_bool, nil],
        ['create_linked_clones', test_bool, nil],
        ['experimental_features', test_bool, nil],
-        ['purge_unconfigured_folders', test_bool, nil],
+        ['purge_unconfigured_resources', test_bool, nil],
        ['usage_stats', test_bool, nil],
        ['request_logger', test_bool, nil],
        ['extra_config', test_string, nil],
--- a/spec/unit/pool_manager_spec.rb
+++ b/spec/unit/pool_manager_spec.rb
--- a/spec/unit/promstats_spec.rb
+++ b/spec/unit/promstats_spec.rb
@ -198,46 +198,51 @@ describe 'prometheus' do
          po.get(labels: metric[:labels])
        }.by(1)
      end
-      it 'Increments user.#{user}.#{poolname}' do
+      it 'Increments user.#{user}.#{operation}.#{poolname}' do
        user = 'myuser'
        operation = 'allocate'
        poolname = 'test-pool'
-        expect { subject.increment("user.#{user}.#{poolname}") }.to change {
+        expect { subject.increment("user.#{user}.#{operation}.#{poolname}") }.to change {
-          metric, po = subject.get("user.#{user}.#{poolname}")
+          metric, po = subject.get("user.#{user}.#{operation}.#{poolname}")
          po.get(labels: metric[:labels])
        }.by(1)
      end
-      it 'Increments usage_litmus.#{user}.#{poolname}' do
+      it 'Increments usage_litmus.#{user}.#{operation}.#{poolname}' do
        user = 'myuser'
        operation = 'allocate'
        poolname = 'test-pool'
-        expect { subject.increment("usage_litmus.#{user}.#{poolname}") }.to change {
+        expect { subject.increment("usage_litmus.#{user}.#{operation}.#{poolname}") }.to change {
-          metric, po = subject.get("usage_litmus.#{user}.#{poolname}")
+          metric, po = subject.get("usage_litmus.#{user}.#{operation}.#{poolname}")
          po.get(labels: metric[:labels])
        }.by(1)
      end
-      it 'Increments label usage_jenkins_instance.#{jenkins_instance}.#{value_stream}.#{poolname}' do
+      it 'Increments label usage_jenkins_instance.#{jenkins_instance}.#{value_stream}.#{operation}.#{poolname}' do
        jenkins_instance = 'jenkins_test_instance'
        value_stream = 'notional_value'
        operation = 'allocate'
        poolname = 'test-pool'
-        expect { subject.increment("usage_jenkins_instance.#{jenkins_instance}.#{value_stream}.#{poolname}") }.to change {
+        expect { subject.increment("usage_jenkins_instance.#{jenkins_instance}.#{value_stream}.#{operation}.#{poolname}") }.to change {
-          metric, po = subject.get("usage_jenkins_instance.#{jenkins_instance}.#{value_stream}.#{poolname}")
+          metric, po = subject.get("usage_jenkins_instance.#{jenkins_instance}.#{value_stream}.#{operation}.#{poolname}")
          po.get(labels: metric[:labels])
        }.by(1)
      end
-      it 'Increments label usage_branch_project.#{branch}.#{project}.#{poolname}' do
+      it 'Increments label usage_branch_project.#{branch}.#{project}.#{operation}.#{poolname}' do
        branch = 'treetop'
        project = 'test-project'
        operation = 'allocate'
        poolname = 'test-pool'
-        expect { subject.increment("usage_branch_project.#{branch}.#{project}.#{poolname}") }.to change {
+        expect { subject.increment("usage_branch_project.#{branch}.#{project}.#{operation}.#{poolname}") }.to change {
-          metric, po = subject.get("usage_branch_project.#{branch}.#{project}.#{poolname}")
+          metric, po = subject.get("usage_branch_project.#{branch}.#{project}.#{operation}.#{poolname}")
          po.get(labels: metric[:labels])
        }.by(1)
      end
-      it 'Increments label usage_job_component.#{job_name}.#{component_to_test}.#{poolname}' do
+      it 'Increments label usage_job_component.#{job_name}.#{component_to_test}.#{operation}.#{poolname}' do
        job_name = 'a-job'
        component_to_test = 'component-name'
        operation = 'allocate'
        poolname = 'test-pool'
-        expect { subject.increment("usage_job_component.#{job_name}.#{component_to_test}.#{poolname}") }.to change {
+        expect { subject.increment("usage_job_component.#{job_name}.#{component_to_test}.#{operation}.#{poolname}") }.to change {
-          metric, po = subject.get("usage_job_component.#{job_name}.#{component_to_test}.#{poolname}")
+          metric, po = subject.get("usage_job_component.#{job_name}.#{component_to_test}.#{operation}.#{poolname}")
          po.get(labels: metric[:labels])
        }.by(1)
      end
--- a/spec/unit/providers/vsphere_spec.rb
+++ b/spec/unit/providers/vsphere_spec.rb
--- a/spec/unit/providers_spec.rb
+++ b/spec/unit/providers_spec.rb
@ -12,12 +12,8 @@ describe 'providers' do
  end
  it '#load_all_providers' do
-    p = [
+    expect(Vmpooler::Providers.load_all_providers.join(', ')).to match(%r{#{project_root_dir}/lib/vmpooler/providers/base.rb})
-        File.join(project_root_dir, 'lib', 'vmpooler', 'providers', 'base.rb'),
+    expect(Vmpooler::Providers.load_all_providers.join(', ')).to match(%r{#{project_root_dir}/lib/vmpooler/providers/dummy.rb})
        File.join(project_root_dir, 'lib', 'vmpooler', 'providers', 'dummy.rb'),
        File.join(project_root_dir, 'lib', 'vmpooler', 'providers', 'vsphere.rb')
    ]
    expect(Vmpooler::Providers.load_all_providers).to match_array(p)
  end
  it '#installed_providers' do
@ -30,21 +26,18 @@ describe 'providers' do
  end
  it '#load_by_name' do
-    expect(Vmpooler::Providers.load_by_name('vsphere')).to eq([File.join(project_root_dir, 'lib', 'vmpooler', 'providers', 'vsphere.rb')])
+    expect(Vmpooler::Providers.load_by_name('dummy').join(', ')).to match(%r{#{project_root_dir}/lib/vmpooler/providers/dummy.rb})
    expect(Vmpooler::Providers.load_by_name('dummy').join(', ')).to_not match(%r{,})
  end
-  it '#load only vpshere' do
+  it '#load only dummy' do
-    expect(providers.load_from_gems('vsphere')).to eq([File.join(project_root_dir, 'lib', 'vmpooler', 'providers', 'vsphere.rb')])
+    expect(providers.load_from_gems('dummy').join(', ')).to match(%r{#{project_root_dir}/lib/vmpooler/providers/dummy.rb})
    expect(providers.load_from_gems('dummy').join(', ')).to_not match(%r{,})
  end
  it '#load all providers from gems' do
-    p = [
+    expect(providers.load_from_gems.join(', ')).to match(%r{#{project_root_dir}/lib/vmpooler/providers/base.rb})
-        File.join(project_root_dir, 'lib', 'vmpooler', 'providers', 'base.rb'),
+    expect(providers.load_from_gems.join(', ')).to match(%r{#{project_root_dir}/lib/vmpooler/providers/dummy.rb})
        File.join(project_root_dir, 'lib', 'vmpooler', 'providers', 'dummy.rb'),
        File.join(project_root_dir, 'lib', 'vmpooler', 'providers', 'vsphere.rb')
    ]
    expect(providers.load_from_gems).to match_array(p)
  end
--- a/spec/unit/queue_reliability_spec.rb
+++ b/spec/unit/queue_reliability_spec.rb
@ -0,0 +1,497 @@
 # frozen_string_literal: true
 require 'spec_helper'
 require 'vmpooler/pool_manager'
 describe 'Vmpooler::PoolManager - Queue Reliability Features' do
  let(:logger) { MockLogger.new }
  let(:redis_connection_pool) { ConnectionPool.new(size: 1) { redis } }
  let(:metrics) { Vmpooler::Metrics::DummyStatsd.new }
  let(:config) { YAML.load(<<~EOT
    ---
    :config:
      task_limit: 10
      vm_checktime: 1
      vm_lifetime: 12
      prefix: 'pooler-'
      dlq_enabled: true
      dlq_ttl: 168
      dlq_max_entries: 100
      purge_enabled: true
      purge_dry_run: false
      max_pending_age: 7200
      max_ready_age: 86400
      max_completed_age: 3600
      health_check_enabled: true
      health_check_interval: 300
      health_thresholds:
        pending_queue_max: 100
        ready_queue_max: 500
        dlq_max_warning: 100
        dlq_max_critical: 1000
        stuck_vm_age_threshold: 7200
    :providers:
      :dummy: {}
    :pools:
      - name: 'test-pool'
        size: 5
        provider: 'dummy'
    EOT
    )
  }
  subject { Vmpooler::PoolManager.new(config, logger, redis_connection_pool, metrics) }
  describe 'Dead-Letter Queue (DLQ)' do
    let(:vm) { 'vm-abc123' }
    let(:pool) { 'test-pool' }
    let(:error_class) { 'StandardError' }
    let(:error_message) { 'template does not exist' }
    let(:request_id) { 'req-123' }
    let(:pool_alias) { 'test-alias' }
    before(:each) do
      redis_connection_pool.with do |redis_connection|
        allow(redis_connection).to receive(:zadd)
        allow(redis_connection).to receive(:zcard).and_return(0)
        allow(redis_connection).to receive(:expire)
      end
    end
    describe '#dlq_enabled?' do
      it 'returns true when dlq_enabled is true in config' do
        expect(subject.dlq_enabled?).to be true
      end
      it 'returns false when dlq_enabled is false in config' do
        config[:config]['dlq_enabled'] = false
        expect(subject.dlq_enabled?).to be false
      end
    end
    describe '#dlq_ttl' do
      it 'returns configured TTL' do
        expect(subject.dlq_ttl).to eq(168)
      end
      it 'returns default TTL when not configured' do
        config[:config].delete('dlq_ttl')
        expect(subject.dlq_ttl).to eq(168)
      end
    end
    describe '#dlq_max_entries' do
      it 'returns configured max entries' do
        expect(subject.dlq_max_entries).to eq(100)
      end
      it 'returns default max entries when not configured' do
        config[:config].delete('dlq_max_entries')
        expect(subject.dlq_max_entries).to eq(10000)
      end
    end
    describe '#move_to_dlq' do
      context 'when DLQ is enabled' do
        it 'adds entry to DLQ sorted set' do
          redis_connection_pool.with do |redis_connection|
            dlq_key = 'vmpooler__dlq__pending'
            expect(redis_connection).to receive(:zadd).with(dlq_key, anything, anything)
            expect(redis_connection).to receive(:expire).with(dlq_key, anything)
            subject.move_to_dlq(vm, pool, 'pending', error_class, error_message, 
                               redis_connection, request_id: request_id, pool_alias: pool_alias)
          end
        end
        it 'includes error details in DLQ entry' do
          redis_connection_pool.with do |redis_connection|
            expect(redis_connection).to receive(:zadd) do |_key, _score, entry|
              expect(entry).to include(vm)
              expect(entry).to include(error_message)
              expect(entry).to include(error_class)
            end
            subject.move_to_dlq(vm, pool, 'pending', error_class, error_message, redis_connection)
          end
        end
        it 'increments DLQ metrics' do
          redis_connection_pool.with do |redis_connection|
            expect(metrics).to receive(:increment).with('vmpooler_dlq.pending.count')
            subject.move_to_dlq(vm, pool, 'pending', error_class, error_message, redis_connection)
          end
        end
        it 'enforces max entries limit' do
          redis_connection_pool.with do |redis_connection|
            allow(redis_connection).to receive(:zcard).and_return(150)
            expect(redis_connection).to receive(:zremrangebyrank).with(anything, 0, 49)
            subject.move_to_dlq(vm, pool, 'pending', error_class, error_message, redis_connection)
          end
        end
      end
      context 'when DLQ is disabled' do
        before { config[:config]['dlq_enabled'] = false }
        it 'does not add entry to DLQ' do
          redis_connection_pool.with do |redis_connection|
            expect(redis_connection).not_to receive(:zadd)
            subject.move_to_dlq(vm, pool, 'pending', error_class, error_message, redis_connection)
          end
        end
      end
    end
  end
  describe 'Auto-Purge' do
    describe '#purge_enabled?' do
      it 'returns true when purge_enabled is true in config' do
        expect(subject.purge_enabled?).to be true
      end
      it 'returns false when purge_enabled is false in config' do
        config[:config]['purge_enabled'] = false
        expect(subject.purge_enabled?).to be false
      end
    end
    describe '#purge_dry_run?' do
      it 'returns false when purge_dry_run is false in config' do
        expect(subject.purge_dry_run?).to be false
      end
      it 'returns true when purge_dry_run is true in config' do
        config[:config]['purge_dry_run'] = true
        expect(subject.purge_dry_run?).to be true
      end
    end
    describe '#max_pending_age' do
      it 'returns configured max age' do
        expect(subject.max_pending_age).to eq(7200)
      end
      it 'returns default max age when not configured' do
        config[:config].delete('max_pending_age')
        expect(subject.max_pending_age).to eq(7200)
      end
    end
    describe '#purge_pending_queue' do
      let(:pool) { 'test-pool' }
      let(:old_vm) { 'vm-old' }
      let(:new_vm) { 'vm-new' }
      before(:each) do
        redis_connection_pool.with do |redis_connection|
          # Old VM (3 hours old, exceeds 2 hour threshold)
          redis_connection.sadd("vmpooler__pending__#{pool}", old_vm)
          redis_connection.hset("vmpooler__vm__#{old_vm}", 'clone', (Time.now - 10800).to_s)
          # New VM (30 minutes old, within threshold)
          redis_connection.sadd("vmpooler__pending__#{pool}", new_vm)
          redis_connection.hset("vmpooler__vm__#{new_vm}", 'clone', (Time.now - 1800).to_s)
        end
      end
      context 'when not in dry-run mode' do
        it 'purges stale pending VMs' do
          redis_connection_pool.with do |redis_connection|
            purged_count = subject.purge_pending_queue(pool, redis_connection)
            expect(purged_count).to eq(1)
            expect(redis_connection.sismember("vmpooler__pending__#{pool}", old_vm)).to be false
            expect(redis_connection.sismember("vmpooler__pending__#{pool}", new_vm)).to be true
          end
        end
        it 'moves purged VMs to DLQ' do
          redis_connection_pool.with do |redis_connection|
            expect(subject).to receive(:move_to_dlq).with(
              old_vm, pool, 'pending', 'Purge', anything, redis_connection, anything
            )
            subject.purge_pending_queue(pool, redis_connection)
          end
        end
        it 'increments purge metrics' do
          redis_connection_pool.with do |redis_connection|
            expect(metrics).to receive(:increment).with("vmpooler_purge.pending.#{pool}.count")
            subject.purge_pending_queue(pool, redis_connection)
          end
        end
      end
      context 'when in dry-run mode' do
        before { config[:config]['purge_dry_run'] = true }
        it 'detects but does not purge stale VMs' do
          redis_connection_pool.with do |redis_connection|
            purged_count = subject.purge_pending_queue(pool, redis_connection)
            expect(purged_count).to eq(1)
            expect(redis_connection.sismember("vmpooler__pending__#{pool}", old_vm)).to be true
          end
        end
        it 'does not move to DLQ' do
          redis_connection_pool.with do |redis_connection|
            expect(subject).not_to receive(:move_to_dlq)
            subject.purge_pending_queue(pool, redis_connection)
          end
        end
      end
    end
    describe '#purge_ready_queue' do
      let(:pool) { 'test-pool' }
      let(:old_vm) { 'vm-old-ready' }
      let(:new_vm) { 'vm-new-ready' }
      before(:each) do
        redis_connection_pool.with do |redis_connection|
          # Old VM (25 hours old, exceeds 24 hour threshold)
          redis_connection.sadd("vmpooler__ready__#{pool}", old_vm)
          redis_connection.hset("vmpooler__vm__#{old_vm}", 'ready', (Time.now - 90000).to_s)
          # New VM (2 hours old, within threshold)
          redis_connection.sadd("vmpooler__ready__#{pool}", new_vm)
          redis_connection.hset("vmpooler__vm__#{new_vm}", 'ready', (Time.now - 7200).to_s)
        end
      end
      it 'moves stale ready VMs to completed queue' do
        redis_connection_pool.with do |redis_connection|
          purged_count = subject.purge_ready_queue(pool, redis_connection)
          expect(purged_count).to eq(1)
          expect(redis_connection.sismember("vmpooler__ready__#{pool}", old_vm)).to be false
          expect(redis_connection.sismember("vmpooler__completed__#{pool}", old_vm)).to be true
          expect(redis_connection.sismember("vmpooler__ready__#{pool}", new_vm)).to be true
        end
      end
    end
    describe '#purge_completed_queue' do
      let(:pool) { 'test-pool' }
      let(:old_vm) { 'vm-old-completed' }
      let(:new_vm) { 'vm-new-completed' }
      before(:each) do
        redis_connection_pool.with do |redis_connection|
          # Old VM (2 hours old, exceeds 1 hour threshold)
          redis_connection.sadd("vmpooler__completed__#{pool}", old_vm)
          redis_connection.hset("vmpooler__vm__#{old_vm}", 'destroy', (Time.now - 7200).to_s)
          # New VM (30 minutes old, within threshold)
          redis_connection.sadd("vmpooler__completed__#{pool}", new_vm)
          redis_connection.hset("vmpooler__vm__#{new_vm}", 'destroy', (Time.now - 1800).to_s)
        end
      end
      it 'removes stale completed VMs' do
        redis_connection_pool.with do |redis_connection|
          purged_count = subject.purge_completed_queue(pool, redis_connection)
          expect(purged_count).to eq(1)
          expect(redis_connection.sismember("vmpooler__completed__#{pool}", old_vm)).to be false
          expect(redis_connection.sismember("vmpooler__completed__#{pool}", new_vm)).to be true
        end
      end
    end
  end
  describe 'Health Checks' do
    describe '#health_check_enabled?' do
      it 'returns true when health_check_enabled is true in config' do
        expect(subject.health_check_enabled?).to be true
      end
      it 'returns false when health_check_enabled is false in config' do
        config[:config]['health_check_enabled'] = false
        expect(subject.health_check_enabled?).to be false
      end
    end
    describe '#health_thresholds' do
      it 'returns configured thresholds' do
        thresholds = subject.health_thresholds
        expect(thresholds['pending_queue_max']).to eq(100)
        expect(thresholds['stuck_vm_age_threshold']).to eq(7200)
      end
      it 'merges with defaults when partially configured' do
        config[:config]['health_thresholds'] = { 'pending_queue_max' => 200 }
        thresholds = subject.health_thresholds
        expect(thresholds['pending_queue_max']).to eq(200)
        expect(thresholds['ready_queue_max']).to eq(500) # default
      end
    end
    describe '#calculate_queue_ages' do
      let(:pool) { 'test-pool' }
      let(:vm1) { 'vm-1' }
      let(:vm2) { 'vm-2' }
      let(:vm3) { 'vm-3' }
      before(:each) do
        redis_connection_pool.with do |redis_connection|
          redis_connection.hset("vmpooler__vm__#{vm1}", 'clone', (Time.now - 3600).to_s)
          redis_connection.hset("vmpooler__vm__#{vm2}", 'clone', (Time.now - 7200).to_s)
          redis_connection.hset("vmpooler__vm__#{vm3}", 'clone', (Time.now - 1800).to_s)
        end
      end
      it 'calculates ages for all VMs' do
        redis_connection_pool.with do |redis_connection|
          vms = [vm1, vm2, vm3]
          ages = subject.calculate_queue_ages(vms, 'clone', redis_connection)
          expect(ages.length).to eq(3)
          expect(ages[0]).to be_within(5).of(3600)
          expect(ages[1]).to be_within(5).of(7200)
          expect(ages[2]).to be_within(5).of(1800)
        end
      end
      it 'skips VMs with missing timestamps' do
        redis_connection_pool.with do |redis_connection|
          vms = [vm1, 'vm-nonexistent', vm3]
          ages = subject.calculate_queue_ages(vms, 'clone', redis_connection)
          expect(ages.length).to eq(2)
        end
      end
    end
    describe '#determine_health_status' do
      let(:base_metrics) do
        {
          'queues' => {
            'test-pool' => {
              'pending' => { 'size' => 10, 'stuck_count' => 2 },
              'ready' => { 'size' => 50 }
            }
          },
          'errors' => {
            'dlq_total_size' => 50,
            'stuck_vm_count' => 2
          }
        }
      end
      it 'returns healthy when all metrics are within thresholds' do
        status = subject.determine_health_status(base_metrics)
        expect(status).to eq('healthy')
      end
      it 'returns degraded when DLQ size exceeds warning threshold' do
        metrics = base_metrics.dup
        metrics['errors']['dlq_total_size'] = 150
        status = subject.determine_health_status(metrics)
        expect(status).to eq('degraded')
      end
      it 'returns unhealthy when DLQ size exceeds critical threshold' do
        metrics = base_metrics.dup
        metrics['errors']['dlq_total_size'] = 1500
        status = subject.determine_health_status(metrics)
        expect(status).to eq('unhealthy')
      end
      it 'returns degraded when pending queue exceeds warning threshold' do
        metrics = base_metrics.dup
        metrics['queues']['test-pool']['pending']['size'] = 120
        status = subject.determine_health_status(metrics)
        expect(status).to eq('degraded')
      end
      it 'returns unhealthy when pending queue exceeds critical threshold' do
        metrics = base_metrics.dup
        metrics['queues']['test-pool']['pending']['size'] = 250
        status = subject.determine_health_status(metrics)
        expect(status).to eq('unhealthy')
      end
      it 'returns unhealthy when stuck VM count exceeds critical threshold' do
        metrics = base_metrics.dup
        metrics['errors']['stuck_vm_count'] = 60
        status = subject.determine_health_status(metrics)
        expect(status).to eq('unhealthy')
      end
    end
    describe '#push_health_metrics' do
      let(:metrics_data) do
        {
          'queues' => {
            'test-pool' => {
              'pending' => { 'size' => 10, 'oldest_age' => 3600, 'stuck_count' => 2 },
              'ready' => { 'size' => 50, 'oldest_age' => 7200 },
              'completed' => { 'size' => 5 }
            }
          },
          'tasks' => {
            'clone' => { 'active' => 3 },
            'ondemand' => { 'active' => 2, 'pending' => 5 }
          },
          'errors' => {
            'dlq_total_size' => 25,
            'stuck_vm_count' => 2,
            'orphaned_metadata_count' => 3
          }
        }
      end
      it 'pushes status metric' do
        allow(metrics).to receive(:gauge)
        expect(metrics).to receive(:gauge).with('vmpooler_health.status', 0)
        subject.push_health_metrics(metrics_data, 'healthy')
      end
      it 'pushes error metrics' do
        allow(metrics).to receive(:gauge)
        expect(metrics).to receive(:gauge).with('vmpooler_health.dlq.total_size', 25)
        expect(metrics).to receive(:gauge).with('vmpooler_health.stuck_vms.count', 2)
        expect(metrics).to receive(:gauge).with('vmpooler_health.orphaned_metadata.count', 3)
        subject.push_health_metrics(metrics_data, 'healthy')
      end
      it 'pushes per-pool queue metrics' do
        allow(metrics).to receive(:gauge)
        expect(metrics).to receive(:gauge).with('vmpooler_health.queue.test-pool.pending.size', 10)
        expect(metrics).to receive(:gauge).with('vmpooler_health.queue.test-pool.pending.oldest_age', 3600)
        expect(metrics).to receive(:gauge).with('vmpooler_health.queue.test-pool.pending.stuck_count', 2)
        expect(metrics).to receive(:gauge).with('vmpooler_health.queue.test-pool.ready.size', 50)
        subject.push_health_metrics(metrics_data, 'healthy')
      end
      it 'pushes task metrics' do
        allow(metrics).to receive(:gauge)
        expect(metrics).to receive(:gauge).with('vmpooler_health.tasks.clone.active', 3)
        expect(metrics).to receive(:gauge).with('vmpooler_health.tasks.ondemand.active', 2)
        expect(metrics).to receive(:gauge).with('vmpooler_health.tasks.ondemand.pending', 5)
        subject.push_health_metrics(metrics_data, 'healthy')
      end
    end
  end
 end
--- a/spec/unit/util/parsing_spec.rb
+++ b/spec/unit/util/parsing_spec.rb
@ -0,0 +1,11 @@
 require 'spec_helper'
 # The only method previously tested here was '#get_domain_for_pool'
 # which was moved to Vmpooler::Dns as the more appropriate class
 #
 # TODO: Add tests for last remaining method, or move to more appropriate class
 describe 'Vmpooler::Parsing' do
  let(:pool) { 'pool1' }
  subject { Vmpooler::Parsing }
 end
--- a/spec/unit/vmpooler_spec.rb
+++ b/spec/unit/vmpooler_spec.rb
@ -20,6 +20,21 @@ describe 'Vmpooler' do
          expect(Vmpooler.config[:pools]).to eq(default_config[:pools])
        end
      end
      it 'keeps a copy of the original pools at startup' do
        Dir.chdir(fixtures_dir) do
          configuration = Vmpooler.config
          expect(configuration[:pools]).to eq(configuration[:pools_at_startup])
        end
      end
      it 'the copy is a separate object and not a reference' do
        Dir.chdir(fixtures_dir) do
          configuration = Vmpooler.config
          configuration[:pools][0]['template'] = 'sam'
          expect(configuration[:pools]).not_to eq(configuration[:pools_at_startup])
        end
      end
    end
    context 'when config variable is set' do
@ -30,10 +45,55 @@ describe 'Vmpooler' do
    end
    context 'when config file is set' do
-      it 'should use the file' do
+      before(:each) do
        ENV['VMPOOLER_CONFIG_FILE'] = config_file
      end
      it 'should use the file' do
        expect(Vmpooler.config[:pools]).to eq(config[:pools])
      end
      it 'merges one extra file, results in two providers' do
        ENV['EXTRA_CONFIG'] = File.join(fixtures_dir, 'extra_config1.yaml')
        expect(Vmpooler.config[:providers].keys).to include(:dummy)
        expect(Vmpooler.config[:providers].keys).to include(:alice)
      end
      it 'merges two extra file, results in three providers and an extra pool' do
        extra1 = File.join(fixtures_dir, 'extra_config1.yaml')
        extra2 = File.join(fixtures_dir, 'extra_config2.yaml')
        ENV['EXTRA_CONFIG'] = "#{extra1},#{extra2}"
        expect(Vmpooler.config[:providers].keys).to include(:dummy)
        expect(Vmpooler.config[:providers].keys).to include(:alice)
        expect(Vmpooler.config[:providers].keys).to include(:bob)
        merged_pools = [{"name"=>"pool03", "provider"=>"dummy", "dns_plugin"=>"example", "ready_ttl"=>5, "size"=>5},
                        {"name"=>"pool04", "provider"=>"dummy", "dns_plugin"=>"example", "ready_ttl"=>5, "size"=>5},
                        {"name"=>"pool05", "provider"=>"dummy", "dns_plugin"=>"example", "ready_ttl"=>5, "size"=>5}]
        expect(Vmpooler.config[:pools]).to eq(merged_pools)
        expect(Vmpooler.config[:config]).not_to be_nil #merge does not deleted existing keys
      end
    end
    context 'when domain' do
      context 'is set as a variable' do
        before(:each) do
          ENV['VMPOOLER_CONFIG_FILE'] = config_file
          ENV['DOMAIN'] = 'example.com'
        end
        it 'should exit' do
          expect { Vmpooler.config }.to raise_error(SystemExit)
        end
      end
      context 'is set in a config file' do
        let(:config_file) { File.join(fixtures_dir, 'vmpooler_domain.yaml') }
        before(:each) do
          ENV['VMPOOLER_CONFIG_FILE'] = config_file
        end
        it 'should exit' do
          expect { Vmpooler.config }.to raise_error(SystemExit)
        end
      end
    end
  end
 end
--- a/7
+++ b/7
@ -0,0 +1,7 @@
 #!/usr/bin/env bash
 # The container tag should closely match what is used in `docker/Dockerfile` in vmpooler-deployment
 docker run -it --rm \
  -v $(pwd):/app \
  jruby:9.4.12.1-jdk11 \
  /bin/bash -c 'apt-get update -qq && apt-get install -y --no-install-recommends git make netbase build-essential && cd /app && gem install bundler && bundle install --jobs 3 && bundle update; echo "LOCK_FILE_UPDATE_EXIT_CODE=$?"'
--- a/utils/vmp_utils
+++ b/utils/vmp_utils
@ -0,0 +1,86 @@
 #!/usr/bin/env ruby
 # frozen_string_literal: true
 require 'date'
 require 'json'
 require 'redis'
 require 'thor'
 class VMPUtils < Thor
  desc 'export_tokens', 'Export VMPooler tokens'
  long_desc <<-LONGDESC
    vmp_utils export_tokens will export the tokens stored in redis as JSON
    to the specified file. By default it will export all tokens used within
    the last year. This can be overridden by setting the "since-date" option.
  LONGDESC
  option :since_date, default: (DateTime.now - 365).iso8601
  option :redis_host, required: true
  option :redis_password
  option :redis_port, type: :numeric, default: 6379
  option :output_file, required: true
  def export_tokens
    redis = Redis.new(host: options[:redis_host], port: options[:redis_port], password: options[:redis_password])
    begin
      redis.ping
      puts "connection successful to #{options[:redis_host]}"
      tokens_to_export = {}
      date_filter = DateTime.parse(options[:since_date])
      redis.scan_each(match: 'vmpooler__token__*') do |key|
        print('.')
        key_data = redis.hgetall(key)
        export = false
        if key_data.key?('last') && date_filter < DateTime.parse(key_data['last'])
          export = true
        elsif date_filter < DateTime.parse(key_data['created'])
          export = true
        end
        tokens_to_export[key] = key_data if export
      end
      puts ''
      File.open(options[:output_file], 'w') do |output|
        output.puts JSON.pretty_generate(tokens_to_export)
      end
    rescue Redis::CannotConnectError => e
      raise Thor::Error, e
    rescue Redis::CommandError => e
      raise Thor::Error, e
    end
  end
  desc 'import_tokens', 'Import previously exported VMPooler tokens'
  long_desc <<-LONGDESC
    vmp_utils import_tokens will load tokens from a previous export into the
    specified redis instance. It expects a JSON file like the one generated by
    export_tokens to be provided as input.
  LONGDESC
  option :redis_host, required: true
  option :redis_password
  option :redis_port, type: :numeric, default: 6379
  option :input_file, required: true
  def import_tokens
    raise Thor::Error, "input-file '#{options[:input_file]}' doesn't exist" unless File.exist?(options[:input_file])
    begin
      data_file = File.read(options[:input_file])
      tokens_to_import = JSON.parse(data_file)
    rescue JSON::ParserError
      raise Thor::Error, "Unable to parse please verify that #{options[:input_file]}. Please make sure it is a valid JSON file"
    end
    redis = Redis.new(host: options[:redis_host], port: options[:redis_port], password: options[:redis_password])
    begin
      redis.ping
      puts "connection successful to #{options[:redis_host]}"
      tokens_to_import.each do |key, value|
        puts "importing token for #{value['user']}"
        redis.hset(key, value)
      end
    rescue Redis::CannotConnectError => e
      raise Thor::Error, e
    rescue Redis::CommandError => e
      raise Thor::Error, e
    end
  end
 end
 VMPUtils.start(ARGV)
--- a/vmpooler.gemspec
+++ b/vmpooler.gemspec
@ -11,40 +11,41 @@ Gem::Specification.new do |s|
  s.summary       = 'vmpooler provides configurable pools of instantly-available (running) virtual machines'
  s.homepage      = 'https://github.com/puppetlabs/vmpooler'
  s.license       = 'Apache-2.0'
  s.required_ruby_version = Gem::Requirement.new('>= 2.3.0')
  s.files         = Dir[ "bin/*", "lib/**/*" ]
  s.bindir        = 'bin'
  s.executables   = 'vmpooler'
  s.require_paths = ["lib"]
  s.add_dependency 'concurrent-ruby', '~> 1.1'
-  s.add_dependency 'connection_pool', '~> 2.2'
+  s.add_dependency 'connection_pool', '~> 2.4'
  s.add_dependency 'deep_merge', '~> 1.2'
  s.add_dependency 'net-ldap', '~> 0.16'
-  s.add_dependency 'nokogiri', '~> 1.10'
+  s.add_dependency 'opentelemetry-exporter-jaeger', '= 0.23.0'
-  s.add_dependency 'opentelemetry-exporter-jaeger', '= 0.15.0'
+  s.add_dependency 'opentelemetry-instrumentation-concurrent_ruby', '= 0.21.1'
-  s.add_dependency 'opentelemetry-instrumentation-concurrent_ruby', '= 0.15.0'
+  s.add_dependency 'opentelemetry-instrumentation-http_client', '= 0.22.2'
-  s.add_dependency 'opentelemetry-instrumentation-redis', '= 0.15.0'
+  s.add_dependency 'opentelemetry-instrumentation-rack', '= 0.23.4'
-  s.add_dependency 'opentelemetry-instrumentation-sinatra', '= 0.15.0'
+  s.add_dependency 'opentelemetry-instrumentation-redis', '= 0.25.3'
-  s.add_dependency 'opentelemetry-resource_detectors', '= 0.15.0'
+  s.add_dependency 'opentelemetry-instrumentation-sinatra', '= 0.23.2'
-  s.add_dependency 'opentelemetry-sdk', '= 0.15.0'
+  s.add_dependency 'opentelemetry-resource_detectors', '= 0.24.2'
  s.add_dependency 'opentelemetry-sdk', '~> 1.8'
  s.add_dependency 'pickup', '~> 0.0.11'
-  s.add_dependency 'prometheus-client', '~> 2.0'
+  s.add_dependency 'prometheus-client', '>= 2', '< 5'
-  s.add_dependency 'puma', '~> 5.0', '>= 5.0.4'
+  s.add_dependency 'puma', '>= 5.0.4', '< 7'
-  s.add_dependency 'rack', '~> 2.2'
+  s.add_dependency 'rack', '>= 2.2', '< 4.0'
  s.add_dependency 'rake', '~> 13.0'
-  s.add_dependency 'rbvmomi', '>= 2.1', '< 4.0'
+  s.add_dependency 'redis', '~> 5.0'
-  s.add_dependency 'redis', '~> 4.1'
+  s.add_dependency 'sinatra', '>= 2', '< 4'
  s.add_dependency 'sinatra', '~> 2.0'
  s.add_dependency 'spicy-proton', '~> 2.1'
  s.add_dependency 'statsd-ruby', '~> 1.4'
  # Testing dependencies
  s.add_development_dependency 'climate_control', '>= 0.2.0'
-  s.add_development_dependency 'mock_redis', '>= 0.17.0'
+  s.add_development_dependency 'mock_redis', '= 0.37.0'
  s.add_development_dependency 'pry'
  s.add_development_dependency 'rack-test', '>= 0.6'
  s.add_development_dependency 'rspec', '>= 3.2'
-  s.add_development_dependency 'rubocop', '~> 1.1.0'
+  s.add_development_dependency 'rubocop', '~> 1.56.0'
  s.add_development_dependency 'simplecov', '>= 0.11.2'
  s.add_development_dependency 'thor', '~> 1.0', '>= 1.0.1'
  s.add_development_dependency 'yarjuf', '>= 2.0'
 end
--- a/vmpooler.yaml.dummy-example
+++ b/vmpooler.yaml.dummy-example
@ -3,6 +3,12 @@
  :dummy:
    filename: '/tmp/dummy-backing.yaml'
 :dns_configs:
  :example:
    dns_class: dynamic-dns
    #domain: 'localhost' # Flip these out for local requests
    domain: 'example.com'
 :redis:
  server: 'localhost'
@ -17,14 +23,13 @@
  logfile: '/var/log/vmpooler.log'
  task_limit: 10
  timeout: 15
  timeout_notification: 5
  vm_checktime: 1
  vm_lifetime: 12
  vm_lifetime_auth: 24
  allowed_tags:
    - 'created_by'
    - 'project'
  domain: 'example.com'
  #domain: 'localhost' # Flip these out for local requests
  prefix: 'poolvm-'
 :pools:
@ -35,8 +40,10 @@
    datastore: 'vmstorage'
    size: 5
    timeout: 15
    timeout_notification: 5
    ready_ttl: 1440
    provider: dummy
    dns_plugin: 'example'
  - name: 'debian-7-x86_64'
    alias: [ 'debian-7-64', 'debian-7-amd64' ]
    template: 'Templates/debian-7-x86_64'
@ -44,6 +51,7 @@
    datastore: 'vmstorage'
    size: 5
    timeout: 15
    timeout_notification: 5
    ready_ttl: 1440
    provider: dummy
-
+    dns_plugin: 'example'
--- a/vmpooler.yaml.example
+++ b/vmpooler.yaml.example
@ -11,22 +11,29 @@
 #     For multiple providers, specify one of the supported backing services (vsphere or dummy)
 #     (optional: will default to it's parent :key: name eg. 'vsphere')
 #
-#   - purge_unconfigured_folders
+#   - purge_unconfigured_folders DEPRECATED, use purge_unconfigured_resources
-#     Enable purging of VMs and folders detected within the base folder path that are not configured for the provider
+#   - purge_unconfigured_resources
-#     Only a single layer of folders and their child VMs are evaluated from detected base folder paths
+#     Enable purging of resources (typically VMs) or other items based on the provider. Provides a high-level cleanup
-#     Nested child folders will not be destroyed. An optional whitelist can be provided to exclude folders
+#     mechanism for things that are live but not found in the vmpooler config ie in a pool config. See the provider's
-#     A base folder path for 'vmpooler/redhat-7' would be 'vmpooler'
+#     implementation for more details.
-#     Setting this on the provider will enable folder purging for the provider
+#     Setting this on the provider will enable purging for the provider
 #     Expects a boolean value
 #     (optional; default: false)
 #
-#   - folder_whitelist
+#   - folder_whitelist DEPRECATED, use resources_allowlist
-#     Specify folders that are within the base folder path, not in the configuration, and should not be destroyed
+#   - resources_allowlist
-#     To exclude 'vmpooler/myfolder' from being destroyed when the base path is 'vmpooler' you would specify 'myfolder' in the whitelist
+#     Specify items names that should be ignored when purging. See the provider's
-#     This option is only evaluated when 'purge_unconfigured_folders' is enabled
+#     implementation for more details.
-#     Expects an array of strings specifying the whitelisted folders by name
+#     This option is only evaluated when 'purge_unconfigured_resources' is enabled
 #     Expects an array of strings specifying the allowed items by name
 #     (optional; default: nil)
 #
 #   - skip_dns_check_before_creating_vm
 #     Setting this configuration parameter in a provider will make vmpooler skip the check it normally does for a DNS
 #     record. The normal behavior is to check DNS and if a record already exists (conflict) to re-generate a new hostname.
 #     By using this configuration parameter, it will skip the check and continue with the same conflicting name. This is
 #     useful for providers that can handle that case, for instance by replacing the existing DNS record with a new one.
 #
 # If you want to support more than one provider with different parameters (server, username or passwords) you have to specify the
 # backing service in the provider_class configuration parameter for example 'vsphere' or 'dummy'. Each pool can specify
 # the provider to use.
@ -360,6 +367,15 @@
 #   - user_object
 #     The LDAP object-type used to designate a user object.
 #
 #   - service_account_hash
 #     A hash containing the following parameters for a service account to perform the
 #     initial bind. After the initial bind, then a search query is performed using the
 #     'base' and 'user_object', then re-binds as the returned user.
 #     - :user_dn
 #     The full distinguished name (DN) of the service account used to bind.
 #     - :password
 #     The password for the service account used to bind.
 #
 # Example:
 # :auth:
 #   provider: 'ldap'
@ -368,12 +384,33 @@
 #     port: 389
 #     base: 'ou=users,dc=company,dc=com'
 #     user_object: 'uid'
 #
 # :auth:
 #   provider: 'ldap'
 #   :ldap:
 #     host: 'ldap.example.com'
 #     port: 636
 #     service_account_hash:
 #       :user_dn: 'cn=Service Account,ou=Accounts,dc=ldap,dc=example,dc=com'
 #       :password: 'service-account-password'
 #     encryption:
 #       :method: :simple_tls
 #       :tls_options:
 #         :ssl_version: 'TLSv1_2'
 #     base:
 #       - 'ou=Accounts,dc=company,dc=com'
 #     user_object:
 #       - 'samAccountName'
 :auth:
  provider: 'ldap'
  :ldap:
    host: 'ldap.example.com'
-    port: 389
+    port: 636
    encryption:
      :method: :simple_tls
      :tls_options:
        :ssl_version: 'TLSv1_2'
    base: 'ou=users,dc=company,dc=com'
    user_object: 'uid'
@ -419,6 +456,12 @@
 #     How long (in minutes) before marking a clone in 'pending' queues as 'failed' and retrying.
 #     (default: 15)
 #
 #   - max_vm_retries
 #     Maximum number of times to retry VM creation for a failed request before marking it as permanently failed.
 #     This helps prevent infinite retry loops when there are configuration issues like invalid template paths.
 #     Permanent errors (like invalid template paths) are detected and will not be retried.
 #     (default: 3)
 #
 #   - vm_checktime
 #     How often (in minutes) to check the sanity of VMs in 'ready' queues.
 #     (default: 1)
@ -434,9 +477,6 @@
 #   - allowed_tags
 #     If set, restricts tags to those specified in this array.
 #
 #   - domain
 #     If set, returns a top-level 'domain' JSON key in POST requests
 #
 #   - prefix
 #     If set, prefixes all created VMs with this string.  This should include
 #     a separator.
@ -514,10 +554,11 @@
 #     Expects a boolean value
 #     (optional; default: false)
 #
-#   - purge_unconfigured_folders (vSphere Provider only)
+#   - purge_unconfigured_folders DEPRECATED, use purge_unconfigured_resources
-#     Enable purging of VMs and folders detected within the base folder path that are not configured for the provider
+#   - purge_unconfigured_resources
-#     Only a single layer of folders and their child VMs are evaluated from detected base folder paths
+#     Enable purging of resources (typically VMs) or other items based on the provider. Provides a high-level cleanup
-#     A base folder path for 'vmpooler/redhat-7' would be 'vmpooler'
+#     mechanism for things that are live but not found in the vmpooler config ie in a pool config. See the provider's
 #     implementation for more details.
 #     When enabled in the global configuration then purging is enabled for all providers
 #     Expects a boolean value
 #     (optional; default: false)
@ -532,13 +573,13 @@
 #
 #   - usage_stats
 #     Enable shipping of VM usage stats
-#     When enabled a metric is emitted when a machine is destroyed. Tags are inspected and used to organize
+#     When enabled a metric is emitted when a user requested to allocate and destroy a VM. Tags are inspected and used to organize
 #     shipped metrics if there is a jenkins_build_url tag set for the VM.
-#     Without the jenkins_build_url tag set the metric will be sent as "usage.$user.$pool_name".
+#     Without the jenkins_build_url tag set the metric will be sent as "usage.$user.$operation.$pool_name".
 #     When the jenkins_build_url tag is set the metric will be sent with additional data. Here is an example
 #     based off of the following URL, and requested by the user ABS;
 #     https://jenkins.example.com/job/platform_puppet-agent-extra_puppet-agent-integration-suite_pr/RMM_COMPONENT_TO_TEST_NAME=puppet,SLAVE_LABEL=beaker,TEST_TARGET=redhat7-64a/824/
-#     "usage.$user.$instance.$value_stream.$branch.$project.$job_name.$component_to_test.$pool_name", which translates to
+#     "usage.$user.$instance.$value_stream.$branch.$project.$job_name.$component_to_test.$operation.$pool_name", which translates to
 #     "usage.$user.jenkins_example_com.platform.pr.puppet-agent-extra.puppet-agent-integration-suite.puppet.$pool_name"
 #     Expects a boolean value
 #     (optional; default: false)
@ -575,23 +616,48 @@
 #
 # Example:
-:config: site_name: 'vmpooler'
+:config:
  site_name: 'vmpooler'
  logfile: '/var/log/vmpooler.log'
  task_limit: 10
  timeout: 15
  timeout_notification: 5
  vm_checktime: 1
  vm_lifetime: 12
  vm_lifetime_auth: 24
  max_vm_retries: 3
  allowed_tags:
    - 'created_by'
    - 'project'
  domain: 'example.com'
  prefix: 'poolvm-'
  experimental_features: true
  backend_weight:
    'backend1': 60
    'backend2': 40
 # :dns_configs:
 #
 # This section a list of dns configurations to be referenced by one or more pools.
 #
 # The currently supported backing services are:
 # - dynamic-dns (This assumes that dynamic dns is handling record management and VMPooler does not require interaction)
 # - gcp (Google Cloud DNS https://github.com/puppetlabs/vmpooler-dns-gcp)
 #
 #   - dns_class
 #     Specify one of the supported backing services.
 #
 #   - domain
 #     The domain expected to make up the FQDN when attempting to resolve VM instances.
 #
 # See DNS plugin docs for additional options specific to that class.
 #
 # Example
 :dns_configs:
  :example:
    dns_class: dynamic-dns
    domain: 'example.com'
 # :pools:
 #
 # This section contains a list of virtual machine 'pools' for vmpooler to
@ -622,6 +688,12 @@
 #     If you have more than one provider, this is where you would choose which
 #     one to use for this pool
 #
 #   - dns_plugin
 #     The name of the DNS plugin to use with this pool in order to determine the
 #     domain and settings specific to a DNS service. This should match
 #     a name in the :dns_configs: section above. e.g. example
 #     (required)
 #
 #   - clone_target
 #     Per-pool option to override the global 'clone_target' cluster.
 #     (optional)
@ -673,6 +745,7 @@
    datastore: 'vmstorage'
    size: 5
    timeout: 15
    timeout_notification: 5
    ready_ttl: 1440
    provider: vsphere
    create_linked_clone: true
@ -683,6 +756,7 @@
    datastore: 'vmstorage'
    size: 5
    timeout: 15
    timeout_notification: 5
    ready_ttl: 1440
    provider: vsphere
    create_linked_clone: false
--- a/vmpooler.yml.example
+++ b/vmpooler.yml.example
@ -0,0 +1,92 @@
 ---
 # VMPooler Configuration Example with Dead-Letter Queue, Auto-Purge, and Health Checks
 # Redis Configuration
 :redis:
  server: 'localhost'
  port: 6379
  data_ttl: 168  # hours - how long to keep VM metadata in Redis
  # Dead-Letter Queue (DLQ) Configuration
  dlq_enabled: true
  dlq_ttl: 168  # hours (7 days) - how long to keep DLQ entries
  dlq_max_entries: 10000  # maximum entries per DLQ queue before trimming
 # Application Configuration
 :config:
  # ... other existing config ...
  # Dead-Letter Queue (DLQ) - Optional, defaults shown
  dlq_enabled: false  # Set to true to enable DLQ
  dlq_ttl: 168  # hours (7 days)
  dlq_max_entries: 10000  # per DLQ queue
  # Auto-Purge Stale Queue Entries
  purge_enabled: false  # Set to true to enable auto-purge
  purge_interval: 3600  # seconds (1 hour) - how often to run purge cycle
  purge_dry_run: false  # Set to true to log what would be purged without actually purging
  # Auto-Purge Age Thresholds (in seconds)
  max_pending_age: 7200  # 2 hours - VMs stuck in pending
  max_ready_age: 86400  # 24 hours - VMs idle in ready queue
  max_completed_age: 3600  # 1 hour - VMs in completed queue
  max_orphaned_age: 86400  # 24 hours - orphaned VM metadata
  max_request_age: 86400  # 24 hours - stale on-demand requests
  # Health Checks
  health_check_enabled: false  # Set to true to enable health checks
  health_check_interval: 300  # seconds (5 minutes) - how often to run health checks
  # Health Check Thresholds
  health_thresholds:
    pending_queue_max: 100  # Warning threshold for pending queue size
    ready_queue_max: 500  # Warning threshold for ready queue size
    dlq_max_warning: 100  # Warning threshold for DLQ size
    dlq_max_critical: 1000  # Critical threshold for DLQ size
    stuck_vm_age_threshold: 7200  # 2 hours - age at which VM is considered "stuck"
    stuck_vm_max_warning: 10  # Warning threshold for stuck VM count
    stuck_vm_max_critical: 50  # Critical threshold for stuck VM count
 # Pool Configuration
 :pools:
  - name: 'centos-7-x86_64'
    size: 5
    provider: 'vsphere'
    # ... other pool settings ...
 # Provider Configuration
 :providers:
  :vsphere:
    server: 'vcenter.example.com'
    username: 'vmpooler'
    password: 'secret'
    # ... other provider settings ...
 # Example: Production Configuration
 # For production use, you might want:
 # :config:
 #   dlq_enabled: true
 #   dlq_ttl: 168  # Keep failed VMs for a week
 #   
 #   purge_enabled: true
 #   purge_interval: 1800  # Run every 30 minutes
 #   purge_dry_run: false
 #   max_pending_age: 3600  # Purge pending VMs after 1 hour
 #   max_ready_age: 172800  # Purge ready VMs after 2 days
 #   
 #   health_check_enabled: true
 #   health_check_interval: 300  # Check every 5 minutes
 # Example: Development Configuration
 # For development/testing, you might want:
 # :config:
 #   dlq_enabled: true
 #   dlq_ttl: 24  # Keep failed VMs for a day
 #   
 #   purge_enabled: true
 #   purge_interval: 600  # Run every 10 minutes
 #   purge_dry_run: true  # Test mode - log but don't actually purge
 #   max_pending_age: 1800  # More aggressive - 30 minutes
 #   
 #   health_check_enabled: true
 #   health_check_interval: 60  # Check every minute