(mirror of https://github.com/marekm72/vyos-cloud-init.git) https://git.amelek.net/marekm72/vyos-cloud-init.git/atom?h=crux 2018-11-28T14:56:40+00:00 2018-11-28T14:56:40+00:00 Tomer Cohen tomer-launchpad.net@tomercohen.com 2018-11-28T14:56:40+00:00 urn:sha1:2e93cc62c544fe07afaf36c473e84e6730928998 According to the examples in the page, v1 network config DNS should be defined using the dns_nameservers. The singular dns_nameserver is undefined. 2018-10-30T20:02:38+00:00 Chad Smith chad.smith@canonical.com 2018-10-30T20:02:38+00:00 urn:sha1:d74d3f0ff5c8d453f626b113f4e6065322f822fa Emit a permissions error instead of "Missing instance-data.json" when non-root user doesn't have read-permission on /run/cloud-init/instance-data.json 2018-10-25T20:48:05+00:00 Tomer Cohen tomer-launchpad.net@tomercohen.com 2018-10-25T20:48:05+00:00 urn:sha1:532ff0f0a4f12225d5785bc98d7a4528e0c779d6 The docs for network v1 config contained a errant ':'. Simply drop it. 2018-10-17T18:47:35+00:00 Chad Smith chad.smith@canonical.com 2018-10-17T18:47:35+00:00 urn:sha1:1d5e9aefdab06a2574d78e644deed6c6fa1da171 Azure generates network configuration from the IMDS service and removes any preexisting hotplug network scripts which exist in Azure cloud images. Add a datasource configuration option which allows for writing a default network configuration which sets up dhcp on eth0 and leave the hotplug handling to the cloud-image scripts. To disable network-config from Azure IMDS, add the following to /etc/cloud/cloud.cfg.d/99-azure-no-imds-network.cfg: datasource:   Azure:     apply_network_config: False LP: #1798424 2018-10-09T21:46:35+00:00 Chad Smith chad.smith@canonical.com 2018-10-09T21:46:35+00:00 urn:sha1:f0bc02d7e221c9aa5982b267739481420c761ead Add the following instance-data.json standardized keys: * v1._beta_keys: List any v1 keys in beta development, e.g. ['subplatform']. * v1.public_ssh_keys: List of any cloud-provided ssh keys for the instance. * v1.platform: String representing the cloud platform api supporting the datasource. For example: 'ec2' for aws, aliyun and brightbox cloud names. * v1.subplatform: String with more details about the source of the metadata consumed. For example, metadata uri, config drive device path or seed directory. To support the new platform and subplatform standardized instance-data, DataSource and its subclasses grew platform and subplatform attributes. The platform attribute defaults to the lowercase string datasource name at self.dsname. This method is overridden in NoCloud, Ec2 and ConfigDrive datasources. The subplatform attribute calls a _get_subplatform method which will return a string containing a simple slug for subplatform type such as metadata, seed-dir or config-drive followed by a detailed uri, device or directory path where the datasource consumed its configuration. As part of this work, DatasourceEC2 methods _get_data and _crawl_metadata have been refactored for a few reasons: - crawl_metadata is now a read-only operation, persisting no attributes on the datasource instance and returns a dictionary of consumed metadata. - crawl_metadata now closely represents the raw stucture of the ec2 metadata consumed, so that end-users can leverage public ec2 metadata documentation where possible. - crawl_metadata adds a '_metadata_api_version' key to the crawled ds.metadata to advertise what version of EC2's api was consumed by cloud-init. - _get_data now does all the processing of crawl_metadata and saves datasource instance attributes userdata_raw, metadata etc. Additional drive-bys: * unit test rework for test_altcloud and test_azure to simplify mocks and make use of existing util and test_helpers functions. 2018-09-25T21:59:16+00:00 Chad Smith chad.smith@canonical.com 2018-09-25T21:59:16+00:00 urn:sha1:fc4b966ba928b30b1c586407e752e0b51b1031e8 Cloud-init caches any cloud metadata crawled during boot in the file /run/cloud-init/instance-data.json. Cloud-init also standardizes some of that metadata across all clouds. The command 'cloud-init query' surfaces a simple CLI to query or format any cached instance metadata so that scripts or end-users do not have to write tools to crawl metadata themselves. Since 'cloud-init query' is runnable by non-root users, redact any sensitive data from instance-data.json and provide a root-readable unredacted instance-data-sensitive.json. Datasources can now define a sensitive_metadata_keys tuple which will redact any matching keys which could contain passwords or credentials from instance-data.json. Also add the following standardized 'v1' instance-data.json keys:   - user_data: The base64encoded user-data provided at instance launch   - vendor_data: Any vendor_data provided to the instance at launch   - underscore_delimited versions of existing hyphenated keys:     instance_id, local_hostname, availability_zone, cloud_name 2018-09-11T17:31:46+00:00 Chad Smith chad.smith@canonical.com 2018-09-11T17:31:46+00:00 urn:sha1:c7555762f3a30190ce7726b4d013bc3e83c7e4b6 Allow users to provide '## template: jinja' as the first line or their #cloud-config or custom script user-data parts. When this header exists, the cloud-config or script will be rendered as a jinja template. All instance metadata keys and values present in /run/cloud-init/instance-data.json will be available as jinja variables for the template. This means any cloud-config module or script can reference any standardized instance data in templates and scripts. Additionally, any standardized instance-data.json keys scoped below a '<v#>' key will be promoted as a top-level key for ease of reference in templates. This means that '{{ local_hostname }}' is the same as using the latest '{{ v#.local_hostname }}'. Since instance-data is written to /run/cloud-init/instance-data.json, make sure it is persisted across reboots when the cached datasource opject is reloaded. LP: #1791781 2018-09-08T01:48:38+00:00 Chad Smith chad.smith@canonical.com 2018-09-08T01:48:38+00:00 urn:sha1:757247f9ff2df57e792e29d8656ac415364e914d Cloud config can now disable ssh access to non-root users. When defining the 'users' list in cloud-configuration a boolean 'ssh_redirect_user: true' can be provided to disable ssh logins for that user. Any ssh 'public-keys' defined in cloud meta-data will be added and disabled in .ssh/authorized_keys. Any attempts to ssh as this user using acceptable ssh keys will be presented with a message like the following: Please login as the user "ubuntu" rather than the user "youruser". 2018-08-17T20:25:31+00:00 Scott Moser smoser@ubuntu.com 2018-08-17T20:25:31+00:00 urn:sha1:aaffd59431fe05932a66016db941fe197c4e7620 This adds a Oracle specific datasource that functions with OCI. It is a simplified version of the OpenStack metadata server with support for vendor-data. It does not support the OCI-C (classic) platform. Also here is a move of BrokenMetadata to common 'sources' as this was the third occurrence of that class. 2018-08-07T14:35:29+00:00 Wesley Gao wesley.mail@qq.com 2018-08-07T14:35:29+00:00 urn:sha1:f624927749bf040cff32671928f1161acf7f8aa4 Fix a typo in in documentation that showed 'analyze blame' but intended to show 'analyze dump'.