diff options
Diffstat (limited to 'cloudinit')
| -rw-r--r-- | cloudinit/CloudConfig/cc_resizefs.py | 4 | ||||
| -rw-r--r-- | cloudinit/CloudConfig/cc_salt_minion.py | 56 | ||||
| -rw-r--r-- | cloudinit/CloudConfig/cc_update_etc_hosts.py | 2 | ||||
| -rw-r--r-- | cloudinit/DataSource.py | 3 | ||||
| -rw-r--r-- | cloudinit/DataSourceConfigDrive.py | 231 | ||||
| -rw-r--r-- | cloudinit/DataSourceNoCloud.py | 70 | ||||
| -rw-r--r-- | cloudinit/DataSourceOVF.py | 2 | ||||
| -rw-r--r-- | cloudinit/UserDataHandler.py | 2 | ||||
| -rw-r--r-- | cloudinit/__init__.py | 19 | ||||
| -rw-r--r-- | cloudinit/netinfo.py | 2 | ||||
| -rw-r--r-- | cloudinit/util.py | 149 |
11 files changed, 510 insertions, 30 deletions
diff --git a/cloudinit/CloudConfig/cc_resizefs.py b/cloudinit/CloudConfig/cc_resizefs.py index 0186d4d2..c76cc664 100644 --- a/cloudinit/CloudConfig/cc_resizefs.py +++ b/cloudinit/CloudConfig/cc_resizefs.py @@ -49,8 +49,8 @@ def handle(_name, cfg, _cloud, log, args): dev = os.makedev(os.major(st_dev), os.minor(st_dev)) os.mknod(devpth, 0400 | stat.S_IFBLK, dev) except: - if util.islxc(): - log.debug("inside lxc, ignoring mknod failure in resizefs") + if util.is_container(): + log.debug("inside container, ignoring mknod failure in resizefs") return log.warn("Failed to make device node to resize /") raise diff --git a/cloudinit/CloudConfig/cc_salt_minion.py b/cloudinit/CloudConfig/cc_salt_minion.py new file mode 100644 index 00000000..1a3b5039 --- /dev/null +++ b/cloudinit/CloudConfig/cc_salt_minion.py @@ -0,0 +1,56 @@ +# vi: ts=4 expandtab +# +# Author: Jeff Bauer <jbauer@rubic.com> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 3, as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import os +import os.path +import subprocess +import cloudinit.CloudConfig as cc +import yaml + + +def handle(_name, cfg, _cloud, _log, _args): + # If there isn't a salt key in the configuration don't do anything + if 'salt_minion' not in cfg: + return + salt_cfg = cfg['salt_minion'] + # Start by installing the salt package ... + cc.install_packages(("salt",)) + config_dir = '/etc/salt' + if not os.path.isdir(config_dir): + os.makedirs(config_dir) + # ... and then update the salt configuration + if 'conf' in salt_cfg: + # Add all sections from the conf object to /etc/salt/minion + minion_config = os.path.join(config_dir, 'minion') + yaml.dump(salt_cfg['conf'], + file(minion_config, 'w'), + default_flow_style=False) + # ... copy the key pair if specified + if 'public_key' in salt_cfg and 'private_key' in salt_cfg: + pki_dir = '/etc/salt/pki' + cumask = os.umask(077) + if not os.path.isdir(pki_dir): + os.makedirs(pki_dir) + pub_name = os.path.join(pki_dir, 'minion.pub') + pem_name = os.path.join(pki_dir, 'minion.pem') + with open(pub_name, 'w') as f: + f.write(salt_cfg['public_key']) + with open(pem_name, 'w') as f: + f.write(salt_cfg['private_key']) + os.umask(cumask) + + # Start salt-minion + subprocess.check_call(['service', 'salt-minion', 'start']) diff --git a/cloudinit/CloudConfig/cc_update_etc_hosts.py b/cloudinit/CloudConfig/cc_update_etc_hosts.py index 572e6750..6ad2fca8 100644 --- a/cloudinit/CloudConfig/cc_update_etc_hosts.py +++ b/cloudinit/CloudConfig/cc_update_etc_hosts.py @@ -28,7 +28,7 @@ frequency = per_always def handle(_name, cfg, cloud, log, _args): (hostname, fqdn) = util.get_hostname_fqdn(cfg, cloud) - manage_hosts = util.get_cfg_option_bool(cfg, "manage_etc_hosts", False) + manage_hosts = util.get_cfg_option_str(cfg, "manage_etc_hosts", False) if manage_hosts in ("True", "true", True, "template"): # render from template file try: diff --git a/cloudinit/DataSource.py b/cloudinit/DataSource.py index f38e3b20..1bcb9c10 100644 --- a/cloudinit/DataSource.py +++ b/cloudinit/DataSource.py @@ -72,6 +72,9 @@ class DataSource: if isinstance(self.metadata['public-keys'], str): return([self.metadata['public-keys'], ]) + if isinstance(self.metadata['public-keys'], list): + return(self.metadata['public-keys']) + for _keyname, klist in self.metadata['public-keys'].items(): # lp:506332 uec metadata service responds with # data that makes boto populate a string for 'klist' rather diff --git a/cloudinit/DataSourceConfigDrive.py b/cloudinit/DataSourceConfigDrive.py new file mode 100644 index 00000000..2db4a76a --- /dev/null +++ b/cloudinit/DataSourceConfigDrive.py @@ -0,0 +1,231 @@ +# Copyright (C) 2012 Canonical Ltd. +# +# Author: Scott Moser <scott.moser@canonical.com> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 3, as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import cloudinit.DataSource as DataSource + +from cloudinit import seeddir as base_seeddir +from cloudinit import log +import cloudinit.util as util +import os.path +import os +import json +import subprocess + +DEFAULT_IID = "iid-dsconfigdrive" + + +class DataSourceConfigDrive(DataSource.DataSource): + seed = None + seeddir = base_seeddir + '/config_drive' + cfg = {} + userdata_raw = None + metadata = None + dsmode = "local" + + def __str__(self): + mstr = "DataSourceConfigDrive[%s]" % self.dsmode + mstr = mstr + " [seed=%s]" % self.seed + return(mstr) + + def get_data(self): + found = None + md = {} + ud = "" + + defaults = {"instance-id": DEFAULT_IID, "dsmode": "pass"} + + if os.path.isdir(self.seeddir): + try: + (md, ud) = read_config_drive_dir(self.seeddir) + found = self.seeddir + except nonConfigDriveDir: + pass + + if not found: + dev = cfg_drive_device() + if dev: + try: + (md, ud) = util.mount_callback_umount(dev, + read_config_drive_dir) + found = dev + except (nonConfigDriveDir, util.mountFailedError): + pass + + if not found: + return False + + if 'dsconfig' in md: + self.cfg = md['dscfg'] + + md = util.mergedict(md, defaults) + + # update interfaces and ifup only on the local datasource + # this way the DataSourceConfigDriveNet doesn't do it also. + if 'network-interfaces' in md and self.dsmode == "local": + if md['dsmode'] == "pass": + log.info("updating network interfaces from configdrive") + else: + log.debug("updating network interfaces from configdrive") + + util.write_file("/etc/network/interfaces", + md['network-interfaces']) + try: + (out, err) = util.subp(['ifup', '--all']) + if len(out) or len(err): + log.warn("ifup --all had stderr: %s" % err) + + except subprocess.CalledProcessError as exc: + log.warn("ifup --all failed: %s" % (exc.output[1])) + + self.seed = found + self.metadata = md + self.userdata_raw = ud + + if md['dsmode'] == self.dsmode: + return True + + log.debug("%s: not claiming datasource, dsmode=%s" % + (self, md['dsmode'])) + return False + + def get_public_ssh_keys(self): + if not 'public-keys' in self.metadata: + return([]) + return(self.metadata['public-keys']) + + # the data sources' config_obj is a cloud-config formated + # object that came to it from ways other than cloud-config + # because cloud-config content would be handled elsewhere + def get_config_obj(self): + return(self.cfg) + + +class DataSourceConfigDriveNet(DataSourceConfigDrive): + dsmode = "net" + + +class nonConfigDriveDir(Exception): + pass + + +def cfg_drive_device(): + """ get the config drive device. return a string like '/dev/vdb' + or None (if there is no non-root device attached). This does not + check the contents, only reports that if there *were* a config_drive + attached, it would be this device. + per config_drive documentation, this is + "associated as the last available disk on the instance" + """ + + if 'CLOUD_INIT_CONFIG_DRIVE_DEVICE' in os.environ: + return(os.environ['CLOUD_INIT_CONFIG_DRIVE_DEVICE']) + + # we are looking for a raw block device (sda, not sda1) with a vfat + # filesystem on it. + + letters = "abcdefghijklmnopqrstuvwxyz" + devs = util.find_devs_with("TYPE=vfat") + + # filter out anything not ending in a letter (ignore partitions) + devs = [f for f in devs if f[-1] in letters] + + # sort them in reverse so "last" device is first + devs.sort(reverse=True) + + if len(devs): + return(devs[0]) + + return(None) + + +def read_config_drive_dir(source_dir): + """ + read_config_drive_dir(source_dir): + read source_dir, and return a tuple with metadata dict and user-data + string populated. If not a valid dir, raise a nonConfigDriveDir + """ + md = {} + ud = "" + + flist = ("etc/network/interfaces", "root/.ssh/authorized_keys", "meta.js") + found = [f for f in flist if os.path.isfile("%s/%s" % (source_dir, f))] + keydata = "" + + if len(found) == 0: + raise nonConfigDriveDir("%s: %s" % (source_dir, "no files found")) + + if "etc/network/interfaces" in found: + with open("%s/%s" % (source_dir, "/etc/network/interfaces")) as fp: + md['network-interfaces'] = fp.read() + + if "root/.ssh/authorized_keys" in found: + with open("%s/%s" % (source_dir, "root/.ssh/authorized_keys")) as fp: + keydata = fp.read() + + meta_js = {} + + if "meta.js" in found: + content = '' + with open("%s/%s" % (source_dir, "meta.js")) as fp: + content = fp.read() + md['meta_js'] = content + try: + meta_js = json.loads(content) + except ValueError: + raise nonConfigDriveDir("%s: %s" % + (source_dir, "invalid json in meta.js")) + + keydata = meta_js.get('public-keys', keydata) + + if keydata: + lines = keydata.splitlines() + md['public-keys'] = [l for l in lines + if len(l) and not l.startswith("#")] + + for copy in ('dsmode', 'instance-id', 'dscfg'): + if copy in meta_js: + md[copy] = meta_js[copy] + + if 'user-data' in meta_js: + ud = meta_js['user-data'] + + return(md, ud) + +datasources = ( + (DataSourceConfigDrive, (DataSource.DEP_FILESYSTEM, )), + (DataSourceConfigDriveNet, + (DataSource.DEP_FILESYSTEM, DataSource.DEP_NETWORK)), +) + + +# return a list of data sources that match this set of dependencies +def get_datasource_list(depends): + return(DataSource.list_from_depends(depends, datasources)) + +if __name__ == "__main__": + def main(): + import sys + import pprint + print cfg_drive_device() + (md, ud) = read_config_drive_dir(sys.argv[1]) + print "=== md ===" + pprint.pprint(md) + print "=== ud ===" + print(ud) + + main() + +# vi: ts=4 expandtab diff --git a/cloudinit/DataSourceNoCloud.py b/cloudinit/DataSourceNoCloud.py index fa64f2e5..62ecc088 100644 --- a/cloudinit/DataSourceNoCloud.py +++ b/cloudinit/DataSourceNoCloud.py @@ -23,6 +23,8 @@ import cloudinit.DataSource as DataSource from cloudinit import seeddir as base_seeddir from cloudinit import log import cloudinit.util as util +import errno +import subprocess class DataSourceNoCloud(DataSource.DataSource): @@ -30,6 +32,7 @@ class DataSourceNoCloud(DataSource.DataSource): userdata = None userdata_raw = None supported_seed_starts = ("/", "file://") + dsmode = "local" seed = None cmdline_id = "ds=nocloud" seeddir = base_seeddir + '/nocloud' @@ -41,7 +44,7 @@ class DataSourceNoCloud(DataSource.DataSource): def get_data(self): defaults = { - "instance-id": "nocloud" + "instance-id": "nocloud", "dsmode": self.dsmode } found = [] @@ -64,13 +67,47 @@ class DataSourceNoCloud(DataSource.DataSource): found.append(self.seeddir) log.debug("using seeded cache data in %s" % self.seeddir) + fslist = util.find_devs_with("TYPE=vfat") + fslist.extend(util.find_devs_with("TYPE=iso9660")) + + label_list = util.find_devs_with("LABEL=cidata") + devlist = list(set(fslist) & set(label_list)) + devlist.sort(reverse=True) + + for dev in devlist: + try: + (newmd, newud) = util.mount_callback_umount(dev, + util.read_seeded) + md = util.mergedict(newmd, md) + ud = newud + + # for seed from a device, the default mode is 'net'. + # that is more likely to be what is desired. + # If they want dsmode of local, then they must + # specify that. + if 'dsmode' not in md: + md['dsmode'] = "net" + + log.debug("using data from %s" % dev) + found.append(dev) + break + except OSError, e: + if e.errno != errno.ENOENT: + raise + except util.mountFailedError: + log.warn("Failed to mount %s when looking for seed" % dev) + # there was no indication on kernel cmdline or data # in the seeddir suggesting this handler should be used. if len(found) == 0: return False + seeded_interfaces = None + # the special argument "seedfrom" indicates we should # attempt to seed the userdata / metadata from its value + # its primarily value is in allowing the user to type less + # on the command line, ie: ds=nocloud;s=http://bit.ly/abcdefg if "seedfrom" in md: seedfrom = md["seedfrom"] seedfound = False @@ -83,6 +120,9 @@ class DataSourceNoCloud(DataSource.DataSource): (seedfrom, self.__class__)) return False + if 'network-interfaces' in md: + seeded_interfaces = self.dsmode + # this could throw errors, but the user told us to do it # so if errors are raised, let them raise (md_seed, ud) = util.read_seeded(seedfrom, timeout=None) @@ -93,10 +133,35 @@ class DataSourceNoCloud(DataSource.DataSource): found.append(seedfrom) md = util.mergedict(md, defaults) + + # update the network-interfaces if metadata had 'network-interfaces' + # entry and this is the local datasource, or 'seedfrom' was used + # and the source of the seed was self.dsmode + # ('local' for NoCloud, 'net' for NoCloudNet') + if ('network-interfaces' in md and + (self.dsmode in ("local", seeded_interfaces))): + log.info("updating network interfaces from nocloud") + + util.write_file("/etc/network/interfaces", + md['network-interfaces']) + try: + (out, err) = util.subp(['ifup', '--all']) + if len(out) or len(err): + log.warn("ifup --all had stderr: %s" % err) + + except subprocess.CalledProcessError as exc: + log.warn("ifup --all failed: %s" % (exc.output[1])) + self.seed = ",".join(found) self.metadata = md self.userdata_raw = ud - return True + + if md['dsmode'] == self.dsmode: + return True + + log.debug("%s: not claiming datasource, dsmode=%s" % + (self, md['dsmode'])) + return False # returns true or false indicating if cmdline indicated @@ -145,6 +210,7 @@ class DataSourceNoCloudNet(DataSourceNoCloud): cmdline_id = "ds=nocloud-net" supported_seed_starts = ("http://", "https://", "ftp://") seeddir = base_seeddir + '/nocloud-net' + dsmode = "net" datasources = ( diff --git a/cloudinit/DataSourceOVF.py b/cloudinit/DataSourceOVF.py index 1f2b622e..a0b1b518 100644 --- a/cloudinit/DataSourceOVF.py +++ b/cloudinit/DataSourceOVF.py @@ -162,7 +162,7 @@ def get_ovf_env(dirname): # transport functions take no input and return # a 3 tuple of content, path, filename -def transport_iso9660(require_iso=False): +def transport_iso9660(require_iso=True): # default_regex matches values in # /lib/udev/rules.d/60-cdrom_id.rules diff --git a/cloudinit/UserDataHandler.py b/cloudinit/UserDataHandler.py index 93d1d36a..98729056 100644 --- a/cloudinit/UserDataHandler.py +++ b/cloudinit/UserDataHandler.py @@ -71,6 +71,8 @@ def do_include(content, appendmsg): line = line[len("#include"):].lstrip() if line.startswith("#"): continue + if line.strip() == "": + continue # urls cannot not have leading or trailing white space msum = hashlib.md5() # pylint: disable=E1101 diff --git a/cloudinit/__init__.py b/cloudinit/__init__.py index 7a34e053..ccaa28c8 100644 --- a/cloudinit/__init__.py +++ b/cloudinit/__init__.py @@ -29,7 +29,7 @@ cfg_env_name = "CLOUD_CFG" cfg_builtin = """ log_cfgs: [] -datasource_list: ["NoCloud", "OVF", "Ec2"] +datasource_list: ["NoCloud", "ConfigDrive", "OVF", "Ec2"] def_log_file: /var/log/cloud-init.log syslog_fix_perms: syslog:adm """ @@ -60,7 +60,6 @@ import cPickle import sys import os.path import errno -import pwd import subprocess import yaml import logging @@ -572,10 +571,14 @@ def handler_handle_part(mod, data, ctype, filename, payload, frequency): if not (modfreq == per_always or (frequency == per_instance and modfreq == per_instance)): return - if mod.handler_version == 1: - mod.handle_part(data, ctype, filename, payload) - else: - mod.handle_part(data, ctype, filename, payload, frequency) + try: + if mod.handler_version == 1: + mod.handle_part(data, ctype, filename, payload) + else: + mod.handle_part(data, ctype, filename, payload, frequency) + except: + util.logexc(log) + traceback.print_exc(file=sys.stderr) def partwalker_handle_handler(pdata, _ctype, _filename, payload): @@ -586,15 +589,13 @@ def partwalker_handle_handler(pdata, _ctype, _filename, payload): modfname = modname + ".py" util.write_file("%s/%s" % (pdata['handlerdir'], modfname), payload, 0600) - pdata['handlercount'] = curcount + 1 - try: mod = __import__(modname) handler_register(mod, pdata['handlers'], pdata['data'], frequency) + pdata['handlercount'] = curcount + 1 except: util.logexc(log) traceback.print_exc(file=sys.stderr) - return def partwalker_callback(pdata, ctype, filename, payload): diff --git a/cloudinit/netinfo.py b/cloudinit/netinfo.py index 80223256..7e07812e 100644 --- a/cloudinit/netinfo.py +++ b/cloudinit/netinfo.py @@ -61,7 +61,7 @@ def netdev_info(empty=""): devs[curdev][target] = toks[i][len(field) + 1:] if empty != "": - for (devname, dev) in devs.iteritems(): + for (_devname, dev) in devs.iteritems(): for field in dev: if dev[field] == "": dev[field] = empty diff --git a/cloudinit/util.py b/cloudinit/util.py index e6489648..c37f0316 100644 --- a/cloudinit/util.py +++ b/cloudinit/util.py @@ -32,6 +32,7 @@ import re import socket import sys import time +import tempfile import traceback import urlparse @@ -515,30 +516,70 @@ def dos2unix(string): return(string.replace('\r\n', '\n')) -def islxc(): - # is this host running lxc? +def is_container(): + # is this code running in a container of some sort + + for helper in ('running-in-container', 'lxc-is-container'): + try: + # try to run a helper program. if it returns true + # then we're inside a container. otherwise, no + sp = subprocess.Popen(helper, stdout=subprocess.PIPE, + stderr=subprocess.PIPE) + sp.communicate(None) + return(sp.returncode == 0) + except OSError as e: + if e.errno != errno.ENOENT: + raise + + # this code is largely from the logic in + # ubuntu's /etc/init/container-detect.conf try: - with open("/proc/1/cgroup") as f: - if f.read() == "/": - return True + # Detect old-style libvirt + # Detect OpenVZ containers + pid1env = get_proc_env(1) + if "container" in pid1env: + return True + + if "LIBVIRT_LXC_UUID" in pid1env: + return True + except IOError as e: if e.errno != errno.ENOENT: - raise + pass + + # Detect OpenVZ containers + if os.path.isdir("/proc/vz") and not os.path.isdir("/proc/bc"): + return True try: - # try to run a program named 'lxc-is-container'. if it returns true, - # then we're inside a container. otherwise, no - sp = subprocess.Popen(['lxc-is-container'], stdout=subprocess.PIPE, - stderr=subprocess.PIPE) - sp.communicate(None) - return(sp.returncode == 0) - except OSError as e: + # Detect Vserver containers + with open("/proc/self/status") as fp: + lines = fp.read().splitlines() + for line in lines: + if line.startswith("VxID:"): + (_key, val) = line.strip().split(":", 1) + if val != "0": + return True + except IOError as e: if e.errno != errno.ENOENT: - raise + pass return False +def get_proc_env(pid): + # return the environment in a dict that a given process id was started with + env = {} + with open("/proc/%s/environ" % pid) as fp: + toks = fp.read().split("\0") + for tok in toks: + if tok == "": + continue + (name, val) = tok.split("=", 1) + env[name] = val + return env + + def get_hostname_fqdn(cfg, cloud): # return the hostname and fqdn from 'cfg'. If not found in cfg, # then fall back to data from cloud @@ -630,3 +671,83 @@ def close_stdin(): return with open(os.devnull) as fp: os.dup2(fp.fileno(), sys.stdin.fileno()) + + +def find_devs_with(criteria): + """ + find devices matching given criteria (via blkid) + criteria can be *one* of: + TYPE=<filesystem> + LABEL=<label> + UUID=<uuid> + """ + try: + (out, _err) = subp(['blkid', '-t%s' % criteria, '-odevice']) + except subprocess.CalledProcessError: + return([]) + return(str(out).splitlines()) + + +class mountFailedError(Exception): + pass + + +def mount_callback_umount(device, callback, data=None): + """ + mount the device, call method 'callback' passing the directory + in which it was mounted, then unmount. Return whatever 'callback' + returned. If data != None, also pass data to callback. + """ + + def _cleanup(umount, tmpd): + if umount: + try: + subp(["umount", '-l', umount]) + except subprocess.CalledProcessError: + raise + if tmpd: + os.rmdir(tmpd) + + # go through mounts to see if it was already mounted + fp = open("/proc/mounts") + mounts = fp.readlines() + fp.close() + + tmpd = None + + mounted = {} + for mpline in mounts: + (dev, mp, fstype, _opts, _freq, _passno) = mpline.split() + mp = mp.replace("\\040", " ") + mounted[dev] = (dev, fstype, mp, False) + + umount = False + if device in mounted: + mountpoint = "%s/" % mounted[device][2] + else: + tmpd = tempfile.mkdtemp() + + mountcmd = ["mount", "-o", "ro", device, tmpd] + + try: + (_out, _err) = subp(mountcmd) + umount = tmpd + except subprocess.CalledProcessError as exc: + _cleanup(umount, tmpd) + raise mountFailedError(exc.output[1]) + + mountpoint = "%s/" % tmpd + + try: + if data == None: + ret = callback(mountpoint) + else: + ret = callback(mountpoint, data) + + except Exception as exc: + _cleanup(umount, tmpd) + raise exc + + _cleanup(umount, tmpd) + + return(ret) |