7 files changed, 177 insertions, 15 deletions

diff --git a/doc/examples/cloud-config-datasources.txt b/doc/examples/cloud-config-datasources.txt
index 3333792e..e04f8976 100644
--- a/doc/examples/cloud-config-datasources.txt
+++ b/doc/examples/cloud-config-datasources.txt
@@ -8,3 +8,10 @@ datasource:
     # after each try, a sleep of int(try_number/5)+1 is done
     # default sleep is 30
     retries : 30
+
+    #metadata_url: a list of URLs to check for metadata services
+    metadata_urls:
+     - http://169.254.169.254:80
+     - http://instance-data:8773
+
+    
diff --git a/doc/examples/cloud-config-mcollective.txt b/doc/examples/cloud-config-mcollective.txt
index ca7ba03e..67735682 100644
--- a/doc/examples/cloud-config-mcollective.txt
+++ b/doc/examples/cloud-config-mcollective.txt
@@ -13,3 +13,37 @@ mcollective:
  # plugin.stomp.host: dbhost
  conf:
    plugin.stomp.host: dbhost
+   # This will add ssl certs to mcollective
+   # WARNING WARNING WARNING
+   # The ec2 metadata service is a network service, and thus is readable
+   # by non-root users on the system (ie: 'ec2metadata --user-data')
+   # If you want security for this, please use include-once + SSL urls
+   public-cert: |
+     -----BEGIN CERTIFICATE-----
+     MIICCTCCAXKgAwIBAgIBATANBgkqhkiG9w0BAQUFADANMQswCQYDVQQDDAJjYTAe
+     Fw0xMDAyMTUxNzI5MjFaFw0xNTAyMTQxNzI5MjFaMA0xCzAJBgNVBAMMAmNhMIGf
+     MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCu7Q40sm47/E1Pf+r8AYb/V/FWGPgc
+     b014OmNoX7dgCxTDvps/h8Vw555PdAFsW5+QhsGr31IJNI3kSYprFQcYf7A8tNWu
+     1MASW2CfaEiOEi9F1R3R4Qlz4ix+iNoHiUDTjazw/tZwEdxaQXQVLwgTGRwVa+aA
+     qbutJKi93MILLwIDAQABo3kwdzA4BglghkgBhvhCAQ0EKxYpUHVwcGV0IFJ1Ynkv
+     T3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwDwYDVR0TAQH/BAUwAwEB/zAd
+     BgNVHQ4EFgQUu4+jHB+GYE5Vxo+ol1OAhevspjAwCwYDVR0PBAQDAgEGMA0GCSqG
+     SIb3DQEBBQUAA4GBAH/rxlUIjwNb3n7TXJcDJ6MMHUlwjr03BDJXKb34Ulndkpaf
+     +GAlzPXWa7bO908M9I8RnPfvtKnteLbvgTK+h+zX1XCty+S2EQWk29i2AdoqOTxb
+     hppiGMp0tT5Havu4aceCXiy2crVcudj3NFciy8X66SoECemW9UYDCb9T5D0d
+     -----END CERTIFICATE-----
+   private-cert: |
+     -----BEGIN CERTIFICATE-----
+     MIICCTCCAXKgAwIBAgIBATANBgkqhkiG9w0BAQUFADANMQswCQYDVQQDDAJjYTAe
+     Fw0xMDAyMTUxNzI5MjFaFw0xNTAyMTQxNzI5MjFaMA0xCzAJBgNVBAMMAmNhMIGf
+     MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCu7Q40sm47/E1Pf+r8AYb/V/FWGPgc
+     b014OmNoX7dgCxTDvps/h8Vw555PdAFsW5+QhsGr31IJNI3kSYprFQcYf7A8tNWu
+     1MASW2CfaEiOEi9F1R3R4Qlz4ix+iNoHiUDTjazw/tZwEdxaQXQVLwgTGRwVa+aA
+     qbutJKi93MILLwIDAQABo3kwdzA4BglghkgBhvhCAQ0EKxYpUHVwcGV0IFJ1Ynkv
+     T3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwDwYDVR0TAQH/BAUwAwEB/zAd
+     BgNVHQ4EFgQUu4+jHB+GYE5Vxo+ol1OAhevspjAwCwYDVR0PBAQDAgEGMA0GCSqG
+     SIb3DQEBBQUAA4GBAH/rxlUIjwNb3n7TXJcDJ6MMHUlwjr03BDJXKb34Ulndkpaf
+     +GAlzPXWa7bO908M9I8RnPfvtKnteLbvgTK+h+zX1XCty+S2EQWk29i2AdoqOTxb
+     hppiGMp0tT5Havu4aceCXiy2crVcudj3NFciy8X66SoECemW9UYDCb9T5D0d
+     -----END CERTIFICATE-----
+
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
index c1d0b278..981fadae 100644
--- a/doc/examples/cloud-config.txt
+++ b/doc/examples/cloud-config.txt
@@ -111,7 +111,7 @@ packages:
 #   written to /etc/fstab.
 # - '/dev' can be ommitted for device names that begin with: xvd, sd, hd, vd
 # - if an entry does not have all 6 fields, they will be filled in
-#   from the following: [ None, None, "auto", "defaults,nobootwait", "0", "2" ]
+#   with values from 'mount_default_fields' below.
 #
 # Note, that you should set 'nobootwait' (see man fstab) for volumes that may
 # not be attached at instance boot (or reboot)
@@ -122,6 +122,11 @@ mounts:
  - [ xvdh, /opt/data, "auto", "defaults,nobootwait", "0", "0" ]
  - [ dd, /dev/zero ]
 
+# mount_default_fields
+# These values are used to fill in any entries in 'mounts' that are not
+# complete.  This must be an array, and must have 7 fields.
+mount_default_fields: [ None, None, "auto", "defaults,nobootwait", "0", "2" ]
+
 # add each entry to ~/.ssh/authorized_keys for the configured user
 ssh_authorized_keys:
   - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEA3FSyQwBI6Z+nCSjUUk8EEAnnkhXlukKoUPND/RRClWz2s5TCzIkd3Ou5+Cyz71X0XmazM3l5WgeErvtIwQMyT1KjNoMhoJMrJnWqQPOt5Q8zWd9qG7PBl9+eiH5qV7NZ mykey@host
@@ -130,6 +135,7 @@ ssh_authorized_keys:
 # Send pre-generated ssh private keys to the server
 # If these are present, they will be written to /etc/ssh and
 # new random keys will not be generated
+#  in addition to 'rsa' and 'dsa' as shown below, 'ecdsa' is also supported
 ssh_keys:
   rsa_private: |
     -----BEGIN RSA PRIVATE KEY-----
@@ -255,9 +261,14 @@ debconf_selections: |     # Need to perserve newlines
         debconf debconf/frontend seen false
 
 # manage byobu defaults
-# byobu_by_default: ('user'|'system')
-#   'user' will set byobu 'launch-by-default' for the default user
-#   'system' will enable launch-by-default for for all users
+# byobu_by_default:
+#   'user' or 'enable-user': set byobu 'launch-by-default' for the default user
+#   'system' or 'enable-system' or 'enable':
+#      enable 'launch-by-default' for all users, do not modify default user
+#   'disable': disable both default user and system
+#   'disable-system': disable system
+#   'disable-user': disable for default user
+#   not-set: no changes made
 byobu_by_default: system
 
 # disable ssh access as root.
@@ -266,6 +277,15 @@ byobu_by_default: system
 # default: true
 disable_root: false
 
+# disable_root_opts: the value of this variable will prefix the
+# respective key in /root/.ssh/authorized_keys if disable_root is true
+# see 'man authorized_keys' for more information on what you can do here
+#
+# The string '$USER' will be replaced with the username of the default user
+#
+# disable_root_opts: no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"$USER\" rather than the user \"root\".';echo;sleep 10"
+
+
 # set the locale to a given locale
 # default: en_US.UTF-8
 locale: en_US.UTF-8
@@ -292,10 +312,49 @@ rsyslog:
 # set to 'False' to disable
 resize_rootfs: True
 
-# if hostname is set, cloud-init will set the system hostname 
-# appropriately to its value
-# if not set, it will set hostname from the cloud metadata
-# default: None
+## hostname and /etc/hosts management
+# cloud-init will do its best to set up a sane hostname and corresponding
+# entries in /etc/hosts.
+#
+# if you do nothing, you should get the system generally correctly
+# configured.
+#  * /etc/hostname (and thus `hostname` output) set with hostname (not fqdn)
+#  * an entry in /etc/hosts for both hostname and fqdn
+#    that are obtained from the metadata service
+#  * On each boot, the above will again be set
+#  * cloud-init generally "owns" the 127.0.1.1 entry.  The
+#    rest of the file will not be modified
+#
+# You can change the above behavior with the following config variables:
+#  Remember that these can be set in cloud-config via user-data,
+#  /etc/cloud/cloud.cfg or any file in /etc/cloud/cloud.cfg.d/
+#
+# hostname:
+#   this option will be used wherever the 'hostname' is needed
+#   simply substitute it in the description above.
+#   ** If you wish to set your hostname, set it here **
+#   default: 'hostname' as returned by the metadata service
+#       on EC2, the hostname portion of 'local-hostname' is used
+#       which is something like 'ip-10-244-170-199'
+#
+# fqdn:
+#   this option will be used wherever 'fqdn' is needed.
+#   simply substitue it in the description above.
+#   default: fqdn as returned by the metadata service.  on EC2 'hostname'
+#       is used, so this is like: ip-10-244-170-199.ec2.internal
+# 
+# manage_etc_hosts:
+#   default: false
+#   Setting this config variable to 'true' will mean that on every
+#   boot, /etc/hosts will be re-written from /etc/cloud/templates/hosts.tmpl
+#   The strings '$hostname' and '$fqdn' are replaced in the template
+#   with the appropriate values.
+#
+# preserve_hostname:
+#   default: False
+#   If this option is set to True, then /etc/hostname will never updated
+#   The default behavior is to update it if it has not been modified by
+#   the user.
 
 # final_message
 # default: cloud-init boot finished at $TIMESTAMP. Up $UPTIME seconds
@@ -333,7 +392,7 @@ output:
 #
 phone_home:
  url: http://my.example.com/$INSTANCE_ID/
- post: [ pub_key_dsa, pub_key_rsa, instance_id ]
+ post: [ pub_key_dsa, pub_key_rsa, pub_key_ecdsa, instance_id ]
 
 # timezone: set the timezone for this instance
 # the value of 'timezone' must exist in /usr/share/zoneinfo
@@ -404,7 +463,14 @@ ssh_pwauth: True
 # default is False
 manual_cache_clean: False
 
-# if you wish to have /etc/hosts written from /etc/cloud/templates/hosts.tmpl
-# on a per-always basis (to account for ebs stop/start), then set
-# manage_etc_hosts to True. The default is 'False'
-manage_etc_hosts: False
+# When cloud-init is finished running including having run 
+# cloud_init_modules, then it will run this command.  The default
+# is to emit an upstart signal as shown below.  If the value is a
+# list, it will be passed to Popen.  If it is a string, it will be
+# invoked through 'sh -c'.
+# 
+# default value:
+# cc_ready_cmd: [ initctl, emit, cloud-config, CLOUD_CFG=/var/lib/instance//cloud-config.txt ]
+# example:
+# cc_ready_cmd: [ sh, -c, 'echo HI MOM > /tmp/file' ]
+
diff --git a/doc/examples/include-once.txt b/doc/examples/include-once.txt
new file mode 100644
index 00000000..0cf74e5e
--- /dev/null
+++ b/doc/examples/include-once.txt
@@ -0,0 +1,7 @@
+#include-once
+# entries are one url per line. comment lines beginning with '#' are allowed
+# urls are passed to urllib.urlopen, so the format must be supported there
+# This entries will just be processed ONE TIME by cloud-init, any further
+# iterations won't process this file
+http://www.ubuntu.com/robots.txt
+http://www.w3schools.com/html/lastpage.htm
diff --git a/doc/examples/part-handler-v2.txt b/doc/examples/part-handler-v2.txt
new file mode 100644
index 00000000..554c34a5
--- /dev/null
+++ b/doc/examples/part-handler-v2.txt
@@ -0,0 +1,38 @@
+#part-handler
+# vi: syntax=python ts=4
+# this is an example of a version 2 part handler.
+# the differences between the initial part-handler version
+# and v2 is:
+#  * handle_part receives a 5th argument, 'frequency'
+#    frequency will be either 'always' or 'per-instance'
+#  * handler_version must be set
+#
+# A handler declaring version 2 will be called on all instance boots, with a
+# different 'frequency' argument.
+
+handler_version = 2
+
+def list_types():
+    # return a list of mime-types that are handled by this module
+    return(["text/plain", "text/go-cubs-go"])
+
+def handle_part(data,ctype,filename,payload,frequency):
+    # data: the cloudinit object
+    # ctype: '__begin__', '__end__', or the specific mime-type of the part
+    # filename: the filename for the part, or dynamically generated part if
+    #           no filename is given attribute is present
+    # payload: the content of the part (empty for begin or end)
+    # frequency: the frequency that this cloud-init run is running for
+    #            this is either 'per-instance' or 'always'.  'per-instance'
+    #            will be invoked only on the first boot.  'always' will
+    #            will be called on subsequent boots.
+    if ctype == "__begin__":
+       print "my handler is beginning, frequency=%s" % frequency
+       return
+    if ctype == "__end__":
+       print "my handler is ending, frequency=%s" % frequency
+       return
+
+    print "==== received ctype=%s filename=%s ====" % (ctype,filename)
+    print payload
+    print "==== end ctype=%s filename=%s" % (ctype, filename)
diff --git a/doc/examples/seed/README b/doc/examples/seed/README
index 927768f8..cc15839e 100644
--- a/doc/examples/seed/README
+++ b/doc/examples/seed/README
@@ -2,9 +2,9 @@ This directory is an example of a 'seed' directory.
 
 
 copying these files inside an instance's
-  /var/lib/cloud/data/cache/nocloud
+  /var/lib/cloud/seed/nocloud
 or
-  /var/lib/cloud/data/cache/nocloud-net
+  /var/lib/cloud/seed/nocloud-net
 
 will cause the 'DataSourceNoCloud' and 'DataSourceNoCloudNet' modules
 to enable and read the given data.
diff --git a/doc/userdata.txt b/doc/userdata.txt
index 00c16b25..cc691ae6 100644
--- a/doc/userdata.txt
+++ b/doc/userdata.txt
@@ -36,6 +36,16 @@ finds.  However, certain types of user-data are handled specially.
    will be passed through this same set of rules.  Ie, the content
    read from the URL can be gzipped, mime-multi-part, or plain text
 
+* Include File Once
+   begins with  #include-once      or Content-Type: text/x-include-once-url
+   This content is a "include" file.  The file contains a list of
+   urls, one per line.  Each of the URLs will be read, and their content
+   will be passed through this same set of rules.  Ie, the content
+   read from the URL can be gzipped, mime-multi-part, or plain text
+   This file will just be downloaded only once per instance, and its
+   contents cached for subsequent boots.  This allows you to pass in
+   one-time-use or expiring URLs.
+
  * Cloud Config Data
    begins with  #cloud-config or Content-Type: text/cloud-config