summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-04-20schema: in validation, raise ImportError if strict but no jsonschema.Scott Moser
validate_cloudconfig_schema with strict=True would not actually validate if there was no jsonschema available. That seems kind of strange. The change here is to make it raise an exception if strict was passed in. And then to fix the one test that needed a skipIfJsonSchema wrapper.
2018-04-20set_passwords: Add newline to end of sshd config, only restart if updated.Scott Moser
This admittedly does a fairly extensive re-factor to simply add a newline to the end of sshd_config. It makes the ssh_config updating portion of set_passwords more testable and adds tests for that. The new function is in 'update_ssh_config_lines' which allows you to update a config with multiple changes even though only a single one is currently used. We also only restart the ssh daemon now if a change was made to the config file. Before it was always restarted if the user specified a value for ssh_pwauth other than 'unchanged'. Thanks to Lorens Kockum for initial diagnosis and patch. LP: #1677205
2018-04-19pylint: pay attention to unused variable warnings.Scott Moser
This enables warnings produced by pylint for unused variables (W0612), and fixes the existing errors.
2018-04-19doc: Add documentation for AliYun datasource.Junjie Wang
Just add some documentation to readthedocs for AliYun.
2018-04-18Schema: do not warn on duplicate items in commands.Scott Moser
runcmd, bootcmd, snap/commands, ubuntu-advantage/commands would log warning (and fail if strict) on duplicate values in the commands. But those should be allowed. Example, it is perfectly valid to do: runcmd: ['sleep 1', 'sleep 1'] LP: #1764264
2018-04-18net: Depend on iproute2's ip instead of net-tools ifconfig or routeChad Smith
The net-tools package is deprecated and will eventually be dropped. Use "ip route", "link" or "address" instead of "ifconfig" or "route" calls. Cloud-init can now run in an environment that no longer has net-tools. This affects the network and route printing emitted to cloud-config-output.log as well as the cc_disable_ec2_metadata module. Additional changes:  - separate readResource and resourceLocation into standalone test    functions  - Fix ipv4 address rows to report scopes represented by ip addr show  - Formatted route/address ouput now handles multiple ipv4 and ipv6    addresses on a single interface Co-authored-by: James Hogarth <james.hogarth@gmail.com> Co-authored-by: Robert Schweikert <rjschwei@suse.com>
2018-04-18DataSourceSmartOS: fix hang when metadata service is downMike Gerdts
If the metadata service in the host is down while a guest that uses DataSourceSmartOS is booting, the request from the guest falls into the bit bucket. When the metadata service is eventually started, the guest has no awareness of this and does not resend the request. This results in cloud-init hanging forever with a guest reboot as the only recovery option. This fix updates the metadata protocol to implement the initialization phase, just as is implemented by mdata-get and related utilities. The initialization phase includes draining all pending data from the serial port, writing an empty command and getting an expected error message in reply. If the initialization phase times out, it is retried every five seconds. Each timeout results in a warning message: "Timeout while initializing metadata client. Is the host metadata service running?" By default, warning messages are logged to the console, thus the reason for a hung boot is readily apparent. LP: #1667735
2018-04-18DataSourceSmartOS: change default fs on ephemeral disk from ext3 to ext4.Mike Gerdts
ext3 is not able to support file system sizes that are needed in Joyent's cloud. For the default block size of 4k, the maximum filesystem size for ext3 is 2^32 * 4096 = 16 TiB. This changes the default file system type from ext3 to ext4. LP: #1763511
2018-04-18pycodestyle: Fix invalid escape sequences in string literals.Scott Moser
Python has deprecated these invalid string literals now https://bugs.python.org/issue27364 and pycodestyle is identifying them with a W605 warning. https://github.com/PyCQA/pycodestyle/pull/676 So basically, any use of \ not followed by one of [\'"abfnrtv] or \ooo (octal) \xhh (hex) or a newline is invalid. This is most comomnly seen for us in regex. To solve, you either: a.) use a raw string r'...' b.) correctly escape the \ that was not intended to be interpreted.
2018-04-17Implement bash completion script for cloud-init command lineRyan Harper
In bash shells with bash_completion enabled, now the cloud-init sub commands and parameters/flags will be shown.
2018-04-12tools: Fix make-tarball cli tool usage for developmentChad Smith
This tool is used to assist during the creation of ubuntu packages for release testing. Address the following on the command-line: * --help option now print usage * Add --orig-tarball which creates named output file cloud-init_<release-version>.orig.tar.gz * drop unused --verbose option
2018-04-12renderer: support unicode in render_from_file.Scott Moser
If a file passed to render_from_file had non-ascii text then jinja in python2 would decode as ascii, which would cause UnicodeDecodeError. This issue can be re-created in python2 with just: 'can\xe2\x80\x99t'.decode() The solution here is to explicitly pass in unicode supporting type (py3 str, py2 unicode). Those are six.text_type. Then jinja does not try to decode. The reason we hit this is that load_file calls decode_binary. decode_binary believes it has no work to do if it got a six.string_types. isinstance('can\xe2\x80\x99t', six.string_types) == True So it returns the original string which will blow up for jinja. Our fix here then is to load the file in binary mode and explicitly decode it to utf-8. Then in python2 we'll have a unicode type and in python3 we'll have a string type.
2018-04-12Implement ntp client spec with auto support for distro selectionRyan Harper
Add a base NTP client configuration dictionary and allow Distro specific changes to be merged. Add a select client function which implements logic to preferr installed clients over clients which need to be installed. Also allow distributions to override the cloud-init defaults. LP: #1749722
2018-04-11Apport: add Brightbox, IBM, LXD, and OpenTelekomCloud to list of clouds.Scott Moser
When filing a bug with apport, this allows the user to choose Brightbox, IBM, LXD, or OpenTelekomCloud as their cloud.
2018-04-07tests: fix ec2 integration network metadata validationChad Smith
Fix integraiton test logic for ec2 to look for network and availability-zone data under the key path 'ds'=>'meta-data' instead of just 'ds' when parsing instance-data.json.
2018-04-03tests: fix integration tests to support lxd 3.0 releaseChad Smith
Integration tests previously had a logic path that was unexercised on jenkins because we were on an older version of lxc. With an upgrade to lxd version 3.0 we need to bump pylxd dependency pin and fix a typo in integration tests which checked the lxd version.
2018-04-03correct documentation to match correct attribute name usage.Dominic Schlegel
LP: #1420018
2018-04-02cc_resizefs, util: handle no /dev/zfsRyan Harper
The zfs/zpool commands will hang for 10 seconds if /dev/zfs is not present (bug 1760173). This is a common occurence for containers using zfs as rootfs. Additionally handle missing zpool command or other errors that may occur while executing the zpool command.
2018-03-29doc: Fix links in OpenStack datasource documentation.Dominic Schlegel
Fix link to external openstack resource and to internal vendor data. LP: #1721660
2018-03-27release 18.2Chad Smith
Bump the version in cloudinit/version.py to be 18.2 and update ChangeLog. LP: #1759318
2018-03-27Hetzner: Exit early if dmi system-manufacturer is not Hetzner.Scott Moser
This takes the same basic check that is in ds-identify. If the DMI system manufacturer (aka sys_vendor) is not 'Hetzner', then exit out of the datasource's get_data quickly.
2018-03-27Add missing dependency on isc-dhcp-client to trunk ubuntu packaging.Scott Moser
This just correctly adds the missing dependency on isc-dhcp-client. That package is used via 'dhclient' from cloudinit/net/dhcp.py. LP: #1759307
2018-03-27FreeBSD: resizefs module now able to handle zfs/zpool.Dominic Schlegel
Previously there was no support at all for zfs file system. With this change it is now possible to use the resizefs module to grow a zpool to its maximum partition size on FreeBSD. LP: #1721243
2018-03-26cc_puppet: Revert regression of puppet creating ssl and ssl_cert dirsChad Smith
Replace regressed cc_puppet functionality from a1f678f8. The following content was inadvertently dropped: - chown /var/lib/puppet/ssl as puppet:root. - Automatic creation of /var/lib/puppet/ssl/certs
2018-03-23Enable IBMCloud datasource in settings.py.Scott Moser
This just got missed in the IBMCloud datasource addition. Add it to the builtin list of datasources.
2018-03-23IBMCloud: Initial IBM Cloud datasource.Scott Moser
This adds a specific IBM Cloud datasource. IBM Cloud is identified by: a.) running on xen b.) one of a LABEL=METADATA disk or a LABEL=config-2 disk with UUID=9796-932E The datasource contains its own config-drive reader that reads only the currently supported portion of config-drive needed for ibm cloud. During the provisioning boot, cloud-init is disabled. See the docstring in DataSourceIBMCloud.py for more more information.
2018-03-23tests: remove jsonschema from xenial tox environment.Scott Moser
Ubuntu 16.04 (xenial) does not have jsonschema installed by default. As it is listed in requirements, the tox environment will always have it installed. Add the helper tools/pipremove that removes pip packages. Then use that to remove jsonschema without noise of always running and ignoring a 'pip uninstall jsonschema'.
2018-03-23tests: Fix newly added schema unit tests to skip if no jsonschema.Scott Moser
The recently added snap and ubuntu_advantage modules had unit tests that exercised jsonschema. Those throw error if jsonschema is not present. Fix to skip in that scenario.
2018-03-23ec2: Adjust ec2 datasource after exception_cb change.Scott Moser
The recent change to exception_cb missed this caller. The result was a slow test.
2018-03-23Reduce AzurePreprovisioning HTTP timeouts.Douglas Jordan
Reducing timeout to 1 second as IMDS responds within a handful of milliseconds. Also get rid of max_retries to prevent exiting out of polling loop early due to IMDS outage / upgrade. Reduce Azure PreProvisioning HTTP timeouts during polling to avoid waiting an extra minute. LP: #1752977
2018-03-23Revert the logic of exception_cb in read_url.Kurt Garloff
In commit e9e8616, there was an inversion of the logic of the exception_cb return value meaning, breaking the (network) OpenStack DataSource, which implemented exception_cb as should_retry_cb, returning True when a retry should be done and False when the retry loop should be broken and the exception reraised again immediately. The OpenStack DS was the only user of this callback at the time and not touched by the commit (nor did the commit message mention an intended change), so this almost certainly happened by mistake. These days, we have a second user of the callback in DataSourceScaleway. It uses the new logic, so it needs change if we fix the meaning of the return value. This patch reverts the meaning of url_helper.read_url() execption_cb to the old semantics. It updates the comment and adjusts the Scaleway datasource. The patch has been tested on Open Telekom Cloud (which uses the OpenStack network Datasource) where previously a missing user_data and network_data.json would be retried 6 times each despite them not being present (they are optional!) and the server repsonding with a correct 404. After the patch, boot times are 10s faster, as we no longer pointlessly retry these files. LP: #1702160 LP: #1298921
2018-03-22ubuntu-advantage: Add new config module to support ubuntu-advantage-toolsChad Smith
ubuntu-advantage-tools is a package for enabling and disabling extended support services such as Extended Security Maintenance (ESM), Canonical Livepatch and FIPS certified PPAs. Simplify Ubuntu Advantage setup on machines by allowing users to provide a list of ubuntu-advantage commands in cloud-config.
2018-03-22Handle global dns entries in netplanRyan Harper
In network config v1 format, there are dns values which are not bound to a specific interface and do not map to the per-interface format in netplan. To handle this case we render netplan configuration that duplicates the DNS configuration on any interface that has a static network config. We avoiding interfaces which have DHCP configuration which may provide conflicting DNS values. LP: #1750884
2018-03-21Identify OpenTelekomCloud Xen as OpenStack DS.Kurt Garloff
Open Telekom Cloud gen1 (Xen) hosts do not provide nova product names in DMI but Xen HVM domU. They can however be safely identified by the OpenTelekomCloud Chassis asset tag. OpenTelekomCloud does use the network OpenStack DataSource, so we better detect it. LP: #1756471
2018-03-20datasources: fix DataSource subclass get_hostname method signatureChad Smith
DataSource.get_hostname call signature changed to allow for metadata_only parameter. The metadata_only=True parameter is passed to get_hostname during init-local stage in order to set the system hostname if present in metadata prior to initial network bring up. Fix subclasses of DataSource which have overridden get_hostname to allow for metadata_only param. LP: #1757176
2018-03-20OpenNebula: Update network to return v2 config rather than ENI.Akihiko Ota
OpenNebulaNetwork.gen_conf() was previously returning ENI format. This is updated to return netplan/v2 config. The changes here also adds support for IPv6 configuration distributed from OpenNebula and fixes some issues about nameserver information.
2018-03-19Add Hetzner Cloud DataSourceScott Moser
The Hetzner Cloud metadata service is an AWS-style service available over HTTP via the link local address 169.254.169.254. https://hetzner.com/cloud https://docs.hetzner.cloud/
2018-03-16net: recognize iscsi root cases without ip= on kernel command line.Scott Moser
When 'ip=' or 'ip6=' is found on the kernel command line, cloud-init will consider read network config from /run/net-*.conf files. There are some iscsi-root scenarios where initramfs configures networking but the ip= parameter is not present. 2 such cases are:  a.) static config in /etc/iscsi/iscsi.initramfs (copied into the initramfs)  b.) iBft This changes cloud-init to consider initramfs provided networking information if:  * there are /run/net-* files and  * (ip= or ip6 is on the command line) or open-iscsi.interface file exists. LP: #1752391
2018-03-16tests: fix flakes warning for unused variableChad Smith
2018-03-16tests: patch leaked stderr messages from snap unit testsChad Smith
2018-03-16cc_snap: Add new module to install and configure snapd and snap packages.Chad Smith
Support installing and configuring snaps on ubuntu systems. Now, cloud-config files can provide a list or dictionary of snap:assertions which will be allow configuration of snapd on a system via 'snap ack' calls. The snap:commands configuration option supports arbitrary system commands intended to interact with snappy's cli. This allows users to run arbitrary snappy commands to create users, download, install and configure snap packages and snapd. This branch also deprecates old snappy and snap_config modules leaving warnings in documentation and runtime for consumers of these modules. Deprecated snap* modules will be dropped in cloud-init v.18.2 release.
2018-03-16tests: Make pylint happy and fix python2.6 uses of assertRaisesRegex.Scott Moser
Older unittest2.TestCase (as seen in CentOS 6) do not have an assertRaisesRegex method. They only have the now-deprecated assertRaisesRegexp. We need our unit tests to work there and on newer python (3.6). Simply making assertRaisesRegex = assertRaisesRegexp makes pylint complain as described in https://github.com/PyCQA/pylint/issues/1946 . What was here before this commit was actually broken. This commit makes assertRaisesRegex functional in CentOS 6 and works around the invalid Deprecated warning from pylint. To prove this, we use assertRaisesRegex in a unit test which will be exectued in py27, py3 and py26.
2018-03-16netplan: render bridge port-priority valuesRyan Harper
Update netplan renderer to write out bridge port-priority values now that netplan supports the feature. LP: #1735821
2018-03-15util: Fix subp regression. Allow specifying subp command as a string.Chad Smith
The command provided to subp can either be a string or a list. This patch fixes a regression which raised CalledProcessError whenever providing a string to subp. LP: #1755965
2018-03-15doc: fix all warnings issued by 'tox -e doc'Scott Moser
Building doc would issue some warnings. This fixes all the warnings, and changes the "code blocks" that were listed as 'bash' to instead be 'shell-session'.
2018-03-15FreeBSD: Set hostname to FQDN.Dominic Schlegel
FreeBSD requires the hostname to be set to FQDN. Previously the hostname just got set to short hostname (without FQDN part). Now cloud-init does set the hostname to the FQDN on FreeBSD hosts if a valid FQDN is given. LP: #1753499
2018-03-15tests: fix run_tree and bddebScott Moser
This was broken probably when we inserted the ssh keys into Platform.   tox -e citest tree_run and   tox -e citest bddeb would fail with KeyError in Platform.init due to lack of a data_dir. Also here are a few fixes found from attempting to make it work.
2018-03-15tests: Fix some warnings in tests that popped up with newer python.Scott Moser
When running 'tox -e pylint' on a bionic system (python 3.6.4) I started seeing errors today like: tests/cloud_tests/platforms/__init__.py:5: [E0401(import-error), ] Unable to import 'tests.cloud_tests.platforms.ec2' The fix for those first errors was simply to create the __init__.py. The second set of changes fixes fallout found from actually now having pylint properly run on more of the cloud_tests.
2018-03-14set_hostname: When present in metadata, set it before network bringup.Chad Smith
When instance meta-data provides hostname information, run cc_set_hostname in the init-local or init-net stage before network comes up. Prevent an initial DHCP request which leaks the stock cloud-image default hostname before the meta-data provided hostname was processed. A leaked cloud-image hostname adversely affects Dynamic DNS which would reallocate 'ubuntu' hostname in DNS to every instance brought up by cloud-init. These instances would only update DNS to the cloud-init configured hostname upon DHCP lease renewal. This branch extends the get_hostname methods in datasource, cloud and util to limit results to metadata_only to avoid extra cost of querying the distro for hostname information if metadata does not provide that information. LP: #1746455
2018-03-14tests: Centralize and re-use skipTest based on json schema presense.Scott Moser
This just centralizes a hunk of duplicated code and uses it from the new location.