No longer run pollinate by default in seed_random

The user can still choose to run pollinate here to seed their
random data. And in an environment with network datasource, that
would be expected to work. However, we do not want to run it any
more from cloud-init because
a.) pollinate's own init system jobs should get it ran before ssh,
    which is the primary purpose of wanting cloud-init to run it.
b.) with a local datasource, there is no network guarantee when
    init_modules run, so pollinate -q would often cause issues then.
c.) cloud-init would run pollinate and log the failure causing
    many cloud-init specific failures that it could do nothing about.

Additionally, add documentation for the seed_random config module.

4 files changed, 42 insertions, 7 deletions

diff --git a/ChangeLog b/ChangeLog
index a80a5d5f..6da276b5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -85,6 +85,7 @@
    unless it is already a file (LP: #1543025).
  - Enable password changing via a hashed string [Alex Sirbu]
  - Added BigStep datasource [Alex Sirbu]
+ - No longer run pollinate in seed_random (LP: #1554152)
 
 0.7.6:
  - open 0.7.6
diff --git a/cloudinit/config/cc_seed_random.py b/cloudinit/config/cc_seed_random.py
index 3288a853..1b011216 100644
--- a/cloudinit/config/cc_seed_random.py
+++ b/cloudinit/config/cc_seed_random.py
@@ -83,7 +83,7 @@ def handle(name, cfg, cloud, log, _args):
                   len(seed_data), seed_path)
         util.append_file(seed_path, seed_data)
 
-    command = mycfg.get('command', ['pollinate', '-q'])
+    command = mycfg.get('command', None)
     req = mycfg.get('command_required', False)
     try:
         env = os.environ.copy()
diff --git a/doc/examples/cloud-config-seed-random.txt b/doc/examples/cloud-config-seed-random.txt
new file mode 100644
index 00000000..08f69a9f
--- /dev/null
+++ b/doc/examples/cloud-config-seed-random.txt
@@ -0,0 +1,32 @@
+#cloud-config
+#
+# random_seed is a dictionary.
+#
+# The config module will write seed data from the datasource
+# to 'file' described below.
+#
+# Entries in this dictionary are:
+#   file:     the file to write random data to (default is /dev/urandom)
+#   data:     this data will be written to 'file' before data from
+#             the datasource
+#   encoding: this will be used to decode 'data' provided.
+#             allowed values are 'encoding', 'raw', 'base64', 'b64'
+#             'gzip', or 'gz'.  Default is 'raw'
+#
+#   command:  execute this command to seed random.
+#             the command will have RANDOM_SEED_FILE in its environment
+#             set to the value of 'file' above.
+#   command_required: default False
+#             if true, and 'command' is not available to be run
+#             then exception is raised and cloud-init will record failure.
+#             Otherwise, only debug error is mentioned.
+#
+# Note: command could be ['pollinate',
+#                         '--server=http://local.pollinate.server']
+# which would have pollinate populate /dev/urandom from provided server
+seed_random:
+  file: '/dev/urandom'
+  data: 'my random string'
+  encoding: 'raw'
+  command: ['sh', '-c', 'dd if=/dev/urandom of=$RANDOM_SEED_FILE']
+  command_required: True
diff --git a/tests/unittests/test_handler/test_handler_seed_random.py b/tests/unittests/test_handler/test_handler_seed_random.py
index 34d11f21..98bc9b81 100644
--- a/tests/unittests/test_handler/test_handler_seed_random.py
+++ b/tests/unittests/test_handler/test_handler_seed_random.py
@@ -170,28 +170,30 @@ class TestRandomSeed(t_help.TestCase):
         contents = util.load_file(self._seed_file)
         self.assertEquals('tiny-tim-was-here-so-was-josh', contents)
 
-    def test_seed_command_not_provided_pollinate_available(self):
+    def test_seed_command_provided_and_available(self):
         c = self._get_cloud('ubuntu', {})
         self.whichdata = {'pollinate': '/usr/bin/pollinate'}
-        cc_seed_random.handle('test', {}, c, LOG, [])
+        cfg = {'random_seed': {'command': ['pollinate', '-q']}}
+        cc_seed_random.handle('test', cfg, c, LOG, [])
 
         subp_args = [f['args'] for f in self.subp_called]
         self.assertIn(['pollinate', '-q'], subp_args)
 
-    def test_seed_command_not_provided_pollinate_not_available(self):
+    def test_seed_command_not_provided(self):
         c = self._get_cloud('ubuntu', {})
         self.whichdata = {}
         cc_seed_random.handle('test', {}, c, LOG, [])
 
         # subp should not have been called as which would say not available
-        self.assertEquals(self.subp_called, list())
+        self.assertFalse(self.subp_called)
 
     def test_unavailable_seed_command_and_required_raises_error(self):
         c = self._get_cloud('ubuntu', {})
         self.whichdata = {}
+        cfg = {'random_seed': {'command': ['THIS_NO_COMMAND'],
+                               'command_required': True}}
         self.assertRaises(ValueError, cc_seed_random.handle,
-                          'test', {'random_seed': {'command_required': True}},
-                          c, LOG, [])
+                          'test', cfg, c, LOG, [])
 
     def test_seed_command_and_required(self):
         c = self._get_cloud('ubuntu', {})