| Age | Commit message (Collapse) | Author |
|---|
|
Based on the setting Datasource/Ec2/strict_id, the datasource
will now warn once per instance.
|
|
ds-identify will now read this setting, and thus allow the user
to modify ds-identifies behavior via either:
1. builtin setting here cloud-init/ds-identify builtin
2. ds-identify config (/etc/cloud/ds-identify.cfg)
3. system config (/etc/cloud/cloud.cfg.d/*Ec2*.cfg)
4. kernel command line (ci.datasource.ec2.strict_id=true)
|
|
A check function that returns found or maybe can also now
return config that will be written to the resultant /run/cloud.cfg.
They do so by setting the variable _RET_excfg.
|
|
This just adds checking of the Ec2 seed directory.
|
|
The following can have cause issue:
FOO="bar ; wark"
showit() {
local b=$FOO
echo $b
}
4: local: ;: bad variable name
The answer is just to use more quotes.
|
|
Just remove some examples that are no longer valid.
|
|
This makes ds-identify run only once. Previously it would run multiple
times each boot as the generator would run more than once. This is
potentially dangerous, in that running again might find more attached
disks. However that is really only a "lucky" fix if it happens to
result differently than the first run.
Additionally, we now log the uptime that we started and ended at.
|
|
|
|
There were some logic errors in sysconfig.py that appear to be the
result of accidentally typing "iface" where it should have been
"iface_cfg". This patch corrects those problems so that the module
can run successfully.
LP: #1665441
Resolves: rhbz#1389530
|
|
the MetadataLeafDecoder would return a bytes value b'' instead of
an empty string if the value of a key was empty. In all other cases
the value would be a string.
This was discovered when trying to json.dumps(get_instance_metadata())
on a recent OpenStack, where the value of 'public-ipv4' was empty.
The attempt to dump that with json would raise
TypeError: b'' is not JSON serializable
|
|
When the ds-identify code landed, it started writing /run/cloud.cfg
but at the moment, nothing was reading that. The result is that
ds-identify only worked to disable cloud-init entirely.
|
|
has_fs_with_label regressed when refactoring to not have leading
and trailing , in DI_FS_LABELS.
LP: #1663735
|
|
The nocloud datasource specifically would look for ds=nocloud or
ds=nocloud-net (often augmented with 'seedfrom') on the kernel command line.
Fix to return DS_FOUND in that case.
LP: #1663723
|
|
Nova lxd will now put the environment variable 'platform' into
pid 1's environment to the value 'OpenStack Nova', which is the same as
you would find in kvm guests.
LP: #1661797
|
|
aarch64 does support dmi, but OpenStack does not populate guests
with this information, and there are currently bugs in qemu preventing
it from working correctly see bug #1663304 for more information.
So, for the time being, pretend as if there is no dmi data on aarch64,
which will make it enable cloud-init even when no datasources are found.
|
|
- make check will no longer run the style checks, that way package builds
wont fail on a style difference in versions of the style tools in
that distro.
- created style-check make file target to continue to run pep8 and pyflakes
- added tox envs 'tip-pycodestyle' and 'tip-pyflakes' to run latest style
checking. These are not enabled by default run of tox.
LP: #1652329
|
|
$ pycodestyle cloudinit/ tests/ tools/
tools/make-mime.py:25:5: E722 do not use bare except'
tools/mock-meta.py:252:17: E722 do not use bare except'
For tools/make-mime.py:25:5: E722 do not use bare except' the use case is
when someone runs
./make-mime.py --attach commis
instead of
./make-mime.py --attach commissaire.txt:x-commissaire-host
The split can cause a ValueError potentially if there is no:
For tools/mock-meta.py:262:17: E722 do not use bare except' the use case is
a dictionary look up occurs potentially when an unknown key is given:
key_name = key_ids[key_id]
Do note that version 2.3.0 falsely reported a dozen or so E302 and E306
errors.
|
|
When manual_cache_clean is enabled, write a file to
/var/lib/cloud/instance/manual-clean. That file can then be read by
ds-identify or another tool to indicate that manual cleaning is in place.
|
|
ds-identify is run here from the generator. If ds-identify does
not see any datasources, it can completely disable cloud-init.
The big value in this is that if there is no datasource, no python
will ever be loaded, and cloud-init will be disabled.o
The default policy being added here is:
search,found=all,maybe=all,notfound=disabled
That means:
- enable (in 'datasource_list') all sources that are found.
- if none are found, enable all 'maybe'.
- if no maybe are found, then disable cloud-init.
On platforms without DMI (everything except for aarch64 and x86),
the default 'notfound' setting is 'enabled'. This is because many of
the detection mechanisms rely on dmi data, which is present only on
x86 and aarch64.
|
|
* Fix small typo
* Fix ISO-Filename for consistency
|
|
The iface:alias syntax for eni rendering is brittle with ipv6.
Replace it with using multiple iface stanzas with the same iface
name which is supported. Side-effect is that one can no longer
do 'ifup $iface:$alias' but requires instead use of ip address
{add|delete} instead.
LP: #1657940
|
|
Fix mock-meta to work with python2 or python3.
Additionally, it will now listen to ipv6 connections, where
previously it would only work with ipv4.
|
|
The test_user_data_normalize and test_net files had gotten
the executable bit set, and thus are skipped by nose by default.
We could set run with the --exe flag, but they should not have
gotten this way.
Other changes here:
* replace TempDirTestCase with CiTestCase, which has some nice
tmp_dir() and tmp_path() functions. Going forward the intent
is to have CiTestCase be the base test case for tests.
* test_net: switch to CiTestCase and fix usage that was
silently broken, because of exe bit.
* populate_dir: return the list of files that it writes rather
than having no return value.
* CiTestCase:
* support tmp_path("foo") that returns a full path to 'foo'
under a tmpdir.
* add tmp_dir() to get a temp dir and clean up.
|
|
No shipping ubuntu has a python 3.4 that is less than 3.4.2.
Remove this workaround to avoid unnecessary complexity.
This reverts 04a60cf949.
|
|
cloud-init adds ssh_authorized_keys to the default user and to
root but for root it disables the keys with a prefix command.
However, if the public_key key is of type ecdsa-sha2-nistp521,
it is not parsed correctly, and the prefix command is not prepended.
Resolves: rhbz#1151824
LP: #1658174
|
|
this ensures that we call httpretty.reset() before calling
httppretty.register_uri(...), which ensures that we get a fresh
callback with the expected version of the metadata.
LP: #1658200
|
|
running 'make' on a git branch other than master would fail with
complaint that the tools/read-version reported a different version
than the code.
Change to only consider tags starting with 0-9 in read-version.
|
|
On EC2, instance metadata can include credentials that remain valid for as
much as 6 hours. Reading these and allowing them to be pickled represents
a potential vulnerability if a snapshot of the disk is taken and shared as
part of an AMI.
This skips security-credentials when walking the meta-data tree.
LP: #1638312
Reviewed-by: Ian Weller <iweller@amazon.com>
Reviewed-by: Ben Cressey <bcressey@amazon.com>
Reported-by: Kyle Barnes <barnesky@amazon.com>
|
|
The existing documentation referred to a handle_type method when it
really should be handle_part. It also referred to 'methods' when it
really should say 'functions' to be clear (while it's true the built-in
handlers are classes with methods of these names, in this context we
mean module-level functions).
Also clarified that a part-handler should come before the parts that
it handles, and can override built-in handlers.
|
|
This just fills out some of the documentation on the OpenStack datasource.
|
|
This modifies get_data in DataSourceOpenStack.py to get the timeout
and retries values from the data source configuration, rather than
from keyword arguments. This permits get_data to use the same timeout
as other methods, and allows an operator to increase the timeout in
environments where the metadata service takes longer than five seconds
to respond.
LP: #1657130
Resolves: rhbz#1408589
|
|
- staticIPV4 property can be either None or a valid Array. Need to
check for None before accessing the ip address.
- Modified few misc. log messages.
- Added a new log message while waiting for the customization config file.
- Added support to configure the maximum amount of time to wait for the
customization config file.
- VMware Customization Support is provided only for DataSourceOVF class and
not for any other child classes. Implemented a new variable
vmware_customization_supported to check whether the 'VMware Customization'
support is available for a specific datasource or not.
- Changed the function get_vmware_cust_settings to get_max_wait_from_cfg.
- Removed the code that does 'ifdown and iup' in NIC configurator.
|
|
|
|
Recent fedora releases use "dnf" instead of "yum" for package
management. While there is a compatible "yum" cli available, there's
no guarantee that it will be available.
With this patch, cloud-init will check for /usr/bin/dnf and use that
if it exists instead of yum.
rhbz: https://bugzilla.redhat.com/show_bug.cgi?id=1194451
LP: #1647118
|
|
The change here is to use '/usr/bin/env python' in validate-yaml.py
as all other tools/*.py do.
Additionally, change the Makefile to invoke validate-yaml.py with
the python that it has selected for other things (PYVER).
|
|
Failures to load the kernel command line's url (cloud-config-url=)
would previously get swallowed. This should make it much more
obvious when that happens. With logging going to expected places
at sane levels (WARN will go to stderr by default).
|
|
Bump the version in cloudinit/version.py to be 0.7.9.
|
|
This just makes headers in doc/rtd/topics/tests.rst consistent with
other rst files, as the comment in doc/rtd/index.rst suggests.
|
|
pycodestyle has better checking for 2 lines blank lines.
This failed to build on zesty as a result.
Patching this here, and filed bug 1652329 to fix it more permenantly.
|
|
The adds in end-to-end testing of cloud-init. The framework utilizes
LXD and cloud images as a backend to test user-data passed in.
Arbitrary data is then captured from predefined commands specified
by the user. After collection, data verification is completed by
running a series of Python unit tests against the collected data.
Currently only the Ubuntu Trusty, Xenial, Yakkety, and Zesty
releases are supported. Test cases for 50% of the modules is
complete and available.
Additionally a Read the Docs file was created to guide test
writing and execution.
|
|
This has been a recurring ask and we had initially just made the change to
the cloud-init 2.0 codebase. As the current thinking is we'll just
continue to enhance the current codebase, its desirable to relicense to
match what we'd intended as part of the 2.0 plan here.
- put a brief description of license in LICENSE file
- put full license versions in LICENSE-GPLv3 and LICENSE-Apache2.0
- simplify the per-file header to reference LICENSE
- tox: ignore H102 (Apache License Header check)
Add license header to files that ship.
Reformat headers, make sure everything has vi: at end of file.
Non-shipping files do not need the copyright header,
but at the moment tests/ have it.
|
|
The correct order of precedence when reading the base config:
builtin config
system config
kernel command line provided config.
This reverts commit 63501f44, which actually broke the behavior it
reported to fix. It also adds some unit tests to ensure this behavior
is not broken again.
LP: #1582323
|
|
|
|
Update ssh_util.py with latest list of keys (from openssh-7.3p1/sshkeys.c),
and remove extinct keys ending with "-v00@openssh.com"
Added keys:
rsa-sha2-256,
rsa-sha2-512,
ed25519,
ssh-ed25519,
ssh-ed25519-cert-v01@openssh.com
Removed both of the double entries for the keys:
ssh-dss-cert-v00@openssh.com
ssh-rsa-cert-v00@openssh.com
|
|
This just adds a unit test for a case found to be failing in curtin.
The issue was reported under bug 1649652.
|
|
In some situations, cloud-init will erroneously append a default
domain to an already fully qualified hostname, resulting in something
like 'localhost.localdomain.localdomain'. This patch checks to see if
the value returned by util.get_hostname() contains a '.', and if it
does treats it as a fully qualified name.
Resolves: rhbz#1389048
LP: #1647910
|
|
'nobootwait' is an upstart specific extension to the mount syntax that is
not supported by other mount systems. As Ubuntu 16.04 moved from upstart
to systemd, support for 'nobootwait' was lost.
All examples using 'nobootwait' are updated to use the standard 'nofail',
which gives the expected behaviour of not failing to boot in case a volume
is missing. There are subtle differences in semantics between
'nobootwait' and 'nofail', but it is the best substitute that gives
behaviour similar to the upstart specific option.
|
|
The bit.ly link seems to have expired. Replace it with link to
'latest' version of EC2 docs.
|
|
Cloud-config provided like:
users:
- default
- name: foobar
groups: sudo, adm
Would result in adduser being called as:
useradd foobar --groups 'sudo, adm' -m
Which would cause error:
useradd: group ' adm' does not exist
The fix here is just to always normalize groups and remove whitespace.
Additionally a fix and unit tests to explicitly set system=False
or no_create_home=True. Previously those paths did not test the value
of the entry, only the presense of the entry.
LP: #1354694
|
|
During recent changes to cc_mounts, on systemd systems, we started using
systemctl daemon-reload
rather than 'mount -a' to get mounts done.
The belief was that since entries in /etc/fstab would be written
to tell systemd that they should be after cloud-init
(x-systemd.requires=cloud-init.service) that the reload would then
let systemd mount the units as expected.
That doesn't seem to work, and new mount entries end up not getting
mounted. The change here moves back to using 'mount -a', but
then also does a systemctl daemon-reload.
LP: #1647708
|
