Age | Commit message (Collapse) | Author |
|
This change will add support for hashed passwords in cc_set_passwords.
It checks if a password is a hash with by checking that it matches
in fairly safe way, and also that the password does not have a ":" in it.
chpasswd needs to know if the password is hashed or not, so two lists
is created so chpasswd is feed with the correct one.
LP: #1570325
|
|
Accordingly to the documentation:
The ``partition`` option may also be set to ``auto``, in which this
module will search for the existance of a filesystem matching the
``label``, ``type`` and ``device`` of the ``fs_setup`` entry and
will skip creating the filesystem if one is found.
However, using this "auto" flag always recreates the partition no matter
if it has been done before or not.
This commit fixes a bug in which the "partition" attribute was always
set to None although in some cases it should not.
LP: #1634678
|
|
This is thie cloud-init part of a fix to allow nova-lxd to provide
config drive data. The other part will be done in nova-lxd.
The agreement here is that nova-lxd will copy the contents of the
config drive to /config-drive in the container.
LP: #1673411
|
|
The path for checking presence of Bigstep datasource was simply wrong.
Set the correct path.
LP: #1674766
|
|
Now tox will run pylint. The .pylintrc file sets pylint to only produce
errors, and will ignore certain classes that are known problematic (six).
|
|
The script is written to have the protection of disabling filename
expansion (set -f) and explicitly enabling expansion when needed.
However, the check_config function failed to disable it after enabling.
|
|
ef18b8ac4c added support for handing network config v2 (aka netplan
format). This just adds that feature to the list of supported features.
|
|
Python 2's json.loads would accept bytes, so this bug was
only exposed in python3.
|
|
test_netconfig.py:test_apply_network_config_eni_ub would attempt to
remove any .link files that cloud-init had written. This was just
a failure to mock out all of its interaction with the host.
|
|
When deploying on Azure and using only cloud-init, you must "bounce" the
network interface to trigger a DDNS update. This allows dhclient to
register the hostname with Azure so that DNS works correctly on their
private networks (i.e. between vm and vm).
The agent path was already doing the bounce so this creates parity
between the built-in path and the agent.
LP: #1674685
|
|
Network configuration version 2 format is implemented in a package
called netplan (nplan)[1] which allows consolidated network config
for multiple network controllers.
- Add a new netplan renderer
- Update default policy, placing eni and sysconfig first
This requires explicit policy to enable netplan over eni
on systems which have both (Yakkety, Zesty, UC16)
- Allow any network state (parsed from any format cloud-init supports) to
render to v2 if system supports netplan.
- Move eni's _subnet_is_ipv6 to common code for use by other renderers
- Make sysconfig renderer always emit /etc/syconfig/network configuration
- Update cloud-init.service systemd unit to also wait on
systemd-networkd-wait-online.service
1. https://lists.ubuntu.com/archives/ubuntu-devel/2016-July/039464.html
|
|
Previous commit introduced a regression by calling os.path.is_file, a
non-existent function. This changes that call to use os.path.isfile.
LP: #1674317
|
|
Previously, the distro had hard coded which network renderer it would
use. This adds support for just picking the right renderer based
on what is available.
Now, that can be set via a priority in system_info, but should
generally work. That config looks like:
system_info:
network:
renderers: ["eni", "sysconfig"]
When no renderers are found, a specific RendererNotFoundError is raised.
stages.py is modified to catch that and log it at error level. This
path should not really be exercised, but could occur if for example an
Ubuntu system did not have ifupdown, or a rhel system did not have
sysconfig. In such a system previously we would have quietly rendered
ENI configuration but that would have been ignored. This is one step
better in that we at least log the error.
|
|
The ConfigDrive datasource has read un-partitioned disks for quite
a while, but the documentation lagged behind.
LP: #1673818
|
|
This adds an integration test for setting passwords when given
as a list rather than a string. This also updates the docs and
tests so that Random is now RANDOM as is correct.
|
|
render_network_state should default to rendering on /.
The changes here just make it so render_network_state does not
require a target, but defaults to None, and uses target_path
to handle that.
|
|
As reported in bug 1671927, sysconfig had an issue with rendering
a loopback device. The problem was that some as yet unknown issue was
causing the openstack config drive to parse the provided ENI file rather
than reading the network_data.json. Parsing an ENI file would add a
a 'lo' device of type 'physical', and sysconfig was failing to render
that.
The change here is:
a.) add a 'loopback' type rather than 'physical' for network config.
{'name': 'lo', 'type': 'loopback', 'subnets': ['type': 'loopback']}
b.) support skipping that type in the eni and sysconfig renderers.
c.) make network_state just piggy back on 'physical' renderer for
loopback (this was what was happening before).
Tests are added for eni and sysconfig renderer.
|
|
Use inspect.getmro(mod) rather than mod.__bases__ to test if a potential
testcase class inherits from CloudTestCase. This allows testcases to be
based on CloudTestCase indirectly, adding greater flexibility to the
structure of test classes.
|
|
When running tox -e doc it produces the complete read the docs
output and places it in doc/rtd_html. This is not ignored by git
and shows up as uncommited changes.
|
|
Add instructions on how to run the cii tests to the docs.
|
|
When testing for timezone we were testing that 'date' output would
contain 'HDT' for the current time. But after a 'spring forward', the
current time started to have 'HST'.
Instead of asking 'date' for the timezone that applies now, ask it
for a static date.
|
|
Omnibus installation of chef was broken under python3.
LP: #1583837
|
|
This exposes a mechanism for users of cloud-init to determine if
a version has a specific feature, and adds documentation to that affect.
We list an existing feature NETWORK_CONFIG_V1 as an example.
Also add a 'features' subcommand for listing these to stdout.
|
|
Because the tests/cloud_tests require specific version of pylxd
adding a tox environment makes that much easier.
Additionally it makes calling it at least a bit simpler.
Example:
tox -e citest -- run -v -n zesty --deb=cloud-init_all.deb
|
|
The adjusted change did not support
#cloud-config
password: passw0rd
This correctly fixes that regression.
|
|
This regression was caused by my rework of Sergio's branch.
The change now still works when there is no chpasswd/list provided.
|
|
cc_set_passwords previously supported 'list' as a multiline string:
chpasswd:
list: |
user:pass1
user015:R
This patch adds support for user/pairs as a list:
chpasswd:
list:
- user:pass1
- user015:R
LP: #1665694
|
|
The documentation indicated chpasswd/list should be a list when
the code only accepts a string.
LP: #1665773
|
|
Previously, cloud-init would throw an exception if an interface had
both ipv4 and ipv6 addresses and a default gateway for each address
family. This change allows cloud-init to correctly configure
interfaces in this situation.
LP: #1669504
|
|
log a warning rather than raising ValueError if we see more than three
nameserver addresses.
LP: #1670052
|
|
Change policy so that 'report' can be overridden.
In xenial we had set the builtin default to be 'report', expecting
that Ubuntu core would install config that changed it to 'search'.
However, if report was already set, there was no way to unset it.
The change here is to make 'report' basically 'search-dryrun', so
that one or the other can be set.
The other change here is that report would actually exit disabled
if it did not find a datasource and notfound=disabled. That was
unexpected and would turn cloud-init off, which is not what we wanted.
Additionally, consistently use 'enabled' or 'disabled' versus
'enable' and 'disable'.
LP: #1669949
|
|
Rather than having the dscheck_Ec2 just know the setting, move
it up to a more formal declaration. This will make it look more
clean when a distro carries a patch to change it to warn.
|
|
On a 'not found' result, was not being written at all.
That had the unintended effect of '--force' not working.
Now, on a 'not found' result:
- if reporting: write the list as found (with just 'None').
- if not reporting: only report that there was nothing found.
this means that the warning cloud-init will write about ds-identify
failing to find a datasource will be written, but cloud-init will
still search its fully configured list.
|
|
If ds-identify is in report mode, and the datasource that is found
is not in the list, then warn the user of this situation.
|
|
Now, when ds-identify runs in report mode, it still writes to
/run/cloud-init.cfg as search does, but it will namespace the
result under the top level 'di_report' entry.
|
|
This moves the warning code that was added specifically for
EC2 into a generic path at cloudinit/warnings.py.
It also adds support for writing warning files into the
warnings directory to be shown by Z99-cloudinit-warnings.sh.
|
|
Z99-cloudinit-warnings.sh can be dropped into /etc/profile.d.
Warnings that are written to /var/lib/cloud/instance/warnings
will be displayed to the user on stderr when they log in.
|
|
Modify upstream packaging to install this file, which was
already installed in ubuntu packaging.
Also, white space changes from tabs to spaces. Very few things
in cloud-init are tabs now.
Lastly, remove the executable bit on this as ait is not necessary.
Scripts in /etc/profile.d do not have executable bit.
|
|
In the interest of speed I had skipped the parsing of
/etc/cloud/cloud.cfg for the ec2 strict_id setting. In hindsight
it seems reasonable for people to put settings there.
|
|
ovf_vmware_guest_customization defaults to true in cloud-init, meaning
that such customization is disabled. We just missed a return value
causing ovf_vmware_guest_customization to effectively default to on.
Also, when looking for setting look at /etc/cloud/cloud.cfg.
This had been omitted in interest of performance, but we should
be looking there.
|
|
cloud-init by default sets 'disable_vmware_customization' to True.
So in ds-identify, we will enable the ovf datasource if:
- virt is vmware
- 'libdeployPkgPlugin.so' exists as installed by vmware-tools or
open-vm-tools.
- disable_vmware_customization is configured to True
|
|
Brightbox will identify their platform to the guest by setting the
product serial to a string that ends with 'brightbox.com'.
LP: #1661693
|
|
Based on the setting Datasource/Ec2/strict_id, the datasource
will now warn once per instance.
|
|
ds-identify will now read this setting, and thus allow the user
to modify ds-identifies behavior via either:
1. builtin setting here cloud-init/ds-identify builtin
2. ds-identify config (/etc/cloud/ds-identify.cfg)
3. system config (/etc/cloud/cloud.cfg.d/*Ec2*.cfg)
4. kernel command line (ci.datasource.ec2.strict_id=true)
|
|
A check function that returns found or maybe can also now
return config that will be written to the resultant /run/cloud.cfg.
They do so by setting the variable _RET_excfg.
|
|
This just adds checking of the Ec2 seed directory.
|
|
The following can have cause issue:
FOO="bar ; wark"
showit() {
local b=$FOO
echo $b
}
4: local: ;: bad variable name
The answer is just to use more quotes.
|
|
Just remove some examples that are no longer valid.
|
|
This makes ds-identify run only once. Previously it would run multiple
times each boot as the generator would run more than once. This is
potentially dangerous, in that running again might find more attached
disks. However that is really only a "lucky" fix if it happens to
result differently than the first run.
Additionally, we now log the uptime that we started and ended at.
|
|
|