Age | Commit message (Collapse) | Author |
|
Thanks to [1], the hostname is set prior to network bring-up.
The Azure data source has been bouncing the hostname during
setup(), occurring after the hostname has already been
properly configured.
Note that this doesn't prevent leaking the image's hostname
during Azure's _get_data() when it brings up ephemeral DHCP.
However, as are not guaranteed to have the hostname metadata
available from a truly "local" source, this behavior is to
be expected unless we disable `send host-name` from dhclient
config.
[1]: https://github.com/canonical/cloud-init/commit/133ad2cb327ad17b7b81319fac8f9f14577c04df
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
|
|
Some references were missed in the removal of the agent command
in PR #799. This simply removes the remaining references.
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
|
|
Don't throw an exception when mirror arch is unspecified.
|
|
Also, add the "signed by" option to source definitions. This enables
users to limit the scope of trust for individual keys.
LP: #1836336
|
|
|
|
- update the puppet module to support AIO installations by setting
`install_type` to `aio`
- make the install collection configurable through the `collection`
parameter; by default the rolling `puppet` collection will be used,
which installs the latest version)
- when `install_type` is `aio`, puppetlabs repos will be purged after
installation; set `cleanup` to `False` to prevent this
- AIO installations are performed by downloading and executing a shell
script; the URL for this script can be overridden using the
`aio_install_url` parameter
- make it possible to run puppet agent after installation/configuration
via the `exec` key
- by default, puppet agent will run with the `--test` argument; this can
be overridden via the `exec_args` key
|
|
Presently, mirror keys cannot be associated with primary/security
mirrors. Unfortunately, this prevents use of Landscape-managed
package mirrors as the mirror key for the Landscape-hosted repository
cannot be provided.
This patch allows the same key-related fields usable on "sources"
entries to be used on the "primary" and "security" entries as well.
LP: #1925395
|
|
Changed year 2012 into 2032
|
|
This reverts commit 74fa008bfcd3263eb691cc0b3f7a055b17569f8b.
During pre-release testing, we discovered two issues with this commit.
Firstly, there's a typo in the udevadm command that causes a TypeError
for _all_ growpart executions. Secondly, the LVM resizing does not
appear to successfully resize everything up to the LV, though some
things do get resized.
We certainly want this change, so we'll be happy to review and land it
alongside an integration test which confirms that it is working as
expected.
LP: #1922742
|
|
This patch adds support to resize a single partition of a VM if it's using an
LVM underneath. The patch detects if it's LVM if the given block device
is a device mapper by its name (e.g. `/dev/dm-1`) and if it has slave
devices under it on sysfs. After that syspath is updated to the real
block device and growpart will be called to resize it (and automatically
its Physical Volume).
The Volume Group will be updated automatically and a final call to
extend the rootfs to the remaining space available will be made.
Using the same growpart configuration, the user can specify only one
device to be resized when using LVM and growpart, otherwise cloud-init
won't know which one should be resized and will fail.
rhbz: #1810878
LP: #1799953
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
Signed-off-by: Scott Moser <smoser@brickies.net>
|
|
key is a property of source1 and not sources
|
|
|
|
Specifically:
ssh:
emit_keys_to_console: false
We also port the cc_keys_to_console cloud tests to the new integration
testing framework, and add a test for this new option.
LP: #1915460
|
|
For cc_users_groups the user setting "expiredate" must be quoted in
order for the relevant flag and value to be then passed to the useradd
command. It its vaiue is not quoted then it is treated as Python type
datetime.date and in `cloudinit/distros/__init__.py` the below "is it a
string" condition fails and so no "--expiredate" parameter is passed to
useradd and therefore it has no effect:
```
if key in useradd_opts and val and isinstance(val, str):
useradd_cmd.extend([useradd_opts[key], val])
```
For cc_users_groups, the user setting "inactive" does not actually
disable accounts, the useradd "--inactive" option actually defines the
number of days after password expiry that users can still login. So I
have changed the docs to show it taking a quoted value of days (which
works with the current code) rather than a boolean value. The quotes
are necessary, like expiredate above, so that the value is also passed
to the useradd command.
For cc_power_state_change.py the "delay" setting value needs to have
quotes around it as otherwise its leading plus sign will be stripped
off.
|
|
|
|
Few of the 'User and Groups' configurations in cloud-config have no effect on
already existing users. This was not documented earlier.
This change set adds that information to documentation.
Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>
|
|
It is confusing for scripts, where a disabled user has been specified,
that ssh exits with a zero status by default without indication anything
failed.
I think exitting with a non-zero status would make more clear in scripts
and automated setups where things failed, thus making noticing the issue
and debugging easier.
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
Signed-off-by: Aleksandar Kostadinov <akostadi@redhat.com>
LP: #1170059
|
|
Co-authored-by: Daniel Watkins <oddbloke@ubuntu.com>
|
|
Create a schema object for the `apt_configure` module and
validate this schema in the `handle` function of the module.
There are some considerations regarding this PR:
* The `primary` and `security` keys have the exact same properties. I
tried to eliminate this redundancy by moving their properties to a
common place and then just referencing it for both security and
primary. Similar to what is documented here:
https://json-schema.org/understanding-json-schema/structuring.html
under the `Reuse` paragraph. However, this approach does not work,
because the `#` pointer goes to the beginning of the file, which is
a python module instead of a json file, not allowing the pointer to
find the correct definition. What I did was to create a separate dict
for the mirror config and reuse it for primary and security, but
maybe there are better approaches to do that.
* There was no documentation for the config `debconf_selections`. I
tried to infer what it supposed to do by looking at the code and the
`debconf-set-selections` manpage, but my description may not be
accurate or complete.
* Add a _parse_description function to schema.py to render multi-line
preformatted content instead of squashing all whitespace
LP: #1858884
|
|
Also update all examples to include the cloud-config header if they don't have it
LP: #1876414
|
|
This proposal has been aligned in a human readable.
There are no changes to this except for spac
The indentation size is not specifically defined in the YAML RFC
$ make yaml has passed on my-machine
I set the indentation size to the largest number of articles in the repository (dictionary: 2)
(And also include nishigori as a CLA signer.)
|
|
Add support for additional escaping of formatting characters
in the YAML content between the 'cc:' and 'end_cc' tokens. On
s390x legacy terminals the use of square brackets [] are not
available limiting the ability to indicate lists of values in
yaml content. Using #5B and #5D, [ and ] respectively enables
s390x users to pass list yaml content into cloud-init via
command line interface.
|
|
|
|
fixes typo at doc/examples/cloud-config-disk-setup.txt; Cavaut => Caveat
|
|
Other options near it use the non-default value, so the inconsistency
has lead to confusion for readers.
|
|
* cc_ssh: fix capitalisation of SSH
* doc: fix capitalisation of SSH
* cc_keys_to_console: fix capitalisation of SSH
* ssh_util: fix capitalisation of SSH
* DataSourceIBMCloud: fix capitalisation of SSH
* DataSourceAzure: fix capitalisation of SSH
* cs_utils: fix capitalisation of SSH
* distros/__init__: fix capitalisation of SSH
* cc_set_passwords: fix capitalisation of SSH
* cc_ssh_import_id: fix capitalisation of SSH
* cc_users_groups: fix capitalisation of SSH
* cc_ssh_authkey_fingerprints: fix capitalisation of SSH
|
|
More clearly differentiate between the primary apt repo configuration
and any 3rd party apt configuration.
LP: #1832823
|
|
Since this is the first code snippet some users might see,
they could end up in the same situation like me today
when they wonder why their yaml user config is not
working at all.
|
|
|
|
|
|
Encrypted data bags require a secrets file to be present to
decrypt, and the location of the file must be configured the
Chef client configuration file, client.rb.
This update enables cloud-init's chef module to update that
setting in client.rb.
LP: #1817082
|
|
Cloud config can now disable ssh access to non-root users.
When defining the 'users' list in cloud-configuration a boolean
'ssh_redirect_user: true' can be provided to disable ssh logins for
that user. Any ssh 'public-keys' defined in cloud meta-data will be added
and disabled in .ssh/authorized_keys. Any attempts to ssh as this user
using acceptable ssh keys will be presented with a message like the
following:
Please login as the user "ubuntu" rather than the user "youruser".
|
|
LP: #1727876
|
|
To deny a user elevated access, you can omit the `sudo` key from the
`users` dictionary. This works fine however it's implicitly defined
based on defaults of `cloud-init`. If the project moves to have `sudo`
access allowed for all by default (quite unlikely but still possible)
this will catch a few people out.
This introduces the ability to define an explicit `sudo: False` in the
`users` dictionary and it will prevent `sudo` access. The behaviour is
identical to omitting the key.
LP: #1771468
|
|
ext3 is not able to support file system sizes that are needed in Joyent's
cloud. For the default block size of 4k, the maximum filesystem size
for ext3 is 2^32 * 4096 = 16 TiB.
This changes the default file system type from ext3 to ext4.
LP: #1763511
|
|
LP: #1420018
|
|
Apt key was mistyped in the example.
Should be
apt:
sources:
source1:
instead of
apt:
source1:
source:
|
|
When operating in expected path, cloud-init should avoid logging with
warning. That causes 'WARNING' messages in /var/log/cloud-init.log.
By default, warnings also go to the console.
Since jsonschema is a optional dependency, and not present on xenial
and zesty, cloud-init should not warn there.
Also here:
* Add a test to integration tests to assert that there are no
warnings in /var/log/cloud-init.log.
* Update one integration test that did show warning and the related
documentation and examples.
LP: #1724354
|
|
Most users of chef will want to pin the version that is installed.
Typically new versions of chef have to be evaluated for breakage etc.
This change proposes a new optional `omnibus_version` field to the chef
configuration. The changeset also adds documentation referencing the new
field.
LP: #1462693
|
|
This fixes the disk setup example doc which specifies that the only
currently supported table_type option is 'mbr' by adding the 'gpt'
option which got supported as of 0.7.7.
LP: #1703789
|
|
- Updated to standard chef.io url
- Removed the port 4000, due to that has been deprecated
- Added Note about the run_list not being required
Signed-off-by: JJ Asghar <jj@chef.io>
|
|
If 'cmd' is provided to a fs_setup entry, then cloud-init was trying
to execute the rendered string as a single name, rather than
splitting the string. The change here will pass the string to
shell for interpretation so that it is split there.
Also fix some documentation errors and warn when fs_opts or overwrite
is provided along with 'cmd'.
LP: #1687712
|
|
Includes missing examples for RTD, including
examples for datasources, disk partitions and apt update.
Also fix doc in cloud-config-update-apt.txt.
LP: #1459604
|
|
Should be 'manage_resolv_conf' not 'manage-resolv-conf'.
LP: #1531582
|
|
Also add integration test. Note: this new test is not comprehensive; it
simply ensures that the example chef configuration does not blow up and
that chef seems to be installed after its completion.
This new test is disabled by default as it depends on a 3rd party
repository.
LP: #1678145
|
|
This change will add support for hashed passwords in cc_set_passwords.
It checks if a password is a hash with by checking that it matches
in fairly safe way, and also that the password does not have a ":" in it.
chpasswd needs to know if the password is hashed or not, so two lists
is created so chpasswd is feed with the correct one.
LP: #1570325
|
|
|
|
'nobootwait' is an upstart specific extension to the mount syntax that is
not supported by other mount systems. As Ubuntu 16.04 moved from upstart
to systemd, support for 'nobootwait' was lost.
All examples using 'nobootwait' are updated to use the standard 'nofail',
which gives the expected behaviour of not failing to boot in case a volume
is missing. There are subtle differences in semantics between
'nobootwait' and 'nofail', but it is the best substitute that gives
behaviour similar to the upstart specific option.
|
|
Python 3 would fail to load yaml from doc/examples/cloud-config-apt.txt
when the LANG (specifically LC_CTYPE) was 'C'.
The changes here do 2 things:
a.) remove the non-ascii characters from the yaml file.
b.) fix the validate-yaml.py program to decode using utf-8 specifically
rather than using the inherited settings.
This fixes it now for ascii and in the future also should non-ascii slip in.
|
|
Several various minor fixes for the readthedocs documentation.
|