forked from rpms/cloud-init
Compare commits
8 Commits
imports/c8
...
c8
Author | SHA1 | Date |
---|---|---|
CentOS Sources | 8706acdb01 | |
CentOS Sources | 5b0b552e23 | |
CentOS Sources | cd2b81ea61 | |
CentOS Sources | 947bda3709 | |
CentOS Sources | cf197691a5 | |
CentOS Sources | 886e568584 | |
CentOS Sources | abb191fe7b | |
CentOS Sources | f2b347fb74 |
|
@ -1 +1 @@
|
|||
cbde66f717b7883c4ab64b145042de54f131afab SOURCES/cloud-init-20.3.tar.gz
|
||||
830185bb5ce87ad86e4d1c0c62329bb255ec1648 SOURCES/cloud-init-22.1.tar.gz
|
||||
|
|
|
@ -1 +1 @@
|
|||
SOURCES/cloud-init-20.3.tar.gz
|
||||
SOURCES/cloud-init-22.1.tar.gz
|
||||
|
|
|
@ -1,8 +1,44 @@
|
|||
From 25ea7a28d69518319ae1ed1b3cd510147868fd29 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Mon, 5 Oct 2020 13:49:36 +0200
|
||||
From 5e1e568d7085fd4443b4e3ccc492f5e31747e270 Mon Sep 17 00:00:00 2001
|
||||
From: Amy Chen <xiachen@redhat.com>
|
||||
Date: Wed, 20 Apr 2022 10:59:48 +0800
|
||||
Subject: Add initial redhat setup
|
||||
|
||||
Merged patches (22.1)
|
||||
- d18029bf Add netifaces package as a Requires in cloud-init.spec.template
|
||||
- 31adf961 Add gdisk and openssl as deps to fix UEFI / Azure initialization
|
||||
- f4a2905d Add dhcp-client as a dependency
|
||||
- 290e14cc cloud-init.spec.template: update %systemd_postun parameter
|
||||
- 9be4ae9b (tag: cloud-init-21.1-1.el8) Update to cloud-init-21.1-1.el8
|
||||
|
||||
Conflicts:
|
||||
cloudinit/config/cc_chef.py Using double quotes instead of single quotes
|
||||
|
||||
cloudinit/settings.py
|
||||
- Using rhel settings
|
||||
- Using double quotes instead of single quotes
|
||||
|
||||
setup.py
|
||||
- Following the changes of 21.1 rebase
|
||||
- Using double quotes instead of single quotes
|
||||
|
||||
redhat/cloud-init.spec.template
|
||||
- Add the drop-in to the right cloud-init.spec used by our package builder, which is downstream-only part of the bz 2002492 fix.
|
||||
|
||||
redhat/Makefile.common
|
||||
- Backport the build handling fixes from patch "Update to cloud-init-21.1-1.el8"
|
||||
|
||||
Signed-off-by: Amy Chen <xiachen@redhat.com>
|
||||
|
||||
Merged patches (21.1):
|
||||
- 915d30ad Change gating file to correct rhel version
|
||||
- 311f318d Removing net-tools dependency
|
||||
- 74731806 Adding man pages to Red Hat spec file
|
||||
- 758d333d Removing blocking test from yaml configuration file
|
||||
- c7e7c59c Changing permission of cloud-init-generator to 755
|
||||
- 8b85abbb Installing man pages in the correct place with correct permissions
|
||||
- c6808d8d Fix unit failure of cloud-final.service if NetworkManager was not present.
|
||||
- 11866ef6 Report full specific version with "cloud-init --version"
|
||||
|
||||
Rebase notes (18.5):
|
||||
- added bash_completition file
|
||||
- added cloud-id file
|
||||
|
@ -33,36 +69,36 @@ setup.py:
|
|||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
.gitignore | 1 +
|
||||
cloudinit/config/cc_chef.py | 67 ++++-
|
||||
cloudinit/config/cc_chef.py | 65 ++-
|
||||
cloudinit/settings.py | 7 +-
|
||||
redhat/.gitignore | 1 +
|
||||
redhat/Makefile | 71 +++++
|
||||
redhat/Makefile.common | 37 +++
|
||||
redhat/Makefile | 71 +++
|
||||
redhat/Makefile.common | 37 ++
|
||||
redhat/cloud-init-tmpfiles.conf | 1 +
|
||||
redhat/cloud-init.spec.template | 517 ++++++++++++++++++++++++++++++++++
|
||||
redhat/gating.yaml | 9 +
|
||||
redhat/cloud-init.spec.template | 696 ++++++++++++++++++++++++++
|
||||
redhat/gating.yaml | 8 +
|
||||
redhat/rpmbuild/BUILD/.gitignore | 3 +
|
||||
redhat/rpmbuild/RPMS/.gitignore | 3 +
|
||||
redhat/rpmbuild/SOURCES/.gitignore | 3 +
|
||||
redhat/rpmbuild/SPECS/.gitignore | 3 +
|
||||
redhat/rpmbuild/SRPMS/.gitignore | 3 +
|
||||
redhat/scripts/frh.py | 27 ++
|
||||
redhat/scripts/git-backport-diff | 327 +++++++++++++++++++++
|
||||
redhat/scripts/git-compile-check | 215 ++++++++++++++
|
||||
redhat/scripts/process-patches.sh | 77 +++++
|
||||
redhat/scripts/frh.py | 25 +
|
||||
redhat/scripts/git-backport-diff | 327 ++++++++++++
|
||||
redhat/scripts/git-compile-check | 215 ++++++++
|
||||
redhat/scripts/process-patches.sh | 92 ++++
|
||||
redhat/scripts/tarball_checksum.sh | 3 +
|
||||
rhel/README.rhel | 5 +
|
||||
rhel/cloud-init-tmpfiles.conf | 1 +
|
||||
rhel/cloud.cfg | 69 +++++
|
||||
rhel/systemd/cloud-config.service | 18 ++
|
||||
rhel/cloud.cfg | 69 +++
|
||||
rhel/systemd/cloud-config.service | 18 +
|
||||
rhel/systemd/cloud-config.target | 11 +
|
||||
rhel/systemd/cloud-final.service | 19 ++
|
||||
rhel/systemd/cloud-final.service | 24 +
|
||||
rhel/systemd/cloud-init-local.service | 31 ++
|
||||
rhel/systemd/cloud-init.service | 25 ++
|
||||
rhel/systemd/cloud-init.service | 25 +
|
||||
rhel/systemd/cloud-init.target | 7 +
|
||||
setup.py | 23 +-
|
||||
setup.py | 28 +-
|
||||
tools/read-version | 28 +-
|
||||
30 files changed, 1562 insertions(+), 50 deletions(-)
|
||||
30 files changed, 1756 insertions(+), 55 deletions(-)
|
||||
create mode 100644 redhat/.gitignore
|
||||
create mode 100644 redhat/Makefile
|
||||
create mode 100644 redhat/Makefile.common
|
||||
|
@ -90,7 +126,7 @@ Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
|||
create mode 100644 rhel/systemd/cloud-init.target
|
||||
|
||||
diff --git a/cloudinit/config/cc_chef.py b/cloudinit/config/cc_chef.py
|
||||
index aaf7136..97ef649 100644
|
||||
index fdb3a6e3..d028c548 100644
|
||||
--- a/cloudinit/config/cc_chef.py
|
||||
+++ b/cloudinit/config/cc_chef.py
|
||||
@@ -6,7 +6,70 @@
|
||||
|
@ -165,41 +201,32 @@ index aaf7136..97ef649 100644
|
|||
|
||||
import itertools
|
||||
import json
|
||||
@@ -31,7 +94,7 @@ CHEF_DIRS = tuple([
|
||||
'/var/lib/chef',
|
||||
'/var/cache/chef',
|
||||
'/var/backups/chef',
|
||||
- '/var/run/chef',
|
||||
+ '/run/chef',
|
||||
])
|
||||
REQUIRED_CHEF_DIRS = tuple([
|
||||
'/etc/chef',
|
||||
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
|
||||
index ca4ffa8..3a04a58 100644
|
||||
index ecc1403b..39650a5b 100644
|
||||
--- a/cloudinit/settings.py
|
||||
+++ b/cloudinit/settings.py
|
||||
@@ -46,13 +46,16 @@ CFG_BUILTIN = {
|
||||
@@ -50,13 +50,16 @@ CFG_BUILTIN = {
|
||||
],
|
||||
'def_log_file': '/var/log/cloud-init.log',
|
||||
'log_cfgs': [],
|
||||
- 'syslog_fix_perms': ['syslog:adm', 'root:adm', 'root:wheel', 'root:root'],
|
||||
+ 'mount_default_fields': [None, None, 'auto', 'defaults,nofail', '0', '2'],
|
||||
+ 'ssh_deletekeys': False,
|
||||
+ 'ssh_genkeytypes': [],
|
||||
+ 'syslog_fix_perms': [],
|
||||
'system_info': {
|
||||
'paths': {
|
||||
'cloud_dir': '/var/lib/cloud',
|
||||
'templates_dir': '/etc/cloud/templates/',
|
||||
"def_log_file": "/var/log/cloud-init.log",
|
||||
"log_cfgs": [],
|
||||
- "syslog_fix_perms": ["syslog:adm", "root:adm", "root:wheel", "root:root"],
|
||||
+ "mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
|
||||
+ "ssh_deletekeys": False,
|
||||
+ "ssh_genkeytypes": [],
|
||||
+ "syslog_fix_perms": [],
|
||||
"system_info": {
|
||||
"paths": {
|
||||
"cloud_dir": "/var/lib/cloud",
|
||||
"templates_dir": "/etc/cloud/templates/",
|
||||
},
|
||||
- 'distro': 'ubuntu',
|
||||
+ 'distro': 'rhel',
|
||||
'network': {'renderers': None},
|
||||
- "distro": "ubuntu",
|
||||
+ "distro": "rhel",
|
||||
"network": {"renderers": None},
|
||||
},
|
||||
'vendor_data': {'enabled': True, 'prefix': []},
|
||||
"vendor_data": {"enabled": True, "prefix": []},
|
||||
diff --git a/rhel/README.rhel b/rhel/README.rhel
|
||||
new file mode 100644
|
||||
index 0000000..aa29630
|
||||
index 00000000..aa29630d
|
||||
--- /dev/null
|
||||
+++ b/rhel/README.rhel
|
||||
@@ -0,0 +1,5 @@
|
||||
|
@ -210,14 +237,14 @@ index 0000000..aa29630
|
|||
+ - grub_dpkg
|
||||
diff --git a/rhel/cloud-init-tmpfiles.conf b/rhel/cloud-init-tmpfiles.conf
|
||||
new file mode 100644
|
||||
index 0000000..0c6d2a3
|
||||
index 00000000..0c6d2a3b
|
||||
--- /dev/null
|
||||
+++ b/rhel/cloud-init-tmpfiles.conf
|
||||
@@ -0,0 +1 @@
|
||||
+d /run/cloud-init 0700 root root - -
|
||||
diff --git a/rhel/cloud.cfg b/rhel/cloud.cfg
|
||||
new file mode 100644
|
||||
index 0000000..82e8bf6
|
||||
index 00000000..82e8bf62
|
||||
--- /dev/null
|
||||
+++ b/rhel/cloud.cfg
|
||||
@@ -0,0 +1,69 @@
|
||||
|
@ -292,7 +319,7 @@ index 0000000..82e8bf6
|
|||
+# vim:syntax=yaml
|
||||
diff --git a/rhel/systemd/cloud-config.service b/rhel/systemd/cloud-config.service
|
||||
new file mode 100644
|
||||
index 0000000..f3dcd4b
|
||||
index 00000000..f3dcd4be
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-config.service
|
||||
@@ -0,0 +1,18 @@
|
||||
|
@ -316,7 +343,7 @@ index 0000000..f3dcd4b
|
|||
+WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-config.target b/rhel/systemd/cloud-config.target
|
||||
new file mode 100644
|
||||
index 0000000..ae9b7d0
|
||||
index 00000000..ae9b7d02
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-config.target
|
||||
@@ -0,0 +1,11 @@
|
||||
|
@ -333,10 +360,10 @@ index 0000000..ae9b7d0
|
|||
+After=cloud-init-local.service cloud-init.service
|
||||
diff --git a/rhel/systemd/cloud-final.service b/rhel/systemd/cloud-final.service
|
||||
new file mode 100644
|
||||
index 0000000..739b7e3
|
||||
index 00000000..e281c0cf
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-final.service
|
||||
@@ -0,0 +1,19 @@
|
||||
@@ -0,0 +1,24 @@
|
||||
+[Unit]
|
||||
+Description=Execute cloud user/final scripts
|
||||
+After=network-online.target cloud-config.service rc-local.service
|
||||
|
@ -350,6 +377,11 @@ index 0000000..739b7e3
|
|||
+RemainAfterExit=yes
|
||||
+TimeoutSec=0
|
||||
+KillMode=process
|
||||
+# Restart NetworkManager if it is present and running.
|
||||
+ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
|
||||
+ out=$(systemctl show --property=SubState $u) || exit; \
|
||||
+ [ "$out" = "SubState=running" ] || exit 0; \
|
||||
+ systemctl reload-or-try-restart $u'
|
||||
+
|
||||
+# Output needs to appear in instance console output
|
||||
+StandardOutput=journal+console
|
||||
|
@ -358,7 +390,7 @@ index 0000000..739b7e3
|
|||
+WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-init-local.service b/rhel/systemd/cloud-init-local.service
|
||||
new file mode 100644
|
||||
index 0000000..8f9f6c9
|
||||
index 00000000..8f9f6c9f
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-init-local.service
|
||||
@@ -0,0 +1,31 @@
|
||||
|
@ -395,7 +427,7 @@ index 0000000..8f9f6c9
|
|||
+WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-init.service b/rhel/systemd/cloud-init.service
|
||||
new file mode 100644
|
||||
index 0000000..d0023a0
|
||||
index 00000000..d0023a05
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-init.service
|
||||
@@ -0,0 +1,25 @@
|
||||
|
@ -426,7 +458,7 @@ index 0000000..d0023a0
|
|||
+WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-init.target b/rhel/systemd/cloud-init.target
|
||||
new file mode 100644
|
||||
index 0000000..083c3b6
|
||||
index 00000000..083c3b6f
|
||||
--- /dev/null
|
||||
+++ b/rhel/systemd/cloud-init.target
|
||||
@@ -0,0 +1,7 @@
|
||||
|
@ -438,72 +470,80 @@ index 0000000..083c3b6
|
|||
+Description=Cloud-init target
|
||||
+After=multi-user.target
|
||||
diff --git a/setup.py b/setup.py
|
||||
index cbacf48..d5cd01a 100755
|
||||
index a9132d2c..3c377eaa 100755
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -125,14 +125,6 @@ INITSYS_FILES = {
|
||||
'sysvinit_deb': [f for f in glob('sysvinit/debian/*') if is_f(f)],
|
||||
'sysvinit_openrc': [f for f in glob('sysvinit/gentoo/*') if is_f(f)],
|
||||
'sysvinit_suse': [f for f in glob('sysvinit/suse/*') if is_f(f)],
|
||||
- 'systemd': [render_tmpl(f)
|
||||
- for f in (glob('systemd/*.tmpl') +
|
||||
- glob('systemd/*.service') +
|
||||
- glob('systemd/*.target'))
|
||||
- if (is_f(f) and not is_generator(f))],
|
||||
- 'systemd.generators': [
|
||||
@@ -139,21 +139,6 @@ INITSYS_FILES = {
|
||||
"sysvinit_deb": [f for f in glob("sysvinit/debian/*") if is_f(f)],
|
||||
"sysvinit_openrc": [f for f in glob("sysvinit/gentoo/*") if is_f(f)],
|
||||
"sysvinit_suse": [f for f in glob("sysvinit/suse/*") if is_f(f)],
|
||||
- "systemd": [
|
||||
- render_tmpl(f)
|
||||
- for f in (
|
||||
- glob("systemd/*.tmpl")
|
||||
- + glob("systemd/*.service")
|
||||
- + glob("systemd/*.socket")
|
||||
- + glob("systemd/*.target")
|
||||
- )
|
||||
- if (is_f(f) and not is_generator(f))
|
||||
- ],
|
||||
- "systemd.generators": [
|
||||
- render_tmpl(f, mode=0o755)
|
||||
- for f in glob('systemd/*') if is_f(f) and is_generator(f)],
|
||||
'upstart': [f for f in glob('upstart/*') if is_f(f)],
|
||||
- for f in glob("systemd/*")
|
||||
- if is_f(f) and is_generator(f)
|
||||
- ],
|
||||
"upstart": [f for f in glob("upstart/*") if is_f(f)],
|
||||
}
|
||||
INITSYS_ROOTS = {
|
||||
@@ -142,9 +134,6 @@ INITSYS_ROOTS = {
|
||||
'sysvinit_deb': 'etc/init.d',
|
||||
'sysvinit_openrc': 'etc/init.d',
|
||||
'sysvinit_suse': 'etc/init.d',
|
||||
- 'systemd': pkg_config_read('systemd', 'systemdsystemunitdir'),
|
||||
- 'systemd.generators': pkg_config_read('systemd',
|
||||
- 'systemdsystemgeneratordir'),
|
||||
'upstart': 'etc/init/',
|
||||
@@ -163,10 +148,6 @@ INITSYS_ROOTS = {
|
||||
"sysvinit_deb": "etc/init.d",
|
||||
"sysvinit_openrc": "etc/init.d",
|
||||
"sysvinit_suse": "etc/init.d",
|
||||
- "systemd": pkg_config_read("systemd", "systemdsystemunitdir"),
|
||||
- "systemd.generators": pkg_config_read(
|
||||
- "systemd", "systemdsystemgeneratordir"
|
||||
- ),
|
||||
"upstart": "etc/init/",
|
||||
}
|
||||
INITSYS_TYPES = sorted([f.partition(".")[0] for f in INITSYS_ROOTS.keys()])
|
||||
@@ -245,14 +234,11 @@ if not in_virtualenv():
|
||||
INITSYS_ROOTS[k] = "/" + INITSYS_ROOTS[k]
|
||||
|
||||
data_files = [
|
||||
- (ETC + '/cloud', [render_tmpl("config/cloud.cfg.tmpl")]),
|
||||
+ (ETC + '/bash_completion.d', ['bash_completion/cloud-init']),
|
||||
(ETC + '/cloud/cloud.cfg.d', glob('config/cloud.cfg.d/*')),
|
||||
(ETC + '/cloud/templates', glob('templates/*')),
|
||||
- (USR_LIB_EXEC + '/cloud-init', ['tools/ds-identify',
|
||||
- 'tools/uncloud-init',
|
||||
+ (USR_LIB_EXEC + '/cloud-init', ['tools/uncloud-init',
|
||||
'tools/write-ssh-key-fingerprints']),
|
||||
- (USR + '/share/bash-completion/completions',
|
||||
- ['bash_completion/cloud-init']),
|
||||
(USR + '/share/doc/cloud-init', [f for f in glob('doc/*') if is_f(f)]),
|
||||
(USR + '/share/doc/cloud-init/examples',
|
||||
[f for f in glob('doc/examples/*') if is_f(f)]),
|
||||
@@ -263,8 +249,7 @@ if not platform.system().endswith('BSD'):
|
||||
data_files.extend([
|
||||
(ETC + '/NetworkManager/dispatcher.d/',
|
||||
['tools/hook-network-manager']),
|
||||
- (ETC + '/dhcp/dhclient-exit-hooks.d/', ['tools/hook-dhclient']),
|
||||
- (LIB + '/udev/rules.d', [f for f in glob('udev/*.rules')])
|
||||
+ ('/usr/lib/udev/rules.d', [f for f in glob('udev/*.rules')])
|
||||
])
|
||||
# Use a subclass for install that handles
|
||||
# adding on the right init system configuration files
|
||||
@@ -286,8 +271,6 @@ setuptools.setup(
|
||||
scripts=['tools/cloud-init-per'],
|
||||
license='Dual-licensed under GPLv3 or Apache 2.0',
|
||||
@@ -281,15 +262,13 @@ data_files = [
|
||||
(
|
||||
USR_LIB_EXEC + "/cloud-init",
|
||||
[
|
||||
- "tools/ds-identify",
|
||||
"tools/hook-hotplug",
|
||||
"tools/uncloud-init",
|
||||
"tools/write-ssh-key-fingerprints",
|
||||
],
|
||||
),
|
||||
(
|
||||
- USR + "/share/bash-completion/completions",
|
||||
- ["bash_completion/cloud-init"],
|
||||
+ ETC + "/bash_completion.d", ["bash_completion/cloud-init"],
|
||||
),
|
||||
(USR + "/share/doc/cloud-init", [f for f in glob("doc/*") if is_f(f)]),
|
||||
(
|
||||
@@ -308,8 +287,7 @@ if not platform.system().endswith("BSD"):
|
||||
ETC + "/NetworkManager/dispatcher.d/",
|
||||
["tools/hook-network-manager"],
|
||||
),
|
||||
- (ETC + "/dhcp/dhclient-exit-hooks.d/", ["tools/hook-dhclient"]),
|
||||
- (LIB + "/udev/rules.d", [f for f in glob("udev/*.rules")]),
|
||||
+ ("/usr/lib/udev/rules.d", [f for f in glob("udev/*.rules")]),
|
||||
(
|
||||
ETC + "/systemd/system/sshd-keygen@.service.d/",
|
||||
["systemd/disable-sshd-keygen-if-cloud-init-active.conf"],
|
||||
@@ -339,8 +317,6 @@ setuptools.setup(
|
||||
scripts=["tools/cloud-init-per"],
|
||||
license="Dual-licensed under GPLv3 or Apache 2.0",
|
||||
data_files=data_files,
|
||||
- install_requires=requirements,
|
||||
- cmdclass=cmdclass,
|
||||
entry_points={
|
||||
'console_scripts': [
|
||||
'cloud-init = cloudinit.cmd.main:main',
|
||||
"console_scripts": [
|
||||
"cloud-init = cloudinit.cmd.main:main",
|
||||
diff --git a/tools/read-version b/tools/read-version
|
||||
index 02c9064..79755f7 100755
|
||||
index 02c90643..79755f78 100755
|
||||
--- a/tools/read-version
|
||||
+++ b/tools/read-version
|
||||
@@ -71,32 +71,8 @@ version_long = None
|
||||
|
@ -542,5 +582,5 @@ index 02c9064..79755f7 100755
|
|||
# version is X.Y.Z[+xxx.gHASH]
|
||||
# version_long is None or X.Y.Z-xxx-gHASH
|
||||
--
|
||||
1.8.3.1
|
||||
2.31.1
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
From d9024cd3bd3bf09b05eb75ba3d81bd15f519c9f8 Mon Sep 17 00:00:00 2001
|
||||
From e0dc628ac553072891fa6607dc91b652efd99be2 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Mon, 5 Oct 2020 13:49:46 +0200
|
||||
Date: Fri, 7 May 2021 13:36:06 +0200
|
||||
Subject: Do not write NM_CONTROLLED=no in generated interface config files
|
||||
|
||||
Conflicts 20.3:
|
||||
|
@ -12,28 +12,27 @@ X-downstream-only: true
|
|||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
|
||||
---
|
||||
cloudinit/net/sysconfig.py | 2 +-
|
||||
tests/unittests/test_net.py | 30 ------------------------------
|
||||
2 files changed, 1 insertion(+), 31 deletions(-)
|
||||
cloudinit/net/sysconfig.py | 1 -
|
||||
tests/unittests/test_net.py | 28 ----------------------------
|
||||
2 files changed, 29 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||
index 0a5d481..23e467d 100644
|
||||
index ba85c4f6..e06ddee7 100644
|
||||
--- a/cloudinit/net/sysconfig.py
|
||||
+++ b/cloudinit/net/sysconfig.py
|
||||
@@ -277,7 +277,7 @@ class Renderer(renderer.Renderer):
|
||||
# details about this)
|
||||
|
||||
iface_defaults = {
|
||||
- 'rhel': {'ONBOOT': True, 'USERCTL': False, 'NM_CONTROLLED': False,
|
||||
+ 'rhel': {'ONBOOT': True, 'USERCTL': False,
|
||||
'BOOTPROTO': 'none'},
|
||||
'suse': {'BOOTPROTO': 'static', 'STARTMODE': 'auto'},
|
||||
}
|
||||
@@ -336,7 +336,6 @@ class Renderer(renderer.Renderer):
|
||||
"rhel": {
|
||||
"ONBOOT": True,
|
||||
"USERCTL": False,
|
||||
- "NM_CONTROLLED": False,
|
||||
"BOOTPROTO": "none",
|
||||
},
|
||||
"suse": {"BOOTPROTO": "static", "STARTMODE": "auto"},
|
||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||
index 54cc846..9985a97 100644
|
||||
index 47e4ba00..591241b3 100644
|
||||
--- a/tests/unittests/test_net.py
|
||||
+++ b/tests/unittests/test_net.py
|
||||
@@ -535,7 +535,6 @@ GATEWAY=172.19.3.254
|
||||
@@ -579,7 +579,6 @@ GATEWAY=172.19.3.254
|
||||
HWADDR=fa:16:3e:ed:9a:59
|
||||
IPADDR=172.19.1.34
|
||||
NETMASK=255.255.252.0
|
||||
|
@ -41,7 +40,7 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -633,7 +632,6 @@ IPADDR=172.19.1.34
|
||||
@@ -712,7 +711,6 @@ IPADDR=172.19.1.34
|
||||
IPADDR1=10.0.0.10
|
||||
NETMASK=255.255.252.0
|
||||
NETMASK1=255.255.255.0
|
||||
|
@ -49,55 +48,55 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -754,7 +752,6 @@ IPV6ADDR_SECONDARIES="2001:DB9::10/64 2001:DB10::10/64"
|
||||
IPV6INIT=yes
|
||||
@@ -874,7 +872,6 @@ IPV6_AUTOCONF=no
|
||||
IPV6_DEFAULTGW=2001:DB8::1
|
||||
IPV6_FORCE_ACCEPT_RA=no
|
||||
NETMASK=255.255.252.0
|
||||
-NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -882,7 +879,6 @@ NETWORK_CONFIGS = {
|
||||
@@ -1053,7 +1050,6 @@ NETWORK_CONFIGS = {
|
||||
BOOTPROTO=none
|
||||
DEVICE=eth1
|
||||
HWADDR=cf:d6:af:48:e8:80
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""),
|
||||
@@ -899,7 +895,6 @@ NETWORK_CONFIGS = {
|
||||
USERCTL=no"""
|
||||
@@ -1072,7 +1068,6 @@ NETWORK_CONFIGS = {
|
||||
IPADDR=192.168.21.3
|
||||
NETMASK=255.255.255.0
|
||||
METRIC=10000
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""),
|
||||
@@ -1028,7 +1023,6 @@ NETWORK_CONFIGS = {
|
||||
IPV6ADDR=2001:1::1/64
|
||||
IPV6INIT=yes
|
||||
USERCTL=no"""
|
||||
@@ -1244,7 +1239,6 @@ NETWORK_CONFIGS = {
|
||||
IPV6_AUTOCONF=no
|
||||
IPV6_FORCE_ACCEPT_RA=no
|
||||
NETMASK=255.255.255.0
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -1622,7 +1616,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2093,7 +2087,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
DHCPV6C=yes
|
||||
IPV6INIT=yes
|
||||
MACADDR=aa:bb:cc:dd:ee:ff
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Bond
|
||||
USERCTL=no"""),
|
||||
@@ -1630,7 +1623,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
USERCTL=no"""
|
||||
@@ -2103,7 +2096,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
BOOTPROTO=dhcp
|
||||
DEVICE=bond0.200
|
||||
DHCLIENT_SET_DEFAULT_ROUTE=no
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
PHYSDEV=bond0
|
||||
TYPE=Ethernet
|
||||
@@ -1647,7 +1639,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
USERCTL=no
|
||||
@@ -2123,7 +2115,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
IPV6_DEFAULTGW=2001:4800:78ff:1b::1
|
||||
MACADDR=bb:bb:bb:bb:bb:aa
|
||||
NETMASK=255.255.255.0
|
||||
|
@ -105,23 +104,23 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
PRIO=22
|
||||
STP=no
|
||||
@@ -1657,7 +1648,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2135,7 +2126,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
BOOTPROTO=none
|
||||
DEVICE=eth0
|
||||
HWADDR=c0:d6:9f:2c:e8:80
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""),
|
||||
@@ -1674,7 +1664,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
USERCTL=no"""
|
||||
@@ -2154,7 +2144,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
MTU=1500
|
||||
NETMASK=255.255.255.0
|
||||
NETMASK1=255.255.255.0
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
PHYSDEV=eth0
|
||||
TYPE=Ethernet
|
||||
@@ -1685,7 +1674,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
USERCTL=no
|
||||
@@ -2166,7 +2155,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
DEVICE=eth1
|
||||
HWADDR=aa:d6:9f:2c:e8:80
|
||||
MASTER=bond0
|
||||
|
@ -129,7 +128,7 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
SLAVE=yes
|
||||
TYPE=Ethernet
|
||||
@@ -1695,7 +1683,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2178,7 +2166,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
DEVICE=eth2
|
||||
HWADDR=c0:bb:9f:2c:e8:80
|
||||
MASTER=bond0
|
||||
|
@ -137,31 +136,31 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
SLAVE=yes
|
||||
TYPE=Ethernet
|
||||
@@ -1705,7 +1692,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
@@ -2190,7 +2177,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
BRIDGE=br0
|
||||
DEVICE=eth3
|
||||
HWADDR=66:bb:9f:2c:e8:80
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""),
|
||||
@@ -1714,7 +1700,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
USERCTL=no"""
|
||||
@@ -2201,7 +2187,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
BRIDGE=br0
|
||||
DEVICE=eth4
|
||||
HWADDR=98:bb:9f:2c:e8:80
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""),
|
||||
@@ -1723,7 +1708,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
USERCTL=no"""
|
||||
@@ -2212,7 +2197,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
DEVICE=eth5
|
||||
DHCLIENT_SET_DEFAULT_ROUTE=no
|
||||
HWADDR=98:bb:9f:2c:e8:8a
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=no
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""),
|
||||
@@ -2177,7 +2161,6 @@ iface bond0 inet6 static
|
||||
USERCTL=no"""
|
||||
@@ -2689,7 +2673,6 @@ iface bond0 inet6 static
|
||||
MTU=9000
|
||||
NETMASK=255.255.255.0
|
||||
NETMASK1=255.255.255.0
|
||||
|
@ -169,7 +168,7 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
TYPE=Bond
|
||||
USERCTL=no
|
||||
@@ -2187,7 +2170,6 @@ iface bond0 inet6 static
|
||||
@@ -2701,7 +2684,6 @@ iface bond0 inet6 static
|
||||
DEVICE=bond0s0
|
||||
HWADDR=aa:bb:cc:dd:e8:00
|
||||
MASTER=bond0
|
||||
|
@ -177,7 +176,7 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
SLAVE=yes
|
||||
TYPE=Ethernet
|
||||
@@ -2209,7 +2191,6 @@ iface bond0 inet6 static
|
||||
@@ -2729,7 +2711,6 @@ iface bond0 inet6 static
|
||||
DEVICE=bond0s1
|
||||
HWADDR=aa:bb:cc:dd:e8:01
|
||||
MASTER=bond0
|
||||
|
@ -185,23 +184,23 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
SLAVE=yes
|
||||
TYPE=Ethernet
|
||||
@@ -2266,7 +2247,6 @@ iface bond0 inet6 static
|
||||
@@ -2794,7 +2775,6 @@ iface bond0 inet6 static
|
||||
BOOTPROTO=none
|
||||
DEVICE=en0
|
||||
HWADDR=aa:bb:cc:dd:e8:00
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no"""),
|
||||
@@ -2283,7 +2263,6 @@ iface bond0 inet6 static
|
||||
USERCTL=no"""
|
||||
@@ -2815,7 +2795,6 @@ iface bond0 inet6 static
|
||||
MTU=2222
|
||||
NETMASK=255.255.255.0
|
||||
NETMASK1=255.255.255.0
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
PHYSDEV=en0
|
||||
TYPE=Ethernet
|
||||
@@ -2349,7 +2328,6 @@ iface bond0 inet6 static
|
||||
USERCTL=no
|
||||
@@ -2890,7 +2869,6 @@ iface bond0 inet6 static
|
||||
DEVICE=br0
|
||||
IPADDR=192.168.2.2
|
||||
NETMASK=255.255.255.0
|
||||
|
@ -209,23 +208,7 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
PRIO=22
|
||||
STP=no
|
||||
@@ -2363,7 +2341,6 @@ iface bond0 inet6 static
|
||||
HWADDR=52:54:00:12:34:00
|
||||
IPV6ADDR=2001:1::100/96
|
||||
IPV6INIT=yes
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -2375,7 +2352,6 @@ iface bond0 inet6 static
|
||||
HWADDR=52:54:00:12:34:01
|
||||
IPV6ADDR=2001:1::101/96
|
||||
IPV6INIT=yes
|
||||
- NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -2469,7 +2445,6 @@ iface bond0 inet6 static
|
||||
@@ -3032,7 +3010,6 @@ iface bond0 inet6 static
|
||||
HWADDR=52:54:00:12:34:00
|
||||
IPADDR=192.168.1.2
|
||||
NETMASK=255.255.255.0
|
||||
|
@ -233,7 +216,7 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=no
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -2479,7 +2454,6 @@ iface bond0 inet6 static
|
||||
@@ -3044,7 +3021,6 @@ iface bond0 inet6 static
|
||||
DEVICE=eth1
|
||||
HWADDR=52:54:00:12:34:aa
|
||||
MTU=1480
|
||||
|
@ -241,7 +224,7 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -2488,7 +2462,6 @@ iface bond0 inet6 static
|
||||
@@ -3055,7 +3031,6 @@ iface bond0 inet6 static
|
||||
BOOTPROTO=none
|
||||
DEVICE=eth2
|
||||
HWADDR=52:54:00:12:34:ff
|
||||
|
@ -249,7 +232,7 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=no
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -2905,7 +2878,6 @@ class TestRhelSysConfigRendering(CiTestCase):
|
||||
@@ -3628,7 +3603,6 @@ class TestRhelSysConfigRendering(CiTestCase):
|
||||
BOOTPROTO=dhcp
|
||||
DEVICE=eth1000
|
||||
HWADDR=07-1c-c6-75-a4-be
|
||||
|
@ -257,7 +240,7 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -3026,7 +2998,6 @@ GATEWAY=10.0.2.2
|
||||
@@ -3840,7 +3814,6 @@ GATEWAY=10.0.2.2
|
||||
HWADDR=52:54:00:12:34:00
|
||||
IPADDR=10.0.2.15
|
||||
NETMASK=255.255.255.0
|
||||
|
@ -265,7 +248,7 @@ index 54cc846..9985a97 100644
|
|||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -3096,7 +3067,6 @@ USERCTL=no
|
||||
@@ -3910,7 +3883,6 @@ USERCTL=no
|
||||
#
|
||||
BOOTPROTO=dhcp
|
||||
DEVICE=eth0
|
||||
|
@ -274,5 +257,5 @@ index 54cc846..9985a97 100644
|
|||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
--
|
||||
1.8.3.1
|
||||
2.31.1
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
From de22eafc9046b8ea6fddda7440df5a05f5a40607 Mon Sep 17 00:00:00 2001
|
||||
From cb7b35ca10c82c9725c3527e3ec5fb8cb7c61bc0 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Mon, 5 Oct 2020 13:49:53 +0200
|
||||
Date: Fri, 7 May 2021 13:36:08 +0200
|
||||
Subject: limit permissions on def_log_file
|
||||
|
||||
This sets a default mode of 0600 on def_log_file, and makes this
|
||||
|
@ -10,42 +10,43 @@ LP: #1541196
|
|||
Resolves: rhbz#1424612
|
||||
X-approved-upstream: true
|
||||
|
||||
Conflicts 21.1:
|
||||
cloudinit/stages.py: adjusting call of ensure_file() to use more
|
||||
recent version
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/settings.py | 1 +
|
||||
cloudinit/stages.py | 3 ++-
|
||||
cloudinit/stages.py | 1 +
|
||||
doc/examples/cloud-config.txt | 4 ++++
|
||||
3 files changed, 7 insertions(+), 1 deletion(-)
|
||||
3 files changed, 6 insertions(+)
|
||||
|
||||
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
|
||||
index 3a04a58..439eee0 100644
|
||||
index 39650a5b..3c2145e9 100644
|
||||
--- a/cloudinit/settings.py
|
||||
+++ b/cloudinit/settings.py
|
||||
@@ -45,6 +45,7 @@ CFG_BUILTIN = {
|
||||
'None',
|
||||
@@ -49,6 +49,7 @@ CFG_BUILTIN = {
|
||||
"None",
|
||||
],
|
||||
'def_log_file': '/var/log/cloud-init.log',
|
||||
+ 'def_log_file_mode': 0o600,
|
||||
'log_cfgs': [],
|
||||
'mount_default_fields': [None, None, 'auto', 'defaults,nofail', '0', '2'],
|
||||
'ssh_deletekeys': False,
|
||||
"def_log_file": "/var/log/cloud-init.log",
|
||||
+ "def_log_file_mode": 0o600,
|
||||
"log_cfgs": [],
|
||||
"mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
|
||||
"ssh_deletekeys": False,
|
||||
diff --git a/cloudinit/stages.py b/cloudinit/stages.py
|
||||
index 765f4aa..d769375 100644
|
||||
index 3f17294b..61db1dbd 100644
|
||||
--- a/cloudinit/stages.py
|
||||
+++ b/cloudinit/stages.py
|
||||
@@ -147,8 +147,9 @@ class Init(object):
|
||||
@@ -205,6 +205,7 @@ class Init(object):
|
||||
def _initialize_filesystem(self):
|
||||
util.ensure_dirs(self._initial_subdirs())
|
||||
log_file = util.get_cfg_option_str(self.cfg, 'def_log_file')
|
||||
+ log_file_mode = util.get_cfg_option_int(self.cfg, 'def_log_file_mode')
|
||||
log_file = util.get_cfg_option_str(self.cfg, "def_log_file")
|
||||
+ log_file_mode = util.get_cfg_option_int(self.cfg, "def_log_file_mode")
|
||||
if log_file:
|
||||
- util.ensure_file(log_file)
|
||||
+ util.ensure_file(log_file, mode=log_file_mode)
|
||||
perms = self.cfg.get('syslog_fix_perms')
|
||||
if not perms:
|
||||
perms = {}
|
||||
util.ensure_file(log_file, mode=0o640, preserve_mode=True)
|
||||
perms = self.cfg.get("syslog_fix_perms")
|
||||
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
|
||||
index f3ae5e6..b5b1fdd 100644
|
||||
index a2b4a3fa..0ccf3147 100644
|
||||
--- a/doc/examples/cloud-config.txt
|
||||
+++ b/doc/examples/cloud-config.txt
|
||||
@@ -414,10 +414,14 @@ timezone: US/Eastern
|
||||
|
@ -64,5 +65,5 @@ index f3ae5e6..b5b1fdd 100644
|
|||
|
||||
# you can set passwords for a user or multiple users
|
||||
--
|
||||
1.8.3.1
|
||||
2.31.1
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
From bdcad981ac530277529d1c77fb5e9e6f89409bd8 Mon Sep 17 00:00:00 2001
|
||||
From ffa647e83efd4293bd027e9e390274aad8a12d94 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Mon, 5 Oct 2020 13:51:44 +0200
|
||||
Date: Fri, 7 May 2021 13:36:13 +0200
|
||||
Subject: include 'NOZEROCONF=yes' in /etc/sysconfig/network
|
||||
|
||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
||||
|
@ -22,44 +22,31 @@ Resolves: rhbz#1653131
|
|||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
---
|
||||
cloudinit/net/sysconfig.py | 11 ++++++++++-
|
||||
tests/unittests/test_net.py | 1 -
|
||||
2 files changed, 10 insertions(+), 2 deletions(-)
|
||||
cloudinit/net/sysconfig.py | 11 ++++++++++-
|
||||
1 file changed, 10 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||
index 23e467d..af093dd 100644
|
||||
index e06ddee7..362e8d19 100644
|
||||
--- a/cloudinit/net/sysconfig.py
|
||||
+++ b/cloudinit/net/sysconfig.py
|
||||
@@ -888,7 +888,16 @@ class Renderer(renderer.Renderer):
|
||||
@@ -1038,7 +1038,16 @@ class Renderer(renderer.Renderer):
|
||||
# Distros configuring /etc/sysconfig/network as a file e.g. Centos
|
||||
if sysconfig_path.endswith('network'):
|
||||
if sysconfig_path.endswith("network"):
|
||||
util.ensure_dir(os.path.dirname(sysconfig_path))
|
||||
- netcfg = [_make_header(), 'NETWORKING=yes']
|
||||
- netcfg = [_make_header(), "NETWORKING=yes"]
|
||||
+ netcfg = []
|
||||
+ for line in util.load_file(sysconfig_path, quiet=True).split('\n'):
|
||||
+ if 'cloud-init' in line:
|
||||
+ for line in util.load_file(sysconfig_path, quiet=True).split("\n"):
|
||||
+ if "cloud-init" in line:
|
||||
+ break
|
||||
+ if not line.startswith(('NETWORKING=',
|
||||
+ 'IPV6_AUTOCONF=',
|
||||
+ 'NETWORKING_IPV6=')):
|
||||
+ if not line.startswith(("NETWORKING=",
|
||||
+ "IPV6_AUTOCONF=",
|
||||
+ "NETWORKING_IPV6=")):
|
||||
+ netcfg.append(line)
|
||||
+ # Now generate the cloud-init portion of sysconfig/network
|
||||
+ netcfg.extend([_make_header(), 'NETWORKING=yes'])
|
||||
+ netcfg.extend([_make_header(), "NETWORKING=yes"])
|
||||
if network_state.use_ipv6:
|
||||
netcfg.append('NETWORKING_IPV6=yes')
|
||||
netcfg.append('IPV6_AUTOCONF=no')
|
||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||
index 2cc57fe..9985a97 100644
|
||||
--- a/tests/unittests/test_net.py
|
||||
+++ b/tests/unittests/test_net.py
|
||||
@@ -1614,7 +1614,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
BOOTPROTO=none
|
||||
DEVICE=bond0
|
||||
DHCPV6C=yes
|
||||
- IPV6_AUTOCONF=no
|
||||
IPV6INIT=yes
|
||||
MACADDR=aa:bb:cc:dd:ee:ff
|
||||
ONBOOT=yes
|
||||
netcfg.append("NETWORKING_IPV6=yes")
|
||||
netcfg.append("IPV6_AUTOCONF=no")
|
||||
--
|
||||
1.8.3.1
|
||||
2.31.1
|
||||
|
|
@ -1,36 +0,0 @@
|
|||
From bb87d9a83ddbc5bf84fbdab9c58dedc0c9629eea Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Mon, 5 Oct 2020 13:51:34 +0200
|
||||
Subject: sysconfig: Don't write BOOTPROTO=dhcp for ipv6 dhcp
|
||||
|
||||
Don't write BOOTPROTO=dhcp for ipv6 dhcp, as BOOTPROTO applies
|
||||
only to ipv4. Explicitly write IPV6_AUTOCONF=no for dhcp on ipv6.
|
||||
|
||||
X-downstream-only: yes
|
||||
|
||||
Resolves: rhbz#1519271
|
||||
Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
|
||||
|
||||
Merged patches (19.4):
|
||||
- 6444df4 sysconfig: Don't disable IPV6_AUTOCONF
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
tests/unittests/test_net.py | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||
index 9985a97..2cc57fe 100644
|
||||
--- a/tests/unittests/test_net.py
|
||||
+++ b/tests/unittests/test_net.py
|
||||
@@ -1614,6 +1614,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
BOOTPROTO=none
|
||||
DEVICE=bond0
|
||||
DHCPV6C=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
IPV6INIT=yes
|
||||
MACADDR=aa:bb:cc:dd:ee:ff
|
||||
ONBOOT=yes
|
||||
--
|
||||
1.8.3.1
|
||||
|
|
@ -1,57 +0,0 @@
|
|||
From 9c6562c6d3516df8d11aa7cf7cd9cc62e5c91a70 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Mon, 5 Oct 2020 13:51:37 +0200
|
||||
Subject: DataSourceAzure.py: use hostnamectl to set hostname
|
||||
|
||||
RH-Author: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
Message-id: <20180417130754.12918-3-vkuznets@redhat.com>
|
||||
Patchwork-id: 79659
|
||||
O-Subject: [RHEL7.6/7.5.z cloud-init PATCH 2/2] DataSourceAzure.py: use hostnamectl to set hostname
|
||||
Bugzilla: 1568717
|
||||
RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
|
||||
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
||||
RH-Acked-by: Cathy Avery <cavery@redhat.com>
|
||||
|
||||
The right way to set hostname in RHEL7 is:
|
||||
|
||||
$ hostnamectl set-hostname HOSTNAME
|
||||
|
||||
DataSourceAzure, however, uses:
|
||||
$ hostname HOSTSNAME
|
||||
|
||||
instead and this causes problems. We can't simply change
|
||||
'BUILTIN_DS_CONFIG' in DataSourceAzure.py as 'hostname' is being used
|
||||
for both getting and setting the hostname.
|
||||
|
||||
Long term, this should be fixed in a different way. Cloud-init
|
||||
has distro-specific hostname setting/getting (see
|
||||
cloudinit/distros/rhel.py) and DataSourceAzure.py needs to be switched
|
||||
to use these.
|
||||
|
||||
Resolves: rhbz#1434109
|
||||
|
||||
X-downstream-only: yes
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
---
|
||||
cloudinit/sources/DataSourceAzure.py | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py
|
||||
index f3c6452..1c214db 100755
|
||||
--- a/cloudinit/sources/DataSourceAzure.py
|
||||
+++ b/cloudinit/sources/DataSourceAzure.py
|
||||
@@ -258,7 +258,7 @@ def get_hostname(hostname_command='hostname'):
|
||||
|
||||
|
||||
def set_hostname(hostname, hostname_command='hostname'):
|
||||
- subp.subp([hostname_command, hostname])
|
||||
+ util.subp(['hostnamectl', 'set-hostname', str(hostname)])
|
||||
|
||||
|
||||
@azure_ds_telemetry_reporter
|
||||
--
|
||||
1.8.3.1
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
From a52c7b659c6569c78aad4b92303f289009da476c Mon Sep 17 00:00:00 2001
|
||||
From 386f0a82bfdfd62e506bf4251c17263260d3250a Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Mon, 5 Oct 2020 13:51:50 +0200
|
||||
Date: Fri, 7 May 2021 13:36:14 +0200
|
||||
Subject: Remove race condition between cloud-init and NetworkManager
|
||||
|
||||
Message-id: <20200302104635.11648-1-otubo@redhat.com>
|
||||
|
@ -114,13 +114,12 @@ Date: Thu May 28 08:44:06 2020 +0200
|
|||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
---
|
||||
rhel/cloud.cfg | 2 +-
|
||||
rhel/systemd/cloud-final.service | 2 ++
|
||||
rhel/systemd/cloud-init.service | 1 +
|
||||
3 files changed, 4 insertions(+), 1 deletion(-)
|
||||
rhel/cloud.cfg | 2 +-
|
||||
rhel/systemd/cloud-init.service | 1 +
|
||||
2 files changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/rhel/cloud.cfg b/rhel/cloud.cfg
|
||||
index 82e8bf6..9ecba21 100644
|
||||
index 82e8bf62..9ecba215 100644
|
||||
--- a/rhel/cloud.cfg
|
||||
+++ b/rhel/cloud.cfg
|
||||
@@ -6,7 +6,7 @@ ssh_pwauth: 0
|
||||
|
@ -132,21 +131,8 @@ index 82e8bf6..9ecba21 100644
|
|||
ssh_genkeytypes: ~
|
||||
syslog_fix_perms: ~
|
||||
disable_vmware_customization: false
|
||||
diff --git a/rhel/systemd/cloud-final.service b/rhel/systemd/cloud-final.service
|
||||
index 739b7e3..05add07 100644
|
||||
--- a/rhel/systemd/cloud-final.service
|
||||
+++ b/rhel/systemd/cloud-final.service
|
||||
@@ -11,6 +11,8 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
|
||||
RemainAfterExit=yes
|
||||
TimeoutSec=0
|
||||
KillMode=process
|
||||
+ExecStartPost=/bin/echo "trying to reload or restart NetworkManager.service"
|
||||
+ExecStartPost=/usr/bin/systemctl try-reload-or-restart NetworkManager.service
|
||||
|
||||
# Output needs to appear in instance console output
|
||||
StandardOutput=journal+console
|
||||
diff --git a/rhel/systemd/cloud-init.service b/rhel/systemd/cloud-init.service
|
||||
index d0023a0..0b3d796 100644
|
||||
index d0023a05..0b3d796d 100644
|
||||
--- a/rhel/systemd/cloud-init.service
|
||||
+++ b/rhel/systemd/cloud-init.service
|
||||
@@ -5,6 +5,7 @@ Wants=sshd-keygen.service
|
||||
|
@ -158,5 +144,5 @@ index d0023a0..0b3d796 100644
|
|||
Before=sshd-keygen.service
|
||||
Before=sshd.service
|
||||
--
|
||||
1.8.3.1
|
||||
2.31.1
|
||||
|
|
@ -1,13 +1,14 @@
|
|||
From 569a19866bba846bbea8c99b9998336299570783 Mon Sep 17 00:00:00 2001
|
||||
From b545a0cbabe8924d048b7172b30e7aad59ed32d5 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Thu, 20 May 2021 08:53:55 +0200
|
||||
Subject: [PATCH 1/2] rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and
|
||||
set in cloud.cfg
|
||||
Subject: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in
|
||||
cloud.cfg
|
||||
|
||||
RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
RH-MergeRequest: 8: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
|
||||
RH-Commit: [1/1] 9c39347a790360bc23c5ea3d8a34d0722d0cd1ac
|
||||
RH-Bugzilla: 1963981
|
||||
RH-MergeRequest: 10: rhel/cloud.cfg: remove ssh_genkeytypes in settings.py and set in cloud.cfg
|
||||
RH-Commit: [1/1] 6da989423b9b6e017afbac2f1af3649b0487310f
|
||||
RH-Bugzilla: 1957532
|
||||
RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
|
||||
RH-Acked-by: Cathy Avery <cavery@redhat.com>
|
||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
|
||||
|
@ -34,18 +35,18 @@ Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
|||
2 files changed, 1 insertion(+), 3 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
|
||||
index 439eee02..87398eec 100644
|
||||
index 3c2145e9..71672e10 100644
|
||||
--- a/cloudinit/settings.py
|
||||
+++ b/cloudinit/settings.py
|
||||
@@ -48,8 +48,6 @@ CFG_BUILTIN = {
|
||||
'def_log_file_mode': 0o600,
|
||||
'log_cfgs': [],
|
||||
'mount_default_fields': [None, None, 'auto', 'defaults,nofail', '0', '2'],
|
||||
- 'ssh_deletekeys': False,
|
||||
- 'ssh_genkeytypes': [],
|
||||
'syslog_fix_perms': [],
|
||||
'system_info': {
|
||||
'paths': {
|
||||
@@ -52,8 +52,6 @@ CFG_BUILTIN = {
|
||||
"def_log_file_mode": 0o600,
|
||||
"log_cfgs": [],
|
||||
"mount_default_fields": [None, None, "auto", "defaults,nofail", "0", "2"],
|
||||
- "ssh_deletekeys": False,
|
||||
- "ssh_genkeytypes": [],
|
||||
"syslog_fix_perms": [],
|
||||
"system_info": {
|
||||
"paths": {
|
||||
diff --git a/rhel/cloud.cfg b/rhel/cloud.cfg
|
||||
index 9ecba215..cbee197a 100644
|
||||
--- a/rhel/cloud.cfg
|
||||
|
@ -60,5 +61,5 @@ index 9ecba215..cbee197a 100644
|
|||
disable_vmware_customization: false
|
||||
|
||||
--
|
||||
2.27.0
|
||||
2.31.1
|
||||
|
|
@ -1,496 +0,0 @@
|
|||
From c3a1b3a5d7abe51a1facbdae71aca4b2bca7d6aa Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Wed, 28 Oct 2020 20:43:33 +0100
|
||||
Subject: [PATCH 2/3] Add config modules for controlling IBM PowerVM RMC.
|
||||
(#584)
|
||||
|
||||
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||
RH-MergeRequest: 12: Support for cloud-init config modules for PowerVM Hypervisor in Red Hat cloud-init
|
||||
RH-Commit: [1/1] d175c3607a8d4f473573ba0ce42e0f311dbc31ed (eterrell/cloud-init)
|
||||
RH-Bugzilla: 1886430
|
||||
|
||||
commit f99d4f96b00a9cfec1c721d364cbfd728674e5dc (upstream/master)
|
||||
Author: Aman306 <45781773+Aman306@users.noreply.github.com>
|
||||
Date: Wed Oct 28 23:36:09 2020 +0530
|
||||
|
||||
Add config modules for controlling IBM PowerVM RMC. (#584)
|
||||
|
||||
Reliable Scalable Cluster Technology (RSCT) is a set of software
|
||||
components that together provide a comprehensive clustering
|
||||
environment(RAS features) for IBM PowerVM based virtual machines. RSCT
|
||||
includes the Resource Monitoring and Control (RMC) subsystem. RMC is a
|
||||
generalized framework used for managing, monitoring, and manipulating
|
||||
resources. RMC runs as a daemon process on individual machines and needs
|
||||
creation of unique node id and restarts during VM boot.
|
||||
|
||||
LP: #1895979
|
||||
|
||||
Co-authored-by: Scott Moser <smoser@brickies.net>
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/config/cc_refresh_rmc_and_interface.py | 159 +++++++++++++++++++++
|
||||
cloudinit/config/cc_reset_rmc.py | 143 ++++++++++++++++++
|
||||
config/cloud.cfg.tmpl | 2 +
|
||||
.../test_handler_refresh_rmc_and_interface.py | 109 ++++++++++++++
|
||||
tools/.github-cla-signers | 1 +
|
||||
5 files changed, 414 insertions(+)
|
||||
create mode 100644 cloudinit/config/cc_refresh_rmc_and_interface.py
|
||||
create mode 100644 cloudinit/config/cc_reset_rmc.py
|
||||
create mode 100644 tests/unittests/test_handler/test_handler_refresh_rmc_and_interface.py
|
||||
|
||||
diff --git a/cloudinit/config/cc_refresh_rmc_and_interface.py b/cloudinit/config/cc_refresh_rmc_and_interface.py
|
||||
new file mode 100644
|
||||
index 0000000..146758a
|
||||
--- /dev/null
|
||||
+++ b/cloudinit/config/cc_refresh_rmc_and_interface.py
|
||||
@@ -0,0 +1,159 @@
|
||||
+# (c) Copyright IBM Corp. 2020 All Rights Reserved
|
||||
+#
|
||||
+# Author: Aman Kumar Sinha <amansi26@in.ibm.com>
|
||||
+#
|
||||
+# This file is part of cloud-init. See LICENSE file for license information.
|
||||
+
|
||||
+"""
|
||||
+Refresh IPv6 interface and RMC
|
||||
+------------------------------
|
||||
+**Summary:** Ensure Network Manager is not managing IPv6 interface
|
||||
+
|
||||
+This module is IBM PowerVM Hypervisor specific
|
||||
+
|
||||
+Reliable Scalable Cluster Technology (RSCT) is a set of software components
|
||||
+that together provide a comprehensive clustering environment(RAS features)
|
||||
+for IBM PowerVM based virtual machines. RSCT includes the Resource
|
||||
+Monitoring and Control (RMC) subsystem. RMC is a generalized framework used
|
||||
+for managing, monitoring, and manipulating resources. RMC runs as a daemon
|
||||
+process on individual machines and needs creation of unique node id and
|
||||
+restarts during VM boot.
|
||||
+More details refer
|
||||
+https://www.ibm.com/support/knowledgecenter/en/SGVKBA_3.2/admin/bl503_ovrv.htm
|
||||
+
|
||||
+This module handles
|
||||
+- Refreshing RMC
|
||||
+- Disabling NetworkManager from handling IPv6 interface, as IPv6 interface
|
||||
+ is used for communication between RMC daemon and PowerVM hypervisor.
|
||||
+
|
||||
+**Internal name:** ``cc_refresh_rmc_and_interface``
|
||||
+
|
||||
+**Module frequency:** per always
|
||||
+
|
||||
+**Supported distros:** RHEL
|
||||
+
|
||||
+"""
|
||||
+
|
||||
+from cloudinit import log as logging
|
||||
+from cloudinit.settings import PER_ALWAYS
|
||||
+from cloudinit import util
|
||||
+from cloudinit import subp
|
||||
+from cloudinit import netinfo
|
||||
+
|
||||
+import errno
|
||||
+
|
||||
+frequency = PER_ALWAYS
|
||||
+
|
||||
+LOG = logging.getLogger(__name__)
|
||||
+# Ensure that /opt/rsct/bin has been added to standard PATH of the
|
||||
+# distro. The symlink to rmcctrl is /usr/sbin/rsct/bin/rmcctrl .
|
||||
+RMCCTRL = 'rmcctrl'
|
||||
+
|
||||
+
|
||||
+def handle(name, _cfg, _cloud, _log, _args):
|
||||
+ if not subp.which(RMCCTRL):
|
||||
+ LOG.debug("No '%s' in path, disabled", RMCCTRL)
|
||||
+ return
|
||||
+
|
||||
+ LOG.debug(
|
||||
+ 'Making the IPv6 up explicitly. '
|
||||
+ 'Ensuring IPv6 interface is not being handled by NetworkManager '
|
||||
+ 'and it is restarted to re-establish the communication with '
|
||||
+ 'the hypervisor')
|
||||
+
|
||||
+ ifaces = find_ipv6_ifaces()
|
||||
+
|
||||
+ # Setting NM_CONTROLLED=no for IPv6 interface
|
||||
+ # making it down and up
|
||||
+
|
||||
+ if len(ifaces) == 0:
|
||||
+ LOG.debug("Did not find any interfaces with ipv6 addresses.")
|
||||
+ else:
|
||||
+ for iface in ifaces:
|
||||
+ refresh_ipv6(iface)
|
||||
+ disable_ipv6(sysconfig_path(iface))
|
||||
+ restart_network_manager()
|
||||
+
|
||||
+
|
||||
+def find_ipv6_ifaces():
|
||||
+ info = netinfo.netdev_info()
|
||||
+ ifaces = []
|
||||
+ for iface, data in info.items():
|
||||
+ if iface == "lo":
|
||||
+ LOG.debug('Skipping localhost interface')
|
||||
+ if len(data.get("ipv4", [])) != 0:
|
||||
+ # skip this interface, as it has ipv4 addrs
|
||||
+ continue
|
||||
+ ifaces.append(iface)
|
||||
+ return ifaces
|
||||
+
|
||||
+
|
||||
+def refresh_ipv6(interface):
|
||||
+ # IPv6 interface is explicitly brought up, subsequent to which the
|
||||
+ # RMC services are restarted to re-establish the communication with
|
||||
+ # the hypervisor.
|
||||
+ subp.subp(['ip', 'link', 'set', interface, 'down'])
|
||||
+ subp.subp(['ip', 'link', 'set', interface, 'up'])
|
||||
+
|
||||
+
|
||||
+def sysconfig_path(iface):
|
||||
+ return '/etc/sysconfig/network-scripts/ifcfg-' + iface
|
||||
+
|
||||
+
|
||||
+def restart_network_manager():
|
||||
+ subp.subp(['systemctl', 'restart', 'NetworkManager'])
|
||||
+
|
||||
+
|
||||
+def disable_ipv6(iface_file):
|
||||
+ # Ensuring that the communication b/w the hypervisor and VM is not
|
||||
+ # interrupted due to NetworkManager. For this purpose, as part of
|
||||
+ # this function, the NM_CONTROLLED is explicitly set to No for IPV6
|
||||
+ # interface and NetworkManager is restarted.
|
||||
+ try:
|
||||
+ contents = util.load_file(iface_file)
|
||||
+ except IOError as e:
|
||||
+ if e.errno == errno.ENOENT:
|
||||
+ LOG.debug("IPv6 interface file %s does not exist\n",
|
||||
+ iface_file)
|
||||
+ else:
|
||||
+ raise e
|
||||
+
|
||||
+ if 'IPV6INIT' not in contents:
|
||||
+ LOG.debug("Interface file %s did not have IPV6INIT", iface_file)
|
||||
+ return
|
||||
+
|
||||
+ LOG.debug("Editing interface file %s ", iface_file)
|
||||
+
|
||||
+ # Dropping any NM_CONTROLLED or IPV6 lines from IPv6 interface file.
|
||||
+ lines = contents.splitlines()
|
||||
+ lines = [line for line in lines if not search(line)]
|
||||
+ lines.append("NM_CONTROLLED=no")
|
||||
+
|
||||
+ with open(iface_file, "w") as fp:
|
||||
+ fp.write("\n".join(lines) + "\n")
|
||||
+
|
||||
+
|
||||
+def search(contents):
|
||||
+ # Search for any NM_CONTROLLED or IPV6 lines in IPv6 interface file.
|
||||
+ return(
|
||||
+ contents.startswith("IPV6ADDR") or
|
||||
+ contents.startswith("IPADDR6") or
|
||||
+ contents.startswith("IPV6INIT") or
|
||||
+ contents.startswith("NM_CONTROLLED"))
|
||||
+
|
||||
+
|
||||
+def refresh_rmc():
|
||||
+ # To make a healthy connection between RMC daemon and hypervisor we
|
||||
+ # refresh RMC. With refreshing RMC we are ensuring that making IPv6
|
||||
+ # down and up shouldn't impact communication between RMC daemon and
|
||||
+ # hypervisor.
|
||||
+ # -z : stop Resource Monitoring & Control subsystem and all resource
|
||||
+ # managers, but the command does not return control to the user
|
||||
+ # until the subsystem and all resource managers are stopped.
|
||||
+ # -s : start Resource Monitoring & Control subsystem.
|
||||
+ try:
|
||||
+ subp.subp([RMCCTRL, '-z'])
|
||||
+ subp.subp([RMCCTRL, '-s'])
|
||||
+ except Exception:
|
||||
+ util.logexc(LOG, 'Failed to refresh the RMC subsystem.')
|
||||
+ raise
|
||||
diff --git a/cloudinit/config/cc_reset_rmc.py b/cloudinit/config/cc_reset_rmc.py
|
||||
new file mode 100644
|
||||
index 0000000..1cd7277
|
||||
--- /dev/null
|
||||
+++ b/cloudinit/config/cc_reset_rmc.py
|
||||
@@ -0,0 +1,143 @@
|
||||
+# (c) Copyright IBM Corp. 2020 All Rights Reserved
|
||||
+#
|
||||
+# Author: Aman Kumar Sinha <amansi26@in.ibm.com>
|
||||
+#
|
||||
+# This file is part of cloud-init. See LICENSE file for license information.
|
||||
+
|
||||
+
|
||||
+"""
|
||||
+Reset RMC
|
||||
+------------
|
||||
+**Summary:** reset rsct node id
|
||||
+
|
||||
+Reset RMC module is IBM PowerVM Hypervisor specific
|
||||
+
|
||||
+Reliable Scalable Cluster Technology (RSCT) is a set of software components,
|
||||
+that together provide a comprehensive clustering environment (RAS features)
|
||||
+for IBM PowerVM based virtual machines. RSCT includes the Resource monitoring
|
||||
+and control (RMC) subsystem. RMC is a generalized framework used for managing,
|
||||
+monitoring, and manipulating resources. RMC runs as a daemon process on
|
||||
+individual machines and needs creation of unique node id and restarts
|
||||
+during VM boot.
|
||||
+More details refer
|
||||
+https://www.ibm.com/support/knowledgecenter/en/SGVKBA_3.2/admin/bl503_ovrv.htm
|
||||
+
|
||||
+This module handles
|
||||
+- creation of the unique RSCT node id to every instance/virtual machine
|
||||
+ and ensure once set, it isn't changed subsequently by cloud-init.
|
||||
+ In order to do so, it restarts RSCT service.
|
||||
+
|
||||
+Prerequisite of using this module is to install RSCT packages.
|
||||
+
|
||||
+**Internal name:** ``cc_reset_rmc``
|
||||
+
|
||||
+**Module frequency:** per instance
|
||||
+
|
||||
+**Supported distros:** rhel, sles and ubuntu
|
||||
+
|
||||
+"""
|
||||
+import os
|
||||
+
|
||||
+from cloudinit import log as logging
|
||||
+from cloudinit.settings import PER_INSTANCE
|
||||
+from cloudinit import util
|
||||
+from cloudinit import subp
|
||||
+
|
||||
+frequency = PER_INSTANCE
|
||||
+
|
||||
+# RMCCTRL is expected to be in system PATH (/opt/rsct/bin)
|
||||
+# The symlink for RMCCTRL and RECFGCT are
|
||||
+# /usr/sbin/rsct/bin/rmcctrl and
|
||||
+# /usr/sbin/rsct/install/bin/recfgct respectively.
|
||||
+RSCT_PATH = '/opt/rsct/install/bin'
|
||||
+RMCCTRL = 'rmcctrl'
|
||||
+RECFGCT = 'recfgct'
|
||||
+
|
||||
+LOG = logging.getLogger(__name__)
|
||||
+
|
||||
+NODE_ID_FILE = '/etc/ct_node_id'
|
||||
+
|
||||
+
|
||||
+def handle(name, _cfg, cloud, _log, _args):
|
||||
+ # Ensuring node id has to be generated only once during first boot
|
||||
+ if cloud.datasource.platform_type == 'none':
|
||||
+ LOG.debug('Skipping creation of new ct_node_id node')
|
||||
+ return
|
||||
+
|
||||
+ if not os.path.isdir(RSCT_PATH):
|
||||
+ LOG.debug("module disabled, RSCT_PATH not present")
|
||||
+ return
|
||||
+
|
||||
+ orig_path = os.environ.get('PATH')
|
||||
+ try:
|
||||
+ add_path(orig_path)
|
||||
+ reset_rmc()
|
||||
+ finally:
|
||||
+ if orig_path:
|
||||
+ os.environ['PATH'] = orig_path
|
||||
+ else:
|
||||
+ del os.environ['PATH']
|
||||
+
|
||||
+
|
||||
+def reconfigure_rsct_subsystems():
|
||||
+ # Reconfigure the RSCT subsystems, which includes removing all RSCT data
|
||||
+ # under the /var/ct directory, generating a new node ID, and making it
|
||||
+ # appear as if the RSCT components were just installed
|
||||
+ try:
|
||||
+ out = subp.subp([RECFGCT])[0]
|
||||
+ LOG.debug(out.strip())
|
||||
+ return out
|
||||
+ except subp.ProcessExecutionError:
|
||||
+ util.logexc(LOG, 'Failed to reconfigure the RSCT subsystems.')
|
||||
+ raise
|
||||
+
|
||||
+
|
||||
+def get_node_id():
|
||||
+ try:
|
||||
+ fp = util.load_file(NODE_ID_FILE)
|
||||
+ node_id = fp.split('\n')[0]
|
||||
+ return node_id
|
||||
+ except Exception:
|
||||
+ util.logexc(LOG, 'Failed to get node ID from file %s.' % NODE_ID_FILE)
|
||||
+ raise
|
||||
+
|
||||
+
|
||||
+def add_path(orig_path):
|
||||
+ # Adding the RSCT_PATH to env standard path
|
||||
+ # So thet cloud init automatically find and
|
||||
+ # run RECFGCT to create new node_id.
|
||||
+ suff = ":" + orig_path if orig_path else ""
|
||||
+ os.environ['PATH'] = RSCT_PATH + suff
|
||||
+ return os.environ['PATH']
|
||||
+
|
||||
+
|
||||
+def rmcctrl():
|
||||
+ # Stop the RMC subsystem and all resource managers so that we can make
|
||||
+ # some changes to it
|
||||
+ try:
|
||||
+ return subp.subp([RMCCTRL, '-z'])
|
||||
+ except Exception:
|
||||
+ util.logexc(LOG, 'Failed to stop the RMC subsystem.')
|
||||
+ raise
|
||||
+
|
||||
+
|
||||
+def reset_rmc():
|
||||
+ LOG.debug('Attempting to reset RMC.')
|
||||
+
|
||||
+ node_id_before = get_node_id()
|
||||
+ LOG.debug('Node ID at beginning of module: %s', node_id_before)
|
||||
+
|
||||
+ # Stop the RMC subsystem and all resource managers so that we can make
|
||||
+ # some changes to it
|
||||
+ rmcctrl()
|
||||
+ reconfigure_rsct_subsystems()
|
||||
+
|
||||
+ node_id_after = get_node_id()
|
||||
+ LOG.debug('Node ID at end of module: %s', node_id_after)
|
||||
+
|
||||
+ # Check if new node ID is generated or not
|
||||
+ # by comparing old and new node ID
|
||||
+ if node_id_after == node_id_before:
|
||||
+ msg = 'New node ID did not get generated.'
|
||||
+ LOG.error(msg)
|
||||
+ raise Exception(msg)
|
||||
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
|
||||
index 2beb9b0..7171aaa 100644
|
||||
--- a/config/cloud.cfg.tmpl
|
||||
+++ b/config/cloud.cfg.tmpl
|
||||
@@ -135,6 +135,8 @@ cloud_final_modules:
|
||||
- chef
|
||||
- mcollective
|
||||
- salt-minion
|
||||
+ - reset_rmc
|
||||
+ - refresh_rmc_and_interface
|
||||
- rightscale_userdata
|
||||
- scripts-vendor
|
||||
- scripts-per-once
|
||||
diff --git a/tests/unittests/test_handler/test_handler_refresh_rmc_and_interface.py b/tests/unittests/test_handler/test_handler_refresh_rmc_and_interface.py
|
||||
new file mode 100644
|
||||
index 0000000..e13b779
|
||||
--- /dev/null
|
||||
+++ b/tests/unittests/test_handler/test_handler_refresh_rmc_and_interface.py
|
||||
@@ -0,0 +1,109 @@
|
||||
+from cloudinit.config import cc_refresh_rmc_and_interface as ccrmci
|
||||
+
|
||||
+from cloudinit import util
|
||||
+
|
||||
+from cloudinit.tests import helpers as t_help
|
||||
+from cloudinit.tests.helpers import mock
|
||||
+
|
||||
+from textwrap import dedent
|
||||
+import logging
|
||||
+
|
||||
+LOG = logging.getLogger(__name__)
|
||||
+MPATH = "cloudinit.config.cc_refresh_rmc_and_interface"
|
||||
+NET_INFO = {
|
||||
+ 'lo': {'ipv4': [{'ip': '127.0.0.1',
|
||||
+ 'bcast': '', 'mask': '255.0.0.0',
|
||||
+ 'scope': 'host'}],
|
||||
+ 'ipv6': [{'ip': '::1/128',
|
||||
+ 'scope6': 'host'}], 'hwaddr': '',
|
||||
+ 'up': 'True'},
|
||||
+ 'env2': {'ipv4': [{'ip': '8.0.0.19',
|
||||
+ 'bcast': '8.0.0.255', 'mask': '255.255.255.0',
|
||||
+ 'scope': 'global'}],
|
||||
+ 'ipv6': [{'ip': 'fe80::f896:c2ff:fe81:8220/64',
|
||||
+ 'scope6': 'link'}], 'hwaddr': 'fa:96:c2:81:82:20',
|
||||
+ 'up': 'True'},
|
||||
+ 'env3': {'ipv4': [{'ip': '90.0.0.14',
|
||||
+ 'bcast': '90.0.0.255', 'mask': '255.255.255.0',
|
||||
+ 'scope': 'global'}],
|
||||
+ 'ipv6': [{'ip': 'fe80::f896:c2ff:fe81:8221/64',
|
||||
+ 'scope6': 'link'}], 'hwaddr': 'fa:96:c2:81:82:21',
|
||||
+ 'up': 'True'},
|
||||
+ 'env4': {'ipv4': [{'ip': '9.114.23.7',
|
||||
+ 'bcast': '9.114.23.255', 'mask': '255.255.255.0',
|
||||
+ 'scope': 'global'}],
|
||||
+ 'ipv6': [{'ip': 'fe80::f896:c2ff:fe81:8222/64',
|
||||
+ 'scope6': 'link'}], 'hwaddr': 'fa:96:c2:81:82:22',
|
||||
+ 'up': 'True'},
|
||||
+ 'env5': {'ipv4': [],
|
||||
+ 'ipv6': [{'ip': 'fe80::9c26:c3ff:fea4:62c8/64',
|
||||
+ 'scope6': 'link'}], 'hwaddr': '42:20:86:df:fa:4c',
|
||||
+ 'up': 'True'}}
|
||||
+
|
||||
+
|
||||
+class TestRsctNodeFile(t_help.CiTestCase):
|
||||
+ def test_disable_ipv6_interface(self):
|
||||
+ """test parsing of iface files."""
|
||||
+ fname = self.tmp_path("iface-eth5")
|
||||
+ util.write_file(fname, dedent("""\
|
||||
+ BOOTPROTO=static
|
||||
+ DEVICE=eth5
|
||||
+ HWADDR=42:20:86:df:fa:4c
|
||||
+ IPV6INIT=yes
|
||||
+ IPADDR6=fe80::9c26:c3ff:fea4:62c8/64
|
||||
+ IPV6ADDR=fe80::9c26:c3ff:fea4:62c8/64
|
||||
+ NM_CONTROLLED=yes
|
||||
+ ONBOOT=yes
|
||||
+ STARTMODE=auto
|
||||
+ TYPE=Ethernet
|
||||
+ USERCTL=no
|
||||
+ """))
|
||||
+
|
||||
+ ccrmci.disable_ipv6(fname)
|
||||
+ self.assertEqual(dedent("""\
|
||||
+ BOOTPROTO=static
|
||||
+ DEVICE=eth5
|
||||
+ HWADDR=42:20:86:df:fa:4c
|
||||
+ ONBOOT=yes
|
||||
+ STARTMODE=auto
|
||||
+ TYPE=Ethernet
|
||||
+ USERCTL=no
|
||||
+ NM_CONTROLLED=no
|
||||
+ """), util.load_file(fname))
|
||||
+
|
||||
+ @mock.patch(MPATH + '.refresh_rmc')
|
||||
+ @mock.patch(MPATH + '.restart_network_manager')
|
||||
+ @mock.patch(MPATH + '.disable_ipv6')
|
||||
+ @mock.patch(MPATH + '.refresh_ipv6')
|
||||
+ @mock.patch(MPATH + '.netinfo.netdev_info')
|
||||
+ @mock.patch(MPATH + '.subp.which')
|
||||
+ def test_handle(self, m_refresh_rmc,
|
||||
+ m_netdev_info, m_refresh_ipv6, m_disable_ipv6,
|
||||
+ m_restart_nm, m_which):
|
||||
+ """Basic test of handle."""
|
||||
+ m_netdev_info.return_value = NET_INFO
|
||||
+ m_which.return_value = '/opt/rsct/bin/rmcctrl'
|
||||
+ ccrmci.handle(
|
||||
+ "refresh_rmc_and_interface", None, None, None, None)
|
||||
+ self.assertEqual(1, m_netdev_info.call_count)
|
||||
+ m_refresh_ipv6.assert_called_with('env5')
|
||||
+ m_disable_ipv6.assert_called_with(
|
||||
+ '/etc/sysconfig/network-scripts/ifcfg-env5')
|
||||
+ self.assertEqual(1, m_restart_nm.call_count)
|
||||
+ self.assertEqual(1, m_refresh_rmc.call_count)
|
||||
+
|
||||
+ @mock.patch(MPATH + '.netinfo.netdev_info')
|
||||
+ def test_find_ipv6(self, m_netdev_info):
|
||||
+ """find_ipv6_ifaces parses netdev_info returning those with ipv6"""
|
||||
+ m_netdev_info.return_value = NET_INFO
|
||||
+ found = ccrmci.find_ipv6_ifaces()
|
||||
+ self.assertEqual(['env5'], found)
|
||||
+
|
||||
+ @mock.patch(MPATH + '.subp.subp')
|
||||
+ def test_refresh_ipv6(self, m_subp):
|
||||
+ """refresh_ipv6 should ip down and up the interface."""
|
||||
+ iface = "myeth0"
|
||||
+ ccrmci.refresh_ipv6(iface)
|
||||
+ m_subp.assert_has_calls([
|
||||
+ mock.call(['ip', 'link', 'set', iface, 'down']),
|
||||
+ mock.call(['ip', 'link', 'set', iface, 'up'])])
|
||||
diff --git a/tools/.github-cla-signers b/tools/.github-cla-signers
|
||||
index c67db43..802a35b 100644
|
||||
--- a/tools/.github-cla-signers
|
||||
+++ b/tools/.github-cla-signers
|
||||
@@ -1,4 +1,5 @@
|
||||
AlexBaranowski
|
||||
+Aman306
|
||||
beezly
|
||||
bipinbachhao
|
||||
BirknerAlex
|
||||
--
|
||||
1.8.3.1
|
||||
|
File diff suppressed because it is too large
Load Diff
|
@ -1,58 +0,0 @@
|
|||
From 8a7d21fa739901bad847294004266dba76c027af Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Tue, 1 Dec 2020 15:51:47 +0100
|
||||
Subject: [PATCH 2/4] Adding BOOTPROTO = dhcp to render sysconfig dhcp6
|
||||
stateful on RHEL (#685)
|
||||
|
||||
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||
RH-MergeRequest: 25: Adding BOOTPROTO = dhcp to render sysconfig dhcp6 stateful on RHEL (#685)
|
||||
RH-Commit: [1/1] b7304323096b1e40287950e44cf7aa3cdb4ba99e (eterrell/cloud-init)
|
||||
RH-Bugzilla: 1859695
|
||||
|
||||
BOOTPROTO needs to be set to 'dhcp' on RHEL so NetworkManager can
|
||||
properly acquire ipv6 address.
|
||||
|
||||
rhbz: #1859695
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
|
||||
Co-authored-by: Daniel Watkins <oddbloke@ubuntu.com>
|
||||
Co-authored-by: Scott Moser <smoser@brickies.net>
|
||||
---
|
||||
cloudinit/net/sysconfig.py | 6 ++++++
|
||||
tests/unittests/test_net.py | 2 +-
|
||||
2 files changed, 7 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||
index 078636a4..94801a93 100644
|
||||
--- a/cloudinit/net/sysconfig.py
|
||||
+++ b/cloudinit/net/sysconfig.py
|
||||
@@ -391,6 +391,12 @@ class Renderer(renderer.Renderer):
|
||||
# Only IPv6 is DHCP, IPv4 may be static
|
||||
iface_cfg['BOOTPROTO'] = 'dhcp6'
|
||||
iface_cfg['DHCLIENT6_MODE'] = 'managed'
|
||||
+ # only if rhel AND dhcpv6 stateful
|
||||
+ elif (flavor == 'rhel' and
|
||||
+ subnet_type == 'ipv6_dhcpv6-stateful'):
|
||||
+ iface_cfg['BOOTPROTO'] = 'dhcp'
|
||||
+ iface_cfg['DHCPV6C'] = True
|
||||
+ iface_cfg['IPV6INIT'] = True
|
||||
else:
|
||||
iface_cfg['IPV6INIT'] = True
|
||||
# Configure network settings using DHCPv6
|
||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||
index c0337459..bcd261db 100644
|
||||
--- a/tests/unittests/test_net.py
|
||||
+++ b/tests/unittests/test_net.py
|
||||
@@ -1359,7 +1359,7 @@ NETWORK_CONFIGS = {
|
||||
},
|
||||
'expected_sysconfig_rhel': {
|
||||
'ifcfg-iface0': textwrap.dedent("""\
|
||||
- BOOTPROTO=none
|
||||
+ BOOTPROTO=dhcp
|
||||
DEVICE=iface0
|
||||
DHCPV6C=yes
|
||||
IPV6INIT=yes
|
||||
--
|
||||
2.18.4
|
||||
|
|
@ -0,0 +1,257 @@
|
|||
From 5c99ba05086b1ec83ce7e0c64edb4add4b47d923 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Thu, 19 May 2022 11:14:39 +0200
|
||||
Subject: [PATCH 3/4] Align rhel custom files with upstream (#1431)
|
||||
|
||||
RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
RH-MergeRequest: 65: Align rhel custom files with upstream (#1431)
|
||||
RH-Commit: [1/2] 5d9067175688b1006472a477b0916b81c73d5e07
|
||||
RH-Bugzilla: 2082071
|
||||
RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
|
||||
RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
|
||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
|
||||
commit 9624758f91b61f4711e8d7b5c83075b5d23e0c43
|
||||
Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Wed May 18 15:18:04 2022 +0200
|
||||
|
||||
Align rhel custom files with upstream (#1431)
|
||||
|
||||
So far RHEL had its own custom .service and cloud.cfg files,
|
||||
that diverged from upstream. We always replaced the generated files
|
||||
with the ones we had.
|
||||
|
||||
This caused only confusion and made it harder to rebase and backport
|
||||
patches targeting these files.
|
||||
At the same time, we are going to delete our custom downstream-only files
|
||||
and use the ones generated by .tmpl.
|
||||
|
||||
The mapping is:
|
||||
config/cloud.cfg.tmpl -> rhel/cloud.cfg
|
||||
systemd/* -> rhel/systemd/*
|
||||
|
||||
Such rhel-specific files are open and available in the Centos repo:
|
||||
https://gitlab.com/redhat/centos-stream/src/cloud-init
|
||||
|
||||
With this commit, we are also introducing modules in cloud.cfg that
|
||||
were not in the default rhel cfg file, even though they should already
|
||||
have been there with previous rebases and releases.
|
||||
Anyways such modules support rhel as distro, and
|
||||
therefore should cause no harm.
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
|
||||
RHBZ: 2082071
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
---
|
||||
config/cloud.cfg.tmpl | 23 +++++++++++++++++++++++
|
||||
systemd/cloud-config.service.tmpl | 4 ++++
|
||||
systemd/cloud-final.service.tmpl | 13 +++++++++++++
|
||||
systemd/cloud-init-local.service.tmpl | 22 +++++++++++++++++++++-
|
||||
systemd/cloud-init.service.tmpl | 6 +++++-
|
||||
tests/unittests/test_render_cloudcfg.py | 1 +
|
||||
6 files changed, 67 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
|
||||
index 86beee3c..f4d2fd14 100644
|
||||
--- a/config/cloud.cfg.tmpl
|
||||
+++ b/config/cloud.cfg.tmpl
|
||||
@@ -34,7 +34,11 @@ disable_root: true
|
||||
|
||||
{% if variant in ["almalinux", "alpine", "amazon", "centos", "cloudlinux", "eurolinux",
|
||||
"fedora", "miraclelinux", "openEuler", "rhel", "rocky", "virtuozzo"] %}
|
||||
+{% if variant == "rhel" %}
|
||||
+mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service,_netdev', '0', '2']
|
||||
+{% else %}
|
||||
mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2']
|
||||
+{% endif %}
|
||||
{% if variant == "amazon" %}
|
||||
resize_rootfs: noblock
|
||||
{% endif %}
|
||||
@@ -66,6 +70,14 @@ network:
|
||||
config: disabled
|
||||
{% endif %}
|
||||
|
||||
+{% if variant == "rhel" %}
|
||||
+# Default redhat settings:
|
||||
+ssh_deletekeys: true
|
||||
+ssh_genkeytypes: ['rsa', 'ecdsa', 'ed25519']
|
||||
+syslog_fix_perms: ~
|
||||
+disable_vmware_customization: false
|
||||
+{% endif %}
|
||||
+
|
||||
# The modules that run in the 'init' stage
|
||||
cloud_init_modules:
|
||||
- migrator
|
||||
@@ -107,10 +119,15 @@ cloud_config_modules:
|
||||
{% endif %}
|
||||
{% if variant not in ["photon"] %}
|
||||
- ssh-import-id
|
||||
+{% if variant not in ["rhel"] %}
|
||||
- keyboard
|
||||
+{% endif %}
|
||||
- locale
|
||||
{% endif %}
|
||||
- set-passwords
|
||||
+{% if variant in ["rhel"] %}
|
||||
+ - rh_subscription
|
||||
+{% endif %}
|
||||
{% if variant in ["rhel", "fedora", "photon"] %}
|
||||
{% if variant not in ["photon"] %}
|
||||
- spacewalk
|
||||
@@ -239,6 +256,10 @@ system_info:
|
||||
name: ec2-user
|
||||
lock_passwd: True
|
||||
gecos: EC2 Default User
|
||||
+{% elif variant == "rhel" %}
|
||||
+ name: cloud-user
|
||||
+ lock_passwd: true
|
||||
+ gecos: Cloud User
|
||||
{% else %}
|
||||
name: {{ variant }}
|
||||
lock_passwd: True
|
||||
@@ -254,6 +275,8 @@ system_info:
|
||||
groups: [adm, sudo]
|
||||
{% elif variant == "arch" %}
|
||||
groups: [wheel, users]
|
||||
+{% elif variant == "rhel" %}
|
||||
+ groups: [adm, systemd-journal]
|
||||
{% else %}
|
||||
groups: [wheel, adm, systemd-journal]
|
||||
{% endif %}
|
||||
diff --git a/systemd/cloud-config.service.tmpl b/systemd/cloud-config.service.tmpl
|
||||
index 9d928ca2..d5568a6e 100644
|
||||
--- a/systemd/cloud-config.service.tmpl
|
||||
+++ b/systemd/cloud-config.service.tmpl
|
||||
@@ -4,6 +4,10 @@ Description=Apply the settings specified in cloud-config
|
||||
After=network-online.target cloud-config.target
|
||||
After=snapd.seeded.service
|
||||
Wants=network-online.target cloud-config.target
|
||||
+{% if variant == "rhel" %}
|
||||
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
+ConditionKernelCommandLine=!cloud-init=disabled
|
||||
+{% endif %}
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
diff --git a/systemd/cloud-final.service.tmpl b/systemd/cloud-final.service.tmpl
|
||||
index 8207b18c..85f423ac 100644
|
||||
--- a/systemd/cloud-final.service.tmpl
|
||||
+++ b/systemd/cloud-final.service.tmpl
|
||||
@@ -7,6 +7,10 @@ After=multi-user.target
|
||||
Before=apt-daily.service
|
||||
{% endif %}
|
||||
Wants=network-online.target cloud-config.service
|
||||
+{% if variant == "rhel" %}
|
||||
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
+ConditionKernelCommandLine=!cloud-init=disabled
|
||||
+{% endif %}
|
||||
|
||||
|
||||
[Service]
|
||||
@@ -15,7 +19,16 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
|
||||
RemainAfterExit=yes
|
||||
TimeoutSec=0
|
||||
KillMode=process
|
||||
+{% if variant == "rhel" %}
|
||||
+# Restart NetworkManager if it is present and running.
|
||||
+ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
|
||||
+ out=$(systemctl show --property=SubState $u) || exit; \
|
||||
+ [ "$out" = "SubState=running" ] || exit 0; \
|
||||
+ systemctl reload-or-try-restart $u'
|
||||
+{% else %}
|
||||
TasksMax=infinity
|
||||
+{% endif %}
|
||||
+
|
||||
|
||||
# Output needs to appear in instance console output
|
||||
StandardOutput=journal+console
|
||||
diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl
|
||||
index 7166f640..a6b82650 100644
|
||||
--- a/systemd/cloud-init-local.service.tmpl
|
||||
+++ b/systemd/cloud-init-local.service.tmpl
|
||||
@@ -1,23 +1,43 @@
|
||||
## template:jinja
|
||||
[Unit]
|
||||
Description=Initial cloud-init job (pre-networking)
|
||||
-{% if variant in ["ubuntu", "unknown", "debian"] %}
|
||||
+{% if variant in ["ubuntu", "unknown", "debian", "rhel" ] %}
|
||||
DefaultDependencies=no
|
||||
{% endif %}
|
||||
Wants=network-pre.target
|
||||
After=hv_kvp_daemon.service
|
||||
After=systemd-remount-fs.service
|
||||
+{% if variant == "rhel" %}
|
||||
+Requires=dbus.socket
|
||||
+After=dbus.socket
|
||||
+{% endif %}
|
||||
Before=NetworkManager.service
|
||||
+{% if variant == "rhel" %}
|
||||
+Before=network.service
|
||||
+{% endif %}
|
||||
Before=network-pre.target
|
||||
Before=shutdown.target
|
||||
+{% if variant == "rhel" %}
|
||||
+Before=firewalld.target
|
||||
+Conflicts=shutdown.target
|
||||
+{% endif %}
|
||||
{% if variant in ["ubuntu", "unknown", "debian"] %}
|
||||
Before=sysinit.target
|
||||
Conflicts=shutdown.target
|
||||
{% endif %}
|
||||
RequiresMountsFor=/var/lib/cloud
|
||||
+{% if variant == "rhel" %}
|
||||
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
+ConditionKernelCommandLine=!cloud-init=disabled
|
||||
+{% endif %}
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
+{% if variant == "rhel" %}
|
||||
+ExecStartPre=/bin/mkdir -p /run/cloud-init
|
||||
+ExecStartPre=/sbin/restorecon /run/cloud-init
|
||||
+ExecStartPre=/usr/bin/touch /run/cloud-init/enabled
|
||||
+{% endif %}
|
||||
ExecStart=/usr/bin/cloud-init init --local
|
||||
ExecStart=/bin/touch /run/cloud-init/network-config-ready
|
||||
RemainAfterExit=yes
|
||||
diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl
|
||||
index e71e5679..c170aef7 100644
|
||||
--- a/systemd/cloud-init.service.tmpl
|
||||
+++ b/systemd/cloud-init.service.tmpl
|
||||
@@ -1,7 +1,7 @@
|
||||
## template:jinja
|
||||
[Unit]
|
||||
Description=Initial cloud-init job (metadata service crawler)
|
||||
-{% if variant not in ["photon"] %}
|
||||
+{% if variant not in ["photon", "rhel"] %}
|
||||
DefaultDependencies=no
|
||||
{% endif %}
|
||||
Wants=cloud-init-local.service
|
||||
@@ -36,6 +36,10 @@ Before=shutdown.target
|
||||
Conflicts=shutdown.target
|
||||
{% endif %}
|
||||
Before=systemd-user-sessions.service
|
||||
+{% if variant == "rhel" %}
|
||||
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
+ConditionKernelCommandLine=!cloud-init=disabled
|
||||
+{% endif %}
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
diff --git a/tests/unittests/test_render_cloudcfg.py b/tests/unittests/test_render_cloudcfg.py
|
||||
index 30fbd1a4..9f95d448 100644
|
||||
--- a/tests/unittests/test_render_cloudcfg.py
|
||||
+++ b/tests/unittests/test_render_cloudcfg.py
|
||||
@@ -68,6 +68,7 @@ class TestRenderCloudCfg:
|
||||
default_user_exceptions = {
|
||||
"amazon": "ec2-user",
|
||||
"debian": "ubuntu",
|
||||
+ "rhel": "cloud-user",
|
||||
"unknown": "ubuntu",
|
||||
}
|
||||
default_user = system_cfg["system_info"]["default_user"]["name"]
|
||||
--
|
||||
2.35.3
|
||||
|
|
@ -1,60 +0,0 @@
|
|||
From bcbd6be99d8317793aff905c4222c351a1bf5c46 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Thu, 21 Jan 2021 10:08:49 +0100
|
||||
Subject: [PATCH 1/2] DataSourceAzure: update password for defuser if exists
|
||||
(#671)
|
||||
|
||||
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||
RH-MergeRequest: 37: DataSourceAzure: update password for defuser if exists (#671)
|
||||
RH-Commit: [1/1] 264092a68a3771cc4ed99dad5b93f7a1433e143a (eterrell/cloud-init)
|
||||
RH-Bugzilla: 1900892
|
||||
|
||||
commit eea754492f074e00b601cf77aa278e3623857c5a
|
||||
Author: Anh Vo <anhvo@microsoft.com>
|
||||
Date: Thu Nov 19 00:35:46 2020 -0500
|
||||
|
||||
DataSourceAzure: update password for defuser if exists (#671)
|
||||
|
||||
cc_set_password will only update the password for the default user if
|
||||
cfg['password'] is set. The existing code of datasource Azure will fail
|
||||
to update the default user's password because it does not set that
|
||||
metadata. If the default user doesn't exist in the image, the current
|
||||
code works fine because the password is set during user create and
|
||||
not in cc_set_password
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/sources/DataSourceAzure.py | 2 +-
|
||||
tests/unittests/test_datasource/test_azure.py | 3 +++
|
||||
2 files changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py
|
||||
index 1c214db9..d4a2d60f 100755
|
||||
--- a/cloudinit/sources/DataSourceAzure.py
|
||||
+++ b/cloudinit/sources/DataSourceAzure.py
|
||||
@@ -1231,7 +1231,7 @@ def read_azure_ovf(contents):
|
||||
if password:
|
||||
defuser['lock_passwd'] = False
|
||||
if DEF_PASSWD_REDACTION != password:
|
||||
- defuser['passwd'] = encrypt_pass(password)
|
||||
+ defuser['passwd'] = cfg['password'] = encrypt_pass(password)
|
||||
|
||||
if defuser:
|
||||
cfg['system_info'] = {'default_user': defuser}
|
||||
diff --git a/tests/unittests/test_datasource/test_azure.py b/tests/unittests/test_datasource/test_azure.py
|
||||
index 47e03bd1..2059990a 100644
|
||||
--- a/tests/unittests/test_datasource/test_azure.py
|
||||
+++ b/tests/unittests/test_datasource/test_azure.py
|
||||
@@ -919,6 +919,9 @@ scbus-1 on xpt0 bus 0
|
||||
crypt.crypt(odata['UserPassword'],
|
||||
defuser['passwd'][0:pos]))
|
||||
|
||||
+ # the same hashed value should also be present in cfg['password']
|
||||
+ self.assertEqual(defuser['passwd'], dsrc.cfg['password'])
|
||||
+
|
||||
def test_user_not_locked_if_password_redacted(self):
|
||||
odata = {'HostName': "myhost", 'UserName': "myuser",
|
||||
'UserPassword': dsaz.DEF_PASSWD_REDACTION}
|
||||
--
|
||||
2.18.4
|
||||
|
|
@ -1,295 +0,0 @@
|
|||
From 5ded09d5acf4d653fe2cbd54814f53063d265489 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Thu, 29 Oct 2020 15:05:42 +0100
|
||||
Subject: [PATCH 1/3] Explicit set IPV6_AUTOCONF and IPV6_FORCE_ACCEPT_RA on
|
||||
static6 (#634)
|
||||
|
||||
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||
RH-MergeRequest: 13: [RHEL-8.4.0] Add support for ipv6_autoconf on cloud-init-20.3
|
||||
RH-Commit: [1/1] 41e61c35893f4487981a1ad31f9f97a9a740b397 (eterrell/cloud-init)
|
||||
RH-Bugzilla: 1889635
|
||||
|
||||
commit b46e4a8cff667c8441622089cf7d57aeb88220cd
|
||||
Author: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Thu Oct 29 15:05:42 2020 +0100
|
||||
|
||||
Explicit set IPV6_AUTOCONF and IPV6_FORCE_ACCEPT_RA on static6 (#634)
|
||||
|
||||
The static and static6 subnet types for network_data.json were
|
||||
being ignored by the Openstack handler, this would cause the code to
|
||||
break and not function properly.
|
||||
|
||||
As of today, if a static6 configuration is chosen, the interface will
|
||||
still eventually be available to receive router advertisements or be set
|
||||
from NetworkManager to wait for them and cycle the interface in negative
|
||||
case.
|
||||
|
||||
It is safe to assume that if the interface is manually configured to use
|
||||
static ipv6 address, there's no need to wait for router advertisements.
|
||||
This patch will set automatically IPV6_AUTOCONF and IPV6_FORCE_ACCEPT_RA
|
||||
both to "no" in this case.
|
||||
|
||||
This patch fixes the specific behavior only for RHEL flavor and
|
||||
sysconfig renderer. It also introduces new unit tests for the specific
|
||||
case as well as adjusts some existent tests to be compatible with the
|
||||
new options. This patch also addresses this problem by assigning the
|
||||
appropriate subnet type for each case on the openstack handler.
|
||||
|
||||
rhbz: #1889635
|
||||
rhbz: #1889635
|
||||
|
||||
Signed-off-by: Eduardo Otubo otubo@redhat.com
|
||||
|
||||
Signed-off-by: Eduardo Otubo otubo@redhat.com
|
||||
---
|
||||
cloudinit/net/network_state.py | 3 +-
|
||||
cloudinit/net/sysconfig.py | 4 +
|
||||
cloudinit/sources/helpers/openstack.py | 8 +-
|
||||
tests/unittests/test_distros/test_netconfig.py | 2 +
|
||||
tests/unittests/test_net.py | 100 +++++++++++++++++++++++++
|
||||
5 files changed, 115 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/net/network_state.py b/cloudinit/net/network_state.py
|
||||
index b2f7d31..d9e7fd5 100644
|
||||
--- a/cloudinit/net/network_state.py
|
||||
+++ b/cloudinit/net/network_state.py
|
||||
@@ -820,7 +820,8 @@ def _normalize_subnet(subnet):
|
||||
|
||||
if subnet.get('type') in ('static', 'static6'):
|
||||
normal_subnet.update(
|
||||
- _normalize_net_keys(normal_subnet, address_keys=('address',)))
|
||||
+ _normalize_net_keys(normal_subnet, address_keys=(
|
||||
+ 'address', 'ip_address',)))
|
||||
normal_subnet['routes'] = [_normalize_route(r)
|
||||
for r in subnet.get('routes', [])]
|
||||
|
||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||
index af093dd..c078898 100644
|
||||
--- a/cloudinit/net/sysconfig.py
|
||||
+++ b/cloudinit/net/sysconfig.py
|
||||
@@ -451,6 +451,10 @@ class Renderer(renderer.Renderer):
|
||||
iface_cfg[mtu_key] = subnet['mtu']
|
||||
else:
|
||||
iface_cfg[mtu_key] = subnet['mtu']
|
||||
+
|
||||
+ if subnet_is_ipv6(subnet) and flavor == 'rhel':
|
||||
+ iface_cfg['IPV6_FORCE_ACCEPT_RA'] = False
|
||||
+ iface_cfg['IPV6_AUTOCONF'] = False
|
||||
elif subnet_type == 'manual':
|
||||
if flavor == 'suse':
|
||||
LOG.debug('Unknown subnet type setting "%s"', subnet_type)
|
||||
diff --git a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py
|
||||
index 65e020c..3e6365f 100644
|
||||
--- a/cloudinit/sources/helpers/openstack.py
|
||||
+++ b/cloudinit/sources/helpers/openstack.py
|
||||
@@ -602,11 +602,17 @@ def convert_net_json(network_json=None, known_macs=None):
|
||||
elif network['type'] in ['ipv6_slaac', 'ipv6_dhcpv6-stateless',
|
||||
'ipv6_dhcpv6-stateful']:
|
||||
subnet.update({'type': network['type']})
|
||||
- elif network['type'] in ['ipv4', 'ipv6']:
|
||||
+ elif network['type'] in ['ipv4', 'static']:
|
||||
subnet.update({
|
||||
'type': 'static',
|
||||
'address': network.get('ip_address'),
|
||||
})
|
||||
+ elif network['type'] in ['ipv6', 'static6']:
|
||||
+ cfg.update({'accept-ra': False})
|
||||
+ subnet.update({
|
||||
+ 'type': 'static6',
|
||||
+ 'address': network.get('ip_address'),
|
||||
+ })
|
||||
|
||||
# Enable accept_ra for stateful and legacy ipv6_dhcp types
|
||||
if network['type'] in ['ipv6_dhcpv6-stateful', 'ipv6_dhcp']:
|
||||
diff --git a/tests/unittests/test_distros/test_netconfig.py b/tests/unittests/test_distros/test_netconfig.py
|
||||
index 8d7b09c..f9fc3a1 100644
|
||||
--- a/tests/unittests/test_distros/test_netconfig.py
|
||||
+++ b/tests/unittests/test_distros/test_netconfig.py
|
||||
@@ -514,7 +514,9 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
|
||||
DEVICE=eth0
|
||||
IPV6ADDR=2607:f0d0:1002:0011::2/64
|
||||
IPV6INIT=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
IPV6_DEFAULTGW=2607:f0d0:1002:0011::1
|
||||
+ IPV6_FORCE_ACCEPT_RA=no
|
||||
NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||
index 9985a97..d7a7a65 100644
|
||||
--- a/tests/unittests/test_net.py
|
||||
+++ b/tests/unittests/test_net.py
|
||||
@@ -750,7 +750,9 @@ IPADDR=172.19.1.34
|
||||
IPV6ADDR=2001:DB8::10/64
|
||||
IPV6ADDR_SECONDARIES="2001:DB9::10/64 2001:DB10::10/64"
|
||||
IPV6INIT=yes
|
||||
+IPV6_AUTOCONF=no
|
||||
IPV6_DEFAULTGW=2001:DB8::1
|
||||
+IPV6_FORCE_ACCEPT_RA=no
|
||||
NETMASK=255.255.252.0
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
@@ -1022,6 +1024,8 @@ NETWORK_CONFIGS = {
|
||||
IPADDR=192.168.14.2
|
||||
IPV6ADDR=2001:1::1/64
|
||||
IPV6INIT=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
+ IPV6_FORCE_ACCEPT_RA=no
|
||||
NETMASK=255.255.255.0
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
@@ -1247,6 +1251,33 @@ NETWORK_CONFIGS = {
|
||||
"""),
|
||||
},
|
||||
},
|
||||
+ 'static6': {
|
||||
+ 'yaml': textwrap.dedent("""\
|
||||
+ version: 1
|
||||
+ config:
|
||||
+ - type: 'physical'
|
||||
+ name: 'iface0'
|
||||
+ accept-ra: 'no'
|
||||
+ subnets:
|
||||
+ - type: 'static6'
|
||||
+ address: 2001:1::1/64
|
||||
+ """).rstrip(' '),
|
||||
+ 'expected_sysconfig_rhel': {
|
||||
+ 'ifcfg-iface0': textwrap.dedent("""\
|
||||
+ BOOTPROTO=none
|
||||
+ DEVICE=iface0
|
||||
+ IPV6ADDR=2001:1::1/64
|
||||
+ IPV6INIT=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
+ IPV6_FORCE_ACCEPT_RA=no
|
||||
+ DEVICE=iface0
|
||||
+ NM_CONTROLLED=no
|
||||
+ ONBOOT=yes
|
||||
+ TYPE=Ethernet
|
||||
+ USERCTL=no
|
||||
+ """),
|
||||
+ },
|
||||
+ },
|
||||
'dhcpv6_stateless': {
|
||||
'expected_eni': textwrap.dedent("""\
|
||||
auto lo
|
||||
@@ -1636,6 +1667,8 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
IPADDR=192.168.14.2
|
||||
IPV6ADDR=2001:1::1/64
|
||||
IPV6INIT=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
+ IPV6_FORCE_ACCEPT_RA=no
|
||||
IPV6_DEFAULTGW=2001:4800:78ff:1b::1
|
||||
MACADDR=bb:bb:bb:bb:bb:aa
|
||||
NETMASK=255.255.255.0
|
||||
@@ -2158,6 +2191,8 @@ iface bond0 inet6 static
|
||||
IPADDR1=192.168.1.2
|
||||
IPV6ADDR=2001:1::1/92
|
||||
IPV6INIT=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
+ IPV6_FORCE_ACCEPT_RA=no
|
||||
MTU=9000
|
||||
NETMASK=255.255.255.0
|
||||
NETMASK1=255.255.255.0
|
||||
@@ -2259,6 +2294,8 @@ iface bond0 inet6 static
|
||||
IPADDR1=192.168.1.2
|
||||
IPV6ADDR=2001:1::bbbb/96
|
||||
IPV6INIT=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
+ IPV6_FORCE_ACCEPT_RA=no
|
||||
IPV6_DEFAULTGW=2001:1::1
|
||||
MTU=2222
|
||||
NETMASK=255.255.255.0
|
||||
@@ -2341,6 +2378,9 @@ iface bond0 inet6 static
|
||||
HWADDR=52:54:00:12:34:00
|
||||
IPV6ADDR=2001:1::100/96
|
||||
IPV6INIT=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
+ IPV6_FORCE_ACCEPT_RA=no
|
||||
+ NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -2352,6 +2392,9 @@ iface bond0 inet6 static
|
||||
HWADDR=52:54:00:12:34:01
|
||||
IPV6ADDR=2001:1::101/96
|
||||
IPV6INIT=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
+ IPV6_FORCE_ACCEPT_RA=no
|
||||
+ NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
TYPE=Ethernet
|
||||
USERCTL=no
|
||||
@@ -3151,6 +3194,61 @@ USERCTL=no
|
||||
self._compare_files_to_expected(entry[self.expected_name], found)
|
||||
self._assert_headers(found)
|
||||
|
||||
+ def test_stattic6_from_json(self):
|
||||
+ net_json = {
|
||||
+ "services": [{"type": "dns", "address": "172.19.0.12"}],
|
||||
+ "networks": [{
|
||||
+ "network_id": "dacd568d-5be6-4786-91fe-750c374b78b4",
|
||||
+ "type": "ipv4", "netmask": "255.255.252.0",
|
||||
+ "link": "tap1a81968a-79",
|
||||
+ "routes": [{
|
||||
+ "netmask": "0.0.0.0",
|
||||
+ "network": "0.0.0.0",
|
||||
+ "gateway": "172.19.3.254",
|
||||
+ }, {
|
||||
+ "netmask": "0.0.0.0", # A second default gateway
|
||||
+ "network": "0.0.0.0",
|
||||
+ "gateway": "172.20.3.254",
|
||||
+ }],
|
||||
+ "ip_address": "172.19.1.34", "id": "network0"
|
||||
+ }, {
|
||||
+ "network_id": "mgmt",
|
||||
+ "netmask": "ffff:ffff:ffff:ffff::",
|
||||
+ "link": "interface1",
|
||||
+ "mode": "link-local",
|
||||
+ "routes": [],
|
||||
+ "ip_address": "fe80::c096:67ff:fe5c:6e84",
|
||||
+ "type": "static6",
|
||||
+ "id": "network1",
|
||||
+ "services": [],
|
||||
+ "accept-ra": "false"
|
||||
+ }],
|
||||
+ "links": [
|
||||
+ {
|
||||
+ "ethernet_mac_address": "fa:16:3e:ed:9a:59",
|
||||
+ "mtu": None, "type": "bridge", "id":
|
||||
+ "tap1a81968a-79",
|
||||
+ "vif_id": "1a81968a-797a-400f-8a80-567f997eb93f"
|
||||
+ },
|
||||
+ ],
|
||||
+ }
|
||||
+ macs = {'fa:16:3e:ed:9a:59': 'eth0'}
|
||||
+ render_dir = self.tmp_dir()
|
||||
+ network_cfg = openstack.convert_net_json(net_json, known_macs=macs)
|
||||
+ ns = network_state.parse_net_config_data(network_cfg,
|
||||
+ skip_broken=False)
|
||||
+ renderer = self._get_renderer()
|
||||
+ with self.assertRaises(ValueError):
|
||||
+ renderer.render_network_state(ns, target=render_dir)
|
||||
+ self.assertEqual([], os.listdir(render_dir))
|
||||
+
|
||||
+ def test_static6_from_yaml(self):
|
||||
+ entry = NETWORK_CONFIGS['static6']
|
||||
+ found = self._render_and_read(network_config=yaml.load(
|
||||
+ entry['yaml']))
|
||||
+ self._compare_files_to_expected(entry[self.expected_name], found)
|
||||
+ self._assert_headers(found)
|
||||
+
|
||||
def test_dhcpv6_reject_ra_config_v2(self):
|
||||
entry = NETWORK_CONFIGS['dhcpv6_reject_ra']
|
||||
found = self._render_and_read(network_config=yaml.load(
|
||||
@@ -3268,6 +3366,8 @@ USERCTL=no
|
||||
IPADDR=192.168.42.100
|
||||
IPV6ADDR=2001:db8::100/32
|
||||
IPV6INIT=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
+ IPV6_FORCE_ACCEPT_RA=no
|
||||
IPV6_DEFAULTGW=2001:db8::1
|
||||
NETMASK=255.255.255.0
|
||||
NM_CONTROLLED=no
|
||||
--
|
||||
1.8.3.1
|
||||
|
|
@ -1,103 +0,0 @@
|
|||
From 93b48730e201bf374f75a3f71d8d6b28211016ba Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Tue, 23 Mar 2021 16:14:16 +0100
|
||||
Subject: [PATCH] Fix requiring device-number on EC2 derivatives (#836)
|
||||
|
||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
||||
RH-MergeRequest: 3: Fix requiring device-number on EC2 derivatives (#836)
|
||||
RH-Commit: [1/1] f372b10d179a969fcf824db8a39bdea3befc4ef4 (eterell/cloud-init)
|
||||
RH-Bugzilla: 1942699
|
||||
RH-Acked-by: Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
||||
RH-Acked-by: Acked-by: Vitaly Kuznetsov vkuznets@redhat.com
|
||||
RH-Acked-by: Acked-by: Cathy Avery cavery@redhat.com
|
||||
|
||||
commit 9bd19645a61586b82e86db6f518dd05c3363b17f
|
||||
Author: James Falcon <TheRealFalcon@users.noreply.github.com>
|
||||
Date: Mon Mar 8 14:09:47 2021 -0600
|
||||
|
||||
Fix requiring device-number on EC2 derivatives (#836)
|
||||
|
||||
#342 (70dbccbb) introduced the ability to determine route-metrics based on
|
||||
the `device-number` provided by the EC2 IMDS. Not all datasources that
|
||||
subclass EC2 will have this attribute, so allow the old behavior if
|
||||
`device-number` is not present.
|
||||
|
||||
LP: #1917875
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/sources/DataSourceEc2.py | 3 +-
|
||||
.../unittests/test_datasource/test_aliyun.py | 30 +++++++++++++++++++
|
||||
2 files changed, 32 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/cloudinit/sources/DataSourceEc2.py b/cloudinit/sources/DataSourceEc2.py
|
||||
index 1d09c12a..ce69d1b3 100644
|
||||
--- a/cloudinit/sources/DataSourceEc2.py
|
||||
+++ b/cloudinit/sources/DataSourceEc2.py
|
||||
@@ -764,13 +764,14 @@ def convert_ec2_metadata_network_config(
|
||||
netcfg['ethernets'][nic_name] = dev_config
|
||||
return netcfg
|
||||
# Apply network config for all nics and any secondary IPv4/v6 addresses
|
||||
+ nic_idx = 0
|
||||
for mac, nic_name in sorted(macs_to_nics.items()):
|
||||
nic_metadata = macs_metadata.get(mac)
|
||||
if not nic_metadata:
|
||||
continue # Not a physical nic represented in metadata
|
||||
# device-number is zero-indexed, we want it 1-indexed for the
|
||||
# multiplication on the following line
|
||||
- nic_idx = int(nic_metadata['device-number']) + 1
|
||||
+ nic_idx = int(nic_metadata.get('device-number', nic_idx)) + 1
|
||||
dhcp_override = {'route-metric': nic_idx * 100}
|
||||
dev_config = {'dhcp4': True, 'dhcp4-overrides': dhcp_override,
|
||||
'dhcp6': False,
|
||||
diff --git a/tests/unittests/test_datasource/test_aliyun.py b/tests/unittests/test_datasource/test_aliyun.py
|
||||
index b626229e..a57f86a1 100644
|
||||
--- a/tests/unittests/test_datasource/test_aliyun.py
|
||||
+++ b/tests/unittests/test_datasource/test_aliyun.py
|
||||
@@ -7,6 +7,7 @@ from unittest import mock
|
||||
|
||||
from cloudinit import helpers
|
||||
from cloudinit.sources import DataSourceAliYun as ay
|
||||
+from cloudinit.sources.DataSourceEc2 import convert_ec2_metadata_network_config
|
||||
from cloudinit.tests import helpers as test_helpers
|
||||
|
||||
DEFAULT_METADATA = {
|
||||
@@ -183,6 +184,35 @@ class TestAliYunDatasource(test_helpers.HttprettyTestCase):
|
||||
self.assertEqual(ay.parse_public_keys(public_keys),
|
||||
public_keys['key-pair-0']['openssh-key'])
|
||||
|
||||
+ def test_route_metric_calculated_without_device_number(self):
|
||||
+ """Test that route-metric code works without `device-number`
|
||||
+
|
||||
+ `device-number` is part of EC2 metadata, but not supported on aliyun.
|
||||
+ Attempting to access it will raise a KeyError.
|
||||
+
|
||||
+ LP: #1917875
|
||||
+ """
|
||||
+ netcfg = convert_ec2_metadata_network_config(
|
||||
+ {"interfaces": {"macs": {
|
||||
+ "06:17:04:d7:26:09": {
|
||||
+ "interface-id": "eni-e44ef49e",
|
||||
+ },
|
||||
+ "06:17:04:d7:26:08": {
|
||||
+ "interface-id": "eni-e44ef49f",
|
||||
+ }
|
||||
+ }}},
|
||||
+ macs_to_nics={
|
||||
+ '06:17:04:d7:26:09': 'eth0',
|
||||
+ '06:17:04:d7:26:08': 'eth1',
|
||||
+ }
|
||||
+ )
|
||||
+
|
||||
+ met0 = netcfg['ethernets']['eth0']['dhcp4-overrides']['route-metric']
|
||||
+ met1 = netcfg['ethernets']['eth1']['dhcp4-overrides']['route-metric']
|
||||
+
|
||||
+ # route-metric numbers should be 100 apart
|
||||
+ assert 100 == abs(met0 - met1)
|
||||
+
|
||||
|
||||
class TestIsAliYun(test_helpers.CiTestCase):
|
||||
ALIYUN_PRODUCT = 'Alibaba Cloud ECS'
|
||||
--
|
||||
2.27.0
|
||||
|
|
@ -1,61 +0,0 @@
|
|||
From d3889c4645a1319c3d677006164b618ee53f4c8b Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Mon, 7 Dec 2020 14:23:22 +0100
|
||||
Subject: [PATCH 3/4] Fix unit failure of cloud-final.service if NetworkManager
|
||||
was not present.
|
||||
|
||||
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||
RH-MergeRequest: 27: Fix unit failure of cloud-final.service if NetworkManager was not present.
|
||||
RH-Commit: [1/1] 3c65a2cca140fff48df1ef32919e3cb035506a2b (eterrell/cloud-init)
|
||||
RH-Bugzilla: 1898943
|
||||
|
||||
cloud-final.service would fail if NetworkManager was not installed.
|
||||
|
||||
journal -u cloud-final.service would show:
|
||||
|
||||
cloud-init[5328]: Cloud-init v. 19.4 finished at ...
|
||||
echo[5346]: try restart NetworkManager.service
|
||||
systemctl[5349]: Failed to reload-or-try-restart
|
||||
NetworkManager.service: Unit not found.
|
||||
systemd[1]: cloud-final.service: control process exited,
|
||||
code=exited status=5
|
||||
systemd[1]: Failed to start Execute cloud user/final scripts.
|
||||
systemd[1]: Unit cloud-final.service entered failed state.
|
||||
systemd[1]: cloud-final.service failed.
|
||||
|
||||
The change here is to only attempt to restart NetworkManager if it is
|
||||
present, and its SubState is 'running'.
|
||||
|
||||
The multi-line shell in a systemd unit is less than ideal, but I'm not
|
||||
aware of any other way of conditionally doing this.
|
||||
|
||||
Note that both of 'try-reload-or-restart' and 'reload-or-try-restart'
|
||||
will fail if the service is not present. So this would also affect rhel
|
||||
8 systems that do not use NetworkManager.
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
rhel/systemd/cloud-final.service | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/rhel/systemd/cloud-final.service b/rhel/systemd/cloud-final.service
|
||||
index 05add077..e281c0cf 100644
|
||||
--- a/rhel/systemd/cloud-final.service
|
||||
+++ b/rhel/systemd/cloud-final.service
|
||||
@@ -11,8 +11,11 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
|
||||
RemainAfterExit=yes
|
||||
TimeoutSec=0
|
||||
KillMode=process
|
||||
-ExecStartPost=/bin/echo "trying to reload or restart NetworkManager.service"
|
||||
-ExecStartPost=/usr/bin/systemctl try-reload-or-restart NetworkManager.service
|
||||
+# Restart NetworkManager if it is present and running.
|
||||
+ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
|
||||
+ out=$(systemctl show --property=SubState $u) || exit; \
|
||||
+ [ "$out" = "SubState=running" ] || exit 0; \
|
||||
+ systemctl reload-or-try-restart $u'
|
||||
|
||||
# Output needs to appear in instance console output
|
||||
StandardOutput=journal+console
|
||||
--
|
||||
2.18.4
|
||||
|
|
@ -1,49 +0,0 @@
|
|||
From 15852ea6958c18e3830aa9244b36cd0decc93b95 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Thu, 7 Jan 2021 16:51:30 +0100
|
||||
Subject: [PATCH] Missing IPV6_AUTOCONF=no to render sysconfig dhcp6 stateful
|
||||
on RHEL (#753)
|
||||
|
||||
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||
RH-MergeRequest: 29: Missing IPV6_AUTOCONF=no to render sysconfig dhcp6 stateful on RHEL (#753)
|
||||
RH-Commit: [1/1] 46943f83071d243bcc61f9d987b4fe7d9cf98596 (eterrell/cloud-init)
|
||||
RH-Bugzilla: 1859695
|
||||
|
||||
IPV6_AUTOCONF needs to be set to 'no' on RHEL so NetworkManager can
|
||||
properly acquire ipv6 address.
|
||||
|
||||
rhbz: #1859695
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/net/sysconfig.py | 1 +
|
||||
tests/unittests/test_net.py | 1 +
|
||||
2 files changed, 2 insertions(+)
|
||||
|
||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||
index 94801a93..1793977d 100644
|
||||
--- a/cloudinit/net/sysconfig.py
|
||||
+++ b/cloudinit/net/sysconfig.py
|
||||
@@ -397,6 +397,7 @@ class Renderer(renderer.Renderer):
|
||||
iface_cfg['BOOTPROTO'] = 'dhcp'
|
||||
iface_cfg['DHCPV6C'] = True
|
||||
iface_cfg['IPV6INIT'] = True
|
||||
+ iface_cfg['IPV6_AUTOCONF'] = False
|
||||
else:
|
||||
iface_cfg['IPV6INIT'] = True
|
||||
# Configure network settings using DHCPv6
|
||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||
index bcd261db..844d5ba8 100644
|
||||
--- a/tests/unittests/test_net.py
|
||||
+++ b/tests/unittests/test_net.py
|
||||
@@ -1363,6 +1363,7 @@ NETWORK_CONFIGS = {
|
||||
DEVICE=iface0
|
||||
DHCPV6C=yes
|
||||
IPV6INIT=yes
|
||||
+ IPV6_AUTOCONF=no
|
||||
IPV6_FORCE_ACCEPT_RA=yes
|
||||
DEVICE=iface0
|
||||
NM_CONTROLLED=no
|
||||
--
|
||||
2.18.4
|
||||
|
|
@ -0,0 +1,373 @@
|
|||
From d43f0d93386f123892451d923c2b3c6fe7130c39 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Thu, 19 May 2022 11:38:22 +0200
|
||||
Subject: [PATCH 4/4] Remove rhel specific files
|
||||
|
||||
RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
RH-MergeRequest: 65: Align rhel custom files with upstream (#1431)
|
||||
RH-Commit: [2/2] 5e31f0bcb500682e7746ccbd2e628c2ef339d6c6
|
||||
RH-Bugzilla: 2082071
|
||||
RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
|
||||
RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
|
||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
|
||||
Remove all files in rhel/ directory and related commands that copy
|
||||
and replace them with the generated ones.
|
||||
|
||||
Also adjust setup.py, align it with upstream:
|
||||
- by default, after rhel 8.3 ds-identify is in /usr/libexec, so no need to move it manually
|
||||
- bash-completions work also in /usr/share, as upstream
|
||||
- udev also works in /lib/udev
|
||||
|
||||
Also remove rhel/README since it is outdated (chef is used in cloud.cfg) and cloud-init-tmpfiles.conf,
|
||||
as it exists also in .distro.
|
||||
|
||||
X-downstream-only: yes
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
---
|
||||
redhat/cloud-init.spec.template | 21 ++------
|
||||
rhel/README.rhel | 5 --
|
||||
rhel/cloud-init-tmpfiles.conf | 1 -
|
||||
rhel/cloud.cfg | 69 ---------------------------
|
||||
rhel/systemd/cloud-config.service | 18 -------
|
||||
rhel/systemd/cloud-config.target | 11 -----
|
||||
rhel/systemd/cloud-final.service | 24 ----------
|
||||
rhel/systemd/cloud-init-local.service | 31 ------------
|
||||
rhel/systemd/cloud-init.service | 26 ----------
|
||||
rhel/systemd/cloud-init.target | 7 ---
|
||||
setup.py | 28 ++++++++++-
|
||||
11 files changed, 31 insertions(+), 210 deletions(-)
|
||||
delete mode 100644 rhel/README.rhel
|
||||
delete mode 100644 rhel/cloud-init-tmpfiles.conf
|
||||
delete mode 100644 rhel/cloud.cfg
|
||||
delete mode 100644 rhel/systemd/cloud-config.service
|
||||
delete mode 100644 rhel/systemd/cloud-config.target
|
||||
delete mode 100644 rhel/systemd/cloud-final.service
|
||||
delete mode 100644 rhel/systemd/cloud-init-local.service
|
||||
delete mode 100644 rhel/systemd/cloud-init.service
|
||||
delete mode 100644 rhel/systemd/cloud-init.target
|
||||
|
||||
|
||||
diff --git a/rhel/README.rhel b/rhel/README.rhel
|
||||
deleted file mode 100644
|
||||
index aa29630d..00000000
|
||||
--- a/rhel/README.rhel
|
||||
+++ /dev/null
|
||||
@@ -1,5 +0,0 @@
|
||||
-The following cloud-init modules are currently unsupported on this OS:
|
||||
- - apt_update_upgrade ('apt_update', 'apt_upgrade', 'apt_mirror', 'apt_preserve_sources_list', 'apt_old_mirror', 'apt_sources', 'debconf_selections', 'packages' options)
|
||||
- - byobu ('byobu_by_default' option)
|
||||
- - chef
|
||||
- - grub_dpkg
|
||||
diff --git a/rhel/cloud-init-tmpfiles.conf b/rhel/cloud-init-tmpfiles.conf
|
||||
deleted file mode 100644
|
||||
index 0c6d2a3b..00000000
|
||||
--- a/rhel/cloud-init-tmpfiles.conf
|
||||
+++ /dev/null
|
||||
@@ -1 +0,0 @@
|
||||
-d /run/cloud-init 0700 root root - -
|
||||
diff --git a/rhel/cloud.cfg b/rhel/cloud.cfg
|
||||
deleted file mode 100644
|
||||
index cbee197a..00000000
|
||||
--- a/rhel/cloud.cfg
|
||||
+++ /dev/null
|
||||
@@ -1,69 +0,0 @@
|
||||
-users:
|
||||
- - default
|
||||
-
|
||||
-disable_root: 1
|
||||
-ssh_pwauth: 0
|
||||
-
|
||||
-mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service', '0', '2']
|
||||
-resize_rootfs_tmp: /dev
|
||||
-ssh_deletekeys: 1
|
||||
-ssh_genkeytypes: ['rsa', 'ecdsa', 'ed25519']
|
||||
-syslog_fix_perms: ~
|
||||
-disable_vmware_customization: false
|
||||
-
|
||||
-cloud_init_modules:
|
||||
- - disk_setup
|
||||
- - migrator
|
||||
- - bootcmd
|
||||
- - write-files
|
||||
- - growpart
|
||||
- - resizefs
|
||||
- - set_hostname
|
||||
- - update_hostname
|
||||
- - update_etc_hosts
|
||||
- - rsyslog
|
||||
- - users-groups
|
||||
- - ssh
|
||||
-
|
||||
-cloud_config_modules:
|
||||
- - mounts
|
||||
- - locale
|
||||
- - set-passwords
|
||||
- - rh_subscription
|
||||
- - yum-add-repo
|
||||
- - package-update-upgrade-install
|
||||
- - timezone
|
||||
- - puppet
|
||||
- - chef
|
||||
- - salt-minion
|
||||
- - mcollective
|
||||
- - disable-ec2-metadata
|
||||
- - runcmd
|
||||
-
|
||||
-cloud_final_modules:
|
||||
- - rightscale_userdata
|
||||
- - scripts-per-once
|
||||
- - scripts-per-boot
|
||||
- - scripts-per-instance
|
||||
- - scripts-user
|
||||
- - ssh-authkey-fingerprints
|
||||
- - keys-to-console
|
||||
- - phone-home
|
||||
- - final-message
|
||||
- - power-state-change
|
||||
-
|
||||
-system_info:
|
||||
- default_user:
|
||||
- name: cloud-user
|
||||
- lock_passwd: true
|
||||
- gecos: Cloud User
|
||||
- groups: [adm, systemd-journal]
|
||||
- sudo: ["ALL=(ALL) NOPASSWD:ALL"]
|
||||
- shell: /bin/bash
|
||||
- distro: rhel
|
||||
- paths:
|
||||
- cloud_dir: /var/lib/cloud
|
||||
- templates_dir: /etc/cloud/templates
|
||||
- ssh_svcname: sshd
|
||||
-
|
||||
-# vim:syntax=yaml
|
||||
diff --git a/rhel/systemd/cloud-config.service b/rhel/systemd/cloud-config.service
|
||||
deleted file mode 100644
|
||||
index f3dcd4be..00000000
|
||||
--- a/rhel/systemd/cloud-config.service
|
||||
+++ /dev/null
|
||||
@@ -1,18 +0,0 @@
|
||||
-[Unit]
|
||||
-Description=Apply the settings specified in cloud-config
|
||||
-After=network-online.target cloud-config.target
|
||||
-Wants=network-online.target cloud-config.target
|
||||
-ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
-ConditionKernelCommandLine=!cloud-init=disabled
|
||||
-
|
||||
-[Service]
|
||||
-Type=oneshot
|
||||
-ExecStart=/usr/bin/cloud-init modules --mode=config
|
||||
-RemainAfterExit=yes
|
||||
-TimeoutSec=0
|
||||
-
|
||||
-# Output needs to appear in instance console output
|
||||
-StandardOutput=journal+console
|
||||
-
|
||||
-[Install]
|
||||
-WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-config.target b/rhel/systemd/cloud-config.target
|
||||
deleted file mode 100644
|
||||
index ae9b7d02..00000000
|
||||
--- a/rhel/systemd/cloud-config.target
|
||||
+++ /dev/null
|
||||
@@ -1,11 +0,0 @@
|
||||
-# cloud-init normally emits a "cloud-config" upstart event to inform third
|
||||
-# parties that cloud-config is available, which does us no good when we're
|
||||
-# using systemd. cloud-config.target serves as this synchronization point
|
||||
-# instead. Services that would "start on cloud-config" with upstart can
|
||||
-# instead use "After=cloud-config.target" and "Wants=cloud-config.target"
|
||||
-# as appropriate.
|
||||
-
|
||||
-[Unit]
|
||||
-Description=Cloud-config availability
|
||||
-Wants=cloud-init-local.service cloud-init.service
|
||||
-After=cloud-init-local.service cloud-init.service
|
||||
diff --git a/rhel/systemd/cloud-final.service b/rhel/systemd/cloud-final.service
|
||||
deleted file mode 100644
|
||||
index e281c0cf..00000000
|
||||
--- a/rhel/systemd/cloud-final.service
|
||||
+++ /dev/null
|
||||
@@ -1,24 +0,0 @@
|
||||
-[Unit]
|
||||
-Description=Execute cloud user/final scripts
|
||||
-After=network-online.target cloud-config.service rc-local.service
|
||||
-Wants=network-online.target cloud-config.service
|
||||
-ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
-ConditionKernelCommandLine=!cloud-init=disabled
|
||||
-
|
||||
-[Service]
|
||||
-Type=oneshot
|
||||
-ExecStart=/usr/bin/cloud-init modules --mode=final
|
||||
-RemainAfterExit=yes
|
||||
-TimeoutSec=0
|
||||
-KillMode=process
|
||||
-# Restart NetworkManager if it is present and running.
|
||||
-ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
|
||||
- out=$(systemctl show --property=SubState $u) || exit; \
|
||||
- [ "$out" = "SubState=running" ] || exit 0; \
|
||||
- systemctl reload-or-try-restart $u'
|
||||
-
|
||||
-# Output needs to appear in instance console output
|
||||
-StandardOutput=journal+console
|
||||
-
|
||||
-[Install]
|
||||
-WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-init-local.service b/rhel/systemd/cloud-init-local.service
|
||||
deleted file mode 100644
|
||||
index 8f9f6c9f..00000000
|
||||
--- a/rhel/systemd/cloud-init-local.service
|
||||
+++ /dev/null
|
||||
@@ -1,31 +0,0 @@
|
||||
-[Unit]
|
||||
-Description=Initial cloud-init job (pre-networking)
|
||||
-DefaultDependencies=no
|
||||
-Wants=network-pre.target
|
||||
-After=systemd-remount-fs.service
|
||||
-Requires=dbus.socket
|
||||
-After=dbus.socket
|
||||
-Before=NetworkManager.service network.service
|
||||
-Before=network-pre.target
|
||||
-Before=shutdown.target
|
||||
-Before=firewalld.target
|
||||
-Conflicts=shutdown.target
|
||||
-RequiresMountsFor=/var/lib/cloud
|
||||
-ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
-ConditionKernelCommandLine=!cloud-init=disabled
|
||||
-
|
||||
-[Service]
|
||||
-Type=oneshot
|
||||
-ExecStartPre=/bin/mkdir -p /run/cloud-init
|
||||
-ExecStartPre=/sbin/restorecon /run/cloud-init
|
||||
-ExecStartPre=/usr/bin/touch /run/cloud-init/enabled
|
||||
-ExecStart=/usr/bin/cloud-init init --local
|
||||
-ExecStart=/bin/touch /run/cloud-init/network-config-ready
|
||||
-RemainAfterExit=yes
|
||||
-TimeoutSec=0
|
||||
-
|
||||
-# Output needs to appear in instance console output
|
||||
-StandardOutput=journal+console
|
||||
-
|
||||
-[Install]
|
||||
-WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-init.service b/rhel/systemd/cloud-init.service
|
||||
deleted file mode 100644
|
||||
index 0b3d796d..00000000
|
||||
--- a/rhel/systemd/cloud-init.service
|
||||
+++ /dev/null
|
||||
@@ -1,26 +0,0 @@
|
||||
-[Unit]
|
||||
-Description=Initial cloud-init job (metadata service crawler)
|
||||
-Wants=cloud-init-local.service
|
||||
-Wants=sshd-keygen.service
|
||||
-Wants=sshd.service
|
||||
-After=cloud-init-local.service
|
||||
-After=NetworkManager.service network.service
|
||||
-After=NetworkManager-wait-online.service
|
||||
-Before=network-online.target
|
||||
-Before=sshd-keygen.service
|
||||
-Before=sshd.service
|
||||
-Before=systemd-user-sessions.service
|
||||
-ConditionPathExists=!/etc/cloud/cloud-init.disabled
|
||||
-ConditionKernelCommandLine=!cloud-init=disabled
|
||||
-
|
||||
-[Service]
|
||||
-Type=oneshot
|
||||
-ExecStart=/usr/bin/cloud-init init
|
||||
-RemainAfterExit=yes
|
||||
-TimeoutSec=0
|
||||
-
|
||||
-# Output needs to appear in instance console output
|
||||
-StandardOutput=journal+console
|
||||
-
|
||||
-[Install]
|
||||
-WantedBy=cloud-init.target
|
||||
diff --git a/rhel/systemd/cloud-init.target b/rhel/systemd/cloud-init.target
|
||||
deleted file mode 100644
|
||||
index 083c3b6f..00000000
|
||||
--- a/rhel/systemd/cloud-init.target
|
||||
+++ /dev/null
|
||||
@@ -1,7 +0,0 @@
|
||||
-# cloud-init target is enabled by cloud-init-generator
|
||||
-# To disable it you can either:
|
||||
-# a.) boot with kernel cmdline of 'cloud-init=disabled'
|
||||
-# b.) touch a file /etc/cloud/cloud-init.disabled
|
||||
-[Unit]
|
||||
-Description=Cloud-init target
|
||||
-After=multi-user.target
|
||||
diff --git a/setup.py b/setup.py
|
||||
index 3c377eaa..a9132d2c 100755
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -139,6 +139,21 @@ INITSYS_FILES = {
|
||||
"sysvinit_deb": [f for f in glob("sysvinit/debian/*") if is_f(f)],
|
||||
"sysvinit_openrc": [f for f in glob("sysvinit/gentoo/*") if is_f(f)],
|
||||
"sysvinit_suse": [f for f in glob("sysvinit/suse/*") if is_f(f)],
|
||||
+ "systemd": [
|
||||
+ render_tmpl(f)
|
||||
+ for f in (
|
||||
+ glob("systemd/*.tmpl")
|
||||
+ + glob("systemd/*.service")
|
||||
+ + glob("systemd/*.socket")
|
||||
+ + glob("systemd/*.target")
|
||||
+ )
|
||||
+ if (is_f(f) and not is_generator(f))
|
||||
+ ],
|
||||
+ "systemd.generators": [
|
||||
+ render_tmpl(f, mode=0o755)
|
||||
+ for f in glob("systemd/*")
|
||||
+ if is_f(f) and is_generator(f)
|
||||
+ ],
|
||||
"upstart": [f for f in glob("upstart/*") if is_f(f)],
|
||||
}
|
||||
INITSYS_ROOTS = {
|
||||
@@ -148,6 +163,10 @@ INITSYS_ROOTS = {
|
||||
"sysvinit_deb": "etc/init.d",
|
||||
"sysvinit_openrc": "etc/init.d",
|
||||
"sysvinit_suse": "etc/init.d",
|
||||
+ "systemd": pkg_config_read("systemd", "systemdsystemunitdir"),
|
||||
+ "systemd.generators": pkg_config_read(
|
||||
+ "systemd", "systemdsystemgeneratordir"
|
||||
+ ),
|
||||
"upstart": "etc/init/",
|
||||
}
|
||||
INITSYS_TYPES = sorted([f.partition(".")[0] for f in INITSYS_ROOTS.keys()])
|
||||
@@ -262,13 +281,15 @@ data_files = [
|
||||
(
|
||||
USR_LIB_EXEC + "/cloud-init",
|
||||
[
|
||||
+ "tools/ds-identify",
|
||||
"tools/hook-hotplug",
|
||||
"tools/uncloud-init",
|
||||
"tools/write-ssh-key-fingerprints",
|
||||
],
|
||||
),
|
||||
(
|
||||
- ETC + "/bash_completion.d", ["bash_completion/cloud-init"],
|
||||
+ USR + "/share/bash-completion/completions",
|
||||
+ ["bash_completion/cloud-init"],
|
||||
),
|
||||
(USR + "/share/doc/cloud-init", [f for f in glob("doc/*") if is_f(f)]),
|
||||
(
|
||||
@@ -287,7 +308,8 @@ if not platform.system().endswith("BSD"):
|
||||
ETC + "/NetworkManager/dispatcher.d/",
|
||||
["tools/hook-network-manager"],
|
||||
),
|
||||
- ("/usr/lib/udev/rules.d", [f for f in glob("udev/*.rules")]),
|
||||
+ (ETC + "/dhcp/dhclient-exit-hooks.d/", ["tools/hook-dhclient"]),
|
||||
+ (LIB + "/udev/rules.d", [f for f in glob("udev/*.rules")]),
|
||||
(
|
||||
ETC + "/systemd/system/sshd-keygen@.service.d/",
|
||||
["systemd/disable-sshd-keygen-if-cloud-init-active.conf"],
|
||||
@@ -317,6 +339,8 @@ setuptools.setup(
|
||||
scripts=["tools/cloud-init-per"],
|
||||
license="Dual-licensed under GPLv3 or Apache 2.0",
|
||||
data_files=data_files,
|
||||
+ install_requires=requirements,
|
||||
+ cmdclass=cmdclass,
|
||||
entry_points={
|
||||
"console_scripts": [
|
||||
"cloud-init = cloudinit.cmd.main:main",
|
||||
--
|
||||
2.35.3
|
||||
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,75 @@
|
|||
From 02e7b89c157f8c3243f0d91cf5652cf27db44b72 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Mon, 8 Aug 2022 10:10:26 +0200
|
||||
Subject: [PATCH 2/2] Revert "Use Network-Manager and Netplan as default
|
||||
renderers for RHEL and Fedora (#1465)"
|
||||
|
||||
RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
RH-MergeRequest: 81: Revert "Use Network-Manager and Netplan as default renderers for RHEL and Fedora (#1465)"
|
||||
RH-Commit: [2/2] 746b2e33356376e250b799261031676174e8ccc9
|
||||
RH-Bugzilla: 2107464 2110066 2117526 2104393 2098624
|
||||
RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
|
||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
|
||||
|
||||
As NM is reverted, remove also documentation and any trace of it.
|
||||
This reverts commit 13ded463a6a0b1b0bf0dffc0a997f006dd25c4f3.
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
---
|
||||
config/cloud.cfg.tmpl | 3 ---
|
||||
doc/rtd/topics/network-config.rst | 12 +-----------
|
||||
2 files changed, 1 insertion(+), 14 deletions(-)
|
||||
|
||||
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
|
||||
index f4d2fd14..80ab4f96 100644
|
||||
--- a/config/cloud.cfg.tmpl
|
||||
+++ b/config/cloud.cfg.tmpl
|
||||
@@ -353,7 +353,4 @@ system_info:
|
||||
{% elif variant in ["dragonfly"] %}
|
||||
network:
|
||||
renderers: ['freebsd']
|
||||
-{% elif variant in ["rhel", "fedora"] %}
|
||||
- network:
|
||||
- renderers: ['netplan', 'network-manager', 'networkd', 'sysconfig', 'eni']
|
||||
{% endif %}
|
||||
diff --git a/doc/rtd/topics/network-config.rst b/doc/rtd/topics/network-config.rst
|
||||
index f503caab..c461a3fe 100644
|
||||
--- a/doc/rtd/topics/network-config.rst
|
||||
+++ b/doc/rtd/topics/network-config.rst
|
||||
@@ -188,15 +188,6 @@ generated configuration into an internal network configuration state. From
|
||||
this state `Cloud-init`_ delegates rendering of the configuration to Distro
|
||||
supported formats. The following ``renderers`` are supported in cloud-init:
|
||||
|
||||
-- **NetworkManager**
|
||||
-
|
||||
-`NetworkManager <https://networkmanager.dev>`_ is the standard Linux network
|
||||
-configuration tool suite. It supports a wide range of networking setups.
|
||||
-Configuration is typically stored in ``/etc/NetworkManager``.
|
||||
-
|
||||
-It is the default for a number of Linux distributions, notably Fedora;
|
||||
-CentOS/RHEL; and derivatives.
|
||||
-
|
||||
- **ENI**
|
||||
|
||||
/etc/network/interfaces or ``ENI`` is supported by the ``ifupdown`` package
|
||||
@@ -224,7 +215,6 @@ is as follows:
|
||||
- ENI
|
||||
- Sysconfig
|
||||
- Netplan
|
||||
-- NetworkManager
|
||||
|
||||
When applying the policy, `Cloud-init`_ checks if the current instance has the
|
||||
correct binaries and paths to support the renderer. The first renderer that
|
||||
@@ -233,7 +223,7 @@ supplying an updated configuration in cloud-config. ::
|
||||
|
||||
system_info:
|
||||
network:
|
||||
- renderers: ['netplan', 'network-manager', 'eni', 'sysconfig', 'freebsd', 'netbsd', 'openbsd']
|
||||
+ renderers: ['netplan', 'eni', 'sysconfig', 'freebsd', 'netbsd', 'openbsd']
|
||||
|
||||
|
||||
Network Configuration Tools
|
||||
--
|
||||
2.27.0
|
||||
|
|
@ -1,80 +0,0 @@
|
|||
From 4dde2a9bed58aba13c730bf4a7314b21038d7a31 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Mon, 25 Jan 2021 16:24:29 +0100
|
||||
Subject: [PATCH 2/2] Revert "ssh_util: handle non-default AuthorizedKeysFile
|
||||
config (#586)" (#775)
|
||||
|
||||
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||
RH-MergeRequest: 38: Revert "ssh_util: handle non-default AuthorizedKeysFile config (#586)" (#775)
|
||||
RH-Commit: [1/1] aec2860c773ad1921f3949dc622543e81860c5bf (eterrell/cloud-init)
|
||||
RH-Bugzilla: 1919972
|
||||
|
||||
commit cdc5b81f33aee0ed3ef1ae239e5cec1906d0178a
|
||||
Author: Daniel Watkins <oddbloke@ubuntu.com>
|
||||
Date: Tue Jan 19 12:23:23 2021 -0500
|
||||
|
||||
Revert "ssh_util: handle non-default AuthorizedKeysFile config (#586)" (#775)
|
||||
|
||||
This reverts commit b0e73814db4027dba0b7dc0282e295b7f653325c.
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/ssh_util.py | 6 +++---
|
||||
tests/unittests/test_sshutil.py | 6 +++---
|
||||
2 files changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/ssh_util.py b/cloudinit/ssh_util.py
|
||||
index d5113996..c08042d6 100644
|
||||
--- a/cloudinit/ssh_util.py
|
||||
+++ b/cloudinit/ssh_util.py
|
||||
@@ -262,13 +262,13 @@ def extract_authorized_keys(username, sshd_cfg_file=DEF_SSHD_CFG):
|
||||
|
||||
except (IOError, OSError):
|
||||
# Give up and use a default key filename
|
||||
- auth_key_fns.append(default_authorizedkeys_file)
|
||||
+ auth_key_fns[0] = default_authorizedkeys_file
|
||||
util.logexc(LOG, "Failed extracting 'AuthorizedKeysFile' in SSH "
|
||||
"config from %r, using 'AuthorizedKeysFile' file "
|
||||
"%r instead", DEF_SSHD_CFG, auth_key_fns[0])
|
||||
|
||||
- # always store all the keys in the first file configured on sshd_config
|
||||
- return (auth_key_fns[0], parse_authorized_keys(auth_key_fns))
|
||||
+ # always store all the keys in the user's private file
|
||||
+ return (default_authorizedkeys_file, parse_authorized_keys(auth_key_fns))
|
||||
|
||||
|
||||
def setup_user_keys(keys, username, options=None):
|
||||
diff --git a/tests/unittests/test_sshutil.py b/tests/unittests/test_sshutil.py
|
||||
index 88a111e3..fd1d1bac 100644
|
||||
--- a/tests/unittests/test_sshutil.py
|
||||
+++ b/tests/unittests/test_sshutil.py
|
||||
@@ -593,7 +593,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||
fpw.pw_name, sshd_config)
|
||||
content = ssh_util.update_authorized_keys(auth_key_entries, [])
|
||||
|
||||
- self.assertEqual(authorized_keys, auth_key_fn)
|
||||
+ self.assertEqual("%s/.ssh/authorized_keys" % fpw.pw_dir, auth_key_fn)
|
||||
self.assertTrue(VALID_CONTENT['rsa'] in content)
|
||||
self.assertTrue(VALID_CONTENT['dsa'] in content)
|
||||
|
||||
@@ -610,7 +610,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||
sshd_config = self.tmp_path('sshd_config')
|
||||
util.write_file(
|
||||
sshd_config,
|
||||
- "AuthorizedKeysFile %s %s" % (user_keys, authorized_keys)
|
||||
+ "AuthorizedKeysFile %s %s" % (authorized_keys, user_keys)
|
||||
)
|
||||
|
||||
(auth_key_fn, auth_key_entries) = ssh_util.extract_authorized_keys(
|
||||
@@ -618,7 +618,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||
)
|
||||
content = ssh_util.update_authorized_keys(auth_key_entries, [])
|
||||
|
||||
- self.assertEqual(user_keys, auth_key_fn)
|
||||
+ self.assertEqual("%s/.ssh/authorized_keys" % fpw.pw_dir, auth_key_fn)
|
||||
self.assertTrue(VALID_CONTENT['rsa'] in content)
|
||||
self.assertTrue(VALID_CONTENT['dsa'] in content)
|
||||
|
||||
--
|
||||
2.18.4
|
||||
|
|
@ -0,0 +1,164 @@
|
|||
From fbec3008305845072a787f46008bbb82d89dec53 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Mon, 30 May 2022 16:46:41 +0200
|
||||
Subject: [PATCH] Support EC2 tags in instance metadata (#1309)
|
||||
|
||||
RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
RH-MergeRequest: 70: Support EC2 tags in instance metadata (#1309)
|
||||
RH-Commit: [1/1] 2497547016173a4c6e7d3c900f80de390d445c44
|
||||
RH-Bugzilla: 2082686
|
||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
|
||||
|
||||
commit 40c52ce1f4049449b04f93226721f63af874c5c7
|
||||
Author: Eduardo Dobay <edudobay@users.noreply.github.com>
|
||||
Date: Wed Apr 6 01:28:01 2022 -0300
|
||||
|
||||
Support EC2 tags in instance metadata (#1309)
|
||||
|
||||
Add support for newer EC2 metadata versions (up to 2021-03-23), so that
|
||||
tags can be retrieved from the `ds.meta_data.tags` field, as well as
|
||||
with any new fields that might have been added since the 2018-09-24
|
||||
version.
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
---
|
||||
cloudinit/sources/DataSourceEc2.py | 5 +++--
|
||||
doc/rtd/topics/datasources/ec2.rst | 28 ++++++++++++++++++++++------
|
||||
tests/unittests/sources/test_ec2.py | 26 +++++++++++++++++++++++++-
|
||||
tools/.github-cla-signers | 1 +
|
||||
4 files changed, 51 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/sources/DataSourceEc2.py b/cloudinit/sources/DataSourceEc2.py
|
||||
index 03b3870c..a030b498 100644
|
||||
--- a/cloudinit/sources/DataSourceEc2.py
|
||||
+++ b/cloudinit/sources/DataSourceEc2.py
|
||||
@@ -61,8 +61,9 @@ class DataSourceEc2(sources.DataSource):
|
||||
min_metadata_version = "2009-04-04"
|
||||
|
||||
# Priority ordered list of additional metadata versions which will be tried
|
||||
- # for extended metadata content. IPv6 support comes in 2016-09-02
|
||||
- extended_metadata_versions = ["2018-09-24", "2016-09-02"]
|
||||
+ # for extended metadata content. IPv6 support comes in 2016-09-02.
|
||||
+ # Tags support comes in 2021-03-23.
|
||||
+ extended_metadata_versions = ["2021-03-23", "2018-09-24", "2016-09-02"]
|
||||
|
||||
# Setup read_url parameters per get_url_params.
|
||||
url_max_wait = 120
|
||||
diff --git a/doc/rtd/topics/datasources/ec2.rst b/doc/rtd/topics/datasources/ec2.rst
|
||||
index 94e4158d..77232269 100644
|
||||
--- a/doc/rtd/topics/datasources/ec2.rst
|
||||
+++ b/doc/rtd/topics/datasources/ec2.rst
|
||||
@@ -38,11 +38,26 @@ Userdata is accessible via the following URL:
|
||||
GET http://169.254.169.254/2009-04-04/user-data
|
||||
1234,fred,reboot,true | 4512,jimbo, | 173,,,
|
||||
|
||||
-Note that there are multiple versions of this data provided, cloud-init
|
||||
-by default uses **2009-04-04** but newer versions can be supported with
|
||||
-relative ease (newer versions have more data exposed, while maintaining
|
||||
-backward compatibility with the previous versions).
|
||||
-Version **2016-09-02** is required for secondary IP address support.
|
||||
+Note that there are multiple EC2 Metadata versions of this data provided
|
||||
+to instances. cloud-init will attempt to use the most recent API version it
|
||||
+supports in order to get latest API features and instance-data. If a given
|
||||
+API version is not exposed to the instance, those API features will be
|
||||
+unavailable to the instance.
|
||||
+
|
||||
+
|
||||
++----------------+----------------------------------------------------------+
|
||||
++ EC2 version | supported instance-data/feature |
|
||||
++================+==========================================================+
|
||||
++ **2021-03-23** | Required for Instance tag support. This feature must be |
|
||||
+| | enabled individually on each instance. See the |
|
||||
+| | `EC2 tags user guide`_. |
|
||||
++----------------+----------------------------------------------------------+
|
||||
+| **2016-09-02** | Required for secondary IP address support. |
|
||||
++----------------+----------------------------------------------------------+
|
||||
+| **2009-04-04** | Minimum supports EC2 API version for meta-data and |
|
||||
+| | user-data. |
|
||||
++----------------+----------------------------------------------------------+
|
||||
+
|
||||
|
||||
To see which versions are supported from your cloud provider use the following
|
||||
URL:
|
||||
@@ -71,7 +86,7 @@ configuration (in `/etc/cloud/cloud.cfg` or `/etc/cloud/cloud.cfg.d/`).
|
||||
|
||||
The settings that may be configured are:
|
||||
|
||||
- * **metadata_urls**: This list of urls will be searched for an Ec2
|
||||
+ * **metadata_urls**: This list of urls will be searched for an EC2
|
||||
metadata service. The first entry that successfully returns a 200 response
|
||||
for <url>/<version>/meta-data/instance-id will be selected.
|
||||
(default: ['http://169.254.169.254', 'http://instance-data:8773']).
|
||||
@@ -121,4 +136,5 @@ Notes
|
||||
For example: the primary NIC will have a DHCP route-metric of 100,
|
||||
the next NIC will be 200.
|
||||
|
||||
+.. _EC2 tags user guide: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS
|
||||
.. vi: textwidth=79
|
||||
diff --git a/tests/unittests/sources/test_ec2.py b/tests/unittests/sources/test_ec2.py
|
||||
index b376660d..7c8a5ea5 100644
|
||||
--- a/tests/unittests/sources/test_ec2.py
|
||||
+++ b/tests/unittests/sources/test_ec2.py
|
||||
@@ -210,6 +210,17 @@ SECONDARY_IP_METADATA_2018_09_24 = {
|
||||
|
||||
M_PATH_NET = "cloudinit.sources.DataSourceEc2.net."
|
||||
|
||||
+TAGS_METADATA_2021_03_23 = {
|
||||
+ **DEFAULT_METADATA,
|
||||
+ "tags": {
|
||||
+ "instance": {
|
||||
+ "Environment": "production",
|
||||
+ "Application": "test",
|
||||
+ "TagWithoutValue": "",
|
||||
+ }
|
||||
+ },
|
||||
+}
|
||||
+
|
||||
|
||||
def _register_ssh_keys(rfunc, base_url, keys_data):
|
||||
"""handle ssh key inconsistencies.
|
||||
@@ -670,7 +681,7 @@ class TestEc2(test_helpers.HttprettyTestCase):
|
||||
logs_with_redacted = [log for log in all_logs if REDACT_TOK in log]
|
||||
logs_with_token = [log for log in all_logs if "API-TOKEN" in log]
|
||||
self.assertEqual(1, len(logs_with_redacted_ttl))
|
||||
- self.assertEqual(81, len(logs_with_redacted))
|
||||
+ self.assertEqual(83, len(logs_with_redacted))
|
||||
self.assertEqual(0, len(logs_with_token))
|
||||
|
||||
@mock.patch("cloudinit.net.dhcp.maybe_perform_dhcp_discovery")
|
||||
@@ -811,6 +822,19 @@ class TestEc2(test_helpers.HttprettyTestCase):
|
||||
)
|
||||
self.assertIn("Crawl of metadata service took", self.logs.getvalue())
|
||||
|
||||
+ def test_get_instance_tags(self):
|
||||
+ ds = self._setup_ds(
|
||||
+ platform_data=self.valid_platform_data,
|
||||
+ sys_cfg={"datasource": {"Ec2": {"strict_id": False}}},
|
||||
+ md={"md": TAGS_METADATA_2021_03_23},
|
||||
+ )
|
||||
+ self.assertTrue(ds.get_data())
|
||||
+ self.assertIn("tags", ds.metadata)
|
||||
+ self.assertIn("instance", ds.metadata["tags"])
|
||||
+ instance_tags = ds.metadata["tags"]["instance"]
|
||||
+ self.assertEqual(instance_tags["Application"], "test")
|
||||
+ self.assertEqual(instance_tags["Environment"], "production")
|
||||
+
|
||||
|
||||
class TestGetSecondaryAddresses(test_helpers.CiTestCase):
|
||||
|
||||
diff --git a/tools/.github-cla-signers b/tools/.github-cla-signers
|
||||
index ac157a2f..9f71ea0c 100644
|
||||
--- a/tools/.github-cla-signers
|
||||
+++ b/tools/.github-cla-signers
|
||||
@@ -26,6 +26,7 @@ dermotbradley
|
||||
dhensby
|
||||
eandersson
|
||||
eb3095
|
||||
+edudobay
|
||||
emmanuelthome
|
||||
eslerm
|
||||
esposem
|
||||
--
|
||||
2.27.0
|
||||
|
|
@ -0,0 +1,110 @@
|
|||
From 13ded463a6a0b1b0bf0dffc0a997f006dd25c4f3 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Thu, 19 May 2022 15:51:27 +0200
|
||||
Subject: [PATCH 2/4] Use Network-Manager and Netplan as default renderers for
|
||||
RHEL and Fedora (#1465)
|
||||
|
||||
RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
RH-MergeRequest: 57: Add native NetworkManager support (#1224)
|
||||
RH-Commit: [2/2] f2f977564bea496b0d76c0cef242959d03c2c73e
|
||||
RH-Bugzilla: 2059872
|
||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
RH-Acked-by: Jon Maloy <jmaloy@redhat.com>
|
||||
RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
|
||||
|
||||
commit 7703aa98b89c8daba207c28a0422268ead10019a
|
||||
Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Thu May 19 15:05:01 2022 +0200
|
||||
|
||||
Use Network-Manager and Netplan as default renderers for RHEL and Fedora (#1465)
|
||||
|
||||
This is adapted from Neal Gompa's PR:
|
||||
https://github.com/canonical/cloud-init/pull/1435
|
||||
|
||||
The only difference is that we are not modifying renderers.py (thus
|
||||
modifying the priority of all distros), but just tweaking cloud.cfg to
|
||||
apply this change to Fedora and RHEL. Other distros can optionally
|
||||
add themselves afterwards.
|
||||
|
||||
net: Prefer Netplan and NetworkManager renderers by default
|
||||
|
||||
NetworkManager is used by default on a variety of Linux distributions,
|
||||
and exists as a cross-distribution network management service.
|
||||
|
||||
Additionally, add information about the NetworkManager renderer to
|
||||
the cloud-init documentation.
|
||||
|
||||
Because Netplan can be explicitly used to manage NetworkManager,
|
||||
it needs to be preferred before NetworkManager.
|
||||
|
||||
This change is a follow-up to #1224, which added the native
|
||||
NetworkManager renderer.
|
||||
This patch has been deployed on Fedora's cloud-init package throughout
|
||||
the development of Fedora Linux 36 to verify that it works.
|
||||
|
||||
This should also make it tremendously easier for Linux distributions
|
||||
to use cloud-init because now a standard configuration is supported
|
||||
by default.
|
||||
|
||||
Signed-off-by: Neal Gompa <ngompa13@gmail.com>
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
---
|
||||
config/cloud.cfg.tmpl | 3 +++
|
||||
doc/rtd/topics/network-config.rst | 12 +++++++++++-
|
||||
2 files changed, 14 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
|
||||
index fb4b456c..86beee3c 100644
|
||||
--- a/config/cloud.cfg.tmpl
|
||||
+++ b/config/cloud.cfg.tmpl
|
||||
@@ -330,4 +330,7 @@ system_info:
|
||||
{% elif variant in ["dragonfly"] %}
|
||||
network:
|
||||
renderers: ['freebsd']
|
||||
+{% elif variant in ["rhel", "fedora"] %}
|
||||
+ network:
|
||||
+ renderers: ['netplan', 'network-manager', 'networkd', 'sysconfig', 'eni']
|
||||
{% endif %}
|
||||
diff --git a/doc/rtd/topics/network-config.rst b/doc/rtd/topics/network-config.rst
|
||||
index c461a3fe..f503caab 100644
|
||||
--- a/doc/rtd/topics/network-config.rst
|
||||
+++ b/doc/rtd/topics/network-config.rst
|
||||
@@ -188,6 +188,15 @@ generated configuration into an internal network configuration state. From
|
||||
this state `Cloud-init`_ delegates rendering of the configuration to Distro
|
||||
supported formats. The following ``renderers`` are supported in cloud-init:
|
||||
|
||||
+- **NetworkManager**
|
||||
+
|
||||
+`NetworkManager <https://networkmanager.dev>`_ is the standard Linux network
|
||||
+configuration tool suite. It supports a wide range of networking setups.
|
||||
+Configuration is typically stored in ``/etc/NetworkManager``.
|
||||
+
|
||||
+It is the default for a number of Linux distributions, notably Fedora;
|
||||
+CentOS/RHEL; and derivatives.
|
||||
+
|
||||
- **ENI**
|
||||
|
||||
/etc/network/interfaces or ``ENI`` is supported by the ``ifupdown`` package
|
||||
@@ -215,6 +224,7 @@ is as follows:
|
||||
- ENI
|
||||
- Sysconfig
|
||||
- Netplan
|
||||
+- NetworkManager
|
||||
|
||||
When applying the policy, `Cloud-init`_ checks if the current instance has the
|
||||
correct binaries and paths to support the renderer. The first renderer that
|
||||
@@ -223,7 +233,7 @@ supplying an updated configuration in cloud-config. ::
|
||||
|
||||
system_info:
|
||||
network:
|
||||
- renderers: ['netplan', 'eni', 'sysconfig', 'freebsd', 'netbsd', 'openbsd']
|
||||
+ renderers: ['netplan', 'network-manager', 'eni', 'sysconfig', 'freebsd', 'netbsd', 'openbsd']
|
||||
|
||||
|
||||
Network Configuration Tools
|
||||
--
|
||||
2.35.3
|
||||
|
|
@ -1,53 +0,0 @@
|
|||
From c90d5c11eb99ec25e0fd90585bad9283e60bda7e Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Tue, 26 Jan 2021 10:48:55 +0100
|
||||
Subject: [PATCH] fix a typo in man page cloud-init.1 (#752)
|
||||
|
||||
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||
RH-MergeRequest: 39: fix a typo in man page cloud-init.1 (#752)
|
||||
RH-Commit: [1/1] d2f7efbc63a7928ef175ac0714053dba20aab01a (eterrell/cloud-init)
|
||||
RH-Bugzilla: 1913127
|
||||
|
||||
commit 48b2c5f16bd4ef754fef137ea19894908d4bf1db
|
||||
Author: Amy Chen <66719270+xiachen-rh@users.noreply.github.com>
|
||||
Date: Wed Jan 6 22:37:02 2021 +0800
|
||||
|
||||
fix a typo in man page cloud-init.1 (#752)
|
||||
|
||||
1. fix a typo in cloud-init.1
|
||||
2. add xiachen-rh as contributor
|
||||
|
||||
Conflict: We don't really use tools/.github-cla-signers, but had to fix
|
||||
a tiny conflict of already included names on the file.
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
doc/man/cloud-init.1 | 2 +-
|
||||
tools/.github-cla-signers | 1 +
|
||||
2 files changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/doc/man/cloud-init.1 b/doc/man/cloud-init.1
|
||||
index 9b52dc8d..3fde4148 100644
|
||||
--- a/doc/man/cloud-init.1
|
||||
+++ b/doc/man/cloud-init.1
|
||||
@@ -10,7 +10,7 @@ cloud-init \- Cloud instance initialization
|
||||
Cloud-init provides a mechanism for cloud instance initialization.
|
||||
This is done by identifying the cloud platform that is in use, reading
|
||||
provided cloud metadata and optional vendor and user
|
||||
-data, and then intializing the instance as requested.
|
||||
+data, and then initializing the instance as requested.
|
||||
|
||||
Generally, this command is not normally meant to be run directly by
|
||||
the user. However, some subcommands may useful for development or
|
||||
diff --git a/tools/.github-cla-signers b/tools/.github-cla-signers
|
||||
index 802a35bd..e5d2b95c 100644
|
||||
--- a/tools/.github-cla-signers
|
||||
+++ b/tools/.github-cla-signers
|
||||
@@ -21,3 +21,4 @@ sshedi
|
||||
TheRealFalcon
|
||||
tomponline
|
||||
tsanghan
|
||||
+xiachen-rh
|
||||
--
|
||||
2.18.4
|
||||
|
|
@ -1,150 +0,0 @@
|
|||
From a0601a472dc5b05106617b35b81d8a0578ade339 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Lukas=20M=C3=A4rdian?= <luk@slyon.de>
|
||||
Date: Thu, 29 Oct 2020 14:38:56 +0100
|
||||
Subject: [PATCH 1/2] get_interfaces: don't exclude Open vSwitch bridge/bond
|
||||
members (#608)
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
RH-Author: Eduardo Otubo (otubo)
|
||||
RH-MergeRequest: 6: Patch series to fix "Bug 1957135 - Intermittent failure to start cloud-init due to failure to detect macs"
|
||||
RH-Commit: [1/2] 4362f855d2d1a250a7d18490b35e65a1133a00c2 (otubo/cloud-init)
|
||||
RH-Bugzilla: 1957135
|
||||
RH-Acked-by: Mohammed Gamal <mmorsy@redhat.com>
|
||||
RH-Acked-by: Emanuele Giuseppe Esposito <[eesposit@redhat.com](mailto:eesposit@redhat.com>
|
||||
|
||||
commit 3c432b32de1bdce2699525201396a8bbc6a41f3e
|
||||
Author: Lukas Märdian <luk@slyon.de>
|
||||
Date: Thu Oct 29 14:38:56 2020 +0100
|
||||
|
||||
get_interfaces: don't exclude Open vSwitch bridge/bond members (#608)
|
||||
|
||||
If an OVS bridge was used as the only/primary interface, the 'init'
|
||||
stage failed with a "Not all expected physical devices present" error,
|
||||
leaving the system with a broken SSH setup.
|
||||
|
||||
LP: #1898997
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/net/__init__.py | 15 +++++++++++--
|
||||
cloudinit/net/tests/test_init.py | 36 +++++++++++++++++++++++++++++++-
|
||||
tools/.github-cla-signers | 1 +
|
||||
3 files changed, 49 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/net/__init__.py b/cloudinit/net/__init__.py
|
||||
index e233149a..0aa58b27 100644
|
||||
--- a/cloudinit/net/__init__.py
|
||||
+++ b/cloudinit/net/__init__.py
|
||||
@@ -124,6 +124,15 @@ def master_is_bridge_or_bond(devname):
|
||||
return (os.path.exists(bonding_path) or os.path.exists(bridge_path))
|
||||
|
||||
|
||||
+def master_is_openvswitch(devname):
|
||||
+ """Return a bool indicating if devname's master is openvswitch"""
|
||||
+ master_path = get_master(devname)
|
||||
+ if master_path is None:
|
||||
+ return False
|
||||
+ ovs_path = sys_dev_path(devname, path="upper_ovs-system")
|
||||
+ return os.path.exists(ovs_path)
|
||||
+
|
||||
+
|
||||
def is_netfailover(devname, driver=None):
|
||||
""" netfailover driver uses 3 nics, master, primary and standby.
|
||||
this returns True if the device is either the primary or standby
|
||||
@@ -855,8 +864,10 @@ def get_interfaces():
|
||||
continue
|
||||
if is_bond(name):
|
||||
continue
|
||||
- if get_master(name) is not None and not master_is_bridge_or_bond(name):
|
||||
- continue
|
||||
+ if get_master(name) is not None:
|
||||
+ if (not master_is_bridge_or_bond(name) and
|
||||
+ not master_is_openvswitch(name)):
|
||||
+ continue
|
||||
if is_netfailover(name):
|
||||
continue
|
||||
mac = get_interface_mac(name)
|
||||
diff --git a/cloudinit/net/tests/test_init.py b/cloudinit/net/tests/test_init.py
|
||||
index 311ab6f8..0535387a 100644
|
||||
--- a/cloudinit/net/tests/test_init.py
|
||||
+++ b/cloudinit/net/tests/test_init.py
|
||||
@@ -190,6 +190,28 @@ class TestReadSysNet(CiTestCase):
|
||||
self.assertTrue(net.master_is_bridge_or_bond('eth1'))
|
||||
self.assertTrue(net.master_is_bridge_or_bond('eth2'))
|
||||
|
||||
+ def test_master_is_openvswitch(self):
|
||||
+ ovs_mac = 'bb:cc:aa:bb:cc:aa'
|
||||
+
|
||||
+ # No master => False
|
||||
+ write_file(os.path.join(self.sysdir, 'eth1', 'address'), ovs_mac)
|
||||
+
|
||||
+ self.assertFalse(net.master_is_bridge_or_bond('eth1'))
|
||||
+
|
||||
+ # masters without ovs-system => False
|
||||
+ write_file(os.path.join(self.sysdir, 'ovs-system', 'address'), ovs_mac)
|
||||
+
|
||||
+ os.symlink('../ovs-system', os.path.join(self.sysdir, 'eth1',
|
||||
+ 'master'))
|
||||
+
|
||||
+ self.assertFalse(net.master_is_openvswitch('eth1'))
|
||||
+
|
||||
+ # masters with ovs-system => True
|
||||
+ os.symlink('../ovs-system', os.path.join(self.sysdir, 'eth1',
|
||||
+ 'upper_ovs-system'))
|
||||
+
|
||||
+ self.assertTrue(net.master_is_openvswitch('eth1'))
|
||||
+
|
||||
def test_is_vlan(self):
|
||||
"""is_vlan is True when /sys/net/devname/uevent has DEVTYPE=vlan."""
|
||||
ensure_file(os.path.join(self.sysdir, 'eth0', 'uevent'))
|
||||
@@ -465,20 +487,32 @@ class TestGetInterfaceMAC(CiTestCase):
|
||||
):
|
||||
bridge_mac = 'aa:bb:cc:aa:bb:cc'
|
||||
bond_mac = 'cc:bb:aa:cc:bb:aa'
|
||||
+ ovs_mac = 'bb:cc:aa:bb:cc:aa'
|
||||
+
|
||||
write_file(os.path.join(self.sysdir, 'br0', 'address'), bridge_mac)
|
||||
write_file(os.path.join(self.sysdir, 'br0', 'bridge'), '')
|
||||
|
||||
write_file(os.path.join(self.sysdir, 'bond0', 'address'), bond_mac)
|
||||
write_file(os.path.join(self.sysdir, 'bond0', 'bonding'), '')
|
||||
|
||||
+ write_file(os.path.join(self.sysdir, 'ovs-system', 'address'),
|
||||
+ ovs_mac)
|
||||
+
|
||||
write_file(os.path.join(self.sysdir, 'eth1', 'address'), bridge_mac)
|
||||
os.symlink('../br0', os.path.join(self.sysdir, 'eth1', 'master'))
|
||||
|
||||
write_file(os.path.join(self.sysdir, 'eth2', 'address'), bond_mac)
|
||||
os.symlink('../bond0', os.path.join(self.sysdir, 'eth2', 'master'))
|
||||
|
||||
+ write_file(os.path.join(self.sysdir, 'eth3', 'address'), ovs_mac)
|
||||
+ os.symlink('../ovs-system', os.path.join(self.sysdir, 'eth3',
|
||||
+ 'master'))
|
||||
+ os.symlink('../ovs-system', os.path.join(self.sysdir, 'eth3',
|
||||
+ 'upper_ovs-system'))
|
||||
+
|
||||
interface_names = [interface[0] for interface in net.get_interfaces()]
|
||||
- self.assertEqual(['eth1', 'eth2'], sorted(interface_names))
|
||||
+ self.assertEqual(['eth1', 'eth2', 'eth3', 'ovs-system'],
|
||||
+ sorted(interface_names))
|
||||
|
||||
|
||||
class TestInterfaceHasOwnMAC(CiTestCase):
|
||||
diff --git a/tools/.github-cla-signers b/tools/.github-cla-signers
|
||||
index e5d2b95c..db55361a 100644
|
||||
--- a/tools/.github-cla-signers
|
||||
+++ b/tools/.github-cla-signers
|
||||
@@ -16,6 +16,7 @@ matthewruffell
|
||||
nishigori
|
||||
omBratteng
|
||||
onitake
|
||||
+slyon
|
||||
smoser
|
||||
sshedi
|
||||
TheRealFalcon
|
||||
--
|
||||
2.27.0
|
||||
|
|
@ -1,512 +0,0 @@
|
|||
From 83e17432645b9e959c82ffe9c86d20fa183bc5ef Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Watkins <oddbloke@ubuntu.com>
|
||||
Date: Mon, 8 Mar 2021 12:50:57 -0500
|
||||
Subject: [PATCH 2/2] net: exclude OVS internal interfaces in get_interfaces
|
||||
(#829)
|
||||
|
||||
RH-Author: Eduardo Otubo (otubo)
|
||||
RH-MergeRequest: 6: Patch series to fix "Bug 1957135 - Intermittent failure to start cloud-init due to failure to detect macs"
|
||||
RH-Commit: [2/2] d401dc64a7ceeecb091a792aa24de334940a3750 (otubo/cloud-init)
|
||||
RH-Bugzilla: 1957135
|
||||
RH-Acked-by: Mohammed Gamal <mmorsy@redhat.com>
|
||||
RH-Acked-by: Emanuele Giuseppe Esposito <[eesposit@redhat.com](mailto:eesposit@redhat.com>
|
||||
|
||||
commit 121bc04cdf0e6732fe143b7419131dc250c13384
|
||||
Author: Daniel Watkins <oddbloke@ubuntu.com>
|
||||
Date: Mon Mar 8 12:50:57 2021 -0500
|
||||
|
||||
net: exclude OVS internal interfaces in get_interfaces (#829)
|
||||
|
||||
`get_interfaces` is used to in two ways, broadly: firstly, to determine
|
||||
the available interfaces when converting cloud network configuration
|
||||
formats to cloud-init's network configuration formats; and, secondly, to
|
||||
ensure that any interfaces which are specified in network configuration
|
||||
are (a) available, and (b) named correctly. The first of these is
|
||||
unaffected by this commit, as no clouds support Open vSwitch
|
||||
configuration in their network configuration formats.
|
||||
|
||||
For the second, we check that MAC addresses of physical devices are
|
||||
unique. In some OVS configurations, there are OVS-created devices which
|
||||
have duplicate MAC addresses, either with each other or with physical
|
||||
devices. As these interfaces are created by OVS, we can be confident
|
||||
that (a) they will be available when appropriate, and (b) that OVS will
|
||||
name them correctly. As such, this commit excludes any OVS-internal
|
||||
interfaces from the set of interfaces returned by `get_interfaces`.
|
||||
|
||||
LP: #1912844
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/net/__init__.py | 62 +++++++++
|
||||
cloudinit/net/tests/test_init.py | 119 ++++++++++++++++++
|
||||
.../sources/helpers/tests/test_openstack.py | 5 +
|
||||
cloudinit/sources/tests/test_oracle.py | 4 +
|
||||
.../integration_tests/bugs/test_lp1912844.py | 103 +++++++++++++++
|
||||
.../test_datasource/test_configdrive.py | 8 ++
|
||||
tests/unittests/test_net.py | 20 +++
|
||||
7 files changed, 321 insertions(+)
|
||||
create mode 100644 tests/integration_tests/bugs/test_lp1912844.py
|
||||
|
||||
diff --git a/cloudinit/net/__init__.py b/cloudinit/net/__init__.py
|
||||
index 0aa58b27..2ff770e1 100644
|
||||
--- a/cloudinit/net/__init__.py
|
||||
+++ b/cloudinit/net/__init__.py
|
||||
@@ -6,6 +6,7 @@
|
||||
# This file is part of cloud-init. See LICENSE file for license information.
|
||||
|
||||
import errno
|
||||
+import functools
|
||||
import ipaddress
|
||||
import logging
|
||||
import os
|
||||
@@ -19,6 +20,19 @@ from cloudinit.url_helper import UrlError, readurl
|
||||
LOG = logging.getLogger(__name__)
|
||||
SYS_CLASS_NET = "/sys/class/net/"
|
||||
DEFAULT_PRIMARY_INTERFACE = 'eth0'
|
||||
+OVS_INTERNAL_INTERFACE_LOOKUP_CMD = [
|
||||
+ "ovs-vsctl",
|
||||
+ "--format",
|
||||
+ "csv",
|
||||
+ "--no-headings",
|
||||
+ "--timeout",
|
||||
+ "10",
|
||||
+ "--columns",
|
||||
+ "name",
|
||||
+ "find",
|
||||
+ "interface",
|
||||
+ "type=internal",
|
||||
+]
|
||||
|
||||
|
||||
def natural_sort_key(s, _nsre=re.compile('([0-9]+)')):
|
||||
@@ -133,6 +147,52 @@ def master_is_openvswitch(devname):
|
||||
return os.path.exists(ovs_path)
|
||||
|
||||
|
||||
+@functools.lru_cache(maxsize=None)
|
||||
+def openvswitch_is_installed() -> bool:
|
||||
+ """Return a bool indicating if Open vSwitch is installed in the system."""
|
||||
+ ret = bool(subp.which("ovs-vsctl"))
|
||||
+ if not ret:
|
||||
+ LOG.debug(
|
||||
+ "ovs-vsctl not in PATH; not detecting Open vSwitch interfaces"
|
||||
+ )
|
||||
+ return ret
|
||||
+
|
||||
+
|
||||
+@functools.lru_cache(maxsize=None)
|
||||
+def get_ovs_internal_interfaces() -> list:
|
||||
+ """Return a list of the names of OVS internal interfaces on the system.
|
||||
+
|
||||
+ These will all be strings, and are used to exclude OVS-specific interface
|
||||
+ from cloud-init's network configuration handling.
|
||||
+ """
|
||||
+ try:
|
||||
+ out, _err = subp.subp(OVS_INTERNAL_INTERFACE_LOOKUP_CMD)
|
||||
+ except subp.ProcessExecutionError as exc:
|
||||
+ if "database connection failed" in exc.stderr:
|
||||
+ LOG.info(
|
||||
+ "Open vSwitch is not yet up; no interfaces will be detected as"
|
||||
+ " OVS-internal"
|
||||
+ )
|
||||
+ return []
|
||||
+ raise
|
||||
+ else:
|
||||
+ return out.splitlines()
|
||||
+
|
||||
+
|
||||
+def is_openvswitch_internal_interface(devname: str) -> bool:
|
||||
+ """Returns True if this is an OVS internal interface.
|
||||
+
|
||||
+ If OVS is not installed or not yet running, this will return False.
|
||||
+ """
|
||||
+ if not openvswitch_is_installed():
|
||||
+ return False
|
||||
+ ovs_bridges = get_ovs_internal_interfaces()
|
||||
+ if devname in ovs_bridges:
|
||||
+ LOG.debug("Detected %s as an OVS interface", devname)
|
||||
+ return True
|
||||
+ return False
|
||||
+
|
||||
+
|
||||
def is_netfailover(devname, driver=None):
|
||||
""" netfailover driver uses 3 nics, master, primary and standby.
|
||||
this returns True if the device is either the primary or standby
|
||||
@@ -877,6 +937,8 @@ def get_interfaces():
|
||||
# skip nics that have no mac (00:00....)
|
||||
if name != 'lo' and mac == zero_mac[:len(mac)]:
|
||||
continue
|
||||
+ if is_openvswitch_internal_interface(name):
|
||||
+ continue
|
||||
ret.append((name, mac, device_driver(name), device_devid(name)))
|
||||
return ret
|
||||
|
||||
diff --git a/cloudinit/net/tests/test_init.py b/cloudinit/net/tests/test_init.py
|
||||
index 0535387a..946f8ee2 100644
|
||||
--- a/cloudinit/net/tests/test_init.py
|
||||
+++ b/cloudinit/net/tests/test_init.py
|
||||
@@ -391,6 +391,10 @@ class TestGetDeviceList(CiTestCase):
|
||||
self.assertCountEqual(['eth0', 'eth1'], net.get_devicelist())
|
||||
|
||||
|
||||
+@mock.patch(
|
||||
+ "cloudinit.net.is_openvswitch_internal_interface",
|
||||
+ mock.Mock(return_value=False),
|
||||
+)
|
||||
class TestGetInterfaceMAC(CiTestCase):
|
||||
|
||||
def setUp(self):
|
||||
@@ -1224,6 +1228,121 @@ class TestNetFailOver(CiTestCase):
|
||||
self.assertFalse(net.is_netfailover(devname, driver))
|
||||
|
||||
|
||||
+class TestOpenvswitchIsInstalled:
|
||||
+ """Test cloudinit.net.openvswitch_is_installed.
|
||||
+
|
||||
+ Uses the ``clear_lru_cache`` local autouse fixture to allow us to test
|
||||
+ despite the ``lru_cache`` decorator on the unit under test.
|
||||
+ """
|
||||
+
|
||||
+ @pytest.fixture(autouse=True)
|
||||
+ def clear_lru_cache(self):
|
||||
+ net.openvswitch_is_installed.cache_clear()
|
||||
+
|
||||
+ @pytest.mark.parametrize(
|
||||
+ "expected,which_return", [(True, "/some/path"), (False, None)]
|
||||
+ )
|
||||
+ @mock.patch("cloudinit.net.subp.which")
|
||||
+ def test_mirrors_which_result(self, m_which, expected, which_return):
|
||||
+ m_which.return_value = which_return
|
||||
+ assert expected == net.openvswitch_is_installed()
|
||||
+
|
||||
+ @mock.patch("cloudinit.net.subp.which")
|
||||
+ def test_only_calls_which_once(self, m_which):
|
||||
+ net.openvswitch_is_installed()
|
||||
+ net.openvswitch_is_installed()
|
||||
+ assert 1 == m_which.call_count
|
||||
+
|
||||
+
|
||||
+@mock.patch("cloudinit.net.subp.subp", return_value=("", ""))
|
||||
+class TestGetOVSInternalInterfaces:
|
||||
+ """Test cloudinit.net.get_ovs_internal_interfaces.
|
||||
+
|
||||
+ Uses the ``clear_lru_cache`` local autouse fixture to allow us to test
|
||||
+ despite the ``lru_cache`` decorator on the unit under test.
|
||||
+ """
|
||||
+ @pytest.fixture(autouse=True)
|
||||
+ def clear_lru_cache(self):
|
||||
+ net.get_ovs_internal_interfaces.cache_clear()
|
||||
+
|
||||
+ def test_command_used(self, m_subp):
|
||||
+ """Test we use the correct command when we call subp"""
|
||||
+ net.get_ovs_internal_interfaces()
|
||||
+
|
||||
+ assert [
|
||||
+ mock.call(net.OVS_INTERNAL_INTERFACE_LOOKUP_CMD)
|
||||
+ ] == m_subp.call_args_list
|
||||
+
|
||||
+ def test_subp_contents_split_and_returned(self, m_subp):
|
||||
+ """Test that the command output is appropriately mangled."""
|
||||
+ stdout = "iface1\niface2\niface3\n"
|
||||
+ m_subp.return_value = (stdout, "")
|
||||
+
|
||||
+ assert [
|
||||
+ "iface1",
|
||||
+ "iface2",
|
||||
+ "iface3",
|
||||
+ ] == net.get_ovs_internal_interfaces()
|
||||
+
|
||||
+ def test_database_connection_error_handled_gracefully(self, m_subp):
|
||||
+ """Test that the error indicating OVS is down is handled gracefully."""
|
||||
+ m_subp.side_effect = ProcessExecutionError(
|
||||
+ stderr="database connection failed"
|
||||
+ )
|
||||
+
|
||||
+ assert [] == net.get_ovs_internal_interfaces()
|
||||
+
|
||||
+ def test_other_errors_raised(self, m_subp):
|
||||
+ """Test that only database connection errors are handled."""
|
||||
+ m_subp.side_effect = ProcessExecutionError()
|
||||
+
|
||||
+ with pytest.raises(ProcessExecutionError):
|
||||
+ net.get_ovs_internal_interfaces()
|
||||
+
|
||||
+ def test_only_runs_once(self, m_subp):
|
||||
+ """Test that we cache the value."""
|
||||
+ net.get_ovs_internal_interfaces()
|
||||
+ net.get_ovs_internal_interfaces()
|
||||
+
|
||||
+ assert 1 == m_subp.call_count
|
||||
+
|
||||
+
|
||||
+@mock.patch("cloudinit.net.get_ovs_internal_interfaces")
|
||||
+@mock.patch("cloudinit.net.openvswitch_is_installed")
|
||||
+class TestIsOpenVSwitchInternalInterface:
|
||||
+ def test_false_if_ovs_not_installed(
|
||||
+ self, m_openvswitch_is_installed, _m_get_ovs_internal_interfaces
|
||||
+ ):
|
||||
+ """Test that OVS' absence returns False."""
|
||||
+ m_openvswitch_is_installed.return_value = False
|
||||
+
|
||||
+ assert not net.is_openvswitch_internal_interface("devname")
|
||||
+
|
||||
+ @pytest.mark.parametrize(
|
||||
+ "detected_interfaces,devname,expected_return",
|
||||
+ [
|
||||
+ ([], "devname", False),
|
||||
+ (["notdevname"], "devname", False),
|
||||
+ (["devname"], "devname", True),
|
||||
+ (["some", "other", "devices", "and", "ours"], "ours", True),
|
||||
+ ],
|
||||
+ )
|
||||
+ def test_return_value_based_on_detected_interfaces(
|
||||
+ self,
|
||||
+ m_openvswitch_is_installed,
|
||||
+ m_get_ovs_internal_interfaces,
|
||||
+ detected_interfaces,
|
||||
+ devname,
|
||||
+ expected_return,
|
||||
+ ):
|
||||
+ """Test that the detected interfaces are used correctly."""
|
||||
+ m_openvswitch_is_installed.return_value = True
|
||||
+ m_get_ovs_internal_interfaces.return_value = detected_interfaces
|
||||
+ assert expected_return == net.is_openvswitch_internal_interface(
|
||||
+ devname
|
||||
+ )
|
||||
+
|
||||
+
|
||||
class TestIsIpAddress:
|
||||
"""Tests for net.is_ip_address.
|
||||
|
||||
diff --git a/cloudinit/sources/helpers/tests/test_openstack.py b/cloudinit/sources/helpers/tests/test_openstack.py
|
||||
index 2bde1e3f..95fb9743 100644
|
||||
--- a/cloudinit/sources/helpers/tests/test_openstack.py
|
||||
+++ b/cloudinit/sources/helpers/tests/test_openstack.py
|
||||
@@ -1,10 +1,15 @@
|
||||
# This file is part of cloud-init. See LICENSE file for license information.
|
||||
# ./cloudinit/sources/helpers/tests/test_openstack.py
|
||||
+from unittest import mock
|
||||
|
||||
from cloudinit.sources.helpers import openstack
|
||||
from cloudinit.tests import helpers as test_helpers
|
||||
|
||||
|
||||
+@mock.patch(
|
||||
+ "cloudinit.net.is_openvswitch_internal_interface",
|
||||
+ mock.Mock(return_value=False)
|
||||
+)
|
||||
class TestConvertNetJson(test_helpers.CiTestCase):
|
||||
|
||||
def test_phy_types(self):
|
||||
diff --git a/cloudinit/sources/tests/test_oracle.py b/cloudinit/sources/tests/test_oracle.py
|
||||
index 7bd23813..902d1e40 100644
|
||||
--- a/cloudinit/sources/tests/test_oracle.py
|
||||
+++ b/cloudinit/sources/tests/test_oracle.py
|
||||
@@ -173,6 +173,10 @@ class TestIsPlatformViable(test_helpers.CiTestCase):
|
||||
m_read_dmi_data.assert_has_calls([mock.call('chassis-asset-tag')])
|
||||
|
||||
|
||||
+@mock.patch(
|
||||
+ "cloudinit.net.is_openvswitch_internal_interface",
|
||||
+ mock.Mock(return_value=False)
|
||||
+)
|
||||
class TestNetworkConfigFromOpcImds:
|
||||
def test_no_secondary_nics_does_not_mutate_input(self, oracle_ds):
|
||||
oracle_ds._vnics_data = [{}]
|
||||
diff --git a/tests/integration_tests/bugs/test_lp1912844.py b/tests/integration_tests/bugs/test_lp1912844.py
|
||||
new file mode 100644
|
||||
index 00000000..efafae50
|
||||
--- /dev/null
|
||||
+++ b/tests/integration_tests/bugs/test_lp1912844.py
|
||||
@@ -0,0 +1,103 @@
|
||||
+"""Integration test for LP: #1912844
|
||||
+
|
||||
+cloud-init should ignore OVS-internal interfaces when performing its own
|
||||
+interface determination: these interfaces are handled fully by OVS, so
|
||||
+cloud-init should never need to touch them.
|
||||
+
|
||||
+This test is a semi-synthetic reproducer for the bug. It uses a similar
|
||||
+network configuration, tweaked slightly to DHCP in a way that will succeed even
|
||||
+on "failed" boots. The exact bug doesn't reproduce with the NoCloud
|
||||
+datasource, because it runs at init-local time (whereas the MAAS datasource,
|
||||
+from the report, runs only at init (network) time): this means that the
|
||||
+networking code runs before OVS creates its interfaces (which happens after
|
||||
+init-local but, of course, before networking is up), and so doesn't generate
|
||||
+the traceback that they cause. We work around this by calling
|
||||
+``get_interfaces_by_mac` directly in the test code.
|
||||
+"""
|
||||
+import pytest
|
||||
+
|
||||
+from tests.integration_tests import random_mac_address
|
||||
+
|
||||
+MAC_ADDRESS = random_mac_address()
|
||||
+
|
||||
+NETWORK_CONFIG = """\
|
||||
+bonds:
|
||||
+ bond0:
|
||||
+ interfaces:
|
||||
+ - enp5s0
|
||||
+ macaddress: {0}
|
||||
+ mtu: 1500
|
||||
+bridges:
|
||||
+ ovs-br:
|
||||
+ interfaces:
|
||||
+ - bond0
|
||||
+ macaddress: {0}
|
||||
+ mtu: 1500
|
||||
+ openvswitch: {{}}
|
||||
+ dhcp4: true
|
||||
+ethernets:
|
||||
+ enp5s0:
|
||||
+ mtu: 1500
|
||||
+ set-name: enp5s0
|
||||
+ match:
|
||||
+ macaddress: {0}
|
||||
+version: 2
|
||||
+vlans:
|
||||
+ ovs-br.100:
|
||||
+ id: 100
|
||||
+ link: ovs-br
|
||||
+ mtu: 1500
|
||||
+ ovs-br.200:
|
||||
+ id: 200
|
||||
+ link: ovs-br
|
||||
+ mtu: 1500
|
||||
+""".format(MAC_ADDRESS)
|
||||
+
|
||||
+
|
||||
+SETUP_USER_DATA = """\
|
||||
+#cloud-config
|
||||
+packages:
|
||||
+- openvswitch-switch
|
||||
+"""
|
||||
+
|
||||
+
|
||||
+@pytest.fixture
|
||||
+def ovs_enabled_session_cloud(session_cloud):
|
||||
+ """A session_cloud wrapper, to use an OVS-enabled image for tests.
|
||||
+
|
||||
+ This implementation is complicated by wanting to use ``session_cloud``s
|
||||
+ snapshot cleanup/retention logic, to avoid having to reimplement that here.
|
||||
+ """
|
||||
+ old_snapshot_id = session_cloud.snapshot_id
|
||||
+ with session_cloud.launch(
|
||||
+ user_data=SETUP_USER_DATA,
|
||||
+ ) as instance:
|
||||
+ instance.instance.clean()
|
||||
+ session_cloud.snapshot_id = instance.snapshot()
|
||||
+
|
||||
+ yield session_cloud
|
||||
+
|
||||
+ try:
|
||||
+ session_cloud.delete_snapshot()
|
||||
+ finally:
|
||||
+ session_cloud.snapshot_id = old_snapshot_id
|
||||
+
|
||||
+
|
||||
+@pytest.mark.lxd_vm
|
||||
+def test_get_interfaces_by_mac_doesnt_traceback(ovs_enabled_session_cloud):
|
||||
+ """Launch our OVS-enabled image and confirm the bug doesn't reproduce."""
|
||||
+ launch_kwargs = {
|
||||
+ "config_dict": {
|
||||
+ "user.network-config": NETWORK_CONFIG,
|
||||
+ "volatile.eth0.hwaddr": MAC_ADDRESS,
|
||||
+ },
|
||||
+ }
|
||||
+ with ovs_enabled_session_cloud.launch(
|
||||
+ launch_kwargs=launch_kwargs,
|
||||
+ ) as client:
|
||||
+ result = client.execute(
|
||||
+ "python3 -c"
|
||||
+ "'from cloudinit.net import get_interfaces_by_mac;"
|
||||
+ "get_interfaces_by_mac()'"
|
||||
+ )
|
||||
+ assert result.ok
|
||||
diff --git a/tests/unittests/test_datasource/test_configdrive.py b/tests/unittests/test_datasource/test_configdrive.py
|
||||
index 6f830cc6..2e2b7847 100644
|
||||
--- a/tests/unittests/test_datasource/test_configdrive.py
|
||||
+++ b/tests/unittests/test_datasource/test_configdrive.py
|
||||
@@ -494,6 +494,10 @@ class TestConfigDriveDataSource(CiTestCase):
|
||||
self.assertEqual('config-disk (/dev/anything)', cfg_ds.subplatform)
|
||||
|
||||
|
||||
+@mock.patch(
|
||||
+ "cloudinit.net.is_openvswitch_internal_interface",
|
||||
+ mock.Mock(return_value=False)
|
||||
+)
|
||||
class TestNetJson(CiTestCase):
|
||||
def setUp(self):
|
||||
super(TestNetJson, self).setUp()
|
||||
@@ -654,6 +658,10 @@ class TestNetJson(CiTestCase):
|
||||
self.assertEqual(out_data, conv_data)
|
||||
|
||||
|
||||
+@mock.patch(
|
||||
+ "cloudinit.net.is_openvswitch_internal_interface",
|
||||
+ mock.Mock(return_value=False)
|
||||
+)
|
||||
class TestConvertNetworkData(CiTestCase):
|
||||
|
||||
with_logs = True
|
||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||
index 844d5ba8..3607c5e3 100644
|
||||
--- a/tests/unittests/test_net.py
|
||||
+++ b/tests/unittests/test_net.py
|
||||
@@ -2825,6 +2825,10 @@ iface eth1 inet dhcp
|
||||
self.assertEqual(0, mock_settle.call_count)
|
||||
|
||||
|
||||
+@mock.patch(
|
||||
+ "cloudinit.net.is_openvswitch_internal_interface",
|
||||
+ mock.Mock(return_value=False)
|
||||
+)
|
||||
class TestRhelSysConfigRendering(CiTestCase):
|
||||
|
||||
with_logs = True
|
||||
@@ -3495,6 +3499,10 @@ USERCTL=no
|
||||
expected, self._render_and_read(network_config=v2data))
|
||||
|
||||
|
||||
+@mock.patch(
|
||||
+ "cloudinit.net.is_openvswitch_internal_interface",
|
||||
+ mock.Mock(return_value=False)
|
||||
+)
|
||||
class TestOpenSuseSysConfigRendering(CiTestCase):
|
||||
|
||||
with_logs = True
|
||||
@@ -4859,6 +4867,10 @@ class TestNetRenderers(CiTestCase):
|
||||
self.assertTrue(result)
|
||||
|
||||
|
||||
+@mock.patch(
|
||||
+ "cloudinit.net.is_openvswitch_internal_interface",
|
||||
+ mock.Mock(return_value=False)
|
||||
+)
|
||||
class TestGetInterfaces(CiTestCase):
|
||||
_data = {'bonds': ['bond1'],
|
||||
'bridges': ['bridge1'],
|
||||
@@ -5008,6 +5020,10 @@ class TestInterfaceHasOwnMac(CiTestCase):
|
||||
self.assertFalse(interface_has_own_mac("eth0"))
|
||||
|
||||
|
||||
+@mock.patch(
|
||||
+ "cloudinit.net.is_openvswitch_internal_interface",
|
||||
+ mock.Mock(return_value=False)
|
||||
+)
|
||||
class TestGetInterfacesByMac(CiTestCase):
|
||||
_data = {'bonds': ['bond1'],
|
||||
'bridges': ['bridge1'],
|
||||
@@ -5164,6 +5180,10 @@ class TestInterfacesSorting(CiTestCase):
|
||||
['enp0s3', 'enp0s8', 'enp0s13', 'enp1s2', 'enp2s0', 'enp2s3'])
|
||||
|
||||
|
||||
+@mock.patch(
|
||||
+ "cloudinit.net.is_openvswitch_internal_interface",
|
||||
+ mock.Mock(return_value=False)
|
||||
+)
|
||||
class TestGetIBHwaddrsByInterface(CiTestCase):
|
||||
|
||||
_ib_addr = '80:00:00:28:fe:80:00:00:00:00:00:00:00:11:22:03:00:33:44:56'
|
||||
--
|
||||
2.27.0
|
||||
|
|
@ -1,247 +0,0 @@
|
|||
From 51a90ecbdf1f3900183d8ec641eeb4571decf6dc Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Wed, 4 Nov 2020 12:37:54 +0100
|
||||
Subject: [PATCH] network: Fix type and respect name when rendering vlan in
|
||||
sysconfig. (#541)
|
||||
|
||||
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||
RH-MergeRequest: 19: network: Fix type and respect name when rendering vlan in sysconfig. (#541)
|
||||
RH-Commit: [1/1] 75bea46017397082c5763125a5f35806c2f840e9 (eterrell/cloud-init)
|
||||
RH-Bugzilla: 1881462
|
||||
|
||||
commit 8439b191ec2f336d544cab86dba2860f969cd5b8
|
||||
Author: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Tue Sep 15 18:00:00 2020 +0200
|
||||
|
||||
network: Fix type and respect name when rendering vlan in sysconfig. (#541)
|
||||
|
||||
Prior to this change, vlans were rendered in sysconfig with
|
||||
'TYPE=Ethernet', and incorrectly rendered the PHYSDEV based on
|
||||
the name of the vlan device rather than the 'link' provided
|
||||
in the network config.
|
||||
|
||||
The change here fixes:
|
||||
* rendering of TYPE=Ethernet for a vlan
|
||||
* adds a warning if the configured device name is not supported
|
||||
per the RHEL 7 docs "11.5. Naming Scheme for VLAN Interfaces"
|
||||
|
||||
LP: #1788915
|
||||
LP: #1826608
|
||||
RHBZ: #1861871
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/net/sysconfig.py | 32 +++++++++-
|
||||
tests/unittests/test_distros/test_netconfig.py | 81 ++++++++++++++++++++++++++
|
||||
tests/unittests/test_net.py | 4 --
|
||||
3 files changed, 112 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||
index c078898..078636a 100644
|
||||
--- a/cloudinit/net/sysconfig.py
|
||||
+++ b/cloudinit/net/sysconfig.py
|
||||
@@ -99,6 +99,10 @@ class ConfigMap(object):
|
||||
def __len__(self):
|
||||
return len(self._conf)
|
||||
|
||||
+ def skip_key_value(self, key, val):
|
||||
+ """Skip the pair key, value if it matches a certain rule."""
|
||||
+ return False
|
||||
+
|
||||
def to_string(self):
|
||||
buf = io.StringIO()
|
||||
buf.write(_make_header())
|
||||
@@ -106,6 +110,8 @@ class ConfigMap(object):
|
||||
buf.write("\n")
|
||||
for key in sorted(self._conf.keys()):
|
||||
value = self._conf[key]
|
||||
+ if self.skip_key_value(key, value):
|
||||
+ continue
|
||||
if isinstance(value, bool):
|
||||
value = self._bool_map[value]
|
||||
if not isinstance(value, str):
|
||||
@@ -214,6 +220,7 @@ class NetInterface(ConfigMap):
|
||||
'bond': 'Bond',
|
||||
'bridge': 'Bridge',
|
||||
'infiniband': 'InfiniBand',
|
||||
+ 'vlan': 'Vlan',
|
||||
}
|
||||
|
||||
def __init__(self, iface_name, base_sysconf_dir, templates,
|
||||
@@ -267,6 +274,11 @@ class NetInterface(ConfigMap):
|
||||
c.routes = self.routes.copy()
|
||||
return c
|
||||
|
||||
+ def skip_key_value(self, key, val):
|
||||
+ if key == 'TYPE' and val == 'Vlan':
|
||||
+ return True
|
||||
+ return False
|
||||
+
|
||||
|
||||
class Renderer(renderer.Renderer):
|
||||
"""Renders network information in a /etc/sysconfig format."""
|
||||
@@ -701,7 +713,16 @@ class Renderer(renderer.Renderer):
|
||||
iface_cfg['ETHERDEVICE'] = iface_name[:iface_name.rfind('.')]
|
||||
else:
|
||||
iface_cfg['VLAN'] = True
|
||||
- iface_cfg['PHYSDEV'] = iface_name[:iface_name.rfind('.')]
|
||||
+ iface_cfg.kind = 'vlan'
|
||||
+
|
||||
+ rdev = iface['vlan-raw-device']
|
||||
+ supported = _supported_vlan_names(rdev, iface['vlan_id'])
|
||||
+ if iface_name not in supported:
|
||||
+ LOG.info(
|
||||
+ "Name '%s' for vlan '%s' is not officially supported"
|
||||
+ "by RHEL. Supported: %s",
|
||||
+ iface_name, rdev, ' '.join(supported))
|
||||
+ iface_cfg['PHYSDEV'] = rdev
|
||||
|
||||
iface_subnets = iface.get("subnets", [])
|
||||
route_cfg = iface_cfg.routes
|
||||
@@ -909,6 +930,15 @@ class Renderer(renderer.Renderer):
|
||||
"\n".join(netcfg) + "\n", file_mode)
|
||||
|
||||
|
||||
+def _supported_vlan_names(rdev, vid):
|
||||
+ """Return list of supported names for vlan devices per RHEL doc
|
||||
+ 11.5. Naming Scheme for VLAN Interfaces."""
|
||||
+ return [
|
||||
+ v.format(rdev=rdev, vid=int(vid))
|
||||
+ for v in ("{rdev}{vid:04}", "{rdev}{vid}",
|
||||
+ "{rdev}.{vid:04}", "{rdev}.{vid}")]
|
||||
+
|
||||
+
|
||||
def available(target=None):
|
||||
sysconfig = available_sysconfig(target=target)
|
||||
nm = available_nm(target=target)
|
||||
diff --git a/tests/unittests/test_distros/test_netconfig.py b/tests/unittests/test_distros/test_netconfig.py
|
||||
index f9fc3a1..a1df066 100644
|
||||
--- a/tests/unittests/test_distros/test_netconfig.py
|
||||
+++ b/tests/unittests/test_distros/test_netconfig.py
|
||||
@@ -541,6 +541,87 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
|
||||
V1_NET_CFG_IPV6,
|
||||
expected_cfgs=expected_cfgs.copy())
|
||||
|
||||
+ def test_vlan_render_unsupported(self):
|
||||
+ """Render officially unsupported vlan names."""
|
||||
+ cfg = {
|
||||
+ 'version': 2,
|
||||
+ 'ethernets': {
|
||||
+ 'eth0': {'addresses': ["192.10.1.2/24"],
|
||||
+ 'match': {'macaddress': "00:16:3e:60:7c:df"}}},
|
||||
+ 'vlans': {
|
||||
+ 'infra0': {'addresses': ["10.0.1.2/16"],
|
||||
+ 'id': 1001, 'link': 'eth0'}},
|
||||
+ }
|
||||
+ expected_cfgs = {
|
||||
+ self.ifcfg_path('eth0'): dedent("""\
|
||||
+ BOOTPROTO=none
|
||||
+ DEVICE=eth0
|
||||
+ HWADDR=00:16:3e:60:7c:df
|
||||
+ IPADDR=192.10.1.2
|
||||
+ NETMASK=255.255.255.0
|
||||
+ NM_CONTROLLED=no
|
||||
+ ONBOOT=yes
|
||||
+ TYPE=Ethernet
|
||||
+ USERCTL=no
|
||||
+ """),
|
||||
+ self.ifcfg_path('infra0'): dedent("""\
|
||||
+ BOOTPROTO=none
|
||||
+ DEVICE=infra0
|
||||
+ IPADDR=10.0.1.2
|
||||
+ NETMASK=255.255.0.0
|
||||
+ NM_CONTROLLED=no
|
||||
+ ONBOOT=yes
|
||||
+ PHYSDEV=eth0
|
||||
+ USERCTL=no
|
||||
+ VLAN=yes
|
||||
+ """),
|
||||
+ self.control_path(): dedent("""\
|
||||
+ NETWORKING=yes
|
||||
+ """),
|
||||
+ }
|
||||
+ self._apply_and_verify(
|
||||
+ self.distro.apply_network_config, cfg,
|
||||
+ expected_cfgs=expected_cfgs)
|
||||
+
|
||||
+ def test_vlan_render(self):
|
||||
+ cfg = {
|
||||
+ 'version': 2,
|
||||
+ 'ethernets': {
|
||||
+ 'eth0': {'addresses': ["192.10.1.2/24"]}},
|
||||
+ 'vlans': {
|
||||
+ 'eth0.1001': {'addresses': ["10.0.1.2/16"],
|
||||
+ 'id': 1001, 'link': 'eth0'}},
|
||||
+ }
|
||||
+ expected_cfgs = {
|
||||
+ self.ifcfg_path('eth0'): dedent("""\
|
||||
+ BOOTPROTO=none
|
||||
+ DEVICE=eth0
|
||||
+ IPADDR=192.10.1.2
|
||||
+ NETMASK=255.255.255.0
|
||||
+ NM_CONTROLLED=no
|
||||
+ ONBOOT=yes
|
||||
+ TYPE=Ethernet
|
||||
+ USERCTL=no
|
||||
+ """),
|
||||
+ self.ifcfg_path('eth0.1001'): dedent("""\
|
||||
+ BOOTPROTO=none
|
||||
+ DEVICE=eth0.1001
|
||||
+ IPADDR=10.0.1.2
|
||||
+ NETMASK=255.255.0.0
|
||||
+ NM_CONTROLLED=no
|
||||
+ ONBOOT=yes
|
||||
+ PHYSDEV=eth0
|
||||
+ USERCTL=no
|
||||
+ VLAN=yes
|
||||
+ """),
|
||||
+ self.control_path(): dedent("""\
|
||||
+ NETWORKING=yes
|
||||
+ """),
|
||||
+ }
|
||||
+ self._apply_and_verify(
|
||||
+ self.distro.apply_network_config, cfg,
|
||||
+ expected_cfgs=expected_cfgs)
|
||||
+
|
||||
|
||||
class TestNetCfgDistroOpensuse(TestNetCfgDistroBase):
|
||||
|
||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||
index d7a7a65..c033745 100644
|
||||
--- a/tests/unittests/test_net.py
|
||||
+++ b/tests/unittests/test_net.py
|
||||
@@ -1656,7 +1656,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
DHCLIENT_SET_DEFAULT_ROUTE=no
|
||||
ONBOOT=yes
|
||||
PHYSDEV=bond0
|
||||
- TYPE=Ethernet
|
||||
USERCTL=no
|
||||
VLAN=yes"""),
|
||||
'ifcfg-br0': textwrap.dedent("""\
|
||||
@@ -1699,7 +1698,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||
NETMASK1=255.255.255.0
|
||||
ONBOOT=yes
|
||||
PHYSDEV=eth0
|
||||
- TYPE=Ethernet
|
||||
USERCTL=no
|
||||
VLAN=yes"""),
|
||||
'ifcfg-eth1': textwrap.dedent("""\
|
||||
@@ -2302,7 +2300,6 @@ iface bond0 inet6 static
|
||||
NETMASK1=255.255.255.0
|
||||
ONBOOT=yes
|
||||
PHYSDEV=en0
|
||||
- TYPE=Ethernet
|
||||
USERCTL=no
|
||||
VLAN=yes"""),
|
||||
},
|
||||
@@ -3409,7 +3406,6 @@ USERCTL=no
|
||||
NM_CONTROLLED=no
|
||||
ONBOOT=yes
|
||||
PHYSDEV=eno1
|
||||
- TYPE=Ethernet
|
||||
USERCTL=no
|
||||
VLAN=yes
|
||||
""")
|
||||
--
|
||||
1.8.3.1
|
||||
|
|
@ -0,0 +1,57 @@
|
|||
From ed7060ac1d5003f70fc3da4d6006a1a958a47b04 Mon Sep 17 00:00:00 2001
|
||||
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Mon, 20 Jun 2022 10:31:14 +0200
|
||||
Subject: [PATCH 2/2] setup.py: adjust udev/rules default path (#1513)
|
||||
|
||||
RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
RH-MergeRequest: 80: setup.py: adjust udev/rules default path (#1513)
|
||||
RH-Commit: [2/2] 2cb64b004acbe1b6a30f943b0da51d2d1f2f0d50 (eesposit/cloud-init)
|
||||
RH-Bugzilla: 2096269
|
||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
|
||||
|
||||
commit 70715125f3af118ae242770e61064c24f41e9a02
|
||||
Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
Date: Thu Jun 16 20:39:42 2022 +0200
|
||||
|
||||
setup.py: adjust udev/rules default path (#1513)
|
||||
|
||||
RHEL must put cloudinit .rules files in /usr/lib/udev/rules.d
|
||||
This place is a rhel standard and since it is used by all packages
|
||||
cannot be modified.
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
|
||||
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
---
|
||||
setup.py | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/setup.py b/setup.py
|
||||
index a9132d2c..fdf27cd7 100755
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -302,6 +302,11 @@ data_files = [
|
||||
),
|
||||
]
|
||||
if not platform.system().endswith("BSD"):
|
||||
+
|
||||
+ RULES_PATH = LIB
|
||||
+ if os.path.isfile("/etc/redhat-release"):
|
||||
+ RULES_PATH = "/usr/lib"
|
||||
+
|
||||
data_files.extend(
|
||||
[
|
||||
(
|
||||
@@ -309,7 +314,7 @@ if not platform.system().endswith("BSD"):
|
||||
["tools/hook-network-manager"],
|
||||
),
|
||||
(ETC + "/dhcp/dhclient-exit-hooks.d/", ["tools/hook-dhclient"]),
|
||||
- (LIB + "/udev/rules.d", [f for f in glob("udev/*.rules")]),
|
||||
+ (RULES_PATH + "/udev/rules.d", [f for f in glob("udev/*.rules")]),
|
||||
(
|
||||
ETC + "/systemd/system/sshd-keygen@.service.d/",
|
||||
["systemd/disable-sshd-keygen-if-cloud-init-active.conf"],
|
||||
--
|
||||
2.31.1
|
||||
|
|
@ -1,98 +0,0 @@
|
|||
From b84a1e6d246bbb758f0530038612bd18eff71767 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Tue, 8 Dec 2020 13:27:22 +0100
|
||||
Subject: [PATCH 4/4] ssh_util: handle non-default AuthorizedKeysFile config
|
||||
(#586)
|
||||
|
||||
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||
RH-MergeRequest: 28: ssh_util: handle non-default AuthorizedKeysFile config (#586)
|
||||
RH-Commit: [1/1] f7ce396e3002c53a3504e653b58810efb956aa26 (eterrell/cloud-init)
|
||||
RH-Bugzilla: 1862967
|
||||
|
||||
commit b0e73814db4027dba0b7dc0282e295b7f653325c
|
||||
Author: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Tue Oct 20 18:04:59 2020 +0200
|
||||
|
||||
ssh_util: handle non-default AuthorizedKeysFile config (#586)
|
||||
|
||||
The following commit merged all ssh keys into a default user file
|
||||
`~/.ssh/authorized_keys` in sshd_config had multiple files configured for
|
||||
AuthorizedKeysFile:
|
||||
|
||||
commit f1094b1a539044c0193165a41501480de0f8df14
|
||||
Author: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Thu Dec 5 17:37:35 2019 +0100
|
||||
|
||||
Multiple file fix for AuthorizedKeysFile config (#60)
|
||||
|
||||
This commit ignored the case when sshd_config would have a single file for
|
||||
AuthorizedKeysFile, but a non default configuration, for example
|
||||
`~/.ssh/authorized_keys_foobar`. In this case cloud-init would grab all keys
|
||||
from this file and write a new one, the default `~/.ssh/authorized_keys`
|
||||
causing the bug.
|
||||
|
||||
rhbz: #1862967
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/ssh_util.py | 6 +++---
|
||||
tests/unittests/test_sshutil.py | 6 +++---
|
||||
2 files changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/cloudinit/ssh_util.py b/cloudinit/ssh_util.py
|
||||
index c08042d6..d5113996 100644
|
||||
--- a/cloudinit/ssh_util.py
|
||||
+++ b/cloudinit/ssh_util.py
|
||||
@@ -262,13 +262,13 @@ def extract_authorized_keys(username, sshd_cfg_file=DEF_SSHD_CFG):
|
||||
|
||||
except (IOError, OSError):
|
||||
# Give up and use a default key filename
|
||||
- auth_key_fns[0] = default_authorizedkeys_file
|
||||
+ auth_key_fns.append(default_authorizedkeys_file)
|
||||
util.logexc(LOG, "Failed extracting 'AuthorizedKeysFile' in SSH "
|
||||
"config from %r, using 'AuthorizedKeysFile' file "
|
||||
"%r instead", DEF_SSHD_CFG, auth_key_fns[0])
|
||||
|
||||
- # always store all the keys in the user's private file
|
||||
- return (default_authorizedkeys_file, parse_authorized_keys(auth_key_fns))
|
||||
+ # always store all the keys in the first file configured on sshd_config
|
||||
+ return (auth_key_fns[0], parse_authorized_keys(auth_key_fns))
|
||||
|
||||
|
||||
def setup_user_keys(keys, username, options=None):
|
||||
diff --git a/tests/unittests/test_sshutil.py b/tests/unittests/test_sshutil.py
|
||||
index fd1d1bac..88a111e3 100644
|
||||
--- a/tests/unittests/test_sshutil.py
|
||||
+++ b/tests/unittests/test_sshutil.py
|
||||
@@ -593,7 +593,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||
fpw.pw_name, sshd_config)
|
||||
content = ssh_util.update_authorized_keys(auth_key_entries, [])
|
||||
|
||||
- self.assertEqual("%s/.ssh/authorized_keys" % fpw.pw_dir, auth_key_fn)
|
||||
+ self.assertEqual(authorized_keys, auth_key_fn)
|
||||
self.assertTrue(VALID_CONTENT['rsa'] in content)
|
||||
self.assertTrue(VALID_CONTENT['dsa'] in content)
|
||||
|
||||
@@ -610,7 +610,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||
sshd_config = self.tmp_path('sshd_config')
|
||||
util.write_file(
|
||||
sshd_config,
|
||||
- "AuthorizedKeysFile %s %s" % (authorized_keys, user_keys)
|
||||
+ "AuthorizedKeysFile %s %s" % (user_keys, authorized_keys)
|
||||
)
|
||||
|
||||
(auth_key_fn, auth_key_entries) = ssh_util.extract_authorized_keys(
|
||||
@@ -618,7 +618,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||
)
|
||||
content = ssh_util.update_authorized_keys(auth_key_entries, [])
|
||||
|
||||
- self.assertEqual("%s/.ssh/authorized_keys" % fpw.pw_dir, auth_key_fn)
|
||||
+ self.assertEqual(user_keys, auth_key_fn)
|
||||
self.assertTrue(VALID_CONTENT['rsa'] in content)
|
||||
self.assertTrue(VALID_CONTENT['dsa'] in content)
|
||||
|
||||
--
|
||||
2.18.4
|
||||
|
|
@ -1,378 +0,0 @@
|
|||
From 4c38c004b016a4f0f255af8a779a58e549068967 Mon Sep 17 00:00:00 2001
|
||||
From: Eduardo Otubo <otubo@redhat.com>
|
||||
Date: Mon, 5 Jul 2021 14:19:06 +0200
|
||||
Subject: [PATCH] write passwords only to serial console, lock down
|
||||
cloud-init-output.log (#847)
|
||||
|
||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
||||
RH-MergeRequest: 22: write passwords only to serial console, lock down cloud-init-output.log (#847)
|
||||
RH-Commit: [1/1] db5da651f305f65f518a548bb57c4977b17b4070 (otubo/cloud-init)
|
||||
RH-Bugzilla: 1979252
|
||||
RH-Acked-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
|
||||
RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
|
||||
|
||||
commit b794d426b9ab43ea9d6371477466070d86e10668
|
||||
Author: Daniel Watkins <oddbloke@ubuntu.com>
|
||||
Date: Fri Mar 19 10:06:42 2021 -0400
|
||||
|
||||
write passwords only to serial console, lock down cloud-init-output.log (#847)
|
||||
|
||||
Prior to this commit, when a user specified configuration which would
|
||||
generate random passwords for users, cloud-init would cause those
|
||||
passwords to be written to the serial console by emitting them on
|
||||
stderr. In the default configuration, any stdout or stderr emitted by
|
||||
cloud-init is also written to `/var/log/cloud-init-output.log`. This
|
||||
file is world-readable, meaning that those randomly-generated passwords
|
||||
were available to be read by any user with access to the system. This
|
||||
presents an obvious security issue.
|
||||
|
||||
This commit responds to this issue in two ways:
|
||||
|
||||
* We address the direct issue by moving from writing the passwords to
|
||||
sys.stderr to writing them directly to /dev/console (via
|
||||
util.multi_log); this means that the passwords will never end up in
|
||||
cloud-init-output.log
|
||||
* To avoid future issues like this, we also modify the logging code so
|
||||
that any files created in a log sink subprocess will only be
|
||||
owner/group readable and, if it exists, will be owned by the adm
|
||||
group. This results in `/var/log/cloud-init-output.log` no longer
|
||||
being world-readable, meaning that if there are other parts of the
|
||||
codebase that are emitting sensitive data intended for the serial
|
||||
console, that data is no longer available to all users of the system.
|
||||
|
||||
LP: #1918303
|
||||
|
||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||
---
|
||||
cloudinit/config/cc_set_passwords.py | 5 +-
|
||||
cloudinit/config/tests/test_set_passwords.py | 40 ++++++--
|
||||
cloudinit/tests/test_util.py | 101 +++++++++++++++++++
|
||||
cloudinit/util.py | 38 ++++++-
|
||||
tests/integration_tests/test_logging.py | 22 ++++
|
||||
tests/unittests/test_util.py | 4 +
|
||||
6 files changed, 194 insertions(+), 16 deletions(-)
|
||||
create mode 100644 tests/integration_tests/test_logging.py
|
||||
|
||||
diff --git a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py
|
||||
index d6b5682d..433de751 100755
|
||||
--- a/cloudinit/config/cc_set_passwords.py
|
||||
+++ b/cloudinit/config/cc_set_passwords.py
|
||||
@@ -78,7 +78,6 @@ password.
|
||||
"""
|
||||
|
||||
import re
|
||||
-import sys
|
||||
|
||||
from cloudinit.distros import ug_util
|
||||
from cloudinit import log as logging
|
||||
@@ -214,7 +213,9 @@ def handle(_name, cfg, cloud, log, args):
|
||||
if len(randlist):
|
||||
blurb = ("Set the following 'random' passwords\n",
|
||||
'\n'.join(randlist))
|
||||
- sys.stderr.write("%s\n%s\n" % blurb)
|
||||
+ util.multi_log(
|
||||
+ "%s\n%s\n" % blurb, stderr=False, fallback_to_stdout=False
|
||||
+ )
|
||||
|
||||
if expire:
|
||||
expired_users = []
|
||||
diff --git a/cloudinit/config/tests/test_set_passwords.py b/cloudinit/config/tests/test_set_passwords.py
|
||||
index daa1ef51..bbe2ee8f 100644
|
||||
--- a/cloudinit/config/tests/test_set_passwords.py
|
||||
+++ b/cloudinit/config/tests/test_set_passwords.py
|
||||
@@ -74,10 +74,6 @@ class TestSetPasswordsHandle(CiTestCase):
|
||||
|
||||
with_logs = True
|
||||
|
||||
- def setUp(self):
|
||||
- super(TestSetPasswordsHandle, self).setUp()
|
||||
- self.add_patch('cloudinit.config.cc_set_passwords.sys.stderr', 'm_err')
|
||||
-
|
||||
def test_handle_on_empty_config(self, *args):
|
||||
"""handle logs that no password has changed when config is empty."""
|
||||
cloud = self.tmp_cloud(distro='ubuntu')
|
||||
@@ -129,10 +125,12 @@ class TestSetPasswordsHandle(CiTestCase):
|
||||
mock.call(['pw', 'usermod', 'ubuntu', '-p', '01-Jan-1970'])],
|
||||
m_subp.call_args_list)
|
||||
|
||||
+ @mock.patch(MODPATH + "util.multi_log")
|
||||
@mock.patch(MODPATH + "util.is_BSD")
|
||||
@mock.patch(MODPATH + "subp.subp")
|
||||
- def test_handle_on_chpasswd_list_creates_random_passwords(self, m_subp,
|
||||
- m_is_bsd):
|
||||
+ def test_handle_on_chpasswd_list_creates_random_passwords(
|
||||
+ self, m_subp, m_is_bsd, m_multi_log
|
||||
+ ):
|
||||
"""handle parses command set random passwords."""
|
||||
m_is_bsd.return_value = False
|
||||
cloud = self.tmp_cloud(distro='ubuntu')
|
||||
@@ -146,10 +144,32 @@ class TestSetPasswordsHandle(CiTestCase):
|
||||
self.assertIn(
|
||||
'DEBUG: Handling input for chpasswd as list.',
|
||||
self.logs.getvalue())
|
||||
- self.assertNotEqual(
|
||||
- [mock.call(['chpasswd'],
|
||||
- '\n'.join(valid_random_pwds) + '\n')],
|
||||
- m_subp.call_args_list)
|
||||
+
|
||||
+ self.assertEqual(1, m_subp.call_count)
|
||||
+ args, _kwargs = m_subp.call_args
|
||||
+ self.assertEqual(["chpasswd"], args[0])
|
||||
+
|
||||
+ stdin = args[1]
|
||||
+ user_pass = {
|
||||
+ user: password
|
||||
+ for user, password
|
||||
+ in (line.split(":") for line in stdin.splitlines())
|
||||
+ }
|
||||
+
|
||||
+ self.assertEqual(1, m_multi_log.call_count)
|
||||
+ self.assertEqual(
|
||||
+ mock.call(mock.ANY, stderr=False, fallback_to_stdout=False),
|
||||
+ m_multi_log.call_args
|
||||
+ )
|
||||
+
|
||||
+ self.assertEqual(set(["root", "ubuntu"]), set(user_pass.keys()))
|
||||
+ written_lines = m_multi_log.call_args[0][0].splitlines()
|
||||
+ for password in user_pass.values():
|
||||
+ for line in written_lines:
|
||||
+ if password in line:
|
||||
+ break
|
||||
+ else:
|
||||
+ self.fail("Password not emitted to console")
|
||||
|
||||
|
||||
# vi: ts=4 expandtab
|
||||
diff --git a/cloudinit/tests/test_util.py b/cloudinit/tests/test_util.py
|
||||
index 096a3037..b8dfbf51 100644
|
||||
--- a/cloudinit/tests/test_util.py
|
||||
+++ b/cloudinit/tests/test_util.py
|
||||
@@ -771,4 +771,105 @@ class TestMountCb:
|
||||
] == callback.call_args_list
|
||||
|
||||
|
||||
+@mock.patch("cloudinit.util.write_file")
|
||||
+class TestEnsureFile:
|
||||
+ """Tests for ``cloudinit.util.ensure_file``."""
|
||||
+
|
||||
+ def test_parameters_passed_through(self, m_write_file):
|
||||
+ """Test the parameters in the signature are passed to write_file."""
|
||||
+ util.ensure_file(
|
||||
+ mock.sentinel.path,
|
||||
+ mode=mock.sentinel.mode,
|
||||
+ preserve_mode=mock.sentinel.preserve_mode,
|
||||
+ )
|
||||
+
|
||||
+ assert 1 == m_write_file.call_count
|
||||
+ args, kwargs = m_write_file.call_args
|
||||
+ assert (mock.sentinel.path,) == args
|
||||
+ assert mock.sentinel.mode == kwargs["mode"]
|
||||
+ assert mock.sentinel.preserve_mode == kwargs["preserve_mode"]
|
||||
+
|
||||
+ @pytest.mark.parametrize(
|
||||
+ "kwarg,expected",
|
||||
+ [
|
||||
+ # Files should be world-readable by default
|
||||
+ ("mode", 0o644),
|
||||
+ # The previous behaviour of not preserving mode should be retained
|
||||
+ ("preserve_mode", False),
|
||||
+ ],
|
||||
+ )
|
||||
+ def test_defaults(self, m_write_file, kwarg, expected):
|
||||
+ """Test that ensure_file defaults appropriately."""
|
||||
+ util.ensure_file(mock.sentinel.path)
|
||||
+
|
||||
+ assert 1 == m_write_file.call_count
|
||||
+ _args, kwargs = m_write_file.call_args
|
||||
+ assert expected == kwargs[kwarg]
|
||||
+
|
||||
+ def test_static_parameters_are_passed(self, m_write_file):
|
||||
+ """Test that the static write_files parameters are passed correctly."""
|
||||
+ util.ensure_file(mock.sentinel.path)
|
||||
+
|
||||
+ assert 1 == m_write_file.call_count
|
||||
+ _args, kwargs = m_write_file.call_args
|
||||
+ assert "" == kwargs["content"]
|
||||
+ assert "ab" == kwargs["omode"]
|
||||
+
|
||||
+
|
||||
+@mock.patch("cloudinit.util.grp.getgrnam")
|
||||
+@mock.patch("cloudinit.util.os.setgid")
|
||||
+@mock.patch("cloudinit.util.os.umask")
|
||||
+class TestRedirectOutputPreexecFn:
|
||||
+ """This tests specifically the preexec_fn used in redirect_output."""
|
||||
+
|
||||
+ @pytest.fixture(params=["outfmt", "errfmt"])
|
||||
+ def preexec_fn(self, request):
|
||||
+ """A fixture to gather the preexec_fn used by redirect_output.
|
||||
+
|
||||
+ This enables simpler direct testing of it, and parameterises any tests
|
||||
+ using it to cover both the stdout and stderr code paths.
|
||||
+ """
|
||||
+ test_string = "| piped output to invoke subprocess"
|
||||
+ if request.param == "outfmt":
|
||||
+ args = (test_string, None)
|
||||
+ elif request.param == "errfmt":
|
||||
+ args = (None, test_string)
|
||||
+ with mock.patch("cloudinit.util.subprocess.Popen") as m_popen:
|
||||
+ util.redirect_output(*args)
|
||||
+
|
||||
+ assert 1 == m_popen.call_count
|
||||
+ _args, kwargs = m_popen.call_args
|
||||
+ assert "preexec_fn" in kwargs, "preexec_fn not passed to Popen"
|
||||
+ return kwargs["preexec_fn"]
|
||||
+
|
||||
+ def test_preexec_fn_sets_umask(
|
||||
+ self, m_os_umask, _m_setgid, _m_getgrnam, preexec_fn
|
||||
+ ):
|
||||
+ """preexec_fn should set a mask that avoids world-readable files."""
|
||||
+ preexec_fn()
|
||||
+
|
||||
+ assert [mock.call(0o037)] == m_os_umask.call_args_list
|
||||
+
|
||||
+ def test_preexec_fn_sets_group_id_if_adm_group_present(
|
||||
+ self, _m_os_umask, m_setgid, m_getgrnam, preexec_fn
|
||||
+ ):
|
||||
+ """We should setgrp to adm if present, so files are owned by them."""
|
||||
+ fake_group = mock.Mock(gr_gid=mock.sentinel.gr_gid)
|
||||
+ m_getgrnam.return_value = fake_group
|
||||
+
|
||||
+ preexec_fn()
|
||||
+
|
||||
+ assert [mock.call("adm")] == m_getgrnam.call_args_list
|
||||
+ assert [mock.call(mock.sentinel.gr_gid)] == m_setgid.call_args_list
|
||||
+
|
||||
+ def test_preexec_fn_handles_absent_adm_group_gracefully(
|
||||
+ self, _m_os_umask, m_setgid, m_getgrnam, preexec_fn
|
||||
+ ):
|
||||
+ """We should handle an absent adm group gracefully."""
|
||||
+ m_getgrnam.side_effect = KeyError("getgrnam(): name not found: 'adm'")
|
||||
+
|
||||
+ preexec_fn()
|
||||
+
|
||||
+ assert 0 == m_setgid.call_count
|
||||
+
|
||||
# vi: ts=4 expandtab
|
||||
diff --git a/cloudinit/util.py b/cloudinit/util.py
|
||||
index cf9e349f..94cec6ee 100644
|
||||
--- a/cloudinit/util.py
|
||||
+++ b/cloudinit/util.py
|
||||
@@ -391,7 +391,7 @@ def find_modules(root_dir):
|
||||
|
||||
|
||||
def multi_log(text, console=True, stderr=True,
|
||||
- log=None, log_level=logging.DEBUG):
|
||||
+ log=None, log_level=logging.DEBUG, fallback_to_stdout=True):
|
||||
if stderr:
|
||||
sys.stderr.write(text)
|
||||
if console:
|
||||
@@ -400,7 +400,7 @@ def multi_log(text, console=True, stderr=True,
|
||||
with open(conpath, 'w') as wfh:
|
||||
wfh.write(text)
|
||||
wfh.flush()
|
||||
- else:
|
||||
+ elif fallback_to_stdout:
|
||||
# A container may lack /dev/console (arguably a container bug). If
|
||||
# it does not exist, then write output to stdout. this will result
|
||||
# in duplicate stderr and stdout messages if stderr was True.
|
||||
@@ -650,6 +650,26 @@ def redirect_output(outfmt, errfmt, o_out=None, o_err=None):
|
||||
if not o_err:
|
||||
o_err = sys.stderr
|
||||
|
||||
+ # pylint: disable=subprocess-popen-preexec-fn
|
||||
+ def set_subprocess_umask_and_gid():
|
||||
+ """Reconfigure umask and group ID to create output files securely.
|
||||
+
|
||||
+ This is passed to subprocess.Popen as preexec_fn, so it is executed in
|
||||
+ the context of the newly-created process. It:
|
||||
+
|
||||
+ * sets the umask of the process so created files aren't world-readable
|
||||
+ * if an adm group exists in the system, sets that as the process' GID
|
||||
+ (so that the created file(s) are owned by root:adm)
|
||||
+ """
|
||||
+ os.umask(0o037)
|
||||
+ try:
|
||||
+ group_id = grp.getgrnam("adm").gr_gid
|
||||
+ except KeyError:
|
||||
+ # No adm group, don't set a group
|
||||
+ pass
|
||||
+ else:
|
||||
+ os.setgid(group_id)
|
||||
+
|
||||
if outfmt:
|
||||
LOG.debug("Redirecting %s to %s", o_out, outfmt)
|
||||
(mode, arg) = outfmt.split(" ", 1)
|
||||
@@ -659,7 +679,12 @@ def redirect_output(outfmt, errfmt, o_out=None, o_err=None):
|
||||
owith = "wb"
|
||||
new_fp = open(arg, owith)
|
||||
elif mode == "|":
|
||||
- proc = subprocess.Popen(arg, shell=True, stdin=subprocess.PIPE)
|
||||
+ proc = subprocess.Popen(
|
||||
+ arg,
|
||||
+ shell=True,
|
||||
+ stdin=subprocess.PIPE,
|
||||
+ preexec_fn=set_subprocess_umask_and_gid,
|
||||
+ )
|
||||
new_fp = proc.stdin
|
||||
else:
|
||||
raise TypeError("Invalid type for output format: %s" % outfmt)
|
||||
@@ -681,7 +706,12 @@ def redirect_output(outfmt, errfmt, o_out=None, o_err=None):
|
||||
owith = "wb"
|
||||
new_fp = open(arg, owith)
|
||||
elif mode == "|":
|
||||
- proc = subprocess.Popen(arg, shell=True, stdin=subprocess.PIPE)
|
||||
+ proc = subprocess.Popen(
|
||||
+ arg,
|
||||
+ shell=True,
|
||||
+ stdin=subprocess.PIPE,
|
||||
+ preexec_fn=set_subprocess_umask_and_gid,
|
||||
+ )
|
||||
new_fp = proc.stdin
|
||||
else:
|
||||
raise TypeError("Invalid type for error format: %s" % errfmt)
|
||||
diff --git a/tests/integration_tests/test_logging.py b/tests/integration_tests/test_logging.py
|
||||
new file mode 100644
|
||||
index 00000000..b31a0434
|
||||
--- /dev/null
|
||||
+++ b/tests/integration_tests/test_logging.py
|
||||
@@ -0,0 +1,22 @@
|
||||
+"""Integration tests relating to cloud-init's logging."""
|
||||
+
|
||||
+
|
||||
+class TestVarLogCloudInitOutput:
|
||||
+ """Integration tests relating to /var/log/cloud-init-output.log."""
|
||||
+
|
||||
+ def test_var_log_cloud_init_output_not_world_readable(self, client):
|
||||
+ """
|
||||
+ The log can contain sensitive data, it shouldn't be world-readable.
|
||||
+
|
||||
+ LP: #1918303
|
||||
+ """
|
||||
+ # Check the file exists
|
||||
+ assert client.execute("test -f /var/log/cloud-init-output.log").ok
|
||||
+
|
||||
+ # Check its permissions are as we expect
|
||||
+ perms, user, group = client.execute(
|
||||
+ "stat -c %a:%U:%G /var/log/cloud-init-output.log"
|
||||
+ ).split(":")
|
||||
+ assert "640" == perms
|
||||
+ assert "root" == user
|
||||
+ assert "adm" == group
|
||||
diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py
|
||||
index fc557469..9c51768d 100644
|
||||
--- a/tests/unittests/test_util.py
|
||||
+++ b/tests/unittests/test_util.py
|
||||
@@ -695,6 +695,10 @@ class TestMultiLog(helpers.FilesystemMockingTestCase):
|
||||
util.multi_log(logged_string)
|
||||
self.assertEqual(logged_string, self.stdout.getvalue())
|
||||
|
||||
+ def test_logs_dont_go_to_stdout_if_fallback_to_stdout_is_false(self):
|
||||
+ util.multi_log('something', fallback_to_stdout=False)
|
||||
+ self.assertEqual('', self.stdout.getvalue())
|
||||
+
|
||||
def test_logs_go_to_log_if_given(self):
|
||||
log = mock.MagicMock()
|
||||
logged_string = 'something very important'
|
||||
--
|
||||
2.27.0
|
||||
|
|
@ -5,8 +5,8 @@
|
|||
%global debug_package %{nil}
|
||||
|
||||
Name: cloud-init
|
||||
Version: 20.3
|
||||
Release: 10%{?dist}.5
|
||||
Version: 22.1
|
||||
Release: 5%{?dist}
|
||||
Summary: Cloud instance init scripts
|
||||
|
||||
Group: System Environment/Base
|
||||
|
@ -18,38 +18,33 @@ Source1: cloud-init-tmpfiles.conf
|
|||
Patch0001: 0001-Add-initial-redhat-setup.patch
|
||||
Patch0002: 0002-Do-not-write-NM_CONTROLLED-no-in-generated-interface.patch
|
||||
Patch0003: 0003-limit-permissions-on-def_log_file.patch
|
||||
Patch0004: 0004-sysconfig-Don-t-write-BOOTPROTO-dhcp-for-ipv6-dhcp.patch
|
||||
Patch0005: 0005-DataSourceAzure.py-use-hostnamectl-to-set-hostname.patch
|
||||
Patch0006: 0006-include-NOZEROCONF-yes-in-etc-sysconfig-network.patch
|
||||
Patch0007: 0007-Remove-race-condition-between-cloud-init-and-Network.patch
|
||||
Patch8: ci-Explicit-set-IPV6_AUTOCONF-and-IPV6_FORCE_ACCEPT_RA-.patch
|
||||
Patch9: ci-Add-config-modules-for-controlling-IBM-PowerVM-RMC.-.patch
|
||||
# For bz#1881462 - [rhel8][cloud-init] ifup bond0.504 Error: Connection activation failed: No suitable device found for this connection
|
||||
Patch10: ci-network-Fix-type-and-respect-name-when-rendering-vla.patch
|
||||
# For bz#1859695 - [Cloud-init] DHCPv6 assigned address is not added to VM's interface
|
||||
Patch11: ci-Adding-BOOTPROTO-dhcp-to-render-sysconfig-dhcp6-stat.patch
|
||||
# For bz#1898943 - [rhel-8]cloud-final.service fails if NetworkManager not installed.
|
||||
Patch12: ci-Fix-unit-failure-of-cloud-final.service-if-NetworkMa.patch
|
||||
# For bz#1862967 - [cloud-init]Customize ssh AuthorizedKeysFile causes login failure
|
||||
Patch13: ci-ssh_util-handle-non-default-AuthorizedKeysFile-confi.patch
|
||||
# For bz#1859695 - [Cloud-init] DHCPv6 assigned address is not added to VM's interface
|
||||
Patch14: ci-Missing-IPV6_AUTOCONF-no-to-render-sysconfig-dhcp6-s.patch
|
||||
# For bz#1900892 - [Azure] Update existing user password RHEL8x
|
||||
Patch15: ci-DataSourceAzure-update-password-for-defuser-if-exist.patch
|
||||
# For bz#1919972 - [RHEL-8.4] ssh keys can be shared across users giving potential root access
|
||||
Patch16: ci-Revert-ssh_util-handle-non-default-AuthorizedKeysFil.patch
|
||||
# For bz#1913127 - A typo in cloud-init man page
|
||||
Patch17: ci-fix-a-typo-in-man-page-cloud-init.1-752.patch
|
||||
# For bz#1942699 - [Aliyun][RHEL8.4][cloud-init] cloud-init service failed to start with Alibaba instance [rhel-8.4.0.z]
|
||||
Patch18: ci-Fix-requiring-device-number-on-EC2-derivatives-836.patch
|
||||
# For bz#1957135 - Intermittent failure to start cloud-init due to failure to detect macs [rhel-8.4.0.z]
|
||||
Patch19: ci-get_interfaces-don-t-exclude-Open-vSwitch-bridge-bon.patch
|
||||
# For bz#1957135 - Intermittent failure to start cloud-init due to failure to detect macs [rhel-8.4.0.z]
|
||||
Patch20: ci-net-exclude-OVS-internal-interfaces-in-get_interface.patch
|
||||
# For bz#1963981 - [cloud-init] From RHEL 82+ cloud-init no longer displays sshd keys fingerprints from instance launched from a backup image [rhel-8.4.0.z]
|
||||
Patch21: ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch
|
||||
# For bz#1979252 - CVE-2021-3429 cloud-init: randomly generated passwords logged in clear-text to world-readable file [rhel-8] [rhel-8.4.0.z]
|
||||
Patch22: ci-write-passwords-only-to-serial-console-lock-down-clo.patch
|
||||
Patch0004: 0004-include-NOZEROCONF-yes-in-etc-sysconfig-network.patch
|
||||
Patch0005: 0005-Remove-race-condition-between-cloud-init-and-Network.patch
|
||||
Patch0006: 0006-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch
|
||||
# For bz#2059872 - [RHEL-8]Rebase cloud-init from Fedora so it can configure networking using NM keyfiles
|
||||
Patch7: ci-Add-native-NetworkManager-support-1224.patch
|
||||
# For bz#2059872 - [RHEL-8]Rebase cloud-init from Fedora so it can configure networking using NM keyfiles
|
||||
Patch8: ci-Use-Network-Manager-and-Netplan-as-default-renderers.patch
|
||||
# For bz#2082071 - Align cloud.cfg file and systemd with cloud-init upstream .tmpl files
|
||||
Patch9: ci-Align-rhel-custom-files-with-upstream-1431.patch
|
||||
# For bz#2082071 - Align cloud.cfg file and systemd with cloud-init upstream .tmpl files
|
||||
Patch10: ci-Remove-rhel-specific-files.patch
|
||||
# For bz#2082686 - [cloud][init] Add support for reading tags from instance metadata
|
||||
Patch11: ci-Support-EC2-tags-in-instance-metadata-1309.patch
|
||||
# For bz#2096269 - Adjust udev/rules default path[RHEL-8]
|
||||
Patch12: ci-setup.py-adjust-udev-rules-default-path-1513.patch
|
||||
# For bz#2107464 - [RHEL-8.7] Cannot run sysconfig when changing the priority of network renderers
|
||||
# For bz#2110066 - DNS integration with OpenStack/cloud-init/NetworkManager is not working
|
||||
# For bz#2117526 - [RHEL8.7] Revert patch of configuring networking by NM keyfiles
|
||||
# For bz#2104393 - [RHEL-8.7]Failed to config static IP and IPv6 according to VMware Customization Config File
|
||||
# For bz#2098624 - [RHEL-8.7] IPv6 not workable when cloud-init configure network using NM keyfiles
|
||||
Patch13: ci-Revert-Add-native-NetworkManager-support-1224.patch
|
||||
# For bz#2107464 - [RHEL-8.7] Cannot run sysconfig when changing the priority of network renderers
|
||||
# For bz#2110066 - DNS integration with OpenStack/cloud-init/NetworkManager is not working
|
||||
# For bz#2117526 - [RHEL8.7] Revert patch of configuring networking by NM keyfiles
|
||||
# For bz#2104393 - [RHEL-8.7]Failed to config static IP and IPv6 according to VMware Customization Config File
|
||||
# For bz#2098624 - [RHEL-8.7] IPv6 not workable when cloud-init configure network using NM keyfiles
|
||||
Patch14: ci-Revert-Use-Network-Manager-and-Netplan-as-default-re.patch
|
||||
|
||||
BuildArch: noarch
|
||||
|
||||
|
@ -97,6 +92,11 @@ Requires: python3-six
|
|||
Requires: shadow-utils
|
||||
Requires: util-linux
|
||||
Requires: xfsprogs
|
||||
Requires: dhcp-client
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2039697
|
||||
Requires: gdisk
|
||||
Requires: openssl
|
||||
Requires: python3-netifaces
|
||||
|
||||
%{?systemd_requires}
|
||||
|
||||
|
@ -120,8 +120,6 @@ sed -i -e 's|#!/usr/bin/env python|#!/usr/bin/env python3|' \
|
|||
%install
|
||||
%py3_install --
|
||||
|
||||
python3 tools/render-cloudcfg --variant fedora > $RPM_BUILD_ROOT/%{_sysconfdir}/cloud/cloud.cfg
|
||||
|
||||
sed -i "s,@@PACKAGED_VERSION@@,%{version}-%{release}," $RPM_BUILD_ROOT/%{python3_sitelib}/cloudinit/version.py
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/var/lib/cloud
|
||||
|
@ -131,9 +129,6 @@ mkdir -p $RPM_BUILD_ROOT/run/cloud-init
|
|||
mkdir -p $RPM_BUILD_ROOT/%{_tmpfilesdir}
|
||||
cp -p %{SOURCE1} $RPM_BUILD_ROOT/%{_tmpfilesdir}/%{name}.conf
|
||||
|
||||
# We supply our own config file since our software differs from Ubuntu's.
|
||||
cp -p rhel/cloud.cfg $RPM_BUILD_ROOT/%{_sysconfdir}/cloud/cloud.cfg
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/rsyslog.d
|
||||
cp -p tools/21-cloudinit.conf $RPM_BUILD_ROOT/%{_sysconfdir}/rsyslog.d/21-cloudinit.conf
|
||||
|
||||
|
@ -141,17 +136,10 @@ cp -p tools/21-cloudinit.conf $RPM_BUILD_ROOT/%{_sysconfdir}/rsyslog.d/21-cloudi
|
|||
mv $RPM_BUILD_ROOT/etc/NetworkManager/dispatcher.d/hook-network-manager \
|
||||
$RPM_BUILD_ROOT/etc/NetworkManager/dispatcher.d/cloud-init-azure-hook
|
||||
|
||||
# Install our own systemd units (rhbz#1440831)
|
||||
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp rhel/systemd/* $RPM_BUILD_ROOT%{_unitdir}/
|
||||
|
||||
[ ! -d $RPM_BUILD_ROOT/usr/lib/systemd/system-generators ] && mkdir -p $RPM_BUILD_ROOT/usr/lib/systemd/system-generators
|
||||
python3 tools/render-cloudcfg --variant rhel systemd/cloud-init-generator.tmpl > $RPM_BUILD_ROOT/usr/lib/systemd/system-generators/cloud-init-generator
|
||||
chmod 755 $RPM_BUILD_ROOT/usr/lib/systemd/system-generators/cloud-init-generator
|
||||
|
||||
[ ! -d $RPM_BUILD_ROOT/usr/lib/%{name} ] && mkdir -p $RPM_BUILD_ROOT/usr/lib/%{name}
|
||||
cp -p tools/ds-identify $RPM_BUILD_ROOT%{_libexecdir}/%{name}/ds-identify
|
||||
|
||||
# installing man pages
|
||||
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man1/
|
||||
for man in cloud-id.1 cloud-init.1 cloud-init-per.1; do
|
||||
|
@ -207,7 +195,6 @@ fi
|
|||
|
||||
%files
|
||||
%license LICENSE
|
||||
%doc ChangeLog rhel/README.rhel
|
||||
%config(noreplace) %{_sysconfdir}/cloud/cloud.cfg
|
||||
%dir %{_sysconfdir}/cloud/cloud.cfg.d
|
||||
%config(noreplace) %{_sysconfdir}/cloud/cloud.cfg.d/*.cfg
|
||||
|
@ -217,6 +204,8 @@ fi
|
|||
%{_unitdir}/cloud-config.service
|
||||
%{_unitdir}/cloud-config.target
|
||||
%{_unitdir}/cloud-final.service
|
||||
%{_unitdir}/cloud-init-hotplugd.service
|
||||
%{_unitdir}/cloud-init-hotplugd.socket
|
||||
%{_unitdir}/cloud-init-local.service
|
||||
%{_unitdir}/cloud-init.service
|
||||
%{_unitdir}/cloud-init.target
|
||||
|
@ -229,29 +218,147 @@ fi
|
|||
%dir %verify(not mode) /run/cloud-init
|
||||
%dir /var/lib/cloud
|
||||
/etc/NetworkManager/dispatcher.d/cloud-init-azure-hook
|
||||
/etc/dhcp/dhclient-exit-hooks.d/hook-dhclient
|
||||
%{_udevrulesdir}/66-azure-ephemeral.rules
|
||||
%{_sysconfdir}/bash_completion.d/cloud-init
|
||||
%{_datadir}/bash-completion/completions/cloud-init
|
||||
%{_bindir}/cloud-id
|
||||
%{_libexecdir}/%{name}/ds-identify
|
||||
/usr/lib/systemd/system-generators/cloud-init-generator
|
||||
%{_sysconfdir}/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf
|
||||
|
||||
|
||||
%dir %{_sysconfdir}/rsyslog.d
|
||||
%config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf
|
||||
|
||||
%changelog
|
||||
* Thu Jul 15 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-10.el8_4.5
|
||||
- ci-write-passwords-only-to-serial-console-lock-down-clo.patch [bz#1979252]
|
||||
- Resolves: bz#1979252
|
||||
(CVE-2021-3429 cloud-init: randomly generated passwords logged in clear-text to world-readable file [rhel-8] [rhel-8.4.0.z])
|
||||
* Wed Aug 17 2022 Jon Maloy <jmaloy@redhat.com> - 22.1-5
|
||||
- ci-Revert-Add-native-NetworkManager-support-1224.patch [bz#2107464 bz#2110066 bz#2117526 bz#2104393 bz#2098624]
|
||||
- ci-Revert-Use-Network-Manager-and-Netplan-as-default-re.patch [bz#2107464 bz#2110066 bz#2117526 bz#2104393 bz#2098624]
|
||||
- Resolves: bz#2107464
|
||||
([RHEL-8.7] Cannot run sysconfig when changing the priority of network renderers)
|
||||
- Resolves: bz#2110066
|
||||
(DNS integration with OpenStack/cloud-init/NetworkManager is not working)
|
||||
- Resolves: bz#2117526
|
||||
([RHEL8.7] Revert patch of configuring networking by NM keyfiles)
|
||||
- Resolves: bz#2104393
|
||||
([RHEL-8.7]Failed to config static IP and IPv6 according to VMware Customization Config File)
|
||||
- Resolves: bz#2098624
|
||||
([RHEL-8.7] IPv6 not workable when cloud-init configure network using NM keyfiles)
|
||||
|
||||
* Mon Jun 07 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-10.el8_4.4
|
||||
- ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch [bz#1963981]
|
||||
- ci-cloud-init.spec.template-update-systemd_postun-param.patch [bz#1967600]
|
||||
- Resolves: bz#1963981
|
||||
([cloud-init] From RHEL 82+ cloud-init no longer displays sshd keys fingerprints from instance launched from a backup image [rhel-8.4.0.z])
|
||||
- Resolves: bz#1967600
|
||||
(cloud-init brew build fails on Fedora 33 [rhel-8.4.0.z])
|
||||
* Tue Jul 12 2022 Miroslav Rezanina <mrezanin@redhat.com> - 22.1-4
|
||||
- ci-cloud-init.spec-adjust-path-for-66-azure-ephemeral.r.patch [bz#2096269]
|
||||
- ci-setup.py-adjust-udev-rules-default-path-1513.patch [bz#2096269]
|
||||
- Resolves: bz#2096269
|
||||
(Adjust udev/rules default path[RHEL-8])
|
||||
|
||||
* Thu Jun 23 2022 Jon Maloy <jmaloy@redhat.com> - 22.1-3
|
||||
- ci-Support-EC2-tags-in-instance-metadata-1309.patch [bz#2082686]
|
||||
- Resolves: bz#2082686
|
||||
([cloud][init] Add support for reading tags from instance metadata)
|
||||
|
||||
* Tue May 31 2022 Jon Maloy <jmaloy@redhat.com> - 22.1-2
|
||||
- ci-Add-native-NetworkManager-support-1224.patch [bz#2059872]
|
||||
- ci-Use-Network-Manager-and-Netplan-as-default-renderers.patch [bz#2059872]
|
||||
- ci-Align-rhel-custom-files-with-upstream-1431.patch [bz#2082071]
|
||||
- ci-Remove-rhel-specific-files.patch [bz#2082071]
|
||||
- Resolves: bz#2059872
|
||||
([RHEL-8]Rebase cloud-init from Fedora so it can configure networking using NM keyfiles)
|
||||
- Resolves: bz#2082071
|
||||
(Align cloud.cfg file and systemd with cloud-init upstream .tmpl files)
|
||||
|
||||
* Mon Apr 25 2022 Amy Chen <xiachen@redhat.com> - 22.1-1
|
||||
- Rebaes to 22.1 [bz#2065544]
|
||||
- Resolves: bz#2065544
|
||||
([RHEL-8.7.0] cloud-init rebase to 22.1)
|
||||
|
||||
* Fri Apr 01 2022 Camilla Conte <cconte@redhat.com> - 21.1-15
|
||||
- ci-Detect-a-Python-version-change-and-clear-the-cache-8.patch [bz#1935826]
|
||||
- ci-Fix-MIME-policy-failure-on-python-version-upgrade-93.patch [bz#1935826]
|
||||
|
||||
* Fri Feb 25 2022 Jon Maloy <jmaloy@redhat.com> - 21.1-14
|
||||
- ci-Fix-IPv6-netmask-format-for-sysconfig-1215.patch [bz#2046540]
|
||||
- Resolves: bz#2046540
|
||||
(cloud-init writes route6-$DEVICE config with a HEX netmask. ip route does not like : Error: inet6 prefix is expected rather than "fd00:fd00:fd00::/ffff:ffff:ffff:ffff::".)
|
||||
|
||||
* Tue Jan 25 2022 Jon Maloy <jmaloy@redhat.com> - 21.1-13
|
||||
- ci-Add-flexibility-to-IMDS-api-version-793.patch [bz#2023940]
|
||||
- ci-Azure-helper-Ensure-Azure-http-handler-sleeps-betwee.patch [bz#2023940]
|
||||
- ci-azure-Removing-ability-to-invoke-walinuxagent-799.patch [bz#2023940]
|
||||
- ci-Azure-eject-the-provisioning-iso-before-reporting-re.patch [bz#2023940]
|
||||
- ci-Azure-Retrieve-username-and-hostname-from-IMDS-865.patch [bz#2023940]
|
||||
- ci-Azure-Retry-net-metadata-during-nic-attach-for-non-t.patch [bz#2023940]
|
||||
- ci-Azure-adding-support-for-consuming-userdata-from-IMD.patch [bz#2023940]
|
||||
- Resolves: bz#2023940
|
||||
([RHEL-8] Support for provisioning Azure VM with userdata)
|
||||
|
||||
* Wed Jan 19 2022 Jon Maloy <jmaloy@redhat.com> - 21.1-12
|
||||
- ci-Add-gdisk-and-openssl-as-deps-to-fix-UEFI-Azure-init.patch [bz#2039697]
|
||||
- ci-Datasource-for-VMware-953.patch [bz#2026587]
|
||||
- ci-Change-netifaces-dependency-to-0.10.4-965.patch [bz#2026587]
|
||||
- ci-Update-dscheck_VMware-s-rpctool-check-970.patch [bz#2026587]
|
||||
- ci-Revert-unnecesary-lcase-in-ds-identify-978.patch [bz#2026587]
|
||||
- ci-Add-netifaces-package-as-a-Requires-in-cloud-init.sp.patch [bz#2026587]
|
||||
- Resolves: bz#2039697
|
||||
([RHEL8] [Azure] cloud-init fails to configure the system)
|
||||
- Resolves: bz#2026587
|
||||
([cloud-init][RHEL8] Support for cloud-init datasource 'cloud-init-vmware-guestinfo')
|
||||
|
||||
* Wed Dec 08 2021 Jon Maloy <jmaloy@redhat.com> - 21.1-11
|
||||
- ci-cloudinit-net-handle-two-different-routes-for-the-sa.patch [bz#2028028]
|
||||
- Resolves: bz#2028028
|
||||
([RHEL-8] Above 19.2 of cloud-init fails to configure routes when configuring static and default routes to the same destination IP)
|
||||
|
||||
* Mon Dec 06 2021 Jon Maloy <jmaloy@redhat.com> - 21.1-10
|
||||
- ci-fix-error-on-upgrade-caused-by-new-vendordata2-attri.patch [bz#2021538]
|
||||
- Resolves: bz#2021538
|
||||
(cloud-init.service fails to start after package update)
|
||||
|
||||
* Mon Oct 25 2021 Jon Maloy <jmaloy@redhat.com> - 21.1-9
|
||||
- ci-cc_ssh.py-fix-private-key-group-owner-and-permission.patch [bz#2013644]
|
||||
- Resolves: bz#2013644
|
||||
(cloud-init fails to set host key permissions correctly)
|
||||
|
||||
* Thu Sep 23 2021 Miroslav Rezanina <mrezanin@redhat.com> - 21.1-8
|
||||
- ci-ssh_utils.py-ignore-when-sshd_config-options-are-not.patch [bz#1862933]
|
||||
- Resolves: bz#1862933
|
||||
(cloud-init fails with ValueError: need more than 1 value to unpack[rhel-8])
|
||||
|
||||
* Fri Aug 27 2021 Miroslav Rezanina <mrezanin@redhat.com> - 21.1-7
|
||||
- ci-Fix-home-permissions-modified-by-ssh-module-SC-338-9.patch [bz#1995840]
|
||||
- Resolves: bz#1995840
|
||||
([cloudinit] Fix home permissions modified by ssh module)
|
||||
|
||||
* Wed Aug 11 2021 Miroslav Rezanina <mrezanin@redhat.com> - 21.1-6
|
||||
- ci-Stop-copying-ssh-system-keys-and-check-folder-permis.patch [bz#1862967]
|
||||
- Resolves: bz#1862967
|
||||
([cloud-init]Customize ssh AuthorizedKeysFile causes login failure)
|
||||
|
||||
* Fri Aug 06 2021 Miroslav Rezanina <mrezanin@redhat.com> - 21.1-5
|
||||
- ci-Add-dhcp-client-as-a-dependency.patch [bz#1977385]
|
||||
- Resolves: bz#1977385
|
||||
([Azure][RHEL-8] cloud-init must require dhcp-client on Azure)
|
||||
|
||||
* Mon Jul 19 2021 Miroslav Rezanina <mrezanin@redhat.com> - 21.1-4
|
||||
- ci-ssh-util-allow-cloudinit-to-merge-all-ssh-keys-into-.patch [bz#1862967]
|
||||
- Resolves: bz#1862967
|
||||
([cloud-init]Customize ssh AuthorizedKeysFile causes login failure)
|
||||
|
||||
* Mon Jul 12 2021 Miroslav Rezanina <mrezanin@redhat.com> - 21.1-3
|
||||
- ci-write-passwords-only-to-serial-console-lock-down-clo.patch [bz#1945891]
|
||||
- Resolves: bz#1945891
|
||||
(CVE-2021-3429 cloud-init: randomly generated passwords logged in clear-text to world-readable file [rhel-8])
|
||||
|
||||
* Fri Jun 11 2021 Miroslav Rezanina <mrezanin@redhat.com> - 21.1-2
|
||||
- ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch [bz#1957532]
|
||||
- ci-cloud-init.spec.template-update-systemd_postun-param.patch [bz#1952089]
|
||||
- Resolves: bz#1957532
|
||||
([cloud-init] From RHEL 82+ cloud-init no longer displays sshd keys fingerprints from instance launched from a backup image)
|
||||
- Resolves: bz#1952089
|
||||
(cloud-init brew build fails on Fedora 33)
|
||||
|
||||
* Thu May 27 2021 Miroslav Rezanina <mrezanin@redhat.com> - 21.1-1.el8
|
||||
- Rebaes to 21.1 [bz#1958174]
|
||||
- Resolves: bz#1958174
|
||||
([RHEL-8.5.0] Rebase cloud-init to 21.1)
|
||||
|
||||
* Thu May 13 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-10.el8_4.3
|
||||
- ci-get_interfaces-don-t-exclude-Open-vSwitch-bridge-bon.patch [bz#1957135]
|
||||
|
@ -259,7 +366,7 @@ fi
|
|||
- Resolves: bz#1957135
|
||||
(Intermittent failure to start cloud-init due to failure to detect macs [rhel-8.4.0.z])
|
||||
|
||||
* Tue Apr 06 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-10.el8_4.2
|
||||
* Tue Apr 06 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-10.el8_4.1
|
||||
- ci-Fix-requiring-device-number-on-EC2-derivatives-836.patch [bz#1942699]
|
||||
- Resolves: bz#1942699
|
||||
([Aliyun][RHEL8.4][cloud-init] cloud-init service failed to start with Alibaba instance [rhel-8.4.0.z])
|
||||
|
|
Loading…
Reference in New Issue