import cloud-init-20.3-10.el8
This commit is contained in:
parent
8bee6f500f
commit
2c9d6ad674
@ -1 +1 @@
|
|||||||
5f4de38850f9691dc9789bd4db4be512c9717d7b SOURCES/cloud-init-19.4.tar.gz
|
cbde66f717b7883c4ab64b145042de54f131afab SOURCES/cloud-init-20.3.tar.gz
|
||||||
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
SOURCES/cloud-init-19.4.tar.gz
|
SOURCES/cloud-init-20.3.tar.gz
|
||||||
|
@ -1,12 +1,16 @@
|
|||||||
From 4114343d0cd2fc3e5566eed27272480e003c89cc Mon Sep 17 00:00:00 2001
|
From 25ea7a28d69518319ae1ed1b3cd510147868fd29 Mon Sep 17 00:00:00 2001
|
||||||
From: Miroslav Rezanina <mrezanin@redhat.com>
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
Date: Thu, 31 May 2018 16:45:23 +0200
|
Date: Mon, 5 Oct 2020 13:49:36 +0200
|
||||||
Subject: Add initial redhat setup
|
Subject: Add initial redhat setup
|
||||||
|
|
||||||
Rebase notes (18.5):
|
Rebase notes (18.5):
|
||||||
- added bash_completition file
|
- added bash_completition file
|
||||||
- added cloud-id file
|
- added cloud-id file
|
||||||
|
|
||||||
|
Merged patches (20.3):
|
||||||
|
- 01900d0 changing ds-identify patch from /usr/lib to /usr/libexec
|
||||||
|
- 7f47ca3 Render the generator from template instead of cp
|
||||||
|
|
||||||
Merged patches (19.4):
|
Merged patches (19.4):
|
||||||
- 4ab5a61 Fix for network configuration not persisting after reboot
|
- 4ab5a61 Fix for network configuration not persisting after reboot
|
||||||
- 84cf125 Removing cloud-user from wheel
|
- 84cf125 Removing cloud-user from wheel
|
||||||
@ -17,38 +21,48 @@ Merged patches (18.5):
|
|||||||
- 764159f Adding systemd mount options to wait for cloud-init
|
- 764159f Adding systemd mount options to wait for cloud-init
|
||||||
- da4d99e Adding disk_setup to rhel/cloud.cfg
|
- da4d99e Adding disk_setup to rhel/cloud.cfg
|
||||||
- f5c6832 Enable cloud-init by default on vmware
|
- f5c6832 Enable cloud-init by default on vmware
|
||||||
|
|
||||||
|
Conflicts:
|
||||||
|
cloudinit/config/cc_chef.py:
|
||||||
|
- Updated header documentation text
|
||||||
|
- Replacing double quotes by simple quotes
|
||||||
|
|
||||||
|
setup.py:
|
||||||
|
- Adding missing cmdclass info
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
---
|
---
|
||||||
.gitignore | 1 +
|
.gitignore | 1 +
|
||||||
cloudinit/config/cc_chef.py | 6 +-
|
cloudinit/config/cc_chef.py | 67 ++++-
|
||||||
cloudinit/settings.py | 7 +-
|
cloudinit/settings.py | 7 +-
|
||||||
redhat/.gitignore | 1 +
|
redhat/.gitignore | 1 +
|
||||||
redhat/Makefile | 71 ++++++
|
redhat/Makefile | 71 +++++
|
||||||
redhat/Makefile.common | 37 +++
|
redhat/Makefile.common | 37 +++
|
||||||
redhat/cloud-init-tmpfiles.conf | 1 +
|
redhat/cloud-init-tmpfiles.conf | 1 +
|
||||||
redhat/cloud-init.spec.template | 438 ++++++++++++++++++++++++++++++++++
|
redhat/cloud-init.spec.template | 517 ++++++++++++++++++++++++++++++++++
|
||||||
redhat/gating.yaml | 9 +
|
redhat/gating.yaml | 9 +
|
||||||
redhat/rpmbuild/BUILD/.gitignore | 3 +
|
redhat/rpmbuild/BUILD/.gitignore | 3 +
|
||||||
redhat/rpmbuild/RPMS/.gitignore | 3 +
|
redhat/rpmbuild/RPMS/.gitignore | 3 +
|
||||||
redhat/rpmbuild/SOURCES/.gitignore | 3 +
|
redhat/rpmbuild/SOURCES/.gitignore | 3 +
|
||||||
redhat/rpmbuild/SPECS/.gitignore | 3 +
|
redhat/rpmbuild/SPECS/.gitignore | 3 +
|
||||||
redhat/rpmbuild/SRPMS/.gitignore | 3 +
|
redhat/rpmbuild/SRPMS/.gitignore | 3 +
|
||||||
redhat/scripts/frh.py | 27 +++
|
redhat/scripts/frh.py | 27 ++
|
||||||
redhat/scripts/git-backport-diff | 327 +++++++++++++++++++++++++
|
redhat/scripts/git-backport-diff | 327 +++++++++++++++++++++
|
||||||
redhat/scripts/git-compile-check | 215 +++++++++++++++++
|
redhat/scripts/git-compile-check | 215 ++++++++++++++
|
||||||
redhat/scripts/process-patches.sh | 73 ++++++
|
redhat/scripts/process-patches.sh | 77 +++++
|
||||||
redhat/scripts/tarball_checksum.sh | 3 +
|
redhat/scripts/tarball_checksum.sh | 3 +
|
||||||
rhel/README.rhel | 5 +
|
rhel/README.rhel | 5 +
|
||||||
rhel/cloud-init-tmpfiles.conf | 1 +
|
rhel/cloud-init-tmpfiles.conf | 1 +
|
||||||
rhel/cloud.cfg | 69 ++++++
|
rhel/cloud.cfg | 69 +++++
|
||||||
rhel/systemd/cloud-config.service | 18 ++
|
rhel/systemd/cloud-config.service | 18 ++
|
||||||
rhel/systemd/cloud-config.target | 11 +
|
rhel/systemd/cloud-config.target | 11 +
|
||||||
rhel/systemd/cloud-final.service | 19 ++
|
rhel/systemd/cloud-final.service | 19 ++
|
||||||
rhel/systemd/cloud-init-local.service | 31 +++
|
rhel/systemd/cloud-init-local.service | 31 ++
|
||||||
rhel/systemd/cloud-init.service | 25 ++
|
rhel/systemd/cloud-init.service | 25 ++
|
||||||
rhel/systemd/cloud-init.target | 7 +
|
rhel/systemd/cloud-init.target | 7 +
|
||||||
setup.py | 70 +-----
|
setup.py | 23 +-
|
||||||
tools/read-version | 28 +--
|
tools/read-version | 28 +-
|
||||||
30 files changed, 1417 insertions(+), 98 deletions(-)
|
30 files changed, 1562 insertions(+), 50 deletions(-)
|
||||||
create mode 100644 redhat/.gitignore
|
create mode 100644 redhat/.gitignore
|
||||||
create mode 100644 redhat/Makefile
|
create mode 100644 redhat/Makefile
|
||||||
create mode 100644 redhat/Makefile.common
|
create mode 100644 redhat/Makefile.common
|
||||||
@ -76,19 +90,82 @@ Merged patches (18.5):
|
|||||||
create mode 100644 rhel/systemd/cloud-init.target
|
create mode 100644 rhel/systemd/cloud-init.target
|
||||||
|
|
||||||
diff --git a/cloudinit/config/cc_chef.py b/cloudinit/config/cc_chef.py
|
diff --git a/cloudinit/config/cc_chef.py b/cloudinit/config/cc_chef.py
|
||||||
index 0ad6b7f..e4408a4 100644
|
index aaf7136..97ef649 100644
|
||||||
--- a/cloudinit/config/cc_chef.py
|
--- a/cloudinit/config/cc_chef.py
|
||||||
+++ b/cloudinit/config/cc_chef.py
|
+++ b/cloudinit/config/cc_chef.py
|
||||||
@@ -33,7 +33,7 @@ file).
|
@@ -6,7 +6,70 @@
|
||||||
|
#
|
||||||
|
# This file is part of cloud-init. See LICENSE file for license information.
|
||||||
|
|
||||||
chef:
|
-"""Chef: module that configures, starts and installs chef."""
|
||||||
directories: (defaulting to /etc/chef, /var/log/chef, /var/lib/chef,
|
+"""
|
||||||
- /var/cache/chef, /var/backups/chef, /var/run/chef)
|
+Chef
|
||||||
|
+----
|
||||||
|
+**Summary:** module that configures, starts and installs chef.
|
||||||
|
+
|
||||||
|
+This module enables chef to be installed (from packages or
|
||||||
|
+from gems, or from omnibus). Before this occurs chef configurations are
|
||||||
|
+written to disk (validation.pem, client.pem, firstboot.json, client.rb),
|
||||||
|
+and needed chef folders/directories are created (/etc/chef and /var/log/chef
|
||||||
|
+and so-on). Then once installing proceeds correctly if configured chef will
|
||||||
|
+be started (in daemon mode or in non-daemon mode) and then once that has
|
||||||
|
+finished (if ran in non-daemon mode this will be when chef finishes
|
||||||
|
+converging, if ran in daemon mode then no further actions are possible since
|
||||||
|
+chef will have forked into its own process) then a post run function can
|
||||||
|
+run that can do finishing activities (such as removing the validation pem
|
||||||
|
+file).
|
||||||
|
+
|
||||||
|
+**Internal name:** ``cc_chef``
|
||||||
|
+
|
||||||
|
+**Module frequency:** per always
|
||||||
|
+
|
||||||
|
+**Supported distros:** all
|
||||||
|
+
|
||||||
|
+**Config keys**::
|
||||||
|
+
|
||||||
|
+ chef:
|
||||||
|
+ directories: (defaulting to /etc/chef, /var/log/chef, /var/lib/chef,
|
||||||
+ /var/cache/chef, /var/backups/chef, /run/chef)
|
+ /var/cache/chef, /var/backups/chef, /run/chef)
|
||||||
validation_cert: (optional string to be written to file validation_key)
|
+ validation_cert: (optional string to be written to file validation_key)
|
||||||
special value 'system' means set use existing file
|
+ special value 'system' means set use existing file
|
||||||
validation_key: (optional the path for validation_cert. default
|
+ validation_key: (optional the path for validation_cert. default
|
||||||
@@ -89,7 +89,7 @@ CHEF_DIRS = tuple([
|
+ /etc/chef/validation.pem)
|
||||||
|
+ firstboot_path: (path to write run_list and initial_attributes keys that
|
||||||
|
+ should also be present in this configuration, defaults
|
||||||
|
+ to /etc/chef/firstboot.json)
|
||||||
|
+ exec: boolean to run or not run chef (defaults to false, unless
|
||||||
|
+ a gem installed is requested
|
||||||
|
+ where this will then default
|
||||||
|
+ to true)
|
||||||
|
+
|
||||||
|
+ chef.rb template keys (if falsey, then will be skipped and not
|
||||||
|
+ written to /etc/chef/client.rb)
|
||||||
|
+
|
||||||
|
+ chef:
|
||||||
|
+ client_key:
|
||||||
|
+ encrypted_data_bag_secret:
|
||||||
|
+ environment:
|
||||||
|
+ file_backup_path:
|
||||||
|
+ file_cache_path:
|
||||||
|
+ json_attribs:
|
||||||
|
+ log_level:
|
||||||
|
+ log_location:
|
||||||
|
+ node_name:
|
||||||
|
+ omnibus_url:
|
||||||
|
+ omnibus_url_retries:
|
||||||
|
+ omnibus_version:
|
||||||
|
+ pid_file:
|
||||||
|
+ server_url:
|
||||||
|
+ show_time:
|
||||||
|
+ ssl_verify_mode:
|
||||||
|
+ validation_cert:
|
||||||
|
+ validation_key:
|
||||||
|
+ validation_name:
|
||||||
|
+"""
|
||||||
|
|
||||||
|
import itertools
|
||||||
|
import json
|
||||||
|
@@ -31,7 +94,7 @@ CHEF_DIRS = tuple([
|
||||||
'/var/lib/chef',
|
'/var/lib/chef',
|
||||||
'/var/cache/chef',
|
'/var/cache/chef',
|
||||||
'/var/backups/chef',
|
'/var/backups/chef',
|
||||||
@ -97,15 +174,6 @@ index 0ad6b7f..e4408a4 100644
|
|||||||
])
|
])
|
||||||
REQUIRED_CHEF_DIRS = tuple([
|
REQUIRED_CHEF_DIRS = tuple([
|
||||||
'/etc/chef',
|
'/etc/chef',
|
||||||
@@ -113,7 +113,7 @@ CHEF_RB_TPL_DEFAULTS = {
|
|
||||||
'json_attribs': CHEF_FB_PATH,
|
|
||||||
'file_cache_path': "/var/cache/chef",
|
|
||||||
'file_backup_path': "/var/backups/chef",
|
|
||||||
- 'pid_file': "/var/run/chef/client.pid",
|
|
||||||
+ 'pid_file': "/run/chef/client.pid",
|
|
||||||
'show_time': True,
|
|
||||||
'encrypted_data_bag_secret': None,
|
|
||||||
}
|
|
||||||
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
|
diff --git a/cloudinit/settings.py b/cloudinit/settings.py
|
||||||
index ca4ffa8..3a04a58 100644
|
index ca4ffa8..3a04a58 100644
|
||||||
--- a/cloudinit/settings.py
|
--- a/cloudinit/settings.py
|
||||||
@ -370,10 +438,10 @@ index 0000000..083c3b6
|
|||||||
+Description=Cloud-init target
|
+Description=Cloud-init target
|
||||||
+After=multi-user.target
|
+After=multi-user.target
|
||||||
diff --git a/setup.py b/setup.py
|
diff --git a/setup.py b/setup.py
|
||||||
index 01a67b9..b2ac9bb 100755
|
index cbacf48..d5cd01a 100755
|
||||||
--- a/setup.py
|
--- a/setup.py
|
||||||
+++ b/setup.py
|
+++ b/setup.py
|
||||||
@@ -139,14 +139,6 @@ INITSYS_FILES = {
|
@@ -125,14 +125,6 @@ INITSYS_FILES = {
|
||||||
'sysvinit_deb': [f for f in glob('sysvinit/debian/*') if is_f(f)],
|
'sysvinit_deb': [f for f in glob('sysvinit/debian/*') if is_f(f)],
|
||||||
'sysvinit_openrc': [f for f in glob('sysvinit/gentoo/*') if is_f(f)],
|
'sysvinit_openrc': [f for f in glob('sysvinit/gentoo/*') if is_f(f)],
|
||||||
'sysvinit_suse': [f for f in glob('sysvinit/suse/*') if is_f(f)],
|
'sysvinit_suse': [f for f in glob('sysvinit/suse/*') if is_f(f)],
|
||||||
@ -388,7 +456,7 @@ index 01a67b9..b2ac9bb 100755
|
|||||||
'upstart': [f for f in glob('upstart/*') if is_f(f)],
|
'upstart': [f for f in glob('upstart/*') if is_f(f)],
|
||||||
}
|
}
|
||||||
INITSYS_ROOTS = {
|
INITSYS_ROOTS = {
|
||||||
@@ -155,9 +147,6 @@ INITSYS_ROOTS = {
|
@@ -142,9 +134,6 @@ INITSYS_ROOTS = {
|
||||||
'sysvinit_deb': 'etc/init.d',
|
'sysvinit_deb': 'etc/init.d',
|
||||||
'sysvinit_openrc': 'etc/init.d',
|
'sysvinit_openrc': 'etc/init.d',
|
||||||
'sysvinit_suse': 'etc/init.d',
|
'sysvinit_suse': 'etc/init.d',
|
||||||
@ -398,55 +466,7 @@ index 01a67b9..b2ac9bb 100755
|
|||||||
'upstart': 'etc/init/',
|
'upstart': 'etc/init/',
|
||||||
}
|
}
|
||||||
INITSYS_TYPES = sorted([f.partition(".")[0] for f in INITSYS_ROOTS.keys()])
|
INITSYS_TYPES = sorted([f.partition(".")[0] for f in INITSYS_ROOTS.keys()])
|
||||||
@@ -208,47 +197,6 @@ class MyEggInfo(egg_info):
|
@@ -245,14 +234,11 @@ if not in_virtualenv():
|
||||||
return ret
|
|
||||||
|
|
||||||
|
|
||||||
-# TODO: Is there a better way to do this??
|
|
||||||
-class InitsysInstallData(install):
|
|
||||||
- init_system = None
|
|
||||||
- user_options = install.user_options + [
|
|
||||||
- # This will magically show up in member variable 'init_sys'
|
|
||||||
- ('init-system=', None,
|
|
||||||
- ('init system(s) to configure (%s) [default: None]' %
|
|
||||||
- (", ".join(INITSYS_TYPES)))),
|
|
||||||
- ]
|
|
||||||
-
|
|
||||||
- def initialize_options(self):
|
|
||||||
- install.initialize_options(self)
|
|
||||||
- self.init_system = ""
|
|
||||||
-
|
|
||||||
- def finalize_options(self):
|
|
||||||
- install.finalize_options(self)
|
|
||||||
-
|
|
||||||
- if self.init_system and isinstance(self.init_system, str):
|
|
||||||
- self.init_system = self.init_system.split(",")
|
|
||||||
-
|
|
||||||
- if len(self.init_system) == 0:
|
|
||||||
- self.init_system = ['systemd']
|
|
||||||
-
|
|
||||||
- bad = [f for f in self.init_system if f not in INITSYS_TYPES]
|
|
||||||
- if len(bad) != 0:
|
|
||||||
- raise DistutilsArgError(
|
|
||||||
- "Invalid --init-system: %s" % (','.join(bad)))
|
|
||||||
-
|
|
||||||
- for system in self.init_system:
|
|
||||||
- # add data files for anything that starts with '<system>.'
|
|
||||||
- datakeys = [k for k in INITSYS_ROOTS
|
|
||||||
- if k.partition(".")[0] == system]
|
|
||||||
- for k in datakeys:
|
|
||||||
- if not INITSYS_FILES[k]:
|
|
||||||
- continue
|
|
||||||
- self.distribution.data_files.append(
|
|
||||||
- (INITSYS_ROOTS[k], INITSYS_FILES[k]))
|
|
||||||
- # Force that command to reinitalize (with new file list)
|
|
||||||
- self.distribution.reinitialize_command('install_data', True)
|
|
||||||
-
|
|
||||||
-
|
|
||||||
if not in_virtualenv():
|
|
||||||
USR = "/" + USR
|
|
||||||
ETC = "/" + ETC
|
|
||||||
@@ -258,14 +206,11 @@ if not in_virtualenv():
|
|
||||||
INITSYS_ROOTS[k] = "/" + INITSYS_ROOTS[k]
|
INITSYS_ROOTS[k] = "/" + INITSYS_ROOTS[k]
|
||||||
|
|
||||||
data_files = [
|
data_files = [
|
||||||
@ -463,7 +483,7 @@ index 01a67b9..b2ac9bb 100755
|
|||||||
(USR + '/share/doc/cloud-init', [f for f in glob('doc/*') if is_f(f)]),
|
(USR + '/share/doc/cloud-init', [f for f in glob('doc/*') if is_f(f)]),
|
||||||
(USR + '/share/doc/cloud-init/examples',
|
(USR + '/share/doc/cloud-init/examples',
|
||||||
[f for f in glob('doc/examples/*') if is_f(f)]),
|
[f for f in glob('doc/examples/*') if is_f(f)]),
|
||||||
@@ -276,15 +221,8 @@ if os.uname()[0] != 'FreeBSD':
|
@@ -263,8 +249,7 @@ if not platform.system().endswith('BSD'):
|
||||||
data_files.extend([
|
data_files.extend([
|
||||||
(ETC + '/NetworkManager/dispatcher.d/',
|
(ETC + '/NetworkManager/dispatcher.d/',
|
||||||
['tools/hook-network-manager']),
|
['tools/hook-network-manager']),
|
||||||
@ -471,16 +491,9 @@ index 01a67b9..b2ac9bb 100755
|
|||||||
- (LIB + '/udev/rules.d', [f for f in glob('udev/*.rules')])
|
- (LIB + '/udev/rules.d', [f for f in glob('udev/*.rules')])
|
||||||
+ ('/usr/lib/udev/rules.d', [f for f in glob('udev/*.rules')])
|
+ ('/usr/lib/udev/rules.d', [f for f in glob('udev/*.rules')])
|
||||||
])
|
])
|
||||||
-# Use a subclass for install that handles
|
# Use a subclass for install that handles
|
||||||
-# adding on the right init system configuration files
|
# adding on the right init system configuration files
|
||||||
-cmdclass = {
|
@@ -286,8 +271,6 @@ setuptools.setup(
|
||||||
- 'install': InitsysInstallData,
|
|
||||||
- 'egg_info': MyEggInfo,
|
|
||||||
-}
|
|
||||||
|
|
||||||
requirements = read_requires()
|
|
||||||
|
|
||||||
@@ -299,8 +237,6 @@ setuptools.setup(
|
|
||||||
scripts=['tools/cloud-init-per'],
|
scripts=['tools/cloud-init-per'],
|
||||||
license='Dual-licensed under GPLv3 or Apache 2.0',
|
license='Dual-licensed under GPLv3 or Apache 2.0',
|
||||||
data_files=data_files,
|
data_files=data_files,
|
||||||
@ -490,14 +503,14 @@ index 01a67b9..b2ac9bb 100755
|
|||||||
'console_scripts': [
|
'console_scripts': [
|
||||||
'cloud-init = cloudinit.cmd.main:main',
|
'cloud-init = cloudinit.cmd.main:main',
|
||||||
diff --git a/tools/read-version b/tools/read-version
|
diff --git a/tools/read-version b/tools/read-version
|
||||||
index 6dca659..d43cc8f 100755
|
index 02c9064..79755f7 100755
|
||||||
--- a/tools/read-version
|
--- a/tools/read-version
|
||||||
+++ b/tools/read-version
|
+++ b/tools/read-version
|
||||||
@@ -65,32 +65,8 @@ output_json = '--json' in sys.argv
|
@@ -71,32 +71,8 @@ version_long = None
|
||||||
src_version = ci_version.version_string()
|
is_release_branch_ci = (
|
||||||
version_long = None
|
os.environ.get("TRAVIS_PULL_REQUEST_BRANCH", "").startswith("upstream/")
|
||||||
|
)
|
||||||
-if is_gitdir(_tdir) and which("git"):
|
-if is_gitdir(_tdir) and which("git") and not is_release_branch_ci:
|
||||||
- flags = []
|
- flags = []
|
||||||
- if use_tags:
|
- if use_tags:
|
||||||
- flags = ['--tags']
|
- flags = ['--tags']
|
||||||
|
@ -1,271 +1,278 @@
|
|||||||
From aa7ae9da7e10a5bcf190f8df3072e3864b2d8fb3 Mon Sep 17 00:00:00 2001
|
From d9024cd3bd3bf09b05eb75ba3d81bd15f519c9f8 Mon Sep 17 00:00:00 2001
|
||||||
From: Miroslav Rezanina <mrezanin@redhat.com>
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
Date: Thu, 31 May 2018 19:37:55 +0200
|
Date: Mon, 5 Oct 2020 13:49:46 +0200
|
||||||
Subject: Do not write NM_CONTROLLED=no in generated interface config files
|
Subject: Do not write NM_CONTROLLED=no in generated interface config files
|
||||||
|
|
||||||
|
Conflicts 20.3:
|
||||||
|
- Not appplying patch on cloudinit/net/sysconfig.py since it now has a
|
||||||
|
mechanism to identify if cloud-init is running on RHEL, having the
|
||||||
|
correct settings for NM_CONTROLLED.
|
||||||
|
|
||||||
X-downstream-only: true
|
X-downstream-only: true
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
|
Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
|
||||||
---
|
---
|
||||||
cloudinit/net/sysconfig.py | 1 -
|
cloudinit/net/sysconfig.py | 2 +-
|
||||||
tests/unittests/test_net.py | 30 ------------------------------
|
tests/unittests/test_net.py | 30 ------------------------------
|
||||||
2 files changed, 31 deletions(-)
|
2 files changed, 1 insertion(+), 31 deletions(-)
|
||||||
|
|
||||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||||
index 310cdf0..8bd7e88 100644
|
index 0a5d481..23e467d 100644
|
||||||
--- a/cloudinit/net/sysconfig.py
|
--- a/cloudinit/net/sysconfig.py
|
||||||
+++ b/cloudinit/net/sysconfig.py
|
+++ b/cloudinit/net/sysconfig.py
|
||||||
@@ -272,7 +272,6 @@ class Renderer(renderer.Renderer):
|
@@ -277,7 +277,7 @@ class Renderer(renderer.Renderer):
|
||||||
iface_defaults = tuple([
|
# details about this)
|
||||||
('ONBOOT', True),
|
|
||||||
('USERCTL', False),
|
iface_defaults = {
|
||||||
- ('NM_CONTROLLED', False),
|
- 'rhel': {'ONBOOT': True, 'USERCTL': False, 'NM_CONTROLLED': False,
|
||||||
('BOOTPROTO', 'none'),
|
+ 'rhel': {'ONBOOT': True, 'USERCTL': False,
|
||||||
('STARTMODE', 'auto'),
|
'BOOTPROTO': 'none'},
|
||||||
])
|
'suse': {'BOOTPROTO': 'static', 'STARTMODE': 'auto'},
|
||||||
|
}
|
||||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||||
index 01119e0..a931a3e 100644
|
index 54cc846..9985a97 100644
|
||||||
--- a/tests/unittests/test_net.py
|
--- a/tests/unittests/test_net.py
|
||||||
+++ b/tests/unittests/test_net.py
|
+++ b/tests/unittests/test_net.py
|
||||||
@@ -530,7 +530,6 @@ GATEWAY=172.19.3.254
|
@@ -535,7 +535,6 @@ GATEWAY=172.19.3.254
|
||||||
HWADDR=fa:16:3e:ed:9a:59
|
HWADDR=fa:16:3e:ed:9a:59
|
||||||
IPADDR=172.19.1.34
|
IPADDR=172.19.1.34
|
||||||
NETMASK=255.255.252.0
|
NETMASK=255.255.252.0
|
||||||
-NM_CONTROLLED=no
|
-NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -636,7 +635,6 @@ IPADDR=172.19.1.34
|
USERCTL=no
|
||||||
|
@@ -633,7 +632,6 @@ IPADDR=172.19.1.34
|
||||||
IPADDR1=10.0.0.10
|
IPADDR1=10.0.0.10
|
||||||
NETMASK=255.255.252.0
|
NETMASK=255.255.252.0
|
||||||
NETMASK1=255.255.255.0
|
NETMASK1=255.255.255.0
|
||||||
-NM_CONTROLLED=no
|
-NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -772,7 +770,6 @@ IPV6ADDR_SECONDARIES="2001:DB9::10/64 2001:DB10::10/64"
|
USERCTL=no
|
||||||
|
@@ -754,7 +752,6 @@ IPV6ADDR_SECONDARIES="2001:DB9::10/64 2001:DB10::10/64"
|
||||||
IPV6INIT=yes
|
IPV6INIT=yes
|
||||||
IPV6_DEFAULTGW=2001:DB8::1
|
IPV6_DEFAULTGW=2001:DB8::1
|
||||||
NETMASK=255.255.252.0
|
NETMASK=255.255.252.0
|
||||||
-NM_CONTROLLED=no
|
-NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -889,7 +886,6 @@ NETWORK_CONFIGS = {
|
USERCTL=no
|
||||||
|
@@ -882,7 +879,6 @@ NETWORK_CONFIGS = {
|
||||||
BOOTPROTO=none
|
BOOTPROTO=none
|
||||||
DEVICE=eth1
|
DEVICE=eth1
|
||||||
HWADDR=cf:d6:af:48:e8:80
|
HWADDR=cf:d6:af:48:e8:80
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -907,7 +903,6 @@ NETWORK_CONFIGS = {
|
USERCTL=no"""),
|
||||||
|
@@ -899,7 +895,6 @@ NETWORK_CONFIGS = {
|
||||||
IPADDR=192.168.21.3
|
IPADDR=192.168.21.3
|
||||||
NETMASK=255.255.255.0
|
NETMASK=255.255.255.0
|
||||||
METRIC=10000
|
METRIC=10000
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -1022,7 +1017,6 @@ NETWORK_CONFIGS = {
|
USERCTL=no"""),
|
||||||
|
@@ -1028,7 +1023,6 @@ NETWORK_CONFIGS = {
|
||||||
IPV6ADDR=2001:1::1/64
|
IPV6ADDR=2001:1::1/64
|
||||||
IPV6INIT=yes
|
IPV6INIT=yes
|
||||||
NETMASK=255.255.255.0
|
NETMASK=255.255.255.0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -1491,7 +1485,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
USERCTL=no
|
||||||
|
@@ -1622,7 +1616,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
DHCPV6C=yes
|
DHCPV6C=yes
|
||||||
IPV6INIT=yes
|
IPV6INIT=yes
|
||||||
MACADDR=aa:bb:cc:dd:ee:ff
|
MACADDR=aa:bb:cc:dd:ee:ff
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Bond
|
TYPE=Bond
|
||||||
@@ -1500,7 +1493,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
USERCTL=no"""),
|
||||||
|
@@ -1630,7 +1623,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
BOOTPROTO=dhcp
|
BOOTPROTO=dhcp
|
||||||
DEVICE=bond0.200
|
DEVICE=bond0.200
|
||||||
DHCLIENT_SET_DEFAULT_ROUTE=no
|
DHCLIENT_SET_DEFAULT_ROUTE=no
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
PHYSDEV=bond0
|
PHYSDEV=bond0
|
||||||
STARTMODE=auto
|
TYPE=Ethernet
|
||||||
@@ -1519,7 +1511,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
@@ -1647,7 +1639,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
IPV6_DEFAULTGW=2001:4800:78ff:1b::1
|
IPV6_DEFAULTGW=2001:4800:78ff:1b::1
|
||||||
MACADDR=bb:bb:bb:bb:bb:aa
|
MACADDR=bb:bb:bb:bb:bb:aa
|
||||||
NETMASK=255.255.255.0
|
NETMASK=255.255.255.0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
PRIO=22
|
PRIO=22
|
||||||
STARTMODE=auto
|
STP=no
|
||||||
@@ -1530,7 +1521,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
@@ -1657,7 +1648,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
BOOTPROTO=none
|
BOOTPROTO=none
|
||||||
DEVICE=eth0
|
DEVICE=eth0
|
||||||
HWADDR=c0:d6:9f:2c:e8:80
|
HWADDR=c0:d6:9f:2c:e8:80
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -1548,7 +1538,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
USERCTL=no"""),
|
||||||
|
@@ -1674,7 +1664,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
MTU=1500
|
MTU=1500
|
||||||
NETMASK=255.255.255.0
|
NETMASK=255.255.255.0
|
||||||
NETMASK1=255.255.255.0
|
NETMASK1=255.255.255.0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
PHYSDEV=eth0
|
PHYSDEV=eth0
|
||||||
STARTMODE=auto
|
TYPE=Ethernet
|
||||||
@@ -1560,7 +1549,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
@@ -1685,7 +1674,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
DEVICE=eth1
|
DEVICE=eth1
|
||||||
HWADDR=aa:d6:9f:2c:e8:80
|
HWADDR=aa:d6:9f:2c:e8:80
|
||||||
MASTER=bond0
|
MASTER=bond0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
SLAVE=yes
|
SLAVE=yes
|
||||||
@@ -1571,7 +1559,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
TYPE=Ethernet
|
||||||
|
@@ -1695,7 +1683,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
DEVICE=eth2
|
DEVICE=eth2
|
||||||
HWADDR=c0:bb:9f:2c:e8:80
|
HWADDR=c0:bb:9f:2c:e8:80
|
||||||
MASTER=bond0
|
MASTER=bond0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
SLAVE=yes
|
SLAVE=yes
|
||||||
@@ -1582,7 +1569,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
TYPE=Ethernet
|
||||||
|
@@ -1705,7 +1692,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
BRIDGE=br0
|
BRIDGE=br0
|
||||||
DEVICE=eth3
|
DEVICE=eth3
|
||||||
HWADDR=66:bb:9f:2c:e8:80
|
HWADDR=66:bb:9f:2c:e8:80
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -1592,7 +1578,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
USERCTL=no"""),
|
||||||
|
@@ -1714,7 +1700,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
BRIDGE=br0
|
BRIDGE=br0
|
||||||
DEVICE=eth4
|
DEVICE=eth4
|
||||||
HWADDR=98:bb:9f:2c:e8:80
|
HWADDR=98:bb:9f:2c:e8:80
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -1602,7 +1587,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
USERCTL=no"""),
|
||||||
|
@@ -1723,7 +1708,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
DEVICE=eth5
|
DEVICE=eth5
|
||||||
DHCLIENT_SET_DEFAULT_ROUTE=no
|
DHCLIENT_SET_DEFAULT_ROUTE=no
|
||||||
HWADDR=98:bb:9f:2c:e8:8a
|
HWADDR=98:bb:9f:2c:e8:8a
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=no
|
ONBOOT=no
|
||||||
STARTMODE=manual
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -2088,7 +2072,6 @@ iface bond0 inet6 static
|
USERCTL=no"""),
|
||||||
|
@@ -2177,7 +2161,6 @@ iface bond0 inet6 static
|
||||||
MTU=9000
|
MTU=9000
|
||||||
NETMASK=255.255.255.0
|
NETMASK=255.255.255.0
|
||||||
NETMASK1=255.255.255.0
|
NETMASK1=255.255.255.0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Bond
|
TYPE=Bond
|
||||||
@@ -2099,7 +2082,6 @@ iface bond0 inet6 static
|
USERCTL=no
|
||||||
|
@@ -2187,7 +2170,6 @@ iface bond0 inet6 static
|
||||||
DEVICE=bond0s0
|
DEVICE=bond0s0
|
||||||
HWADDR=aa:bb:cc:dd:e8:00
|
HWADDR=aa:bb:cc:dd:e8:00
|
||||||
MASTER=bond0
|
MASTER=bond0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
SLAVE=yes
|
SLAVE=yes
|
||||||
STARTMODE=auto
|
TYPE=Ethernet
|
||||||
@@ -2122,7 +2104,6 @@ iface bond0 inet6 static
|
@@ -2209,7 +2191,6 @@ iface bond0 inet6 static
|
||||||
DEVICE=bond0s1
|
DEVICE=bond0s1
|
||||||
HWADDR=aa:bb:cc:dd:e8:01
|
HWADDR=aa:bb:cc:dd:e8:01
|
||||||
MASTER=bond0
|
MASTER=bond0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
SLAVE=yes
|
SLAVE=yes
|
||||||
STARTMODE=auto
|
TYPE=Ethernet
|
||||||
@@ -2161,7 +2142,6 @@ iface bond0 inet6 static
|
@@ -2266,7 +2247,6 @@ iface bond0 inet6 static
|
||||||
BOOTPROTO=none
|
BOOTPROTO=none
|
||||||
DEVICE=en0
|
DEVICE=en0
|
||||||
HWADDR=aa:bb:cc:dd:e8:00
|
HWADDR=aa:bb:cc:dd:e8:00
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -2180,7 +2160,6 @@ iface bond0 inet6 static
|
USERCTL=no"""),
|
||||||
|
@@ -2283,7 +2263,6 @@ iface bond0 inet6 static
|
||||||
MTU=2222
|
MTU=2222
|
||||||
NETMASK=255.255.255.0
|
NETMASK=255.255.255.0
|
||||||
NETMASK1=255.255.255.0
|
NETMASK1=255.255.255.0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
PHYSDEV=en0
|
PHYSDEV=en0
|
||||||
STARTMODE=auto
|
TYPE=Ethernet
|
||||||
@@ -2222,7 +2201,6 @@ iface bond0 inet6 static
|
@@ -2349,7 +2328,6 @@ iface bond0 inet6 static
|
||||||
DEVICE=br0
|
DEVICE=br0
|
||||||
IPADDR=192.168.2.2
|
IPADDR=192.168.2.2
|
||||||
NETMASK=255.255.255.0
|
NETMASK=255.255.255.0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
PRIO=22
|
PRIO=22
|
||||||
STARTMODE=auto
|
STP=no
|
||||||
@@ -2238,7 +2216,6 @@ iface bond0 inet6 static
|
@@ -2363,7 +2341,6 @@ iface bond0 inet6 static
|
||||||
IPADDR6=2001:1::100/96
|
HWADDR=52:54:00:12:34:00
|
||||||
IPV6ADDR=2001:1::100/96
|
IPV6ADDR=2001:1::100/96
|
||||||
IPV6INIT=yes
|
IPV6INIT=yes
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -2252,7 +2229,6 @@ iface bond0 inet6 static
|
USERCTL=no
|
||||||
IPADDR6=2001:1::101/96
|
@@ -2375,7 +2352,6 @@ iface bond0 inet6 static
|
||||||
|
HWADDR=52:54:00:12:34:01
|
||||||
IPV6ADDR=2001:1::101/96
|
IPV6ADDR=2001:1::101/96
|
||||||
IPV6INIT=yes
|
IPV6INIT=yes
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -2327,7 +2303,6 @@ iface bond0 inet6 static
|
USERCTL=no
|
||||||
|
@@ -2469,7 +2445,6 @@ iface bond0 inet6 static
|
||||||
HWADDR=52:54:00:12:34:00
|
HWADDR=52:54:00:12:34:00
|
||||||
IPADDR=192.168.1.2
|
IPADDR=192.168.1.2
|
||||||
NETMASK=255.255.255.0
|
NETMASK=255.255.255.0
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=no
|
ONBOOT=no
|
||||||
STARTMODE=manual
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -2338,7 +2313,6 @@ iface bond0 inet6 static
|
USERCTL=no
|
||||||
|
@@ -2479,7 +2454,6 @@ iface bond0 inet6 static
|
||||||
DEVICE=eth1
|
DEVICE=eth1
|
||||||
HWADDR=52:54:00:12:34:aa
|
HWADDR=52:54:00:12:34:aa
|
||||||
MTU=1480
|
MTU=1480
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -2348,7 +2322,6 @@ iface bond0 inet6 static
|
USERCTL=no
|
||||||
|
@@ -2488,7 +2462,6 @@ iface bond0 inet6 static
|
||||||
BOOTPROTO=none
|
BOOTPROTO=none
|
||||||
DEVICE=eth2
|
DEVICE=eth2
|
||||||
HWADDR=52:54:00:12:34:ff
|
HWADDR=52:54:00:12:34:ff
|
||||||
- NM_CONTROLLED=no
|
- NM_CONTROLLED=no
|
||||||
ONBOOT=no
|
ONBOOT=no
|
||||||
STARTMODE=manual
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -2766,7 +2739,6 @@ class TestRhelSysConfigRendering(CiTestCase):
|
USERCTL=no
|
||||||
|
@@ -2905,7 +2878,6 @@ class TestRhelSysConfigRendering(CiTestCase):
|
||||||
BOOTPROTO=dhcp
|
BOOTPROTO=dhcp
|
||||||
DEVICE=eth1000
|
DEVICE=eth1000
|
||||||
HWADDR=07-1c-c6-75-a4-be
|
HWADDR=07-1c-c6-75-a4-be
|
||||||
-NM_CONTROLLED=no
|
-NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -2888,7 +2860,6 @@ GATEWAY=10.0.2.2
|
USERCTL=no
|
||||||
|
@@ -3026,7 +2998,6 @@ GATEWAY=10.0.2.2
|
||||||
HWADDR=52:54:00:12:34:00
|
HWADDR=52:54:00:12:34:00
|
||||||
IPADDR=10.0.2.15
|
IPADDR=10.0.2.15
|
||||||
NETMASK=255.255.255.0
|
NETMASK=255.255.255.0
|
||||||
-NM_CONTROLLED=no
|
-NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
@@ -2961,7 +2932,6 @@ USERCTL=no
|
USERCTL=no
|
||||||
|
@@ -3096,7 +3067,6 @@ USERCTL=no
|
||||||
#
|
#
|
||||||
BOOTPROTO=dhcp
|
BOOTPROTO=dhcp
|
||||||
DEVICE=eth0
|
DEVICE=eth0
|
||||||
-NM_CONTROLLED=no
|
-NM_CONTROLLED=no
|
||||||
ONBOOT=yes
|
ONBOOT=yes
|
||||||
STARTMODE=auto
|
|
||||||
TYPE=Ethernet
|
TYPE=Ethernet
|
||||||
|
USERCTL=no
|
||||||
--
|
--
|
||||||
1.8.3.1
|
1.8.3.1
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
From f15946568fe731dc9bf477f3f06c9c4e0f74f7c1 Mon Sep 17 00:00:00 2001
|
From de22eafc9046b8ea6fddda7440df5a05f5a40607 Mon Sep 17 00:00:00 2001
|
||||||
From: Lars Kellogg-Stedman <lars@redhat.com>
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
Date: Fri, 7 Apr 2017 18:50:54 -0400
|
Date: Mon, 5 Oct 2020 13:49:53 +0200
|
||||||
Subject: limit permissions on def_log_file
|
Subject: limit permissions on def_log_file
|
||||||
|
|
||||||
This sets a default mode of 0600 on def_log_file, and makes this
|
This sets a default mode of 0600 on def_log_file, and makes this
|
||||||
@ -9,6 +9,8 @@ configurable via the def_log_file_mode option in cloud.cfg.
|
|||||||
LP: #1541196
|
LP: #1541196
|
||||||
Resolves: rhbz#1424612
|
Resolves: rhbz#1424612
|
||||||
X-approved-upstream: true
|
X-approved-upstream: true
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
---
|
---
|
||||||
cloudinit/settings.py | 1 +
|
cloudinit/settings.py | 1 +
|
||||||
cloudinit/stages.py | 3 ++-
|
cloudinit/stages.py | 3 ++-
|
||||||
@ -28,10 +30,10 @@ index 3a04a58..439eee0 100644
|
|||||||
'mount_default_fields': [None, None, 'auto', 'defaults,nofail', '0', '2'],
|
'mount_default_fields': [None, None, 'auto', 'defaults,nofail', '0', '2'],
|
||||||
'ssh_deletekeys': False,
|
'ssh_deletekeys': False,
|
||||||
diff --git a/cloudinit/stages.py b/cloudinit/stages.py
|
diff --git a/cloudinit/stages.py b/cloudinit/stages.py
|
||||||
index 71f3a49..68b83af 100644
|
index 765f4aa..d769375 100644
|
||||||
--- a/cloudinit/stages.py
|
--- a/cloudinit/stages.py
|
||||||
+++ b/cloudinit/stages.py
|
+++ b/cloudinit/stages.py
|
||||||
@@ -149,8 +149,9 @@ class Init(object):
|
@@ -147,8 +147,9 @@ class Init(object):
|
||||||
def _initialize_filesystem(self):
|
def _initialize_filesystem(self):
|
||||||
util.ensure_dirs(self._initial_subdirs())
|
util.ensure_dirs(self._initial_subdirs())
|
||||||
log_file = util.get_cfg_option_str(self.cfg, 'def_log_file')
|
log_file = util.get_cfg_option_str(self.cfg, 'def_log_file')
|
||||||
@ -43,10 +45,10 @@ index 71f3a49..68b83af 100644
|
|||||||
if not perms:
|
if not perms:
|
||||||
perms = {}
|
perms = {}
|
||||||
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
|
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
|
||||||
index eb84dcf..0e82b83 100644
|
index f3ae5e6..b5b1fdd 100644
|
||||||
--- a/doc/examples/cloud-config.txt
|
--- a/doc/examples/cloud-config.txt
|
||||||
+++ b/doc/examples/cloud-config.txt
|
+++ b/doc/examples/cloud-config.txt
|
||||||
@@ -413,10 +413,14 @@ timezone: US/Eastern
|
@@ -414,10 +414,14 @@ timezone: US/Eastern
|
||||||
# if syslog_fix_perms is a list, it will iterate through and use the
|
# if syslog_fix_perms is a list, it will iterate through and use the
|
||||||
# first pair that does not raise error.
|
# first pair that does not raise error.
|
||||||
#
|
#
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
From e2b22710db558df261883eaf5dde866c69ba17dd Mon Sep 17 00:00:00 2001
|
From bb87d9a83ddbc5bf84fbdab9c58dedc0c9629eea Mon Sep 17 00:00:00 2001
|
||||||
From: Miroslav Rezanina <mrezanin@redhat.com>
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
Date: Thu, 31 May 2018 20:00:32 +0200
|
Date: Mon, 5 Oct 2020 13:51:34 +0200
|
||||||
Subject: sysconfig: Don't write BOOTPROTO=dhcp for ipv6 dhcp
|
Subject: sysconfig: Don't write BOOTPROTO=dhcp for ipv6 dhcp
|
||||||
|
|
||||||
Don't write BOOTPROTO=dhcp for ipv6 dhcp, as BOOTPROTO applies
|
Don't write BOOTPROTO=dhcp for ipv6 dhcp, as BOOTPROTO applies
|
||||||
@ -13,15 +13,17 @@ Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
|
|||||||
|
|
||||||
Merged patches (19.4):
|
Merged patches (19.4):
|
||||||
- 6444df4 sysconfig: Don't disable IPV6_AUTOCONF
|
- 6444df4 sysconfig: Don't disable IPV6_AUTOCONF
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
---
|
---
|
||||||
tests/unittests/test_net.py | 1 +
|
tests/unittests/test_net.py | 1 +
|
||||||
1 file changed, 1 insertion(+)
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||||
index a931a3e..1306a0f 100644
|
index 9985a97..2cc57fe 100644
|
||||||
--- a/tests/unittests/test_net.py
|
--- a/tests/unittests/test_net.py
|
||||||
+++ b/tests/unittests/test_net.py
|
+++ b/tests/unittests/test_net.py
|
||||||
@@ -1483,6 +1483,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
@@ -1614,6 +1614,7 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
BOOTPROTO=none
|
BOOTPROTO=none
|
||||||
DEVICE=bond0
|
DEVICE=bond0
|
||||||
DHCPV6C=yes
|
DHCPV6C=yes
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
From 9a09efb49c2d7cade1f0ac309293166c3c2d8d7b Mon Sep 17 00:00:00 2001
|
From 9c6562c6d3516df8d11aa7cf7cd9cc62e5c91a70 Mon Sep 17 00:00:00 2001
|
||||||
From: Vitaly Kuznetsov <vkuznets@redhat.com>
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
Date: Tue, 17 Apr 2018 13:07:54 +0200
|
Date: Mon, 5 Oct 2020 13:51:37 +0200
|
||||||
Subject: DataSourceAzure.py: use hostnamectl to set hostname
|
Subject: DataSourceAzure.py: use hostnamectl to set hostname
|
||||||
|
|
||||||
RH-Author: Vitaly Kuznetsov <vkuznets@redhat.com>
|
RH-Author: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||||
@ -32,6 +32,7 @@ Resolves: rhbz#1434109
|
|||||||
|
|
||||||
X-downstream-only: yes
|
X-downstream-only: yes
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
---
|
---
|
||||||
@ -39,14 +40,14 @@ Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py
|
diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py
|
||||||
index 24f448c..6fb889c 100755
|
index f3c6452..1c214db 100755
|
||||||
--- a/cloudinit/sources/DataSourceAzure.py
|
--- a/cloudinit/sources/DataSourceAzure.py
|
||||||
+++ b/cloudinit/sources/DataSourceAzure.py
|
+++ b/cloudinit/sources/DataSourceAzure.py
|
||||||
@@ -256,7 +256,7 @@ def get_hostname(hostname_command='hostname'):
|
@@ -258,7 +258,7 @@ def get_hostname(hostname_command='hostname'):
|
||||||
|
|
||||||
|
|
||||||
def set_hostname(hostname, hostname_command='hostname'):
|
def set_hostname(hostname, hostname_command='hostname'):
|
||||||
- util.subp([hostname_command, hostname])
|
- subp.subp([hostname_command, hostname])
|
||||||
+ util.subp(['hostnamectl', 'set-hostname', str(hostname)])
|
+ util.subp(['hostnamectl', 'set-hostname', str(hostname)])
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
From 13ee71a3add0dd2e7c60fc672134e696bd7f6a77 Mon Sep 17 00:00:00 2001
|
From bdcad981ac530277529d1c77fb5e9e6f89409bd8 Mon Sep 17 00:00:00 2001
|
||||||
From: Eduardo Otubo <otubo@redhat.com>
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
Date: Wed, 20 Mar 2019 11:45:59 +0100
|
Date: Mon, 5 Oct 2020 13:51:44 +0200
|
||||||
Subject: include 'NOZEROCONF=yes' in /etc/sysconfig/network
|
Subject: include 'NOZEROCONF=yes' in /etc/sysconfig/network
|
||||||
|
|
||||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
@ -27,10 +27,10 @@ Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|||||||
2 files changed, 10 insertions(+), 2 deletions(-)
|
2 files changed, 10 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||||
index 8bd7e88..810b283 100644
|
index 23e467d..af093dd 100644
|
||||||
--- a/cloudinit/net/sysconfig.py
|
--- a/cloudinit/net/sysconfig.py
|
||||||
+++ b/cloudinit/net/sysconfig.py
|
+++ b/cloudinit/net/sysconfig.py
|
||||||
@@ -754,7 +754,16 @@ class Renderer(renderer.Renderer):
|
@@ -888,7 +888,16 @@ class Renderer(renderer.Renderer):
|
||||||
# Distros configuring /etc/sysconfig/network as a file e.g. Centos
|
# Distros configuring /etc/sysconfig/network as a file e.g. Centos
|
||||||
if sysconfig_path.endswith('network'):
|
if sysconfig_path.endswith('network'):
|
||||||
util.ensure_dir(os.path.dirname(sysconfig_path))
|
util.ensure_dir(os.path.dirname(sysconfig_path))
|
||||||
@ -49,10 +49,10 @@ index 8bd7e88..810b283 100644
|
|||||||
netcfg.append('NETWORKING_IPV6=yes')
|
netcfg.append('NETWORKING_IPV6=yes')
|
||||||
netcfg.append('IPV6_AUTOCONF=no')
|
netcfg.append('IPV6_AUTOCONF=no')
|
||||||
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||||
index 1306a0f..a931a3e 100644
|
index 2cc57fe..9985a97 100644
|
||||||
--- a/tests/unittests/test_net.py
|
--- a/tests/unittests/test_net.py
|
||||||
+++ b/tests/unittests/test_net.py
|
+++ b/tests/unittests/test_net.py
|
||||||
@@ -1483,7 +1483,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
@@ -1614,7 +1614,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
BOOTPROTO=none
|
BOOTPROTO=none
|
||||||
DEVICE=bond0
|
DEVICE=bond0
|
||||||
DHCPV6C=yes
|
DHCPV6C=yes
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
From 9d951d55a1be44bbeb5df485d14d4f84ddf01142 Mon Sep 17 00:00:00 2001
|
From a52c7b659c6569c78aad4b92303f289009da476c Mon Sep 17 00:00:00 2001
|
||||||
From: Eduardo Otubo <otubo@redhat.com>
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
Date: Mon, 2 Mar 2020 10:46:35 +0100
|
Date: Mon, 5 Oct 2020 13:51:50 +0200
|
||||||
Subject: Remove race condition between cloud-init and NetworkManager
|
Subject: Remove race condition between cloud-init and NetworkManager
|
||||||
|
|
||||||
Message-id: <20200302104635.11648-1-otubo@redhat.com>
|
Message-id: <20200302104635.11648-1-otubo@redhat.com>
|
||||||
@ -32,25 +32,131 @@ start up so it won't erase resolv.conf upon first shutdown.
|
|||||||
x-downstream-only: yes
|
x-downstream-only: yes
|
||||||
resolves: rhbz#1748015, rhbz#1807797 and rhbz#1804780
|
resolves: rhbz#1748015, rhbz#1807797 and rhbz#1804780
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
|
||||||
|
This commit is a squash and also includes the folloowing commits:
|
||||||
|
|
||||||
|
commit 316a17b7c02a87fa9b2981535be0b20d165adc46
|
||||||
|
Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Mon Jun 1 11:58:06 2020 +0200
|
||||||
|
|
||||||
|
Make cloud-init.service execute after network is up
|
||||||
|
|
||||||
|
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Message-id: <20200526090804.2047-1-otubo@redhat.com>
|
||||||
|
Patchwork-id: 96809
|
||||||
|
O-Subject: [RHEL-8.2.1 cloud-init PATCH] Make cloud-init.service execute after network is up
|
||||||
|
Bugzilla: 1803928
|
||||||
|
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||||
|
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
|
||||||
|
cloud-init.service needs to wait until network is fully up before
|
||||||
|
continuing executing and configuring its service.
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
|
||||||
|
x-downstream-only: yes
|
||||||
|
Resolves: rhbz#1831646
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
|
||||||
|
commit 0422ba0e773d1a8257a3f2bf3db05f3bc7917eb7
|
||||||
|
Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Thu May 28 08:44:08 2020 +0200
|
||||||
|
|
||||||
|
Remove race condition between cloud-init and NetworkManager
|
||||||
|
|
||||||
|
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Message-id: <20200327121911.17699-1-otubo@redhat.com>
|
||||||
|
Patchwork-id: 94453
|
||||||
|
O-Subject: [RHEL-7.9/RHEL-8.2.0 cloud-init PATCHv2] Remove race condition between cloud-init and NetworkManager
|
||||||
|
Bugzilla: 1840648
|
||||||
|
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||||
|
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
RH-Acked-by: Cathy Avery <cavery@redhat.com>
|
||||||
|
|
||||||
|
cloud-init service is set to start before NetworkManager service starts,
|
||||||
|
but this does not avoid a race condition between them. NetworkManager
|
||||||
|
starts before cloud-init can write `dns=none' to the file:
|
||||||
|
/etc/NetworkManager/conf.d/99-cloud-init.conf. This way NetworkManager
|
||||||
|
doesn't read the configuration and erases all resolv.conf values upon
|
||||||
|
shutdown. On the next reboot neither cloud-init or NetworkManager will
|
||||||
|
write anything to resolv.conf, leaving it blank.
|
||||||
|
|
||||||
|
This patch introduces a NM reload (try-reload-or-restart) at the end of cloud-init
|
||||||
|
start up so it won't erase resolv.conf upon first shutdown.
|
||||||
|
|
||||||
|
x-downstream-only: yes
|
||||||
|
|
||||||
Signed-off-by: Eduardo Otubo otubo@redhat.com
|
Signed-off-by: Eduardo Otubo otubo@redhat.com
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
---
|
|
||||||
rhel/systemd/cloud-final.service | 2 ++
|
|
||||||
1 file changed, 2 insertions(+)
|
|
||||||
|
|
||||||
|
commit e0b48a936433faea7f56dbc29dda35acf7d375f7
|
||||||
|
Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Thu May 28 08:44:06 2020 +0200
|
||||||
|
|
||||||
|
Enable ssh_deletekeys by default
|
||||||
|
|
||||||
|
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Message-id: <20200317091705.15715-1-otubo@redhat.com>
|
||||||
|
Patchwork-id: 94365
|
||||||
|
O-Subject: [RHEL-7.9/RHEL-8.2.0 cloud-init PATCH] Enable ssh_deletekeys by default
|
||||||
|
Bugzilla: 1814152
|
||||||
|
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
||||||
|
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||||
|
|
||||||
|
The configuration option ssh_deletekeys will trigger the generation
|
||||||
|
of new ssh keys for every new instance deployed.
|
||||||
|
|
||||||
|
x-downstream-only: yes
|
||||||
|
resolves: rhbz#1814152
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||||
|
---
|
||||||
|
rhel/cloud.cfg | 2 +-
|
||||||
|
rhel/systemd/cloud-final.service | 2 ++
|
||||||
|
rhel/systemd/cloud-init.service | 1 +
|
||||||
|
3 files changed, 4 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/rhel/cloud.cfg b/rhel/cloud.cfg
|
||||||
|
index 82e8bf6..9ecba21 100644
|
||||||
|
--- a/rhel/cloud.cfg
|
||||||
|
+++ b/rhel/cloud.cfg
|
||||||
|
@@ -6,7 +6,7 @@ ssh_pwauth: 0
|
||||||
|
|
||||||
|
mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service', '0', '2']
|
||||||
|
resize_rootfs_tmp: /dev
|
||||||
|
-ssh_deletekeys: 0
|
||||||
|
+ssh_deletekeys: 1
|
||||||
|
ssh_genkeytypes: ~
|
||||||
|
syslog_fix_perms: ~
|
||||||
|
disable_vmware_customization: false
|
||||||
diff --git a/rhel/systemd/cloud-final.service b/rhel/systemd/cloud-final.service
|
diff --git a/rhel/systemd/cloud-final.service b/rhel/systemd/cloud-final.service
|
||||||
index 739b7e3..f303483 100644
|
index 739b7e3..05add07 100644
|
||||||
--- a/rhel/systemd/cloud-final.service
|
--- a/rhel/systemd/cloud-final.service
|
||||||
+++ b/rhel/systemd/cloud-final.service
|
+++ b/rhel/systemd/cloud-final.service
|
||||||
@@ -11,6 +11,8 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
|
@@ -11,6 +11,8 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
TimeoutSec=0
|
TimeoutSec=0
|
||||||
KillMode=process
|
KillMode=process
|
||||||
+ExecStartPost=/bin/echo "try restart NetworkManager.service"
|
+ExecStartPost=/bin/echo "trying to reload or restart NetworkManager.service"
|
||||||
+ExecStartPost=/usr/bin/systemctl try-restart NetworkManager.service
|
+ExecStartPost=/usr/bin/systemctl try-reload-or-restart NetworkManager.service
|
||||||
|
|
||||||
# Output needs to appear in instance console output
|
# Output needs to appear in instance console output
|
||||||
StandardOutput=journal+console
|
StandardOutput=journal+console
|
||||||
|
diff --git a/rhel/systemd/cloud-init.service b/rhel/systemd/cloud-init.service
|
||||||
|
index d0023a0..0b3d796 100644
|
||||||
|
--- a/rhel/systemd/cloud-init.service
|
||||||
|
+++ b/rhel/systemd/cloud-init.service
|
||||||
|
@@ -5,6 +5,7 @@ Wants=sshd-keygen.service
|
||||||
|
Wants=sshd.service
|
||||||
|
After=cloud-init-local.service
|
||||||
|
After=NetworkManager.service network.service
|
||||||
|
+After=NetworkManager-wait-online.service
|
||||||
|
Before=network-online.target
|
||||||
|
Before=sshd-keygen.service
|
||||||
|
Before=sshd.service
|
||||||
--
|
--
|
||||||
1.8.3.1
|
1.8.3.1
|
||||||
|
|
||||||
|
@ -0,0 +1,496 @@
|
|||||||
|
From c3a1b3a5d7abe51a1facbdae71aca4b2bca7d6aa Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Wed, 28 Oct 2020 20:43:33 +0100
|
||||||
|
Subject: [PATCH 2/3] Add config modules for controlling IBM PowerVM RMC.
|
||||||
|
(#584)
|
||||||
|
|
||||||
|
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||||
|
RH-MergeRequest: 12: Support for cloud-init config modules for PowerVM Hypervisor in Red Hat cloud-init
|
||||||
|
RH-Commit: [1/1] d175c3607a8d4f473573ba0ce42e0f311dbc31ed (eterrell/cloud-init)
|
||||||
|
RH-Bugzilla: 1886430
|
||||||
|
|
||||||
|
commit f99d4f96b00a9cfec1c721d364cbfd728674e5dc (upstream/master)
|
||||||
|
Author: Aman306 <45781773+Aman306@users.noreply.github.com>
|
||||||
|
Date: Wed Oct 28 23:36:09 2020 +0530
|
||||||
|
|
||||||
|
Add config modules for controlling IBM PowerVM RMC. (#584)
|
||||||
|
|
||||||
|
Reliable Scalable Cluster Technology (RSCT) is a set of software
|
||||||
|
components that together provide a comprehensive clustering
|
||||||
|
environment(RAS features) for IBM PowerVM based virtual machines. RSCT
|
||||||
|
includes the Resource Monitoring and Control (RMC) subsystem. RMC is a
|
||||||
|
generalized framework used for managing, monitoring, and manipulating
|
||||||
|
resources. RMC runs as a daemon process on individual machines and needs
|
||||||
|
creation of unique node id and restarts during VM boot.
|
||||||
|
|
||||||
|
LP: #1895979
|
||||||
|
|
||||||
|
Co-authored-by: Scott Moser <smoser@brickies.net>
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
---
|
||||||
|
cloudinit/config/cc_refresh_rmc_and_interface.py | 159 +++++++++++++++++++++
|
||||||
|
cloudinit/config/cc_reset_rmc.py | 143 ++++++++++++++++++
|
||||||
|
config/cloud.cfg.tmpl | 2 +
|
||||||
|
.../test_handler_refresh_rmc_and_interface.py | 109 ++++++++++++++
|
||||||
|
tools/.github-cla-signers | 1 +
|
||||||
|
5 files changed, 414 insertions(+)
|
||||||
|
create mode 100644 cloudinit/config/cc_refresh_rmc_and_interface.py
|
||||||
|
create mode 100644 cloudinit/config/cc_reset_rmc.py
|
||||||
|
create mode 100644 tests/unittests/test_handler/test_handler_refresh_rmc_and_interface.py
|
||||||
|
|
||||||
|
diff --git a/cloudinit/config/cc_refresh_rmc_and_interface.py b/cloudinit/config/cc_refresh_rmc_and_interface.py
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..146758a
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/cloudinit/config/cc_refresh_rmc_and_interface.py
|
||||||
|
@@ -0,0 +1,159 @@
|
||||||
|
+# (c) Copyright IBM Corp. 2020 All Rights Reserved
|
||||||
|
+#
|
||||||
|
+# Author: Aman Kumar Sinha <amansi26@in.ibm.com>
|
||||||
|
+#
|
||||||
|
+# This file is part of cloud-init. See LICENSE file for license information.
|
||||||
|
+
|
||||||
|
+"""
|
||||||
|
+Refresh IPv6 interface and RMC
|
||||||
|
+------------------------------
|
||||||
|
+**Summary:** Ensure Network Manager is not managing IPv6 interface
|
||||||
|
+
|
||||||
|
+This module is IBM PowerVM Hypervisor specific
|
||||||
|
+
|
||||||
|
+Reliable Scalable Cluster Technology (RSCT) is a set of software components
|
||||||
|
+that together provide a comprehensive clustering environment(RAS features)
|
||||||
|
+for IBM PowerVM based virtual machines. RSCT includes the Resource
|
||||||
|
+Monitoring and Control (RMC) subsystem. RMC is a generalized framework used
|
||||||
|
+for managing, monitoring, and manipulating resources. RMC runs as a daemon
|
||||||
|
+process on individual machines and needs creation of unique node id and
|
||||||
|
+restarts during VM boot.
|
||||||
|
+More details refer
|
||||||
|
+https://www.ibm.com/support/knowledgecenter/en/SGVKBA_3.2/admin/bl503_ovrv.htm
|
||||||
|
+
|
||||||
|
+This module handles
|
||||||
|
+- Refreshing RMC
|
||||||
|
+- Disabling NetworkManager from handling IPv6 interface, as IPv6 interface
|
||||||
|
+ is used for communication between RMC daemon and PowerVM hypervisor.
|
||||||
|
+
|
||||||
|
+**Internal name:** ``cc_refresh_rmc_and_interface``
|
||||||
|
+
|
||||||
|
+**Module frequency:** per always
|
||||||
|
+
|
||||||
|
+**Supported distros:** RHEL
|
||||||
|
+
|
||||||
|
+"""
|
||||||
|
+
|
||||||
|
+from cloudinit import log as logging
|
||||||
|
+from cloudinit.settings import PER_ALWAYS
|
||||||
|
+from cloudinit import util
|
||||||
|
+from cloudinit import subp
|
||||||
|
+from cloudinit import netinfo
|
||||||
|
+
|
||||||
|
+import errno
|
||||||
|
+
|
||||||
|
+frequency = PER_ALWAYS
|
||||||
|
+
|
||||||
|
+LOG = logging.getLogger(__name__)
|
||||||
|
+# Ensure that /opt/rsct/bin has been added to standard PATH of the
|
||||||
|
+# distro. The symlink to rmcctrl is /usr/sbin/rsct/bin/rmcctrl .
|
||||||
|
+RMCCTRL = 'rmcctrl'
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def handle(name, _cfg, _cloud, _log, _args):
|
||||||
|
+ if not subp.which(RMCCTRL):
|
||||||
|
+ LOG.debug("No '%s' in path, disabled", RMCCTRL)
|
||||||
|
+ return
|
||||||
|
+
|
||||||
|
+ LOG.debug(
|
||||||
|
+ 'Making the IPv6 up explicitly. '
|
||||||
|
+ 'Ensuring IPv6 interface is not being handled by NetworkManager '
|
||||||
|
+ 'and it is restarted to re-establish the communication with '
|
||||||
|
+ 'the hypervisor')
|
||||||
|
+
|
||||||
|
+ ifaces = find_ipv6_ifaces()
|
||||||
|
+
|
||||||
|
+ # Setting NM_CONTROLLED=no for IPv6 interface
|
||||||
|
+ # making it down and up
|
||||||
|
+
|
||||||
|
+ if len(ifaces) == 0:
|
||||||
|
+ LOG.debug("Did not find any interfaces with ipv6 addresses.")
|
||||||
|
+ else:
|
||||||
|
+ for iface in ifaces:
|
||||||
|
+ refresh_ipv6(iface)
|
||||||
|
+ disable_ipv6(sysconfig_path(iface))
|
||||||
|
+ restart_network_manager()
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def find_ipv6_ifaces():
|
||||||
|
+ info = netinfo.netdev_info()
|
||||||
|
+ ifaces = []
|
||||||
|
+ for iface, data in info.items():
|
||||||
|
+ if iface == "lo":
|
||||||
|
+ LOG.debug('Skipping localhost interface')
|
||||||
|
+ if len(data.get("ipv4", [])) != 0:
|
||||||
|
+ # skip this interface, as it has ipv4 addrs
|
||||||
|
+ continue
|
||||||
|
+ ifaces.append(iface)
|
||||||
|
+ return ifaces
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def refresh_ipv6(interface):
|
||||||
|
+ # IPv6 interface is explicitly brought up, subsequent to which the
|
||||||
|
+ # RMC services are restarted to re-establish the communication with
|
||||||
|
+ # the hypervisor.
|
||||||
|
+ subp.subp(['ip', 'link', 'set', interface, 'down'])
|
||||||
|
+ subp.subp(['ip', 'link', 'set', interface, 'up'])
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def sysconfig_path(iface):
|
||||||
|
+ return '/etc/sysconfig/network-scripts/ifcfg-' + iface
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def restart_network_manager():
|
||||||
|
+ subp.subp(['systemctl', 'restart', 'NetworkManager'])
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def disable_ipv6(iface_file):
|
||||||
|
+ # Ensuring that the communication b/w the hypervisor and VM is not
|
||||||
|
+ # interrupted due to NetworkManager. For this purpose, as part of
|
||||||
|
+ # this function, the NM_CONTROLLED is explicitly set to No for IPV6
|
||||||
|
+ # interface and NetworkManager is restarted.
|
||||||
|
+ try:
|
||||||
|
+ contents = util.load_file(iface_file)
|
||||||
|
+ except IOError as e:
|
||||||
|
+ if e.errno == errno.ENOENT:
|
||||||
|
+ LOG.debug("IPv6 interface file %s does not exist\n",
|
||||||
|
+ iface_file)
|
||||||
|
+ else:
|
||||||
|
+ raise e
|
||||||
|
+
|
||||||
|
+ if 'IPV6INIT' not in contents:
|
||||||
|
+ LOG.debug("Interface file %s did not have IPV6INIT", iface_file)
|
||||||
|
+ return
|
||||||
|
+
|
||||||
|
+ LOG.debug("Editing interface file %s ", iface_file)
|
||||||
|
+
|
||||||
|
+ # Dropping any NM_CONTROLLED or IPV6 lines from IPv6 interface file.
|
||||||
|
+ lines = contents.splitlines()
|
||||||
|
+ lines = [line for line in lines if not search(line)]
|
||||||
|
+ lines.append("NM_CONTROLLED=no")
|
||||||
|
+
|
||||||
|
+ with open(iface_file, "w") as fp:
|
||||||
|
+ fp.write("\n".join(lines) + "\n")
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def search(contents):
|
||||||
|
+ # Search for any NM_CONTROLLED or IPV6 lines in IPv6 interface file.
|
||||||
|
+ return(
|
||||||
|
+ contents.startswith("IPV6ADDR") or
|
||||||
|
+ contents.startswith("IPADDR6") or
|
||||||
|
+ contents.startswith("IPV6INIT") or
|
||||||
|
+ contents.startswith("NM_CONTROLLED"))
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def refresh_rmc():
|
||||||
|
+ # To make a healthy connection between RMC daemon and hypervisor we
|
||||||
|
+ # refresh RMC. With refreshing RMC we are ensuring that making IPv6
|
||||||
|
+ # down and up shouldn't impact communication between RMC daemon and
|
||||||
|
+ # hypervisor.
|
||||||
|
+ # -z : stop Resource Monitoring & Control subsystem and all resource
|
||||||
|
+ # managers, but the command does not return control to the user
|
||||||
|
+ # until the subsystem and all resource managers are stopped.
|
||||||
|
+ # -s : start Resource Monitoring & Control subsystem.
|
||||||
|
+ try:
|
||||||
|
+ subp.subp([RMCCTRL, '-z'])
|
||||||
|
+ subp.subp([RMCCTRL, '-s'])
|
||||||
|
+ except Exception:
|
||||||
|
+ util.logexc(LOG, 'Failed to refresh the RMC subsystem.')
|
||||||
|
+ raise
|
||||||
|
diff --git a/cloudinit/config/cc_reset_rmc.py b/cloudinit/config/cc_reset_rmc.py
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..1cd7277
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/cloudinit/config/cc_reset_rmc.py
|
||||||
|
@@ -0,0 +1,143 @@
|
||||||
|
+# (c) Copyright IBM Corp. 2020 All Rights Reserved
|
||||||
|
+#
|
||||||
|
+# Author: Aman Kumar Sinha <amansi26@in.ibm.com>
|
||||||
|
+#
|
||||||
|
+# This file is part of cloud-init. See LICENSE file for license information.
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+"""
|
||||||
|
+Reset RMC
|
||||||
|
+------------
|
||||||
|
+**Summary:** reset rsct node id
|
||||||
|
+
|
||||||
|
+Reset RMC module is IBM PowerVM Hypervisor specific
|
||||||
|
+
|
||||||
|
+Reliable Scalable Cluster Technology (RSCT) is a set of software components,
|
||||||
|
+that together provide a comprehensive clustering environment (RAS features)
|
||||||
|
+for IBM PowerVM based virtual machines. RSCT includes the Resource monitoring
|
||||||
|
+and control (RMC) subsystem. RMC is a generalized framework used for managing,
|
||||||
|
+monitoring, and manipulating resources. RMC runs as a daemon process on
|
||||||
|
+individual machines and needs creation of unique node id and restarts
|
||||||
|
+during VM boot.
|
||||||
|
+More details refer
|
||||||
|
+https://www.ibm.com/support/knowledgecenter/en/SGVKBA_3.2/admin/bl503_ovrv.htm
|
||||||
|
+
|
||||||
|
+This module handles
|
||||||
|
+- creation of the unique RSCT node id to every instance/virtual machine
|
||||||
|
+ and ensure once set, it isn't changed subsequently by cloud-init.
|
||||||
|
+ In order to do so, it restarts RSCT service.
|
||||||
|
+
|
||||||
|
+Prerequisite of using this module is to install RSCT packages.
|
||||||
|
+
|
||||||
|
+**Internal name:** ``cc_reset_rmc``
|
||||||
|
+
|
||||||
|
+**Module frequency:** per instance
|
||||||
|
+
|
||||||
|
+**Supported distros:** rhel, sles and ubuntu
|
||||||
|
+
|
||||||
|
+"""
|
||||||
|
+import os
|
||||||
|
+
|
||||||
|
+from cloudinit import log as logging
|
||||||
|
+from cloudinit.settings import PER_INSTANCE
|
||||||
|
+from cloudinit import util
|
||||||
|
+from cloudinit import subp
|
||||||
|
+
|
||||||
|
+frequency = PER_INSTANCE
|
||||||
|
+
|
||||||
|
+# RMCCTRL is expected to be in system PATH (/opt/rsct/bin)
|
||||||
|
+# The symlink for RMCCTRL and RECFGCT are
|
||||||
|
+# /usr/sbin/rsct/bin/rmcctrl and
|
||||||
|
+# /usr/sbin/rsct/install/bin/recfgct respectively.
|
||||||
|
+RSCT_PATH = '/opt/rsct/install/bin'
|
||||||
|
+RMCCTRL = 'rmcctrl'
|
||||||
|
+RECFGCT = 'recfgct'
|
||||||
|
+
|
||||||
|
+LOG = logging.getLogger(__name__)
|
||||||
|
+
|
||||||
|
+NODE_ID_FILE = '/etc/ct_node_id'
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def handle(name, _cfg, cloud, _log, _args):
|
||||||
|
+ # Ensuring node id has to be generated only once during first boot
|
||||||
|
+ if cloud.datasource.platform_type == 'none':
|
||||||
|
+ LOG.debug('Skipping creation of new ct_node_id node')
|
||||||
|
+ return
|
||||||
|
+
|
||||||
|
+ if not os.path.isdir(RSCT_PATH):
|
||||||
|
+ LOG.debug("module disabled, RSCT_PATH not present")
|
||||||
|
+ return
|
||||||
|
+
|
||||||
|
+ orig_path = os.environ.get('PATH')
|
||||||
|
+ try:
|
||||||
|
+ add_path(orig_path)
|
||||||
|
+ reset_rmc()
|
||||||
|
+ finally:
|
||||||
|
+ if orig_path:
|
||||||
|
+ os.environ['PATH'] = orig_path
|
||||||
|
+ else:
|
||||||
|
+ del os.environ['PATH']
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def reconfigure_rsct_subsystems():
|
||||||
|
+ # Reconfigure the RSCT subsystems, which includes removing all RSCT data
|
||||||
|
+ # under the /var/ct directory, generating a new node ID, and making it
|
||||||
|
+ # appear as if the RSCT components were just installed
|
||||||
|
+ try:
|
||||||
|
+ out = subp.subp([RECFGCT])[0]
|
||||||
|
+ LOG.debug(out.strip())
|
||||||
|
+ return out
|
||||||
|
+ except subp.ProcessExecutionError:
|
||||||
|
+ util.logexc(LOG, 'Failed to reconfigure the RSCT subsystems.')
|
||||||
|
+ raise
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def get_node_id():
|
||||||
|
+ try:
|
||||||
|
+ fp = util.load_file(NODE_ID_FILE)
|
||||||
|
+ node_id = fp.split('\n')[0]
|
||||||
|
+ return node_id
|
||||||
|
+ except Exception:
|
||||||
|
+ util.logexc(LOG, 'Failed to get node ID from file %s.' % NODE_ID_FILE)
|
||||||
|
+ raise
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def add_path(orig_path):
|
||||||
|
+ # Adding the RSCT_PATH to env standard path
|
||||||
|
+ # So thet cloud init automatically find and
|
||||||
|
+ # run RECFGCT to create new node_id.
|
||||||
|
+ suff = ":" + orig_path if orig_path else ""
|
||||||
|
+ os.environ['PATH'] = RSCT_PATH + suff
|
||||||
|
+ return os.environ['PATH']
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def rmcctrl():
|
||||||
|
+ # Stop the RMC subsystem and all resource managers so that we can make
|
||||||
|
+ # some changes to it
|
||||||
|
+ try:
|
||||||
|
+ return subp.subp([RMCCTRL, '-z'])
|
||||||
|
+ except Exception:
|
||||||
|
+ util.logexc(LOG, 'Failed to stop the RMC subsystem.')
|
||||||
|
+ raise
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def reset_rmc():
|
||||||
|
+ LOG.debug('Attempting to reset RMC.')
|
||||||
|
+
|
||||||
|
+ node_id_before = get_node_id()
|
||||||
|
+ LOG.debug('Node ID at beginning of module: %s', node_id_before)
|
||||||
|
+
|
||||||
|
+ # Stop the RMC subsystem and all resource managers so that we can make
|
||||||
|
+ # some changes to it
|
||||||
|
+ rmcctrl()
|
||||||
|
+ reconfigure_rsct_subsystems()
|
||||||
|
+
|
||||||
|
+ node_id_after = get_node_id()
|
||||||
|
+ LOG.debug('Node ID at end of module: %s', node_id_after)
|
||||||
|
+
|
||||||
|
+ # Check if new node ID is generated or not
|
||||||
|
+ # by comparing old and new node ID
|
||||||
|
+ if node_id_after == node_id_before:
|
||||||
|
+ msg = 'New node ID did not get generated.'
|
||||||
|
+ LOG.error(msg)
|
||||||
|
+ raise Exception(msg)
|
||||||
|
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
|
||||||
|
index 2beb9b0..7171aaa 100644
|
||||||
|
--- a/config/cloud.cfg.tmpl
|
||||||
|
+++ b/config/cloud.cfg.tmpl
|
||||||
|
@@ -135,6 +135,8 @@ cloud_final_modules:
|
||||||
|
- chef
|
||||||
|
- mcollective
|
||||||
|
- salt-minion
|
||||||
|
+ - reset_rmc
|
||||||
|
+ - refresh_rmc_and_interface
|
||||||
|
- rightscale_userdata
|
||||||
|
- scripts-vendor
|
||||||
|
- scripts-per-once
|
||||||
|
diff --git a/tests/unittests/test_handler/test_handler_refresh_rmc_and_interface.py b/tests/unittests/test_handler/test_handler_refresh_rmc_and_interface.py
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..e13b779
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/tests/unittests/test_handler/test_handler_refresh_rmc_and_interface.py
|
||||||
|
@@ -0,0 +1,109 @@
|
||||||
|
+from cloudinit.config import cc_refresh_rmc_and_interface as ccrmci
|
||||||
|
+
|
||||||
|
+from cloudinit import util
|
||||||
|
+
|
||||||
|
+from cloudinit.tests import helpers as t_help
|
||||||
|
+from cloudinit.tests.helpers import mock
|
||||||
|
+
|
||||||
|
+from textwrap import dedent
|
||||||
|
+import logging
|
||||||
|
+
|
||||||
|
+LOG = logging.getLogger(__name__)
|
||||||
|
+MPATH = "cloudinit.config.cc_refresh_rmc_and_interface"
|
||||||
|
+NET_INFO = {
|
||||||
|
+ 'lo': {'ipv4': [{'ip': '127.0.0.1',
|
||||||
|
+ 'bcast': '', 'mask': '255.0.0.0',
|
||||||
|
+ 'scope': 'host'}],
|
||||||
|
+ 'ipv6': [{'ip': '::1/128',
|
||||||
|
+ 'scope6': 'host'}], 'hwaddr': '',
|
||||||
|
+ 'up': 'True'},
|
||||||
|
+ 'env2': {'ipv4': [{'ip': '8.0.0.19',
|
||||||
|
+ 'bcast': '8.0.0.255', 'mask': '255.255.255.0',
|
||||||
|
+ 'scope': 'global'}],
|
||||||
|
+ 'ipv6': [{'ip': 'fe80::f896:c2ff:fe81:8220/64',
|
||||||
|
+ 'scope6': 'link'}], 'hwaddr': 'fa:96:c2:81:82:20',
|
||||||
|
+ 'up': 'True'},
|
||||||
|
+ 'env3': {'ipv4': [{'ip': '90.0.0.14',
|
||||||
|
+ 'bcast': '90.0.0.255', 'mask': '255.255.255.0',
|
||||||
|
+ 'scope': 'global'}],
|
||||||
|
+ 'ipv6': [{'ip': 'fe80::f896:c2ff:fe81:8221/64',
|
||||||
|
+ 'scope6': 'link'}], 'hwaddr': 'fa:96:c2:81:82:21',
|
||||||
|
+ 'up': 'True'},
|
||||||
|
+ 'env4': {'ipv4': [{'ip': '9.114.23.7',
|
||||||
|
+ 'bcast': '9.114.23.255', 'mask': '255.255.255.0',
|
||||||
|
+ 'scope': 'global'}],
|
||||||
|
+ 'ipv6': [{'ip': 'fe80::f896:c2ff:fe81:8222/64',
|
||||||
|
+ 'scope6': 'link'}], 'hwaddr': 'fa:96:c2:81:82:22',
|
||||||
|
+ 'up': 'True'},
|
||||||
|
+ 'env5': {'ipv4': [],
|
||||||
|
+ 'ipv6': [{'ip': 'fe80::9c26:c3ff:fea4:62c8/64',
|
||||||
|
+ 'scope6': 'link'}], 'hwaddr': '42:20:86:df:fa:4c',
|
||||||
|
+ 'up': 'True'}}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+class TestRsctNodeFile(t_help.CiTestCase):
|
||||||
|
+ def test_disable_ipv6_interface(self):
|
||||||
|
+ """test parsing of iface files."""
|
||||||
|
+ fname = self.tmp_path("iface-eth5")
|
||||||
|
+ util.write_file(fname, dedent("""\
|
||||||
|
+ BOOTPROTO=static
|
||||||
|
+ DEVICE=eth5
|
||||||
|
+ HWADDR=42:20:86:df:fa:4c
|
||||||
|
+ IPV6INIT=yes
|
||||||
|
+ IPADDR6=fe80::9c26:c3ff:fea4:62c8/64
|
||||||
|
+ IPV6ADDR=fe80::9c26:c3ff:fea4:62c8/64
|
||||||
|
+ NM_CONTROLLED=yes
|
||||||
|
+ ONBOOT=yes
|
||||||
|
+ STARTMODE=auto
|
||||||
|
+ TYPE=Ethernet
|
||||||
|
+ USERCTL=no
|
||||||
|
+ """))
|
||||||
|
+
|
||||||
|
+ ccrmci.disable_ipv6(fname)
|
||||||
|
+ self.assertEqual(dedent("""\
|
||||||
|
+ BOOTPROTO=static
|
||||||
|
+ DEVICE=eth5
|
||||||
|
+ HWADDR=42:20:86:df:fa:4c
|
||||||
|
+ ONBOOT=yes
|
||||||
|
+ STARTMODE=auto
|
||||||
|
+ TYPE=Ethernet
|
||||||
|
+ USERCTL=no
|
||||||
|
+ NM_CONTROLLED=no
|
||||||
|
+ """), util.load_file(fname))
|
||||||
|
+
|
||||||
|
+ @mock.patch(MPATH + '.refresh_rmc')
|
||||||
|
+ @mock.patch(MPATH + '.restart_network_manager')
|
||||||
|
+ @mock.patch(MPATH + '.disable_ipv6')
|
||||||
|
+ @mock.patch(MPATH + '.refresh_ipv6')
|
||||||
|
+ @mock.patch(MPATH + '.netinfo.netdev_info')
|
||||||
|
+ @mock.patch(MPATH + '.subp.which')
|
||||||
|
+ def test_handle(self, m_refresh_rmc,
|
||||||
|
+ m_netdev_info, m_refresh_ipv6, m_disable_ipv6,
|
||||||
|
+ m_restart_nm, m_which):
|
||||||
|
+ """Basic test of handle."""
|
||||||
|
+ m_netdev_info.return_value = NET_INFO
|
||||||
|
+ m_which.return_value = '/opt/rsct/bin/rmcctrl'
|
||||||
|
+ ccrmci.handle(
|
||||||
|
+ "refresh_rmc_and_interface", None, None, None, None)
|
||||||
|
+ self.assertEqual(1, m_netdev_info.call_count)
|
||||||
|
+ m_refresh_ipv6.assert_called_with('env5')
|
||||||
|
+ m_disable_ipv6.assert_called_with(
|
||||||
|
+ '/etc/sysconfig/network-scripts/ifcfg-env5')
|
||||||
|
+ self.assertEqual(1, m_restart_nm.call_count)
|
||||||
|
+ self.assertEqual(1, m_refresh_rmc.call_count)
|
||||||
|
+
|
||||||
|
+ @mock.patch(MPATH + '.netinfo.netdev_info')
|
||||||
|
+ def test_find_ipv6(self, m_netdev_info):
|
||||||
|
+ """find_ipv6_ifaces parses netdev_info returning those with ipv6"""
|
||||||
|
+ m_netdev_info.return_value = NET_INFO
|
||||||
|
+ found = ccrmci.find_ipv6_ifaces()
|
||||||
|
+ self.assertEqual(['env5'], found)
|
||||||
|
+
|
||||||
|
+ @mock.patch(MPATH + '.subp.subp')
|
||||||
|
+ def test_refresh_ipv6(self, m_subp):
|
||||||
|
+ """refresh_ipv6 should ip down and up the interface."""
|
||||||
|
+ iface = "myeth0"
|
||||||
|
+ ccrmci.refresh_ipv6(iface)
|
||||||
|
+ m_subp.assert_has_calls([
|
||||||
|
+ mock.call(['ip', 'link', 'set', iface, 'down']),
|
||||||
|
+ mock.call(['ip', 'link', 'set', iface, 'up'])])
|
||||||
|
diff --git a/tools/.github-cla-signers b/tools/.github-cla-signers
|
||||||
|
index c67db43..802a35b 100644
|
||||||
|
--- a/tools/.github-cla-signers
|
||||||
|
+++ b/tools/.github-cla-signers
|
||||||
|
@@ -1,4 +1,5 @@
|
||||||
|
AlexBaranowski
|
||||||
|
+Aman306
|
||||||
|
beezly
|
||||||
|
bipinbachhao
|
||||||
|
BirknerAlex
|
||||||
|
--
|
||||||
|
1.8.3.1
|
||||||
|
|
@ -0,0 +1,58 @@
|
|||||||
|
From 8a7d21fa739901bad847294004266dba76c027af Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Tue, 1 Dec 2020 15:51:47 +0100
|
||||||
|
Subject: [PATCH 2/4] Adding BOOTPROTO = dhcp to render sysconfig dhcp6
|
||||||
|
stateful on RHEL (#685)
|
||||||
|
|
||||||
|
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||||
|
RH-MergeRequest: 25: Adding BOOTPROTO = dhcp to render sysconfig dhcp6 stateful on RHEL (#685)
|
||||||
|
RH-Commit: [1/1] b7304323096b1e40287950e44cf7aa3cdb4ba99e (eterrell/cloud-init)
|
||||||
|
RH-Bugzilla: 1859695
|
||||||
|
|
||||||
|
BOOTPROTO needs to be set to 'dhcp' on RHEL so NetworkManager can
|
||||||
|
properly acquire ipv6 address.
|
||||||
|
|
||||||
|
rhbz: #1859695
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
|
||||||
|
Co-authored-by: Daniel Watkins <oddbloke@ubuntu.com>
|
||||||
|
Co-authored-by: Scott Moser <smoser@brickies.net>
|
||||||
|
---
|
||||||
|
cloudinit/net/sysconfig.py | 6 ++++++
|
||||||
|
tests/unittests/test_net.py | 2 +-
|
||||||
|
2 files changed, 7 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||||
|
index 078636a4..94801a93 100644
|
||||||
|
--- a/cloudinit/net/sysconfig.py
|
||||||
|
+++ b/cloudinit/net/sysconfig.py
|
||||||
|
@@ -391,6 +391,12 @@ class Renderer(renderer.Renderer):
|
||||||
|
# Only IPv6 is DHCP, IPv4 may be static
|
||||||
|
iface_cfg['BOOTPROTO'] = 'dhcp6'
|
||||||
|
iface_cfg['DHCLIENT6_MODE'] = 'managed'
|
||||||
|
+ # only if rhel AND dhcpv6 stateful
|
||||||
|
+ elif (flavor == 'rhel' and
|
||||||
|
+ subnet_type == 'ipv6_dhcpv6-stateful'):
|
||||||
|
+ iface_cfg['BOOTPROTO'] = 'dhcp'
|
||||||
|
+ iface_cfg['DHCPV6C'] = True
|
||||||
|
+ iface_cfg['IPV6INIT'] = True
|
||||||
|
else:
|
||||||
|
iface_cfg['IPV6INIT'] = True
|
||||||
|
# Configure network settings using DHCPv6
|
||||||
|
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||||
|
index c0337459..bcd261db 100644
|
||||||
|
--- a/tests/unittests/test_net.py
|
||||||
|
+++ b/tests/unittests/test_net.py
|
||||||
|
@@ -1359,7 +1359,7 @@ NETWORK_CONFIGS = {
|
||||||
|
},
|
||||||
|
'expected_sysconfig_rhel': {
|
||||||
|
'ifcfg-iface0': textwrap.dedent("""\
|
||||||
|
- BOOTPROTO=none
|
||||||
|
+ BOOTPROTO=dhcp
|
||||||
|
DEVICE=iface0
|
||||||
|
DHCPV6C=yes
|
||||||
|
IPV6INIT=yes
|
||||||
|
--
|
||||||
|
2.18.4
|
||||||
|
|
@ -1,46 +0,0 @@
|
|||||||
From 65b26a20b550ae301ca33eafe062a873f53969de Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Date: Wed, 24 Jun 2020 07:34:32 +0200
|
|
||||||
Subject: [PATCH 3/4] Change from redhat to rhel in systemd generator tmpl
|
|
||||||
(#450)
|
|
||||||
|
|
||||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Message-id: <20200623154034.28563-3-otubo@redhat.com>
|
|
||||||
Patchwork-id: 97783
|
|
||||||
O-Subject: [RHEL-8.3.0/RHEL-8.2.1 cloud-init PATCH 2/3] Change from redhat to rhel in systemd generator tmpl (#450)
|
|
||||||
Bugzilla: 1834173
|
|
||||||
RH-Acked-by: Cathy Avery <cavery@redhat.com>
|
|
||||||
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
|
||||||
|
|
||||||
commit 650d53d656b612442773453813d8417b234d3752
|
|
||||||
Author: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Date: Tue Jun 23 14:41:15 2020 +0200
|
|
||||||
|
|
||||||
Change from redhat to rhel in systemd generator tmpl (#450)
|
|
||||||
|
|
||||||
The name `redhat' is not used but rather `rhel' to identify the distro.
|
|
||||||
|
|
||||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
|
|
||||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
systemd/cloud-init-generator.tmpl | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/systemd/cloud-init-generator.tmpl b/systemd/cloud-init-generator.tmpl
|
|
||||||
index 45efa24..0773356 100755
|
|
||||||
--- a/systemd/cloud-init-generator.tmpl
|
|
||||||
+++ b/systemd/cloud-init-generator.tmpl
|
|
||||||
@@ -83,7 +83,7 @@ default() {
|
|
||||||
|
|
||||||
check_for_datasource() {
|
|
||||||
local ds_rc=""
|
|
||||||
-{% if variant in ["redhat", "fedora", "centos"] %}
|
|
||||||
+{% if variant in ["rhel", "fedora", "centos"] %}
|
|
||||||
local dsidentify="/usr/libexec/cloud-init/ds-identify"
|
|
||||||
{% else %}
|
|
||||||
local dsidentify="/usr/lib/cloud-init/ds-identify"
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
@ -0,0 +1,60 @@
|
|||||||
|
From bcbd6be99d8317793aff905c4222c351a1bf5c46 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Thu, 21 Jan 2021 10:08:49 +0100
|
||||||
|
Subject: [PATCH 1/2] DataSourceAzure: update password for defuser if exists
|
||||||
|
(#671)
|
||||||
|
|
||||||
|
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||||
|
RH-MergeRequest: 37: DataSourceAzure: update password for defuser if exists (#671)
|
||||||
|
RH-Commit: [1/1] 264092a68a3771cc4ed99dad5b93f7a1433e143a (eterrell/cloud-init)
|
||||||
|
RH-Bugzilla: 1900892
|
||||||
|
|
||||||
|
commit eea754492f074e00b601cf77aa278e3623857c5a
|
||||||
|
Author: Anh Vo <anhvo@microsoft.com>
|
||||||
|
Date: Thu Nov 19 00:35:46 2020 -0500
|
||||||
|
|
||||||
|
DataSourceAzure: update password for defuser if exists (#671)
|
||||||
|
|
||||||
|
cc_set_password will only update the password for the default user if
|
||||||
|
cfg['password'] is set. The existing code of datasource Azure will fail
|
||||||
|
to update the default user's password because it does not set that
|
||||||
|
metadata. If the default user doesn't exist in the image, the current
|
||||||
|
code works fine because the password is set during user create and
|
||||||
|
not in cc_set_password
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
---
|
||||||
|
cloudinit/sources/DataSourceAzure.py | 2 +-
|
||||||
|
tests/unittests/test_datasource/test_azure.py | 3 +++
|
||||||
|
2 files changed, 4 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py
|
||||||
|
index 1c214db9..d4a2d60f 100755
|
||||||
|
--- a/cloudinit/sources/DataSourceAzure.py
|
||||||
|
+++ b/cloudinit/sources/DataSourceAzure.py
|
||||||
|
@@ -1231,7 +1231,7 @@ def read_azure_ovf(contents):
|
||||||
|
if password:
|
||||||
|
defuser['lock_passwd'] = False
|
||||||
|
if DEF_PASSWD_REDACTION != password:
|
||||||
|
- defuser['passwd'] = encrypt_pass(password)
|
||||||
|
+ defuser['passwd'] = cfg['password'] = encrypt_pass(password)
|
||||||
|
|
||||||
|
if defuser:
|
||||||
|
cfg['system_info'] = {'default_user': defuser}
|
||||||
|
diff --git a/tests/unittests/test_datasource/test_azure.py b/tests/unittests/test_datasource/test_azure.py
|
||||||
|
index 47e03bd1..2059990a 100644
|
||||||
|
--- a/tests/unittests/test_datasource/test_azure.py
|
||||||
|
+++ b/tests/unittests/test_datasource/test_azure.py
|
||||||
|
@@ -919,6 +919,9 @@ scbus-1 on xpt0 bus 0
|
||||||
|
crypt.crypt(odata['UserPassword'],
|
||||||
|
defuser['passwd'][0:pos]))
|
||||||
|
|
||||||
|
+ # the same hashed value should also be present in cfg['password']
|
||||||
|
+ self.assertEqual(defuser['passwd'], dsrc.cfg['password'])
|
||||||
|
+
|
||||||
|
def test_user_not_locked_if_password_redacted(self):
|
||||||
|
odata = {'HostName': "myhost", 'UserName': "myuser",
|
||||||
|
'UserPassword': dsaz.DEF_PASSWD_REDACTION}
|
||||||
|
--
|
||||||
|
2.18.4
|
||||||
|
|
@ -1,41 +0,0 @@
|
|||||||
From 251836a62eb3061b8d26177fd5997a96dccec21b Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Date: Thu, 28 May 2020 08:44:06 +0200
|
|
||||||
Subject: [PATCH 3/4] Enable ssh_deletekeys by default
|
|
||||||
|
|
||||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Message-id: <20200317091705.15715-1-otubo@redhat.com>
|
|
||||||
Patchwork-id: 94365
|
|
||||||
O-Subject: [RHEL-7.9/RHEL-8.2.0 cloud-init PATCH] Enable ssh_deletekeys by default
|
|
||||||
Bugzilla: 1814152
|
|
||||||
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
|
||||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
||||||
|
|
||||||
The configuration option ssh_deletekeys will trigger the generation
|
|
||||||
of new ssh keys for every new instance deployed.
|
|
||||||
|
|
||||||
x-downstream-only: yes
|
|
||||||
resolves: rhbz#1814152
|
|
||||||
|
|
||||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
rhel/cloud.cfg | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/rhel/cloud.cfg b/rhel/cloud.cfg
|
|
||||||
index 82e8bf6..9ecba21 100644
|
|
||||||
--- a/rhel/cloud.cfg
|
|
||||||
+++ b/rhel/cloud.cfg
|
|
||||||
@@ -6,7 +6,7 @@ ssh_pwauth: 0
|
|
||||||
|
|
||||||
mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service', '0', '2']
|
|
||||||
resize_rootfs_tmp: /dev
|
|
||||||
-ssh_deletekeys: 0
|
|
||||||
+ssh_deletekeys: 1
|
|
||||||
ssh_genkeytypes: ~
|
|
||||||
syslog_fix_perms: ~
|
|
||||||
disable_vmware_customization: false
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
@ -0,0 +1,295 @@
|
|||||||
|
From 5ded09d5acf4d653fe2cbd54814f53063d265489 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Thu, 29 Oct 2020 15:05:42 +0100
|
||||||
|
Subject: [PATCH 1/3] Explicit set IPV6_AUTOCONF and IPV6_FORCE_ACCEPT_RA on
|
||||||
|
static6 (#634)
|
||||||
|
|
||||||
|
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||||
|
RH-MergeRequest: 13: [RHEL-8.4.0] Add support for ipv6_autoconf on cloud-init-20.3
|
||||||
|
RH-Commit: [1/1] 41e61c35893f4487981a1ad31f9f97a9a740b397 (eterrell/cloud-init)
|
||||||
|
RH-Bugzilla: 1889635
|
||||||
|
|
||||||
|
commit b46e4a8cff667c8441622089cf7d57aeb88220cd
|
||||||
|
Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Thu Oct 29 15:05:42 2020 +0100
|
||||||
|
|
||||||
|
Explicit set IPV6_AUTOCONF and IPV6_FORCE_ACCEPT_RA on static6 (#634)
|
||||||
|
|
||||||
|
The static and static6 subnet types for network_data.json were
|
||||||
|
being ignored by the Openstack handler, this would cause the code to
|
||||||
|
break and not function properly.
|
||||||
|
|
||||||
|
As of today, if a static6 configuration is chosen, the interface will
|
||||||
|
still eventually be available to receive router advertisements or be set
|
||||||
|
from NetworkManager to wait for them and cycle the interface in negative
|
||||||
|
case.
|
||||||
|
|
||||||
|
It is safe to assume that if the interface is manually configured to use
|
||||||
|
static ipv6 address, there's no need to wait for router advertisements.
|
||||||
|
This patch will set automatically IPV6_AUTOCONF and IPV6_FORCE_ACCEPT_RA
|
||||||
|
both to "no" in this case.
|
||||||
|
|
||||||
|
This patch fixes the specific behavior only for RHEL flavor and
|
||||||
|
sysconfig renderer. It also introduces new unit tests for the specific
|
||||||
|
case as well as adjusts some existent tests to be compatible with the
|
||||||
|
new options. This patch also addresses this problem by assigning the
|
||||||
|
appropriate subnet type for each case on the openstack handler.
|
||||||
|
|
||||||
|
rhbz: #1889635
|
||||||
|
rhbz: #1889635
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo otubo@redhat.com
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo otubo@redhat.com
|
||||||
|
---
|
||||||
|
cloudinit/net/network_state.py | 3 +-
|
||||||
|
cloudinit/net/sysconfig.py | 4 +
|
||||||
|
cloudinit/sources/helpers/openstack.py | 8 +-
|
||||||
|
tests/unittests/test_distros/test_netconfig.py | 2 +
|
||||||
|
tests/unittests/test_net.py | 100 +++++++++++++++++++++++++
|
||||||
|
5 files changed, 115 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/cloudinit/net/network_state.py b/cloudinit/net/network_state.py
|
||||||
|
index b2f7d31..d9e7fd5 100644
|
||||||
|
--- a/cloudinit/net/network_state.py
|
||||||
|
+++ b/cloudinit/net/network_state.py
|
||||||
|
@@ -820,7 +820,8 @@ def _normalize_subnet(subnet):
|
||||||
|
|
||||||
|
if subnet.get('type') in ('static', 'static6'):
|
||||||
|
normal_subnet.update(
|
||||||
|
- _normalize_net_keys(normal_subnet, address_keys=('address',)))
|
||||||
|
+ _normalize_net_keys(normal_subnet, address_keys=(
|
||||||
|
+ 'address', 'ip_address',)))
|
||||||
|
normal_subnet['routes'] = [_normalize_route(r)
|
||||||
|
for r in subnet.get('routes', [])]
|
||||||
|
|
||||||
|
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||||
|
index af093dd..c078898 100644
|
||||||
|
--- a/cloudinit/net/sysconfig.py
|
||||||
|
+++ b/cloudinit/net/sysconfig.py
|
||||||
|
@@ -451,6 +451,10 @@ class Renderer(renderer.Renderer):
|
||||||
|
iface_cfg[mtu_key] = subnet['mtu']
|
||||||
|
else:
|
||||||
|
iface_cfg[mtu_key] = subnet['mtu']
|
||||||
|
+
|
||||||
|
+ if subnet_is_ipv6(subnet) and flavor == 'rhel':
|
||||||
|
+ iface_cfg['IPV6_FORCE_ACCEPT_RA'] = False
|
||||||
|
+ iface_cfg['IPV6_AUTOCONF'] = False
|
||||||
|
elif subnet_type == 'manual':
|
||||||
|
if flavor == 'suse':
|
||||||
|
LOG.debug('Unknown subnet type setting "%s"', subnet_type)
|
||||||
|
diff --git a/cloudinit/sources/helpers/openstack.py b/cloudinit/sources/helpers/openstack.py
|
||||||
|
index 65e020c..3e6365f 100644
|
||||||
|
--- a/cloudinit/sources/helpers/openstack.py
|
||||||
|
+++ b/cloudinit/sources/helpers/openstack.py
|
||||||
|
@@ -602,11 +602,17 @@ def convert_net_json(network_json=None, known_macs=None):
|
||||||
|
elif network['type'] in ['ipv6_slaac', 'ipv6_dhcpv6-stateless',
|
||||||
|
'ipv6_dhcpv6-stateful']:
|
||||||
|
subnet.update({'type': network['type']})
|
||||||
|
- elif network['type'] in ['ipv4', 'ipv6']:
|
||||||
|
+ elif network['type'] in ['ipv4', 'static']:
|
||||||
|
subnet.update({
|
||||||
|
'type': 'static',
|
||||||
|
'address': network.get('ip_address'),
|
||||||
|
})
|
||||||
|
+ elif network['type'] in ['ipv6', 'static6']:
|
||||||
|
+ cfg.update({'accept-ra': False})
|
||||||
|
+ subnet.update({
|
||||||
|
+ 'type': 'static6',
|
||||||
|
+ 'address': network.get('ip_address'),
|
||||||
|
+ })
|
||||||
|
|
||||||
|
# Enable accept_ra for stateful and legacy ipv6_dhcp types
|
||||||
|
if network['type'] in ['ipv6_dhcpv6-stateful', 'ipv6_dhcp']:
|
||||||
|
diff --git a/tests/unittests/test_distros/test_netconfig.py b/tests/unittests/test_distros/test_netconfig.py
|
||||||
|
index 8d7b09c..f9fc3a1 100644
|
||||||
|
--- a/tests/unittests/test_distros/test_netconfig.py
|
||||||
|
+++ b/tests/unittests/test_distros/test_netconfig.py
|
||||||
|
@@ -514,7 +514,9 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
|
||||||
|
DEVICE=eth0
|
||||||
|
IPV6ADDR=2607:f0d0:1002:0011::2/64
|
||||||
|
IPV6INIT=yes
|
||||||
|
+ IPV6_AUTOCONF=no
|
||||||
|
IPV6_DEFAULTGW=2607:f0d0:1002:0011::1
|
||||||
|
+ IPV6_FORCE_ACCEPT_RA=no
|
||||||
|
NM_CONTROLLED=no
|
||||||
|
ONBOOT=yes
|
||||||
|
TYPE=Ethernet
|
||||||
|
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||||
|
index 9985a97..d7a7a65 100644
|
||||||
|
--- a/tests/unittests/test_net.py
|
||||||
|
+++ b/tests/unittests/test_net.py
|
||||||
|
@@ -750,7 +750,9 @@ IPADDR=172.19.1.34
|
||||||
|
IPV6ADDR=2001:DB8::10/64
|
||||||
|
IPV6ADDR_SECONDARIES="2001:DB9::10/64 2001:DB10::10/64"
|
||||||
|
IPV6INIT=yes
|
||||||
|
+IPV6_AUTOCONF=no
|
||||||
|
IPV6_DEFAULTGW=2001:DB8::1
|
||||||
|
+IPV6_FORCE_ACCEPT_RA=no
|
||||||
|
NETMASK=255.255.252.0
|
||||||
|
ONBOOT=yes
|
||||||
|
TYPE=Ethernet
|
||||||
|
@@ -1022,6 +1024,8 @@ NETWORK_CONFIGS = {
|
||||||
|
IPADDR=192.168.14.2
|
||||||
|
IPV6ADDR=2001:1::1/64
|
||||||
|
IPV6INIT=yes
|
||||||
|
+ IPV6_AUTOCONF=no
|
||||||
|
+ IPV6_FORCE_ACCEPT_RA=no
|
||||||
|
NETMASK=255.255.255.0
|
||||||
|
ONBOOT=yes
|
||||||
|
TYPE=Ethernet
|
||||||
|
@@ -1247,6 +1251,33 @@ NETWORK_CONFIGS = {
|
||||||
|
"""),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
+ 'static6': {
|
||||||
|
+ 'yaml': textwrap.dedent("""\
|
||||||
|
+ version: 1
|
||||||
|
+ config:
|
||||||
|
+ - type: 'physical'
|
||||||
|
+ name: 'iface0'
|
||||||
|
+ accept-ra: 'no'
|
||||||
|
+ subnets:
|
||||||
|
+ - type: 'static6'
|
||||||
|
+ address: 2001:1::1/64
|
||||||
|
+ """).rstrip(' '),
|
||||||
|
+ 'expected_sysconfig_rhel': {
|
||||||
|
+ 'ifcfg-iface0': textwrap.dedent("""\
|
||||||
|
+ BOOTPROTO=none
|
||||||
|
+ DEVICE=iface0
|
||||||
|
+ IPV6ADDR=2001:1::1/64
|
||||||
|
+ IPV6INIT=yes
|
||||||
|
+ IPV6_AUTOCONF=no
|
||||||
|
+ IPV6_FORCE_ACCEPT_RA=no
|
||||||
|
+ DEVICE=iface0
|
||||||
|
+ NM_CONTROLLED=no
|
||||||
|
+ ONBOOT=yes
|
||||||
|
+ TYPE=Ethernet
|
||||||
|
+ USERCTL=no
|
||||||
|
+ """),
|
||||||
|
+ },
|
||||||
|
+ },
|
||||||
|
'dhcpv6_stateless': {
|
||||||
|
'expected_eni': textwrap.dedent("""\
|
||||||
|
auto lo
|
||||||
|
@@ -1636,6 +1667,8 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
|
IPADDR=192.168.14.2
|
||||||
|
IPV6ADDR=2001:1::1/64
|
||||||
|
IPV6INIT=yes
|
||||||
|
+ IPV6_AUTOCONF=no
|
||||||
|
+ IPV6_FORCE_ACCEPT_RA=no
|
||||||
|
IPV6_DEFAULTGW=2001:4800:78ff:1b::1
|
||||||
|
MACADDR=bb:bb:bb:bb:bb:aa
|
||||||
|
NETMASK=255.255.255.0
|
||||||
|
@@ -2158,6 +2191,8 @@ iface bond0 inet6 static
|
||||||
|
IPADDR1=192.168.1.2
|
||||||
|
IPV6ADDR=2001:1::1/92
|
||||||
|
IPV6INIT=yes
|
||||||
|
+ IPV6_AUTOCONF=no
|
||||||
|
+ IPV6_FORCE_ACCEPT_RA=no
|
||||||
|
MTU=9000
|
||||||
|
NETMASK=255.255.255.0
|
||||||
|
NETMASK1=255.255.255.0
|
||||||
|
@@ -2259,6 +2294,8 @@ iface bond0 inet6 static
|
||||||
|
IPADDR1=192.168.1.2
|
||||||
|
IPV6ADDR=2001:1::bbbb/96
|
||||||
|
IPV6INIT=yes
|
||||||
|
+ IPV6_AUTOCONF=no
|
||||||
|
+ IPV6_FORCE_ACCEPT_RA=no
|
||||||
|
IPV6_DEFAULTGW=2001:1::1
|
||||||
|
MTU=2222
|
||||||
|
NETMASK=255.255.255.0
|
||||||
|
@@ -2341,6 +2378,9 @@ iface bond0 inet6 static
|
||||||
|
HWADDR=52:54:00:12:34:00
|
||||||
|
IPV6ADDR=2001:1::100/96
|
||||||
|
IPV6INIT=yes
|
||||||
|
+ IPV6_AUTOCONF=no
|
||||||
|
+ IPV6_FORCE_ACCEPT_RA=no
|
||||||
|
+ NM_CONTROLLED=no
|
||||||
|
ONBOOT=yes
|
||||||
|
TYPE=Ethernet
|
||||||
|
USERCTL=no
|
||||||
|
@@ -2352,6 +2392,9 @@ iface bond0 inet6 static
|
||||||
|
HWADDR=52:54:00:12:34:01
|
||||||
|
IPV6ADDR=2001:1::101/96
|
||||||
|
IPV6INIT=yes
|
||||||
|
+ IPV6_AUTOCONF=no
|
||||||
|
+ IPV6_FORCE_ACCEPT_RA=no
|
||||||
|
+ NM_CONTROLLED=no
|
||||||
|
ONBOOT=yes
|
||||||
|
TYPE=Ethernet
|
||||||
|
USERCTL=no
|
||||||
|
@@ -3151,6 +3194,61 @@ USERCTL=no
|
||||||
|
self._compare_files_to_expected(entry[self.expected_name], found)
|
||||||
|
self._assert_headers(found)
|
||||||
|
|
||||||
|
+ def test_stattic6_from_json(self):
|
||||||
|
+ net_json = {
|
||||||
|
+ "services": [{"type": "dns", "address": "172.19.0.12"}],
|
||||||
|
+ "networks": [{
|
||||||
|
+ "network_id": "dacd568d-5be6-4786-91fe-750c374b78b4",
|
||||||
|
+ "type": "ipv4", "netmask": "255.255.252.0",
|
||||||
|
+ "link": "tap1a81968a-79",
|
||||||
|
+ "routes": [{
|
||||||
|
+ "netmask": "0.0.0.0",
|
||||||
|
+ "network": "0.0.0.0",
|
||||||
|
+ "gateway": "172.19.3.254",
|
||||||
|
+ }, {
|
||||||
|
+ "netmask": "0.0.0.0", # A second default gateway
|
||||||
|
+ "network": "0.0.0.0",
|
||||||
|
+ "gateway": "172.20.3.254",
|
||||||
|
+ }],
|
||||||
|
+ "ip_address": "172.19.1.34", "id": "network0"
|
||||||
|
+ }, {
|
||||||
|
+ "network_id": "mgmt",
|
||||||
|
+ "netmask": "ffff:ffff:ffff:ffff::",
|
||||||
|
+ "link": "interface1",
|
||||||
|
+ "mode": "link-local",
|
||||||
|
+ "routes": [],
|
||||||
|
+ "ip_address": "fe80::c096:67ff:fe5c:6e84",
|
||||||
|
+ "type": "static6",
|
||||||
|
+ "id": "network1",
|
||||||
|
+ "services": [],
|
||||||
|
+ "accept-ra": "false"
|
||||||
|
+ }],
|
||||||
|
+ "links": [
|
||||||
|
+ {
|
||||||
|
+ "ethernet_mac_address": "fa:16:3e:ed:9a:59",
|
||||||
|
+ "mtu": None, "type": "bridge", "id":
|
||||||
|
+ "tap1a81968a-79",
|
||||||
|
+ "vif_id": "1a81968a-797a-400f-8a80-567f997eb93f"
|
||||||
|
+ },
|
||||||
|
+ ],
|
||||||
|
+ }
|
||||||
|
+ macs = {'fa:16:3e:ed:9a:59': 'eth0'}
|
||||||
|
+ render_dir = self.tmp_dir()
|
||||||
|
+ network_cfg = openstack.convert_net_json(net_json, known_macs=macs)
|
||||||
|
+ ns = network_state.parse_net_config_data(network_cfg,
|
||||||
|
+ skip_broken=False)
|
||||||
|
+ renderer = self._get_renderer()
|
||||||
|
+ with self.assertRaises(ValueError):
|
||||||
|
+ renderer.render_network_state(ns, target=render_dir)
|
||||||
|
+ self.assertEqual([], os.listdir(render_dir))
|
||||||
|
+
|
||||||
|
+ def test_static6_from_yaml(self):
|
||||||
|
+ entry = NETWORK_CONFIGS['static6']
|
||||||
|
+ found = self._render_and_read(network_config=yaml.load(
|
||||||
|
+ entry['yaml']))
|
||||||
|
+ self._compare_files_to_expected(entry[self.expected_name], found)
|
||||||
|
+ self._assert_headers(found)
|
||||||
|
+
|
||||||
|
def test_dhcpv6_reject_ra_config_v2(self):
|
||||||
|
entry = NETWORK_CONFIGS['dhcpv6_reject_ra']
|
||||||
|
found = self._render_and_read(network_config=yaml.load(
|
||||||
|
@@ -3268,6 +3366,8 @@ USERCTL=no
|
||||||
|
IPADDR=192.168.42.100
|
||||||
|
IPV6ADDR=2001:db8::100/32
|
||||||
|
IPV6INIT=yes
|
||||||
|
+ IPV6_AUTOCONF=no
|
||||||
|
+ IPV6_FORCE_ACCEPT_RA=no
|
||||||
|
IPV6_DEFAULTGW=2001:db8::1
|
||||||
|
NETMASK=255.255.255.0
|
||||||
|
NM_CONTROLLED=no
|
||||||
|
--
|
||||||
|
1.8.3.1
|
||||||
|
|
@ -0,0 +1,61 @@
|
|||||||
|
From d3889c4645a1319c3d677006164b618ee53f4c8b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Mon, 7 Dec 2020 14:23:22 +0100
|
||||||
|
Subject: [PATCH 3/4] Fix unit failure of cloud-final.service if NetworkManager
|
||||||
|
was not present.
|
||||||
|
|
||||||
|
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||||
|
RH-MergeRequest: 27: Fix unit failure of cloud-final.service if NetworkManager was not present.
|
||||||
|
RH-Commit: [1/1] 3c65a2cca140fff48df1ef32919e3cb035506a2b (eterrell/cloud-init)
|
||||||
|
RH-Bugzilla: 1898943
|
||||||
|
|
||||||
|
cloud-final.service would fail if NetworkManager was not installed.
|
||||||
|
|
||||||
|
journal -u cloud-final.service would show:
|
||||||
|
|
||||||
|
cloud-init[5328]: Cloud-init v. 19.4 finished at ...
|
||||||
|
echo[5346]: try restart NetworkManager.service
|
||||||
|
systemctl[5349]: Failed to reload-or-try-restart
|
||||||
|
NetworkManager.service: Unit not found.
|
||||||
|
systemd[1]: cloud-final.service: control process exited,
|
||||||
|
code=exited status=5
|
||||||
|
systemd[1]: Failed to start Execute cloud user/final scripts.
|
||||||
|
systemd[1]: Unit cloud-final.service entered failed state.
|
||||||
|
systemd[1]: cloud-final.service failed.
|
||||||
|
|
||||||
|
The change here is to only attempt to restart NetworkManager if it is
|
||||||
|
present, and its SubState is 'running'.
|
||||||
|
|
||||||
|
The multi-line shell in a systemd unit is less than ideal, but I'm not
|
||||||
|
aware of any other way of conditionally doing this.
|
||||||
|
|
||||||
|
Note that both of 'try-reload-or-restart' and 'reload-or-try-restart'
|
||||||
|
will fail if the service is not present. So this would also affect rhel
|
||||||
|
8 systems that do not use NetworkManager.
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
---
|
||||||
|
rhel/systemd/cloud-final.service | 7 +++++--
|
||||||
|
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/rhel/systemd/cloud-final.service b/rhel/systemd/cloud-final.service
|
||||||
|
index 05add077..e281c0cf 100644
|
||||||
|
--- a/rhel/systemd/cloud-final.service
|
||||||
|
+++ b/rhel/systemd/cloud-final.service
|
||||||
|
@@ -11,8 +11,11 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
|
||||||
|
RemainAfterExit=yes
|
||||||
|
TimeoutSec=0
|
||||||
|
KillMode=process
|
||||||
|
-ExecStartPost=/bin/echo "trying to reload or restart NetworkManager.service"
|
||||||
|
-ExecStartPost=/usr/bin/systemctl try-reload-or-restart NetworkManager.service
|
||||||
|
+# Restart NetworkManager if it is present and running.
|
||||||
|
+ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
|
||||||
|
+ out=$(systemctl show --property=SubState $u) || exit; \
|
||||||
|
+ [ "$out" = "SubState=running" ] || exit 0; \
|
||||||
|
+ systemctl reload-or-try-restart $u'
|
||||||
|
|
||||||
|
# Output needs to appear in instance console output
|
||||||
|
StandardOutput=journal+console
|
||||||
|
--
|
||||||
|
2.18.4
|
||||||
|
|
@ -1,40 +0,0 @@
|
|||||||
From 301b1770d3e2580c3ee168261a9a97d143cc5f59 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Date: Mon, 1 Jun 2020 11:58:06 +0200
|
|
||||||
Subject: [PATCH] Make cloud-init.service execute after network is up
|
|
||||||
|
|
||||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Message-id: <20200526090804.2047-1-otubo@redhat.com>
|
|
||||||
Patchwork-id: 96809
|
|
||||||
O-Subject: [RHEL-8.2.1 cloud-init PATCH] Make cloud-init.service execute after network is up
|
|
||||||
Bugzilla: 1803928
|
|
||||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
||||||
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
|
|
||||||
cloud-init.service needs to wait until network is fully up before
|
|
||||||
continuing executing and configuring its service.
|
|
||||||
|
|
||||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
|
|
||||||
x-downstream-only: yes
|
|
||||||
Resolves: rhbz#1831646
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
rhel/systemd/cloud-init.service | 1 +
|
|
||||||
1 file changed, 1 insertion(+)
|
|
||||||
|
|
||||||
diff --git a/rhel/systemd/cloud-init.service b/rhel/systemd/cloud-init.service
|
|
||||||
index d0023a0..0b3d796 100644
|
|
||||||
--- a/rhel/systemd/cloud-init.service
|
|
||||||
+++ b/rhel/systemd/cloud-init.service
|
|
||||||
@@ -5,6 +5,7 @@ Wants=sshd-keygen.service
|
|
||||||
Wants=sshd.service
|
|
||||||
After=cloud-init-local.service
|
|
||||||
After=NetworkManager.service network.service
|
|
||||||
+After=NetworkManager-wait-online.service
|
|
||||||
Before=network-online.target
|
|
||||||
Before=sshd-keygen.service
|
|
||||||
Before=sshd.service
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
@ -0,0 +1,49 @@
|
|||||||
|
From 15852ea6958c18e3830aa9244b36cd0decc93b95 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Thu, 7 Jan 2021 16:51:30 +0100
|
||||||
|
Subject: [PATCH] Missing IPV6_AUTOCONF=no to render sysconfig dhcp6 stateful
|
||||||
|
on RHEL (#753)
|
||||||
|
|
||||||
|
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||||
|
RH-MergeRequest: 29: Missing IPV6_AUTOCONF=no to render sysconfig dhcp6 stateful on RHEL (#753)
|
||||||
|
RH-Commit: [1/1] 46943f83071d243bcc61f9d987b4fe7d9cf98596 (eterrell/cloud-init)
|
||||||
|
RH-Bugzilla: 1859695
|
||||||
|
|
||||||
|
IPV6_AUTOCONF needs to be set to 'no' on RHEL so NetworkManager can
|
||||||
|
properly acquire ipv6 address.
|
||||||
|
|
||||||
|
rhbz: #1859695
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
---
|
||||||
|
cloudinit/net/sysconfig.py | 1 +
|
||||||
|
tests/unittests/test_net.py | 1 +
|
||||||
|
2 files changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||||
|
index 94801a93..1793977d 100644
|
||||||
|
--- a/cloudinit/net/sysconfig.py
|
||||||
|
+++ b/cloudinit/net/sysconfig.py
|
||||||
|
@@ -397,6 +397,7 @@ class Renderer(renderer.Renderer):
|
||||||
|
iface_cfg['BOOTPROTO'] = 'dhcp'
|
||||||
|
iface_cfg['DHCPV6C'] = True
|
||||||
|
iface_cfg['IPV6INIT'] = True
|
||||||
|
+ iface_cfg['IPV6_AUTOCONF'] = False
|
||||||
|
else:
|
||||||
|
iface_cfg['IPV6INIT'] = True
|
||||||
|
# Configure network settings using DHCPv6
|
||||||
|
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||||
|
index bcd261db..844d5ba8 100644
|
||||||
|
--- a/tests/unittests/test_net.py
|
||||||
|
+++ b/tests/unittests/test_net.py
|
||||||
|
@@ -1363,6 +1363,7 @@ NETWORK_CONFIGS = {
|
||||||
|
DEVICE=iface0
|
||||||
|
DHCPV6C=yes
|
||||||
|
IPV6INIT=yes
|
||||||
|
+ IPV6_AUTOCONF=no
|
||||||
|
IPV6_FORCE_ACCEPT_RA=yes
|
||||||
|
DEVICE=iface0
|
||||||
|
NM_CONTROLLED=no
|
||||||
|
--
|
||||||
|
2.18.4
|
||||||
|
|
@ -1,52 +0,0 @@
|
|||||||
From 0422ba0e773d1a8257a3f2bf3db05f3bc7917eb7 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Date: Thu, 28 May 2020 08:44:08 +0200
|
|
||||||
Subject: [PATCH 4/4] Remove race condition between cloud-init and
|
|
||||||
NetworkManager
|
|
||||||
|
|
||||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Message-id: <20200327121911.17699-1-otubo@redhat.com>
|
|
||||||
Patchwork-id: 94453
|
|
||||||
O-Subject: [RHEL-7.9/RHEL-8.2.0 cloud-init PATCHv2] Remove race condition between cloud-init and NetworkManager
|
|
||||||
Bugzilla: 1840648
|
|
||||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
||||||
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
RH-Acked-by: Cathy Avery <cavery@redhat.com>
|
|
||||||
|
|
||||||
cloud-init service is set to start before NetworkManager service starts,
|
|
||||||
but this does not avoid a race condition between them. NetworkManager
|
|
||||||
starts before cloud-init can write `dns=none' to the file:
|
|
||||||
/etc/NetworkManager/conf.d/99-cloud-init.conf. This way NetworkManager
|
|
||||||
doesn't read the configuration and erases all resolv.conf values upon
|
|
||||||
shutdown. On the next reboot neither cloud-init or NetworkManager will
|
|
||||||
write anything to resolv.conf, leaving it blank.
|
|
||||||
|
|
||||||
This patch introduces a NM reload (try-reload-or-restart) at the end of cloud-init
|
|
||||||
start up so it won't erase resolv.conf upon first shutdown.
|
|
||||||
|
|
||||||
x-downstream-only: yes
|
|
||||||
|
|
||||||
Signed-off-by: Eduardo Otubo otubo@redhat.com
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
rhel/systemd/cloud-final.service | 4 ++--
|
|
||||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/rhel/systemd/cloud-final.service b/rhel/systemd/cloud-final.service
|
|
||||||
index f303483..05add07 100644
|
|
||||||
--- a/rhel/systemd/cloud-final.service
|
|
||||||
+++ b/rhel/systemd/cloud-final.service
|
|
||||||
@@ -11,8 +11,8 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
|
|
||||||
RemainAfterExit=yes
|
|
||||||
TimeoutSec=0
|
|
||||||
KillMode=process
|
|
||||||
-ExecStartPost=/bin/echo "try restart NetworkManager.service"
|
|
||||||
-ExecStartPost=/usr/bin/systemctl try-restart NetworkManager.service
|
|
||||||
+ExecStartPost=/bin/echo "trying to reload or restart NetworkManager.service"
|
|
||||||
+ExecStartPost=/usr/bin/systemctl try-reload-or-restart NetworkManager.service
|
|
||||||
|
|
||||||
# Output needs to appear in instance console output
|
|
||||||
StandardOutput=journal+console
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
@ -0,0 +1,80 @@
|
|||||||
|
From 4dde2a9bed58aba13c730bf4a7314b21038d7a31 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Mon, 25 Jan 2021 16:24:29 +0100
|
||||||
|
Subject: [PATCH 2/2] Revert "ssh_util: handle non-default AuthorizedKeysFile
|
||||||
|
config (#586)" (#775)
|
||||||
|
|
||||||
|
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||||
|
RH-MergeRequest: 38: Revert "ssh_util: handle non-default AuthorizedKeysFile config (#586)" (#775)
|
||||||
|
RH-Commit: [1/1] aec2860c773ad1921f3949dc622543e81860c5bf (eterrell/cloud-init)
|
||||||
|
RH-Bugzilla: 1919972
|
||||||
|
|
||||||
|
commit cdc5b81f33aee0ed3ef1ae239e5cec1906d0178a
|
||||||
|
Author: Daniel Watkins <oddbloke@ubuntu.com>
|
||||||
|
Date: Tue Jan 19 12:23:23 2021 -0500
|
||||||
|
|
||||||
|
Revert "ssh_util: handle non-default AuthorizedKeysFile config (#586)" (#775)
|
||||||
|
|
||||||
|
This reverts commit b0e73814db4027dba0b7dc0282e295b7f653325c.
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
---
|
||||||
|
cloudinit/ssh_util.py | 6 +++---
|
||||||
|
tests/unittests/test_sshutil.py | 6 +++---
|
||||||
|
2 files changed, 6 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/cloudinit/ssh_util.py b/cloudinit/ssh_util.py
|
||||||
|
index d5113996..c08042d6 100644
|
||||||
|
--- a/cloudinit/ssh_util.py
|
||||||
|
+++ b/cloudinit/ssh_util.py
|
||||||
|
@@ -262,13 +262,13 @@ def extract_authorized_keys(username, sshd_cfg_file=DEF_SSHD_CFG):
|
||||||
|
|
||||||
|
except (IOError, OSError):
|
||||||
|
# Give up and use a default key filename
|
||||||
|
- auth_key_fns.append(default_authorizedkeys_file)
|
||||||
|
+ auth_key_fns[0] = default_authorizedkeys_file
|
||||||
|
util.logexc(LOG, "Failed extracting 'AuthorizedKeysFile' in SSH "
|
||||||
|
"config from %r, using 'AuthorizedKeysFile' file "
|
||||||
|
"%r instead", DEF_SSHD_CFG, auth_key_fns[0])
|
||||||
|
|
||||||
|
- # always store all the keys in the first file configured on sshd_config
|
||||||
|
- return (auth_key_fns[0], parse_authorized_keys(auth_key_fns))
|
||||||
|
+ # always store all the keys in the user's private file
|
||||||
|
+ return (default_authorizedkeys_file, parse_authorized_keys(auth_key_fns))
|
||||||
|
|
||||||
|
|
||||||
|
def setup_user_keys(keys, username, options=None):
|
||||||
|
diff --git a/tests/unittests/test_sshutil.py b/tests/unittests/test_sshutil.py
|
||||||
|
index 88a111e3..fd1d1bac 100644
|
||||||
|
--- a/tests/unittests/test_sshutil.py
|
||||||
|
+++ b/tests/unittests/test_sshutil.py
|
||||||
|
@@ -593,7 +593,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||||
|
fpw.pw_name, sshd_config)
|
||||||
|
content = ssh_util.update_authorized_keys(auth_key_entries, [])
|
||||||
|
|
||||||
|
- self.assertEqual(authorized_keys, auth_key_fn)
|
||||||
|
+ self.assertEqual("%s/.ssh/authorized_keys" % fpw.pw_dir, auth_key_fn)
|
||||||
|
self.assertTrue(VALID_CONTENT['rsa'] in content)
|
||||||
|
self.assertTrue(VALID_CONTENT['dsa'] in content)
|
||||||
|
|
||||||
|
@@ -610,7 +610,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||||
|
sshd_config = self.tmp_path('sshd_config')
|
||||||
|
util.write_file(
|
||||||
|
sshd_config,
|
||||||
|
- "AuthorizedKeysFile %s %s" % (user_keys, authorized_keys)
|
||||||
|
+ "AuthorizedKeysFile %s %s" % (authorized_keys, user_keys)
|
||||||
|
)
|
||||||
|
|
||||||
|
(auth_key_fn, auth_key_entries) = ssh_util.extract_authorized_keys(
|
||||||
|
@@ -618,7 +618,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||||
|
)
|
||||||
|
content = ssh_util.update_authorized_keys(auth_key_entries, [])
|
||||||
|
|
||||||
|
- self.assertEqual(user_keys, auth_key_fn)
|
||||||
|
+ self.assertEqual("%s/.ssh/authorized_keys" % fpw.pw_dir, auth_key_fn)
|
||||||
|
self.assertTrue(VALID_CONTENT['rsa'] in content)
|
||||||
|
self.assertTrue(VALID_CONTENT['dsa'] in content)
|
||||||
|
|
||||||
|
--
|
||||||
|
2.18.4
|
||||||
|
|
@ -1,42 +0,0 @@
|
|||||||
From e7a0cd9aa71dfd7715eca4b393db0aa348e05f8f Mon Sep 17 00:00:00 2001
|
|
||||||
From: jmaloy <jmaloy@redhat.com>
|
|
||||||
Date: Thu, 28 May 2020 08:43:58 +0200
|
|
||||||
Subject: [PATCH 1/4] cc_set_password: increase random pwlength from 9 to 20
|
|
||||||
(#189)
|
|
||||||
|
|
||||||
RH-Author: jmaloy <jmaloy@redhat.com>
|
|
||||||
Message-id: <20200313015002.3297-2-jmaloy@redhat.com>
|
|
||||||
Patchwork-id: 94253
|
|
||||||
O-Subject: [RHEL-8.2 cloud-init PATCH 1/1] cc_set_password: increase random pwlength from 9 to 20 (#189)
|
|
||||||
Bugzilla: 1812171
|
|
||||||
RH-Acked-by: Eduardo Otubo <eterrell@redhat.com>
|
|
||||||
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
|
|
||||||
From: Ryan Harper <ryan.harper@canonical.com>
|
|
||||||
|
|
||||||
Increasing the bits of security from 52 to 115.
|
|
||||||
|
|
||||||
LP: #1860795
|
|
||||||
(cherry picked from commit 42788bf24a1a0a5421a2d00a7f59b59e38ba1a14)
|
|
||||||
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
cloudinit/config/cc_set_passwords.py | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py
|
|
||||||
index c3c5b0f..0742234 100755
|
|
||||||
--- a/cloudinit/config/cc_set_passwords.py
|
|
||||||
+++ b/cloudinit/config/cc_set_passwords.py
|
|
||||||
@@ -236,7 +236,7 @@ def handle(_name, cfg, cloud, log, args):
|
|
||||||
raise errors[-1]
|
|
||||||
|
|
||||||
|
|
||||||
-def rand_user_password(pwlen=9):
|
|
||||||
+def rand_user_password(pwlen=20):
|
|
||||||
return util.rand_str(pwlen, select_from=PW_SET)
|
|
||||||
|
|
||||||
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
@ -1,46 +0,0 @@
|
|||||||
From f67f56e85c0fdb1c94527a6a1795bbacd2e6fdb0 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Date: Wed, 24 Jun 2020 07:34:34 +0200
|
|
||||||
Subject: [PATCH 4/4] cloud-init.service.tmpl: use "rhel" instead of "redhat"
|
|
||||||
(#452)
|
|
||||||
|
|
||||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Message-id: <20200623154034.28563-4-otubo@redhat.com>
|
|
||||||
Patchwork-id: 97784
|
|
||||||
O-Subject: [RHEL-8.3.0/RHEL-8.2.1 cloud-init PATCH 3/3] cloud-init.service.tmpl: use "rhel" instead of "redhat" (#452)
|
|
||||||
Bugzilla: 1834173
|
|
||||||
RH-Acked-by: Cathy Avery <cavery@redhat.com>
|
|
||||||
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
|
||||||
|
|
||||||
From: Daniel Watkins <oddbloke@ubuntu.com>
|
|
||||||
|
|
||||||
commit ddc4c2de1b1e716b31384af92f5356bfc6136944
|
|
||||||
Author: Daniel Watkins <oddbloke@ubuntu.com>
|
|
||||||
Date: Tue Jun 23 09:43:04 2020 -0400
|
|
||||||
|
|
||||||
cloud-init.service.tmpl: use "rhel" instead of "redhat" (#452)
|
|
||||||
|
|
||||||
We use "rhel" consistently everywhere else.
|
|
||||||
|
|
||||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
systemd/cloud-init.service.tmpl | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl
|
|
||||||
index 9ad3574..af6d9a8 100644
|
|
||||||
--- a/systemd/cloud-init.service.tmpl
|
|
||||||
+++ b/systemd/cloud-init.service.tmpl
|
|
||||||
@@ -10,7 +10,7 @@ After=systemd-networkd-wait-online.service
|
|
||||||
{% if variant in ["ubuntu", "unknown", "debian"] %}
|
|
||||||
After=networking.service
|
|
||||||
{% endif %}
|
|
||||||
-{% if variant in ["centos", "fedora", "redhat"] %}
|
|
||||||
+{% if variant in ["centos", "fedora", "rhel"] %}
|
|
||||||
After=network.service
|
|
||||||
After=NetworkManager.service
|
|
||||||
{% endif %}
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
@ -1,350 +0,0 @@
|
|||||||
From f6dc3cf39a4884657478a47894ce8a76ec9a72c5 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Date: Wed, 24 Jun 2020 07:34:29 +0200
|
|
||||||
Subject: [PATCH 1/4] ec2: Do not log IMDSv2 token values, instead use REDACTED
|
|
||||||
(#219)
|
|
||||||
|
|
||||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Message-id: <20200505082940.18316-1-otubo@redhat.com>
|
|
||||||
Patchwork-id: 96264
|
|
||||||
O-Subject: [RHEL-7.9/RHEL-8.3 cloud-init PATCH] ec2: Do not log IMDSv2 token values, instead use REDACTED (#219)
|
|
||||||
Bugzilla: 1822343
|
|
||||||
RH-Acked-by: Cathy Avery <cavery@redhat.com>
|
|
||||||
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
|
||||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
||||||
|
|
||||||
Note: There's no RHEL-8.3/cloud-init-19.4 branch yet, but it should be
|
|
||||||
queued to be applied on top of it when it's created.
|
|
||||||
|
|
||||||
commit 87cd040ed8fe7195cbb357ed3bbf53cd2a81436c
|
|
||||||
Author: Ryan Harper <ryan.harper@canonical.com>
|
|
||||||
Date: Wed Feb 19 15:01:09 2020 -0600
|
|
||||||
|
|
||||||
ec2: Do not log IMDSv2 token values, instead use REDACTED (#219)
|
|
||||||
|
|
||||||
Instead of logging the token values used log the headers and replace the actual
|
|
||||||
values with the string 'REDACTED'. This allows users to examine cloud-init.log
|
|
||||||
and see that the IMDSv2 token header is being used but avoids leaving the value
|
|
||||||
used in the log file itself.
|
|
||||||
|
|
||||||
LP: #1863943
|
|
||||||
|
|
||||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
cloudinit/ec2_utils.py | 12 ++++++++--
|
|
||||||
cloudinit/sources/DataSourceEc2.py | 35 +++++++++++++++++++----------
|
|
||||||
cloudinit/url_helper.py | 27 ++++++++++++++++------
|
|
||||||
tests/unittests/test_datasource/test_ec2.py | 17 ++++++++++++++
|
|
||||||
4 files changed, 70 insertions(+), 21 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/cloudinit/ec2_utils.py b/cloudinit/ec2_utils.py
|
|
||||||
index 57708c1..34acfe8 100644
|
|
||||||
--- a/cloudinit/ec2_utils.py
|
|
||||||
+++ b/cloudinit/ec2_utils.py
|
|
||||||
@@ -142,7 +142,8 @@ def skip_retry_on_codes(status_codes, _request_args, cause):
|
|
||||||
def get_instance_userdata(api_version='latest',
|
|
||||||
metadata_address='http://169.254.169.254',
|
|
||||||
ssl_details=None, timeout=5, retries=5,
|
|
||||||
- headers_cb=None, exception_cb=None):
|
|
||||||
+ headers_cb=None, headers_redact=None,
|
|
||||||
+ exception_cb=None):
|
|
||||||
ud_url = url_helper.combine_url(metadata_address, api_version)
|
|
||||||
ud_url = url_helper.combine_url(ud_url, 'user-data')
|
|
||||||
user_data = ''
|
|
||||||
@@ -155,7 +156,8 @@ def get_instance_userdata(api_version='latest',
|
|
||||||
SKIP_USERDATA_CODES)
|
|
||||||
response = url_helper.read_file_or_url(
|
|
||||||
ud_url, ssl_details=ssl_details, timeout=timeout,
|
|
||||||
- retries=retries, exception_cb=exception_cb, headers_cb=headers_cb)
|
|
||||||
+ retries=retries, exception_cb=exception_cb, headers_cb=headers_cb,
|
|
||||||
+ headers_redact=headers_redact)
|
|
||||||
user_data = response.contents
|
|
||||||
except url_helper.UrlError as e:
|
|
||||||
if e.code not in SKIP_USERDATA_CODES:
|
|
||||||
@@ -169,11 +171,13 @@ def _get_instance_metadata(tree, api_version='latest',
|
|
||||||
metadata_address='http://169.254.169.254',
|
|
||||||
ssl_details=None, timeout=5, retries=5,
|
|
||||||
leaf_decoder=None, headers_cb=None,
|
|
||||||
+ headers_redact=None,
|
|
||||||
exception_cb=None):
|
|
||||||
md_url = url_helper.combine_url(metadata_address, api_version, tree)
|
|
||||||
caller = functools.partial(
|
|
||||||
url_helper.read_file_or_url, ssl_details=ssl_details,
|
|
||||||
timeout=timeout, retries=retries, headers_cb=headers_cb,
|
|
||||||
+ headers_redact=headers_redact,
|
|
||||||
exception_cb=exception_cb)
|
|
||||||
|
|
||||||
def mcaller(url):
|
|
||||||
@@ -197,6 +201,7 @@ def get_instance_metadata(api_version='latest',
|
|
||||||
metadata_address='http://169.254.169.254',
|
|
||||||
ssl_details=None, timeout=5, retries=5,
|
|
||||||
leaf_decoder=None, headers_cb=None,
|
|
||||||
+ headers_redact=None,
|
|
||||||
exception_cb=None):
|
|
||||||
# Note, 'meta-data' explicitly has trailing /.
|
|
||||||
# this is required for CloudStack (LP: #1356855)
|
|
||||||
@@ -204,6 +209,7 @@ def get_instance_metadata(api_version='latest',
|
|
||||||
metadata_address=metadata_address,
|
|
||||||
ssl_details=ssl_details, timeout=timeout,
|
|
||||||
retries=retries, leaf_decoder=leaf_decoder,
|
|
||||||
+ headers_redact=headers_redact,
|
|
||||||
headers_cb=headers_cb,
|
|
||||||
exception_cb=exception_cb)
|
|
||||||
|
|
||||||
@@ -212,12 +218,14 @@ def get_instance_identity(api_version='latest',
|
|
||||||
metadata_address='http://169.254.169.254',
|
|
||||||
ssl_details=None, timeout=5, retries=5,
|
|
||||||
leaf_decoder=None, headers_cb=None,
|
|
||||||
+ headers_redact=None,
|
|
||||||
exception_cb=None):
|
|
||||||
return _get_instance_metadata(tree='dynamic/instance-identity',
|
|
||||||
api_version=api_version,
|
|
||||||
metadata_address=metadata_address,
|
|
||||||
ssl_details=ssl_details, timeout=timeout,
|
|
||||||
retries=retries, leaf_decoder=leaf_decoder,
|
|
||||||
+ headers_redact=headers_redact,
|
|
||||||
headers_cb=headers_cb,
|
|
||||||
exception_cb=exception_cb)
|
|
||||||
# vi: ts=4 expandtab
|
|
||||||
diff --git a/cloudinit/sources/DataSourceEc2.py b/cloudinit/sources/DataSourceEc2.py
|
|
||||||
index b9f346a..0f2bfef 100644
|
|
||||||
--- a/cloudinit/sources/DataSourceEc2.py
|
|
||||||
+++ b/cloudinit/sources/DataSourceEc2.py
|
|
||||||
@@ -31,6 +31,9 @@ STRICT_ID_DEFAULT = "warn"
|
|
||||||
API_TOKEN_ROUTE = 'latest/api/token'
|
|
||||||
API_TOKEN_DISABLED = '_ec2_disable_api_token'
|
|
||||||
AWS_TOKEN_TTL_SECONDS = '21600'
|
|
||||||
+AWS_TOKEN_PUT_HEADER = 'X-aws-ec2-metadata-token'
|
|
||||||
+AWS_TOKEN_REQ_HEADER = AWS_TOKEN_PUT_HEADER + '-ttl-seconds'
|
|
||||||
+AWS_TOKEN_REDACT = [AWS_TOKEN_PUT_HEADER, AWS_TOKEN_REQ_HEADER]
|
|
||||||
|
|
||||||
|
|
||||||
class CloudNames(object):
|
|
||||||
@@ -158,7 +161,8 @@ class DataSourceEc2(sources.DataSource):
|
|
||||||
for api_ver in self.extended_metadata_versions:
|
|
||||||
url = url_tmpl.format(self.metadata_address, api_ver)
|
|
||||||
try:
|
|
||||||
- resp = uhelp.readurl(url=url, headers=headers)
|
|
||||||
+ resp = uhelp.readurl(url=url, headers=headers,
|
|
||||||
+ headers_redact=AWS_TOKEN_REDACT)
|
|
||||||
except uhelp.UrlError as e:
|
|
||||||
LOG.debug('url %s raised exception %s', url, e)
|
|
||||||
else:
|
|
||||||
@@ -180,6 +184,7 @@ class DataSourceEc2(sources.DataSource):
|
|
||||||
self.identity = ec2.get_instance_identity(
|
|
||||||
api_version, self.metadata_address,
|
|
||||||
headers_cb=self._get_headers,
|
|
||||||
+ headers_redact=AWS_TOKEN_REDACT,
|
|
||||||
exception_cb=self._refresh_stale_aws_token_cb).get(
|
|
||||||
'document', {})
|
|
||||||
return self.identity.get(
|
|
||||||
@@ -205,7 +210,8 @@ class DataSourceEc2(sources.DataSource):
|
|
||||||
LOG.debug('Fetching Ec2 IMDSv2 API Token')
|
|
||||||
url, response = uhelp.wait_for_url(
|
|
||||||
urls=urls, max_wait=1, timeout=1, status_cb=self._status_cb,
|
|
||||||
- headers_cb=self._get_headers, request_method=request_method)
|
|
||||||
+ headers_cb=self._get_headers, request_method=request_method,
|
|
||||||
+ headers_redact=AWS_TOKEN_REDACT)
|
|
||||||
|
|
||||||
if url and response:
|
|
||||||
self._api_token = response
|
|
||||||
@@ -252,7 +258,8 @@ class DataSourceEc2(sources.DataSource):
|
|
||||||
url, _ = uhelp.wait_for_url(
|
|
||||||
urls=urls, max_wait=url_params.max_wait_seconds,
|
|
||||||
timeout=url_params.timeout_seconds, status_cb=LOG.warning,
|
|
||||||
- headers_cb=self._get_headers, request_method=request_method)
|
|
||||||
+ headers_redact=AWS_TOKEN_REDACT, headers_cb=self._get_headers,
|
|
||||||
+ request_method=request_method)
|
|
||||||
|
|
||||||
if url:
|
|
||||||
metadata_address = url2base[url]
|
|
||||||
@@ -420,6 +427,7 @@ class DataSourceEc2(sources.DataSource):
|
|
||||||
if not self.wait_for_metadata_service():
|
|
||||||
return {}
|
|
||||||
api_version = self.get_metadata_api_version()
|
|
||||||
+ redact = AWS_TOKEN_REDACT
|
|
||||||
crawled_metadata = {}
|
|
||||||
if self.cloud_name == CloudNames.AWS:
|
|
||||||
exc_cb = self._refresh_stale_aws_token_cb
|
|
||||||
@@ -429,14 +437,17 @@ class DataSourceEc2(sources.DataSource):
|
|
||||||
try:
|
|
||||||
crawled_metadata['user-data'] = ec2.get_instance_userdata(
|
|
||||||
api_version, self.metadata_address,
|
|
||||||
- headers_cb=self._get_headers, exception_cb=exc_cb_ud)
|
|
||||||
+ headers_cb=self._get_headers, headers_redact=redact,
|
|
||||||
+ exception_cb=exc_cb_ud)
|
|
||||||
crawled_metadata['meta-data'] = ec2.get_instance_metadata(
|
|
||||||
api_version, self.metadata_address,
|
|
||||||
- headers_cb=self._get_headers, exception_cb=exc_cb)
|
|
||||||
+ headers_cb=self._get_headers, headers_redact=redact,
|
|
||||||
+ exception_cb=exc_cb)
|
|
||||||
if self.cloud_name == CloudNames.AWS:
|
|
||||||
identity = ec2.get_instance_identity(
|
|
||||||
api_version, self.metadata_address,
|
|
||||||
- headers_cb=self._get_headers, exception_cb=exc_cb)
|
|
||||||
+ headers_cb=self._get_headers, headers_redact=redact,
|
|
||||||
+ exception_cb=exc_cb)
|
|
||||||
crawled_metadata['dynamic'] = {'instance-identity': identity}
|
|
||||||
except Exception:
|
|
||||||
util.logexc(
|
|
||||||
@@ -455,11 +466,12 @@ class DataSourceEc2(sources.DataSource):
|
|
||||||
if self.cloud_name != CloudNames.AWS:
|
|
||||||
return None
|
|
||||||
LOG.debug("Refreshing Ec2 metadata API token")
|
|
||||||
- request_header = {'X-aws-ec2-metadata-token-ttl-seconds': seconds}
|
|
||||||
+ request_header = {AWS_TOKEN_REQ_HEADER: seconds}
|
|
||||||
token_url = '{}/{}'.format(self.metadata_address, API_TOKEN_ROUTE)
|
|
||||||
try:
|
|
||||||
- response = uhelp.readurl(
|
|
||||||
- token_url, headers=request_header, request_method="PUT")
|
|
||||||
+ response = uhelp.readurl(token_url, headers=request_header,
|
|
||||||
+ headers_redact=AWS_TOKEN_REDACT,
|
|
||||||
+ request_method="PUT")
|
|
||||||
except uhelp.UrlError as e:
|
|
||||||
LOG.warning(
|
|
||||||
'Unable to get API token: %s raised exception %s',
|
|
||||||
@@ -500,8 +512,7 @@ class DataSourceEc2(sources.DataSource):
|
|
||||||
API_TOKEN_DISABLED):
|
|
||||||
return {}
|
|
||||||
# Request a 6 hour token if URL is API_TOKEN_ROUTE
|
|
||||||
- request_token_header = {
|
|
||||||
- 'X-aws-ec2-metadata-token-ttl-seconds': AWS_TOKEN_TTL_SECONDS}
|
|
||||||
+ request_token_header = {AWS_TOKEN_REQ_HEADER: AWS_TOKEN_TTL_SECONDS}
|
|
||||||
if API_TOKEN_ROUTE in url:
|
|
||||||
return request_token_header
|
|
||||||
if not self._api_token:
|
|
||||||
@@ -511,7 +522,7 @@ class DataSourceEc2(sources.DataSource):
|
|
||||||
self._api_token = self._refresh_api_token()
|
|
||||||
if not self._api_token:
|
|
||||||
return {}
|
|
||||||
- return {'X-aws-ec2-metadata-token': self._api_token}
|
|
||||||
+ return {AWS_TOKEN_PUT_HEADER: self._api_token}
|
|
||||||
|
|
||||||
|
|
||||||
class DataSourceEc2Local(DataSourceEc2):
|
|
||||||
diff --git a/cloudinit/url_helper.py b/cloudinit/url_helper.py
|
|
||||||
index 1496a47..3e7de9f 100644
|
|
||||||
--- a/cloudinit/url_helper.py
|
|
||||||
+++ b/cloudinit/url_helper.py
|
|
||||||
@@ -8,6 +8,7 @@
|
|
||||||
#
|
|
||||||
# This file is part of cloud-init. See LICENSE file for license information.
|
|
||||||
|
|
||||||
+import copy
|
|
||||||
import json
|
|
||||||
import os
|
|
||||||
import requests
|
|
||||||
@@ -41,6 +42,7 @@ else:
|
|
||||||
SSL_ENABLED = False
|
|
||||||
CONFIG_ENABLED = False # This was added in 0.7 (but taken out in >=1.0)
|
|
||||||
_REQ_VER = None
|
|
||||||
+REDACTED = 'REDACTED'
|
|
||||||
try:
|
|
||||||
from distutils.version import LooseVersion
|
|
||||||
import pkg_resources
|
|
||||||
@@ -199,9 +201,9 @@ def _get_ssl_args(url, ssl_details):
|
|
||||||
|
|
||||||
|
|
||||||
def readurl(url, data=None, timeout=None, retries=0, sec_between=1,
|
|
||||||
- headers=None, headers_cb=None, ssl_details=None,
|
|
||||||
- check_status=True, allow_redirects=True, exception_cb=None,
|
|
||||||
- session=None, infinite=False, log_req_resp=True,
|
|
||||||
+ headers=None, headers_cb=None, headers_redact=None,
|
|
||||||
+ ssl_details=None, check_status=True, allow_redirects=True,
|
|
||||||
+ exception_cb=None, session=None, infinite=False, log_req_resp=True,
|
|
||||||
request_method=None):
|
|
||||||
"""Wrapper around requests.Session to read the url and retry if necessary
|
|
||||||
|
|
||||||
@@ -217,6 +219,7 @@ def readurl(url, data=None, timeout=None, retries=0, sec_between=1,
|
|
||||||
:param headers: Optional dict of headers to send during request
|
|
||||||
:param headers_cb: Optional callable returning a dict of values to send as
|
|
||||||
headers during request
|
|
||||||
+ :param headers_redact: Optional list of header names to redact from the log
|
|
||||||
:param ssl_details: Optional dict providing key_file, ca_certs, and
|
|
||||||
cert_file keys for use on in ssl connections.
|
|
||||||
:param check_status: Optional boolean set True to raise when HTTPError
|
|
||||||
@@ -243,6 +246,8 @@ def readurl(url, data=None, timeout=None, retries=0, sec_between=1,
|
|
||||||
req_args['method'] = request_method
|
|
||||||
if timeout is not None:
|
|
||||||
req_args['timeout'] = max(float(timeout), 0)
|
|
||||||
+ if headers_redact is None:
|
|
||||||
+ headers_redact = []
|
|
||||||
# It doesn't seem like config
|
|
||||||
# was added in older library versions (or newer ones either), thus we
|
|
||||||
# need to manually do the retries if it wasn't...
|
|
||||||
@@ -287,6 +292,12 @@ def readurl(url, data=None, timeout=None, retries=0, sec_between=1,
|
|
||||||
if k == 'data':
|
|
||||||
continue
|
|
||||||
filtered_req_args[k] = v
|
|
||||||
+ if k == 'headers':
|
|
||||||
+ for hkey, _hval in v.items():
|
|
||||||
+ if hkey in headers_redact:
|
|
||||||
+ filtered_req_args[k][hkey] = (
|
|
||||||
+ copy.deepcopy(req_args[k][hkey]))
|
|
||||||
+ filtered_req_args[k][hkey] = REDACTED
|
|
||||||
try:
|
|
||||||
|
|
||||||
if log_req_resp:
|
|
||||||
@@ -339,8 +350,8 @@ def readurl(url, data=None, timeout=None, retries=0, sec_between=1,
|
|
||||||
return None # Should throw before this...
|
|
||||||
|
|
||||||
|
|
||||||
-def wait_for_url(urls, max_wait=None, timeout=None,
|
|
||||||
- status_cb=None, headers_cb=None, sleep_time=1,
|
|
||||||
+def wait_for_url(urls, max_wait=None, timeout=None, status_cb=None,
|
|
||||||
+ headers_cb=None, headers_redact=None, sleep_time=1,
|
|
||||||
exception_cb=None, sleep_time_cb=None, request_method=None):
|
|
||||||
"""
|
|
||||||
urls: a list of urls to try
|
|
||||||
@@ -352,6 +363,7 @@ def wait_for_url(urls, max_wait=None, timeout=None,
|
|
||||||
status_cb: call method with string message when a url is not available
|
|
||||||
headers_cb: call method with single argument of url to get headers
|
|
||||||
for request.
|
|
||||||
+ headers_redact: a list of header names to redact from the log
|
|
||||||
exception_cb: call method with 2 arguments 'msg' (per status_cb) and
|
|
||||||
'exception', the exception that occurred.
|
|
||||||
sleep_time_cb: call method with 2 arguments (response, loop_n) that
|
|
||||||
@@ -415,8 +427,9 @@ def wait_for_url(urls, max_wait=None, timeout=None,
|
|
||||||
headers = {}
|
|
||||||
|
|
||||||
response = readurl(
|
|
||||||
- url, headers=headers, timeout=timeout,
|
|
||||||
- check_status=False, request_method=request_method)
|
|
||||||
+ url, headers=headers, headers_redact=headers_redact,
|
|
||||||
+ timeout=timeout, check_status=False,
|
|
||||||
+ request_method=request_method)
|
|
||||||
if not response.contents:
|
|
||||||
reason = "empty response [%s]" % (response.code)
|
|
||||||
url_exc = UrlError(ValueError(reason), code=response.code,
|
|
||||||
diff --git a/tests/unittests/test_datasource/test_ec2.py b/tests/unittests/test_datasource/test_ec2.py
|
|
||||||
index 34a089f..bd5bd4c 100644
|
|
||||||
--- a/tests/unittests/test_datasource/test_ec2.py
|
|
||||||
+++ b/tests/unittests/test_datasource/test_ec2.py
|
|
||||||
@@ -429,6 +429,23 @@ class TestEc2(test_helpers.HttprettyTestCase):
|
|
||||||
self.assertTrue(ds.get_data())
|
|
||||||
self.assertFalse(ds.is_classic_instance())
|
|
||||||
|
|
||||||
+ def test_aws_token_redacted(self):
|
|
||||||
+ """Verify that aws tokens are redacted when logged."""
|
|
||||||
+ ds = self._setup_ds(
|
|
||||||
+ platform_data=self.valid_platform_data,
|
|
||||||
+ sys_cfg={'datasource': {'Ec2': {'strict_id': False}}},
|
|
||||||
+ md={'md': DEFAULT_METADATA})
|
|
||||||
+ self.assertTrue(ds.get_data())
|
|
||||||
+ all_logs = self.logs.getvalue().splitlines()
|
|
||||||
+ REDACT_TTL = "'X-aws-ec2-metadata-token-ttl-seconds': 'REDACTED'"
|
|
||||||
+ REDACT_TOK = "'X-aws-ec2-metadata-token': 'REDACTED'"
|
|
||||||
+ logs_with_redacted_ttl = [log for log in all_logs if REDACT_TTL in log]
|
|
||||||
+ logs_with_redacted = [log for log in all_logs if REDACT_TOK in log]
|
|
||||||
+ logs_with_token = [log for log in all_logs if 'API-TOKEN' in log]
|
|
||||||
+ self.assertEqual(1, len(logs_with_redacted_ttl))
|
|
||||||
+ self.assertEqual(79, len(logs_with_redacted))
|
|
||||||
+ self.assertEqual(0, len(logs_with_token))
|
|
||||||
+
|
|
||||||
@mock.patch('cloudinit.net.dhcp.maybe_perform_dhcp_discovery')
|
|
||||||
def test_valid_platform_with_strict_true(self, m_dhcp):
|
|
||||||
"""Valid platform data should return true with strict_id true."""
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
@ -1,128 +0,0 @@
|
|||||||
From dc9460f161efce6770f66bb95d60cea6d27df722 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Date: Thu, 25 Jun 2020 08:03:59 +0200
|
|
||||||
Subject: [PATCH] ec2: only redact token request headers in logs, avoid
|
|
||||||
altering request (#230)
|
|
||||||
|
|
||||||
RH-Author: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Message-id: <20200624112104.376-1-otubo@redhat.com>
|
|
||||||
Patchwork-id: 97793
|
|
||||||
O-Subject: [RHEL-8.3.0 cloud-init PATCH] ec2: only redact token request headers in logs, avoid altering request (#230)
|
|
||||||
Bugzilla: 1822343
|
|
||||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
||||||
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
|
||||||
RH-Acked-by: Cathy Avery <cavery@redhat.com>
|
|
||||||
|
|
||||||
From: Chad Smith <chad.smith@canonical.com>
|
|
||||||
|
|
||||||
commit fa1abfec27050a4fb71cad950a17e42f9b43b478
|
|
||||||
Author: Chad Smith <chad.smith@canonical.com>
|
|
||||||
Date: Tue Mar 3 15:23:33 2020 -0700
|
|
||||||
|
|
||||||
ec2: only redact token request headers in logs, avoid altering request (#230)
|
|
||||||
|
|
||||||
Our header redact logic was redacting both logged request headers and
|
|
||||||
the actual source request. This results in DataSourceEc2 sending the
|
|
||||||
invalid header "X-aws-ec2-metadata-token-ttl-seconds: REDACTED" which
|
|
||||||
gets an HTTP status response of 400.
|
|
||||||
|
|
||||||
Cloud-init retries this failed token request for 2 minutes before
|
|
||||||
falling back to IMDSv1.
|
|
||||||
|
|
||||||
LP: #1865882
|
|
||||||
|
|
||||||
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
cloudinit/tests/test_url_helper.py | 34 +++++++++++++++++++++++++++++++++-
|
|
||||||
cloudinit/url_helper.py | 15 ++++++++-------
|
|
||||||
2 files changed, 41 insertions(+), 8 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/cloudinit/tests/test_url_helper.py b/cloudinit/tests/test_url_helper.py
|
|
||||||
index 1674120..29b3937 100644
|
|
||||||
--- a/cloudinit/tests/test_url_helper.py
|
|
||||||
+++ b/cloudinit/tests/test_url_helper.py
|
|
||||||
@@ -1,7 +1,8 @@
|
|
||||||
# This file is part of cloud-init. See LICENSE file for license information.
|
|
||||||
|
|
||||||
from cloudinit.url_helper import (
|
|
||||||
- NOT_FOUND, UrlError, oauth_headers, read_file_or_url, retry_on_url_exc)
|
|
||||||
+ NOT_FOUND, UrlError, REDACTED, oauth_headers, read_file_or_url,
|
|
||||||
+ retry_on_url_exc)
|
|
||||||
from cloudinit.tests.helpers import CiTestCase, mock, skipIf
|
|
||||||
from cloudinit import util
|
|
||||||
from cloudinit import version
|
|
||||||
@@ -50,6 +51,9 @@ class TestOAuthHeaders(CiTestCase):
|
|
||||||
|
|
||||||
|
|
||||||
class TestReadFileOrUrl(CiTestCase):
|
|
||||||
+
|
|
||||||
+ with_logs = True
|
|
||||||
+
|
|
||||||
def test_read_file_or_url_str_from_file(self):
|
|
||||||
"""Test that str(result.contents) on file is text version of contents.
|
|
||||||
It should not be "b'data'", but just "'data'" """
|
|
||||||
@@ -71,6 +75,34 @@ class TestReadFileOrUrl(CiTestCase):
|
|
||||||
self.assertEqual(result.contents, data)
|
|
||||||
self.assertEqual(str(result), data.decode('utf-8'))
|
|
||||||
|
|
||||||
+ @httpretty.activate
|
|
||||||
+ def test_read_file_or_url_str_from_url_redacting_headers_from_logs(self):
|
|
||||||
+ """Headers are redacted from logs but unredacted in requests."""
|
|
||||||
+ url = 'http://hostname/path'
|
|
||||||
+ headers = {'sensitive': 'sekret', 'server': 'blah'}
|
|
||||||
+ httpretty.register_uri(httpretty.GET, url)
|
|
||||||
+
|
|
||||||
+ read_file_or_url(url, headers=headers, headers_redact=['sensitive'])
|
|
||||||
+ logs = self.logs.getvalue()
|
|
||||||
+ for k in headers.keys():
|
|
||||||
+ self.assertEqual(headers[k], httpretty.last_request().headers[k])
|
|
||||||
+ self.assertIn(REDACTED, logs)
|
|
||||||
+ self.assertNotIn('sekret', logs)
|
|
||||||
+
|
|
||||||
+ @httpretty.activate
|
|
||||||
+ def test_read_file_or_url_str_from_url_redacts_noheaders(self):
|
|
||||||
+ """When no headers_redact, header values are in logs and requests."""
|
|
||||||
+ url = 'http://hostname/path'
|
|
||||||
+ headers = {'sensitive': 'sekret', 'server': 'blah'}
|
|
||||||
+ httpretty.register_uri(httpretty.GET, url)
|
|
||||||
+
|
|
||||||
+ read_file_or_url(url, headers=headers)
|
|
||||||
+ for k in headers.keys():
|
|
||||||
+ self.assertEqual(headers[k], httpretty.last_request().headers[k])
|
|
||||||
+ logs = self.logs.getvalue()
|
|
||||||
+ self.assertNotIn(REDACTED, logs)
|
|
||||||
+ self.assertIn('sekret', logs)
|
|
||||||
+
|
|
||||||
@mock.patch(M_PATH + 'readurl')
|
|
||||||
def test_read_file_or_url_passes_params_to_readurl(self, m_readurl):
|
|
||||||
"""read_file_or_url passes all params through to readurl."""
|
|
||||||
diff --git a/cloudinit/url_helper.py b/cloudinit/url_helper.py
|
|
||||||
index 3e7de9f..e6188ea 100644
|
|
||||||
--- a/cloudinit/url_helper.py
|
|
||||||
+++ b/cloudinit/url_helper.py
|
|
||||||
@@ -291,13 +291,14 @@ def readurl(url, data=None, timeout=None, retries=0, sec_between=1,
|
|
||||||
for (k, v) in req_args.items():
|
|
||||||
if k == 'data':
|
|
||||||
continue
|
|
||||||
- filtered_req_args[k] = v
|
|
||||||
- if k == 'headers':
|
|
||||||
- for hkey, _hval in v.items():
|
|
||||||
- if hkey in headers_redact:
|
|
||||||
- filtered_req_args[k][hkey] = (
|
|
||||||
- copy.deepcopy(req_args[k][hkey]))
|
|
||||||
- filtered_req_args[k][hkey] = REDACTED
|
|
||||||
+ if k == 'headers' and headers_redact:
|
|
||||||
+ matched_headers = [k for k in headers_redact if v.get(k)]
|
|
||||||
+ if matched_headers:
|
|
||||||
+ filtered_req_args[k] = copy.deepcopy(v)
|
|
||||||
+ for key in matched_headers:
|
|
||||||
+ filtered_req_args[k][key] = REDACTED
|
|
||||||
+ else:
|
|
||||||
+ filtered_req_args[k] = v
|
|
||||||
try:
|
|
||||||
|
|
||||||
if log_req_resp:
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
53
SOURCES/ci-fix-a-typo-in-man-page-cloud-init.1-752.patch
Normal file
53
SOURCES/ci-fix-a-typo-in-man-page-cloud-init.1-752.patch
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
From c90d5c11eb99ec25e0fd90585bad9283e60bda7e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Tue, 26 Jan 2021 10:48:55 +0100
|
||||||
|
Subject: [PATCH] fix a typo in man page cloud-init.1 (#752)
|
||||||
|
|
||||||
|
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||||
|
RH-MergeRequest: 39: fix a typo in man page cloud-init.1 (#752)
|
||||||
|
RH-Commit: [1/1] d2f7efbc63a7928ef175ac0714053dba20aab01a (eterrell/cloud-init)
|
||||||
|
RH-Bugzilla: 1913127
|
||||||
|
|
||||||
|
commit 48b2c5f16bd4ef754fef137ea19894908d4bf1db
|
||||||
|
Author: Amy Chen <66719270+xiachen-rh@users.noreply.github.com>
|
||||||
|
Date: Wed Jan 6 22:37:02 2021 +0800
|
||||||
|
|
||||||
|
fix a typo in man page cloud-init.1 (#752)
|
||||||
|
|
||||||
|
1. fix a typo in cloud-init.1
|
||||||
|
2. add xiachen-rh as contributor
|
||||||
|
|
||||||
|
Conflict: We don't really use tools/.github-cla-signers, but had to fix
|
||||||
|
a tiny conflict of already included names on the file.
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
---
|
||||||
|
doc/man/cloud-init.1 | 2 +-
|
||||||
|
tools/.github-cla-signers | 1 +
|
||||||
|
2 files changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/doc/man/cloud-init.1 b/doc/man/cloud-init.1
|
||||||
|
index 9b52dc8d..3fde4148 100644
|
||||||
|
--- a/doc/man/cloud-init.1
|
||||||
|
+++ b/doc/man/cloud-init.1
|
||||||
|
@@ -10,7 +10,7 @@ cloud-init \- Cloud instance initialization
|
||||||
|
Cloud-init provides a mechanism for cloud instance initialization.
|
||||||
|
This is done by identifying the cloud platform that is in use, reading
|
||||||
|
provided cloud metadata and optional vendor and user
|
||||||
|
-data, and then intializing the instance as requested.
|
||||||
|
+data, and then initializing the instance as requested.
|
||||||
|
|
||||||
|
Generally, this command is not normally meant to be run directly by
|
||||||
|
the user. However, some subcommands may useful for development or
|
||||||
|
diff --git a/tools/.github-cla-signers b/tools/.github-cla-signers
|
||||||
|
index 802a35bd..e5d2b95c 100644
|
||||||
|
--- a/tools/.github-cla-signers
|
||||||
|
+++ b/tools/.github-cla-signers
|
||||||
|
@@ -21,3 +21,4 @@ sshedi
|
||||||
|
TheRealFalcon
|
||||||
|
tomponline
|
||||||
|
tsanghan
|
||||||
|
+xiachen-rh
|
||||||
|
--
|
||||||
|
2.18.4
|
||||||
|
|
@ -0,0 +1,247 @@
|
|||||||
|
From 51a90ecbdf1f3900183d8ec641eeb4571decf6dc Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Wed, 4 Nov 2020 12:37:54 +0100
|
||||||
|
Subject: [PATCH] network: Fix type and respect name when rendering vlan in
|
||||||
|
sysconfig. (#541)
|
||||||
|
|
||||||
|
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||||
|
RH-MergeRequest: 19: network: Fix type and respect name when rendering vlan in sysconfig. (#541)
|
||||||
|
RH-Commit: [1/1] 75bea46017397082c5763125a5f35806c2f840e9 (eterrell/cloud-init)
|
||||||
|
RH-Bugzilla: 1881462
|
||||||
|
|
||||||
|
commit 8439b191ec2f336d544cab86dba2860f969cd5b8
|
||||||
|
Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Tue Sep 15 18:00:00 2020 +0200
|
||||||
|
|
||||||
|
network: Fix type and respect name when rendering vlan in sysconfig. (#541)
|
||||||
|
|
||||||
|
Prior to this change, vlans were rendered in sysconfig with
|
||||||
|
'TYPE=Ethernet', and incorrectly rendered the PHYSDEV based on
|
||||||
|
the name of the vlan device rather than the 'link' provided
|
||||||
|
in the network config.
|
||||||
|
|
||||||
|
The change here fixes:
|
||||||
|
* rendering of TYPE=Ethernet for a vlan
|
||||||
|
* adds a warning if the configured device name is not supported
|
||||||
|
per the RHEL 7 docs "11.5. Naming Scheme for VLAN Interfaces"
|
||||||
|
|
||||||
|
LP: #1788915
|
||||||
|
LP: #1826608
|
||||||
|
RHBZ: #1861871
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
---
|
||||||
|
cloudinit/net/sysconfig.py | 32 +++++++++-
|
||||||
|
tests/unittests/test_distros/test_netconfig.py | 81 ++++++++++++++++++++++++++
|
||||||
|
tests/unittests/test_net.py | 4 --
|
||||||
|
3 files changed, 112 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/cloudinit/net/sysconfig.py b/cloudinit/net/sysconfig.py
|
||||||
|
index c078898..078636a 100644
|
||||||
|
--- a/cloudinit/net/sysconfig.py
|
||||||
|
+++ b/cloudinit/net/sysconfig.py
|
||||||
|
@@ -99,6 +99,10 @@ class ConfigMap(object):
|
||||||
|
def __len__(self):
|
||||||
|
return len(self._conf)
|
||||||
|
|
||||||
|
+ def skip_key_value(self, key, val):
|
||||||
|
+ """Skip the pair key, value if it matches a certain rule."""
|
||||||
|
+ return False
|
||||||
|
+
|
||||||
|
def to_string(self):
|
||||||
|
buf = io.StringIO()
|
||||||
|
buf.write(_make_header())
|
||||||
|
@@ -106,6 +110,8 @@ class ConfigMap(object):
|
||||||
|
buf.write("\n")
|
||||||
|
for key in sorted(self._conf.keys()):
|
||||||
|
value = self._conf[key]
|
||||||
|
+ if self.skip_key_value(key, value):
|
||||||
|
+ continue
|
||||||
|
if isinstance(value, bool):
|
||||||
|
value = self._bool_map[value]
|
||||||
|
if not isinstance(value, str):
|
||||||
|
@@ -214,6 +220,7 @@ class NetInterface(ConfigMap):
|
||||||
|
'bond': 'Bond',
|
||||||
|
'bridge': 'Bridge',
|
||||||
|
'infiniband': 'InfiniBand',
|
||||||
|
+ 'vlan': 'Vlan',
|
||||||
|
}
|
||||||
|
|
||||||
|
def __init__(self, iface_name, base_sysconf_dir, templates,
|
||||||
|
@@ -267,6 +274,11 @@ class NetInterface(ConfigMap):
|
||||||
|
c.routes = self.routes.copy()
|
||||||
|
return c
|
||||||
|
|
||||||
|
+ def skip_key_value(self, key, val):
|
||||||
|
+ if key == 'TYPE' and val == 'Vlan':
|
||||||
|
+ return True
|
||||||
|
+ return False
|
||||||
|
+
|
||||||
|
|
||||||
|
class Renderer(renderer.Renderer):
|
||||||
|
"""Renders network information in a /etc/sysconfig format."""
|
||||||
|
@@ -701,7 +713,16 @@ class Renderer(renderer.Renderer):
|
||||||
|
iface_cfg['ETHERDEVICE'] = iface_name[:iface_name.rfind('.')]
|
||||||
|
else:
|
||||||
|
iface_cfg['VLAN'] = True
|
||||||
|
- iface_cfg['PHYSDEV'] = iface_name[:iface_name.rfind('.')]
|
||||||
|
+ iface_cfg.kind = 'vlan'
|
||||||
|
+
|
||||||
|
+ rdev = iface['vlan-raw-device']
|
||||||
|
+ supported = _supported_vlan_names(rdev, iface['vlan_id'])
|
||||||
|
+ if iface_name not in supported:
|
||||||
|
+ LOG.info(
|
||||||
|
+ "Name '%s' for vlan '%s' is not officially supported"
|
||||||
|
+ "by RHEL. Supported: %s",
|
||||||
|
+ iface_name, rdev, ' '.join(supported))
|
||||||
|
+ iface_cfg['PHYSDEV'] = rdev
|
||||||
|
|
||||||
|
iface_subnets = iface.get("subnets", [])
|
||||||
|
route_cfg = iface_cfg.routes
|
||||||
|
@@ -909,6 +930,15 @@ class Renderer(renderer.Renderer):
|
||||||
|
"\n".join(netcfg) + "\n", file_mode)
|
||||||
|
|
||||||
|
|
||||||
|
+def _supported_vlan_names(rdev, vid):
|
||||||
|
+ """Return list of supported names for vlan devices per RHEL doc
|
||||||
|
+ 11.5. Naming Scheme for VLAN Interfaces."""
|
||||||
|
+ return [
|
||||||
|
+ v.format(rdev=rdev, vid=int(vid))
|
||||||
|
+ for v in ("{rdev}{vid:04}", "{rdev}{vid}",
|
||||||
|
+ "{rdev}.{vid:04}", "{rdev}.{vid}")]
|
||||||
|
+
|
||||||
|
+
|
||||||
|
def available(target=None):
|
||||||
|
sysconfig = available_sysconfig(target=target)
|
||||||
|
nm = available_nm(target=target)
|
||||||
|
diff --git a/tests/unittests/test_distros/test_netconfig.py b/tests/unittests/test_distros/test_netconfig.py
|
||||||
|
index f9fc3a1..a1df066 100644
|
||||||
|
--- a/tests/unittests/test_distros/test_netconfig.py
|
||||||
|
+++ b/tests/unittests/test_distros/test_netconfig.py
|
||||||
|
@@ -541,6 +541,87 @@ class TestNetCfgDistroRedhat(TestNetCfgDistroBase):
|
||||||
|
V1_NET_CFG_IPV6,
|
||||||
|
expected_cfgs=expected_cfgs.copy())
|
||||||
|
|
||||||
|
+ def test_vlan_render_unsupported(self):
|
||||||
|
+ """Render officially unsupported vlan names."""
|
||||||
|
+ cfg = {
|
||||||
|
+ 'version': 2,
|
||||||
|
+ 'ethernets': {
|
||||||
|
+ 'eth0': {'addresses': ["192.10.1.2/24"],
|
||||||
|
+ 'match': {'macaddress': "00:16:3e:60:7c:df"}}},
|
||||||
|
+ 'vlans': {
|
||||||
|
+ 'infra0': {'addresses': ["10.0.1.2/16"],
|
||||||
|
+ 'id': 1001, 'link': 'eth0'}},
|
||||||
|
+ }
|
||||||
|
+ expected_cfgs = {
|
||||||
|
+ self.ifcfg_path('eth0'): dedent("""\
|
||||||
|
+ BOOTPROTO=none
|
||||||
|
+ DEVICE=eth0
|
||||||
|
+ HWADDR=00:16:3e:60:7c:df
|
||||||
|
+ IPADDR=192.10.1.2
|
||||||
|
+ NETMASK=255.255.255.0
|
||||||
|
+ NM_CONTROLLED=no
|
||||||
|
+ ONBOOT=yes
|
||||||
|
+ TYPE=Ethernet
|
||||||
|
+ USERCTL=no
|
||||||
|
+ """),
|
||||||
|
+ self.ifcfg_path('infra0'): dedent("""\
|
||||||
|
+ BOOTPROTO=none
|
||||||
|
+ DEVICE=infra0
|
||||||
|
+ IPADDR=10.0.1.2
|
||||||
|
+ NETMASK=255.255.0.0
|
||||||
|
+ NM_CONTROLLED=no
|
||||||
|
+ ONBOOT=yes
|
||||||
|
+ PHYSDEV=eth0
|
||||||
|
+ USERCTL=no
|
||||||
|
+ VLAN=yes
|
||||||
|
+ """),
|
||||||
|
+ self.control_path(): dedent("""\
|
||||||
|
+ NETWORKING=yes
|
||||||
|
+ """),
|
||||||
|
+ }
|
||||||
|
+ self._apply_and_verify(
|
||||||
|
+ self.distro.apply_network_config, cfg,
|
||||||
|
+ expected_cfgs=expected_cfgs)
|
||||||
|
+
|
||||||
|
+ def test_vlan_render(self):
|
||||||
|
+ cfg = {
|
||||||
|
+ 'version': 2,
|
||||||
|
+ 'ethernets': {
|
||||||
|
+ 'eth0': {'addresses': ["192.10.1.2/24"]}},
|
||||||
|
+ 'vlans': {
|
||||||
|
+ 'eth0.1001': {'addresses': ["10.0.1.2/16"],
|
||||||
|
+ 'id': 1001, 'link': 'eth0'}},
|
||||||
|
+ }
|
||||||
|
+ expected_cfgs = {
|
||||||
|
+ self.ifcfg_path('eth0'): dedent("""\
|
||||||
|
+ BOOTPROTO=none
|
||||||
|
+ DEVICE=eth0
|
||||||
|
+ IPADDR=192.10.1.2
|
||||||
|
+ NETMASK=255.255.255.0
|
||||||
|
+ NM_CONTROLLED=no
|
||||||
|
+ ONBOOT=yes
|
||||||
|
+ TYPE=Ethernet
|
||||||
|
+ USERCTL=no
|
||||||
|
+ """),
|
||||||
|
+ self.ifcfg_path('eth0.1001'): dedent("""\
|
||||||
|
+ BOOTPROTO=none
|
||||||
|
+ DEVICE=eth0.1001
|
||||||
|
+ IPADDR=10.0.1.2
|
||||||
|
+ NETMASK=255.255.0.0
|
||||||
|
+ NM_CONTROLLED=no
|
||||||
|
+ ONBOOT=yes
|
||||||
|
+ PHYSDEV=eth0
|
||||||
|
+ USERCTL=no
|
||||||
|
+ VLAN=yes
|
||||||
|
+ """),
|
||||||
|
+ self.control_path(): dedent("""\
|
||||||
|
+ NETWORKING=yes
|
||||||
|
+ """),
|
||||||
|
+ }
|
||||||
|
+ self._apply_and_verify(
|
||||||
|
+ self.distro.apply_network_config, cfg,
|
||||||
|
+ expected_cfgs=expected_cfgs)
|
||||||
|
+
|
||||||
|
|
||||||
|
class TestNetCfgDistroOpensuse(TestNetCfgDistroBase):
|
||||||
|
|
||||||
|
diff --git a/tests/unittests/test_net.py b/tests/unittests/test_net.py
|
||||||
|
index d7a7a65..c033745 100644
|
||||||
|
--- a/tests/unittests/test_net.py
|
||||||
|
+++ b/tests/unittests/test_net.py
|
||||||
|
@@ -1656,7 +1656,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
|
DHCLIENT_SET_DEFAULT_ROUTE=no
|
||||||
|
ONBOOT=yes
|
||||||
|
PHYSDEV=bond0
|
||||||
|
- TYPE=Ethernet
|
||||||
|
USERCTL=no
|
||||||
|
VLAN=yes"""),
|
||||||
|
'ifcfg-br0': textwrap.dedent("""\
|
||||||
|
@@ -1699,7 +1698,6 @@ pre-down route del -net 10.0.0.0/8 gw 11.0.0.1 metric 3 || true
|
||||||
|
NETMASK1=255.255.255.0
|
||||||
|
ONBOOT=yes
|
||||||
|
PHYSDEV=eth0
|
||||||
|
- TYPE=Ethernet
|
||||||
|
USERCTL=no
|
||||||
|
VLAN=yes"""),
|
||||||
|
'ifcfg-eth1': textwrap.dedent("""\
|
||||||
|
@@ -2302,7 +2300,6 @@ iface bond0 inet6 static
|
||||||
|
NETMASK1=255.255.255.0
|
||||||
|
ONBOOT=yes
|
||||||
|
PHYSDEV=en0
|
||||||
|
- TYPE=Ethernet
|
||||||
|
USERCTL=no
|
||||||
|
VLAN=yes"""),
|
||||||
|
},
|
||||||
|
@@ -3409,7 +3406,6 @@ USERCTL=no
|
||||||
|
NM_CONTROLLED=no
|
||||||
|
ONBOOT=yes
|
||||||
|
PHYSDEV=eno1
|
||||||
|
- TYPE=Ethernet
|
||||||
|
USERCTL=no
|
||||||
|
VLAN=yes
|
||||||
|
""")
|
||||||
|
--
|
||||||
|
1.8.3.1
|
||||||
|
|
@ -0,0 +1,98 @@
|
|||||||
|
From b84a1e6d246bbb758f0530038612bd18eff71767 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Tue, 8 Dec 2020 13:27:22 +0100
|
||||||
|
Subject: [PATCH 4/4] ssh_util: handle non-default AuthorizedKeysFile config
|
||||||
|
(#586)
|
||||||
|
|
||||||
|
RH-Author: Eduardo Terrell Ferrari Otubo (eterrell)
|
||||||
|
RH-MergeRequest: 28: ssh_util: handle non-default AuthorizedKeysFile config (#586)
|
||||||
|
RH-Commit: [1/1] f7ce396e3002c53a3504e653b58810efb956aa26 (eterrell/cloud-init)
|
||||||
|
RH-Bugzilla: 1862967
|
||||||
|
|
||||||
|
commit b0e73814db4027dba0b7dc0282e295b7f653325c
|
||||||
|
Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Tue Oct 20 18:04:59 2020 +0200
|
||||||
|
|
||||||
|
ssh_util: handle non-default AuthorizedKeysFile config (#586)
|
||||||
|
|
||||||
|
The following commit merged all ssh keys into a default user file
|
||||||
|
`~/.ssh/authorized_keys` in sshd_config had multiple files configured for
|
||||||
|
AuthorizedKeysFile:
|
||||||
|
|
||||||
|
commit f1094b1a539044c0193165a41501480de0f8df14
|
||||||
|
Author: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
Date: Thu Dec 5 17:37:35 2019 +0100
|
||||||
|
|
||||||
|
Multiple file fix for AuthorizedKeysFile config (#60)
|
||||||
|
|
||||||
|
This commit ignored the case when sshd_config would have a single file for
|
||||||
|
AuthorizedKeysFile, but a non default configuration, for example
|
||||||
|
`~/.ssh/authorized_keys_foobar`. In this case cloud-init would grab all keys
|
||||||
|
from this file and write a new one, the default `~/.ssh/authorized_keys`
|
||||||
|
causing the bug.
|
||||||
|
|
||||||
|
rhbz: #1862967
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Otubo <otubo@redhat.com>
|
||||||
|
---
|
||||||
|
cloudinit/ssh_util.py | 6 +++---
|
||||||
|
tests/unittests/test_sshutil.py | 6 +++---
|
||||||
|
2 files changed, 6 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/cloudinit/ssh_util.py b/cloudinit/ssh_util.py
|
||||||
|
index c08042d6..d5113996 100644
|
||||||
|
--- a/cloudinit/ssh_util.py
|
||||||
|
+++ b/cloudinit/ssh_util.py
|
||||||
|
@@ -262,13 +262,13 @@ def extract_authorized_keys(username, sshd_cfg_file=DEF_SSHD_CFG):
|
||||||
|
|
||||||
|
except (IOError, OSError):
|
||||||
|
# Give up and use a default key filename
|
||||||
|
- auth_key_fns[0] = default_authorizedkeys_file
|
||||||
|
+ auth_key_fns.append(default_authorizedkeys_file)
|
||||||
|
util.logexc(LOG, "Failed extracting 'AuthorizedKeysFile' in SSH "
|
||||||
|
"config from %r, using 'AuthorizedKeysFile' file "
|
||||||
|
"%r instead", DEF_SSHD_CFG, auth_key_fns[0])
|
||||||
|
|
||||||
|
- # always store all the keys in the user's private file
|
||||||
|
- return (default_authorizedkeys_file, parse_authorized_keys(auth_key_fns))
|
||||||
|
+ # always store all the keys in the first file configured on sshd_config
|
||||||
|
+ return (auth_key_fns[0], parse_authorized_keys(auth_key_fns))
|
||||||
|
|
||||||
|
|
||||||
|
def setup_user_keys(keys, username, options=None):
|
||||||
|
diff --git a/tests/unittests/test_sshutil.py b/tests/unittests/test_sshutil.py
|
||||||
|
index fd1d1bac..88a111e3 100644
|
||||||
|
--- a/tests/unittests/test_sshutil.py
|
||||||
|
+++ b/tests/unittests/test_sshutil.py
|
||||||
|
@@ -593,7 +593,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||||
|
fpw.pw_name, sshd_config)
|
||||||
|
content = ssh_util.update_authorized_keys(auth_key_entries, [])
|
||||||
|
|
||||||
|
- self.assertEqual("%s/.ssh/authorized_keys" % fpw.pw_dir, auth_key_fn)
|
||||||
|
+ self.assertEqual(authorized_keys, auth_key_fn)
|
||||||
|
self.assertTrue(VALID_CONTENT['rsa'] in content)
|
||||||
|
self.assertTrue(VALID_CONTENT['dsa'] in content)
|
||||||
|
|
||||||
|
@@ -610,7 +610,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||||
|
sshd_config = self.tmp_path('sshd_config')
|
||||||
|
util.write_file(
|
||||||
|
sshd_config,
|
||||||
|
- "AuthorizedKeysFile %s %s" % (authorized_keys, user_keys)
|
||||||
|
+ "AuthorizedKeysFile %s %s" % (user_keys, authorized_keys)
|
||||||
|
)
|
||||||
|
|
||||||
|
(auth_key_fn, auth_key_entries) = ssh_util.extract_authorized_keys(
|
||||||
|
@@ -618,7 +618,7 @@ class TestMultipleSshAuthorizedKeysFile(test_helpers.CiTestCase):
|
||||||
|
)
|
||||||
|
content = ssh_util.update_authorized_keys(auth_key_entries, [])
|
||||||
|
|
||||||
|
- self.assertEqual("%s/.ssh/authorized_keys" % fpw.pw_dir, auth_key_fn)
|
||||||
|
+ self.assertEqual(user_keys, auth_key_fn)
|
||||||
|
self.assertTrue(VALID_CONTENT['rsa'] in content)
|
||||||
|
self.assertTrue(VALID_CONTENT['dsa'] in content)
|
||||||
|
|
||||||
|
--
|
||||||
|
2.18.4
|
||||||
|
|
@ -1,46 +0,0 @@
|
|||||||
From ebbc83c1ca52620179d94dc1d92c44883273e4ef Mon Sep 17 00:00:00 2001
|
|
||||||
From: jmaloy <jmaloy@redhat.com>
|
|
||||||
Date: Thu, 28 May 2020 08:44:02 +0200
|
|
||||||
Subject: [PATCH 2/4] utils: use SystemRandom when generating random password.
|
|
||||||
(#204)
|
|
||||||
|
|
||||||
RH-Author: jmaloy <jmaloy@redhat.com>
|
|
||||||
Message-id: <20200313184329.16696-2-jmaloy@redhat.com>
|
|
||||||
Patchwork-id: 94294
|
|
||||||
O-Subject: [RHEL-8.2 cloud-init PATCH 1/1] utils: use SystemRandom when generating random password. (#204)
|
|
||||||
Bugzilla: 1812174
|
|
||||||
RH-Acked-by: Eduardo Otubo <eterrell@redhat.com>
|
|
||||||
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
|
||||||
RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
|
|
||||||
|
|
||||||
From: Dimitri John Ledkov <xnox@ubuntu.com>
|
|
||||||
|
|
||||||
As noticed by Seth Arnold, non-deterministic SystemRandom should be
|
|
||||||
used when creating security sensitive random strings.
|
|
||||||
|
|
||||||
(cherry picked from commit 3e2f7356effc9e9cccc5ae945846279804eedc46)
|
|
||||||
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
|
||||||
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
||||||
---
|
|
||||||
cloudinit/util.py | 3 ++-
|
|
||||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/cloudinit/util.py b/cloudinit/util.py
|
|
||||||
index 9d9d5c7..5d51ba8 100644
|
|
||||||
--- a/cloudinit/util.py
|
|
||||||
+++ b/cloudinit/util.py
|
|
||||||
@@ -401,9 +401,10 @@ def translate_bool(val, addons=None):
|
|
||||||
|
|
||||||
|
|
||||||
def rand_str(strlen=32, select_from=None):
|
|
||||||
+ r = random.SystemRandom()
|
|
||||||
if not select_from:
|
|
||||||
select_from = string.ascii_letters + string.digits
|
|
||||||
- return "".join([random.choice(select_from) for _x in range(0, strlen)])
|
|
||||||
+ return "".join([r.choice(select_from) for _x in range(0, strlen)])
|
|
||||||
|
|
||||||
|
|
||||||
def rand_dict_key(dictionary, postfix=None):
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
@ -5,8 +5,8 @@
|
|||||||
%global debug_package %{nil}
|
%global debug_package %{nil}
|
||||||
|
|
||||||
Name: cloud-init
|
Name: cloud-init
|
||||||
Version: 19.4
|
Version: 20.3
|
||||||
Release: 7%{?dist}
|
Release: 10%{?dist}
|
||||||
Summary: Cloud instance init scripts
|
Summary: Cloud instance init scripts
|
||||||
|
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
@ -22,24 +22,24 @@ Patch0004: 0004-sysconfig-Don-t-write-BOOTPROTO-dhcp-for-ipv6-dhcp.patch
|
|||||||
Patch0005: 0005-DataSourceAzure.py-use-hostnamectl-to-set-hostname.patch
|
Patch0005: 0005-DataSourceAzure.py-use-hostnamectl-to-set-hostname.patch
|
||||||
Patch0006: 0006-include-NOZEROCONF-yes-in-etc-sysconfig-network.patch
|
Patch0006: 0006-include-NOZEROCONF-yes-in-etc-sysconfig-network.patch
|
||||||
Patch0007: 0007-Remove-race-condition-between-cloud-init-and-Network.patch
|
Patch0007: 0007-Remove-race-condition-between-cloud-init-and-Network.patch
|
||||||
# For bz#1812171 - CVE-2020-8632 cloud-init: Too short random password length in cc_set_password in config/cc_set_passwords.py [rhel-8]
|
Patch8: ci-Explicit-set-IPV6_AUTOCONF-and-IPV6_FORCE_ACCEPT_RA-.patch
|
||||||
Patch8: ci-cc_set_password-increase-random-pwlength-from-9-to-2.patch
|
Patch9: ci-Add-config-modules-for-controlling-IBM-PowerVM-RMC.-.patch
|
||||||
# For bz#1812174 - CVE-2020-8631 cloud-init: Use of random.choice when generating random password [rhel-8]
|
# For bz#1881462 - [rhel8][cloud-init] ifup bond0.504 Error: Connection activation failed: No suitable device found for this connection
|
||||||
Patch9: ci-utils-use-SystemRandom-when-generating-random-passwo.patch
|
Patch10: ci-network-Fix-type-and-respect-name-when-rendering-vla.patch
|
||||||
# For bz#1814152 - CVE-2018-10896 cloud-init: default configuration disabled deletion of SSH host keys [rhel-8]
|
# For bz#1859695 - [Cloud-init] DHCPv6 assigned address is not added to VM's interface
|
||||||
Patch10: ci-Enable-ssh_deletekeys-by-default.patch
|
Patch11: ci-Adding-BOOTPROTO-dhcp-to-render-sysconfig-dhcp6-stat.patch
|
||||||
# For bz#1840648 - [cloud-init][RHEL-8.2.0] /etc/resolv.conf lose config after reboot (initial instance is ok)
|
# For bz#1898943 - [rhel-8]cloud-final.service fails if NetworkManager not installed.
|
||||||
Patch11: ci-Remove-race-condition-between-cloud-init-and-Network.patch
|
Patch12: ci-Fix-unit-failure-of-cloud-final.service-if-NetworkMa.patch
|
||||||
# For bz#1803928 - [RHEL8.3] Race condition of starting cloud-init and NetworkManager
|
# For bz#1862967 - [cloud-init]Customize ssh AuthorizedKeysFile causes login failure
|
||||||
Patch12: ci-Make-cloud-init.service-execute-after-network-is-up.patch
|
Patch13: ci-ssh_util-handle-non-default-AuthorizedKeysFile-confi.patch
|
||||||
# For bz#1822343 - [RHEL8.3] Do not log IMDSv2 token values into cloud-init.log
|
# For bz#1859695 - [Cloud-init] DHCPv6 assigned address is not added to VM's interface
|
||||||
Patch13: ci-ec2-Do-not-log-IMDSv2-token-values-instead-use-REDAC.patch
|
Patch14: ci-Missing-IPV6_AUTOCONF-no-to-render-sysconfig-dhcp6-s.patch
|
||||||
# For bz#1834173 - [rhel-8.3]Incorrect ds-identify check in cloud-init-generator
|
# For bz#1900892 - [Azure] Update existing user password RHEL8x
|
||||||
Patch14: ci-Change-from-redhat-to-rhel-in-systemd-generator-tmpl.patch
|
Patch15: ci-DataSourceAzure-update-password-for-defuser-if-exist.patch
|
||||||
# For bz#1834173 - [rhel-8.3]Incorrect ds-identify check in cloud-init-generator
|
# For bz#1919972 - [RHEL-8.4] ssh keys can be shared across users giving potential root access
|
||||||
Patch15: ci-cloud-init.service.tmpl-use-rhel-instead-of-redhat-4.patch
|
Patch16: ci-Revert-ssh_util-handle-non-default-AuthorizedKeysFil.patch
|
||||||
# For bz#1822343 - [RHEL8.3] Do not log IMDSv2 token values into cloud-init.log
|
# For bz#1913127 - A typo in cloud-init man page
|
||||||
Patch16: ci-ec2-only-redact-token-request-headers-in-logs-avoid-.patch
|
Patch17: ci-fix-a-typo-in-man-page-cloud-init.1-752.patch
|
||||||
|
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
|
|
||||||
@ -72,7 +72,6 @@ BuildRequires: /usr/bin/dnf
|
|||||||
Requires: e2fsprogs
|
Requires: e2fsprogs
|
||||||
Requires: iproute
|
Requires: iproute
|
||||||
Requires: libselinux-python3
|
Requires: libselinux-python3
|
||||||
Requires: net-tools
|
|
||||||
Requires: policycoreutils-python3
|
Requires: policycoreutils-python3
|
||||||
Requires: procps
|
Requires: procps
|
||||||
Requires: python3-configobj
|
Requires: python3-configobj
|
||||||
@ -113,6 +112,8 @@ sed -i -e 's|#!/usr/bin/env python|#!/usr/bin/env python3|' \
|
|||||||
|
|
||||||
python3 tools/render-cloudcfg --variant fedora > $RPM_BUILD_ROOT/%{_sysconfdir}/cloud/cloud.cfg
|
python3 tools/render-cloudcfg --variant fedora > $RPM_BUILD_ROOT/%{_sysconfdir}/cloud/cloud.cfg
|
||||||
|
|
||||||
|
sed -i "s,@@PACKAGED_VERSION@@,%{version}-%{release}," $RPM_BUILD_ROOT/%{python3_sitelib}/cloudinit/version.py
|
||||||
|
|
||||||
mkdir -p $RPM_BUILD_ROOT/var/lib/cloud
|
mkdir -p $RPM_BUILD_ROOT/var/lib/cloud
|
||||||
|
|
||||||
# /run/cloud-init needs a tmpfiles.d entry
|
# /run/cloud-init needs a tmpfiles.d entry
|
||||||
@ -141,6 +142,12 @@ chmod 755 $RPM_BUILD_ROOT/usr/lib/systemd/system-generators/cloud-init-generator
|
|||||||
[ ! -d $RPM_BUILD_ROOT/usr/lib/%{name} ] && mkdir -p $RPM_BUILD_ROOT/usr/lib/%{name}
|
[ ! -d $RPM_BUILD_ROOT/usr/lib/%{name} ] && mkdir -p $RPM_BUILD_ROOT/usr/lib/%{name}
|
||||||
cp -p tools/ds-identify $RPM_BUILD_ROOT%{_libexecdir}/%{name}/ds-identify
|
cp -p tools/ds-identify $RPM_BUILD_ROOT%{_libexecdir}/%{name}/ds-identify
|
||||||
|
|
||||||
|
# installing man pages
|
||||||
|
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man1/
|
||||||
|
for man in cloud-id.1 cloud-init.1 cloud-init-per.1; do
|
||||||
|
install -c -m 0644 doc/man/${man} ${RPM_BUILD_ROOT}%{_mandir}/man1/${man}
|
||||||
|
chmod -x ${RPM_BUILD_ROOT}%{_mandir}/man1/*
|
||||||
|
done
|
||||||
|
|
||||||
%clean
|
%clean
|
||||||
rm -rf $RPM_BUILD_ROOT
|
rm -rf $RPM_BUILD_ROOT
|
||||||
@ -209,6 +216,7 @@ fi
|
|||||||
%{_libexecdir}/%{name}
|
%{_libexecdir}/%{name}
|
||||||
%{_bindir}/cloud-init*
|
%{_bindir}/cloud-init*
|
||||||
%doc %{_datadir}/doc/%{name}
|
%doc %{_datadir}/doc/%{name}
|
||||||
|
%{_mandir}/man1/*
|
||||||
%dir %verify(not mode) /run/cloud-init
|
%dir %verify(not mode) /run/cloud-init
|
||||||
%dir /var/lib/cloud
|
%dir /var/lib/cloud
|
||||||
/etc/NetworkManager/dispatcher.d/cloud-init-azure-hook
|
/etc/NetworkManager/dispatcher.d/cloud-init-azure-hook
|
||||||
@ -223,6 +231,99 @@ fi
|
|||||||
%config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf
|
%config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Feb 02 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-10.el8
|
||||||
|
- ci-fix-a-typo-in-man-page-cloud-init.1-752.patch [bz#1913127]
|
||||||
|
- Resolves: bz#1913127
|
||||||
|
(A typo in cloud-init man page)
|
||||||
|
|
||||||
|
* Tue Jan 26 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-9.el8
|
||||||
|
- ci-DataSourceAzure-update-password-for-defuser-if-exist.patch [bz#1900892]
|
||||||
|
- ci-Revert-ssh_util-handle-non-default-AuthorizedKeysFil.patch [bz#1919972]
|
||||||
|
- Resolves: bz#1900892
|
||||||
|
([Azure] Update existing user password RHEL8x)
|
||||||
|
- Resolves: bz#1919972
|
||||||
|
([RHEL-8.4] ssh keys can be shared across users giving potential root access)
|
||||||
|
|
||||||
|
* Thu Jan 21 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-8.el8
|
||||||
|
- ci-Missing-IPV6_AUTOCONF-no-to-render-sysconfig-dhcp6-s.patch [bz#1859695]
|
||||||
|
- Resolves: bz#1859695
|
||||||
|
([Cloud-init] DHCPv6 assigned address is not added to VM's interface)
|
||||||
|
|
||||||
|
* Tue Jan 05 2021 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-7.el8
|
||||||
|
- ci-Report-full-specific-version-with-cloud-init-version.patch [bz#1898949]
|
||||||
|
- Resolves: bz#1898949
|
||||||
|
(cloud-init should report full specific full version with "cloud-init --version")
|
||||||
|
|
||||||
|
* Mon Dec 14 2020 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-6.el8
|
||||||
|
- ci-Installing-man-pages-in-the-correct-place-with-corre.patch [bz#1612573]
|
||||||
|
- ci-Adding-BOOTPROTO-dhcp-to-render-sysconfig-dhcp6-stat.patch [bz#1859695]
|
||||||
|
- ci-Fix-unit-failure-of-cloud-final.service-if-NetworkMa.patch [bz#1898943]
|
||||||
|
- ci-ssh_util-handle-non-default-AuthorizedKeysFile-confi.patch [bz#1862967]
|
||||||
|
- Resolves: bz#1612573
|
||||||
|
(Man page scan results for cloud-init)
|
||||||
|
- Resolves: bz#1859695
|
||||||
|
([Cloud-init] DHCPv6 assigned address is not added to VM's interface)
|
||||||
|
- Resolves: bz#1898943
|
||||||
|
([rhel-8]cloud-final.service fails if NetworkManager not installed.)
|
||||||
|
- Resolves: bz#1862967
|
||||||
|
([cloud-init]Customize ssh AuthorizedKeysFile causes login failure)
|
||||||
|
|
||||||
|
* Fri Nov 27 2020 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-5.el8
|
||||||
|
- ci-network-Fix-type-and-respect-name-when-rendering-vla.patch [bz#1881462]
|
||||||
|
- Resolves: bz#1881462
|
||||||
|
([rhel8][cloud-init] ifup bond0.504 Error: Connection activation failed: No suitable device found for this connection)
|
||||||
|
|
||||||
|
* Tue Nov 24 2020 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-4.el8
|
||||||
|
- ci-Changing-permission-of-cloud-init-generator-to-755.patch [bz#1897528]
|
||||||
|
- Resolves: bz#1897528
|
||||||
|
(Change permission on ./systemd/cloud-init-generator.tmpl to 755 instead of 771)
|
||||||
|
|
||||||
|
* Fri Nov 13 2020 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-3.el8
|
||||||
|
- ci--Removing-net-tools-dependency.patch [bz#1881871]
|
||||||
|
- ci--Adding-man-pages-to-Red-Hat-spec-file.patch [bz#1612573]
|
||||||
|
- Resolves: bz#1881871
|
||||||
|
(Remove net-tools legacy dependency from spec file)
|
||||||
|
- Resolves: bz#1612573
|
||||||
|
(Man page scan results for cloud-init)
|
||||||
|
|
||||||
|
* Tue Nov 03 2020 Miroslav Rezanina <mrezanin@redhat.com> - 20.3-2.el8
|
||||||
|
- ci-Explicit-set-IPV6_AUTOCONF-and-IPV6_FORCE_ACCEPT_RA-.patch [bz#1889635]
|
||||||
|
- ci-Add-config-modules-for-controlling-IBM-PowerVM-RMC.-.patch [bz#1886430]
|
||||||
|
- Resolves: bz#1886430
|
||||||
|
(Support for cloud-init config modules for PowerVM Hypervisor in Red Hat cloud-init)
|
||||||
|
- Resolves: bz#1889635
|
||||||
|
(Add support for ipv6_autoconf on cloud-init-20.3)
|
||||||
|
|
||||||
|
* Fri Oct 23 2020 Eduardo Otubo <otubo@redhat.com> - 20.3-1.el8
|
||||||
|
- Rebase to cloud-init 20.3 [bz#1885185]
|
||||||
|
- Resolves: bz#1885185
|
||||||
|
([RHEL-8.4.0] cloud-init rebase to 20.3)
|
||||||
|
|
||||||
|
* Wed Sep 02 2020 Miroslav Rezanina <mrezanin@redhat.com> - 19.4-11.el8
|
||||||
|
- ci-cc_mounts-fix-incorrect-format-specifiers-316.patch [bz#1794664]
|
||||||
|
- Resolves: bz#1794664
|
||||||
|
([RHEL8] swapon fails with "swapfile has holes" when created on a xfs filesystem by cloud-init)
|
||||||
|
|
||||||
|
* Mon Aug 31 2020 Miroslav Rezanina <mrezanin@redhat.com> - 19.4-10.el8
|
||||||
|
- ci-Changing-notation-of-subp-call.patch [bz#1839662]
|
||||||
|
- Resolves: bz#1839662
|
||||||
|
([ESXi][RHEL8.3][cloud-init]ERROR log in cloud-init.log after clone VM on ESXi platform)
|
||||||
|
|
||||||
|
* Mon Aug 24 2020 Miroslav Rezanina <mrezanin@redhat.com> - 19.4-9.el8
|
||||||
|
- ci-Do-not-use-fallocate-in-swap-file-creation-on-xfs.-7.patch [bz#1794664]
|
||||||
|
- ci-swap-file-size-being-used-before-checked-if-str-315.patch [bz#1794664]
|
||||||
|
- ci-Detect-kernel-version-before-swap-file-creation-428.patch [bz#1794664]
|
||||||
|
- Resolves: bz#1794664
|
||||||
|
([RHEL8] swapon fails with "swapfile has holes" when created on a xfs filesystem by cloud-init)
|
||||||
|
|
||||||
|
* Mon Aug 17 2020 Miroslav Rezanina <mrezanin@redhat.com> - 19.4-8.el8
|
||||||
|
- ci-When-tools.conf-does-not-exist-running-cmd-vmware-to.patch [bz#1839662]
|
||||||
|
- ci-ssh-exit-with-non-zero-status-on-disabled-user-472.patch [bz#1833874]
|
||||||
|
- Resolves: bz#1833874
|
||||||
|
([rhel-8.3]using root user error should cause a non-zero exit code)
|
||||||
|
- Resolves: bz#1839662
|
||||||
|
([ESXi][RHEL8.3][cloud-init]ERROR log in cloud-init.log after clone VM on ESXi platform)
|
||||||
|
|
||||||
* Fri Jun 26 2020 Miroslav Rezanina <mrezanin@redhat.com> - 19.4-7.el8
|
* Fri Jun 26 2020 Miroslav Rezanina <mrezanin@redhat.com> - 19.4-7.el8
|
||||||
- Fixing cloud-init-generator permissions [bz#1834173]
|
- Fixing cloud-init-generator permissions [bz#1834173]
|
||||||
- Resolves: bz#1834173
|
- Resolves: bz#1834173
|
||||||
@ -267,10 +368,10 @@ fi
|
|||||||
- Resolves: bz#1840648
|
- Resolves: bz#1840648
|
||||||
([cloud-init][RHEL-8.2.0] /etc/resolv.conf lose config after reboot (initial instance is ok))
|
([cloud-init][RHEL-8.2.0] /etc/resolv.conf lose config after reboot (initial instance is ok))
|
||||||
|
|
||||||
* Mon Apr 20 2020 Miroslav Rezanina <mrezanin@redhat.coM> - 19.4-1.el8
|
* Mon Apr 20 2020 Miroslav Rezanina <mrezanin@redhat.coM> - 19.4-1.el8.1
|
||||||
- Rebase to cloud-init 19.4 [bz#1803095]
|
- Rebase to cloud-init 19.4 [bz#1811912]
|
||||||
- Resolves: bz#1803095
|
- Resolves: bz#1811912
|
||||||
([RHEL-8.3.0] cloud-init rebase to 19.4)
|
([RHEL-8.2.1] cloud-init rebase to 19.4)
|
||||||
|
|
||||||
* Tue Mar 10 2020 Miroslav Rezanina <mrezanin@redhat.com> - 18.5-12.el8
|
* Tue Mar 10 2020 Miroslav Rezanina <mrezanin@redhat.com> - 18.5-12.el8
|
||||||
- ci-Remove-race-condition-between-cloud-init-and-Network.patch [bz#1807797]
|
- ci-Remove-race-condition-between-cloud-init-and-Network.patch [bz#1807797]
|
||||||
|
Loading…
Reference in New Issue
Block a user