| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
| |
/etc/cloud/cloud.cfg.d/99-disable-network-activation.cfg on GCE instances after
fix in upstream google-guest-agent.
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Only set additionalProperties = False on draft4 schema
definition in jsonschema 3.0 or greater
because cloud-init globally registers its draft4 extensions
as the primary validator for any draft4-based schemas in
the same python process.
This affects solutions such as subiquity and
ubuntu-desktop-installer which invoke jsonschema.validate
in the same process at runtime just after calling
cloudinit.schema.get_jsonschema_validator.
The resulting Tracebacks are seen as something like:
jsonschema.exceptions.SchemaError:
{'$ref': '#/definitions/ref_id'} is not valid under any of the
given schema
Background:
cloud-init needs to extend draft4 schema to better
validate and warn 'deprecated' properties in draft4-based
cloud-init schema definitions. Our unittests also attempt
to strictly validate any meta schema definitions for the
cc_* config modules.
To accomplish strict meta schema validation cloud-init makes
a copy of the draft4 meta schema and adds an
'additionalProperties' = True to that schema to raise specific
errors and catch typos in cc_ module schema definitions.
Given that cloud-init at runtime extends and registers
a draft4 schema validator, any external consumers
of jsonschema.validate with draft4-base schemas are
exposed to cloud-init's validator so let's limit our risk
exposure.
For python 2.6.0, we cannot specify make draft4 schema
strict because any "$ref" keys are not yet resolved
to their actual #/defintions/<id> values so the traceback above
will always be generated in 'strict' mode for complex schemas.
This does not affect jsonschema 3.0+ which appears to resolve
schema $refs values before schema validation.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When fetching metadata in _check_if_nic_is_primary() the retry count
is 300, but fails out after 10 connection errors. In some cases,
fetching from IMDS may fail with read timeout for more than 10 attempts,
far sooner than the desired 300.
Keeping the existing max_connection_errors = 10 is fine so long
as it is truly a connection error. These generally shouldn't occur
when using the primary NIC.
Always retry on timeout errors (up until desired limit) and count
only connections errors against max_connection_errors.
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
Using individual release and platform marks to specify our test support
matrix was leading to too many marks specifying different combinations
of things. Rather, we can rely on the "skipif" mark to perform any
needed release or platform checks.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
- d/p/expire-on-hashed-users.patch
- d/p/retain-netplan-world-readable.patch
|
| |\ \
| |/ |
|
| | | |
|
| | |
| |
| |
| | |
Use the module level Log instances instead of passing log instances
to the cc_* handlers
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Patch is_vmware_platform to return False to avoid failure:
```
def test_no_data_access_method(self):
ds = get_ds(self.tmp)
ds.vmware_rpctool = None
> ret = ds._get_data()
tests/unittests/sources/test_vmware.py:104:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
cloudinit/sources/DataSourceVMware.py:193: in _get_data
if require_vmware_platform and not is_vmware_platform():
cloudinit/sources/DataSourceVMware.py:401: in is_vmware_platform
system_type = dmi.read_dmi_data("system-product-name")
cloudinit/dmi.py:180: in read_dmi_data
return _call_dmidecode(key, dmidecode_path)
cloudinit/dmi.py:130: in _call_dmidecode
(result, _err) = subp.subp(cmd)
E RuntimeError: called subp. set self.allowed_subp=True to allow
E subp(['/usr/sbin/dmidecode', '--string', 'system-product-name'])
tests/unittests/helpers.py:176: RuntimeError
```
Bypassing is_vmware_platform() avoids the dmi reads.
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Set permissions if file doesn't exist. Leave them if it does.
LP: #2011783
Co-authored-by: Chad Smith <chad.smith@canonical.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Recent changes to override_ds_detect() triggers a call to get_cmdline(),
which invokes subp.subp() for various container checks. This causes
tests to fail when running a specific test module instead of the full
set. This is because test_smartos.py on module load will trigger these
calls and the lru_cache() will retain the results. So if the module
does not load, the tests will fail.
Patch util.get_cmdline() for all data source tests to avoid this
behavior.
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Another physical modem which has duplicate MAC addresses.
Cloud-init needs to ignore the subordinate devices which are
associated with the qmi_wwan driver.
Fixes network rendering for the following modems:
Quectel EG25
Quectel RM510Q-GLHA
Sierra Wireless MC7455
LP: #2008888
|
| | |
| |
| |
| |
| | |
Fedora wasn't previously supported for CA handling. Enabling this
allows the testsuite to pass when ran on a Fedora system. The conf
override is the same as for rhel.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Sending dhclient command failed for InfiniBand ports because
dhcp-client-identifier is not specified.
So, providing this patch to allow send dhcp-client-identifier hardware
with the dhclient command for InfiniBand ports.
Signed-off-by: waleedm <waleedm@nvidia.com>
|
| | |
| |
| |
| |
| | |
Complete the examples that the suggested code work.
The examples in this script are not correct and should be adjusted accordingly.
|
| | |
| |
| |
| | |
This contributor was added on a downstream ubuntu/devel branch
and should be reflected in main too
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When running `make deb` or `packages/bddeb` our script uses the
host's debuild tooling instead of sbuild.
Since we move CI runners to a jammy environment, the host's
debhelper-compat levels become incompatible with building
a local bionic deb with debuild.
Fix package-build .github/workflow/integration.yaml to install
all package build dependenies from both requirements.txt an
test-requirements.txt using read-depenedencies.
Fix bddeb to determine the hosts debhelper-compat level support
when generating local deb packages without using sbuild.
To migrate to host-based debhelper-compat support the following
changes were made:
- drop packages/debian/compat file and prefer debian/control
debhelper-compat (= ##) definitions
- dpkg-query debhelper to check applicable debhelper versions
in Provides on the host
- Hardcode any `bddeb -d bionic` to a maximum of
debhelper-compat( = 11)
- Update package/debian/rules with latest published rules file
from ubuntu/devel branch
Use the latest debhelper-compat level provided by the host's
debhelper package by using dpkg-query.
Fixes CI on downstream ubuntu/* branches which invoke bddeb directly.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Do not prompt for CloudName when instance-data.json exists and is valid
YAML.
When instance-data.json exists, general-hooks/cloud_init.py will add the
following fields to bug reports:
CloudName, CloudID, CloudPlatform and CloudSubplatform.
Downstream ubuntu packaging braches deliver:
debian/apport-general-hook.py to
/usr/share/apport/general-hooks/cloud-init.py
Only prompt in during apport bug when the general-hook can't
process instance-data.json.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Commit d1ffbea556a06105 enabled skipping python datasource detection on
OpenStack when no other datasources (besides DataSourceNone) can be discovered.
This allowed one to override detection, which is a requirement for OpenStack
Ironic which does not advertise itself to cloud-init.
Since no further datasources can be detected at this stage in the code, this
pattern can be generalized to other datasources to facilitate troubleshooting
or providing a general workaround to runtime detection bugs.
Additionally, this pattern can be extended to kernel commandline datasource
definition. Since kernel commandline is highest priority of the
configurations, it makes sense to override python code datasource
detection as well.
Include an integration test on LXD for this behavior that configures kernel
commandline and reboots to verify that the specified datasource is forced.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently if a cert file doesn't exist, cc_ca_certs module crashes
This fix makes it possible to handle it gracefully.
Also, out_lines variable may not be available if os.stat returns 0.
This issue is also taken care of.
Added tests for the same.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There is a networking check in _poll_imds() which will attempt DHCP
again if networking is not up for source PPS. With the previous
change to wait at least 20 minutes during provisioning for DHCP,
this additional round is not necessary.
Report failure if networking is not up for any mode of source PPS.
In practice, this is very unlikely as provisioning will typically
timeout within the 20 minute window the VM is attempting DHCP and
the source PPS VM will be deleted.
This fixes an (unobserved) issue where Savable PPS does not have
networking prior to _wait_for_all_nics_ready().
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
|
| | | |
|
| | |
| |
| |
| | |
- remove too broad exceptions
- ignore dynamic base types in templater
|
| | | |
|
| | | |
|
| | |
| |
| | |
Co-authored-by: s-makin <sally.makin@canonical.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make the docs look more like the documentation produced on Ubuntu.com.
Make the default font size larger for accessibility.
Code literals are now the same size as regular font for the same reason,
but made slightly bolded to help pick them out from text (which should
help e.g. when commands are included as inline text and not a code block.
Give the sidebar headings a higher weight, for easier navigation.
For accessibility, change the weight and spacing between topics in the
side bars to help separate them and make it easier to tell where one link
ends and the next begins.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
On Debian and Ubuntu based systems the cc_grub_dpkg module
handles the needed change of the disk device name / path between
the pre created image and the real hardware system.
Currently it seems only BIOS mode is supported. This adds UEFI support as
well to change the configuration keys for UEFI.
|
| | |
| |
| |
| |
| | |
AppArmor is active on 23.04. It prevents writing to /var/tmp.
Integration test now writes to /var/spool/rsyslog/cloudinit.log to
assert working config.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bump system_cfg over ds network_config_source for Oracle DS,
so that if network config is defined under /etc/cloud,
it will be honored.
In a previous change, we moved the initramfs and system_cfg
bellow ds to favor ds, but this implied system-wide configs
were always not honored.
LP: #1956788
|
| | | |
|
| | |
| |
| |
| | |
Bump the version in cloudinit/version.py to 23.1.1 and
update ChangeLog.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Running on OpenStack Ironic was broken in 1efa8a0a0,
which prevented a system configured to run on only
Openstack from actually running this ds. This change
also prevents the kernel commandline definition from
working. This change was required to prevent
unnecessarily probing OpenStack on Ec2, and is
therefore still required.
This commit reverts an earlier attempt[1][2] to
automatically detect OpenStack, due to regression
it caused. Additionally, this change allows a
system that defines a datasource list containing
only [OpenStack] or [OpenStack, None] to attempt
running on OpenStack, overriding ds_detect(). A
datasource list that defines [OpenStack, None]
still falls back to DataSourceNone if OpenStack
fails to reach the IMDS.
This change also lays groundwork for the following
future work:
1. Add support for other datasources
2. Also override datasource checking when the kernel
command line defines a datasource. This work needs
to be done manually to support non-systemd systems.
Besides forcing OpenStack to run when it is the only
datasource in the datasource list, this commit also:
[1] 0220295 (it breaks some use cases)
[2] 29faf66 (no longer used)
LP: #2008727
|
| | |
| |
| |
| | |
- Use log_time context manager to wrap log UA-API calls
- Add a log msg pointing to UA logs
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There are effectively two regressions in the recent IMDS refactor:
1. The metadata check len(imds_md["interface"]) in
_check_if_nic_is_primary() is no longer correct as the refactor
switched URLs and did not update this call to account for the
fact that this metadata now lives under "network".
2. Network metadata was fetched with infinite=True and is now limited
to ten retries. This callback had the twist of only allowing up to
ten connection errors but otherwise would retry indefinetely.
For check_if_nic_is_primary():
- Drop the interface count check for _check_if_nic_is_primary(),
we don't need it anyways.
- Fix/update the unit tests mocks that allowed the tests to pass,
adding another test to verify max retries for http and connection
errors.
- Use 300 retries. We do want to hit a case where we spin forever,
but this should be more than enough time for IMDS to respond in
the Savable PPS case (~5 minutes).
For IMDS:
- Consolidate IMDS retry handlers into a new ReadUrlRetryHandler class
that supports the options required for each variant of request.
- Minor tweaks to log and expand logging checks in unit tests.
- Move all unit tests to mocking via mock_requests_session_request
and replace mock_readurl fixture with wrapped_readurl to improve
consistency between tests.
Note that this change drops usage of `retry_on_url_exc` and can probably
be removed altogether as it is no longer used AFAICT.
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
|
| | | |
|
| | |
| |
| | |
Usage was dropped in de7851b93c5a2d4658.
|
| | |
| |
| |
| |
| |
| | |
1. When metadata is invalid, should catch exception and report imc
failure event.
2. When pre/post customization script is invalid, should catch
exception and report imc failure event.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
At inception[1], dhclient hooks were used to filter environment variables into /run/cloud-init/dhclient.hooks/<interface>.json which was consumed by WALinuxAgentShim. The fallback method was to parse the dhcp client lease file.
Today the Azure datasource directly uses the parsed lease file[2], and loading /run/cloud-init/dhclient.hook/<interface>.json file was removed in 22.2[3]. With no other consumers, we can remove this.
[1] https://github.com/canonical/cloud-init/commit/648dbbf6b090c81e989f1ab70bf99f4de16a6a70
[2] https://github.com/canonical/cloud-init/blob/main/cloudinit/sources/DataSourceAzure.py#L447
[3] https://github.com/canonical/cloud-init/commit/5ad0768a796bc07232476d0d29b5225f1e6e131c
|
| | |
| |
| |
| |
| | |
- Add deprecation log level
- Add deprecation utilities for structured format and messaging
- Update existing deprecation log sites, add deprecated versions
|
| | |
| |
| |
| |
| |
| |
| |
| | |
CA handling in the configuration module was previously not supported
for SUSE based distros. Enable this functionality by creating the
necessary configuration settings.
Secondly update the test such that it does not bleed through to the
test system.
|
| | | |
|
