Import version 0.7.5-0ubuntu1.5ubuntu/0.7.5-0ubuntu1.5

Imported using git-import-dsc
author: Scott Moser <smoser@brickies.net> 2017-01-10 11:25:27 -0500
committer: Scott Moser <smoser@brickies.net> 2017-01-10 11:25:27 -0500
commit: 670cd160f43cd4d2ff32d03515926a019c966fb8 (patch)
tree: e1c807cae509cb7127805bd21ebc50f142c31e1d
parent: 0c1398edee59a80da08c7262c7fc7981ac0ba488 (diff)
download: cloud-init-git-670cd160f43cd4d2ff32d03515926a019c966fb8.tar.gz
4 files changed, 148 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 0f8c9aeb..95bfb5d7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+cloud-init (0.7.5-0ubuntu1.5) trusty; urgency=medium
+
+  * Backport support for fetching passwords in CloudStack (LP: #1422388).
+  * Fix CloudStack metadata retrieval (LP: #1356855).
+
+ -- Daniel Watkins <daniel.watkins@canonical.com>  Wed, 11 Mar 2015 10:57:10 -0600
+
 cloud-init (0.7.5-0ubuntu1.4) trusty; urgency=medium
 
   [ Ben Howard ]
diff --git a/debian/patches/lp-1356855-fix-cloudstack-metadata.patch b/debian/patches/lp-1356855-fix-cloudstack-metadata.patch
new file mode 100644
index 00000000..aafef7f0
--- /dev/null
+++ b/debian/patches/lp-1356855-fix-cloudstack-metadata.patch
@@ -0,0 +1,20 @@
+Description: Backport CloudStack metadata fix.
+ CloudStack requires a trailing slash for its EC2 "compatible" metadata
+ service.
+Author: Daniel Watkins <daniel.watkins@canonical.com>
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1356855
+Last-Update: 2015-02-25
+
+--- cloud-init-0.7.5.orig/cloudinit/ec2_utils.py
++++ cloud-init-0.7.5/cloudinit/ec2_utils.py
+@@ -166,7 +166,9 @@ def get_instance_metadata(api_version='l
+                           metadata_address='http://169.254.169.254',
+                           ssl_details=None, timeout=5, retries=5):
+     md_url = url_helper.combine_url(metadata_address, api_version)
+-    md_url = url_helper.combine_url(md_url, 'meta-data')
++    # Note, 'meta-data' explicitly has trailing /.
++    # this is required for CloudStack (LP: #1356855)
++    md_url = url_helper.combine_url(md_url, 'meta-data/')
+     caller = functools.partial(util.read_file_or_url,
+                                ssl_details=ssl_details, timeout=timeout,
+                                retries=retries)
diff --git a/debian/patches/lp-1422388-cloudstack-passwords.patch b/debian/patches/lp-1422388-cloudstack-passwords.patch
new file mode 100644
index 00000000..cf960212
--- /dev/null
+++ b/debian/patches/lp-1422388-cloudstack-passwords.patch
@@ -0,0 +1,119 @@
+Description: Backport CloudStack password support.
+Author: Daniel Watkins <daniel.watkins@canonical.com>
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1422388
+Last-Update: 2015-02-25
+
+--- a/cloudinit/sources/DataSourceCloudStack.py
++++ b/cloudinit/sources/DataSourceCloudStack.py
+@@ -27,6 +27,8 @@
+ import os
+ import time
+ 
++from six.moves import http_client
++
+ from cloudinit import ec2_utils as ec2
+ from cloudinit import log as logging
+ from cloudinit import sources
+@@ -38,6 +40,54 @@
+ LOG = logging.getLogger(__name__)
+ 
+ 
++class CloudStackPasswordServerClient(object):
++    """
++    Implements password fetching from the CloudStack password server.
++
++    http://cloudstack-administration.readthedocs.org/en/latest/templates.html#adding-password-management-to-your-templates
++    has documentation about the system.  This implementation is following that
++    found at
++    https://github.com/shankerbalan/cloudstack-scripts/blob/master/cloud-set-guest-password-debian
++
++    The CloudStack password server is, essentially, a broken HTTP
++    server. It requires us to provide a valid HTTP request (including a
++    DomU_Request header, which is the meat of the request), but just
++    writes the text of its response on to the socket, without a status
++    line or any HTTP headers.  This makes HTTP libraries sad, which
++    explains the screwiness of the implementation of this class.
++
++    This should be fixed in CloudStack by commit
++    a72f14ea9cb832faaac946b3cf9f56856b50142a in December 2014.
++    """
++
++    def __init__(self, virtual_router_address):
++        self.virtual_router_address = virtual_router_address
++
++    def _do_request(self, domu_request):
++        # We have to provide a valid HTTP request, but a valid HTTP
++        # response is not returned. This means that getresponse() chokes,
++        # so we use the socket directly to read off the response.
++        # Because we're reading off the socket directly, we can't re-use the
++        # connection.
++        conn = http_client.HTTPConnection(self.virtual_router_address, 8080)
++        try:
++            conn.request('GET', '', headers={'DomU_Request': domu_request})
++            conn.sock.settimeout(30)
++            output = conn.sock.recv(1024).decode('utf-8').strip()
++        finally:
++            conn.close()
++        return output
++
++    def get_password(self):
++        password = self._do_request('send_my_password')
++        if password in ['', 'saved_password']:
++            return None
++        if password == 'bad_request':
++            raise RuntimeError('Error when attempting to fetch root password.')
++        self._do_request('saved_password')
++        return password
++
++
+ class DataSourceCloudStack(sources.DataSource):
+     def __init__(self, sys_cfg, distro, paths):
+         sources.DataSource.__init__(self, sys_cfg, distro, paths)
+@@ -45,10 +95,11 @@
+         # Cloudstack has its metadata/userdata URLs located at
+         # http://<virtual-router-ip>/latest/
+         self.api_ver = 'latest'
+-        vr_addr = get_vr_address()
+-        if not vr_addr:
++        self.vr_addr = get_vr_address()
++        if not self.vr_addr:
+             raise RuntimeError("No virtual router found!")
+-        self.metadata_address = "http://%s/" % (vr_addr)
++        self.metadata_address = "http://%s/" % (self.vr_addr,)
++        self.cfg = {}
+ 
+     def _get_url_settings(self):
+         mcfg = self.ds_cfg
+@@ -92,6 +143,9 @@
+ 
+         return bool(url)
+ 
++    def get_config_obj(self):
++        return self.cfg
++
+     def get_data(self):
+         seed_ret = {}
+         if util.read_optional_seed(seed_ret, base=(self.seed_dir + "/")):
+@@ -109,6 +163,22 @@
+                                                       self.metadata_address)
+             LOG.debug("Crawl of metadata service took %s seconds",
+                       int(time.time() - start_time))
++            password_client = CloudStackPasswordServerClient(self.vr_addr)
++            try:
++                set_password = password_client.get_password()
++            except Exception:
++                util.logexc(LOG,
++                            'Failed to fetch password from virtual router %s',
++                            self.vr_addr)
++            else:
++                if set_password:
++                    self.cfg = {
++                        'ssh_pwauth': True,
++                        'password': set_password,
++                        'chpasswd': {
++                            'expire': False,
++                        },
++                    }
+             return True
+         except Exception:
+             util.logexc(LOG, 'Failed fetching from metadata service %s',
diff --git a/debian/patches/series b/debian/patches/series
index dd6aad96..d5b3ff16 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,5 @@ lp-1336855-grub_xvda.patch
 lp-1383794-gce-short_name.patch
 lp-1404311-gce-data_encoding.patch
 lp-1422919-azure-g5_ephemeral.patch
+lp-1422388-cloudstack-passwords.patch
+lp-1356855-fix-cloudstack-metadata.patch
author	Scott Moser <smoser@brickies.net>	2017-01-10 11:25:27 -0500
committer	Scott Moser <smoser@brickies.net>	2017-01-10 11:25:27 -0500
commit	670cd160f43cd4d2ff32d03515926a019c966fb8 (patch)
tree	e1c807cae509cb7127805bd21ebc50f142c31e1d
parent	0c1398edee59a80da08c7262c7fc7981ac0ba488 (diff)
download	cloud-init-git-670cd160f43cd4d2ff32d03515926a019c966fb8.tar.gz