[CentOS-devel] Cloud-init for CentOS?

Nux! nux at li.nux.ro
Mon Jan 27 00:09:41 UTC 2014 

On 26.01.2014 22:47, Nux! wrote:
> On 26.01.2014 20:59, Karanbir Singh wrote:
>> given that cloud-init does work and do the right thing for eucalyptus
>> and openstack ( I've just tested those two ) - what fails for
>> CloudInit
>> ? is the data provider from CS itself incomplete or not hooking into
>> the
>> right place ?
> 
> I have not tested ssh key and/or user data functionality, I believe
> this was already reported to work[1], but from my tests cloud-init 
> never
> makes a request to the virtual router on port 8080 to retrieve the
> password. Why that is, I'll leave it to someone who knows how 
> cloud-init
> works and can read code...
> 
> [1]
> http://shankerbalan.net/blog/ssh-keys-on-cloudstack-guest-instances-using-cloud-init/

Furthermore, cloud-init does seem to be trying various stuff as it can 
be seen from the virtual router's apache logs, but it makes 0 requests 
(verified via tcpdump) to the password service on port 8080:


"GET //latest/meta-data/instance-id HTTP/1.1" 200 241 "-" 
"Cloud-Init/0.7.4"
"GET //latest/user-data HTTP/1.1" 200 222 "-" "Python-urllib/2.6"
"GET //latest/meta-data/ HTTP/1.1" 200 361 "-" "Python-urllib/2.6"
"GET //latest/meta-data/ HTTP/1.1" 200 361 "-" "Python-urllib/2.6"
"GET //latest/meta-data/local-ipv4 HTTP/1.1" 200 236 "-" 
"Python-urllib/2.6"
"GET //latest/meta-data/local-hostname HTTP/1.1" 200 224 "-" 
"Python-urllib/2.6"
"GET //latest/meta-data/public-hostname HTTP/1.1" 200 222 "-" 
"Python-urllib/2.6"
"GET //latest/meta-data/public-keys HTTP/1.1" 200 222 "-" 
"Python-urllib/2.6"
"GET //latest/meta-data/cloud-identifier HTTP/1.1" 200 273 "-" 
"Python-urllib/2.6"
"GET //latest/meta-data/service-offering HTTP/1.1" 200 242 "-" 
"Python-urllib/2.6"
"GET //latest/meta-data/public-ipv4 HTTP/1.1" 200 236 "-" 
"Python-urllib/2.6"
"GET //latest/meta-data/vm-id HTTP/1.1" 200 260 "-" "Python-urllib/2.6"
"GET //latest/meta-data/availability-zone HTTP/1.1" 200 233 "-" 
"Python-urllib/2.6"
"GET //latest/meta-data/instance-id HTTP/1.1" 200 260 "-" 
"Python-urllib/2.6"

The weird thing is that it does indeed change the password, because the 
default password no longer works, but to what, I do not know.

[root at ce ~]# grep -i password /var/log/cloud-init.log
Jan 26 23:46:52 ce [CLOUDINIT] importer.py[DEBUG]: Looking for modules 
['cc_set_passwords', 'cloudinit.config.cc_set_passwords'] that have 
attributes ['handle']
Jan 26 23:46:52 ce [CLOUDINIT] importer.py[DEBUG]: Found 
cc_set_passwords with attributes ['handle'] in 
['cloudinit.config.cc_set_passwords']
Jan 26 23:46:52 ce [CLOUDINIT] util.py[DEBUG]: Writing to 
/var/lib/cloud/instances/e4212973-1224-43f9-aba9-d1582bf8d881/sem/config_set_passwords 
- wb: [420] 20 bytes
Jan 26 23:46:52 ce [CLOUDINIT] util.py[DEBUG]: Restoring selinux mode 
for 
/var/lib/cloud/instances/e4212973-1224-43f9-aba9-d1582bf8d881/sem/config_set_passwords 
(recursive=False)
Jan 26 23:46:52 ce [CLOUDINIT] util.py[DEBUG]: Restoring selinux mode 
for 
/var/lib/cloud/instances/e4212973-1224-43f9-aba9-d1582bf8d881/sem/config_set_passwords 
(recursive=False)
Jan 26 23:46:52 ce [CLOUDINIT] helpers.py[DEBUG]: Running 
config-set-passwords using lock (<FileLock using file 
'/var/lib/cloud/instances/e4212973-1224-43f9-aba9-d1582bf8d881/sem/config_set_passwords'>)
Jan 26 23:46:52 ce [CLOUDINIT] cc_set_passwords.py[DEBUG]: Replacing 
auth line 66 with yes
Jan 26 23:46:52 ce [CLOUDINIT] cc_set_passwords.py[DEBUG]: Restarted 
the ssh daemon
Jan 26 23:51:44 ce [CLOUDINIT] importer.py[DEBUG]: Looking for modules 
['cc_set_passwords', 'cloudinit.config.cc_set_passwords'] that have 
attributes ['handle']
Jan 26 23:51:44 ce [CLOUDINIT] importer.py[DEBUG]: Found 
cc_set_passwords with attributes ['handle'] in 
['cloudinit.config.cc_set_passwords']
Jan 26 23:51:44 ce [CLOUDINIT] helpers.py[DEBUG]: config-set-passwords 
already ran (freq=once-per-instance)
[root at ce ~]# cat 
/var/lib/cloud/instances/e4212973-1224-43f9-aba9-d1582bf8d881/sem/config_set_passwords
1261: 1390780012.61


So, I would say Cloudstack support is incomplete at this time, unless 
someone tells me I need to enable some other module. I'll look up in the 
following days how to hook a script into it, perhaps we can do it this 
way.


-- 
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

More information about the CentOS-devel mailing list