Ubuntu
cloud-init package

gce datasource does not handle instance ssh keys

Bug #1403617 reported by Ben Howard
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init
Fix Released
Medium
Dan Watkins
cloud-init (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

The GCE Datasource pulls the per-project SSH but does not handle the per-instance SSH keys.

The meta-data that it handles is:
        url_map = [
            ('instance-id', 'instance/id', True),
            ('availability-zone', 'instance/zone', True),
            ('local-hostname', 'instance/hostname', True),
            ('public-keys', 'project/attributes/sshKeys', False),
            ('user-data', 'instance/attributes/user-data', False),
        ]

It should also handle:
('public-keys', 'instance/attributes/sshKeys', False),

Related branches

lp:~oddbloke/cloud-init/lp1403617
cloud-init Commiters: Pending requested
Diff: 191 lines (+95/-46)
2 files modified
cloudinit/sources/DataSourceGCE.py (+50/-42)
tests/unittests/test_datasource/test_gce.py (+45/-4)
lp:ubuntu/wily/cloud-init
Ben Howard (darkmuggle-deactivatedaccount)
affects: ubuntu → cloud-init (Ubuntu)
Revision history for this message
Dan Watkins (oddbloke) wrote :

We need to decide how we're going to handle this.

The GCE tooling (and therefore documentation) suggest that if instance-level keys are supplied, then project-level keys are disregarded. Do we want to mirror this?

I'm torn on this one. On the one hand, we already don't match the GCE docs in the way we handle project-level keys so this may be a foolish consistency. On the other hand, this is making our images even more distinct from the GCE standards which is a Bad Thing (TM).

Also, if people are relying on setting instance-level SSH keys to exclude project-level SSH keys, then not mirroring the GCE tooling might make instances unexpectedly insecure.

John Agosta (jagosta)
tags: added: cpc-current-milestone
Dan Watkins (oddbloke)
Changed in cloud-init:
assignee: nobody → Dan Watkins (daniel-thewatkins)
Changed in cloud-init (Ubuntu):
assignee: Dan Watkins (daniel-thewatkins) → nobody
Changed in cloud-init:
status: New → Confirmed
Dan Watkins (oddbloke)
Changed in cloud-init:
status: Confirmed → In Progress
Revision history for this message
Dan Watkins (oddbloke) wrote :

smoser and I had a conversation in #cloud-init about this on Friday.

Our conclusion was that we should mirror what the cloud vendor is doing (i.e. ignore project-level keys if instance-level keys are specified).

We also discussed how we could configure an instance in a project _with_ SSH keys to start _without_ any SSH keys. smoser proposed (a) using the presence of the empty string in the instance sshKeys metadata value. He also noted that (b) creating a fresh key, attaching it as an instance-level SSH key and instantly shredding it would also give the desired behaviour.

I think that this requirement is uncommon enough that (b) should suffice. Furthermore, I can imagine (a) breaking automation that would work with just GCE's daemons (as they just ignore the empty string).

Scott Moser (smoser)
Changed in cloud-init:
importance: Undecided → Medium
Dan Watkins (oddbloke)
Changed in cloud-init:
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 0.7.7~bzr1106-0ubuntu1

---------------
cloud-init (0.7.7~bzr1106-0ubuntu1) wily; urgency=medium

  * New upstream snapshot.
    * Azure: remove strict dependency on walinux-agent, but still utilize
      it for the time being.
    * fix read_seeded that is used in seeding user-data and meta-data
      from additional locations (LP: #1455233)
    * fix bug preventing partitioning of disks in many cases. (LP: #1311463)
    * Azure: do not override hostname if user has set it (LP: #1375252)
    * Fix GCE datasource not handling per-instance SSH keys (LP: #1403617)
    * Allow specifying of uid in user/group config.

 -- Scott Moser <email address hidden> Fri, 15 May 2015 17:04:19 -0400

Changed in cloud-init (Ubuntu):
status: Confirmed → Fix Released
Dan Watkins (oddbloke)
Changed in cloud-init:
status: Fix Committed → Fix Released
Revision history for this message
James Falcon (falcojr) wrote :

Tracked in Github Issues as https://github.com/canonical/cloud-init/issues/2512

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.