~harald-jensas/cloud-init:bug/1806014

Branch merges

Propose for merging

Superseded for merging into cloud-init:master

Ryan Harper: Needs Fixing on 2019-10-16

Diff: 357 lines (+206/-6)

5 files modified

cloudinit/net/eni.py (+10/-0)
cloudinit/net/netplan.py (+4/-1)
cloudinit/net/network_state.py (+8/-4)
cloudinit/net/sysconfig.py (+9/-1)
tests/unittests/test_net.py (+175/-0)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

b00b0e1... by Harald Jensås on 2019-10-14

net: IPv6, accept_ra, slaac, stateless

Router advertisements are required for the default route
to be set up, thus accept_ra should be enabled for
dhcpv6-stateful.

sysconf: IPV6_FORCE_ACCEPT_RA controls accept_ra sysctl.
eni: mode static and mode dhcp 'accept_ra' controls sysctl.

Add 'accept-ra: true|false' parameter to config v1 and
v2. When True: accept_ra is set to '1'. When False:
accept_ra is set to '0'. When not defined in config the
value is left to the operating system default.

This change also extend the IPv6 support to distinguish
between slaac and dhcpv6-stateless. SLAAC is autoconfig
without any options from DHCP, while stateless auto-configures
the address and the uses DHCP for other options.

LP: #1806014
LP: #1808647

e813895... by Mike Gerdts on 2019-10-31

DataSourceSmartOS: reconfigure network on each boot

In typical cases, SmartOS does not use DHCP for network configuration.
As such, if the network configuration changes that is reflected in
metadata and will be picked up during the next boot.

LP: #1765801
Joyent: OS-6902 reconfigure network on each boot

45ea695... by Pavel Zakharov <email address hidden> on 2019-10-31

Add config for ssh-key import and consuming user-data

This patch enables control over SSH public-key import and
discarding supplied user-data (both disabled by default).

  allow-userdata: false
  ssh:
    allow_public_ssh_keys: false

This feature enables closed appliances to prevent customers
from unintentionally breaking the appliance which were
not designed for user interaction.

The downstream change for this is here:
  https://github.com/delphix/cloud-init/pull/4

fcc92ad... by Harald Jensås on 2019-10-31

net: fix subnet_is_ipv6() for stateless|stateful

Function return false for ipv6_dhcpv6-stateless|stateful,
the eni renderer does not add '6' to 'inet' which is
incorrect.

The subnet_is_ipv6() function is updated to also return
true if startswith('ipv6').

LP: #1848690

a61ee02... by Xiaofeng Wang on 2019-10-31

OVF: disable custom script execution by default

For security concern, we disable the custom script
by default.If a custom script is provided, stop
customization unless the custom script is explicitly
enabled by tools config.

d3e71b5... by Matthias Baur <email address hidden> on 2019-10-31

cc_puppet: Implement csr_attributes.yaml support

This change adds two new parameters:
* csr_attributes
* csr_attributes_path

Those parameters allow to configure the content of the
csr_attributes.yaml file.

See https://puppet.com/docs/puppet/latest/config_file_csr_attributes.html

8888ca1... by Ryan Harper on 2019-10-31

cloud-init.service: on centos/fedora/redhat wait on NetworkManager.service

In Centos/RHEL 8, NetworkManager is installed as the networking service.
cloud-init.service needs to run After this service to allow the OS to
bring networking up first.

LP: #1843334

e1b4b8c... by Sam Eiderman on 2019-10-29

azure: Do not lock user on instance id change

After initial boot ovf-env.xml is copied to agent dir
(/var/lib/waagent/) with REDACTED password.
On subsequent boots DataSourceAzure loads with a configuration where the
user specified in /var/lib/waagent/ovf-env.xml is locked.
If instance id changes, cc_users_groups action will lock the user.

Fix this behavior by not locking the user if its password is REDACTED.

LP: #1849677

f1c788e... by Ryan Harper on 2019-10-24

net/netplan: use ipv6-mtu key for specifying ipv6 mtu values

netplan introduced an 'info' subcommand which emits yaml describing
implemented features that indicate new or changed fields and values
in the yaml that it accepts. Previously, cloud-init emitted the key
'mtu6' for ipv6 MTU values. This is not correct and netplan will
fail to parse these values. Netplan as of 0.98 supports both the
info subcommand and the ipv6-mtu key.

This branch modifies the netplan renderer to collect the netplan
info output into a 'features' property which is a list of available
feature flags which the renderer can use to modify its output. If
the command is not available, no feature flags are set and
cloud-init will render IPv6 MTU values just as MTU for the subnet.

5bec6b0... by Scott Moser on 2019-10-24

Fix usages of yaml, and move yaml_dump to safeyaml.dumps.

Here we replace uses of the pyyaml module directly with functions
provided by cloudinit.safeyaml. Also, change/move
  cloudinit.util.yaml_dumps
to
  cloudinit.safeyaml.dumps

LP: #1849640