Last commit made on 2017-01-24
Get this branch:
git clone -b fedora/1151824 https://git.launchpad.net/~larsks/cloud-init
Only Lars Kellogg-Stedman can upload to this branch. If you are Lars Kellogg-Stedman please log in for upload directions.

Branch merges

Branch information


Recent commits

10f1c1c... by Lars Kellogg-Stedman

Add 3 ecdsa-sha2-nistp* ssh key types now that they are standardized

cloud-init adds ssh_authorized_keys to the default user fedora and to
root but for root it disables the keys with a prefix command.
However, if the key is of type ecdsa-sha2-nistp521, it is not parsed
correctly, and the prefix command is not prepended.

Resolves: rhbz#1151824
LP: #1658174

b71592c... by Andrew Jorgensen

EC2: Do not cache security credentials on disk

On EC2, instance metadata can include credentials that remain valid for as
much as 6 hours. Reading these and allowing them to be pickled represents
a potential vulnerability if a snapshot of the disk is taken and shared as
part of an AMI.

This skips security-credentials when walking the meta-data tree.

LP: #1638312
Reviewed-by: Ian Weller <email address hidden>
Reviewed-by: Ben Cressey <email address hidden>
Reported-by: Kyle Barnes <email address hidden>

145410f... by "Erik M. Bray" <email address hidden>

doc: Fix typos and clarify some aspects of the part-handler

The existing documentation referred to a handle_type method when it
really should be handle_part. It also referred to 'methods' when it
really should say 'functions' to be clear (while it's true the built-in
handlers are classes with methods of these names, in this context we
mean module-level functions).

Also clarified that a part-handler should come before the parts that
it handles, and can override built-in handlers.

47680bd... by Scott Moser

doc: add some documentation on OpenStack datasource.

This just fills out some of the documentation on the OpenStack datasource.

4cf53f1... by Lars Kellogg-Stedman

OpenStack: Use timeout and retries from config in get_data.

This modifies get_data in DataSourceOpenStack.py to get the timeout
and retries values from the data source configuration, rather than
from keyword arguments. This permits get_data to use the same timeout
as other methods, and allows an operator to increase the timeout in
environments where the metadata service takes longer than five seconds
to respond.

LP: #1657130
Resolves: rhbz#1408589

8ddb571... by Sankar Tanguturi

Fixed Misc issues related to VMware customization.

- staticIPV4 property can be either None or a valid Array. Need to
  check for None before accessing the ip address.
- Modified few misc. log messages.
- Added a new log message while waiting for the customization config file.
- Added support to configure the maximum amount of time to wait for the
  customization config file.
- VMware Customization Support is provided only for DataSourceOVF class and
  not for any other child classes. Implemented a new variable
  vmware_customization_supported to check whether the 'VMware Customization'
  support is available for a specific datasource or not.
- Changed the function get_vmware_cust_settings to get_max_wait_from_cfg.
- Removed the code that does 'ifdown and iup' in NIC configurator.

e227439... by Jeremy BĂ­cha

Fix minor docs typo: perserve > preserve

a3daf18... by Lars Kellogg-Stedman

Use dnf instead of yum when available

Recent fedora releases use "dnf" instead of "yum" for package
management. While there is a compatible "yum" cli available, there's
no guarantee that it will be available.

With this patch, cloud-init will check for /usr/bin/dnf and use that
if it exists instead of yum.

rhbz: https://bugzilla.redhat.com/show_bug.cgi?id=1194451
LP: #1647118

e55ff8f... by Scott Moser

validate-yaml: use python rather than explicitly python3

The change here is to use '/usr/bin/env python' in validate-yaml.py
as all other tools/*.py do.

Additionally, change the Makefile to invoke validate-yaml.py with
the python that it has selected for other things (PYVER).

a1b185d... by Scott Moser

Get early logging logged, including failures of cmdline url.

Failures to load the kernel command line's url (cloud-config-url=)
would previously get swallowed. This should make it much more
obvious when that happens. With logging going to expected places
at sane levels (WARN will go to stderr by default).