Ubuntu
hibagent package

Merge ~mitchdz/ubuntu/+source/hibagent:mitch/bionic-imdsv2 into ubuntu/+source/hibagent:ubuntu/devel

  1. Git
  2. lp:~mitchdz/ubuntu/+source/hibagent
  3. mitch/bionic-imdsv2
  4. Merge into ubuntu/devel
Proposed by Mitchell Dzurick
Status: Superseded
Proposed branch: ~mitchdz/ubuntu/+source/hibagent:mitch/bionic-imdsv2
Merge into: ubuntu/+source/hibagent:ubuntu/devel
Diff against target: 253 lines (+189/-0) (has conflicts)
7 files modified
debian/changelog (+24/-0)
debian/control (+1/-0)
debian/patches/disable-hibernate-test.patch (+4/-0)
debian/patches/do-nothing-if-ODH-is-configured.patch (+77/-0)
debian/patches/lp1896638-set-resume-device-by-partition-uuid.patch (+33/-0)
debian/patches/series (+6/-0)
debian/patches/use-imdsv2.patch (+44/-0)
Conflict in debian/changelog
Conflict in debian/patches/disable-hibernate-test.patch
Conflict in debian/patches/series
Reviewer Review Type Date Requested Status
git-ubuntu import Pending
Review via email: mp+455904@code.launchpad.net
To post a comment you must log in.

Unmerged commits

ad55c07... by Mitchell Dzurick

changelog

4a1d248... by Mitchell Dzurick

d/p/disable-hibernate-test.patch: disable a test that only works on an actual EC2 instance

1f8ebb2... by Mitchell Dzurick

d/p/do-nothing-if-ODH-is-configured.patch: Do nothing if ODH is enabled

fc14b3f... by Mitchell Dzurick

d/p/use-imdsv2.patch: use IMDSv2

b676b27... by Alberto Contreras

changelog

4092f2a... by Alberto Contreras

  * d/p/lp1896638-set-resume-device-by-partition-uuid: Set resume device
    by PARTUUID instead of by name. Thanks to Tony Nie <email address hidden>.
    (LP: #1896638)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 3c8851c..3439e3b 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,4 @@
6+<<<<<<< debian/changelog
7 hibagent (1.0.1+git20230216.9ac1209f7-0ubuntu1) lunar; urgency=medium
8
9 * New upstream snapshot from their `ubuntu` branch (LP: #1896638)
10@@ -15,6 +16,29 @@ hibagent (1.0.1-0ubuntu2) hirsute; urgency=medium
11 * Use Thread.is_alive() for Python 3.9 compatibility and fix FTBFS
12
13 -- Balint Reczey <rbalint@ubuntu.com> Wed, 20 Jan 2021 18:10:31 +0100
14+=======
15+hibagent (1.0.1-0ubuntu1.18.04.2) bionic; urgency=medium
16+
17+ * Use imdsv2 and do nothing if ODH is configured (LP: #2043739).
18+ - d/p/disable-hibernate-test.patch: disable a test that only works on an
19+ actual EC2 instance.
20+ - d/p/use-imdsv2: use IMDSv2 instead of IMDSv1. This is important because
21+ IMDSv1 is an insecure protocol.
22+ - d/control: add python3-requests as Depends.
23+ - d/p/do-nothing-if-ODH-is-configured.patch: do nothing if ODH is configured
24+ this fixes an issue when this package and ec2-hibinit-agent are installed
25+ and configured at the same time.
26+
27+ -- Mitchell Dzurick <mitchell.dzurick@canonical.com> Thu, 16 Nov 2023 16:19:12 -0700
28+
29+hibagent (1.0.1-0ubuntu1.18.04.1) bionic; urgency=medium
30+
31+ * d/p/lp1896638-set-resume-device-by-partition-uuid: Set resume device
32+ by PARTUUID instead of by name. Thanks to Tony Nie <zirann@amazon.com>.
33+ (LP: #1896638)
34+
35+ -- Alberto Contreras <alberto.contreras@canonical.com> Fri, 31 Mar 2023 10:02:42 +0200
36+>>>>>>> debian/changelog
37
38 hibagent (1.0.1-0ubuntu1) bionic; urgency=medium
39
40diff --git a/debian/control b/debian/control
41index 60fac58..eb13a13 100644
42--- a/debian/control
43+++ b/debian/control
44@@ -7,6 +7,7 @@ Build-Depends: debhelper (>= 9),
45 dh-python,
46 python3-all,
47 python3-pytest,
48+ python3-requests,
49 python3-setuptools
50 Standards-Version: 3.9.6
51
52diff --git a/debian/patches/disable-hibernate-test.patch b/debian/patches/disable-hibernate-test.patch
53index 0e2896a..27c86ee 100644
54--- a/debian/patches/disable-hibernate-test.patch
55+++ b/debian/patches/disable-hibernate-test.patch
56@@ -1,4 +1,8 @@
57+<<<<<<< debian/patches/disable-hibernate-test.patch
58 Description: Skip test needing EC2 instance
59+=======
60+IDescription: Skip test needing EC2 instance
61+>>>>>>> debian/patches/disable-hibernate-test.patch
62 The polling test now actually needs to be run on an EC2 instance as it tries
63 to contact an HTTP endpoint on a hardcoded link-local IP that matches the monitoring
64 system at AWS. We don't have this in our builders or autopkgtests.
65diff --git a/debian/patches/do-nothing-if-ODH-is-configured.patch b/debian/patches/do-nothing-if-ODH-is-configured.patch
66new file mode 100644
67index 0000000..8be4ec2
68--- /dev/null
69+++ b/debian/patches/do-nothing-if-ODH-is-configured.patch
70@@ -0,0 +1,77 @@
71+Description: Update the Spot hibernate agent to do nothing if ODH is configured
72+Author: Jeongin Cho <achojeon@amazon.com>
73+Origin: upstream, https://github.com/aws/ec2-hibernate-linux-agent/commit/2ee4ae3fd1333fb3c9aab25bf02b109c3b7b8d9f
74+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/hibagent/+bug/2043739
75+Last-Update: 2023-11-16
76+---
77+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
78+--- a/agent/hibagent
79++++ b/agent/hibagent
80+@@ -18,6 +18,7 @@
81+ import struct
82+ import sys
83+ import syslog
84++import requests
85+ from subprocess import check_call, check_output
86+ from threading import Thread
87+ from math import ceil
88+@@ -39,6 +40,9 @@
89+ log_to_syslog = True
90+ log_to_stderr = True
91+
92++IMDS_BASEURL = 'http://169.254.169.254'
93++IMDS_API_TOKEN_PATH = 'latest/api/token'
94++IMDS_SPOT_ACTION_PATH = 'latest/meta-data/hibernation/configured'
95+
96+ def log(message):
97+ if log_to_syslog:
98+@@ -511,6 +515,37 @@
99+ log("Failed to adjust pm_freeze_timeout to %d. Error: %s" % (timeout, str(e)))
100+ exit(1)
101+
102++def get_imds_token(seconds=21600):
103++ """ Get a token to access instance metadata. """
104++ log("Requesting new IMDSv2 token.")
105++ request_header = {'X-aws-ec2-metadata-token-ttl-seconds': '{}'.format(seconds)}
106++ token_url = '{}/{}'.format(IMDS_BASEURL, IMDS_API_TOKEN_PATH)
107++ response = requests.put(token_url, headers=request_header)
108++ response.close()
109++ if response.status_code != requests.codes.ok:
110++ return None
111++
112++ return response.text
113++
114++def hibernation_enabled():
115++ """Returns a boolean indicating whether hibernation-option.configured is enabled or not."""
116++
117++ imds_token = get_imds_token()
118++ if imds_token is None:
119++ log("IMDS_V2 http endpoint is disabled")
120++ # IMDS http endpoint is disabled
121++ return False
122++
123++ request_header = {'X-aws-ec2-metadata-token': imds_token}
124++ response = requests.get("{}/{}".format(IMDS_BASEURL, IMDS_SPOT_ACTION_PATH),
125++ headers=request_header)
126++ response.close()
127++ if response.status_code != requests.codes.ok or response.text.lower() == "false":
128++ return False
129++
130++ log("Hibernation Configured Flag found")
131++
132++ return True
133+
134+ def main():
135+ # Parse arguments
136+@@ -550,6 +585,11 @@
137+
138+ log("Effective config: %s" % config)
139+
140++ # Let's first check if we need to kill the Spot Hibernate Agent
141++ if hibernation_enabled():
142++ log("Spot Instance Launch has enabled Hibernation Configured Flag. hibagent exiting!!")
143++ exit(0)
144++
145+ target_swap_size = config.swap_mb * 1024 * 1024
146+ ram_bytes = os.sysconf('SC_PAGE_SIZE') * os.sysconf('SC_PHYS_PAGES')
147+ swap_percentage_size = ram_bytes * config.swap_percentage // 100
148diff --git a/debian/patches/lp1896638-set-resume-device-by-partition-uuid.patch b/debian/patches/lp1896638-set-resume-device-by-partition-uuid.patch
149new file mode 100644
150index 0000000..39ef202
151--- /dev/null
152+++ b/debian/patches/lp1896638-set-resume-device-by-partition-uuid.patch
153@@ -0,0 +1,33 @@
154+From: Tony Nie <zirann@amazon.com>
155+Subject: Set resume device by PARTUUID instead of by device name
156+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ec2-hibinit-agent/+bug/1896638
157+Origin: upstream, https://github.com/aws/ec2-hibernate-linux-agent/commit/43636fcf
158+---
159+ agent/hibagent | 7 +++++++
160+ 1 file changed, 7 insertions(+)
161+
162+Index: b/agent/hibagent
163+===================================================================
164+--- a/agent/hibagent 2023-03-24 13:12:50.192981414 +0100
165++++ b/agent/hibagent 2023-03-24 13:17:13.151025129 +0100
166+@@ -99,6 +99,11 @@ def get_swap_space():
167+ return int(lines[0].split()[2]) * 1024
168+
169+
170++def get_partuuid(device):
171++ return check_output(
172++ ['lsblk', '-dno', 'PARTUUID', device]).decode('ascii').strip()
173++
174++
175+ def patch_grub_config(swap_device, offset, grub_file, grub2_dir):
176+ log("Updating GRUB to use the device %s with offset %d for resume" % (swap_device, offset))
177+ lines = []
178+@@ -128,6 +133,8 @@ def patch_grub_config(swap_device, offse
179+ # Do GRUB2 update as well
180+ if grub2_dir and os.path.exists(grub2_dir):
181+ offset_file = os.path.join(grub2_dir, '99-set-swap.cfg')
182++ if swap_device.startswith("/dev"):
183++ swap_device = "PARTUUID=%s" % get_partuuid(swap_device)
184+ if not os.path.exists(offset_file):
185+ with open(offset_file, 'w') as fl:
186+ fl.write('GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT no_console_suspend=1 '
187diff --git a/debian/patches/series b/debian/patches/series
188index 5568008..4b29cf9 100644
189--- a/debian/patches/series
190+++ b/debian/patches/series
191@@ -6,6 +6,12 @@ detect-hibernate-cmd-by-default.patch
192 use-sh-for-init-scripts.patch
193 add-lsb-init-info.patch
194 fix-enable-ec2-spot-hibernation.patch
195+<<<<<<< debian/patches/series
196 0009-Use-Thread.is_alive-for-Python-3.9-compatibility.patch
197 setuptools-fix-package-discovery.patch
198+=======
199+lp1896638-set-resume-device-by-partition-uuid.patch
200+use-imdsv2.patch
201+do-nothing-if-ODH-is-configured.patch
202+>>>>>>> debian/patches/series
203 disable-hibernate-test.patch
204diff --git a/debian/patches/use-imdsv2.patch b/debian/patches/use-imdsv2.patch
205new file mode 100644
206index 0000000..6c91a91
207--- /dev/null
208+++ b/debian/patches/use-imdsv2.patch
209@@ -0,0 +1,44 @@
210+Description: IMDS V2 updates
211+Author: shivasan@ <shivasan@amazon.com>
212+Origin: upstream, https://github.com/aws/ec2-hibernate-linux-agent/commit/559558f28de4456f14b38539eed967df6e1f9217
213+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/hibagent/+bug/2043739
214+Last-Update: 2023-11-16
215+---
216+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
217+--- a/agent/hibagent
218++++ b/agent/hibagent
219+@@ -315,16 +315,28 @@
220+
221+ def poll_for_termination(self):
222+ # noinspection PyBroadException
223+- response = None
224++ response1 = None
225++ response2 = None
226+ try:
227+- response = urlopen(self.url)
228+- res_str = response.read()
229+- return b"hibernate" in res_str
230++ request1 = Request("http://169.254.169.254/latest/api/token")
231++ request1.add_header('X-aws-ec2-metadata-token-ttl-seconds', '21600')
232++ request1.get_method = lambda:"PUT"
233++ response1 = urlopen(request1)
234++
235++ token = response1.read()
236++
237++ request2 = Request(self.url)
238++ request2.add_header('X-aws-ec2-metadata-token', token)
239++ response2 = urlopen(request2)
240++ res = response2.read()
241++ return b"hibernate" in res
242+ except:
243+ return False
244+ finally:
245+- if response:
246+- response.close()
247++ if response1:
248++ response1.close()
249++ if response2:
250++ response2.close()
251+
252+ def do_hibernate(self):
253+ log("Attempting to hibernate")

Subscribers

People subscribed via source and target branches