cloud-images

missing ovf property in ova templates

Bug #2018225 reported by Vincent
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
cloud-images
New
Undecided
Unassigned

Bug Description

[ Impact ]

 * Tools with validation will refuse unknown ovf properties

 * Unable to set network configuration with these tools

[ Test Plan ]

 * Download an ova from https://cloud-images.ubuntu.com (i.ex: https://cloud-images.ubuntu.com/releases/23.04/release/ubuntu-23.04-server-cloudimg-amd64.ova)

 * Open the ova with an editor or a tool to read ova files

 * /Envelope/VirtualSystem/ProductSection/Property no property with attribute ovf:key="network-config"

[ Where problems could occur ]

* My case is Terraform Provider for VMware vSphere which validates ovf properties and refuse to deploy a virtual machine with "unsupported vApp properties".

[ Original description ]

There are missing ovf property in the generated ova cloud images available on https://cloud-images.ubuntu.com.

For exemple: https://cloud-images.ubuntu.com/releases/23.04/release/ubuntu-23.04-server-cloudimg-amd64.ova
The only properties are "instance-id", "hostname", "seedfrom", "public-keys", "user-data" and "password".
But you can also set "network-config" (not in the list) which is used by cloud-init to configure the network.

Why is it a problem if I can just set it? Because some tools will do validation and prevent me from setting "network-config".
I could just modify the xml to add the missing property but I would have to automate it when it could be done in the upstream.

Also I don't know if there are more properties that are missing.

See original description
Vincent (vinrobot)
description: updated
Revision history for this message
John Chittum (jchittum) wrote :

Is the request for essentially:

      <Property ovf:key="password" ovf:type="string" ovf:userConfigurable="true" ovf:value="">
          <Label>Default User's password</Label>
          <Description>If set, the default user's password will be set to this value to allow password based login. The password will be good for only a single login. If set to the string 'RANDOM' then a random password will be generated, and written to the console.</Description>
      </Property>

but for network? like

      <Property ovf:key="network-config" ovf:type="string" ovf:userConfigurable="true" ovf:value="">
          <Label>Default network-config</Label>
          <Description>A totally relevant description.</Description>
      </Property>

code link:

https://git.launchpad.net/livecd-rootfs/tree/live-build/ubuntu-cpc/hooks.d/base/ovf/ubuntu-ova-v1-cloudcfg-vmdk.tmpl

Revision history for this message
John Chittum (jchittum) wrote :

Or, i guess, is the Terraform template downloading an OVA, and then editing the OVF. and if something is missing, then Terraform chokes?

in which case, it feels more like a Terraform bug, where essentially: "if a property is missing in the section, write the property." I don't know the provider well enough to comment here.

There is a chance of regression in that adding any property could cause previous uses to no longer configure network properly

Revision history for this message
Vincent (vinrobot) wrote :

It's effectively to add the missing property in the ovf definition (ref example code), and also maybe identify other missing properties, but I don't think it's worth searching them.

I also opened an issue on the vSphere provider but it's different.

example code:
https://github.com/canonical/cloud-init/blob/main/doc/sources/ovf/example/ubuntu-server.ovf#L51

Revision history for this message
Vincent (vinrobot) wrote (last edit ):

Not sure if there is a chance of regression because the property is used even if it's not defined in the ovf file.
With the added property, tools that validates the given properties against the ovf will now accept the network-config rather than reporting an error, this include all tools that use validation not only the vSphere provider.

Revision history for this message
Brandon Peterson (brandonp42) wrote :

Hi,

I just ran into this problem as well and hope the OVF file can be fixed officially. In the meantime I manually added the missing section and re-packaged the OVA file per instructions from https://www.virtualhome.blog/2019/11/29/how-to-modify-an-ova-appliance-file/

Here's what I added to the OVF file (right after the user-data section):

      <Property ovf:key="network-config" ovf:type="string" ovf:userConfigurable="true" ovf:value="">
          <Label>Encoded network-config</Label>
          <Description>In order to fit into a xml attribute, this value is base64 encoded . It will be decoded, and then processed normally as network-config.</Description>
      </Property>

FWIW I agree that the regression concern seems like a low risk at face value because as Vincent says everything is already in place to process it, this is just adding the missing part to the xml file so it can be used with Terraform/vSphere.

HTH,
Brandon

Revision history for this message
Ben Harris (bjh21) wrote :

I was about to request this for a slightly different reason: I recently wanted to override the network configuration on a VM created in vCenter using the OVA-format cloud image (specifically the Ubuntu 22.04 LTS (Jammy Jellyfish) release [20231010] image). I discovered by reading the cloud-init sources that I could set the "network-config" property, and was then able to add that property using vCenter before booting the VM for the first time.

If the property had been defined in the OVF file, vCenter would have prompted for the property while creating the VM, which would have made the feature both more discoverable and easier to use.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.