cloud-init

Bug #1806504
Comment #1

Comment 1 for bug 1806504

Revision history for this message

Jack Chen (scsvip) wrote on 2018-12-04:

Could you guys please help figure out the overwriting rules used in juju user-data?
I tested `write_files` section defined under cloud.cfg.d/ is not override by juju user-data.
Currently I use `write_files` to write my scripts into `/var/lib/cloud/instance/scripts/part-001` to customize juju deployed machine. But it's hack and not straight forward.

```
# cat /var/lib/cloud/instance/user-data.txt.i
Content-Type: multipart/mixed; boundary="===============0252242156900375939=="
MIME-Version: 1.0
Number-Attachments: 1

--===============0252242156900375939==
MIME-Version: 1.0
Content-Type: text/cloud-config
Content-Disposition: attachment; filename="part-001"

#cloud-config
apt_mirror: ""
bootcmd:
- |-
  printf '%s\n' 'Acquire::http::Proxy::"127.0.0.1" "DIRECT";
  Acquire::https::Proxy::"127.0.0.1" "DIRECT";
  Acquire::ftp::Proxy::"127.0.0.1" "DIRECT";
  Acquire::http::Proxy::"localhost" "DIRECT";
  Acquire::https::Proxy::"localhost" "DIRECT";
  Acquire::ftp::Proxy::"localhost" "DIRECT";
  Acquire::http::Proxy::"::1" "DIRECT";
  Acquire::https::Proxy::"::1" "DIRECT";
  Acquire::ftp::Proxy::"::1" "DIRECT";' > /etc/apt/apt.conf.d/95-juju-proxy-settings
output:
  all: '| tee -a /var/log/cloud-init-output.log'
package_update: true
package_upgrade: true
packages:
- bridge-utils
- curl
- cpu-checker
- bridge-utils
- cloud-utils
- tmux
- ubuntu-fan
runcmd:
- set -xe
- |-
  mkdir -p '/var/lib/juju'
  cat > '/var/lib/juju/MAASmachine.txt' << 'EOF'
  'hostname: vm6
  '
  EOF
  chmod 0755 '/var/lib/juju/MAASmachine.txt'
- set -xe
- install -D -m 644 /dev/null '/etc/systemd/system/juju-clean-shutdown.service'
- |-
  printf '%s\n' '
  [Unit]
  Description=Stop all network interfaces on shutdown
  DefaultDependencies=false
  After=final.target

  [Service]
  Type=oneshot
  ExecStart=/sbin/ifdown -a -v --force
  StandardOutput=tty
  StandardError=tty

  [Install]
  WantedBy=final.target
  ' > '/etc/systemd/system/juju-clean-shutdown.service'
- /bin/systemctl enable '/etc/systemd/system/juju-clean-shutdown.service'
- install -D -m 644 /dev/null '/var/lib/juju/nonce.txt'
- printf '%s\n' 'machine-0:a095a350-3630-47f3-8c0b-a49f741c7bf9' > '/var/lib/juju/nonce.txt'
- test -n "$JUJU_PROGRESS_FD" || (exec {JUJU_PROGRESS_FD}>&2) 2>/dev/null && exec
  {JUJU_PROGRESS_FD}>&2 || JUJU_PROGRESS_FD=2
- '[ -e /etc/profile.d/juju-proxy.sh ] || printf ''\n# Added by juju\n[ -f "/etc/juju-proxy.conf"
  ] && . "/etc/juju-proxy.conf"\n'' >> /etc/profile.d/juju-proxy.sh'
- mkdir -p /var/lib/juju/locks
- (id ubuntu &> /dev/null) && chown ubuntu:ubuntu /var/lib/juju/locks
- mkdir -p /var/log/juju
- chown syslog:adm /var/log/juju
- bin='/var/lib/juju/tools/2.4.1.1-xenial-amd64'
- mkdir -p $bin
- echo 'Fetching Juju agent version 2.4.1.1 for amd64' >&$JUJU_PROGRESS_FD
- |2-

n=1
while true; do

printf "Attempt $n to download agent binaries from %s...\n" 'https://10.10.25.44:17070/model/a8436d07-e82f-4ef0-878c-d95d05f57a13/tools/2.4.1.1-xenial-amd64'
curl -sSfw 'agent binaries from %{url_effective} downloaded: HTTP %{http_code}; time %{time_total}s; size %{size_download} bytes; speed %{speed_download} bytes/s ' --connect-timeout 20 --noproxy "*" --insecure -o $bin/tools.tar.gz 'https://10.10.25.44:17070/model/a8436d07-e82f-4ef0-878c-d95d05f57a13/tools/2.4.1.1-xenial-amd64' && echo "Agent binaries downloaded successfully." && break

printf "Attempt $n to download agent binaries from %s...\n" 'https://172.17.0.1:17070/model/a8436d07-e82f-4ef0-878c-d95d05f57a13/tools/2.4.1.1-xenial-amd64'
curl -sSfw 'agent binaries from %{url_effective} downloaded: HTTP %{http_code}; time %{time_total}s; size %{size_download} bytes; speed %{speed_download} bytes/s ' --connect-timeout 20 --noproxy "*" --insecure -o $bin/tools.tar.gz 'https://172.17.0.1:17070/model/a8436d07-e82f-4ef0-878c-d95d05f57a13/tools/2.4.1.1-xenial-amd64' && echo "Agent binaries downloaded successfully." && break

      echo "Download failed, retrying in 15s"
      sleep 15
      n=$((n+1))
  done
- sha256sum $bin/tools.tar.gz > $bin/juju2.4.1.1-xenial-amd64.sha256
- grep '4d3f96279468c91c148cebfc1d20923dc4260ccf6f38d1074c7306f9c02a132c' $bin/juju2.4.1.1-xenial-amd64.sha256
  || (echo "Tools checksum mismatch"; exit 1)
- tar zxf $bin/tools.tar.gz -C $bin
- printf %s '{"version":"2.4.1.1-xenial-amd64","url":"https://10.10.25.44:17070/model/a8436d07-e82f-4ef0-878c-d95d05f57a13/tools/2.4.1.1-xenial-amd64","sha256":"4d3f96279468c91c148cebfc1d20923dc4260ccf6f38d1074c7306f9c02a132c","size":26292924}'
  > $bin/downloaded-tools.txt
- mkdir -p '/var/lib/juju/agents/machine-2'
- |-
  cat > '/var/lib/juju/agents/machine-2/agent.conf' << 'EOF'
  # format 2.0
  tag: machine-2
  datadir: /var/lib/juju
  logdir: /var/log/juju
  metricsspooldir: /var/lib/juju/metricspool
  nonce: machine-0:a095a350-3630-47f3-8c0b-a49f741c7bf9
  jobs:
  - JobHostUnits
  upgradedToVersion: 2.4.1.1
  cacert: |
    -----BEGIN CERTIFICATE-----
    MIIDrDCCApSgAwIBAgIUUwWywtde/IZap4RTMIdw/cmdNfgwDQYJKoZIhvcNAQEL
    BQAwbjENMAsGA1UEChMEanVqdTEuMCwGA1UEAwwlanVqdS1nZW5lcmF0ZWQgQ0Eg
    Zm9yIG1vZGVsICJqdWp1LWNhIjEtMCsGA1UEBRMkM2M2MThlMzQtMzc2YS00NmQ5
    LThiYTAtMzIwNTgxMzkzZGU1MB4XDTE4MTEyNjE1NTgwNloXDTI4MTIwMzE1NTgw
    NVowbjENMAsGA1UEChMEanVqdTEuMCwGA1UEAwwlanVqdS1nZW5lcmF0ZWQgQ0Eg
    Zm9yIG1vZGVsICJqdWp1LWNhIjEtMCsGA1UEBRMkM2M2MThlMzQtMzc2YS00NmQ5
    LThiYTAtMzIwNTgxMzkzZGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
    AQEA2Y9PQB9AaYVpv4T/A4W4Qeq8lSPN+xAurZEI0k8lpGpIHQbjTb8m1oToTS2D
    bOE3M7dzY8BN3AdVPIDq8xBynxm6C7mbMYqiUWPBR9+CPeC2kpFKN7Nz5gr/D1qP
    Ftrkbwp6NlkCLnZSLBkKtuFjtFsnjIqewve3jcIk9ycIvESMxn3RyJnbL7DQd9sn
    DAot5f13DaTgM1A2HmDIMn3dX1/73UzTBiLZGWeYEBZKKfOsOEdHvjdnj9sAvO8Z
    k+QjKDctj98bdK+tOPGzFyrvswdiySySpyeiiZmMJ0Q1lCQmat6bSRNIZuS4k2nM
    qeBNGm8FQPh/wvd7Yh6ipV8gYQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAqQwDwYD
    VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUkuB2CxzBekUh/6k4RRnxi9Bz7igwDQYJ
    KoZIhvcNAQELBQADggEBAFXhsA4SsGJuRwk0Ix5XmYTk9riq6TC4OXs5c9huI6v3
    FIwzNnuO76eH0PhbFmqzT61X14NCZwObqWsTBfKRjiDLnuuyEDObtN7mcxt1+R7p
    cARNYrZzICAE2ka4jz7/zpl6uNxcutSDgKBK+FZtJnd9e72xUsqwdjMwgY0824EI
    Sra3dPh53OZp//9iHi6gt6ojhPc9mH3gl7FTSG7teL0M0/8A3yHJT7SJAq4Wfjv9
    xXgnW7/kw5Pa3oy497ArPWmcLTY7VOQQDSJMvfd7wa1avB68o8Sic3+LG9hLPzBF
    Wxi0hNxNddwEsF/qK1DJUuaL6ccZhIX4xELscHAhVt8=
    -----END CERTIFICATE-----
  controller: controller-dac47f55-ecda-4348-8baa-841c9ea3951b
  model: model-a8436d07-e82f-4ef0-878c-d95d05f57a13
  apiaddresses:
  - 10.10.25.44:17070
  oldpassword: MlpPswW4LHHM1/wcgzjYifz8
  values:
    AGENT_SERVICE_NAME: jujud-machine-2
    CONTAINER_TYPE: ""
    PROVIDER_TYPE: maas
  mongoversion: "0.0"

  EOF
- chmod 0600 '/var/lib/juju/agents/machine-2/agent.conf'
- ln -s 2.4.1.1-xenial-amd64 '/var/lib/juju/tools/machine-2'
- echo 'Starting Juju machine agent (service jujud-machine-2)' >&$JUJU_PROGRESS_FD
- mkdir -p '/lib/systemd/system/jujud-machine-2'
- |-
  cat > '/lib/systemd/system/jujud-machine-2/exec-start.sh' << 'EOF'
  #!/usr/bin/env bash

  # Set up logging.
  touch '/var/log/juju/machine-2.log'
  chown syslog:syslog '/var/log/juju/machine-2.log'
  chmod 0600 '/var/log/juju/machine-2.log'
  exec >> '/var/log/juju/machine-2.log'
  exec 2>&1

  # Run the script.
  '/var/lib/juju/tools/machine-2/jujud' machine --data-dir '/var/lib/juju' --machine-id 2 --debug
  EOF
- chmod 0755 '/lib/systemd/system/jujud-machine-2/exec-start.sh'
- |-
  cat > '/lib/systemd/system/jujud-machine-2/jujud-machine-2.service' << 'EOF'
  [Unit]
  Description=juju agent for machine-2
  After=syslog.target
  After=network.target
  After=systemd-user-sessions.service

  [Service]
  LimitNOFILE=20000
  ExecStart=/lib/systemd/system/jujud-machine-2/exec-start.sh
  Restart=on-failure
  TimeoutSec=300

[Install]
WantedBy=multi-user.target

  EOF
- /bin/systemctl link '/lib/systemd/system/jujud-machine-2/jujud-machine-2.service'
- /bin/systemctl daemon-reload
- /bin/systemctl enable '/lib/systemd/system/jujud-machine-2/jujud-machine-2.service'
- /bin/systemctl start jujud-machine-2.service
- rm $bin/tools.tar.gz && rm $bin/juju2.4.1.1-xenial-amd64.sha256
users:
- groups:
  - adm
  - audio
  - cdrom
  - dialout
  - dip
  - floppy
  - netdev
  - plugdev
  - sudo
  - video
  lock_passwd: true
  name: ubuntu
  shell: /bin/bash
  ssh-authorized-keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/ESFSVAhK8ikYoKZcTBf2G9RGTyrN6sTZwbVEpOxxZ6qR8zhg7qritfyVaRy0FVMDQbNjwAMIcSbMct1396kjIIFPqwu4KQyNznvwO6KjuLY2t9coGRrMehfc1IOecf4SEiseI81N4+MiHQxabXR97S2dgd89M4kK7ThW9mfO1/oLTCkiCGy1aIoMJoAelc7ifKW/C1YtlUmmWj/WEuKUjG3YYY75xsnSTCbdrCxPuVHRRWYkGNWfb2TzYRP0JW+uYZy2W/gOuPzzxjuDBkz/dSyZd989IaoGM49fBBT8jqOi3d9Pjd1O9gsMVSp/D8X2JuHGYMXhuswG9ddfO1r7
    Juju:juju-client-key
  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOeQ7hxqB8e3HOg2zTrozDoxWO05O/h4PHO+iLEjtbqZB2S0EUE/++dHbjoqOAAfIdQtdcTsgec8XCqgLTnF9S1i0cDHNfxXqcgQUx8OmAzcE/V18v2yqWnUtVMVsCRy1seNvV4oyg+NsDEF3tK2u/KTiRdzlxPfILY1kh281w3bbfDZ3IvoUWJGjMtRTLdRZG0CfDeS/2hVRvZO97WtY6Fexc9c3VeMHYFMQhCwNwkQPLfLskfw6JikvVKqgSR8dGH+cZMgvF55JVqDuAhudTy5KyQshGPpUQW5VXwjDYlCpPgzhmhY9e5JaYUgozBXjoxT1o0aMl3LTvNm5AzAM5
    Juju:juju-system-key
  sudo:
  - ALL=(ALL) NOPASSWD:ALL

--===============0252242156900375939==--
```

Could you guys please help figure out the overwriting rules used in juju user-data? 
I tested `write_files` section defined under cloud.cfg.d/ is not override by juju user-data.
Currently I use `write_files` to write my scripts into `/var/lib/cloud/instance/scripts/part-001` to customize juju deployed machine. But it's hack and not straight forward.

```
# cat /var/lib/cloud/instance/user-data.txt.i
Content-Type: multipart/mixed; boundary="===============0252242156900375939=="
MIME-Version: 1.0
Number-Attachments: 1

--===============0252242156900375939==
MIME-Version: 1.0
Content-Type: text/cloud-config
Content-Disposition: attachment; filename="part-001"

[Service]
  Type=oneshot
  ExecStart=/sbin/ifdown -a -v --force
  StandardOutput=tty
  StandardError=tty

n=1
  while true; do

printf "Attempt $n to download agent binaries from %s...\n" 'https://10.10.25.44:17070/model/a8436d07-e82f-4ef0-878c-d95d05f57a13/tools/2.4.1.1-xenial-amd64'
      curl -sSfw 'agent binaries from %{url_effective} downloaded: HTTP %{http_code}; time %{time_total}s; size %{size_download} bytes; speed %{speed_download} bytes/s ' --connect-timeout 20 --noproxy "*" --insecure -o $bin/tools.tar.gz 'https://10.10.25.44:17070/model/a8436d07-e82f-4ef0-878c-d95d05f57a13/tools/2.4.1.1-xenial-amd64' && echo "Agent binaries downloaded successfully." && break

printf "Attempt $n to download agent binaries from %s...\n" 'https://172.17.0.1:17070/model/a8436d07-e82f-4ef0-878c-d95d05f57a13/tools/2.4.1.1-xenial-amd64'
      curl -sSfw 'agent binaries from %{url_effective} downloaded: HTTP %{http_code}; time %{time_total}s; size %{size_download} bytes; speed %{speed_download} bytes/s ' --connect-timeout 20 --noproxy "*" --insecure -o $bin/tools.tar.gz 'https://172.17.0.1:17070/model/a8436d07-e82f-4ef0-878c-d95d05f57a13/tools/2.4.1.1-xenial-amd64' && echo "Agent binaries downloaded successfully." && break

[Service]
  LimitNOFILE=20000
  ExecStart=/lib/systemd/system/jujud-machine-2/exec-start.sh
  Restart=on-failure
  TimeoutSec=300

[Install]
  WantedBy=multi-user.target

--===============0252242156900375939==--
```