// addAgentInfo adds agent-required information to the agent's directory
// and returns the agent directory name.
func (cfg *MachineConfig) addAgentInfo(c *cloudinit.Config, tag string) (agent.Config, error) {
acfg, err := cfg.agentConfig(tag)
if err != nil {
return nil, err
}
acfg.SetValue(agent.AgentServiceName, cfg.MachineAgentServiceName)
cmds, err := acfg.WriteCommands()
if err != nil {
return nil, errgo.Annotate(err, "failed to write commands")
}
c.AddScripts(cmds...)
return acfg, nil
}
// ComposeUserData fills out the provided cloudinit configuration structure
// so it is suitable for initialising a machine with the given configuration,
// and then renders it and returns it as a binary (gzipped) blob of user data.
//
// If the provided cloudcfg is nil, a new one will be created internally.
func ComposeUserData(mcfg *cloudinit.MachineConfig, cloudcfg *coreCloudinit.Config) ([]byte, error) {
if cloudcfg == nil {
cloudcfg = coreCloudinit.New()
}
if err := configureCloudinit(mcfg, cloudcfg); err != nil {
return nil, err
}
data, err := cloudcfg.Render()
logger.Tracef("Generated cloud init:\n%s", string(data))
if err != nil {
return nil, err
}
return utils.Gzip(data), nil
}
// MaybeAddCloudArchiveCloudTools adds the cloud-archive cloud-tools
// pocket to apt sources, if the series requires it.
func MaybeAddCloudArchiveCloudTools(c *cloudinit.Config, series string) {
if series != "precise" {
// Currently only precise; presumably we'll
// need to add each LTS in here as they're
// added to the cloud archive.
return
}
const url = "http://ubuntu-cloud.archive.canonical.com/ubuntu"
name := fmt.Sprintf("deb %s %s-updates/cloud-tools main", url, series)
prefs := &cloudinit.AptPreferences{
Path: cloudinit.CloudToolsPrefsPath,
Explanation: "Pin with lower priority, not to interfere with charms",
Package: "*",
Pin: fmt.Sprintf("release n=%s-updates/cloud-tools", series),
PinPriority: 400,
}
c.AddAptSource(name, CanonicalCloudArchiveSigningKey, prefs)
}
// ConfigureBasic updates the provided cloudinit.Config with
// basic configuration to initialise an OS image, such that it can
// be connected to via SSH, and log to a standard location.
//
// Any potentially failing operation should not be added to the
// configuration, but should instead be done in ConfigureJuju.
//
// Note: we don't do apt update/upgrade here so as not to have to wait on
// apt to finish when performing the second half of image initialisation.
// Doing it later brings the benefit of feedback in the face of errors,
// but adds to the running time of initialisation due to lack of activity
// between image bringup and start of agent installation.
func ConfigureBasic(cfg *MachineConfig, c *cloudinit.Config) error {
c.AddScripts(
"set -xe", // ensure we run all the scripts or abort.
)
c.AddSSHAuthorizedKeys(cfg.AuthorizedKeys)
c.SetOutput(cloudinit.OutAll, "| tee -a "+cfg.CloudInitOutputLog, "")
// Create a file in a well-defined location containing the machine's
// nonce. The presence and contents of this file will be verified
// during bootstrap.
//
// Note: this must be the last runcmd we do in ConfigureBasic, as
// the presence of the nonce file is used to gate the remainder
// of synchronous bootstrap.
noncefile := path.Join(cfg.DataDir, NonceFile)
c.AddFile(noncefile, cfg.MachineNonce, 0644)
return nil
}
// ConfigureScript generates the bash script that applies
// the specified cloud-config.
func ConfigureScript(cloudcfg *cloudinit.Config) (string, error) {
// TODO(axw): 2013-08-23 bug 1215777
// Carry out configuration for ssh-keys-per-user,
// machine-updates-authkeys, using cloud-init config.
//
// We should work with smoser to get a supported
// command in (or next to) cloud-init for manually
// invoking cloud-config. This would address the
// above comment by removing the need to generate a
// script "by hand".
// Bootcmds must be run before anything else,
// as they may affect package installation.
bootcmds, err := cmdlist(cloudcfg.BootCmds())
if err != nil {
return "", err
}
// Add package sources and packages.
pkgcmds, err := addPackageCommands(cloudcfg)
if err != nil {
return "", err
}
// Runcmds come last.
runcmds, err := cmdlist(cloudcfg.RunCmds())
if err != nil {
return "", err
}
// We prepend "set -xe". This is already in runcmds,
// but added here to avoid relying on that to be
// invariant.
script := []string{"#!/bin/bash", "set -e"}
// We must initialise progress reporting before entering
// the subshell and redirecting stderr.
script = append(script, cloudinit.InitProgressCmd())
stdout, stderr := cloudcfg.Output(cloudinit.OutAll)
script = append(script, "(")
if stderr != "" {
script = append(script, "(")
}
script = append(script, bootcmds...)
script = append(script, pkgcmds...)
script = append(script, runcmds...)
if stderr != "" {
script = append(script, ") "+stdout)
script = append(script, ") "+stderr)
} else {
script = append(script, ") "+stdout+" 2>&1")
}
return strings.Join(script, "\n"), nil
}
func (cfg *MachineConfig) addMachineAgentToBoot(c *cloudinit.Config, tag, machineId string) error {
// Make the agent run via a symbolic link to the actual tools
// directory, so it can upgrade itself without needing to change
// the upstart script.
toolsDir := agenttools.ToolsDir(cfg.DataDir, tag)
// TODO(dfc) ln -nfs, so it doesn't fail if for some reason that the target already exists
c.AddScripts(fmt.Sprintf("ln -s %v %s", cfg.Tools.Version, shquote(toolsDir)))
name := cfg.MachineAgentServiceName
conf := upstart.MachineAgentUpstartService(name, toolsDir, cfg.DataDir, cfg.LogDir, tag, machineId, nil)
cmds, err := conf.InstallCommands()
if err != nil {
return errgo.Annotatef(err, "cannot make cloud-init upstart script for the %s agent", tag)
}
c.AddRunCmd(cloudinit.LogProgressCmd("Starting Juju machine agent (%s)", name))
c.AddScripts(cmds...)
return nil
}
// addPackageCommands returns a slice of commands that, when run,
// will add the required apt repositories and packages.
func addPackageCommands(cfg *cloudinit.Config) ([]string, error) {
var cmds []string
if len(cfg.AptSources()) > 0 {
// Ensure add-apt-repository is available.
cmds = append(cmds, cloudinit.LogProgressCmd("Installing add-apt-repository"))
cmds = append(cmds, aptget+"install python-software-properties")
}
for _, src := range cfg.AptSources() {
// PPA keys are obtained by add-apt-repository, from launchpad.
if !strings.HasPrefix(src.Source, "ppa:") {
if src.Key != "" {
key := utils.ShQuote(src.Key)
cmd := fmt.Sprintf("printf '%%s\\n' %s | apt-key add -", key)
cmds = append(cmds, cmd)
}
}
cmds = append(cmds, cloudinit.LogProgressCmd("Adding apt repository: %s", src.Source))
cmds = append(cmds, "add-apt-repository -y "+utils.ShQuote(src.Source))
if src.Prefs != nil {
path := utils.ShQuote(src.Prefs.Path)
contents := utils.ShQuote(src.Prefs.FileContents())
cmds = append(cmds, "install -D -m 644 /dev/null "+path)
cmds = append(cmds, `printf '%s\n' `+contents+` > `+path)
}
}
if len(cfg.AptSources()) > 0 || cfg.AptUpdate() {
cmds = append(cmds, cloudinit.LogProgressCmd("Running apt-get update"))
cmds = append(cmds, aptget+"update")
}
if cfg.AptUpgrade() {
cmds = append(cmds, cloudinit.LogProgressCmd("Running apt-get upgrade"))
cmds = append(cmds, aptget+"upgrade")
}
for _, pkg := range cfg.Packages() {
cmds = append(cmds, cloudinit.LogProgressCmd("Installing package: %s", pkg))
if !strings.Contains(pkg, "--target-release") {
// We only need to shquote the package name if it does not
// contain additional arguments.
pkg = utils.ShQuote(pkg)
}
cmd := fmt.Sprintf(aptget+"install %s", pkg)
cmds = append(cmds, cmd)
}
if len(cmds) > 0 {
// setting DEBIAN_FRONTEND=noninteractive prevents debconf
// from prompting, always taking default values instead.
cmds = append([]string{"export DEBIAN_FRONTEND=noninteractive"}, cmds...)
}
return cmds, nil
}
// ConfigureJuju updates the provided cloudinit.Config with configuration
// to initialise a Juju machine agent.
func ConfigureJuju(cfg *MachineConfig, c *cloudinit.Config) error {
if err := verifyConfig(cfg); err != nil {
return err
}
// Initialise progress reporting. We need to do separately for runcmd
// and (possibly, below) for bootcmd, as they may be run in different
// shell sessions.
initProgressCmd := cloudinit.InitProgressCmd()
c.AddRunCmd(initProgressCmd)
// If we're doing synchronous bootstrap or manual provisioning, then
// ConfigureBasic won't have been invoked; thus, the output log won't
// have been set. We don't want to show the log to the user, so simply
// append to the log file rather than teeing.
if stdout, _ := c.Output(cloudinit.OutAll); stdout == "" {
c.SetOutput(cloudinit.OutAll, ">> "+cfg.CloudInitOutputLog, "")
c.AddBootCmd(initProgressCmd)
c.AddBootCmd(cloudinit.LogProgressCmd("Logging to %s on remote host", cfg.CloudInitOutputLog))
}
if !cfg.DisablePackageCommands {
AddAptCommands(cfg.AptProxySettings, c)
}
// Write out the normal proxy settings so that the settings are
// sourced by bash, and ssh through that.
c.AddScripts(
// We look to see if the proxy line is there already as
// the manual provider may have had it aleady. The ubuntu
// user may not exist (local provider only).
`([ ! -e /home/ubuntu/.profile ] || grep -q '.juju-proxy' /home/ubuntu/.profile) || ` +
`printf '\n# Added by juju\n[ -f "$HOME/.juju-proxy" ] && . "$HOME/.juju-proxy"\n' >> /home/ubuntu/.profile`)
if (cfg.ProxySettings != osenv.ProxySettings{}) {
exportedProxyEnv := cfg.ProxySettings.AsScriptEnvironment()
c.AddScripts(strings.Split(exportedProxyEnv, "\n")...)
c.AddScripts(
fmt.Sprintf(
`[ -e /home/ubuntu ] && (printf '%%s\n' %s > /home/ubuntu/.juju-proxy && chown ubuntu:ubuntu /home/ubuntu/.juju-proxy)`,
shquote(cfg.ProxySettings.AsScriptEnvironment())))
}
// Make the lock dir and change the ownership of the lock dir itself to
// ubuntu:ubuntu from root:root so the juju-run command run as the ubuntu
// user is able to get access to the hook execution lock (like the uniter
// itself does.)
lockDir := path.Join(cfg.DataDir, "locks")
c.AddScripts(
fmt.Sprintf("mkdir -p %s", lockDir),
// We only try to change ownership if there is an ubuntu user
// defined, and we determine this by the existance of the home dir.
fmt.Sprintf("[ -e /home/ubuntu ] && chown ubuntu:ubuntu %s", lockDir),
fmt.Sprintf("mkdir -p %s", cfg.LogDir),
fmt.Sprintf("chown syslog:adm %s", cfg.LogDir),
)
// Make a directory for the tools to live in, then fetch the
// tools and unarchive them into it.
var copyCmd string
if strings.HasPrefix(cfg.Tools.URL, fileSchemePrefix) {
copyCmd = fmt.Sprintf("cp %s $bin/tools.tar.gz", shquote(cfg.Tools.URL[len(fileSchemePrefix):]))
} else {
curlCommand := "curl -sSfw 'tools from %{url_effective} downloaded: HTTP %{http_code}; time %{time_total}s; size %{size_download} bytes; speed %{speed_download} bytes/s '"
if cfg.DisableSSLHostnameVerification {
curlCommand += " --insecure"
}
copyCmd = fmt.Sprintf("%s -o $bin/tools.tar.gz %s", curlCommand, shquote(cfg.Tools.URL))
c.AddRunCmd(cloudinit.LogProgressCmd("Fetching tools: %s", copyCmd))
}
toolsJson, err := json.Marshal(cfg.Tools)
if err != nil {
return err
}
c.AddScripts(
"bin="+shquote(cfg.jujuTools()),
"mkdir -p $bin",
copyCmd,
fmt.Sprintf("sha256sum $bin/tools.tar.gz > $bin/juju%s.sha256", cfg.Tools.Version),
fmt.Sprintf(`grep '%s' $bin/juju%s.sha256 || (echo "Tools checksum mismatch"; exit 1)`,
cfg.Tools.SHA256, cfg.Tools.Version),
fmt.Sprintf("tar zxf $bin/tools.tar.gz -C $bin"),
fmt.Sprintf("rm $bin/tools.tar.gz && rm $bin/juju%s.sha256", cfg.Tools.Version),
fmt.Sprintf("printf %%s %s > $bin/downloaded-tools.txt", shquote(string(toolsJson))),
)
// We add the machine agent's configuration info
// before running bootstrap-state so that bootstrap-state
// has a chance to rerwrite it to change the password.
// It would be cleaner to change bootstrap-state to
// be responsible for starting the machine agent itself,
// but this would not be backwardly compatible.
machineTag := names.MachineTag(cfg.MachineId)
_, err = cfg.addAgentInfo(c, machineTag)
if err != nil {
return err
}
// Add the cloud archive cloud-tools pocket to apt sources
// for series that need it. This gives us up-to-date LXC,
// MongoDB, and other infrastructure.
if !cfg.DisablePackageCommands {
series := cfg.Tools.Version.Series
MaybeAddCloudArchiveCloudTools(c, series)
}
if cfg.Bootstrap {
cons := cfg.Constraints.String()
if cons != "" {
cons = " --constraints " + shquote(cons)
}
var hardware string
if cfg.HardwareCharacteristics != nil {
if hardware = cfg.HardwareCharacteristics.String(); hardware != "" {
hardware = " --hardware " + shquote(hardware)
}
}
c.AddRunCmd(cloudinit.LogProgressCmd("Bootstrapping Juju machine agent"))
c.AddScripts(
// The bootstrapping is always run with debug on.
cfg.jujuTools() + "/jujud bootstrap-state" +
" --data-dir " + shquote(cfg.DataDir) +
" --env-config " + shquote(base64yaml(cfg.Config)) +
" --instance-id " + shquote(string(cfg.InstanceId)) +
hardware +
cons +
" --debug",
)
}
return cfg.addMachineAgentToBoot(c, machineTag, cfg.MachineId)
}
// AddAptCommands update the cloudinit.Config instance with the necessary
// packages, the request to do the apt-get update/upgrade on boot, and adds
// the apt proxy settings if there are any.
func AddAptCommands(proxy osenv.ProxySettings, c *cloudinit.Config) {
// Bring packages up-to-date.
c.SetAptUpdate(true)
c.SetAptUpgrade(true)
// juju requires git for managing charm directories.
c.AddPackage("git")
c.AddPackage("curl")
c.AddPackage("cpu-checker")
c.AddPackage("bridge-utils")
c.AddPackage("rsyslog-gnutls")
// Write out the apt proxy settings
if (proxy != osenv.ProxySettings{}) {
filename := utils.AptConfFile
c.AddBootCmd(fmt.Sprintf(
`[ -f %s ] || (printf '%%s\n' %s > %s)`,
filename,
shquote(utils.AptProxyContent(proxy)),
filename))
}
}