// MachineConfig returns information from the environment config that is
// needed for machine cloud-init (for non-state servers only).
// It is exposed for testing purposes.
// TODO(rog) fix environs/manual tests so they do not need to
// call this, or move this elsewhere.
func MachineConfig(st *state.State, machineId, nonce, dataDir string) (*cloudinit.MachineConfig, error) {
environConfig, err := st.EnvironConfig()
if err != nil {
return nil, err
}
// Get the machine so we can get its series and arch.
// If the Arch is not set in hardware-characteristics,
// an error is returned.
machine, err := st.Machine(machineId)
if err != nil {
return nil, err
}
hc, err := machine.HardwareCharacteristics()
if err != nil {
return nil, err
}
if hc.Arch == nil {
return nil, fmt.Errorf("arch is not set for %q", machine.Tag())
}
// Find the appropriate tools information.
env, err := environs.New(environConfig)
if err != nil {
return nil, err
}
tools, err := findInstanceTools(env, machine.Series(), *hc.Arch)
if err != nil {
return nil, err
}
// Find the secrets and API endpoints.
auth, err := environs.NewEnvironAuthenticator(env)
if err != nil {
return nil, err
}
stateInfo, apiInfo, err := auth.SetupAuthentication(machine)
if err != nil {
return nil, err
}
// Find requested networks.
includeNetworks, excludeNetworks, err := machine.RequestedNetworks()
if err != nil {
return nil, err
}
mcfg := environs.NewMachineConfig(machineId, nonce, includeNetworks, excludeNetworks, stateInfo, apiInfo)
if dataDir != "" {
mcfg.DataDir = dataDir
}
mcfg.Tools = tools
err = environs.FinishMachineConfig(mcfg, environConfig, constraints.Value{})
if err != nil {
return nil, err
}
return mcfg, nil
}
func (s *CloudInitSuite) TestFinishBootstrapConfig(c *gc.C) {
attrs := dummySampleConfig().Merge(testing.Attrs{
"authorized-keys": "we-are-the-keys",
"admin-secret": "lisboan-pork",
"agent-version": "1.2.3",
"state-server": false,
})
cfg, err := config.New(config.NoDefaults, attrs)
c.Assert(err, gc.IsNil)
oldAttrs := cfg.AllAttrs()
mcfg := &cloudinit.MachineConfig{
Bootstrap: true,
}
cons := constraints.MustParse("mem=1T cpu-power=999999999")
err = environs.FinishMachineConfig(mcfg, cfg, cons)
c.Assert(err, gc.IsNil)
c.Check(mcfg.AuthorizedKeys, gc.Equals, "we-are-the-keys")
c.Check(mcfg.DisableSSLHostnameVerification, jc.IsFalse)
password := utils.UserPasswordHash("lisboan-pork", utils.CompatSalt)
c.Check(mcfg.APIInfo, gc.DeepEquals, &api.Info{
Password: password, CACert: testing.CACert,
})
c.Check(mcfg.StateInfo, gc.DeepEquals, &state.Info{
Password: password, CACert: testing.CACert,
})
c.Check(mcfg.StateServingInfo.StatePort, gc.Equals, cfg.StatePort())
c.Check(mcfg.StateServingInfo.APIPort, gc.Equals, cfg.APIPort())
c.Check(mcfg.Constraints, gc.DeepEquals, cons)
oldAttrs["ca-private-key"] = ""
oldAttrs["admin-secret"] = ""
c.Check(mcfg.Config.AllAttrs(), gc.DeepEquals, oldAttrs)
srvCertPEM := mcfg.StateServingInfo.Cert
srvKeyPEM := mcfg.StateServingInfo.PrivateKey
_, _, err = cert.ParseCertAndKey(srvCertPEM, srvKeyPEM)
c.Check(err, gc.IsNil)
err = cert.Verify(srvCertPEM, testing.CACert, time.Now())
c.Assert(err, gc.IsNil)
err = cert.Verify(srvCertPEM, testing.CACert, time.Now().AddDate(9, 0, 0))
c.Assert(err, gc.IsNil)
err = cert.Verify(srvCertPEM, testing.CACert, time.Now().AddDate(10, 0, 1))
c.Assert(err, gc.NotNil)
}
func createContainer(c *gc.C, manager container.Manager, machineId string) instance.Instance {
machineNonce := "fake-nonce"
stateInfo := jujutesting.FakeStateInfo(machineId)
apiInfo := jujutesting.FakeAPIInfo(machineId)
machineConfig := environs.NewMachineConfig(machineId, machineNonce, nil, nil, stateInfo, apiInfo)
network := container.BridgeNetworkConfig("virbr0")
machineConfig.Tools = &tools.Tools{
Version: version.MustParseBinary("2.3.4-foo-bar"),
URL: "http://tools.testing.invalid/2.3.4-foo-bar.tgz",
}
environConfig := dummyConfig(c)
err := environs.FinishMachineConfig(machineConfig, environConfig, constraints.Value{})
c.Assert(err, gc.IsNil)
inst, hardware, err := manager.CreateContainer(machineConfig, "precise", network)
c.Assert(err, gc.IsNil)
c.Assert(hardware, gc.NotNil)
expected := fmt.Sprintf("arch=%s cpu-cores=1 mem=512M root-disk=8192M", version.Current.Arch)
c.Assert(hardware.String(), gc.Equals, expected)
return inst
}
func (s *CloudInitSuite) TestFinishInstanceConfig(c *gc.C) {
attrs := dummySampleConfig().Merge(testing.Attrs{
"authorized-keys": "we-are-the-keys",
})
cfg, err := config.New(config.NoDefaults, attrs)
c.Assert(err, gc.IsNil)
mcfg := &cloudinit.MachineConfig{
StateInfo: &state.Info{Tag: "not touched"},
APIInfo: &api.Info{Tag: "not touched"},
}
err = environs.FinishMachineConfig(mcfg, cfg, constraints.Value{})
c.Assert(err, gc.IsNil)
c.Assert(mcfg, gc.DeepEquals, &cloudinit.MachineConfig{
AuthorizedKeys: "we-are-the-keys",
AgentEnvironment: map[string]string{
agent.ProviderType: "dummy",
agent.ContainerType: "",
},
StateInfo: &state.Info{Tag: "not touched"},
APIInfo: &api.Info{Tag: "not touched"},
DisableSSLHostnameVerification: false,
})
}
