a 'Dg . @sUddlZddlZddlZddlZddlZddlZddlZddlmm Z ddl m Z ddl mZddlmZmZmZddlmZmZmZmZddlZddlmZmZmZmZmZmZddlm Z m!Z!ddl"m#Z#dd l$m%Z%m&Z&m'Z'dd l(m)Z)m*Z*dd l+m,Z,dd l-m.Z.m/Z/m0Z0m1Z1dd l2m3Z3ddl4m5Z5m6Z6m7Z7m8Z8m9Z9m:Z:m;Z;mZ>m?Z?m@Z@mAZAddlBmCZCz2ddlDZDejEeDjDdejFdddZGeeHd<WnLeIeJfyzddlKZLeLjMjNjMZGWneIyddZGYn0Yn0eOePZQdZRddiZSdZTdZUdZVdZWGddde ZXdZYeeZeHd <gd!Z[d"d#Z\d$d%Z]eZeZeeZd&d'd(Z^eZeZd)d*d+Z_e9eeZd,d-d.Z`e9eZeeZd)d/d0ZadyeZd,d1d2Zbd3d4Zcd5d6Zdd7d8ZeeeZd,d9d:Zfegrd;ZUefd<ZhehdureQid=d>ehZTn eQid?dZYeVd@eTidAdAdBZjd@dCdDgdAdEieUdFdGgdHZkdIeRgZldJZmdKZnGdLdMdMejoZpdNdOZqdPdQZrdRdSZsdTdUZtdVdWZudzdXdYZve9dZd[Zwe9d\d]Zxe9eTd^d^feZeZeyeyd_d`daZze9d{dbdcZ{e9dddeZ|dfdgZ}e9dhdiZ~e9eYfdjdkZe9dldmZe9dndoZe9eeyedpdqdrZe9ed,dsdtZe9d|dudvZepZepejffgZdwdxZdS)}N)Enum)Path) monotonicsleeptime)AnyDictListOptional)net performancesourcesssh_utilsubputil) EventScope EventType) device_driver)NoDHCPLeaseErrorNoDHCPLeaseInterfaceErrorNoDHCPLeaseMissingDhclientError)EphemeralDHCPv4EphemeralIPv4Network)events)errorsidentityimdskvp)netlink) DEFAULT_WIRESERVER_ENDPOINTNonAzureDataSource OvfEnvXmlazure_ds_reporterazure_ds_telemetry_reporterbuild_minimal_ovf dhcp_log_cbget_boot_telemetryget_metadata_from_fabricget_system_inforeport_diagnostic_eventreport_dmesg_to_kvpreport_failure_to_fabric)UrlErrorz$6$)Zstrlen)Zsalt blowfish_hashcCs tddS)zRaise when called so that importing this module doesn't throw ImportError when ds_detect() returns false. In this case, crypt and passlib are not needed. z/crypt and passlib not found, missing dependencyN) ImportError)_r1E/usr/lib/python3.9/site-packages/cloudinit/sources/DataSourceAzure.pyr.@sAzure instance-idziid-AZURE-NODEz/dev/disk/cloud/azure_resourceZext4z/var/lib/waagentz/dev/sr0c@s eZdZdZdZdZdZdZdS)PPSTypeNoneZPreprovisionedOSDiskZRunningZSavableZUnknownN)__name__ __module__ __qualname__NONEOS_DISKRUNNINGSAVABLEUNKNOWNr1r1r1r2r5Ws r5z/sys/firmware/acpi/tables/OEM0PLATFORM_ENTROPY_SOURCE)z"/etc/netplan/90-hotplug-azure.yamlz /usr/local/sbin/ephemeral_eth.shz+/etc/udev/rules.d/10-net-device-added.rulesz#/run/network/interfaces.ephemeral.dcCs|D]r}td|r|}t|dkr|dd}t|dkr|ddkr|d|r|dd}|dSqd S) z dev.storvsc.1.%pnpinfo: classid=32412632-86cb-44a2-9b5c-50d1417354f5 deviceid=00000000-0001-8899-0000-000000000000 Zpnpinfo=rdeviceid.N) splitlinesresearchsplitlen startswith) sysctl_outrClinefieldscolumnscompsr1r1r2"find_storvscid_from_sysctl_pnpinfoks      rQcCs2|D]$}t||r|}|dSqdS)z scbus0 on ata0 bus 0 scbus1 on ata1 bus 0 scbus2 on blkvsc0 bus 0 scbus3 on blkvsc1 bus 0 scbus4 on storvsc2 bus 0 scbus5 on storvsc3 bus 0 scbus-1 on xpt0 bus 0 rN)rFrGrHrI)camcontrol_outZdisk_drvrMitemsr1r1r2find_busdev_from_disks  rT)rRbusdevreturncCsN|D]@}t||r|d}t|dkr|dd}|dSqdS)z at scbus1 target 0 lun 0 (cd0,pass0) at scbus2 target 0 lun 0 (da0,pass1) at scbus3 target 1 lun 0 (da1,pass2) (rArD,rN)rFrGrHrIrJ)rRrUrMrSZdev_passr1r1r2find_dev_from_busdevs    rY)macrVc CsZt|dkrRd|dd|dd|dd|dd|dd|ddg}|S) z1Normalize mac address with colons and lower-case. :rrA )rJjoinlowerrZr1r1r2normalize_mac_addresss  >rdrVcCsddtDS)z-Get Hyper-V NICs as normalized MAC addresses.cSs$g|]}|ddkrt|dqS)rA hv_netvscrDrd).0nr1r1r2 s z1get_hv_netvsc_macs_normalized..)r get_interfacesr1r1r1r2get_hv_netvsc_macs_normalizedsrlcsffddtD}d|vr"dSt|dkrLtd|ftjd|dStd|ftjdd S) z0Determine the device driver to match on, if any.cs$g|]}t|dkr|dqS)rDrArgrhircr1r2rjsz3determine_device_driver_for_mac..rfrDz4Assuming driver for interface with mac=%s drivers=%rZ logger_funcrz=Unable to specify driver for interface with mac=%s drivers=%rN)r rkrJr)LOGdebugwarning)rZZdriversr1rcr2determine_device_driver_for_macs(  rsc Cs>zt|jWStjy8tdd||YS0dS)NzFailed to execute: %s )rstdoutProcessExecutionErrorrprqra)cmdfail_retr1r1r2execute_or_debugs rycCstddgddS)NZsysctlz dev.storvsc)rxryr1r1r1r2get_dev_storvsc_sysctlsr|cCs tgdS)N) camcontroldevlistz-br{r1r1r1r2get_camcontrol_dev_bussrcCs tddgS)Nr}r~r{r1r1r1r2get_camcontrol_devsrc Csd}|dkrd}|d}dt|}d||}t}t||}|sRtddSt}t}d|}t||} | rt || } | durtd dS| Sd |} t|| } | rt || } | durtd dS| SdS) NZ00000000rDZ00000001rAZ000z{0}-{1}z#Fail to find storvsc id from sysctlz blkvsc{0}zFail to find /dev/daXz storvsc{0}) strformatr|rQrprqrrrTrY) Zport_idZg0Zg1Zg0g1rLZ storvscidZcamcontrol_b_outrRZblkvscZscbusxZdevnameZstorvscr1r1r2get_resource_disk_on_freebsds<            rz freebsd-ufsrDzresource disk is not None/dev/zresource disk is NoneZ ephemeral0T)data_dir disk_aliasesapply_network_config&apply_network_config_for_secondary_ipsZgptd)Z table_typeZlayoutZ overwritez ephemeral0.1)Z filesystemZdevice) disk_setupZfs_setupZ datasourceZnever_destroy_ntfsZREDACTEDcseZdZdZejejejhiZ dZ e j Z dZddZeddfdd Zd d Zd d ZeeedddZedddddeeeeeedddZeddddZedddZddddZeddZeeed d!d"Z dufd$d% Z!ed&d'Z"ed(d)Z#d*d+Z$d,d-Z%ee&edd.d/Z'e(e&ed0d1d2Z)e&edd3d4Z*d5d6Z+d7d8Z,dvd9d:Z-ed;d<Z.edweee/d?d@dAZ0edBdCZ1edddDeeddEdFdGZ2edHdIZ3ee4j4ddJdKZ5edLdMZ6edddNdOZ7edPdQZ8edRdSZ9ee:ddTdUZ;edxeeddYee&eee&edZd[d\Z?e(eed0d]d^Z@e(e(eAd_d`daZBedbdcZCee(e(ee&edddedfZDdgdhZEedidjZFeGdkdlZHedmdnZIeGdodpZJeGdqdrZKee(ed0dsdtZLZMS)yDataSourceAzurer3FrDcCstj||||tj|jd|_i|_d|_t t |t it g|_d|_d|_d|_d|_d|_t|_tj|jdd|_dS)NZazureFdatareported_ready)r DataSource__init__ospathraseed_dircfgseedr mergemanydictZget_cfg_by_path DS_CFG_PATHBUILTIN_DS_CONFIGds_cfg_iso_dev_network_config_ephemeral_dhcp_ctx_route_configured_for_imds _route_configured_for_wireserverr_wireserver_endpoint cloud_dir_reported_ready_marker_file)selfsys_cfgdistropathsr1r1r2rDs zDataSourceAzure.__init__N)ci_pkl_versionrVcsDt|d|_d|_d|_d|_t|_tj |j j dd|_ dS)NFrr)super _unpicklerrrrrrrrrarrr)rr __class__r1r2rVs  zDataSourceAzure._unpicklecCstj|}d||jfS)Nz %s [seed=%s])r r__str__r)rrootr1r1r2rbs zDataSourceAzure.__str__cCsH|jdurd}n*|jdr"d}n|jdkr6d}nd}d||jfS)z/Return the subplatform metadata source details.Nunknownz/devz config-diskrzseed-dirz%s (%s))rrKrb)rZsubplatform_typer1r1r2_get_subplatformfs  z DataSourceAzure._get_subplatform)ephipv4rVcCs<|js dSdd|jD}d|v|_|j|v|_|jp:|jS)NFcSsg|]}|dddqS)r/)rI)rhrr1r1r2rjxz5DataSourceAzure._check_if_primary..z169.254.169.254) static_routesrrr)rrZrouted_networksr1r1r2_check_if_primaryrs z!DataSourceAzure._check_if_primaryT)ifacereport_failure_if_not_primary retry_sleeptimeout_minutes)rrrrrVc Cs~|jdurtdtd|tftjdt|j|t d|_d}t }||d}t j ddt d |durz|j}Wntytd tjd|jtjt |d d d Yntytdtjdd|_Ynty$td|tjd|jtjt ||dd d YnJtjyl}z.td|j|j|j|jftjdWYd}~n d}~00|durt ||krt|qhqqh|durd|_t|d}||j_d|vr|d|_ t!|} |jj"} | durtd|#| } td|| | | j$| j%||j&|j'ftjd|rV| sV|jtj(|| | j$| j%|dd d | WdS1sp0YdS)aSetup ephemeral networking. Keep retrying DHCP up to specified number of minutes. This does not kill dhclient, so the timeout in practice may be up to timeout_minutes + the system-configured timeout for dhclient. :param timeout_minutes: Number of minutes to keep retrying for. :raises NoDHCPLeaseError: If unable to obtain DHCP lease. :returns: True if NIC is determined to be primary. Nz/Bringing up networking when already configured.z2Bringing up ephemeral networking with iface=%s: %rro)rZ dhcp_log_func<zobtain-dhcp-leasezobtain dhcp leasename descriptionparentzInterface not found for DHCP)durationT host_onlyzdhclient executable not foundz&Failed to obtain DHCP lease (iface=%s))r interfacez7Command failed: cmd=%r stderr=%r stdout=%r exit_code=%srz unknown-245zdhcp context missing ephipv4z{Obtained DHCP lease on interface %r (primary=%r driver=%r router=%r routes=%r lease=%r imds_routed=%r wireserver_routed=%r))rdriverrouterrlease))r RuntimeErrorr)r rkrprqrrr%rrReportEventStackr"Z obtain_leaserrr_report_failurerZ$ReportableErrorDhcpInterfaceNotFoundrerrorrZReportableErrorDhcpLeaserrvrwstderrru exit_coderrrrZ_ephipv4rrrrrZ(ReportableErrorDhcpOnNonPrimaryInterface) rrrrrr start_timeZdeadlinerrrZprimaryr1r1r2_setup_ephemeral_networkings                    z+DataSourceAzure._setup_ephemeral_networkingrecCs.d|_d|_|jdurdS|jd|_dS)zTeardown ephemeral networking.FN)rrrZ clean_networkrr1r1r2_teardown_ephemeral_networkings   z.DataSourceAzure._teardown_ephemeral_networkingcCs|jdup|jjdu S)z"Check if networking is configured.N)rrrr1r1r2_is_ephemeral_networking_up%s  z+DataSourceAzure._is_ephemeral_networking_upc Csz2gd}t|\}}td|||ftjdWntjy}zlt|jtrntdt }| |n6td|j |j |j|jftjdt |}| |WYd}~n d}~00dS)abCheck if azure-proxy-agent is ready for communication with WS/IMDS. If ProvisionGuestProxyAgent is true, query azure-proxy-agent status, waiting up to 120 seconds for the proxy to negotiate with Wireserver and configure an eBPF proxy. Once azure-proxy-agent is ready, it will exit with code 0 and cloud-init can then expect to be able to communicate with these services. Fail deployment if azure-proxy-agent is not found or otherwise returns an error. For more information, check out: https://github.com/azure/guestproxyagent )zazure-proxy-agentz--statusz--waitZ120z1Executing %s resulted in stderr=%r with stdout=%rrozGFailed to activate Azure Guest Proxy Agent: azure-proxy-agent not foundzgFailed to activate Azure Guest Proxy Agent: status check failed cmd=%r stderr=%r stdout=%r exit_code=%sN)rr)rprqrv isinstancereasonFileNotFoundErrorrrZ!ReportableErrorProxyAgentNotFoundrrwrrurZ&ReportableErrorProxyAgentStatusFailure)rrwouterrrZ report_errorreportable_errorr1r1r2_check_azure_proxy_agent_status,s:     z/DataSourceAzure._check_azure_proxy_agent_statusc Csi}|jd}d}ddi}ddddiii}d}i}t|j|D]}zz|drtrptj|td d \}}}}nt|t\}}}}||_nt|\}}}}|}t d |t j d Wq$Wq>t yt d |t j d Yq>Yq>tj yt d|t j d Yq>Yq>0q>d} t | t jd t|jp6|du} | rBdnd} z|j| dWntyjYn0i} |r|dr||jdd} | s|durd} t | t| ||| } | tjkrtrd} t | t jd t| |s$d} t | t jd t| | tjkr:|n4| tjkrP|n| tj krf|!n|"|#\}}}}|dr||jdd} |$| }|dtjj%fvr|&t'j(d|d|j)| d|pd|_*|+||t,|d| ig|dt-| }t.| }t/| }|rBt d|||ddd<|r`t d |||d!d<|r~t d"|||d!d#<|j*dkr|d$szt0|||d%}d&|i|d$<Wn8t1y}zt d'|t j d WYd}~n d}~00|sJt2| }|rJt d(zt34d5|6|d)<Wn"t1yHt d*t jd Yn0||krft d+|t j d t7}|r~||d!d,<|8|d!d-<|j9d.ur|r|j:|| d/}z|j;|d0}Wnt1yYn(0t d1||r||d!d2<|<|S)3aWalk all instance metadata sources returning a dict on success. @return: A dictionary of any metadata content for this instance. @raise: InvalidMetaDataException when the expected metadata service is unavailable, broken or disabled. rNlocal-hostnamerz system_info default_userrrudf)mtypez!Found provisioning metadata in %sroz$Did not find Azure data source in %sz%s was not mountablezUnable to find provisioning media, falling back to IMDS metadata. Be aware that IMDS metadata does not support admin passwords or custom-data (user-data only).rrProvisionGuestProxyAgentT)report_failurezNo OVF or IMDS availablez%Free BSD is not supported for PPS VMszDHCP failed while in source PPSzextended.compute.ppsType)keyvalue)imds_mdZIMDSr)rfilesmetadata userdata_rawz Username retrieved from IMDS: %sz Hostname retrieved from IMDS: %srz(Disable password retrieved from IMDS: %sZdisable_passwordr)usernamehostnameZ disableSshPwd ovf-env.xmlz)Failed to construct OVF from IMDS data %szRetrieved userdata from IMDSrzBad userdata in IMDSzusing files cached in %sZ random_seedr4F)rr pubkey_infoznegotiating returned %s public-keys)=rlist_possible_azure_dsrrKr is_FreeBSDmount_cbload_azure_ds_dirrr)rprqr MountFailedErrorrrboolrrrgetrget_metadata_from_imdsr InvalidMetaDataException_determine_pps_typer5r:rr<_wait_for_pps_running_reuser=_wait_for_pps_savable_reuser;_wait_for_pps_os_disk_shutdown_wait_for_pps_unknown_reuse _reprovision_ppstype_from_imdsrrrZ"ReportableErrorImdsInvalidMetadatavalidate_imds_network_metadatarupdater_username_from_imds_hostname_from_imds_disable_password_from_imdsr$ Exception_userdata_from_imdsbase64Z b64decoderarI_get_random_seed_iid _negotiated!_determine_wireserver_pubkey_info _report_ready_cleanup_markers)r crawled_dataddirZ ovf_sourcemdrrrsrcmsgZrequires_imds_metadatarrpps_typeZ imds_ppstypeZ imds_usernameZ imds_hostnameZimds_disable_passwordcontentseZ imds_userdatarrssh_keysr1r1r2crawl_metadatabs6                                       zDataSourceAzure.crawl_metadata)rrVc Cst}|d}|jsd}nd}d}d}ztj||dWSty}zDt|}t|}tj||d}|js~t|j t j r~d}WYd}~n@d}~0t y}z t|}tj |d}WYd}~n d}~00|j|| dtd|tjd iS) Ni, )max_connection_errorsretry_deadline) exceptionrF)rrz!Ignoring IMDS metadata due to: %sro)rrrZ fetch_metadata_with_api_fallbackr,rrZReportableErrorImdsUrlErrorrcauserequestsConnectionError ValueErrorZ+ReportableErrorImdsMetadataParsingExceptionrr)rprr) rrrrrZ error_stringZ error_reportrrr1r1r2r<sB z&DataSourceAzure.get_metadata_from_imdsr1cstt||tj|_dS)z.Reset any cached class attributes to defaults.N)rrclear_cached_attrsr UNSET_metadata_imds)rZ attr_defaultsrr1r2rjsz"DataSourceAzure.clear_cached_attrscCs4tj}|durdS|jdur$dSt|jdS)zQCheck platform environment to report if this datasource may run. NTFr)rZChassisAssetTagZ query_systemrrexists)rZ chassis_tagr1r1r2 ds_detectos   zDataSourceAzure.ds_detectc Csz tWn0ty:}ztd|WYd}~n d}~00z tWn0tyv}ztd|WYd}~n d}~00zz |}Wntjy}z"||WYd}~W| dSd}~0ty}z,t |}||WYd}~W| dSd}~00W| n | 0|j rH|j j dkrH|j drHtt}tj|rtd|tjdt|d tg|_ntd |tjd|d |_|d d |_t|d tg|_|d |_t|j d|ddddS)zCrawl and process datasource metadata caching metadata as attrs. @return: True on success, False on error, invalid or disabled datasource. z Failed to get boot telemetry: %sNz$Failed to get system information: %sFZubunturzXEphemeral resource disk '%s' exists. Merging default Azure cloud ephemeral disk configs.rorzdEphemeral resource disk '%s' does not exist. Not merging default Azure cloud ephemeral disk configs.rrrrri)dirmodeT)r&rrprrr(rrReportableErrorrrZ!ReportableErrorUnhandledExceptionrrrr*maybe_remove_ubuntu_network_config_scriptsRESOURCE_DISK_PATHrrrr)rqrr#BUILTIN_CLOUD_EPHEMERAL_DISK_CONFIGrrDEFAULT_METADATArr write_files)rrr rrdevpathr1r1r2 _get_data~sp " "             zDataSourceAzure._get_datacCs&|jrd|jvr|St|jdS)Nr4)rrrrr1r1r2get_instance_idszDataSourceAzure.get_instance_idcCs|jd|S)Nr)rr)rrr1r1r2device_name_to_devicesz%DataSourceAzure.device_name_to_devicec Cs2z||jdWSttfy(Yn0|S)z+ Retrieve public SSH keys. r)_get_public_keys_from_imdsrKeyErrorr_get_public_keys_from_ovfrr1r1r2get_public_ssh_keyss z#DataSourceAzure.get_public_ssh_keys)rrVcCszdd|ddD}Wn&ty@d}t|tjdYn0tdd|Drnd }t|tjdt|d t|}t|tjd|S) zGet SSH keys from IMDS metadata. :raises KeyError: if IMDS metadata is malformed/missing. :raises ValueError: if key format is not supported. :returns: List of keys. cSsg|] }|dqS)ZkeyDatar1)rhZ public_keyr1r1r2rjsz>DataSourceAzure._get_public_keys_from_imds..computeZ publicKeysz"No SSH keys found in IMDS metadatarocss|]}t|d VqdS))rN)_key_is_openssh_formatted)rhrr1r1r2 rz=DataSourceAzure._get_public_keys_from_imds..zKey(s) not in OpenSSH formatzRetrieved {} keys from IMDS)r-r)rprqanyrrrJ)rrrlog_msgr1r1r2r,s  z*DataSourceAzure._get_public_keys_from_imdscCsXg}z*|jd}dt|}t|tjdWn$tyRd}t|tjdYn0|S)zYGet SSH keys that were fetched from wireserver. :returns: List of keys. rzRetrieved {} keys from OVFrozNo keys available from OVF)rrrJr)rprqr-)rrr4r1r1r2r.s  z)DataSourceAzure._get_public_keys_from_ovfcCs|jSNrrr1r1r2get_config_objszDataSourceAzure.get_config_objcCst|Sr5)r Zinstance_id_matches_system_uuidr*)rrr1r1r2check_instance_id sz!DataSourceAzure.check_instance_idcCsZtj|jdd}t}tj|rVt | }t |}| ||fvrV|S|S)Nrr4) rrrarZ get_cpathrZquery_system_uuidrrZload_text_filestripZbyte_swap_system_uuidrb)rZpreviousZ prev_iid_pathZ system_uuidZ swapped_idr1r1r2r s   zDataSourceAzure._iidc Cszpd}tjddtdt|}Wdn1s60Y|dur\d}t|tjdntd|tjdWn8t y}z tt |tj dWYd}~n d}~00dS)zUse the netlink socket provided to wait for nic detach event. NOTE: The function doesn't close the socket. The caller owns closing the socket and disposing it safely. Nzwait-for-nic-detachzwait for nic detachrzHPreprovisioned nic not detached as expected. Proceeding without failing.roz%The preprovisioned nic %s is detached) rrr"rZwait_for_nic_detach_eventr)rprrrqAssertionErrorrr)rnl_sockifnamerrr1r1r2_wait_for_nic_detachs&( z$DataSourceAzure._wait_for_nic_detachr皙?)r<retriesrcCsdt|D]<}|jj|r0td|tjdq`|d|krt|qtd|||ftjddS)NzThe link %s is up.rorDz;The link %s is not up after %f seconds, continuing anyways.)rangerZ networkingZtry_set_link_upr)rpinfor)rr<r?rrnr1r1r2wait_for_link_up>s     z DataSourceAzure.wait_for_link_upcCs@|j}td|t|djttdt dtj ddS)Nz*Creating a marker file to report ready: %sz{pid}: {time} )pidrzRSuccessfully created reported ready marker file while in the preprovisioning pool.ro) rrprAr write_filerrgetpidrr)rq)rrr1r1r2_create_report_ready_markerRs z+DataSourceAzure._create_report_ready_marker) create_markerexpect_url_error)rGrHrVc Csz |Wnftyr}zN|r@t|tr@tdtjdd|_nd}t|tjdt ||WYd}~n d}~00d|_ |r| dS)zReport ready for PPS, creating the marker file upon completion. :raises sources.InvalidMetaDataException: On error reporting ready. z,Ignoring http call failure, it was expected.roNz9Failed reporting ready while in the preprovisioning pool.F) rrrr,r)rprqrrr rrrF)rrGrHrrr1r1r2_report_ready_for_pps_s  "z%DataSourceAzure._report_ready_for_ppsc Cstdzg}d}d}tjddt|tdt||}Wdn1sR0Y||t d|tjd| ||std ||j |d dd }|rtd qq| qWn6t y}zt t|tjdWYd}~n d}~00dS) z6Wait until the primary nic for the vm is hot-attached.z*Waiting for primary nic to be hot-attachedFNzwait-for-nic-attachz4wait for nic attach after %d nics have been attachedrzDetected nic %s attached.roz!Checking if %s is the primary nicr)rrrzFound primary nic for this VM.)rprArrrJr"rZwait_for_nic_attach_eventappendr)rBrrr:rr)rr;Z nics_foundZprimary_nic_foundr<rr1r1r2"_wait_for_hot_attached_primary_nicsB "     z2DataSourceAzure._wait_for_hot_attached_primary_nicc CsLz tWStjyF}z"td|tjdWYd}~n d}~00dS)Nz!Failed to create netlink socket: ro)rZcreate_bound_netlink_socketZNetlinkCreateSocketErrorr)rpr)rrr1r1r2_create_bound_netlink_sockets z,DataSourceAzure._create_bound_netlink_socketcCs.|jddtdtjdtdtdS)z4Report ready and wait for host to initiate shutdown.F)rGz"Waiting for host to shutdown VM...roi3N)rIr)rprArrZReportableErrorOsDiskPpsFailurerr1r1r2rs z.DataSourceAzure._wait_for_pps_os_disk_shutdownc Cs|}z|jdus |jjdur(td|jj}|td|tjddt dXzt ||Wn6t y}zt d|tjdWYd}~n d}~00Wdn1s0YW|n |0|dS) z9Report ready and wait for nic link to switch upon re-use.Nzmissing ephemeral contextz#Wait for vnetswitch to happen on %sz!wait-for-media-disconnect-connectzwait for vnet switchrz'Error while waiting for vnet switch: %sro)rLrrrrIrprqrrr"rZ!wait_for_media_disconnect_connectr:r)rcloser)rr;rrr1r1r2rs6 <z+DataSourceAzure._wait_for_pps_running_reusec Cs|}zx|jddz |Wn>tjy`}z$td|tjdd|_WYd}~n d}~00| || |W| n | 0dS)z@Report ready and wait for nic(s) to be hot-attached upon re-use.T)rHzLIgnoring failure while tearing down networking, NIC was likely unplugged: %rroN) rLrIrrrvr)rprArr=rKrM)rr;rr1r1r2rs     z+DataSourceAzure._wait_for_pps_savable_reusecCs&tj|jrdS||dS)z0Report ready if needed for unknown/recovery PPS.N)rrisfilerrIrrr1r1r2rsz+DataSourceAzure._wait_for_pps_unknown_reusec Csd}d}|s|sD|d7}z|jddWntyBYqYn0tjddtdHz t}Wn*ty| YWdqYn0Wdq1s0Yqt d |t j d |S) z0Poll IMDs for reprovisiondata XML document data.rNrDrrzget-reprovision-data-from-imdszget reprovision data from imdsrz#attempted dhcp %d times after reusero) rrrrrr"rZfetch_reprovision_datar,rr)rprq)rZ dhcp_attemptsZreprovision_datar1r1r2 _poll_imdss0    6zDataSourceAzure._poll_imds)rrrVc Cs*td|tjdtt|}|r0|S|rz(tdtjdt |j |dd|_ WdSt y}ztd|tjdWYd}~n d}~00zTtdtjd| z|jd d WntyYn0t |j |dd|_ WdSt y$}ztd |tjdWYd}~n d}~00d S) aReport failure to Azure host and fabric. For errors that may be recoverable (e.g. DHCP), host_only provides a mechanism to report the failure that can be updated later with success. DHCP will not be attempted if host_only=True and networking is down. @param error: Error to report. @param host_only: Only report to host (error may be recoverable). @return: The success status of sending the failure signal. z#Azure datasource failure occurred: roz>Using cached ephemeral dhcp context to report failure to Azure)endpointrTz@Failed to report failure using cached ephemeral dhcp context: %sNz3Using new ephemeral dhcp to report failure to Azurerrz5Failed to report failure using new ephemeral dhcp: %sF)r)Zas_encoded_reportrprr*rZreport_failure_to_hostrrqr+rrrrrr)rrrZreportedrr1r1r2r;s^   zDataSourceAzure._report_failurer)rrVc Csrttzt|j|j|j|d}Wn8ty`}z td|t j dWYd}~n d}~00d|_d|_ |S)zTells the fabric provisioning has completed. :param pubkey_info: Fingerprints of keys to request from Wireserver. :raises Exception: if failed to report. :returns: List of SSH keys, if requested. )rPrZiso_devrzQError communicating with Azure fabric; You may experience connectivity issues: %sroNT) r*rZreport_success_to_hostr'rrrrr)rprrr)rrrrr1r1r2r}s(  zDataSourceAzure._report_readyc CsPz|dddWStyJ}z td|tjdWYd}~dSd}~00dS)NZextendedr0ZppsTypez2Could not retrieve pps configuration from IMDS: %sro)rr)rprq)rrrr1r1r2rsz"DataSourceAzure._ppstype_from_imds)ovf_cfgrrVcCstj|jrtj}n|ddtjjks<| |tjjkrDtj}np|ddtj jksj| |tj jkrrtj }nB|ddus|ddtj jks| |tj jkrtj }ntj }t d|jtjd|S)z@Determine PPS type using OVF, IMDS data, and reprovision marker.PreprovisionedVMTypeNPreprovisionedVmTz PPS type: %sro)rrrNrr5r>rr=rrr;r<r:r)rprA)rrQrrr1r1r2rs4   z#DataSourceAzure._determine_pps_typecCsZ|}tjddtd.t|\}}}|||d|ifWdS1sL0YdS)zrInitiate the reprovisioning workflow. Ephemeral networking is up upon successful reprovisioning. zreprovisioning-read-azure-ovfz$read azure ovf during reprovisioningrrN)rOrrr"read_azure_ovf)rrr udrr1r1r2rszDataSourceAzure._reprovision)rrrVc Csbd}z||WnJttfy\|dd}d|durDt|nd}t|tjdYn0|S)zDetermine the fingerprints we need to retrieve from Wireserver. :return: List of keys to request from Wireserver, if any, else None. N_pubkeysz"Retrieved {} fingerprints from OVFrro) r,r-rrrrJr)rprq)rrrrr4r1r1r2rs z1DataSourceAzure._determine_wireserver_pubkey_infocCst|jdS)zCleanup any marker files.N)rdel_filerrr1r1r2r sz DataSourceAzure._cleanup_markerscCs:|j}z"t|||jtddWtnt0dS)NF)is_new_instance preserve_ntfs)rZ get_ipath_curaddress_ephemeral_resizerrDS_CFG_KEY_PRESERVE_NTFSr*)rrrX instance_dirr1r1r2activates  zDataSourceAzure.activatecCs|jdididS)Nrr0ZplatformFaultDomainrrrr1r1r2availability_zones z!DataSourceAzure.availability_zonec Cs|jrp|jtjkrp|jdrpzt|jd|jddWStyn}ztdt |WYd}~n d}~00zt WSty}ztdt |WYd}~n d}~00iS)z:Generate network configuration according to configuration.rnetworkr)rz?Failed generating network config from IMDS network metadata: %sNz-Failed generating fallback network config: %s) rr rrr6generate_network_config_from_instance_network_metadatarrprr-_generate_network_config_from_fallback_config)rrr1r1r2_generate_network_configs.  &z(DataSourceAzure._generate_network_configcCs(|jr|jtjkr|jS||_|jS)z,Provide network configuration v2 dictionary.)rr rrcrr1r1r2network_config!s zDataSourceAzure.network_configcCs|jdididS)Nrr0locationr^rr1r1r2region+szDataSourceAzure.regioncst}z|d}dd|dDWn,tyPtd|dtjdYdS0fdd|D}|sld Std ||ftjd|jr|jjsdSt |jj}|rt |t sdSt |}||vrtd ||ftjddS) z=Validate IMDS network config and report telemetry for errors.r`cSsg|]}t|dqS) macAddressrgrmr1r1r2rj6szBDataSourceAzure.validate_imds_network_metadata..rz6IMDS network metadata has incomplete configuration: %rroFcsg|]}|vr|qSr1r1)rhmZ imds_macsr1r2rjBrTz>IMDS network metadata is missing configuration for NICs %r: %rz3IMDS network metadata is missing primary NIC %r: %r) rlr-r)rrprrrrr Zget_interface_macrrrd)rrZ local_macsrdZ missing_macsZ primary_macr1rir2r/sJ  z.DataSourceAzure.validate_imds_network_metadata)r1)N)rr>)F)Nr7r8r9ZdsnamerZNETWORKrZBOOT_NEW_INSTANCEBOOTZdefault_update_eventsrr rrZ_ci_pkl_versionrintrrrr#rrrr rrrrrrrrrr r)r*r+r r/dictr,r.r7r8rr=floatrBrFrIrKsocketrLrrrrbytesrOrr"rrrr5rrrr r]propertyr_rcrdrfr __classcell__r1r1rr2r8s   6 Z-  H    & 8  $  A  "        rcCs,z|dddWSty&YdS0dS)Nr0 osProfileZ adminUsernamer-Z imds_datar1r1r2r`s rcCs(z|ddWSty"YdS0dS)Nr0ZuserDatarsrtr1r1r2rgs rcCs,z|dddWSty&YdS0dS)Nr0rrZ computerNamersrtr1r1r2rns rcCs0z|ddddkWSty*YdS0dS)Nr0rrZdisablePasswordAuthenticationtruersrtr1r1r2rus rcCsFd|vrdSt}z||}Wnty:YdS0|jduS)z? Validate whether or not the key is OpenSSH-formatted. z FN)r9rZAuthKeyLineParserparse TypeErrorZkeytype)rparserZaklr1r1r2r1s  r1cCs`dD]V}g}td|D]6}||t|}tj|r||tj|fq|r|SqgS)N)z-partprzrD)r@rrrrrJrealpath)r(ZmaxnumZsufffoundZpnumZppathr1r1r2_partitions_on_devices  r|cCs*tjddd}td|tj||vS)Nz TYPE=ntfsT)Zno_cachezntfs_devices found = %s)rfind_devs_withrprqrrrz)r(Z ntfs_devicesr1r1r2_has_ntfs_filesystems r~c Cs"|rddttf}d|fStj|s6dd|fStd|tj|t |}t |dkrldd|fSt |dkrd |d d d |Df}d|fSt |dkr|d \}}n |d\}}t |sd|||f}d|fSt dd}d|||f}t jddtd}ztj||dddidd} Wntjy} zhd|_dt| vrxd|dfWYd} ~ WdSd|d|| ffWYd} ~ WdSd} ~ 00| dkrd| |_tddttd|d | fWdSWdn1s 0Yd|d!fS)"aDetermine if the ephemeral drive at devpath should be reformatted. A fresh ephemeral disk is formatted by Azure and will: a.) have a partition table (dos or gpt) b.) have 1 partition that is ntfs formatted, or have 2 partitions with the second partition ntfs formatted. (larger instances with >2TB ephemeral disk have gpt, and will have a microsoft reserved partition as part 1. LP: #1686514) c.) the ntfs partition will have no files other than possibly 'dataloss_warning_readme.txt' User can indicate that NTFS should never be destroyed by setting DS_CFG_KEY_PRESERVE_NTFS in dscfg. If data is found on NTFS, user is warned to set DS_CFG_KEY_PRESERVE_NTFS to make sure cloud-init does not accidentally wipe their data. If cloud-init cannot mount the disk to check for data, destruction will be allowed, unless the dscfg key is set.z:config says to never destroy NTFS (%s.%s), skipping checksrEFzdevice %s does not existzResolving realpath of %s -> %srzdevice %s was not partitionedrAz&device %s had 3 or more partitions: %srtcSsg|] }|dqS)rDr1)rhryr1r1r2rjrz*can_dev_be_reformatted..rDz5partition %s (%s) on device %s was not ntfs formattedcs(tddgtfddt|DS)Nzdataloss_warning_readme.txtzsystem volume informationcsg|]}|vr|qSr1)rb)rhfZignoredr1r2rjrz?can_dev_be_reformatted..count_files..)setrJrlistdir)Zmpr1rr2 count_filessz+can_dev_be_reformatted..count_filesz1partition %s (%s) on device %s was ntfs formattedzmount-ntfs-and-countrZntfsLANGC)rZupdate_env_for_mountZ log_errorzcannot mount ntfszunknown filesystem type 'ntfs'Tz^ but this system cannot mount NTFS, assuming there are no important files. Formatting allowed.Nz but mount of %s failed: %szmounted and counted %d fileszxit looks like you're using NTFS on the ephemeral disk, to ensure that filesystem does not get wiped, set %s.%s in configz but had %d files on it.z3 and had no important files. Safe for reformatting.)rarr[rrrrprqrzr|rJr~r#rrr"rrrrrrr) r(rYrZ partitionsZ cand_partZ cand_pathrbmsgZevtZ file_countrr1r1r2can_dev_be_reformatteds         8  >rF)r\r(rXrYc Cstj|s"td|tjddStd|tjdd}d}|rJd\}}nt||\}}td|||sndSdD]}tj|dd |}d ||f}tj|rzt|td |Wn2t y} zt d || WYd} ~ n d} ~ 00qrtd |qrdS)Nz,Ephemeral resource disk '%s' does not exist.roz$Ephemeral resource disk '%s' exists.F)TzFirst instance boot.zreformattable=%s: %s)rZmountsZsemZconfig_zMarker "%s" for module "%s"z %s removed.z%s: remove failed! (%s)z%s did not exist.) rrrr)rprqrraunlinkrrr) r\r(rXrYresultrmodZsempathrrr1r1r2rZs:     &rZcCsjdd}|sdS|si}t|||D]8\}}tj||}d|vrT|||}tj||ddq,dS)NcSsfz>t|}|D]}d|jvr|jtkrt|_qt|WSty`t d||YS0dS)z>Azure provides the UserPassword in plain text. So we redact itZ UserPasswordz#failed to redact userpassword in %sN) ETZ fromstringitertagtextDEF_PASSWD_REDACTIONZtostringrrpZcritical)Zcntfnamerelemr1r1r2_redact_password@s     z%write_files.._redact_passwordri)filenamecontentmode)rZ ensure_dirrSrrrarD)Zdatadirrr!rrrrr1r1r2r'>s  r'cCst|}i}i}|jpd}|jr,|j|d<|jr<|j|d<|jdurT|j |d<n|jrbd|d<i}|jrv|j|d<|jrd|d <t|jkrt |j|d <|rd |i|d <|j |d <t d|j t j d|j|d<t d|jt j d|j|d<t d|jt j d|||fS)zParse OVF XML contents. :return: Tuple of metadata, configuration, userdata dicts. :raises NonAzureDataSource: if XML is not in Azure's format. :raises errors.ReportableError: if XML is unparsable or invalid. rzrrVNZ ssh_pwauthTrFZ lock_passwdZ hashed_passwdrrrSzPreprovisionedVm: %srorRzPreprovisionedVMType: %srzProvisionGuestProxyAgent: %s)r!Z parse_textZ custom_datarZ public_keysZdisable_ssh_password_authpasswordrr encrypt_passZpreprovisioned_vmr)rprAZpreprovisioned_vm_typeZprovision_guest_proxy_agent)rZovf_envr rrUZdefuserr1r1r2rT[sJ           rTcCst|Sr5)r.)rr1r1r2rsrcCs^z:t|}|dWdWdS1s.0YWntyXtd|Yn0dS)z;Return boolean indicating path to cdrom device has content.iNTzcdrom (%s) is not configuredF)openreadIOErrorrprq) cdrom_devfpr1r1r2_check_freebsd_cdroms  & rcCs(|dur dStj|dd}t|S)zIReturn content random seed file if available, otherwise, return None.NT)quiet)rZload_binary_filerZ b64encodedecode)sourcerr1r1r2rs rccsT|VtVtr(d}t|rF|VndD]}td|EdHq,|rP|VdS)Nz/dev/cd0)Ziso9660rzTYPE=%s)DEFAULT_PROVISIONING_ISO_DEVrrrr})rZ cache_dirrZfstyper1r1r2rsrc Cstj|d}tj|s"tdtdBt|d}|}Wdn1sV0YWdn1st0Yt |\}}}|||d|ifS)NrzNo ovf-env file foundzReading ovf-env.xmlrb) rrrarNr r ZTimedrrrT)Z source_dirZovf_filerrr rUrr1r1r2rs Dr)network_metadatarrVc Csdid}t|dD]j\}}d}dj|d}d|dd i}|d krPd|d <d |dd }dD]} || idg} | std| |q`d }| dkrd} nd} | rd |d<||d<|sq`| ddD]N} || dd d| } | d}|dsg|d<|ddj|| dqq`|rr|rrt|d}|d|i|dt |}|rd||d d!<||d"|<qtd#|||q|S)$zConvert imds network metadata dictionary to network v2 configuration. :param: network_metadata: Dict of "network" key from instance metadata. :return: Dictionary containing network version 2 standard configuration. rA)version ethernetsrFzeth{idx})idxz route-metricrDrrzuse-dnsT)Zdhcp4zdhcp4-overridesdhcp6)ipv4Zipv6Z ipAddresszNo %s addresses found for: %rrZ24Z128rzdhcp6-overridesNZsubnetprefixZprivateIpAddress addressesz {ip}/{prefix})iprrgZ macaddress)matchzset-namerrrzs       <    +        2    m+  7   P  &