a 'Dg:@sldZddlZddlZddlZddlZddlmZmZmZm Z m Z ddl m Z m Z mZmZddlmZeeZdZGdddZejejfZGd d d e jZe ed d d ZddZd!ed ddZ e e ee efd ddZ!e eeefd ddZ"eeeefdddZ#ee j$ffgZ%ddZ&edkrhddl'Z'e'j(dd Z)e)*Z+e"Z,e-e .e,dS)"a-Datasource for IBMCloud. IBMCloud is also know as SoftLayer or BlueMix. IBMCloud hypervisor is xen (2018-03-10). There are 2 different api exposed launch methods. * template: This is the legacy method of launching instances. When booting from an image template, the system boots first into a "provisioning" mode. There, host <-> guest mechanisms are utilized to execute code in the guest and configure it. The configuration includes configuring the system network and possibly installing packages and other software stack. After the provisioning is finished, the system reboots. * os_code: Essentially "launch by OS Code" (Operating System Code). This is a more modern approach. There is no specific "provisioning" boot. Instead, cloud-init does all the customization. With or without user-data provided, an OpenStack ConfigDrive like disk is attached. Only disks with label 'config-2' and UUID '9796-932E' are considered. This is to avoid this datasource claiming ConfigDrive. This does mean that 1 in 8^16 (~4 billion) Xen ConfigDrive systems will be incorrectly identified as IBMCloud. The combination of these 2 launch methods and with or without user-data creates 6 boot scenarios. A. os_code with user-data B. os_code without user-data Cloud-init is fully operational in this mode. There is a block device attached with label 'config-2'. As it differs from OpenStack's config-2, we have to differentiate. We do so by requiring the UUID on the filesystem to be "9796-932E". This disk will have the following files. Specifically note, there is no versioned path to the meta-data, only 'latest': openstack/latest/meta_data.json openstack/latest/network_data.json openstack/latest/user_data [optional] openstack/latest/vendor_data.json vendor_data.json as of 2018-04 looks like this: {"cloud-init":"#!/bin/bash\necho 'root:$6$' | chpasswd -e"} The only difference between A and B in this mode is the presence of user_data on the config disk. C. template, provisioning boot with user-data D. template, provisioning boot without user-data. With ds-identify cloud-init is fully disabled in this mode. Without ds-identify, cloud-init None datasource will be used. This is currently identified by the presence of /root/provisioningConfiguration.cfg . That file is placed into the system before it is booted. The difference between C and D is the presence of the METADATA disk as described in E below. There is no METADATA disk attached unless user-data is provided. E. template, post-provisioning boot with user-data. Cloud-init is fully operational in this mode. This is identified by a block device with filesystem label "METADATA". The looks similar to a version-1 OpenStack config drive. It will have the following files: openstack/latest/user_data openstack/latest/meta_data.json openstack/content/interfaces meta.js meta.js contains something similar to user_data. cloud-init ignores it. cloud-init ignores the 'interfaces' style file here. In this mode, cloud-init has networking code disabled. It relies on the provisioning boot to have configured networking. F. template, post-provisioning boot without user-data. With ds-identify, cloud-init will be fully disabled. Without ds-identify, cloud-init None datasource will be used. There is no information available to identify this scenario. The user will be able to SSH in as as root with their public keys that have been installed into /root/ssh/.authorized_keys during the provisioning stage. TODO: * is uuid (/sys/hypervisor/uuid) stable for life of an instance? it seems it is not the same as data's uuid in the os_code case but is in the template case. N)AnyCallableDictOptionalTuple) atomic_helpersourcessubputil) openstackz 9796-932Ec@seZdZdZdZdZdZdS) PlatformszTemplate/Live/MetadatazTemplate/Provisioning/Metadataz!Template/Provisioning/No-Metadataz OS-Code/LiveN)__name__ __module__ __qualname__TEMPLATE_LIVE_METADATATEMPLATE_PROVISIONING_METADATATEMPLATE_PROVISIONING_NODATAOS_CODErrH/usr/lib/python3.9/site-packages/cloudinit/sources/DataSourceIBMCloud.pyr msr csTeZdZdZdZfddZfddZddZd d Zd d Z e d dZ Z S)DataSourceIBMCloudZIBMCloudNcs0tt||||d|_d|_d|_d|_dSN)superr__init__source_network_config network_jsonplatform)selfsys_cfgZdistropaths __class__rrrs zDataSourceIBMCloud.__init__cs$tt|}d||j|jf}|S)Nz %s [%s %s])rr__str__rr)rrootZmstrr!rrr#szDataSourceIBMCloud.__str__c Cst}|durdS|d|_|d|_|d|_|d|_|d|_|d}|d|_zt ||_ Wn6t y}zt d |d|_ WYd}~n d}~00d S) NFrrmetadatauserdata networkdata vendordata system-uuidz"Invalid content in vendor-data: %sT)read_mdrrr%getZ userdata_rawr system_uuidrZconvert_vendordataZvendordata_raw ValueErrorLOGwarning)rresultsZvderrr _get_datas         zDataSourceIBMCloud._get_datacCsd|j|jfS)z/Return the subplatform metadata source details.z%s (%s))rrrrrr_get_subplatformsz#DataSourceIBMCloud._get_subplatformcCs|jdurdS|jtkS)aquickly (local check only) if self.instance_id is still valid in Template mode, the system uuid (/sys/hypervisor/uuid) is the same as found in the METADATA disk. But that is not true in OS_CODE mode. So we read the system_uuid and keep that for later compare.NF)r,_read_system_uuid)rrrrrcheck_instance_ids z$DataSourceIBMCloud.check_instance_idcCs^|jtjkrdddS|jdurX|jtjdfvrNtdt j |jdd|_n td|jS)NZdisabled)Zconfigversionz(network config provided via network_json)Z known_macsz#no network configuration available.) rr rrrrZUNSETr.debugr Zconvert_net_jsonr3rrrnetwork_configs      z!DataSourceIBMCloud.network_config) r rrZdsnamer,rr#r2r4r6propertyr: __classcell__rrr!rrzs   r)returncCs&d}tj|sdSt|S)zW Read the system uuid. :return: the system uuid or None if not available. z/sys/hypervisor/uuidN)ospathisfiler Zload_text_filestriplower)Z uuid_pathrrrr5s r5cCs tjdS)z Return boolean indicating if this is a xen hypervisor. :return: True if this is a xen hypervisor, False otherwise. z /proc/xen)r>r?existsrrrr_is_xensrD#/root/provisioningConfiguration.cfg/root/swinstall.log/proc/1/environcCstj|rd|}d}tj|rxtj|rbt|jt|jk}|d||rVdndf7}q|d||f7}d}q|d|7}ndd |}}td |||S) z@Return boolean indicating if this boot is ibm provisioning boot.zconfig '%s' exists.Tz log '%s' from %s boot.currentZpreviousz. log '%s' existed, but no reference file '%s'.Fz log '%s' did not exist.zconfig '%s' did not exist.zibm_provisioning=%s: %s)r>r?rCstatst_mtimer.r9)Zprov_cfgZinst_logZboot_refmsgresultrrr_is_ibm_provisionings(    rMc Cs\d}d}d}ts|Si}z t}Wn4tjyZ}ztd|WYd}~dSd}~00t|D]}||}| dd }| dd } |||fvrqh||vrtd ||||qh||kr| t krt d ||| |qh|||<qh| |i d } | |i d } | r"t j| fS| rFtr:t j| fSt j| fSntrXt jdfS|S) zReturn a tuple (Platform, path) If this is Not IBM cloud, then the return value is (None, None). An instance in provisioning mode is considered running on IBM cloud.ZMETADATAzCONFIG-2)NNzFailed to run blkid: %sNZLABELZUUIDz.Duplicate fslabel '%s'. existing=%s current=%sz/Skipping %s with LABEL=%s due to uuid != %s: %sZDEVNAME)rDr Zblkidr ZProcessExecutionErrorr.r/sortedkeysr+upperIBM_CONFIG_UUIDr9r rrMrrr) Z label_mdataZ label_cfg2Z not_foundZfslabelsZdevsr1devdataZlabeluuidZ metadata_pathZ cfg2_pathrrrget_ibm_platforms\        rVc Cst\}}|dur tddS|tvs0|dur@td|dS||td}z&tj|rft|}n t |t}Wn:t j y}z t d|||f|WYd}~n d}~00|||S)a Read data from IBM Cloud. :return: None if not running on IBM Cloud. dictionary with guaranteed fields: metadata, version and optional fields: userdata, vendordata, networkdata. Also includes the system uuid from /sys/hypervisor/uuid.Nz!This is not an IBMCloud platform.z/Cloud-init is disabled during provisioning: %s.)rrr)z8Failed reading IBM config disk (platform=%s path=%s): %s)rVr.r9 PROVISIONINGr5r>r?isdirmetadata_from_dirr Zmount_cbrBrokenMetadata RuntimeErrorupdate)rr?retr0r1rrrr*/s2      r*) source_dirr=c Csjttddd}ttttfddd}tttgtftddd }d |d |fd |d ddfd|d|fd|d|fg}i}|D]&\}}}tj||} || |||<q|d durt |di|d<|d } |d} d| vrr?join)r_rrropathbsz metadata_from_dir..opath)blobr=cSst|dS)z Load JSON from a byte string. This technically could return a list or a str, but we are only assuming a dict here. :param blob: The byte string to load JSON from. :return: The loaded JSON object. zutf-8)jsonloadsdecode)rbrrrload_json_byteses z*metadata_from_dir..load_json_bytes)r? translatorr=c Sszt|}||WStyH}ztd||WYd}~dSd}~0ty}z"td|d|WYd}~n d}~00dS)NzFailed reading path '%s': %szFailed decoding z: )r Zload_binary_fileIOErrorr.r9 ExceptionrrZ)r?rgrawr1rrr load_fileqs  z$metadata_from_dir..load_fileZ metadata_rawzmeta_data.jsonr&Z user_datacSs|Srr)xrrr~z#metadata_from_dir..r(zvendor_data.jsonr'znetwork_data.jsonNz' missing required file 'meta_data.json'r%Z random_seedz,Badly formatted metadata random_seed entry: ))Z public_keysz public-keys)hostnamezlocal-hostname)rUz instance-id)strbytesrrrr>r?r`rrZbase64Z b64decoder- TypeError)r^rarfrkfilesr0namer?ZtranslZfpathZmd_rawZmdr1renamesZold_keyZnew_keyrrrrYSs>        rYcCs t|tSr)rZlist_from_depends datasources)Zdependsrrrget_datasource_listsrx__main__zQuery IBM Cloud Metadata) description)rErFrG)/__doc__rrrcZloggingr>typingrrrrrZ cloudinitrrr r Zcloudinit.sources.helpersr Z getLoggerr r.rRr rrrWZ DataSourcerrpr5rDboolrMrVr*rYZDEP_FILESYSTEMrwrxargparseArgumentParserparser parse_argsargsrTprintZ json_dumpsrrrrsD]  D   <$W