Hi, On Thu, Jun 22, 2017 at 03:03:25PM +0100, Stuart Henderson wrote: > On 2017/06/22 13:52, Reyk Floeter wrote: > > Hi, > > > > we need an "agent" to run VMs in Azure; this is a port of WALinuxAgent. > > > > Unlike other clouds, it is not enough to run a simple "cloud-init" > > script to provision VMs. The latest version 2.2.13 of WALinuxAgent > > already supports OpenBSD, they merged my patch, and it would be > > desirable to have it as a package/port in OpenBSD. > > > > pkg/DESCR: > > The Microsoft Azure Linux Agent (waagent) manages Linux & BSD > > provisioning, and VM interaction with the Azure Fabric Controller. > > > > Full description: > > The Microsoft Azure Linux Agent (waagent) manages Linux & BSD > > provisioning, and VM interaction with the Azure Fabric Controller. It > > provides the following functionality for Linux and BSD IaaS > > deployments: > > > > * Image Provisioning > > - Creation of a user account > > - Configuring SSH authentication types > > - Deployment of SSH public keys and key pairs > > - Setting the host name > > - Publishing the host name to the platform DNS > > - Reporting SSH host key fingerprint to the platform > > - Resource Disk Management > > - Formatting and mounting the resource disk > > - Configuring swap space > > > > [...skipped Linux-specific features...] > > > > It includes local patches to _disable_ "extensions" by default > > (see also https://github.com/Azure/WALinuxAgent/pull/782): > > > > * VM Extension > > - Inject component authored by Microsoft and Partners into Linux VM > > (IaaS) > > to enable software and configuration automation > > - VM Extension reference implementation on > > https://github.com/Azure/azure-linux-extensions > > > > > > Notes: > > > > * DISCLAIMER: I haven't done a port for years and I seriously lack ports > > knowsledge with my total 9 ports commits since 2004. > > * With some port help from jsg@, especially for the GH_* part. > > * I try to find time to create another, minimal agent without Python... > > I've already done this for a different platform. > > > > Reyk > > I agree it seems useful to have in packages. > > /etc paths coming from ports/packages are meant to be subst'ed > with ${SYSCONFDIR} as technically it is allowed to override this > during build. For this it would affect the path to waagent.conf > but not things like /etc/ssh, /etc/master.passwd, /etc/doas.conf > which are from base. > > I think it should be enough to add this to __init in OPENBSDOSUtil .. > > self.agent_conf_file_path = '${SYSCONFDIR}/waagent.conf' > > .. and do something like > > pre-configure: > ${SUBST_CMD} ${WRKSRC/azurelinuxagent/common/osutil/openbsd.py > > .. and use ${SYSCONFDIR} instead of hardcoded /etc in the @sample line > in PLIST. >
Done, your example works just fine. > Please also add a comment near the OpenSSL RUN_DEPENDS to say > way (IIUC it's because LibreSSL has removed CMS support). > That is exactly the case, I added the comment. The agent uses "openssl cms" to decrypt messages containing the certificates (ssh public keys) from the "wire" server in the Azure fabric - there is no way to avoid it with the current protocol. We actually ported "cms" as a stand-alone binary that links with LibreSSL, but this is a big ugly hack (as it needs to include many internal structures from libcrypto) - hard to tell what is worse: installing openssl or using the cms-libressl hack for a single purpose ;) > By convention the first commit of a new port (or an updated port) > is done without a REVISION marker, it doesn't really matter though. > OK, I removed the REVISION marker. I attached an updated tarball. Thanks for the feedback! Reyk
port-waagent-2.2.13-2.tar.gz
Description: application/tar-gz