Module Name: src
Committed By: rhialto
Date: Thu Jul 15 19:03:17 UTC 2021
Modified Files:
src/distrib/utils/embedded/files: ec2_init
Log Message:
Add some OpenStack support.
I found that in the cloud I tried, by the time this script runs, there
is no default route in effect yet. That takes some 5 to 10 seconds
longer. So I added a retry loop, and to make that easier, changed the
order of queries. To make sure it doesn't wait ~forever for a
non-existent service I added the -q 1 option to ftp invocations.
I also added OpenStack-specific metadata which contains a different
random_seed of 512 bytes every time it is requested. See
https://github.com/openstack/nova/blob/master/nova/api/metadata/base.py#L355
It may not be trusted data but only in the strictest sense of the word.
The data can only be observed by people with access to the cloud's
overlay network for the particular VM.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/distrib/utils/embedded/files/ec2_init
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/utils/embedded/files/ec2_init
diff -u src/distrib/utils/embedded/files/ec2_init:1.2 src/distrib/utils/embedded/files/ec2_init:1.3
--- src/distrib/utils/embedded/files/ec2_init:1.2 Thu Jul 1 18:05:45 2021
+++ src/distrib/utils/embedded/files/ec2_init Thu Jul 15 19:03:17 2021
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: ec2_init,v 1.2 2021/07/01 18:05:45 jmcneill Exp $
+# $NetBSD: ec2_init,v 1.3 2021/07/15 19:03:17 rhialto Exp $
#
# PROVIDE: ec2_init
# REQUIRE: NETWORKING
@@ -20,6 +20,8 @@ HOSTNAME_URL="hostname"
SSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys"
+OS_METADATA_URL="http://169.254.169.254/openstack/latest/meta_data.json";
+
ec2_newuser()
{
echo "Creating EC2 user account ${EC2_USER}"
@@ -31,11 +33,27 @@ ec2_init()
(
umask 022
+ # set hostname; it may be 5-10 seconds for the metadata service
+ # to become reachable.
+ try=0
+ while [ $((try++)) -lt 20 ]
+ do
+ HOSTNAME=$(ftp -o - -q 1 "${METADATA_URL}${HOSTNAME_URL}")
+ if [ -n "$HOSTNAME" ]; then
+ echo "Setting EC2 hostname: ${HOSTNAME}"
+ echo "$HOSTNAME" > /etc/myname
+ hostname "$HOSTNAME"
+ break
+ fi
+ echo "EC2 hostname not available yet (try $try)"
+ sleep 1
+ done
+
# create EC2 user
id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser
- # fetch the key pair from Amazon Web Services
- EC2_SSH_KEY=$(ftp -o - "${METADATA_URL}${SSH_KEY_URL}")
+ # fetch the public key from Amazon Web Services
+ EC2_SSH_KEY=$(ftp -o - -q 1 "${METADATA_URL}${SSH_KEY_URL}")
if [ -n "$EC2_SSH_KEY" ]; then
# A key pair is associated with this instance, add it
@@ -48,16 +66,16 @@ ec2_init()
grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE"
if [ $? -ne 0 ]; then
- echo "Setting EC2 SSH key pair: ${EC2_SSH_KEY##* }"
+ echo "Setting EC2 SSH public key for user ${EC2_USER}: ${EC2_SSH_KEY##* }"
echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE"
fi
fi
- # set hostname
- HOSTNAME=$(ftp -o - "${METADATA_URL}${HOSTNAME_URL}")
- echo "Setting EC2 hostname: ${HOSTNAME}"
- echo "$HOSTNAME" > /etc/myname
- hostname "$HOSTNAME"
+ # May contain a "random_seed". Everything else doesn't matter.
+ OS_METADATA="$(ftp -o - -q 1 ${OS_METADATA_URL})"
+ if echo "$OS_METADATA" | grep -q random_seed; then
+ echo "$OS_METADATA" >> /dev/urandom
+ fi
)
}
