diff options
author | Steven Hardy <shardy@redhat.com> | 2015-04-02 09:52:18 -0400 |
---|---|---|
committer | Steven Hardy <shardy@redhat.com> | 2015-04-24 10:18:31 +0100 |
commit | 723db1317cd62a8772c764847c80a339eae4c03f (patch) | |
tree | dc1161fb6db10d4317702366c9c903d5cd5c14c0 /firstboot | |
parent | 1781c64bfc9cc929355b28344d0e34b2347e6ffe (diff) |
Enable passing optional first-boot user-data
Currently all the OS::Nova::Server resource created don't pass any
user-data. It's possible to pass user-data as well as using heat
SoftwareConfig/SoftwareDeployment resources, and this can be useful
when you have simple "first boot" tasks which are possible either via
cloud-init, or via simple run-once scripts.
This enables passing such data by implementing a new provider resource
OS::TripleO::NodeUserData, which defaults to passing an empty mime
archive (thus it's a no-op). An example of non no-op usage is also
provided.
Change-Id: Id0caba69768630e3a10439ba1fc2547a609c0cfe
Diffstat (limited to 'firstboot')
-rw-r--r-- | firstboot/userdata_default.yaml | 20 | ||||
-rw-r--r-- | firstboot/userdata_example.yaml | 60 |
2 files changed, 80 insertions, 0 deletions
diff --git a/firstboot/userdata_default.yaml b/firstboot/userdata_default.yaml new file mode 100644 index 00000000..140d2bf8 --- /dev/null +++ b/firstboot/userdata_default.yaml @@ -0,0 +1,20 @@ +heat_template_version: 2014-10-16 + +description: > + This is a default no-op template which provides empty user-data + which can be passed to the OS::Nova::Server resources. + This template can be replaced with a different implementation via + the resource registry, such that deployers may customize their + first-boot configuration. + +resources: + userdata: + type: OS::Heat::MultipartMime + +outputs: + # This means get_resource from the parent template will get the userdata, see: + # http://docs.openstack.org/developer/heat/template_guide/composition.html#making-your-template-resource-more-transparent + # Note this is new-for-kilo, an alternative is returning a value then using + # get_attr in the parent template instead. + OS::stack_id: + value: {get_resource: userdata} diff --git a/firstboot/userdata_example.yaml b/firstboot/userdata_example.yaml new file mode 100644 index 00000000..a0d8c7ac --- /dev/null +++ b/firstboot/userdata_example.yaml @@ -0,0 +1,60 @@ +heat_template_version: 2014-10-16 + +# NOTE: You don't need to pass the parameter explicitly from the +# parent template, it can be specified via the parameter_defaults +# in the resource_registry instead, if you want to override the default +# and/or share values with other templates in the tree. +parameters: + extra_username: + type: string + default: extrauser + +description: > + This is an example showing how you can do firstboot configuration + of the nodes via cloud-init. To enable this, replace the default + mapping of OS::TripleO::NodeUserData in ../overcloud_resource_registry* + +resources: + userdata: + type: OS::Heat::MultipartMime + properties: + parts: + - config: {get_resource: user_config} + - config: {get_resource: ssh_config} + + # Get cloud-init to create an extra user, in addition to the default for the + # distro. Note there are various options, including configuring ssh keys, + # but atm I can only see how to specify the keys explicitly, not via metadata + user_config: + type: OS::Heat::CloudConfig + properties: + cloud_config: + users: + - default + - name: {get_param: extra_username} + + # Setup ssh key for the extra user to match the key installed for the default + # user, e.g that provided via the nova keypair on instance boot + ssh_config: + type: OS::Heat::SoftwareConfig + properties: + config: + str_replace: + template: | + #!/bin/bash + curl http://169.254.169.254/openstack/2012-08-10/meta_data.json -o /root/meta_data.json + mkdir -p /home/$user/.ssh + chmod 700 /home/$user/.ssh + cat /root/meta_data.json | jq -r ".keys[0].data" > /home/$user/.ssh/authorized_keys + chmod 600 /home/$user/.ssh/authorized_keys + chown -R $user:$user /home/$user/.ssh + params: + $user: {get_param: extra_username} + +outputs: + # This means get_resource from the parent template will get the userdata, see: + # http://docs.openstack.org/developer/heat/template_guide/composition.html#making-your-template-resource-more-transparent + # Note this is new-for-kilo, an alternative is returning a value then using + # get_attr in the parent template instead. + OS::stack_id: + value: {get_resource: userdata} |