Allow per-deployment configuration of user id

Previously user ids of new instances were limited to ec2-user. This patch adds a new configuration option to be placed in /etc/heat/heat-engine.conf called "default_instance_user" which allows the default of ec2-user to be overriden. Note for reviewers that runcmd does not work properly. It was actually running after the loguserdata.py script finished execution. Fixes: Bug #1101347 Change-Id: Ica2dbe63d9dcbce8bb8de298eba452c34ab173d9
2013-03-12 21:50:58 -07:00 · 2013-03-12 21:50:58 -07:00 · ac8b8f9c42
commit ac8b8f9c42
parent 5862514aef
5 changed files with 18 additions and 6 deletions
--- a/MANIFEST.in
+++ b/MANIFEST.in
@ -9,6 +9,7 @@ include babel.cfg install.sh run_tests.sh tox.ini uninstall.sh
 graft templates
 include heat/versioninfo
 include heat/cloudinit/config
+include heat/cloudinit/boothook.sh
 include heat/cloudinit/loguserdata.py
 include heat/cloudinit/part-handler.py
 include heat/db/sqlalchemy/migrate_repo/migrate.cfg
--- a/heat/cloudinit/boothook.sh
+++ b/heat/cloudinit/boothook.sh
@ -0,0 +1,7 @@
+#!/bin/bash
+setenforce 0
+useradd -m @INSTANCE_USER@
+echo -e '@INSTANCE_USER@\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
+
+# Do not remove - the cloud boothook should always return success
+exit 0
--- a/heat/cloudinit/config
+++ b/heat/cloudinit/config
@ -1,7 +1,4 @@
-runcmd:
- - setenforce 0 > /dev/null 2>&1 || true
-
-user: ec2-user
+user: @INSTANCE_USER@

 cloud_config_modules:
 - locale
@ -9,7 +6,6 @@ cloud_config_modules:
 - timezone
 - update_etc_hosts
 - update_hostname
- - runcmd

 # Capture all subprocess output into a logfile
 # Useful for troubleshooting cloud-init issues
--- a/heat/common/config.py
+++ b/heat/common/config.py
@ -95,6 +95,9 @@ db_opts = [
               help='timeout before idle sql connections are reaped')]

 engine_opts = [
+    cfg.StrOpt('instance_user',
+               default='ec2-user',
+               help='The default user for new instances'),
    cfg.StrOpt('instance_driver',
               default='heat.engine.nova',
               help='Driver to use for controlling instances'),
--- a/heat/engine/resources/instance.py
+++ b/heat/engine/resources/instance.py
@ -171,9 +171,14 @@ class Instance(resource.Resource):
                return msg

            def read_cloudinit_file(fn):
-                return pkgutil.get_data('heat', 'cloudinit/%s' % fn)
+                data = pkgutil.get_data('heat', 'cloudinit/%s' % fn)
+                data = data.replace('@INSTANCE_USER@',
+                                    cfg.CONF.instance_user)
+                return data

            attachments = [(read_cloudinit_file('config'), 'cloud-config'),
+                           (read_cloudinit_file('boothook.sh'), 'boothook.sh',
+                            'cloud-boothook'),
                           (read_cloudinit_file('part-handler.py'),
                            'part-handler.py'),
                           (userdata, 'cfn-userdata', 'x-cfninitdata'),