Remove instance_user and admin_user options
The instance_user configuration option and admin_user OS::Nova::Server property have been deprecated in Icehouse. The AWS::EC2::Instance will always create the "ec2-user" from now on, while OS::Nova::Server will default to the default admin user set up by cloud-init for each particular distribution ("ubuntu" for Ubuntu 12.04 and higher, "fedora" for Fedora 19+ and "cloud-user" for CentOS/RHEL 6.5). The same behaviour is available in Icehouse when both instance_user and admin_user are empty. Change-Id: I9d01c5e7de630df5058429353fa17b3536ee8807 Related-bug: #1257410
This commit is contained in:
parent
559303c7f7
commit
e423bec7f1
@ -88,13 +88,6 @@ service_opts = [
|
||||
help=_('Number of heat-engine processes to fork and run.'))]
|
||||
|
||||
engine_opts = [
|
||||
cfg.StrOpt('instance_user',
|
||||
default='',
|
||||
help=_("The default user for new instances. This option "
|
||||
"is deprecated and will be removed in the Juno release. "
|
||||
"If it's empty, Heat will use the default user set up "
|
||||
"with your cloud image (for OS::Nova::Server) or "
|
||||
"'ec2-user' (for AWS::EC2::Instance).")),
|
||||
cfg.ListOpt('plugin_dirs',
|
||||
default=['/usr/lib64/heat', '/usr/lib/heat',
|
||||
'/usr/local/lib/heat', '/usr/local/lib64/heat'],
|
||||
|
@ -28,7 +28,6 @@ from heat.engine import properties
|
||||
from heat.engine import resource
|
||||
from heat.engine import scheduler
|
||||
|
||||
cfg.CONF.import_opt('instance_user', 'heat.common.config')
|
||||
cfg.CONF.import_opt('stack_scheduler_hints', 'heat.common.config')
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
@ -549,14 +548,6 @@ class Instance(resource.Resource):
|
||||
|
||||
server = None
|
||||
|
||||
# FIXME(shadower): the instance_user config option is deprecated. Once
|
||||
# it's gone, we should always use ec2-user for compatibility with
|
||||
# CloudFormation.
|
||||
if cfg.CONF.instance_user:
|
||||
instance_user = cfg.CONF.instance_user
|
||||
else:
|
||||
instance_user = 'ec2-user'
|
||||
|
||||
try:
|
||||
server = self.client().servers.create(
|
||||
name=self.physical_resource_name(),
|
||||
@ -565,7 +556,7 @@ class Instance(resource.Resource):
|
||||
key_name=self.properties[self.KEY_NAME],
|
||||
security_groups=security_groups,
|
||||
userdata=self.client_plugin().build_userdata(
|
||||
self.metadata_get(), userdata, instance_user),
|
||||
self.metadata_get(), userdata, 'ec2-user'),
|
||||
meta=self._get_nova_metadata(self.properties),
|
||||
scheduler_hints=scheduler_hints,
|
||||
nics=nics,
|
||||
|
@ -36,7 +36,6 @@ from heat.engine import scheduler
|
||||
from heat.engine import support
|
||||
from heat.rpc import api as rpc_api
|
||||
|
||||
cfg.CONF.import_opt('instance_user', 'heat.common.config')
|
||||
cfg.CONF.import_opt('default_software_config_transport', 'heat.common.config')
|
||||
cfg.CONF.import_opt('stack_scheduler_hints', 'heat.common.config')
|
||||
|
||||
@ -688,17 +687,10 @@ class Server(stack_user.StackUser):
|
||||
self._create_transport_credentials()
|
||||
self._populate_deployments_metadata(metadata)
|
||||
|
||||
if self.properties[self.ADMIN_USER]:
|
||||
instance_user = self.properties[self.ADMIN_USER]
|
||||
elif cfg.CONF.instance_user:
|
||||
instance_user = cfg.CONF.instance_user
|
||||
else:
|
||||
instance_user = None
|
||||
|
||||
userdata = self.client_plugin().build_userdata(
|
||||
metadata,
|
||||
ud_content,
|
||||
instance_user=instance_user,
|
||||
instance_user=None,
|
||||
user_data_format=user_data_format)
|
||||
|
||||
flavor = self.properties[self.FLAVOR]
|
||||
|
@ -294,11 +294,6 @@ class EngineService(service.Service):
|
||||
self._rpc_server = None
|
||||
self.software_config = service_software_config.SoftwareConfigService()
|
||||
|
||||
if cfg.CONF.instance_user:
|
||||
warnings.warn('The "instance_user" option in heat.conf is '
|
||||
'deprecated and will be removed in the Juno '
|
||||
'release.', DeprecationWarning)
|
||||
|
||||
if cfg.CONF.trusts_delegated_roles:
|
||||
warnings.warn('The default value of "trusts_delegated_roles" '
|
||||
'option in heat.conf is changed to [] in Kilo '
|
||||
|
@ -1411,7 +1411,7 @@ class InstancesTest(common.HeatTestCase):
|
||||
self.assertEqual('0.0.0.0', instance.FnGetAtt('PrivateIp'))
|
||||
|
||||
def test_default_instance_user(self):
|
||||
"""The default value for instance_user in heat.conf is ec2-user."""
|
||||
"""CFN instances automatically create the `ec2-user` admin user."""
|
||||
return_server = self.fc.servers.list()[1]
|
||||
instance = self._setup_test_instance(return_server, 'default_user')
|
||||
metadata = instance.metadata_get()
|
||||
@ -1422,47 +1422,6 @@ class InstancesTest(common.HeatTestCase):
|
||||
scheduler.TaskRunner(instance.create)()
|
||||
self.m.VerifyAll()
|
||||
|
||||
def test_custom_instance_user(self):
|
||||
"""Test instance_user in heat.conf being set to a custom value.
|
||||
|
||||
Launching the instance should call build_userdata with the custom user
|
||||
name.
|
||||
|
||||
This option is deprecated and will be removed in Juno.
|
||||
"""
|
||||
return_server = self.fc.servers.list()[1]
|
||||
instance = self._setup_test_instance(return_server, 'custom_user')
|
||||
self.m.StubOutWithMock(instances.cfg.CONF, 'instance_user')
|
||||
instances.cfg.CONF.instance_user = 'custom_user'
|
||||
metadata = instance.metadata_get()
|
||||
self.m.StubOutWithMock(nova.NovaClientPlugin, 'build_userdata')
|
||||
nova.NovaClientPlugin.build_userdata(
|
||||
metadata, 'wordpress', 'custom_user')
|
||||
self.m.ReplayAll()
|
||||
scheduler.TaskRunner(instance.create)()
|
||||
self.m.VerifyAll()
|
||||
|
||||
def test_empty_instance_user(self):
|
||||
"""Test instance_user in heat.conf being empty.
|
||||
|
||||
Launching the instance should call build_userdata with
|
||||
"ec2-user".
|
||||
|
||||
This behaviour is compatible with CloudFormation and will be
|
||||
the default in Juno once the instance_user option gets removed.
|
||||
"""
|
||||
return_server = self.fc.servers.list()[1]
|
||||
instance = self._setup_test_instance(return_server, 'empty_user')
|
||||
self.m.StubOutWithMock(instances.cfg.CONF, 'instance_user')
|
||||
instances.cfg.CONF.instance_user = ''
|
||||
metadata = instance.metadata_get()
|
||||
self.m.StubOutWithMock(nova.NovaClientPlugin, 'build_userdata')
|
||||
nova.NovaClientPlugin.build_userdata(
|
||||
metadata, 'wordpress', 'ec2-user')
|
||||
self.m.ReplayAll()
|
||||
scheduler.TaskRunner(instance.create)()
|
||||
self.m.VerifyAll()
|
||||
|
||||
def test_instance_create_with_volumes(self):
|
||||
return_server = self.fc.servers.list()[1]
|
||||
self.stub_VolumeConstraint_validate()
|
||||
|
@ -346,8 +346,6 @@ class NovaClientPluginUserdataTests(NovaClientPluginTestCase):
|
||||
|
||||
def test_build_userdata_without_instance_user(self):
|
||||
"""Don't add a custom instance user when not requested."""
|
||||
cfg.CONF.set_override('instance_user',
|
||||
'config_instance_user')
|
||||
cfg.CONF.set_override('heat_metadata_server_url',
|
||||
'http://server.test:123')
|
||||
cfg.CONF.set_override('heat_watch_server_url',
|
||||
@ -355,19 +353,18 @@ class NovaClientPluginUserdataTests(NovaClientPluginTestCase):
|
||||
data = self.nova_plugin.build_userdata({}, instance_user=None)
|
||||
self.assertNotIn('user: ', data)
|
||||
self.assertNotIn('useradd', data)
|
||||
self.assertNotIn('config_instance_user', data)
|
||||
self.assertNotIn('ec2-user', data)
|
||||
|
||||
def test_build_userdata_with_instance_user(self):
|
||||
"""Add the custom instance user when requested."""
|
||||
self.m.StubOutWithMock(nova.cfg, 'CONF')
|
||||
cnf = nova.cfg.CONF
|
||||
cnf.instance_user = 'config_instance_user'
|
||||
cnf.heat_metadata_server_url = 'http://server.test:123'
|
||||
cnf.heat_watch_server_url = 'http://server.test:345'
|
||||
data = self.nova_plugin.build_userdata(
|
||||
None, instance_user="custominstanceuser")
|
||||
self.assertNotIn('config_instance_user', data)
|
||||
self.assertIn("custominstanceuser", data)
|
||||
"""Add a custom instance user."""
|
||||
cfg.CONF.set_override('heat_metadata_server_url',
|
||||
'http://server.test:123')
|
||||
cfg.CONF.set_override('heat_watch_server_url',
|
||||
'http://server.test:345')
|
||||
data = self.nova_plugin.build_userdata({}, instance_user='ec2-user')
|
||||
self.assertIn('user: ', data)
|
||||
self.assertIn('useradd', data)
|
||||
self.assertIn('ec2-user', data)
|
||||
|
||||
|
||||
class NovaClientPluginMetadataTests(NovaClientPluginTestCase):
|
||||
|
@ -2726,98 +2726,15 @@ class ServersTest(common.HeatTestCase):
|
||||
server._resolve_attribute("networks"))
|
||||
self.m.VerifyAll()
|
||||
|
||||
def test_default_instance_user(self):
|
||||
"""Test instance_user is disabled by default."""
|
||||
return_server = self.fc.servers.list()[1]
|
||||
server = self._setup_test_server(return_server, 'default_user')
|
||||
metadata = server.metadata_get()
|
||||
self.m.StubOutWithMock(nova.NovaClientPlugin, 'build_userdata')
|
||||
nova.NovaClientPlugin.build_userdata(
|
||||
metadata,
|
||||
'wordpress',
|
||||
instance_user=None,
|
||||
user_data_format='HEAT_CFNTOOLS')
|
||||
self.m.ReplayAll()
|
||||
scheduler.TaskRunner(server.create)()
|
||||
self.m.VerifyAll()
|
||||
|
||||
def test_admin_user_property(self):
|
||||
"""Test the admin_user property on the server overrides instance_user.
|
||||
|
||||
Launching the instance should call build_userdata with the
|
||||
custom user name. This property is deprecated and will be
|
||||
removed in Juno.
|
||||
"""
|
||||
return_server = self.fc.servers.list()[1]
|
||||
stack_name = 'stack_with_custom_admin_user_server'
|
||||
(tmpl, stack) = self._setup_test_stack(stack_name)
|
||||
|
||||
wsp = tmpl.t['Resources']['WebServer']['Properties']
|
||||
wsp['admin_user'] = 'custom_user'
|
||||
resource_defns = tmpl.resource_definitions(stack)
|
||||
server = servers.Server('create_metadata_test_server',
|
||||
resource_defns['WebServer'], stack)
|
||||
self.m.StubOutWithMock(self.fc.servers, 'create')
|
||||
image_id = mox.IgnoreArg()
|
||||
self.fc.servers.create(
|
||||
image=image_id, flavor=mox.IgnoreArg(), key_name='test',
|
||||
name=mox.IgnoreArg(), security_groups=[],
|
||||
userdata=mox.IgnoreArg(), scheduler_hints=None,
|
||||
meta=mox.IgnoreArg(), nics=None, availability_zone=None,
|
||||
block_device_mapping=None, block_device_mapping_v2=None,
|
||||
config_drive=None, disk_config=None, reservation_id=None,
|
||||
files={}, admin_pass=None).AndReturn(return_server)
|
||||
self.m.StubOutWithMock(nova.NovaClientPlugin, '_create')
|
||||
nova.NovaClientPlugin._create().AndReturn(self.fc)
|
||||
self._mock_get_image_id_success('F17-x86_64-gold', image_id)
|
||||
metadata = server.metadata_get()
|
||||
self.m.StubOutWithMock(nova.NovaClientPlugin, 'build_userdata')
|
||||
nova.NovaClientPlugin.build_userdata(
|
||||
metadata,
|
||||
'wordpress',
|
||||
instance_user='custom_user',
|
||||
user_data_format='HEAT_CFNTOOLS')
|
||||
self.m.ReplayAll()
|
||||
scheduler.TaskRunner(server.create)()
|
||||
self.m.VerifyAll()
|
||||
|
||||
def test_custom_instance_user(self):
|
||||
"""Test instance_user in heat.conf being set to a custom value.
|
||||
|
||||
Launching the instance should call build_userdata with the
|
||||
custom user name.
|
||||
|
||||
This option is deprecated and will be removed in Juno.
|
||||
"""
|
||||
return_server = self.fc.servers.list()[1]
|
||||
server = self._setup_test_server(return_server, 'custom_user')
|
||||
self.m.StubOutWithMock(servers.cfg.CONF, 'instance_user')
|
||||
servers.cfg.CONF.instance_user = 'custom_user'
|
||||
metadata = server.metadata_get()
|
||||
self.m.StubOutWithMock(nova.NovaClientPlugin, 'build_userdata')
|
||||
nova.NovaClientPlugin.build_userdata(
|
||||
metadata,
|
||||
'wordpress',
|
||||
instance_user='custom_user',
|
||||
user_data_format='HEAT_CFNTOOLS')
|
||||
self.m.ReplayAll()
|
||||
scheduler.TaskRunner(server.create)()
|
||||
self.m.VerifyAll()
|
||||
|
||||
def test_empty_instance_user(self):
|
||||
"""Test instance_user in heat.conf being empty.
|
||||
"""Test Nova server doesn't set instance_user in build_userdata
|
||||
|
||||
Launching the instance should not pass any user to
|
||||
Launching the instance should not pass any user name to
|
||||
build_userdata. The default cloud-init user set up for the image
|
||||
will be used instead.
|
||||
|
||||
This will the default behaviour in Juno once we remove the
|
||||
instance_user option.
|
||||
"""
|
||||
return_server = self.fc.servers.list()[1]
|
||||
server = self._setup_test_server(return_server, 'custom_user')
|
||||
self.m.StubOutWithMock(servers.cfg.CONF, 'instance_user')
|
||||
servers.cfg.CONF.instance_user = ''
|
||||
server = self._setup_test_server(return_server, 'without_user')
|
||||
metadata = server.metadata_get()
|
||||
self.m.StubOutWithMock(nova.NovaClientPlugin, 'build_userdata')
|
||||
nova.NovaClientPlugin.build_userdata(
|
||||
|
Loading…
Reference in New Issue
Block a user