Prevent nailgun-agent/cloud-init collision

This patch prevents nailgun-agent from doing anything
until cloud-init has finished its magic.

/etc/nailgun-agent/nodiscover file is created during provisioning stage
and then it is removed in /etc/rc.local which guarantees
that nailgun-agent doesn't change mcollective config at the
same time when cloud-init does this. Otherwise, we can
end up with corrupted mcollective config.

Related-Patch: I5fca4ca39abdc273f6958f2643fae6c5c99fba68
Change-Id: If8d1252e6d351ad073de26afc13a19de76f531fb
Closes-Bug: #1449186

bin/agent

@@ -564,8 +564,8 @@ sleep_time = rand(30)
 logger.debug("Sleep for #{sleep_time} seconds before sending request")
 sleep(sleep_time)
 
-if File.exist?('/var/run/nodiscover')
-  logger.info("Discover prevented by /var/run/nodiscover presence.")
+if File.exist?('/etc/nailgun-agent/nodiscover')
+  logger.info("Discover prevented by /etc/nailgun-agent/nodiscover presence.")
   exit 1
 end
 

fuel_agent/cloud-init-templates/boothook_centos.jinja2

@@ -91,7 +91,8 @@ add_str_to_file_if_not_exists /etc/ssh/sshd_config 'UseDNS' 'UseDNS no'
 
 cloud-init-per instance gssapi_disable sed -i -e "/^\s*GSSAPICleanupCredentials yes/d" -e "/^\s*GSSAPIAuthentication yes/d" /etc/ssh/sshd_config
 
-cloud-init-per instance nailgun_agent /bin/sh -c 'echo "flock -w 0 -o /var/lock/agent.lock -c \"/opt/nailgun/bin/agent >> /var/log/nailgun-agent.log 2>&1\"" | tee /etc/rc.local'
+cloud-init-per instance nailgun_agent_0 /bin/sh -c 'echo "rm -f /etc/nailgun-agent/nodiscover" | tee /etc/rc.local'
+cloud-init-per instance nailgun_agent_1 /bin/sh -c 'echo "flock -w 0 -o /var/lock/agent.lock -c \"/opt/nailgun/bin/agent >> /var/log/nailgun-agent.log 2>&1\"" | tee -a /etc/rc.local'
 
 # Copying default bash settings to the root directory
 cloud-init-per instance skel_bash cp -f /etc/skel/.bash* /root/

fuel_agent/cloud-init-templates/boothook_ubuntu.jinja2

@@ -82,7 +82,8 @@ add_str_to_file_if_not_exists /etc/ssh/sshd_config 'UseDNS' 'UseDNS no'
 
 cloud-init-per instance gssapi_disable sed -i -e "/^\s*GSSAPICleanupCredentials yes/d" -e "/^\s*GSSAPIAuthentication yes/d" /etc/ssh/sshd_config
 
-cloud-init-per instance nailgun_agent /bin/sh -c 'echo "flock -w 0 -o /var/lock/agent.lock -c \"/opt/nailgun/bin/agent >> /var/log/nailgun-agent.log 2>&1\"" | tee /etc/rc.local'
+cloud-init-per instance nailgun_agent_0 /bin/sh -c 'echo "rm -f /etc/nailgun-agent/nodiscover" | tee /etc/rc.local'
+cloud-init-per instance nailgun_agent_1 /bin/sh -c 'echo "flock -w 0 -o /var/lock/agent.lock -c \"/opt/nailgun/bin/agent >> /var/log/nailgun-agent.log 2>&1\"" | tee -a /etc/rc.local'
 
 # Copying default bash settings to the root directory
 cloud-init-per instance skel_bash cp -f /etc/skel/.bash* /root/

fuel_agent/fuel_agent/manager.py

@@ -434,6 +434,19 @@ class Manager(object):
             f.write('# Generated by fuel-agent during provisioning:\n'
                     '# DO NOT DELETE. It is needed to disable net-generator\n')
 
+        # FIXME(kozhukalov): Prevent nailgun-agent from doing anything.
+        # This ugly hack is to be used together with the command removing
+        # this lock file not earlier than /etc/rc.local
+        # The reason for this hack to appear is to prevent nailgun-agent from
+        # changing mcollective config at the same time when cloud-init
+        # does the same. Otherwise, we can end up with corrupted mcollective
+        # config. For details see https://bugs.launchpad.net/fuel/+bug/1449186
+        LOG.debug('Preventing nailgun-agent from doing '
+                  'anything until it is unlocked')
+        utils.makedirs_if_not_exists(os.path.join(chroot, 'etc/nailgun-agent'))
+        with open(os.path.join(chroot, 'etc/nailgun-agent/nodiscover'), 'w'):
+            pass
+
         with open(chroot + '/etc/fstab', 'wb') as f:
             for fs in self.driver.partition_scheme.fss:
                 # TODO(kozhukalov): Think of improving the logic so as to