[src/trunk]: src/distrib/utils/embedded/files Add some OpenStack support.

[rhialto <rhialto%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/ecadb9eb1dc0
branches:  trunk
changeset: 1022393:ecadb9eb1dc0
user:      rhialto <rhialto%NetBSD.org@localhost>
date:      Thu Jul 15 19:03:17 2021 +0000

description:
Add some OpenStack support.

I found that in the cloud I tried, by the time this script runs, there
is no default route in effect yet. That takes some 5 to 10 seconds
longer. So I added a retry loop, and to make that easier, changed the
order of queries.  To make sure it doesn't wait ~forever for a
non-existent service I added the -q 1 option to ftp invocations.

I also added OpenStack-specific metadata which contains a different
random_seed of 512 bytes every time it is requested.  See
https://github.com/openstack/nova/blob/master/nova/api/metadata/base.py#L355
It may not be trusted data but only in the strictest sense of the word.
The data can only be observed by people with access to the cloud's
overlay network for the particular VM.

diffstat:

 distrib/utils/embedded/files/ec2_init |  36 ++++++++++++++++++++++++++--------
 1 files changed, 27 insertions(+), 9 deletions(-)

diffs (73 lines):

diff -r a7d87239d566 -r ecadb9eb1dc0 distrib/utils/embedded/files/ec2_init
--- a/distrib/utils/embedded/files/ec2_init     Thu Jul 15 18:18:15 2021 +0000
+++ b/distrib/utils/embedded/files/ec2_init     Thu Jul 15 19:03:17 2021 +0000
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: ec2_init,v 1.2 2021/07/01 18:05:45 jmcneill Exp $
+# $NetBSD: ec2_init,v 1.3 2021/07/15 19:03:17 rhialto Exp $
 #
 # PROVIDE: ec2_init
 # REQUIRE: NETWORKING
@@ -20,6 +20,8 @@
 
 SSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys"
 
+OS_METADATA_URL="http://169.254.169.254/openstack/latest/meta_data.json";
+
 ec2_newuser()
 {
        echo "Creating EC2 user account ${EC2_USER}"
@@ -31,11 +33,27 @@
        (
        umask 022
 
+       # set hostname; it may be 5-10 seconds for the metadata service
+       # to  become reachable.
+       try=0
+       while [ $((try++)) -lt 20 ]
+       do
+               HOSTNAME=$(ftp -o - -q 1 "${METADATA_URL}${HOSTNAME_URL}")
+               if [ -n "$HOSTNAME" ]; then
+                       echo "Setting EC2 hostname: ${HOSTNAME}"
+                       echo "$HOSTNAME" > /etc/myname
+                       hostname "$HOSTNAME"
+                       break
+               fi
+               echo "EC2 hostname not available yet (try $try)"
+               sleep 1
+       done
+
        # create EC2 user
        id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser
 
-       # fetch the key pair from Amazon Web Services
-       EC2_SSH_KEY=$(ftp -o - "${METADATA_URL}${SSH_KEY_URL}")
+       # fetch the public key from Amazon Web Services
+       EC2_SSH_KEY=$(ftp -o - -q 1 "${METADATA_URL}${SSH_KEY_URL}")
 
        if [ -n "$EC2_SSH_KEY" ]; then
                # A key pair is associated with this instance, add it
@@ -48,16 +66,16 @@
 
                grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE"
                if [ $? -ne 0 ]; then
-                       echo "Setting EC2 SSH key pair: ${EC2_SSH_KEY##* }"
+                       echo "Setting EC2 SSH public key for user ${EC2_USER}: ${EC2_SSH_KEY##* }"
                        echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE"
                fi
        fi
 
-       # set hostname
-       HOSTNAME=$(ftp -o - "${METADATA_URL}${HOSTNAME_URL}")
-       echo "Setting EC2 hostname: ${HOSTNAME}"
-       echo "$HOSTNAME" > /etc/myname
-       hostname "$HOSTNAME"
+       # May contain a "random_seed". Everything else doesn't matter.
+       OS_METADATA="$(ftp -o - -q 1 ${OS_METADATA_URL})"
+       if echo "$OS_METADATA" | grep -q random_seed; then
+               echo "$OS_METADATA" >> /dev/urandom
+       fi
        )
 }