Previously user ids of new instances were limited to ec2-user.
This patch adds a new configuration option to be placed in
/etc/heat/heat-engine.conf called "default_instance_user" which
allows the default of ec2-user to be overriden.
Note for reviewers that runcmd does not work properly. It was
actually running after the loguserdata.py script finished execution.
Fixes: Bug #1101347
Change-Id: Ica2dbe63d9dcbce8bb8de298eba452c34ab173d9
graft templates
include heat/versioninfo
include heat/cloudinit/config
+include heat/cloudinit/boothook.sh
include heat/cloudinit/loguserdata.py
include heat/cloudinit/part-handler.py
include heat/db/sqlalchemy/migrate_repo/migrate.cfg
--- /dev/null
+#!/bin/bash
+setenforce 0
+useradd -m @INSTANCE_USER@
+echo -e '@INSTANCE_USER@\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
+
+# Do not remove - the cloud boothook should always return success
+exit 0
-runcmd:
- - setenforce 0 > /dev/null 2>&1 || true
-
-user: ec2-user
+user: @INSTANCE_USER@
cloud_config_modules:
- locale
- timezone
- update_etc_hosts
- update_hostname
- - runcmd
# Capture all subprocess output into a logfile
# Useful for troubleshooting cloud-init issues
help='timeout before idle sql connections are reaped')]
engine_opts = [
+ cfg.StrOpt('instance_user',
+ default='ec2-user',
+ help='The default user for new instances'),
cfg.StrOpt('instance_driver',
default='heat.engine.nova',
help='Driver to use for controlling instances'),
return msg
def read_cloudinit_file(fn):
- return pkgutil.get_data('heat', 'cloudinit/%s' % fn)
+ data = pkgutil.get_data('heat', 'cloudinit/%s' % fn)
+ data = data.replace('@INSTANCE_USER@',
+ cfg.CONF.instance_user)
+ return data
attachments = [(read_cloudinit_file('config'), 'cloud-config'),
+ (read_cloudinit_file('boothook.sh'), 'boothook.sh',
+ 'cloud-boothook'),
(read_cloudinit_file('part-handler.py'),
'part-handler.py'),
(userdata, 'cfn-userdata', 'x-cfninitdata'),
Code Review / openstack-build / heat-build.git / commitdiff