Merge pull request #1379 from jayapalu/configdriveScripts

CLOUDSTACK-8324: config drive data set/get scripts for the guest vmAdded the guest vm scripts for set/get the vm data, password and ssh keys

* pr/1379:
  CLOUDSTACK-8324: updated the mount directory name and kvm virt device
  CLOUDSTACK-8324: config drive data set/get scripts for the guest vm

Signed-off-by: Rajani Karuturi <rajani.karuturi@accelerite.com>

Author: karuturi

setup/bindir/cloud-get-vm-data-configdrive.in

@@ -0,0 +1,132 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+
+mountdir=$(mktemp -d)
+filepath=$mountdir/cloudstack
+
+user_data=$filepath/userdata/user_data.txt
+availability_zone=$filepath/metadata/availability_zone.txt
+cloud_identifier=$filepath/metadata/cloud_identifier.txt
+instance_id=$filepath/metadata/instance_id.txt
+local_hostname=$filepath/metadata/local_hostname.txt
+service_offering=$filepath/metadata/service_offering.txt
+vm_id=$filepath/metadata/vm_id.txt
+public_key=$filepath/metadata/public_keys.txt
+vm_password=$filepath/password/vm_password.txt
+
+# If lable name is other than config, please change the below line as required
+DefaultDisk=/dev/disk/by-label/config
+
+function usage
+{
+    echo -e "USAGE: cloud-get-vm-data -options"
+    echo -e "  where options include:"
+    echo -e "\\t-m | --metadata [availability-zone | cloud-identifier | instance-id | local-hostname | service-offering | vm-id | public-key] \\n\\t\\tprint vm metadata"
+    echo -e "\\t-p | --password \\n\\t\\tprint vm password"
+    echo -e "\\t-u | --userdata \\n\\t\\tprint vm userdata"
+}
+
+function prepare_mount
+{
+    if [ ! -e $mountdir ]; then
+        mkdir $mountdir
+        chmod 700 $mountdir
+    fi
+
+    if [ -e $DefaultDisk ]; then
+        Disk=$DefaultDisk
+    else
+        BLOCK_DEVICE=$(blkid -t LABEL='config' /dev/hd? /dev/sd? /dev/xvd? -o device)
+        if [ -n $BLOCK_DEVICE ]; then
+            Disk=$BLOCK_DEVICE
+        else
+            logger -t "cloud" "Unable to get the VM data: Config drive device not found"
+            exit 1
+        fi
+    fi
+
+    mount -r $Disk $mountdir
+    if [ $? -ne 0 ]; then
+        echo "Failed mounting $Disk to /mnt/configdrive"
+        exit 1
+    fi
+}
+
+function remove_mount
+{
+  umount $mountdir
+}
+
+prepare_mount
+
+case $1 in
+    -u | --userdata )   echo -n "USERDATA: "
+                        filename=$user_data
+                        ;;
+    -m | --metadata )   shift
+                        if [ "$1" != "" ]; then
+                            case $1 in
+                                availability-zone ) echo -n "availability zone: ";  filename=$availability_zone
+                                                    ;;
+                                cloud-identifier )  echo -n "cloud identifier: ";   filename=$cloud_identifier
+                                                    ;;
+                                instance-id )       echo -n "instance-id: ";        filename=$instance_id
+                                                    ;;
+                                local-hostname )    echo -n "local-hostname: ";     filename=$local_hostname
+                                                    ;;
+                                service-offering )  echo -n "service-offering: ";   filename=$service_offering
+                                                    ;;
+                                vm-id )             echo -n  "vm-id: ";             filename=$vm_id
+                                                    ;;
+                                public-key )       echo -n  "public-key: ";         filename=$public_key
+                                                    ;;
+                                * )                 usage
+                                                    remove_mount
+                                                    exit 1
+                            esac
+                        else
+                            echo -e "METADATA\\n"
+                            [ -f $availability_zone ] && echo -e "availability zone:\t" "$(cat $availability_zone)"
+                            [ -f $cloud_identifier ]  && echo -e "cloud identifier:\t"  "$(cat $cloud_identifier)"
+                            [ -f $instance_id ]       && echo -e "instance-id:\t\t"     "$(cat $instance_id)"
+                            [ -f $local_hostname ]    && echo -e "local-hostname:\t\t"  "$(cat $local_hostname)"
+                            [ -f $service_offering ]  && echo -e "service-offering:\t"  "$(cat $service_offering)"
+                            [ -f $vm_id ]             && echo -e "vm-id:\t\t\t"         "$(cat $vm_id)"
+                            [ -f $public_key ]        && echo -e "public-key:\t\t"      "$(cat $public_key)"
+                        fi
+                        ;;
+    -p | --password )   echo -n "PASSWORD: "
+                        filename=$vm_password
+                        ;;
+    -h | --help )       usage
+                        remove_mount
+                        exit 0
+                        ;;
+    * )                 usage
+                        remove_mount
+                        exit 1
+esac
+
+if [ "$filename" != "" ] && [ -e $filename ]
+then
+    cat $filename
+fi
+
+remove_mount
+exit 0

setup/bindir/cloud-set-guest-password-configdrive.in

@@ -0,0 +1,130 @@
+                                  #!/bin/bash
+#
+# Init file for Password Download Client
+#
+# chkconfig: 345 98 02
+# description: Password Download Client
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+# 
+#   http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+
+# Modify this line to specify the user (default is root)
+user=root
+
+mountdir=$(mktemp -d)
+
+# If lable name is other than config, please change the below line as required
+DefaultDisk=/dev/disk/by-label/config
+
+
+Password_File=$mountdir/cloudstack/password/vm_password.txt
+password_received=0
+
+function prepare_mount
+{
+    if [ ! -e $mountdir ]; then
+        mkdir $mountdir
+        chmod 700 $mountdir
+    fi
+
+    if [ -e $DefaultDisk ]; then
+        Disk=$DefaultDisk
+    else
+        BLOCK_DEVICE=$(blkid -t LABEL='config' /dev/hd? /dev/sd? /dev/xvd? /dev/vd? -o device)
+        if [ -n $BLOCK_DEVICE ]; then
+            Disk=$BLOCK_DEVICE
+        else
+            logger -t "cloud" "Unable to set password to VM: Config drive not found"
+            exit 1
+        fi
+    fi
+
+    mount -r $Disk $mountdir
+    if [ $? -ne 0 ]; then
+        echo "Failed mounting $Disk to /mnt/configdrive"
+        exit 1
+    fi
+}
+
+function remove_mount
+{
+  umount $mountdir
+}
+
+prepare_mount
+
+
+if [ -f $Password_File ]
+then
+    password=$(cat $Password_File)
+    password=$(echo $password | tr -d '\r')
+    remove_mount
+
+    case $password in
+
+        "")                 logger -t "cloud" "Config drive did not have any password for the VM"
+                            exit 0
+                            ;;
+
+        "saved_password")   logger -t "cloud" "VM has already saved a password"
+                            exit 0
+                            ;;
+
+        *)                  logger -t "cloud" "VM got a valid password"
+                            password_received=1
+                            ;;
+        esac
+else
+    remove_mount
+    logger -t "cloud" "Password set failed on VM: password file not found in config drive"
+    exit 0
+fi
+
+if [ "$password_received" = "1" ]; then
+
+   newmd5sum=$(echo $password | md5sum | awk '{print $1}')
+   if [ -f /var/vmpasswordmd5sum ]
+   then
+       oldsum=$(cat /var/vmpasswordmd5sum)
+
+       if [ "$newmd5sum" ==  "$oldsum" ]
+       then
+           logger -t "cloud"  "There is no update of VM password from cloudstack, returning true"
+           exit 0
+       fi
+   fi
+
+    logger -t "cloud" "Changing password ..."
+    echo $user:$password | chpasswd
+
+    if [ $? -gt 0 ]
+    then
+        usermod -p `mkpasswd -m SHA-512 $password` $user
+
+        if [ $? -gt 0 ]
+        then
+            logger -t "cloud" "Failed to change password for user $user"
+            exit 1
+        else
+            logger -t "cloud" "Successfully changed password for user $user"
+        fi
+    fi
+fi
+
+ echo $newmd5sum > /var/vmpasswordmd5sum
+exit 0

setup/bindir/cloud-set-guest-sshkey-configdrive.in

@@ -0,0 +1,107 @@
+#!/bin/bash
+#
+# Init file for SSH Public Keys Download Client
+#
+# chkconfig: 345 98 02
+# description: SSH Public Keys Download Client
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+
+# Modify this line to specify the user (default is root)
+user=root
+
+mountdir=$(mktemp -d)
+
+# If lable name is other than config, please change the below line as required
+DefaultDisk=/dev/disk/by-label/config
+
+SSHKey_File=$mountdir/cloudstack/metadata/public_keys.txt
+keys_received=0
+
+function prepare_mount
+{
+    if [ ! -e $mountdir ]; then
+        mkdir $mountdir
+        chmod 700 $mountdir
+    fi
+
+    if [ -e $DefaultDisk ]; then
+        Disk=$DefaultDisk
+    else
+        BLOCK_DEVICE=$(blkid -t LABEL='config' /dev/hd? /dev/sd? /dev/xvd? /dev/vd? -o device)
+        if [ -n $BLOCK_DEVICE ]; then
+            Disk=$BLOCK_DEVICE
+        else
+            logger -t "cloud" "Unable to get SSH public key: Config drive not found"
+            exit 1
+        fi
+    fi
+
+    mount -r $Disk $mountdir
+    if [ $? -ne 0 ]; then
+        echo "Failed mounting $Disk to /mnt/configdrive"
+        exit 1
+    fi
+}
+
+function remove_mount
+{
+  umount $mountdir
+}
+
+prepare_mount
+
+
+if [ -f $SSHKey_File ]
+then
+    publickey=$(cat $SSHKey_File)
+    publickey=$(echo $publickey | tr -d '\r')
+    remove_mount
+
+    if [ -z "$publickey" ]; then
+        logger -t "cloud" "Did not receive any keys"
+        exit 1
+    fi
+else
+    remove_mount
+    logger -t "cloud" "Did not receive any keys"
+    exit 1
+fi
+
+homedir=$(grep ^$user /etc/passwd|awk -F ":" '{print $6}')
+sshdir=$homedir/.ssh
+authorized=$sshdir/authorized_keys
+
+if [ ! -e $sshdir ]; then
+    mkdir $sshdir
+    chmod 700 $sshdir
+fi
+
+if [ ! -e $authorized ]; then
+    touch $authorized
+    chmod 600 $authorized
+fi
+
+
+cat $authorized|grep -v "$publickey"|tee $authorized > /dev/null
+echo "$publickey" >> $authorized
+
+which restorecon && restorecon -R -v $sshdir
+
+exit 0