When writing the ~/.ssh/authorized_keys file in a script that is being
run as sudo, the file is created with the root owner, instead of the
user defined by the node credentials. File ownership should be enforced
to make sure the right owner is alwaays set.
Some providers, such as Azure ARM, might need additional
resources present in order to be able to use the extension.
This change allows to override its binding (Guice 4 by default does not
allow to override provider bindings, so we need to define them as final
ones and provide an alternate method for subclasses that need to
override the binding).
Previously not all fields of RunScriptOptions were included in copyTo
(e.g. runAsRoot and initScript).
Also options.equals(options.clone()) failed if options.loginPassword
was originally null - in the cloned object, it would be Optional.absent.
Fixes RunScriptOptions.toString, to only say “loginPasswordPresent”
if optional.isPresent().
This commit refactors the ImageCacheSupplier to act as a
proper cache. It is used by the ImageExtesion and all operations
on the images are propagated to the cache.
A method has also been added to the TemplateBuilder to let users
force a cache refresh. There have been several requests to provide a way
to disable image caching in the compute abstraction, and this new method
should fix that.
On SUSE, the “-f” force option is not available for groupadd,
so `groupadd -f wheel` returns exit code 9 if the group already
exists. To avoid this, first check if the group exists.
In normal usage, this doesn’t matter: the script continues with the
next command anyway.
However, if the statements generated by UserAdd or AdminAccess are
used outside of that context (e.g. by code external to jclouds), then
this can cause them to fail.
- Adding env_reset to the default configuration in /etc/sudoers
- Adding secure_path to the default configuration in /etc/sudoers
- secure_path value is
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
deprecated hardware types in EC2 are flagged using this, according to latest AWS advice,
to fix situations where deprecated hardware types would be chosen when a non-deprecated alternative exists.
we also deprecate T2 because it requires a VPC.
also fixes semantics of ImagesToRegionAndIdMap to match the logic used in the TemplateBuilderImpl;
RegionAndName should contain the ID not the ProviderID. this is only really used in tests so no external impact.
(previously the cache only worked if provider ID matched the non-location segment of the image ID.)
however this does now assert that image id's are in the right format for AWS, as suggested by @nacx.
Certain hardened images will have "umask 0077" set for the root user, making the newly created /home/users folder inaccessible to non-root. This results in a failure when trying to ssh with the new account. Explicitly set permissions to be independent of default umask.
Add the fqdn to /etc/hosts file becouse if you only add the hostname then it is posible to lose the fqdn
changed expected script adding "`hostname -f` "
Added "-s" option to ensure to get the short name
Added "-s" option to ensure search using the short name
- Some users get a DependencyVioloation, rather than InvalidGroup.InUse,
when attempting to delete the security group. This caused
cleanupIncidentalResources to propagate an exception.
- Fixes it by converting this to an IllegalStateException (in same
way as is done for “InUse”)
- Adds tests (using MockWebServer) for happy-path and for failing
to delete the security group with each of InUse and DependencyViolation
responses.
- Adds Timeouts.cleanupIncidentalResources
- Use that timeout in EC2, when retrying the deletion of security group
on VM deletion (previously hard-coded as 3 seconds).
- Configure that timeout in the tests, so deterministic number of retries
This avoids unneeded garbage, especially during XML parsing. Replaced
with:
find -name \*.java | xargs sed -i 's/^\( *[^ ]*\) = new StringBuilder();$/\1.setLength(0);/'
Images were cached in memory using a memoized supplier. To allow growing
this cache with the discovered images, the ImageCacheSupplier class has
been created. It provides an in-memory cache with all discovered images
and acts as a view over the image cache that also provides access to
them.
The in-memory cache for the discovered images expires with the session,
just as the image cache does.
The default memoized image supplier has been changed to the
ImageCacheSupplier, to make sure all providers get injected the right
instance, and the old supplier has been qualified with the 'imageCache'
name, in case a provider needs the basic image cache.
Replaced hard-coded Strings in toString methods of static predicates with their enum.toString counterparts
Added test 'testNodeRunningFailsOnSuspended'
Revert "Added test 'testNodeRunningFailsOnSuspended'"
This reverts commit 2a543bfe20540bb4f10ef4f86e845a63bdbe90e3.
Removed test 'testNodeRunningFailsOnSuspended'. Added test 'testNodeSuspendedReturnsTrueWhenSuspended'.
Renamed '
Revert "Renamed '"
This reverts commit 061e9292a812066562ab47ba5eea15337fc13c3d.
Renamed 'AtomicNodeSuspended.nodeRunning' to 'AtomicNodeSuspended.nodeSuspended'.\nWhere applicable combined all calls to 'replay(Object...)' instead of the old 'replay(node);replay(computeService);'
If the TemplateBuilderImpl is given an imageId but the image can not be
found in the image cache, fallback to the GetImageStrategy to perform a
call to the provider to try to get it.
We've seen that in some cases images are not returned in the image list
but they actually exist in the provider. This fix won't make them
available when filtering by other properties such as the operating system,
etc, but at least will make them available if their id is known.
- Adds networks field/methods to TemplateOptions.
- Adds them to children as well for legacy reasons.
- Deprecates CloudStackTemplateOptions#networkIds methods in favor of #networks.
- TODO: Modify compute abstraction layer for provisioning for nova,
EC2, et al to take advantage of this.
Ignasi Barrera
Andrea Turli
Andrew Gaul
Zack Shoylev
Sergey Tselovalnikov
kilida
Aled Sage
Reijhanniel Jearl Campos
Nikolay Sokolov
Oliver Gondža
Yavor Yanchev
Alex Heneveld
Svetoslav Neykov
Hugo Viejo
Jeremy Daggett
Adrian Cole
Adrian Cole
Andrew Phillips
Stuart Hendren
Werner Buck
Christopher Dancy
Chris Custine
ashley-taylor
Pasi Niemi
Andrew Bayer