1160f5
From 8e599c618ba33f7ed572f752fc9201ca44e41868 Mon Sep 17 00:00:00 2001
1160f5
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
1160f5
Date: Wed, 18 May 2022 16:21:45 +0200
1160f5
Subject: [PATCH 4/5] Align rhel custom files with upstream (#1431)
1160f5
1160f5
RH-Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
1160f5
RH-MergeRequest: 26: Align rhel custom files with upstream (#1431)
1160f5
RH-Commit: [1/2] edac80c4fa3a11d093ee0e7260796566a7eb141e (eesposit/cloud-init-centos-)
1160f5
RH-Bugzilla: 2088448
1160f5
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
1160f5
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
1160f5
1160f5
commit 9624758f91b61f4711e8d7b5c83075b5d23e0c43
1160f5
Author: Emanuele Giuseppe Esposito <eesposit@redhat.com>
1160f5
Date:   Wed May 18 15:18:04 2022 +0200
1160f5
1160f5
    Align rhel custom files with upstream (#1431)
1160f5
1160f5
    So far RHEL had its own custom .service and cloud.cfg files,
1160f5
    that diverged from upstream. We always replaced the generated files
1160f5
    with the ones we had.
1160f5
1160f5
    This caused only confusion and made it harder to rebase and backport
1160f5
    patches targeting these files.
1160f5
    At the same time, we are going to delete our custom downstream-only files
1160f5
    and use the ones generated by .tmpl.
1160f5
1160f5
    The mapping is:
1160f5
    config/cloud.cfg.tmpl -> rhel/cloud.cfg
1160f5
    systemd/* -> rhel/systemd/*
1160f5
1160f5
    Such rhel-specific files are open and available in the Centos repo:
1160f5
    https://gitlab.com/redhat/centos-stream/src/cloud-init
1160f5
1160f5
    With this commit, we are also introducing modules in cloud.cfg that
1160f5
    were not in the default rhel cfg file, even though they should already
1160f5
    have been there with previous rebases and releases.
1160f5
    Anyways such modules support rhel as distro, and
1160f5
    therefore should cause no harm.
1160f5
1160f5
    Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
1160f5
1160f5
    RHBZ: 2082071
1160f5
1160f5
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
1160f5
---
1160f5
 config/cloud.cfg.tmpl                   | 23 +++++++++++++++++++++++
1160f5
 systemd/cloud-config.service.tmpl       |  4 ++++
1160f5
 systemd/cloud-final.service.tmpl        | 13 +++++++++++++
1160f5
 systemd/cloud-init-local.service.tmpl   | 22 +++++++++++++++++++++-
1160f5
 systemd/cloud-init.service.tmpl         |  6 +++++-
1160f5
 tests/unittests/test_render_cloudcfg.py |  1 +
1160f5
 6 files changed, 67 insertions(+), 2 deletions(-)
1160f5
1160f5
diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
1160f5
index 86beee3c..f4d2fd14 100644
1160f5
--- a/config/cloud.cfg.tmpl
1160f5
+++ b/config/cloud.cfg.tmpl
1160f5
@@ -34,7 +34,11 @@ disable_root: true
1160f5
 
1160f5
 {% if variant in ["almalinux", "alpine", "amazon", "centos", "cloudlinux", "eurolinux",
1160f5
                   "fedora", "miraclelinux", "openEuler", "rhel", "rocky", "virtuozzo"] %}
1160f5
+{% if variant == "rhel" %}
1160f5
+mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service,_netdev', '0', '2']
1160f5
+{% else %}
1160f5
 mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2']
1160f5
+{% endif %}
1160f5
 {% if variant == "amazon" %}
1160f5
 resize_rootfs: noblock
1160f5
 {% endif %}
1160f5
@@ -66,6 +70,14 @@ network:
1160f5
   config: disabled
1160f5
 {% endif %}
1160f5
 
1160f5
+{% if variant == "rhel" %}
1160f5
+# Default redhat settings:
1160f5
+ssh_deletekeys:   true
1160f5
+ssh_genkeytypes:  ['rsa', 'ecdsa', 'ed25519']
1160f5
+syslog_fix_perms: ~
1160f5
+disable_vmware_customization: false
1160f5
+{% endif %}
1160f5
+
1160f5
 # The modules that run in the 'init' stage
1160f5
 cloud_init_modules:
1160f5
  - migrator
1160f5
@@ -107,10 +119,15 @@ cloud_config_modules:
1160f5
 {% endif %}
1160f5
 {% if variant not in ["photon"] %}
1160f5
  - ssh-import-id
1160f5
+{% if variant not in ["rhel"] %}
1160f5
  - keyboard
1160f5
+{% endif %}
1160f5
  - locale
1160f5
 {% endif %}
1160f5
  - set-passwords
1160f5
+{% if variant in ["rhel"] %}
1160f5
+ - rh_subscription
1160f5
+{% endif %}
1160f5
 {% if variant in ["rhel", "fedora", "photon"] %}
1160f5
 {% if variant not in ["photon"] %}
1160f5
  - spacewalk
1160f5
@@ -239,6 +256,10 @@ system_info:
1160f5
      name: ec2-user
1160f5
      lock_passwd: True
1160f5
      gecos: EC2 Default User
1160f5
+{% elif variant == "rhel" %}
1160f5
+     name: cloud-user
1160f5
+     lock_passwd: true
1160f5
+     gecos: Cloud User
1160f5
 {% else %}
1160f5
      name: {{ variant }}
1160f5
      lock_passwd: True
1160f5
@@ -254,6 +275,8 @@ system_info:
1160f5
      groups: [adm, sudo]
1160f5
 {% elif variant == "arch" %}
1160f5
      groups: [wheel, users]
1160f5
+{% elif variant == "rhel" %}
1160f5
+     groups: [adm, systemd-journal]
1160f5
 {% else %}
1160f5
      groups: [wheel, adm, systemd-journal]
1160f5
 {% endif %}
1160f5
diff --git a/systemd/cloud-config.service.tmpl b/systemd/cloud-config.service.tmpl
1160f5
index 9d928ca2..d5568a6e 100644
1160f5
--- a/systemd/cloud-config.service.tmpl
1160f5
+++ b/systemd/cloud-config.service.tmpl
1160f5
@@ -4,6 +4,10 @@ Description=Apply the settings specified in cloud-config
1160f5
 After=network-online.target cloud-config.target
1160f5
 After=snapd.seeded.service
1160f5
 Wants=network-online.target cloud-config.target
1160f5
+{% if variant == "rhel" %}
1160f5
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
1160f5
+ConditionKernelCommandLine=!cloud-init=disabled
1160f5
+{% endif %}
1160f5
 
1160f5
 [Service]
1160f5
 Type=oneshot
1160f5
diff --git a/systemd/cloud-final.service.tmpl b/systemd/cloud-final.service.tmpl
1160f5
index 8207b18c..85f423ac 100644
1160f5
--- a/systemd/cloud-final.service.tmpl
1160f5
+++ b/systemd/cloud-final.service.tmpl
1160f5
@@ -7,6 +7,10 @@ After=multi-user.target
1160f5
 Before=apt-daily.service
1160f5
 {% endif %}
1160f5
 Wants=network-online.target cloud-config.service
1160f5
+{% if variant == "rhel" %}
1160f5
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
1160f5
+ConditionKernelCommandLine=!cloud-init=disabled
1160f5
+{% endif %}
1160f5
 
1160f5
 
1160f5
 [Service]
1160f5
@@ -15,7 +19,16 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
1160f5
 RemainAfterExit=yes
1160f5
 TimeoutSec=0
1160f5
 KillMode=process
1160f5
+{% if variant == "rhel" %}
1160f5
+# Restart NetworkManager if it is present and running.
1160f5
+ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
1160f5
+ out=$(systemctl show --property=SubState $u) || exit; \
1160f5
+ [ "$out" = "SubState=running" ] || exit 0; \
1160f5
+ systemctl reload-or-try-restart $u'
1160f5
+{% else %}
1160f5
 TasksMax=infinity
1160f5
+{% endif %}
1160f5
+
1160f5
 
1160f5
 # Output needs to appear in instance console output
1160f5
 StandardOutput=journal+console
1160f5
diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl
1160f5
index 7166f640..a6b82650 100644
1160f5
--- a/systemd/cloud-init-local.service.tmpl
1160f5
+++ b/systemd/cloud-init-local.service.tmpl
1160f5
@@ -1,23 +1,43 @@
1160f5
 ## template:jinja
1160f5
 [Unit]
1160f5
 Description=Initial cloud-init job (pre-networking)
1160f5
-{% if variant in ["ubuntu", "unknown", "debian"] %}
1160f5
+{% if variant in ["ubuntu", "unknown", "debian", "rhel" ] %}
1160f5
 DefaultDependencies=no
1160f5
 {% endif %}
1160f5
 Wants=network-pre.target
1160f5
 After=hv_kvp_daemon.service
1160f5
 After=systemd-remount-fs.service
1160f5
+{% if variant == "rhel" %}
1160f5
+Requires=dbus.socket
1160f5
+After=dbus.socket
1160f5
+{% endif %}
1160f5
 Before=NetworkManager.service
1160f5
+{% if variant == "rhel" %}
1160f5
+Before=network.service
1160f5
+{% endif %}
1160f5
 Before=network-pre.target
1160f5
 Before=shutdown.target
1160f5
+{% if variant == "rhel" %}
1160f5
+Before=firewalld.target
1160f5
+Conflicts=shutdown.target
1160f5
+{% endif %}
1160f5
 {% if variant in ["ubuntu", "unknown", "debian"] %}
1160f5
 Before=sysinit.target
1160f5
 Conflicts=shutdown.target
1160f5
 {% endif %}
1160f5
 RequiresMountsFor=/var/lib/cloud
1160f5
+{% if variant == "rhel" %}
1160f5
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
1160f5
+ConditionKernelCommandLine=!cloud-init=disabled
1160f5
+{% endif %}
1160f5
 
1160f5
 [Service]
1160f5
 Type=oneshot
1160f5
+{% if variant == "rhel" %}
1160f5
+ExecStartPre=/bin/mkdir -p /run/cloud-init
1160f5
+ExecStartPre=/sbin/restorecon /run/cloud-init
1160f5
+ExecStartPre=/usr/bin/touch /run/cloud-init/enabled
1160f5
+{% endif %}
1160f5
 ExecStart=/usr/bin/cloud-init init --local
1160f5
 ExecStart=/bin/touch /run/cloud-init/network-config-ready
1160f5
 RemainAfterExit=yes
1160f5
diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl
1160f5
index e71e5679..c170aef7 100644
1160f5
--- a/systemd/cloud-init.service.tmpl
1160f5
+++ b/systemd/cloud-init.service.tmpl
1160f5
@@ -1,7 +1,7 @@
1160f5
 ## template:jinja
1160f5
 [Unit]
1160f5
 Description=Initial cloud-init job (metadata service crawler)
1160f5
-{% if variant not in ["photon"] %}
1160f5
+{% if variant not in ["photon", "rhel"] %}
1160f5
 DefaultDependencies=no
1160f5
 {% endif %}
1160f5
 Wants=cloud-init-local.service
1160f5
@@ -36,6 +36,10 @@ Before=shutdown.target
1160f5
 Conflicts=shutdown.target
1160f5
 {% endif %}
1160f5
 Before=systemd-user-sessions.service
1160f5
+{% if variant == "rhel" %}
1160f5
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
1160f5
+ConditionKernelCommandLine=!cloud-init=disabled
1160f5
+{% endif %}
1160f5
 
1160f5
 [Service]
1160f5
 Type=oneshot
1160f5
diff --git a/tests/unittests/test_render_cloudcfg.py b/tests/unittests/test_render_cloudcfg.py
1160f5
index 30fbd1a4..9f95d448 100644
1160f5
--- a/tests/unittests/test_render_cloudcfg.py
1160f5
+++ b/tests/unittests/test_render_cloudcfg.py
1160f5
@@ -68,6 +68,7 @@ class TestRenderCloudCfg:
1160f5
         default_user_exceptions = {
1160f5
             "amazon": "ec2-user",
1160f5
             "debian": "ubuntu",
1160f5
+            "rhel": "cloud-user",
1160f5
             "unknown": "ubuntu",
1160f5
         }
1160f5
         default_user = system_cfg["system_info"]["default_user"]["name"]
1160f5
-- 
1160f5
2.31.1
1160f5