Systemd drop-in for cloud-init networking config reset

[sjones4]

The current cloud-init in centos 7 overwrites /etc/sysconfig/network on first boot with a configuration that leaves out the necessary environment for disabling zeroconf:

NOZEROCONF=yes

Zeroconf can then add in a route when networking initializes that prevents access to instance metadata.

This change ensures that the appropriate settings are set when the image is built and after cloud-init has overwritten the configuration.

[sjones4]

Build, stage, deploy, test:
https://ocd.appscale.com:8080/job/eucalyptus-internal-5-build-random-rpms/37/
https://ocd.appscale.com:8080/job/eucalyptus-internal-5-stage-random/29/
https://ocd.appscale.com:8080/job/eucalyptus-44-qa-deploy/303/
https://ocd.appscale.com:8080/job/eucalyptus-5-qa-suite/39/

[sjones4]

Demo:

1. Configure loadbalancing to allow ssh access to vm
2. Launch a load balancer
3. SSH to load balancer and verify:

• running CentOS 7.6
• systemd drop in unit 10-execstart-networking.conf in use
• network configuration correct
• routes look good
• instance meta-data reachable

#
# eval $(clcadmin-impersonate-user -a '(eucalyptus)loadbalancing')
#
# euca-import-keypair -f ~/.ssh/id_rsa.pub root
KEYPAIR	root	f7:0d:df:9d:0f:7f:b4:14:b4:d1:15:2f:6f:e3:4f:12
#
# eval $(clcadmin-release-credentials)
#
# euctl services.loadbalancing.worker.keyname=root
services.loadbalancing.worker.keyname = root
#
# eulb-create-lb -z one -l "protocol=HTTP, lb-port=80, instance-protocol=HTTP, instance-port=80" balancer-1
DNS_NAME	balancer-1-000148649033.lb.nc32-euca.appscale.net
#
# eval $(clcadmin-impersonate-user -a '(eucalyptus)loadbalancing')
#
# euca-describe-instances
RESERVATION	r-8999a4385109f8d65	000829132253	euca-internal-000148649033-balancer-1
INSTANCE	i-4998752ec08ea8d33	emi-532eaf0877fef4ea7	euca-192-168-162-82.eucalyptus.nc32-euca.appscale.net	euca-192-168-212-36.eucalyptus.internal	pending	root	0		t2.nano	2018-12-11T17:54:42.004Z	one				monitoring-enabled	192.168.162.82	192.168.212.36			instance-store					hvm		1b8dd030-0505-4206-9026-d8021189dbaa_one_1	sg-dfdeec8ee8a9c9553			arn:aws:iam::000829132253:instance-profile/internal/loadbalancer/loadbalancer-vm-000148649033-balancer-1	x86_64
TAG	instance	i-4998752ec08ea8d33	aws:autoscaling:groupName	euca-internal-elb-000148649033-balancer-1-one
TAG	instance	i-4998752ec08ea8d33	service-type	loadbalancing
#
# euca-authorize -P tcp -p 22 sg-dfdeec8ee8a9c9553
GROUP	sg-dfdeec8ee8a9c9553
PERMISSION	sg-dfdeec8ee8a9c9553	ALLOWS	tcp	22	22	FROM	CIDR	0.0.0.0/0
#
# eval $(clcadmin-release-credentials)
#
# ssh cloud-user@euca-192-168-162-82.eucalyptus.nc32-euca.appscale.net
[cloud-user@euca-192-168-212-36 ~]$ sudo -i
[root@euca-192-168-212-36 ~]# systemctl status cloud-init-local
● cloud-init-local.service - Initial cloud-init job (pre-networking)
   Loaded: loaded (/usr/lib/systemd/system/cloud-init-local.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/cloud-init-local.service.d
           └─10-execstart-networking.conf
   Active: active (exited) since Tue 2018-12-11 09:56:06 UTC; 8h ago
 Main PID: 2410 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/cloud-init-local.service

Dec 11 09:55:15 localhost.localdomain dhclient[2390]: are/dhcp/
Dec 11 09:55:15 localhost.localdomain dhclient[2390]: Listening on LPF/eth0/d0:0d:49:98:75:2e
Dec 11 09:55:15 localhost.localdomain dhclient[2390]: Sending on   LPF/eth0/d0:0d:49:98:75:2e
Dec 11 09:55:15 localhost.localdomain dhclient[2390]: Sending on   Socket/fallback
Dec 11 09:55:15 localhost.localdomain dhclient[2390]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 5 (xid=0x2853bece)
Dec 11 09:55:15 localhost.localdomain dhclient[2390]: DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x2853bece)
Dec 11 09:55:15 localhost.localdomain dhclient[2390]: DHCPOFFER from 192.168.111.33
Dec 11 09:55:15 localhost.localdomain dhclient[2390]: DHCPACK from 192.168.111.33 (xid=0x2853bece)
Dec 11 09:55:15 localhost.localdomain dhclient[2390]: bound to 192.168.212.36 -- renewal in 42068 seconds.
Dec 11 09:56:06 euca-192-168-212-36.eucalyptus.internal systemd[1]: Started Initial cloud-init job (pre-networking).
[root@euca-192-168-212-36 ~]#
[root@euca-192-168-212-36 ~]# cat /etc/sysconfig/network
# Networking config from /usr/local/bin/reset-networking.sh
NOZEROCONF=yes
NETWORKING=yes
[root@euca-192-168-212-36 ~]#
[root@euca-192-168-212-36 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.111.33  0.0.0.0         UG    0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
[root@euca-192-168-212-36 ~]# 
[root@euca-192-168-212-36 ~]# curl http://169.254.169.254/latest/meta-data/instance-id; echo
i-4998752ec08ea8d33
[root@euca-192-168-212-36 ~]# 
[root@euca-192-168-212-36 ~]# cat /etc/centos-release
CentOS Linux release 7.6.1810 (Core) 
[root@euca-192-168-212-36 ~]# 
[root@euca-192-168-212-36 ~]# rpm -q load-balancer-servo
load-balancer-servo-1.5.0-0.37.java11sisd.as.el7.noarch
[root@euca-192-168-212-36 ~]#