-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloud_config.go
127 lines (107 loc) · 3.43 KB
/
cloud_config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
package exoscale
import (
"bytes"
"fmt"
"text/template"
"github.com/Masterminds/sprig/v3"
"github.com/squarefactory/cloud-burster/logger"
"github.com/squarefactory/cloud-burster/pkg/config"
"go.uber.org/zap"
"gopkg.in/yaml.v3"
)
type CloudConfigOpts struct {
AuthorizedKeys []string
PostScripts config.PostScriptsOpts
// AddressCIDR follows the format <ip>/<mask>
AddressCIDR string
Gateway string
DNS string
Search string
CustomCloudConfig string
}
const cloudConfigTemplate = `#cloud-config
disable_root: false
ssh_authorized_keys:
{{- range .AuthorizedKeys }}
- {{ . }}
{{- end }}
write_files:
- path: /etc/systemd/resolved.conf
content: |
[Resolve]
DNS={{ .DNS }}
DNSStubListener=no
- path: /etc/NetworkManager/NetworkManager.conf
content: |
[main]
plugins = ifcfg-rh
dns = none
[logging]
- path: /etc/resolv.conf
content: |
nameserver {{ .DNS }}
{{- if .Search }}
search {{ .Search }}
{{ end }}
{{- if .PostScripts.Git.Key }}
- path: /key
content: |-
{{- .PostScripts.Git.Key | nindent 6 }}
encoding: b64
permissions: '0600'
{{- end }}
runcmd:
- [ systemctl, restart, NetworkManager ]
- [ systemctl, stop, firewalld ]
- [ systemctl, disable, firewalld ]
- [ growpart, "/dev/vda", "2" ]
- [ xfs_growfs, "/" ]
- [ resize2fs, "/dev/vda2" ]
- [ nmcli, connection, modify, "Wired connection 1", connection.autoconnect, "yes" ]
- [ nmcli, connection, modify, "Wired connection 1", ipv4.addresses, "{{ .AddressCIDR }}" ]
- [ nmcli, connection, modify, "Wired connection 1", ipv4.gateway, "{{ .Gateway }}" ]
- [ nmcli, connection, modify, "Wired connection 1", ipv4.route-metric, "1" ]
- [ nmcli, connection, modify, "Wired connection 1", ipv4.never-default, "no" ]
- [ nmcli, connection, modify, "Wired connection 1", ipv4.method, manual ]
- [ nmcli, connection, up, "Wired connection 1" ]
- [ nmcli, connection, down, "System ens3" ]
- [ nmcli, connection, modify, "System ens3", connection.autoconnect, "no" ]
- [ sed, "-i", "-e", 's/SELINUX=enforcing/SELINUX=disabled/g', /etc/selinux/config]
- [ setenforce, "0" ]
{{- if and .PostScripts.Git.URL .PostScripts.Git.Ref }}
- mkdir -p /configs && GIT_SSH_COMMAND='ssh -i /key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentitiesOnly=yes' git clone -b {{ .PostScripts.Git.Ref }} {{ .PostScripts.Git.URL }} /configs
- if [ -f /configs/post.sh ] && [ -x /configs/post.sh ]; then cd /configs && ./post.sh compute; fi
- [ rm, -f, /key ]
- [ chmod, -R, "g-rwx,o-rwx", /configs ]
{{- end }}
- [ touch, /etc/cloud/cloud-init.disabled ]
{{ .CustomCloudConfig }}
`
func validate(cloudConfig []byte) error {
m := make(map[interface{}]interface{})
err := yaml.Unmarshal(cloudConfig, &m)
if err != nil {
logger.I.Error(
"cloud config validation failed",
zap.Error(err),
zap.String("cloud-config", string(cloudConfig)),
)
return fmt.Errorf("cloud config validation failed: %s", err.Error())
}
return nil
}
func GenerateCloudConfig(options *CloudConfigOpts) ([]byte, error) {
t, err := template.New("cloud-config").Funcs(sprig.TxtFuncMap()).Parse(cloudConfigTemplate)
if err != nil {
return []byte{}, err
}
var out bytes.Buffer
if err := t.Execute(&out, options); err != nil {
return []byte{}, err
}
outb := out.Bytes()
if err := validate(outb); err != nil {
return []byte{}, err
}
return outb, nil
}