Bug 1392792

Summary: CFME parses and reconstitutes cloud-config script differently
Product: Red Hat Enterprise Linux 7 Reporter: Wolfram Richter <wrichter>
Component: cloud-initAssignee: Lars Kellogg-Stedman <lars>
Status: CLOSED WORKSFORME QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.2CC: cbolz, jhardy, obarenbo, wrichter
Target Milestone: pre-dev-freeze   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-01-15 14:33:44 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Wolfram Richter 2016-11-08 09:24:35 UTC 
Description of problem:
CFME parses and reconstitutes cloud-init userdata and changes the YAML layout, which causes the yaml to be misinterpreted by the RHEL cloud-init package.

Specifically these two lines:
    runcmd:
     - [ cloud-init-per, once, foreman-userdata, /tmp/foreman-userdata.sh ]

are reinterpreted and written out as:

runcmd:
-   - cloud-init-per
    - once
    - foreman-userdata
    - /tmp/foreman-userdata.sh


Version-Release number of selected component (if applicable):
This only happens with CFME 5.6.2.1 , not with CFME 5.6.1.2. I.e. 5.6.1.2 passes on the YAML as-is whereas 5.6.2.1 reinterprets the yaml.


How reproducible:
100%

Steps to Reproduce:
1. Use the following cloud-init customization script (adapt ssh key of course ;-) to instantiate a RHEL KVM image VM
2. After the VM has initialized, check if /cloud-init_has_run exists
3. Check the rendered cloud-init script on the VMs' /var/lib/cloud/instance/cloud-config.txt

--- BEGIN CLOUD_INIT SAMPLE ---
#cloud-config

cloud_init_modules:
 - migrator
 - bootcmd
 - write-files
 - growpart
 - resizefs
 - set_hostname
 - update_hostname
 - update_etc_hosts
 - rsyslog
 - users-groups
 - ssh

users:
- name: cloud-user
  ssh_authorized_keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwsGSFpp7tcOJ3sdT3zU2ek91ew91k69+XjsTIFponydFIa8oxRiFzmM442NRcNRsHmV/OlE/quKaDmtXLeY4NjNDb3xn9AferDjn1hcWDtPBzpfMJe2OMFxNdVxmnwBV49Z2uMA6nixD+CWHBJPkXrBuJ7G24XcuSUocqOQIFmR2YIil4Wnja9ocg4UAft5xcgP7zVom3EWkAZqpuBvzUSPi09GebWa+g567bAvMM8p4oJfeDwzKvx7zZO5rdMI1mgxUp8LlgeQiAnmjHWrCDpc6ZoP8R/YbuC1eLGW2Kb4h1f+rwOiS8kG5uMOuSIV/RkZeUERb7UlZrzBgNOM/DQ==

write_files:
- path: /tmp/foreman-userdata.sh
  permissions: '0755'
  content: |
   #!/bin/bash
   touch /cloud-init_has_run

runcmd:
 - [ cloud-init-per, once, foreman-userdata, /tmp/foreman-userdata.sh ]
output: {all: '| tee -a /root/install.userdata.log'}
--- END CLOUD_INIT SAMPLE ---


Actual results:
File does not exists, script is rendered as described above


Expected results:
File exists, script is rendered as it is provided to CFME

Additional info:
Comment 2 Greg McCullough 2016-11-08 13:39:26 UTC 
Brandon - Please review this issue and pass to the RHEVM team if appropriate.
Comment 3 Wolfram Richter 2016-11-08 14:02:44 UTC 
Latest version tested where the problem still occurs is 5.6.2.2.20161017185613_7cee0a0
Comment 4 Christian Jung 2016-11-08 21:09:55 UTC 
HiHo,
can we please raise priority to high, since this is something which used to work with previous versions of 5.6.x and has critical impact for every customer which uses cloud-init (which is probably a lot of OpenStack and RHEV Customers).

Just my 2cents,
Christian
Comment 5 Brandon Dunne 2016-11-10 20:19:36 UTC 
According to the cloud-config docs, the config needs to be valid YAML.  For RHEV, we YAML load, remove the key / value pairs that RHEV requires to be set in a different place and YAML dump everything is left (runcmd included).  The YAML.dump is properly dumping the arrays to valid YAML syntax.

It's interesting that the examples show that the top level is properly YAML dumped but the second level is undumped.  It sounds like a bug in cloudinit.
Comment 7 Wolfram Richter 2016-11-12 22:37:14 UTC 
I have launched an instance directly from the openstack horizon dashboard and provided the cloud-config script attached above. This seems to have worked, even though the user data has also been rewritten:

[root@test ~]# cat /var/lib/cloud/instance/cloud-config.txt
#cloud-config

# from 1 files
# part-001

---
cloud_init_modules:
- migrator
- bootcmd
- write-files
- growpart
- resizefs
- set_hostname
- update_hostname
- update_etc_hosts
- rsyslog
- users-groups
- ssh
output:
    all: '| tee -a /root/install.userdata.log'
runcmd:
-   - cloud-init-per
    - once
    - foreman-userdata
    - /tmp/foreman-userdata.sh
users:
-   name: cloud-user
    ssh_authorized_keys:
    - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwsGSFpp7tcOJ3sdT3zU2ek91ew91k69+XjsTIFponydFIa8oxRiFzmM442NRcNRsHmV/OlE/quKaDmtXLeY4NjNDb3xn9AferDjn1hcWDtPBzpfMJe2OMFxNdVxmnwBV49Z2uMA6nixD+CWHBJPkXrBuJ7G24XcuSUocqOQIFmR2YIil4Wnja9ocg4UAft5xcgP7zVom3EWkAZqpuBvzUSPi09GebWa+g567bAvMM8p4oJfeDwzKvx7zZO5rdMI1mgxUp8LlgeQiAnmjHWrCDpc6ZoP8R/YbuC1eLGW2Kb4h1f+rwOiS8kG5uMOuSIV/RkZeUERb7UlZrzBgNOM/DQ==
write_files:
-   content: '#!/bin/bash

        touch /cloud-init_has_run

        '
    path: /tmp/foreman-userdata.sh
    permissions: '0755'
...
[root@test ~]# cat /tmp/foreman-userdata.sh
#!/bin/bash
touch /cloud-init_has_run
[root@test ~]# ls /cloud-init_has_run
/cloud-init_has_run
[root@test ~]#
Comment 8 Wolfram Richter 2016-11-24 13:55:31 UTC 
I just tested again with CFME 5.6.2.2.20161017185613_7cee0a0 -> here the cloud-init script runs just fine.

There are two files in /var/lib/cloud/instance/: user-data.txt and cloud-config.txt. The former contains the runcmd stanza unchanged, the latter has it parsed and reconstituted (nevertheless it works).
Comment 9 Lars Kellogg-Stedman 2017-01-14 15:18:14 UTC 
This is assigned to me, but I am unclear what the issue is.  cloud-init uses the standard Python YAML parser; as long as it's valid YAML, the particular syntax you use for representing your lists doesn't matter.  The comment in #7 seems to validate this.  The comment in #8 seems to indicate that this problem cannot be reproduced with CFME 5.6.2.2....

Is there still an issue?  If there is, can you provide me with a simple user-data.txt that will reproduce the problem when passed to cloud-init directly (i.e., without involving CFME)?
Comment 10 Wolfram Richter 2017-01-15 11:09:07 UTC 
This problem no longer occurs - might have been a fluke. What is the best way to handle such a case? Should I just comment on it and close it, or leave it open (as I did now)?
Comment 11 Lars Kellogg-Stedman 2017-01-15 14:33:44 UTC 
I think I'll just close this as CLOSED WORKSFORME.