Recommended update for cloud-init

SUSE Recommended Update: Recommended update for cloud-init
Announcement ID: SUSE-RU-2018:4288-1
Rating: moderate
References: #1087331 #1095627 #1097388 #1099340 #1101894 #1111427 #1114160
Affected Products:
  • SUSE Linux Enterprise Module for Public Cloud 15
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

An update that has 7 recommended fixes can now be installed.


This update for cloud-init provides the following fixes:

  • Fix a decoding error that could cause persisting the metadata to fail. (bsc#1101894)
  • Fix a problem that could cause static network to be configured with BOOTPROTO=none. (bsc#1114160)
  • Update to version 18.4, including the following fixes (bsc#1087331, bsc#1097388, bsc#1111427, bsc#1095627): * Avoid Python 3 dependency when building for distros with Python 2 support. * Add dhcp-client as requirement as cloud-init uses dhclient to setup a temporary network for metadata retrieval. * Use ds._crawled_metadata instance attribute if set when writing instance-data.json. * ec2: Update crawled metadata and add standardized keys. * lxd: Adjust to snap installed lxd. * Add support for Infiniband network interfaces (IPoIB). * cli: Add cloud-init query subcommand to query instance metadata. * stages: Fix bug causing datasource to have incorrect sys_cfg. * net_util: Ensure static configurations have netmask in translate_network result. * Fall back to root:root on syslog permissions if other options fail. * OpenStack: Support setting mac address on bond. * EphemeralIPv4Network: Be more explicit when adding default route. * OpenStack: Support reading of newer versions of metdata. * OpenStack: Fix a bug that was causing causing 'latest' version to be used from network. * user-data: Use jinja template to render instance-data.json in cloud-config. * config: Disable ssh access to a configured user account. * sysconfig: Refactor sysconfig to accept distro specific templates paths. * hyperv_reporting_handler: Simplify threaded publisher. * VMWare: Fix a network config bug in vm with static IPv4 and no gateway. * logging: Add logging config type hyperv for reporting via Azure KVP * Add datasource Oracle Compute Infrastructure (OCI). * azure: Allow azure to generate network configuration from IMDS per boot. * Scaleway: Add network configuration to the DataSource. * netplan: Correctly render macaddress on a bonds and bridges when provided. * tools: Add 'net-convert' subcommand command to 'cloud-init devel'. * Use typeset or local in profile.d scripts. * OpenNebula: Fix null gateway6. * tools: add '--debug' to tools/ * update_metadata: A datasource can support network re-config every boot. * Retry on failed import of gpg receive keys. * tools: Fix run-container when neither source or binary package requested.
  • Changes from 18.3: * Explicitly prevent `sudo` access for user module. * lxd: Delete default network and detach device if lxd-init created them. * openstack: Avoid unneeded metadata probe on non-openstack platforms. * stages: Fix tracebacks if a module stage is undefined or empty. * Be safer on string/bytes when writing multipart user-data to disk. * Fix get_proc_env for pids that have non-utf8 content in environment. * netplan: Fix mtu if provided by network config for all rendered types. * subp: Support combine_capture argument. * util: Add get_linux_distro function to replace platform.dist * Do not use the systemd_prefix macro, not available in this environment. * openstack: Allow discovery in init-local using dhclient in a sandbox. * yaml_load/schema: Add invalid line and column nums to error message. * Azure: Ignore NTFS mount errors when checking ephemeral drive. * cc_mounts: Do not add devices to fstab that are already present. * ds-identify: Ensure that we have certain tokens in PATH. * read_file_or_url: Move to url_helper, fix bug in its FileResponse. * ds-identify: Recognize container-other as a container. * ds-identify: Remove duplicate call to is_ds_enabled. * azure: Add reported ready marker file. * netinfo: Fix netdev_pformat when a nic does not have an address assigned. * collect-logs: Add -v flag, write to stderr, limit journal to single boot. * IBMCloud: Disable config-drive and nocloud only if IBMCloud is enabled. * Add reporting events and log_time around early source of blocking time. * IBMCloud: recognize provisioning environment during debug boots. * net: Detect unstable network names and trigger a settle if needed. * sysconfig: dhcp6 subnet type should not imply dhcpv4. * schema: In validation, raise ImportError if strict but no jsonschema. * set_passwords: Add newline to end of sshd config, only restart if updated. * net: Depend on iproute2's ip instead of net-tools ifconfig or route. * renderer: Support unicode in render_from_file. * Implement ntp client spec with auto support for distro selection. * apport: Add Brightbox, IBM, LXD, and OpenTelekomCloud to list of clouds. * tests: Fix ec2 integration network metadata validation. * cc_resizefs, util: Handle no /dev/zfs.
  • The distribution indicator is set to SUSE during template expansion. Do not replace anything set to Ubuntu.
  • Do not run cloud-init after network-online, this breaks functionality in cloud-init. Certain parts of the code running in this phase expect to run before the network is on-line.
  • Root should not be enabled by default. Image builders/users that want root access by default should provide an appropriate configuration file during image build or image setup.
  • Set distribution default to OpenSUSE/SLES. (bsc#1099340)
  • Run metadata detection after network-online. (bsc#1097388)

Patch Instructions:

To install this SUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Module for Public Cloud 15:
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-2018-3061=1
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:
    zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-3061=1

Package List:

  • SUSE Linux Enterprise Module for Public Cloud 15 (aarch64 ppc64le s390x x86_64):
    • cloud-init-18.4-5.3.3
    • cloud-init-config-suse-18.4-5.3.3
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64):
    • cloud-init-doc-18.4-5.3.3