New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Azure metadata providers #3585
base: master
Are you sure you want to change the base?
Conversation
2d489f8
to
d57d7c6
Compare
b3fc21d
to
8664a2d
Compare
Hey thanks for this. Yes cloud-init is very large and assumes it can run shell scripts to configure things on the host, which doesn't generally work, and conflicts with immutability. WALinuxAgent is gigantic and tries to guess how to poke around to configure things based on distro, so does not work. The aim of the metadata package is to gather minimal config info that is useful, and to be workable across multiple providers for a base setup. You can use other options if you like if they work, LinuxKit always gives you a choice. |
Thanks for the quick response. Fun opportunity to learn some Go :)
So this would be Regarding immutability, the AzureOVF provider's |
Hi I would like to merge your PR with mine, is that ok to you ;p |
What do you mean by "merge"? If this PR gets merged, you can rebase your PR off of new |
@schnerring I remember I also had an implementation for Azure, though I have reported the metadata API isn't working as intended, and even after months Microsoft aren't doing anything about it. I just wait and left it in the cold until you also popped up and shown an alternative implementation. But fine, I will just drop mine so you can go first. Oh wait I see in the original post you mentioned me already. I shouldn't take this as a TLDR. |
Is there anything I can do to get this merged? #3593 was merged 14 days ago, I don't know what's keeping this PR from getting merged besides rebasing. Any input is appreciated. |
fabaf55
to
bee6e00
Compare
So, as previously discussed, I have implemented the following improvements:
Unfortunately we cannot get rid of the The couple of times I've tested, mounting the CDROM device always succeeded with the 3rd try, so it takes around 10 seconds for probing to succeed. I guess this could take longer when the Azure platform has latency issues. I just stuck to what WALinuxAgent does (6 times 5 seconds). So the best we can do here @rn is to move the Azure provider to the end of the provider list, so it gets probed last in case no arguments were provided. |
@justincormack @rn Please don't code review, yet. There has been an update regarding the Microsoft IMDS API. See my comment in the GitHub issue: MicrosoftDocs/azure-docs#64154 (comment) The I'm excited to test this and I'll be refactoring the code within the next two weeks. |
Signed-off-by: Michael Schnerring <3743342+schnerring@users.noreply.github.com>
Signed-off-by: Michael Schnerring <3743342+schnerring@users.noreply.github.com>
… to Azure-OVF provider Signed-off-by: Michael Schnerring <3743342+schnerring@users.noreply.github.com>
da66d9f
to
cbd0e5e
Compare
Signed-off-by: Michael Schnerring <3743342+schnerring@users.noreply.github.com>
Finally got around doing this and I'm ready for a review @rn @justincormack I'm excited to tell you guys that all the previous issues regarding The provider is now as lightweight as any other provider, like GCP or AWS. One issue I'm having is that
It's two separate sets of data that can be provided during VM creation, as you can see here (Azure Portal): We could keep the OVF provider but just not include it in the default provider list to also support |
@rn @justincormack Is there something we can do to move this forward? Is something missing from the PR? We are also using linuxkit and we are missing on the azure functionality. |
This affects issues:
What I did
How I did it
provider_azure_wire.go
that reports ready to Azure. Both IMDS and OVF provider depend on it, otherwise provisioning won't succeed. For generic steps, see Microsoft docs: Creating generalized images without a provisioning agentprovider_azure_imds.go
that utilizes the Instance Metadata Service API. User data is currently disabled, see:provider_azure_ovf.go
which extracts user data from theovf-env.xml
file on the Azure attached provisioning DVD. The IMDS provider also uses this provider as a fallback to get user data. The implementation is inspired by cloud-init's Azure docs and https://github.com/Azure/WALinuxAgentHow to verify it
k3OS uses linuxkit's metadata package. With the Azure provisioners I can successfully create managed k3OS images for Azure and provision Azure VMs with it. SSH keys and user data provided via Azure CLI / Portal GUI during provisioning works.
I forked k3OS, created a Packer template and and swapped linuxkit/linuxkit for schnerring/linuxkit.
You can find the Packer template using the forked versions on the packer-azure-test branch.
Description for the changelog
Add IMDS and OVF Azure providers to metadata package
Questions / Thoughts
I don't know how the metadata package integrates with the rest of linuxkit but it feels very much like reinventing the wheel. Why not bundle cloud-init or WALinuxAgent agents with linuxkit? Reimplementations will always be inferior compared to these. Is it because those agents are too bloated?
The metadata package's distinction between
cdromProvider
s andnetProvider
s doesn't make sense for Azure providers. The IMDS provider (netProvider
) uses the OVF provider (technicallycdromProvider
) as a fallback for getting user data. For example, cloud-init also uses this fallback mechanism for SSH keys:Should the fallback mechanism be part of the IMDS provider itself (relying on another provider) or should
main.go
implement the "hybrid" provider?Thus far, the OVF provider only extracts user data but not
hostname orSSH keys, so it's not usable as standalone provider, only as a fallback for the IMDS provider.Any ideas or feedback is appreciated.