x[h<\ddlZddlZddlmZmZddlmZmZddlmZ ddlm Z ddl m Z m Z ddlmZddlmZdd lmZdd lmZmZej.eZd ZGd d ej6ZdZdZGddeZeej@ffeej@ejBffgZ"dZ#y)N)ListUnion)dmisources) url_helper)util) EventScope EventType)NoDHCPLeaseError)EphemeralIPNetwork)DataSourceHostname)aliyunec2zAlibaba Cloud ECSc^eZdZUdZdgZdZgZeee d<dZ dZ dZ e jZeeefe d<d Zed Zfd Zd ed dffd Zd#dZdZdZedZedZedZedZedZedZ dZ!dZ"dZ#dZ$dZ%dZ&dZ'dZ(d$d Z)d%d!Z*d$d"Z+xZ,S)&DataSourceAliYunAliYunzhttp://100.100.100.200z 2016-01-01extended_metadata_versions2N_network_configFcy)NzX-aliyun-ecs-metadata-tokenselfs D/usr/lib/python3/dist-packages/cloudinit/sources/DataSourceAliYun.pyimdsv2_token_put_headerz(DataSourceAliYun.imdsv2_token_put_header+s,ctt| |||tj|j |_|j t jjtjyN) superr__init__copydeepcopydefault_update_eventsr NETWORKaddr BOOT)rsys_cfgdistropaths __class__s rr!zDataSourceAliYun.__init__/sQ .wF%)]]43M3M%N" "":#5#56::9>>Jrci_pkl_versionreturnc$t||yr)r _unpickle)rr,r+s rr/zDataSourceAliYun._unpickle4s .)rc`|jjd}d}|d}d}t||S)NhostnameFzlocalhost.localdomainT)metadatagetr )rfqdn resolve_ip metadata_onlyr1 is_defaults r get_hostnamezDataSourceAliYun.get_hostname7s8==$$Z0  .HJ!(J77rcLt|jjdiS)Nz public-keys)parse_public_keysr2r3rs rget_public_ssh_keysz$DataSourceAliYun.get_public_ssh_keys?s !2!2="!EFFrcLtr|jjSy)NNO_ALIYUN_METADATA) _is_aliyundsnamelowerrs r_get_cloud_namez DataSourceAliYun._get_cloud_nameBs <;;$$& &#rc6|jjSr)r?r@rs rplatformzDataSourceAliYun.platformGs{{  ""rcy)Nzlatest/api/tokenrrs rapi_token_routez DataSourceAliYun.api_token_routeLs!rcy)N21600rrs rimdsv2_token_ttl_secondsz)DataSourceAliYun.imdsv2_token_ttl_secondsPsrc2|j|jgSr)rimdsv2_token_req_headerrs rimdsv2_token_redactz$DataSourceAliYun.imdsv2_token_redactTs,,d.J.JKKrc |jdzS)Nz -ttl-seconds)rrs rrJz(DataSourceAliYun.imdsv2_token_req_headerXs++n< 66v> $4D ! II3T5J5J K$%% KKC D$%%rc N|jsiS|j}i}|j}|j}d}|j} t j |j|j|j||d|d<t j |j|j|j||d|d< t j|j|j|j||}||d<|S#t$retjtd|jtj |j|j|j||||d<Y|SwxYw#t$r*tjtd |jicYSwxYw) zCrawl metadata service when available. @returns: Dictionary of crawled metadata content containing the keys: meta-data, user-data, vendor-data and dynamic. N user-data)rerhrf item_name vendor-data)rerhrf meta-dataz@Faild read json meta-data from %s fall back directory tree style)rerhrfretrieval_exception_ignore_cbz'Failed reading from metadata address %s)rrK_refresh_stale_aliyun_token_cb&_skip_or_refresh_stale_aliyun_token_cb#_skip_json_path_meta_path_aliyun_cbrget_instance_datamin_metadata_versionrrrget_instance_meta_data ExceptionrlogexcrYrget_instance_metadata)rredactcrawled_metadataexc_cb exc_cb_udskip_cbexe_cb_whole_metar[s rcrawl_metadatazDataSourceAliYun.crawl_metadatas --/I))44??  DD/ ,2,D,D))%%,,%&% - [ )/5.F.F))%%,,%&' / ] + 66--))#00#)!2 17 -. -  5))  140I0I--))#00#)!'29 1 - -   KK9%%  I  s2A8E1=DA*E.*E1-E..E110F$#F$ct|tjr+|jdk(rtj dd|_y)z=Exception handler for Ecs to refresh token if token is stale.iz+Clearing cached Ecs API token due to expiryNT)rTrnrtcoderYrlrurmsg exceptions rrz/DataSourceAliYun._refresh_stale_aliyun_token_cbs2 i 0Y^^s5J IIC D"DOrc|j|vS)z/Returns False if cause.code is in status_codes.)r)r status_codescauses r_skip_retry_on_codesz%DataSourceAliYun._skip_retry_on_codesszz--rcl|jtj|}|sy|j||S)z^Callback will not retry on SKIP_USERDATA_VENDORDATA_CODES or if no token is available.F)rrSKIP_USERDATA_CODESr)rrrretrys rrz7DataSourceAliYun._skip_or_refresh_stale_aliyun_token_cbs5))#*A*A9M223 BBrct|tjr%|jdk(rtj dy|j ||S)z7Callback will not retry of whole meta_path is not foundiz&whole meta_path is not found, skippingF)rTrnrtrrYrZrrs rrz4DataSourceAliYun._skip_json_path_meta_path_aliyun_cbs> i 0Y^^s5J KK@ A223 BBrc0|j|jjk7ry|jrt j rt jdy t|j|jjdd5}|j|_ t jd|jrd|jnddddn|j|_ |jrt|jt sy|jj#di|_|jj#d i|_|jj#d i|_y#1swYxYw#t$rYywxYw) NFz1FreeBSD doesn't support running dhclient with -sfT)ipv4ipv6zCrawled metadata service%s rrr) cloud_namer?r@perform_dhcp_setupr is_FreeBSDrYrlr r)rSr_crawled_metadata state_msgr rTrUr3r2 userdata_rawvendordata_raw)rnetws r _get_datazDataSourceAliYun._get_datasS ??dkk//1 1  " "  MN 'KKKK22   -1-@-@-BD*II404!DNN+,B &*%8%8%:D "%%Z  " "D. ..22;C  2266{BG"4488K/  $  s+ -F AE=F =FF FFc~| |j}tjd|j|i}dj |j |j } tj|||jd}|jS#tj$r!}tjd||Yd}~yd}~wwxYw)zRequest new metadata API token. @param seconds: The lifetime of the token in seconds @return: The API token or None if unavailable. Nz!Refreshing Ecs metadata API tokenz{}/{}r`)headersrhrgz/Unable to get API token: %s raised exception %s) rHrYrlrJrjrrErnreadurlrKrtrZcontents)rsecondsrequest_header token_urlr{es r_refresh_api_tokenz#DataSourceAliYun._refresh_api_token/s ?33G 5666@NN4#8#8$:N:NO  }}&#77$ H   ~~  KKA9a   s#BB<B77B<c|j|ji}|j|vr|S|js#|j |_|jsiS|j |jiS)zReturn a dict of headers for accessing a url. If _api_token is unset on AWS, attempt to refresh the token via a PUT and then return the updated token header. )rJrHrErurr)rryrequest_token_headers rrrzDataSourceAliYun._get_headersJsm  ( ($*G*G    3 &' '#557DO?? ,,doo>>rct|tjrX|jrL|jdk\r=|jdk(rtj d|tj d|y)a2Fail quickly on proper AWS if IMDSv2 rejects API token request Guidance from Amazon is that if IMDSv2 had disabled token requests by returning a 403, or cloud-init malformed requests resulting in other 40X errors, we want the datasource detection to fail quickly without retries as those symptoms will likely not be resolved by retries. Exceptions such as requests.ConnectionError due to IMDS being temporarily unroutable or unavailable will still retry due to the callsite wait_for_url. iizLEcs IMDS endpoint returned a 403 error. HTTP endpoint is disabled. Aborting.z2Fatal error while requesting Ecs IMDSv2 API tokensT)rTrnrtrrYrZ)rrs rrsz#DataSourceAliYun._imds_exception_cb_sc i 0~~)..C"7>>S(KK? KKL r)FFFr)r)-__name__ __module__ __qualname__r?rrrrstr__annotations__ url_max_wait url_timeoutrurrRrrrUrpropertyrr!intr/r8r;rArCrErHrKrJr^r}rrrrrrrrrrrs __classcell__)r+s@rrrsL F-.M(,.S .LKJ(/ OU39%5--K ***8G$ ##""LL==$$,0d &> @.CCB!6?*rrc:tjdtk(S)Nzsystem-product-name)r read_dmi_dataALIYUN_PRODUCTrrrr>r>|s   2 3~ EErcg}|jD]\}}t|tr |j|j 6t|t r|j |Xt|tsi|jdg}t|tr |j|j t|t s|j ||S)Nz openssh-key) itemsrTrrkstriplistextendrUr3) public_keyskeys_key_idkey_bodykeys rr:r:s D(..0 ! h $ KK( ) $ ' KK ! $ ',,}b1C#s# CIIK(C& C  ! KrceZdZdZdZy)DataSourceAliYunLocalayDatasource run at init-local which sets up network to query metadata. In init-local, no network is available. This subclass sets up minimal networking with dhclient on a viable nic so that it can talk to the metadata service. If the metadata service provides network configuration then render the network configuration for that instance based on metadata. TN)rrr__doc__rrrrrrsrrc6tj|tSr)rlist_from_depends datasources)dependss rget_datasource_listrs  $ $Wk ::r)$r"loggingtypingrr cloudinitrrrrnrcloudinit.eventr r cloudinit.net.dhcpr cloudinit.net.ephemeralr cloudinit.sourcesr cloudinit.sources.helpersrr getLoggerrrYr DataSourcerr>r:rDEP_FILESYSTEM DEP_NETWORKrrrrrrs ")1/601g!$dw))dN F  , W3356..0C0CDE ;r