Add ntp and user module support for cloud-init

Author: detiber

api/v1alpha2/kubeadmbootstrapconfig_types.go

@@ -51,6 +51,12 @@ type KubeadmConfigSpec struct {
 	// PostKubeadmCommands specifies extra commands to run after kubeadm runs
 	// +optional
 	PostKubeadmCommands []string `json:"postKubeadmCommands,omitempty"`
+	// Users specifies extra users to add
+	// +optional
+	Users []User `json:"users,omitempty"`
+	// NTP specifies NTP configuration
+	// +optional
+	NTP *NTP `json:"ntp,omitempty"`
 	// Format specifies the output format of the bootstrap data
 	// +optional
 	Format Format `json:"format,omitempty"`
@@ -109,3 +115,60 @@ type Files struct {
 	// Content is the actual content of the file.
 	Content string `json:"content"`
 }
+
+// User defines the input for a generated user in cloud-init.
+type User struct {
+	// Name specifies the user name
+	Name string `json:"name"`
+
+	// Gecos specifies the gecos to use for the user
+	// +optional
+	Gecos *string `json:"gecos,omitempty"`
+
+	// Groups specifies the additional groups for the user
+	// +optional
+	Groups *string `json:"groups,omitempty"`
+
+	// HomeDir specifies the home directory to use for the user
+	// +optional
+	HomeDir *string `json:"homeDir,omitempty"`
+
+	// Inactive specifies whether to mark the user as inactive
+	// +optional
+	Inactive *bool `json:"inactive,omitempty"`
+
+	// Shell specifies the user's shell
+	// +optional
+	Shell *string `json:"shell,omitempty"`
+
+	// Passwd specifies a hashed password for the user
+	// +optional
+	Passwd *string `json:"passwd"`
+
+	// PrimaryGroup specifies the primary group for the user
+	// +optional
+	PrimaryGroup *string `json:"primaryGroup,omitempty"`
+
+	// LockPassword specifies if password login should be disabled
+	// +optional
+	LockPassword *bool `json:"lockPassword,omitempty"`
+
+	// Sudo specifies a sudo role for the user
+	// +optional
+	Sudo *string `json:"sudo,omitempty"`
+
+	// SSHAuthorizedKeys specifies a list of ssh authorized keys for the user
+	// +optional
+	SSHAuthorizedKeys []string `json:"sshAuthorizedKeys,omitempty"`
+}
+
+// NTP defines input for generated ntp in cloud-init
+type NTP struct {
+	// Servers specifies which NTP servers to use
+	// +optional
+	Servers []string `json:"servers,omitempty"`
+
+	// Enabled specifies whether NTP should be enabled
+	// +optional
+	Enabled *bool `json:"enabled,omitempty"`
+}

api/v1alpha2/zz_generated.deepcopy.go

@@ -37,6 +37,8 @@ type BaseUserData struct {
 	PostKubeadmCommands []string
 	AdditionalFiles     []v1alpha2.Files
 	WriteFiles          []v1alpha2.Files
+	Users               []v1alpha2.User
+	NTP                 *v1alpha2.NTP
 }
 
 func generate(kind string, tpl string, data interface{}) ([]byte, error) {
@@ -49,6 +51,14 @@ func generate(kind string, tpl string, data interface{}) ([]byte, error) {
 		return nil, errors.Wrap(err, "failed to parse commands template")
 	}
 
+	if _, err := tm.Parse(ntpTemplate); err != nil {
+		return nil, errors.Wrap(err, "failed to parse ntp template")
+	}
+
+	if _, err := tm.Parse(usersTemplate); err != nil {
+		return nil, errors.Wrap(err, "failed to parse users template")
+	}
+
 	t, err := tm.Parse(tpl)
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to parse %s template", kind)

cloudinit/cloudinit.go

@@ -33,6 +33,8 @@ runcmd:
 {{- template "commands" .PreKubeadmCommands }}
   - 'kubeadm init --config /tmp/kubeadm.yaml'
 {{- template "commands" .PostKubeadmCommands }}
+{{- template "ntp" .NTP }}
+{{- template "users" .Users }}
 `
 )
 

cloudinit/controlplane_init.go

@@ -33,6 +33,8 @@ runcmd:
 {{- template "commands" .PreKubeadmCommands }}
   - 'kubeadm join --config /tmp/kubeadm-controlplane-join-config.yaml'
 {{- template "commands" .PostKubeadmCommands }}
+{{- template "ntp" .NTP }}
+{{- template "users" .Users }}
 `
 )
 

cloudinit/controlplane_join.go

@@ -29,6 +29,8 @@ runcmd:
 {{- template "commands" .PreKubeadmCommands }}
   - 'kubeadm join --config /tmp/kubeadm-node.yaml'
 {{- template "commands" .PostKubeadmCommands }}
+{{- template "ntp" .NTP }}
+{{- template "users" .Users }}
 `
 )
 

cloudinit/node.go

@@ -0,0 +1,32 @@
+/*
+Copyright 2019 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cloudinit
+
+const (
+	ntpTemplate = `{{ define "ntp" -}}
+{{- if . }}
+ntp:
+  {{ if .Enabled -}}
+  enabled: true
+  {{ end -}}
+  servers:{{ range .Servers }}
+    - {{ . }}
+  {{- end -}}
+{{- end -}}
+{{- end -}}
+`
+)

cloudinit/ntp.go

@@ -0,0 +1,60 @@
+/*
+Copyright 2019 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cloudinit
+
+const (
+	usersTemplate = `{{ define "users" -}}
+{{- if . }}
+users:{{ range . }}
+  - name: {{ .Name }}
+    {{- if .Passwd }}
+    passwd: {{ .Passwd }}
+    {{- end -}}
+    {{- if .Gecos }}
+    gecos: {{ .Gecos }}
+    {{- end -}}
+    {{- if .Groups }}
+    groups: {{ .Groups }}
+    {{- end -}}
+    {{- if .HomeDir }}
+    homedir: {{ .HomeDir }}
+    {{- end -}}
+    {{- if .Inactive }}
+    inactive: true
+    {{- end -}}
+    {{- if .LockPassword }}
+    lock_passwd: {{ .LockPassword }}
+    {{- end -}}
+    {{- if .Shell }}
+    shell: {{ .Shell }}
+    {{- end -}}
+    {{- if .PrimaryGroup }}
+    primary_group: {{ .PrimaryGroup }}
+    {{- end -}}
+    {{- if .Sudo }}
+    sudo: {{ .Sudo }}
+    {{- end -}}
+    {{- if .SSHAuthorizedKeys }}
+    ssh_authorized_keys:{{ range .SSHAuthorizedKeys }}
+      - {{ . }}
+    {{- end -}}
+    {{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+`
+)

cloudinit/users.go

@@ -22,10 +22,6 @@ import (
 	"text/template"
 )
 
-const (
-	rootOwnerValue = "root:root"
-)
-
 var (
 	defaultTemplateFuncMap = template.FuncMap{
 		"Base64Encode": templateBase64Encode,
@@ -42,7 +38,3 @@ func templateYAMLIndent(i int, input string) string {
 	ident := "\n" + strings.Repeat(" ", i)
 	return strings.Repeat(" ", i) + strings.Join(split, ident)
 }
-
-func isKeyPairValid(cert, key string) bool {
-	return cert != "" && key != ""
-}