This change helps to avoid troubles like reported in #5018 and #4860.
Note that for sake of configuration simplicity, no new `ansible.timeout`
option has been added. The users who want to set a different value can
rely on `ansible.raw_arguments`.
This SSH option is always set, except when Vagrant is running from an
operating system fo the Solaris-family, as this parameter is not
supported by SunSSH. Logic taken from
bed1f8335f/lib/vagrant/util/ssh.rb (L116-L121)Fix#5017
/cc @sethvargo - Some weirdness here but overall should work fine. I'm
not sure if there was a GH issue this should be attached to or close. To
explain:
We just use the first machine with the default provider. A
Vagrant::Environment guarantees there is at least one machine, so
`env.machine_names.first` will always work. And we can just use the
default provider because we don't really care. Finally, it can be any
old machine we pass in because we just want the "global" config to
validate and there is no way to say "don't validate machine-specific
configs", so we might as well just pick the first machine to validate.
fixes#3083
Detect the presence of the default DHCP server that comes in a fresh
VirtualBox install and clean it up to prevent it from colliding with
Vagrant-managed network config.
In order to accomplish this, we:
- add a `remove_dhcp_server` call to the virtualbox driver
- fix dhcp options parsing to allow `:dhcp_{ip,lower,upper}`
configuration options to make it through (so a user can override the
removal behavior with some explicit configuration)
- add the full `:network_name` to the details returned from
`:read_dhcp_servers`, so we can have a durable value to pass to
`:remove_dhcp_server`
Note that we do have to eat one more `VBoxManage list dhcpservers` for
each network interface to support this, but this seemed like a nominal
cost
This is just a refactor, no behavior change.
Instead of stitching together dhcpserver info in the structure returned
from `read_host_only_interfaces`, sprout a new driver method called
`read_dhcp_servers` to return that information separately.
This means that driver clients (well there's really only _one_ client in
`ProviderVirtualBox::Action::Network`) have to do a bit more work to get
interface and DHCP server information.
But this gives us (a) a cleaner and more consistent driver interface and
(b) groundwork for a fix for #3083, which will require interacting with
DHCP servers outside of the context of host-only interfaces.
test-only change
when rsync is not installed on the machine running the unit tests, the
prepare_nfs_settings tests end up calling the :nfs_installed capability
on the host, which fails on the fake host wired up in tests.
this adds some explicit stubbing to prevent the implicit assumption that
rsync is installed.
Like Vagrant's default SSH behaviors (e.g ssh or ssh-config commands),
the Ansible provisioner should by default not modify or read the user
known host file (e.g. ~/.ssh/known_hosts).
Given that `UserKnownHostsFile=/dev/null` SSH option is usually combined
with `StrictHostKeyChecking=no`, it seems quite reasonable to bind the
activation/disactivation of both options to `host_key_checking`
provisioner attribute.
For the records, a discussion held in Ansible-Development mailing list
clearly confirmed that there is no short-term plan to adapt Ansible to
offer an extra option or change the behavior of
ANSIBLE_HOST_KEY_CHECKING. For this reason, the current implementation
seems reasonable and should be stable on the long run.
Close#3900
Related References:
- https://groups.google.com/forum/#!msg/ansible-devel/iuoZs1oImNs/6xrj5oa1CmoJ
- https://github.com/ansible/ansible/issues/9442
- force `--connection=ssh` (any other modes like paramiko or smart are not
supported)
- give the highest priority to `raw_arguments` for sake of simplicity (in
usage, in code and in documentation)
- fix position of the `--limit` argument (the generated inventory could be
shadowed by `raw_arguments`, while ansible.limit was able to override
`raw_arguments`
ref #3396
When `--connection` argument is not specified, Ansible will use the
'smart' mode, which can either use `ssh` or `paramiko` transports,
depending of the version of OpenSSH available. If OpenSSH version is new
enough to support ControlPersist technology, `ssh` will be used.
See also http://docs.ansible.com/intro_configuration.html#transport.
In order to support some advanced features of Vagrant (e.g. multiple ssh
private key identities or ssh forwarding), the Ansible provisioner
already must force `ssh` connection mode.
Having to deal with the possible fallback to `paramiko` increase the
burden of special cases that Ansible provisioner must handle, without
any added value, as Vagrant is based on OpenSSH and its users are
usually using modern operating systems.
With this change, the Ansible provisioner will officially only support
`ssh`. It will still be possible to switch to another connection mode
via `raw_arguments`, but it will breach the "contract", and no
(community) support can be expected in such use case.
ref #3900, #3396
For FreeBSD guests, Virtualbox can sometimes report the private network
interface IP address as "0.0.0.0". This will cause an invalid NFS
exports file to be generated for FreeBSD and OS X hosts.
Fixed by not allowing Virtualbox to report a guest IP address of
"0.0.0.0".
Vagrant::Box.load_metadata did not provide a way to specify the HTTPS
download options that could be specified when downloading boxes
(ca cert, ca path, client cert, insecure). As a result, while it was
possible to add a box whose metadata file needed to be downloaded with one of
those options specified, it was impossible to check for updates. The following
changes have been made to address the situation:
1. Create a DownloadMixins module to provide the --insecure, --cacert, --capth,
and --cert command line options to all of `vagrant box add`,
`vagrant box update`, and `vagrant box outdated`.
2. Extend `Vagrant::Box.has_update?` and `Vagrant::Box.load_metadata` to accept
said download options.
3. Extend `box outdated` and `box update` commands to pass download options
down.
4. Extend `Vagrant::Builtin::Action::BoxCheckOutdated` to honour download
options.
5. Options specified on the command line take precedence over options specified
in the machine configuration, if any.
6. Fix bug in `vagrant box add` where client cert was being passed down using
the wrong environment key.
7. Unit test coverage in update_test and box_check_outdated_test.
Resolves#4420
When using pty=true, removing files using sudo may request confirmation,
which will hang the connection.
Similarly, sometimes assumptions about file existence may be wrong and
in those cases it seems better to continue on as long as the file does
not exist, so -f makes sense there, too.
Removed dependency upon netdom which is not always available on all Windows versions. This implementation that uses PowerShell and WMI should work on all OS and PowerShell versions.
Fixed another issue where host renames would always happen when the hostname was longer than 15 characters. The COMPUTERNAME environment variable only returns the first 15 characters so we no longer use that to check the current host name.
Command failures include the stdout and stderr in the error message just like the SSH communicator.
Its now possible to specify only an error_class and have that use the correct error_key by default.
Reboot the Windows guest after renaming the computer so changes take affect immediately before attempting to provision the box.
- Changed rename from wmic to netdom since netdom seems to work correctly in Windows 2008R2 and newer OSs.
- Fixed Windows guest error translations, the wrong namespace was specified in the yaml file.
Elevated command line is now rendered to a script which is uploaded to the guest and executed. This allows the command line itself to be less than 100 chars to start the script and any user commands are puts into the script which has unlimited* length.
I still cannot explain the cause of these random errors in this unit test,
but it is anyway safe and suitable to update the test code as following:
- use stricter regular expression matching (-l is included in --limit)
- array lengths substraction instead of array contents substraction
Motivation:
By printing out the ansible command used behind the scene, we can ease
the support effort to very quickly identify whether a problem is due to
Vagrant provisioner or Ansible itself.
There's very little difference between the command building on Linux and Windows other than path formatting. All Chef provisioners support the --no-color argument now.
Added unit tests to verify changes.
CommandBuilderWindows would not include the Chef binary in the command when the binary_path was specified in the config.
Backfilled unit tests for CommandBuilderWindows
Combine a maximum of options in the last test:
- Ansible Vault options from [GH-3338]
- raw_arguments
Note: it is not expected from Vagrant to reject incoherent combinations
Run remote rsync as root to guarantee that rsync can write to guestpath.
This obviates the need to chown the guestpath to the SSH user prior to
sync.
This brings a substantial speedup (2x on a moderately-sized shared
folder) and properly triggers filesystem notifications on only the files
changed by a given sync.
These will be used to replace the guest side command_alias script that is sent with every communicator execute call. This avoids some uncessary remote calls to the guest, makes it unit testable, and allows larger PowerShell commands to be invoked.
- Fixed typo in helper test
- Removed extraneous machine.config prefix from Windows guest config validation
- Added WinRM communicator unit tests
- Added Windows guest capability unit tests
Initial work
commands/up: make sure all names to with_target_vms are strings
providers/docker: create a docker host VM if needed
providers/docker: executor abstraction for driver to eventually support remote
providers/docker: vagrant executor
providers/docker: support creating the machine
providers/docker: status works if host VM is gone
providers/docker: use start fence to get real docker output
core: Call preserves stack ordering
core: support Message post option
providers/docker: Guard some features with HasSSH checks
providers/docker: much better messaging around create/destroy
providers/docker: output the container ID on create
providers/docker: copy the hostmachine Vagrantfile to the data dir
providers/docker: should make host machine before any up action
providers/docker: HandleBox before the host machine
providers/virtualbox: functional_vboxsf to disable vboxsf
providers/virtualbox: synced folder usable method should take 2 args
providers/docker: default machine name to :default
- Don't mock the config object, but use a true instance
- When possible, take advantage of Rpsec before/after hooks to
reduce code repetitions
- Add an example ("with inventory_path option")
- Use a global variable to store the path of the generated inventory
- Miscellaneous changes in existing examples (style, fixes)
rsync should *always* be pre-installed in SmartOS (global and local zones), as
it's part of the kernel. Previous commits incorrectly attributed #rsync_install
to running rsync, rather than to installing the rsync command.
Pull up encrypted data bag secret management into the base classes, thus
also unifying the functionality.
Especially this complements the issues:
* Upload the secret to provisioning path also with chef-solo [GH-1246]
* Delete the secret also with chef-client [GH-2712]
* Remove the secret before uploading also with chef-client [GH-1111]
of `args` itself and as an element inside of an `args` array. Added validation
around passing in arrays for arguments. Just knowing that it is an array is not
enough, because arrays can contain any other type.
This PR sets the active hostname back to the name specified in the Vagrantfile (fqdn) and updates the unit tests.
Setting it to the short name causes loads of problems while configuring the system. I've had issues with sudoers hostname matching, Weblogic certificate generation and a few others. Even if I changed all of the Chef recipes, the fqdn is set in /etc/sysconfig/network so the active hostname will switch to the fqdn after a reboot.
Since vbox guest properties are proving to be less reliable than we had
hoped, bring back the static config parsing mechanism for finding a
guest IP to hand to NFS. If we find a static IP (or set of IPs) we'll
use that instead of trying to probe guest properties.
This retains NFS support for DHCP interfaces while regaining the
reliability that we previously had when static IPs were required.
When `/etc/hosts` contained a FQDN with a trailing dot, the `\b` in the
sed expression would not match, since dot is not considered to be a word
character.
Fix this by regexp-escaping the hostname search, and matching the end of
the line on optional space followed by additional characters.
Also add some tests that extract the regexp used by sed and verify that
it does what we want. These will hopefully serve us in the future if we
ever need to test additional edge cases.
since we merged multiple private keys, the :private_key_path item of
ssh_info now comes back as an array. the ssh-config command had not yet
been updated to handle this properly.
here we fix that oversight and add a few unit tests around the config
generation.
Previously, we required a host-only interface with a static IP for NFS
to work in VirtualBox, because we needed access to the guest's IP in
order to properly configure mount commands.
After boot, VirtualBox exposes the IP addresses of a guest's network
adapters via the "guestproperty" interface.
This adds support for reading VirtualBox guest properties to the
VirtualBox driver and utilizes that support to prepare NFS settings,
which removes the necessity for a static IP for NFS to work.
In this commit we also start building out scaffolding for unit testing
vbox actions and drivers.
Test plan:
- Prepare a Vagrantfile with the following:
* private network with type: :dhcp
* synced folder with nfs: true
- Boot a VM from this Vagrantfile using the virtualbox provider
- Machine should boot successfully with working synced folder
The logic change in 57d4775140 introduced
a bug where neither strings nor arrays provided as `args` for shell
provisioners would pass validation.
This fixes that problem along with a few extras:
- split out arg validation into a private method
- update comment describing valid args
- add a few unit tests around config validation
there's been a lot of churn around this code, so i figure it was worth
trying to clean it up.
- the methods were doing a lot, so make them into template methods with
one helper per step
- spread out /etc/hosts regexp into a couple of helper variables for
clarity
- remove handling for broken hostname implementations (like basing all
of the checks on name.split('.')[0]), since it seems reasonable to
remove code dedicated only to handling broken boxes
- DRY up the shared code between debian/ubuntu implementations, which
clarifies the differences as well
- add unit tests around the behavior; this will help us in the future
to separate flaws in our understanding from flaws in implementation
- includes a new DummyCommunicator in tests which should be useful in
supporting additional unit testing of this kind
- manually tested this on squeeze, wheezy, precise, quantal, raring,
and saucy successfully.
handles the issue in #2333