cloud-init icon indicating copy to clipboard operation
cloud-init copied to clipboard
verified publisher icon canonical

sources/hetzner: integrate private networks metadata

Open tboerger opened this issue 8 months ago • 5 comments

Proposed Commit Message

feat(hetzner): integrate private networks metadata

Additional Context

I'm not a python developer and don't entirely understand the tests, maybe somebody can help me? I want to use the change to automatically reference IPs of the assigned private networks via Jinja within my cloud-init configuration.

If you request the external-networks endpoint from a Hetzner Cloud instance you receive a response like this:

# curl http://169.254.169.254/hetzner/v1/metadata/private-networks
- ip: 10.30.0.3
  alias_ips: []
  interface_num: 1
  mac_address: 86:00:00:c3:10:7f
  network_id: 13011151
  network_name: mgmt
  network: 10.30.0.0/18
  subnet: 10.30.0.0/22
  gateway: 10.30.0.1

After applying my change I can query the metadata properly including the attached private networks to properly configure services within cloud-init with the private networks to avoid listening on public interfaces:

# cloud-init query ds.meta_data.private_networks
{
 "mgmt": {
  "alias_ips": [],
  "gateway": "10.30.0.1",
  "interface_num": 1,
  "ip": "10.30.0.3",
  "mac_address": "86:00:00:c3:10:7f",
  "network": "10.30.0.0/18",
  "network_id": 13011151,
  "network_name": "mgmt",
  "subnet": "10.30.0.0/22"
 }
}

Test Steps

Merge type

  • [x] Squash merge using "Proposed Commit Message"
  • [ ] Rebase and merge unique commits. Requires commit messages per-commit each referencing the pull request number (#<PR_NUM>)

tboerger avatar May 15 '25 22:05 tboerger

@asciiprod maybe you can take a look at it and suggest improvements? :)

tboerger avatar May 16 '25 06:05 tboerger

@tboerger , with the conversation happening here, is this PR still in progress, or do you believe it is ready to merge?

TheRealFalcon avatar May 29 '25 15:05 TheRealFalcon

I think it makes sense to follow the provided comments.

tboerger avatar May 29 '25 17:05 tboerger

Hello! Thank you for this proposed change to cloud-init. This pull request is now marked as stale as it has not seen any activity in 14 days. If no activity occurs within the next 7 days, this pull request will automatically close.

If you are waiting for code review and you are seeing this message, apologies! Please reply, tagging TheRealFalcon, and he will ensure that someone takes a look soon.

(If the pull request is closed and you would like to continue working on it, please do tag TheRealFalcon to reopen it.)

github-actions[bot] avatar Jun 13 '25 00:06 github-actions[bot]

Dann, I really forgot about this PR

tboerger avatar Jun 13 '25 21:06 tboerger

@tboerger I have the same use case, are you still planning on working on this?

martinblascop avatar Jun 26 '25 15:06 martinblascop

Let's see if I can integrate the feedback today to get this done.

tboerger avatar Jun 26 '25 18:06 tboerger

@skoch-hc with the last change I started using read_metadata to fetch the private networks. I can also confirm that cloud-init query ds.meta_data.private_networks is working as expected. I have stopped transforming the response and I will stick with the {% set network = ds.meta_data["private-networks"] | selectattr("network_name", "equalto", "cloud-init-test") | first %} example to get the IP of the first network.

Please review and hopefully accept this change now :)

tboerger avatar Jun 26 '25 18:06 tboerger

Looks good to me, also tested it quickly and works as expected. Can be merged from my side.

root@test-server:~# cloud-init query ds.meta_data.private-networks
[
 {
  "alias_ips": [],
  "gateway": "10.2.0.1",
  "interface_num": 2,
  "ip": "10.2.0.2",
  "mac_address": "86:00:00:b5:6f:a9",
  "network": "10.2.0.0/16",
  "network_id": 10222253,
  "network_name": "test-server-2",
  "subnet": "10.2.0.0/24"
 },
 {
  "alias_ips": [],
  "gateway": "192.168.0.1",
  "interface_num": 1,
  "ip": "192.168.0.2",
  "mac_address": "86:00:00:b5:6f:ab",
  "network": "192.168.0.0/16",
  "network_id": 4493592,
  "network_name": "test-server",
  "subnet": "192.168.0.0/24"
 }
]
root@test-server:~# cloud-init query -f '{% set network = ds.meta_data["private-networks"] | selectattr("network_name", "equalto", "test-server") | first%}{{ network.ip }}'
192.168.0.2
root@test-server:~# cloud-init query -f '{% set network = ds.meta_data["private-networks"] | selectattr("network_name", "equalto", "test-server-2") | first%}{{ network.ip }}'
10.2.0.2

skoch-hc avatar Jun 30 '25 06:06 skoch-hc

It seems it still needs an approval from somebody with "write access", probably a cloud-init maintainer.

skoch-hc avatar Jun 30 '25 06:06 skoch-hc

@TheRealFalcon is there something I have to do?

tboerger avatar Jun 30 '25 15:06 tboerger

@tboerger , thanks for the ping. I'll review and merge if there are no outstanding issues.

TheRealFalcon avatar Jun 30 '25 16:06 TheRealFalcon

Hi, am I correct in saying that this PR hasn't made it into a release yet? I'm using nixpkgs unstable to install cloud-init which is ostensibly v25.2 (package source here: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/tools/virtualization/cloud-init/default.nix), and I don't see these changes in DataSourceHetzner.py in the installed package. I tried to use this PR to apply a patch to the 25.2 source but it doesn't apply cleanly.

Thanks! JH

johnhamelink avatar Sep 01 '25 16:09 johnhamelink

You can see at https://github.com/canonical/cloud-init/blob/25.2/cloudinit/sources/DataSourceHetzner.py#L108 that it is part of the tag.

tboerger avatar Sep 01 '25 17:09 tboerger