cloudfoundry-community / bosh-cloudstack-cpi-release Goto Github PK

Could introduce a short time caching to avoid requesting cloudstack for seldom modified info.

• list zone
• list disk offering
• list network offering

To support iaas preexistent template, we added a mock mode in the cpi.
Should remove this mechanism in favor of a Light Stemcell mechanism
see: http://bosh.io/docs/build-stemcell.html#light-stemcells

Java openjdk is a quite common dependency.
To ease upstream version control, we shoud rely on this project
https://github.com/Orange-OpenSource/java-openjdk-boshrelease

The idea is to include this java bosh release as a git submodule (commit in cpi git on a given java bosh release tag), add symbolic links for package reuse, and script the submodule blob sync, copy to cpi blobs and blob sync the cpi. Same mechanism as cf-release to include other sub components (like UAA)

Met this issue on create_stemcell, cloudstack 4.5 xen 6.5 (Ikoula provider)
The cpi (v8) exposes the image file for template registration to this URL

2016-02-24 11:39:31.579  INFO 7690 --- [nio-8080-exec-1] c.o.o.c.c.w.WebdavServerAdapterImpl      : done pushing file  cpitemplate-7443.vhd to webdav server. retrieve URL is http://178.170.71.137:8080/templates/cpitemplate-7443.vhd

The image is compressed with bzip2 by the stemcell builder process. We get this error as cloudstack asynchronously tries to publish the template

Template content is unsupported, or mismatch between selected format and template content. Found : bzip2 compressed data, block size = 900k

Rename cpi job to cloudstack_cpi. This has been done recently on other external CPIS https://www.pivotaltracker.com/story/show/105868858. This is to allow bosh status to show a better name and in future to support multiple CPIs on a single Director.

cpi v8 has been developped with xen hypervisor.
To bootstrap the vm, the cpi uses user metadata (cloudstack cpi).
The userdata mechanism is not available on vsphere, vcloud cpi and vsphere cpi use cdrom strategy.

We should extend the cloudstack cpi to support this iso cd generation.
Also check the template publication to support ovf (not just xen vhd)
Check if we need a specific / dedicated cloudstack-vpshere stemcell

After deploying a new VM with bosh, stemcell 3173, the current routing table is implemented :

vcap@34f6aed0-3170-467b-a1c3-98a254366bdb:~$ sudo su
[sudo] password for vcap:
root@34f6aed0-3170-467b-a1c3-98a254366bdb:/home/vcap# ip route s
10.234.254.0/24 dev eth0  proto kernel  scope link  src 10.234.254.61

No default gateway is set.

When looking down into /etc/network/interfaces, here's what is set by bosh-agent :

root@34f6aed0-3170-467b-a1c3-98a254366bdb:/home/vcap# cat /etc/network/interfaces
# Generated by bosh-agent
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 10.234.254.61
    network 10.234.254.0
    netmask 255.255.255.0

dns-nameservers 10.234.50.180 10.234.71.124 10.234.254.200

Met a garden issue while deploying diego on cloudstack stemcell 3262.5 (#4)
see

1. cloudfoundry/diego-release#186
2. cloudfoundry-attic/garden-linux-release#21
   There is a conflit with xentools mount on /proc/xen (introduces while updating xentools for xen 6.5).

The mount is issued by the /etc/init.d/xe-linux-distribution :

mount -t xenfs none /proc/xen

Met this issue while activating hvm stemcell publishing, while attaching persistent / ephemeral disk

Failed to attach volume cpi-ephemeral-disk-31579494-4d7b-43b3-b27a-b2991c602b67 to VM cpivm-64377d04-aef7-4f96-9cd7-c8b29a102177; Failed to attach volume for uuid: 9a6d7b5f-4e22-4bdd-b777-75521d6f3be2 due to You attempted an operation on a VM which requires PV drivers to be installed but the drivers were not detected.

Adding a delay between vm creation and disk attach (ephemeral disk) seemed to solve the issue, see #29
However its now systematic on ikoula cloud

bosh deploy of a new release often implies bosh delete_vm / create_vm sequence. On cloudstack, the VM is not instantly freed, and IP address is still marked unavailable, giving conflict when deploying new vm.
options :
1 - wait in delete_vm until vm is expunged. (can be quite long)
2 - force expunge when destroying the vm. => API available in Cloudstack, not yet exposed on jclouds
3 - tentative remove NIC from vm before destroying (would free IP address ?). check api to do this

cloudstack cpi should be able to set predefined security groups to vms
NB: this only applies for basic networking

the cpi will soon be completed with bosh errands. Errands are oneoff bosh jobs launched on a dedicated vm, they will need remote access to cpi-core rest api (/cpi/**). To enable this feature, we must secure the cpi rest api with basic auth, and enable the credentials configuration in bosh manifest

Due to current lack of multiple persistent disk management, the cpi does not support disk resizing (resizing implies addind another persistent disk, dd the datas, etc ...).

The fix requires feeding the bosh registry with a disk reference, helping bosh agent to correlate and identify the different persistent disk.

Moreover, theres is an related issue with fix size Disk Offering : a disk offering change might will not be detected by bosh as requiring a disk resize.

Hystrix circuit breaker offers a good support in spring cloud, to manage backends timeout, avoid overflowing them in case of slow.
see

• https://github.com/Netflix/Hystrix/wiki/Configuration
• http://cloud.spring.io/spring-cloud-netflix/spring-cloud-netflix.html
  This instrumentation limits the concurrent iaas request (default is 10 concurrent cpi orders, will tune later).

All first bosh deployments has failed since bosh registry Basic Auth has been implemented, because of wrong endpoint specification in yaml file.

URI should be built from endpoint + user + password from bosh yaml deployment file.

see announcements and related cloudstack issues
https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12327379&styleName=Html&projectId=12314430
https://issues.apache.org/jira/browse/JCLOUDS-993
https://issues.apache.org/jira/browse/JCLOUDS-756
https://issues.apache.org/jira/browse/JCLOUDS-995

VM deletion expunge locks resources, especially static ip, which prevent new vm allocation in many bosh use cases (eg: bosh recreate).

Cloudstack offers an API to explicitly expunge a VM
https://cloudstack.apache.org/api/apidocs-4.3/root_admin/expungeVirtualMachine.html

As this API requires admin right, we need a new property "force_expunge", default false, to instruct the CPI to force this api call after vm deletion.

Local disk offering for persistent disk is an optional strategy which may be useful in some scenarios, to provide interesting latency/bandwidth and cost saving in some uses cases (typically Mesos / RDBMS / ... uses cases).

The current implementation of the persistent disk using local disk offering causes random issues when attaching disk since local disk may not available to vms that need to use them.

Should design a mechanism to prevent this issue, such as

• try to colocate vm creation on same host as the local persistent disk. See related bosh director issue cloudfoundry/bosh#945.
• snapshot / recreate persistent disk on the fly to match an existing vm location
• use xen supported live migration a "fake vm" to which the persistent volume is attached.

As of cpi v15, for the bosh-init / micro-bosh creation phase, one must run the bosh-cloudstack-cpi-core jar as a standalone jar.
Despite being spring boot, this is cumbersome and error prone.
We shoud provide a simple script to launch the cpi

If the same value is set for both keys, the following error appears 👍

2016-11-02 17:01:20.249 DEBUG [,e13cce19bc4930aa,e13cce19bc4930aa,false] 31910 --- [nio-8080-exec-3] o.s.b.a.audit.listener.AuditListener : AuditEvent [timestamp=Wed Nov 02 17:01:20 CET 2016, principal=admin, type=AUTHENTICATION_SUCCESS, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 10.234.250.81; SessionId: null}]
2016-11-02 17:01:20.249 DEBUG [,e13cce19bc4930aa,e13cce19bc4930aa,false] 31910 --- [nio-8080-exec-3] o.s.b.a.audit.listener.AuditListener : AuditEvent [timestamp=Wed Nov 02 17:01:20 CET 2016, principal=admin, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]

It is a predictive behaviour thanks to the configureGlobal method in WebSecurityConfig class.

However, to prevent bosh cloudstack operators from failling, an assertation must be set in order to emphasize the same principal mustn't be shared between cpi.core.user and cpi.registry.user.

Currently, the registry (storing association of bosh id to cloudstack ids: vms, disks) is stored in a local db stored in /vcap/store persistent FS.

As a result, the usual backup of the bosh db would not backup the bosh registry. Loss of the bosh director persistent disk would require recreating the registry, e.g. by recreating all vms and volumes in a bosh deployment.

CPI should be able to support multiple nics for specific use cases (routing, nat, etc ...)
This implies feeding the registry with NIC related information, so that bosh-agent can correlate and identify the distinct NIC for ip configuration.
Moreover, we will need direct cloudstack api access (jclouds 1.9.1 wont let us have direct NIC provisionning verbs)

CPI should manage env set by bosh director, and feed registry.
eg: vm password set by bosh director are indicated on the create_vm cpi verb by the json hash. CPI should feed these props in the registry settings data for further management by bosh agent

Hi there
I have a question about stemcell root volume size
I deployed CloudFoundry with cloudstack-cpi release based on cloudstack/xen
and used ubuntu stemcell 3192

I wonder if i resize root volume size
Unlike kvm based IaaS, cloudstack/xen base is didn't support flexible root volume size

I think root partition size 3GB is too small
It could be problem in the managing VM with bosh
I worried about root partition will be full
Also i know that, Most of job use attached data volume (ephemeral_disk and persisent disk)

I didn't know about stemcell bulid process and any infomation
Can you give me Opinion?

root@d4647dc0-ff65-48f5-9e2a-83c792f049a8:~# df -hT
Filesystem Type Size Used Avail Use% Mounted on
udev devtmpfs 3.9G 4.0K 3.9G 1% /dev
tmpfs tmpfs 802M 200K 802M 1% /run
/dev/xvda1 ext4 2.9G 1.2G 1.7G 42% /
none tmpfs 4.0K 0 4.0K 0% /sys/fs/cgroup
none tmpfs 5.0M 0 5.0M 0% /run/lock
none tmpfs 4.0G 0 4.0G 0% /run/shm
none tmpfs 100M 0 100M 0% /run/user
/dev/xvdb2 ext4 190G 2.0G 178G 2% /var/vcap/data
tmpfs tmpfs 1.0M 36K 988K 4% /var/vcap/data/sys/run
/dev/loop0 ext4 120M 1.6M 115M 2% /tmp

The cloudstack disk offering is a nice way to have preconfigured disk sizing, and SLAs.
However, some cloudstack iaas provider do not leverage this cloudstack feature.

CPI should be able to manage this case, with no disk offering, and consider it as a custom disk size offering

To help diagnose performance issue on CPI / Iaas, add instrumentation on the cpi-core.

• add spring-cloud-starter-zipkin / sleuth dependency
• set properties for sampling rate, and remote zipkin collecter server

yet missing feature is to implement persistent disk snapshot

Actually, a background task is removing ephemeral disks in cloudstack when vm creation fails.

Current issue aims to add logic to cpi or an errand to the cpi bosh release to tackle upper trouble.

Enabling PVHVM guests in XenServer 6.5 requires that guest templates are registered under specific template name "Ubuntu 14.04". Still, for XenServer 6.2, enabling PV Drivers still needs "Other PV (64 Bits)" template name.

So it might be a good idea to externalise this attribute as a stemcell property or include a specific logic to compute this attribute value in cpi itself.

Due to operations logic, it is required to to change vm name from cpi+UUID to cpi+deployment_name+job_name+UUID (same info as tags).

To benefit from PVHVM improvements in performance, it's required to set requireshvm key to value true in a native call api (Jclouds 1.9.3 doesn't seem to support this property from what we tested up to now).

See : http://cloudstack.apache.org/docs/api/apidocs-4.7/root_admin/registerTemplate.html

The stemcell file is quite compact (~450Mo)
However, once cloudstack has downloaded it from the cpi, the resulting unzipped vhd file is huge (3Go), wich takes time for SSVM (secondary storage vm) template copy.
Should find a solution for a more compact vhd

One possible solution is to use vhd-util coalesce in stemcell builder :

+#convert to sparse vhd
+faketime '2010-01-01' vhd-util coalesce -n 1.vhd -o root.vhd -s

As the cpi holds the http server exposing the template, for cloudstack template http pull, it should be possible to configure a specific ip / host for template registration.
Currently (v8), this ip also the webdav host ip, used by CPI to push the vhd file (in general, this is the bosh director ip. this ip is often not directly accessible from cloudstack).

We should be able to configure the ip/host given to cloudstack.

example use case:

• cloudstack tenant, with isolated network, snat
• A public ip is allocated and associated with the director. This public ip is accessible from cloudstack iaas
• open firewall and add port forwarding to bosh vm, webdav port 8080
  When creating a stemcell, bosh director/cpi extracts the image, pushes it in local webdav. We want for cloudstack register api call to use the public ip, not the local webdav / director ip.

while testing cloudstack vhd stemcell meeting this error :

2015-12-21 19:04:47.565  INFO 27340 --- [nio-8080-exec-5] c.o.o.c.cscpi.CPIRestController          : ==> received
 {"method":"create_stemcell","arguments":["/var/vcap/data/tmp/director/stemcell20151221-4269-19ggeof/image",{"name":"bosh-cloudstack-xen-ubuntu-trusty-go_agent","version":"3160","infrastructure":"cloudstack","hypervisor":"xen","disk":3072,"disk_format":"vhdx","container_format":"bare","os_type":"linux","os_distro":"ubuntu","architecture":"x86_64","auto_disk_config":true}],"context":{"director_uuid":"05569cbf-cd6f-4f13-bf68-fb0a43c5ba84"}}
2015-12-21 19:04:47.586  INFO 27340 --- [nio-8080-exec-5] c.o.o.cloudfoundry.cscpi.CPIAdapterImpl  : method : create_stemcell
2015-12-21 19:04:47.869  INFO 27340 --- [nio-8080-exec-5] c.o.o.cloudfoundry.cscpi.logic.CPIImpl   : create_stemcell
2015-12-21 19:04:47.869  INFO 27340 --- [nio-8080-exec-5] c.o.o.cloudfoundry.cscpi.logic.CPIImpl   : stemcell cloud_properties:
 stemcellName bosh-cloudstack-xen-ubuntu-trusty-go_agent
 stemcellVersion 3160
 stemcellInfrastructure  cloudstack
 stemcellHypervisor  xen


2015-12-21 19:04:47.869  INFO 27340 --- [nio-8080-exec-5] c.o.o.cloudfoundry.cscpi.logic.CPIImpl   : Starting to upload stemcell to webdav
2015-12-21 19:04:47.870  INFO 27340 --- [nio-8080-exec-5] c.o.o.c.c.w.WebdavServerAdapterImpl      : begin pushing file  cpitemplate-68882.vhd to webdav server
2015-12-21 19:08:57.737  INFO 27340 --- [nio-8080-exec-5] c.o.o.c.c.w.WebdavServerAdapterImpl      : done pushing file  cpitemplate-68882.vhd to webdav server. retrieve URL is http://10.234.228.153:8080/templates/cpitemplate-68882.vhd

2015-12-21 19:09:00.709 ERROR 27340 --- [nio-8080-exec-8] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception

java.io.IOException: Resource content too long (beyond Integer.MAX_VALUE): URL [file:/var/vcap/store/cloudstack_cpi/webdav/cpitemplate-68882.vhd]
        at org.springframework.web.servlet.resource.ResourceHttpRequestHandler.setHeaders(ResourceHttpRequestHandler.java:386)
        at org.springframework.web.servlet.resource.ResourceHttpRequestHandler.handleRequest(ResourceHttpRequestHandler.java:234)
        at org.springframework.web.servlet.mvc.HttpRequestHandlerAdapter.handle(HttpRequestHandlerAdapter.java:51)
        at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)
        at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
        at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:966)
        at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:857)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
        at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:842)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at org.springframework.boot.actuate.autoconfigure.EndpointWebMvcAutoConfiguration$ApplicationContextHeaderFilter.doFilterInternal(EndpointWebMvcAutoConfiguration.java:295)
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:102)
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)

seems to be related to template size :

(env=bosh-ops,role=bosh_apidata/0,ip=10.234.228.153)root:/var/vcap/store/cloudstack_cpi/webdav
# ls -lrt
total 4787348
-rw-r--r-- 1 root root 3227525632 Dec 21 19:08 cpitemplate-68882.vhd

Hello,

we need to let a property in the cpi_property "cs_max_api_call" to limit the number of call send by the cpi cs driver to the cloudstack manager, which should be 20 per default.

To leverage cloudstack affinity mechanism, cpi shoud deploy with affinity hint, given a cloud_properties new prop.
see https://kb.leaseweb.com/display/KB/Affinity+Groups%3A+CloudStack

when uploading stemcell, the cpi timeout for template publication is fixed, 5 min for cpi v8.
Should be able to override this timeout

We do not have yet cloudstack compatible official stemcell.

For now development of the CPI were based on openstack-kvm-ubuntu, go agent 3300 stemcell, converted to VHD.

Here is the list of CloudStack specifics that the stemcell would require:

• specific default agent.json config:

CPI bootstraps the vms by setting UserData on the virtual machine (registry endpoint, etc ...)
Cloudstack has a specific metadata http url, referring to its vrouter vm (not a fixed ip, as in openstack). A workaround was to change metadata url in /var/vcap/bosh/agent.json, but its not sufficient, as the url depends on the vrouter IP address by default.

• hypervisor support to ease vm live migrations (xen tools)

As of cp v13, the registry content is limited to 1K
Reached the limit with the following trace

{"agent_id":"4d9acf15-8ae3-4cbc-bcc5-95b325d20f8f","blobstore":{"provider":"dav","options":{"endpoint":"http://10.234.250.81:25250","password":"XXXXX","blobstore_path":"/var/vcap/micro_bosh/data/cache","user":"agent"}},"disks":{"system":"/dev/xvda","ephemeral":"/dev/xvdb","persistent":{}},"env":{"bosh":{"group":"bosh-init-bosh-master-sph-compilation-8492b9b5-db21-4e95-b6e7-527e012c5d87","groups":["bosh-init","bosh-master-sph","compilation-8492b9b5-db21-4e95-b6e7-527e012c5d87","bosh-init-bosh-master-sph","bosh-master-sph-compilation-8492b9b5-db21-4e95-b6e7-527e012c5d87","bosh-init-bosh-master-sph-compilation-8492b9b5-db21-4e95-b6e7-527e012c5d87"]}},"networks":{"compilation":{"type":"manual","ip":"10.234.250.97","netmask":"255.255.255.192","cloud_properties":{"name":"ZZZZZZ"},"dns":["10.234.50.180","10.234.71.124","10.98.128.116","10.234.250.81"],"gateway":"10.234.250.65","mac":"06:24:38:00:00:e4","use_dhcp":false,"resolved":false,"default":["dns","gateway","gateway","dns"]}},"ntp":["10.234.50.245","10.234.50.246"],"mbus":"nats://nats:[email protected]:4222","vm":{"name":"cpivm-90d9c344-04cd-4157-9a5b-40dee2ce0ea3"},"trusted_certs":null}
17:54:19.801 [http-nio-8080-exec-2] INFO  BoshRegistryRestControler - create new instance with vm_id cpivm-90d9c344-04cd-4157-9a5b-40dee2ce0ea3
17:54:19.802 [http-nio-8080-exec-2] WARN  SqlExceptionHelper - SQL Error: 3401, SQLState: 22001
17:54:19.802 [http-nio-8080-exec-2] ERROR SqlExceptionHelper - data exception: string data, right truncation;  table: REGISTRY_INSTANCE column: SETTINGS
17:54:19.802 [http-nio-8080-exec-2] INFO  AbstractBatchImpl - HHH000010: On release of batch it still contained JDBC statements

To augment cpi monitoring, we need to get datas from disk (create, delete, attach...) methods.

This aims to get an even more precise Hystrix dashboard.

Missing ntp configuration in cpi registry feeding. Bosh created vm have no ntp configuration.

see https://bosh.io/docs/cli-v2.html

As the cpi-core jar is built on prepackaging phase, and requires internet access (maven repo), we could leverage maven wrapper.
see https://github.com/takari/maven-wrapper

=> wrapper permits us to remove the maven blob.

We need to set in the cpi_properties the timeout time before jobComplete gets its final state from async op.

Bosh from version 262 and higher need an api endpoint called info without it bosh can't talk to CPI, see example for openstack: https://github.com/cloudfoundry-incubator/bosh-openstack-cpi-release/blob/94f4d2afb1ba147ce340ae5e0c20caacfb5f707d/src/bosh_openstack_cpi/spec/unit/cloud_spec.rb#L181-L187

We're having a cloudstack deployment with 2 zones.

We want one of the bosh to use the second zone.

The current implementation of findZoneId() does not deal with multiple zones on callback (as said in line 96), it does not iterate over responses.

Differents implementations are possible, with java stream api or a simple iterator, both working.

Hi,

in a typical vpc deployment, tenants are isolated using layer-2-like mechanisims (802.1Q, 802.1ah, vxlan for instances).

bosh needs to understand that the same ip adress can be used multiple times in the same network zone (for instance, cloudstack zone) in an advanced network topology.

To prevent bosh from being confused with ip overlap, a new property should be set to specify if ip adress are to be checked at network level or zone level.

This issue is aimed to adress specific use cases, such as providing multiple CFYs sharing the same network configurations but in differant tenants of the same Virtual Private Cloud

CPI should support floating and vip ip.
To match with Network Offering and Cloudstack native capabilities

Hi,

I need to plug two NICs in each deployed instance. I have declared two networks for the job in manifest as below:

networks:
  - name: bosh-first-net
    default: [dns, gateway]
    static_ips:
      - 10.234.250.109
  - name: bosh-second-net
    static_ips:
      - 10.77.111.254 

The deployment fails with this error:

CPI error 'Bosh::Clouds::CpiError' with message 'java.lang.IllegalArgumentException: CPI currently supports at most 1 NIC per vm
CPI currently supports at most 1 NIC per vm
null' in 'create_vm' CPI method (00:00:03)
Error 100: CPI error 'Bosh::Clouds::CpiError' with message 'java.lang.IllegalArgumentException: CPI currently supports at most 1 NIC per vm
CPI currently supports at most 1 NIC per vm
null' in 'create_vm' CPI method

As the error states, the feature of creating VM with more than one NIC is not implemented yet. Could you please put it in your roadmap?

cpi shoud provision keypair name + public key to bosh generated vms

http://cloudstack-administration.readthedocs.org/en/4.6/virtual_machines.html#using-ssh-keys-for-authentication

see cloud-init code to get equivalent support in cloudstack stemcell
https://launchpad.net/cloud-init
http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/files

current cloud-init and cloudstack status

https://bugs.launchpad.net/cloud-init/+bug/1440265
http://events.linuxfoundation.org/sites/events/files/slides/cloud-init_cloudstackdays-austin_0.4.pdf
https://github.com/apache/cloudstack/blob/master/setup/bindir/cloud-set-guest-sshkey.in

cc @fbonelle