Move disable checks out of systemd generator

Makefile

@@ -39,6 +39,7 @@ render-template:
 # Our generator is a shell script. Make it easy to measure the
 # generator. This should be monitored for performance regressions
 benchmark-generator: FILE=$(GENERATOR_F).tmpl
+benchmark-generator: VARIANT="benchmark"
 benchmark-generator: export ITER=$(NUM_ITER)
 benchmark-generator: render-template
 	$(BENCHMARK) $(GENERATOR_F)

cloudinit/cmd/status.py

@@ -43,6 +43,7 @@ class UXAppBootStatusCode(enum.Enum):
     DISABLED_BY_GENERATOR = "disabled-by-generator"
     DISABLED_BY_KERNEL_CMDLINE = "disabled-by-kernel-cmdline"
     DISABLED_BY_MARKER_FILE = "disabled-by-marker-file"
+    DISABLED_BY_ENV_VARIABLE = "disabled-by-environment-variable"
     ENABLED_BY_GENERATOR = "enabled-by-generator"
     ENABLED_BY_KERNEL_CMDLINE = "enabled-by-kernel-cmdline"
     ENABLED_BY_SYSVINIT = "enabled-by-sysvinit"
@@ -54,6 +55,7 @@ class UXAppBootStatusCode(enum.Enum):
         UXAppBootStatusCode.DISABLED_BY_GENERATOR,
         UXAppBootStatusCode.DISABLED_BY_KERNEL_CMDLINE,
         UXAppBootStatusCode.DISABLED_BY_MARKER_FILE,
+        UXAppBootStatusCode.DISABLED_BY_ENV_VARIABLE,
     ]
 )
 
@@ -184,6 +186,16 @@ def get_bootstatus(disable_file, paths) -> Tuple[UXAppBootStatusCode, str]:
     elif "cloud-init=disabled" in cmdline_parts:
         bootstatus_code = UXAppBootStatusCode.DISABLED_BY_KERNEL_CMDLINE
         reason = "Cloud-init disabled by kernel parameter cloud-init=disabled"
+    elif "cloud-init=disabled" in os.environ.get("KERNEL_CMDLINE", "") or (
+        uses_systemd()
+        and "cloud-init=disabled"
+        in subp.subp(["systemctl", "show-environment"]).stdout
+    ):
+        bootstatus_code = UXAppBootStatusCode.DISABLED_BY_ENV_VARIABLE
+        reason = (
+            "Cloud-init disabled by environment variable "
+            "KERNEL_CMDLINE=cloud-init=disabled"
+        )
     elif os.path.exists(os.path.join(paths.run_dir, "disabled")):
         bootstatus_code = UXAppBootStatusCode.DISABLED_BY_GENERATOR
         reason = "Cloud-init disabled by cloud-init-generator"

doc/rtd/howto/disable_cloud_init.rst

@@ -6,7 +6,7 @@ How to disable cloud-init
 One may wish to disable cloud-init to ensure that it doesn't do anything on
 subsequent boots. Some parts of cloud-init may run once per boot otherwise.
 
-There are two cross-platform methods of disabling ``cloud-init``.
+There are three cross-platform methods of disabling ``cloud-init``.
 
 Method 1: text file
 ====================
@@ -34,6 +34,15 @@ Example (using GRUB2 with Ubuntu):
     $ echo 'GRUB_CMDLINE_LINUX="cloud-init=disabled"' >> /etc/default/grub
     $ grub-mkconfig -o /boot/efi/EFI/ubuntu/grub.cfg
 
-.. note::
-   When running in containers, ``cloud-init`` will read an environment
-   variable named ``KERNEL_CMDLINE`` in place of a kernel commandline.
+Method 3: environment variable
+==============================
+
+To disable cloud-init, pass the environment variable
+``KERNEL_CMDLINE=cloud-init=disabled`` into each of cloud-init's
+processes.
+
+Example (using systemd):
+
+.. code-block::
+
+    $ echo "DefaultEnvironment=KERNEL_CMDLINE=cloud-init=disabled" >> /etc/systemd/system.conf

systemd/cloud-config.service.tmpl

@@ -5,10 +5,9 @@ After=network-online.target cloud-config.target
 After=snapd.seeded.service
 Before=systemd-user-sessions.service
 Wants=network-online.target cloud-config.target
-{% if variant == "rhel" %}
 ConditionPathExists=!/etc/cloud/cloud-init.disabled
 ConditionKernelCommandLine=!cloud-init=disabled
-{% endif %}
+ConditionEnvironment=!KERNEL_CMDLINE=cloud-init=disabled
 
 [Service]
 Type=oneshot

systemd/cloud-final.service.tmpl

@@ -7,10 +7,9 @@ After=multi-user.target
 Before=apt-daily.service
 {% endif %}
 Wants=network-online.target cloud-config.service
-{% if variant == "rhel" %}
 ConditionPathExists=!/etc/cloud/cloud-init.disabled
 ConditionKernelCommandLine=!cloud-init=disabled
-{% endif %}
+ConditionEnvironment=!KERNEL_CMDLINE=cloud-init=disabled
 
 
 [Service]

systemd/cloud-init-generator.tmpl

@@ -23,6 +23,8 @@ CLOUD_SYSTEM_TARGET="/lib/systemd/system/cloud-init.target"
 {% if variant in ["almalinux", "centos", "cloudlinux", "eurolinux", "fedora",
                   "miraclelinux", "openeuler", "OpenCloudOS", "openmandriva", "rhel", "rocky", "TencentOS", "virtuozzo"] %}
     dsidentify="/usr/libexec/cloud-init/ds-identify"
+{% elif variant == "benchmark" %}
+    dsidentify="/bin/true"
 {% else %}
     dsidentify="/usr/lib/cloud-init/ds-identify"
 {% endif %}
@@ -40,105 +42,51 @@ debug() {
     echo "$@" >> "$LOG"
 }
 
-etc_file() {
-    local pprefix="${1:-/etc/cloud/cloud-init.}"
-    _RET="unset"
-    [ -f "${pprefix}$ENABLE" ] && _RET="$ENABLE" && return 0
-    [ -f "${pprefix}$DISABLE" ] && _RET="$DISABLE" && return 0
-    return 0
-}
-
-read_proc_cmdline() {
-    # return /proc/cmdline for non-container, and /proc/1/cmdline for container
-    local ctname="systemd"
-    if [ -n "$CONTAINER" ] && ctname=$CONTAINER ||
-        systemd-detect-virt --container --quiet; then
-        if { _RET=$(tr '\0' ' ' < /proc/1/cmdline); } 2>/dev/null; then
-            _RET_MSG="container[$ctname]: pid 1 cmdline"
-            return
-        fi
-        _RET=""
-        _RET_MSG="container[$ctname]: pid 1 cmdline not available"
-        return 0
-    fi
-
-    _RET_MSG="/proc/cmdline"
-    read _RET < /proc/cmdline
-}
-
-kernel_cmdline() {
-    local cmdline="" tok=""
-    if [ -n "${KERNEL_CMDLINE+x}" ]; then
-        # use KERNEL_CMDLINE if present in environment even if empty
-        cmdline=${KERNEL_CMDLINE}
-        debug 1 "kernel command line from env KERNEL_CMDLINE: $cmdline"
-    else
-        read_proc_cmdline && cmdline="$_RET" &&
-                debug 1 "kernel command line ($_RET_MSG): $cmdline"
-    fi
-    _RET="unset"
-    cmdline=" $cmdline "
-    tok=${cmdline##* cloud-init=}
-    [ "$tok" = "$cmdline" ] && _RET="unset"
-    tok=${tok%% *}
-    [ "$tok" = "$ENABLE" -o "$tok" = "$DISABLE" ] && _RET="$tok"
-    return 0
-}
-
-default() {
-    _RET="$ENABLE"
-}
-
-check_for_datasource() {
-    local ds_rc=""
-    if [ ! -x "$dsidentify" ]; then
-        debug 1 "no ds-identify in $dsidentify"
-        return 0
-    fi
-    $dsidentify
-    ds_rc=$?
-    debug 1 "ds-identify rc=$ds_rc"
-    if [ "$ds_rc" = "0" ]; then
-        return 0
-    fi
-    return 1
-}
-
 main() {
     local normal_d="$1" early_d="$2" late_d="$3"
     local target_name="multi-user.target" gen_d="$early_d"
     local link_path="$gen_d/${target_name}.wants/${CLOUD_TARGET_NAME}"
-    local ds=""
+    local ds="" ret=""
 
     debug 1 "$0 normal=$normal_d early=$early_d late=$late_d"
     debug 2 "$0 $*"
 
-    local search result="error" ret=""
-    for search in kernel_cmdline etc_file default; do
-        if $search; then
-            debug 1 "$search found $_RET"
-            [ "$_RET" = "$ENABLE" -o "$_RET" = "$DISABLE" ] &&
-                result=$_RET && break
-        else
-            ret=$?
-            debug 0 "search $search returned $ret"
-        fi
-    done
+    # ds=found => enable
+    # ds=notfound => disable
+    # <any> => disable
+    debug 1 "checking for datasource"
 
-    # enable AND ds=found == enable
-    # enable AND ds=notfound == disable
-    # disable || <any> == disabled
-    if [ "$result" = "$ENABLE" ]; then
-        debug 1 "checking for datasource"
-        check_for_datasource
-        ds=$?
+    if [ ! -x "$dsidentify" ]; then
+        debug 1 "no ds-identify in $dsidentify"
+        ds=0
+    fi
+    $dsidentify
+    ds=$?
+    debug 1 "ds-identify rc=$ds"
+
+    if [ "$ds" = "1" -o "$ds" = "2" ]; then
         if [ "$ds" = "1" ]; then
             debug 1 "cloud-init is enabled but no datasource found, disabling"
-            result="$DISABLE"
+        else
+            debug 1 "cloud-init is disabled by kernel commandline or etc_file"
         fi
-    fi
+        if [ -f "$link_path" ]; then
+            if rm -f "$link_path"; then
+                debug 1 "disabled. removed existing $link_path"
+            else
+                ret=$?
+                debug 0 "[$ret] disable failed, remove $link_path"
+            fi
+        else
+            debug 1 "already disabled: no change needed [no $link_path]"
+        fi
+        if [ -e "$RUN_ENABLED_FILE" ]; then
+            debug 1 "removing $RUN_ENABLED_FILE and creating $RUN_DISABLED_FILE"
+            rm -f "$RUN_ENABLED_FILE"
+        fi
+        : > "$RUN_DISABLED_FILE"
 
-    if [ "$result" = "$ENABLE" ]; then
+    elif [ "$ds" = "0" ]; then
         if [ -e "$link_path" ]; then
                 debug 1 "already enabled: no change needed"
         else
@@ -157,22 +105,6 @@ main() {
             rm -f $RUN_DISABLED_FILE
         fi
         : > "$RUN_ENABLED_FILE"
-    elif [ "$result" = "$DISABLE" ]; then
-        if [ -f "$link_path" ]; then
-            if rm -f "$link_path"; then
-                debug 1 "disabled. removed existing $link_path"
-            else
-                ret=$?
-                debug 0 "[$ret] disable failed, remove $link_path"
-            fi
-        else
-            debug 1 "already disabled: no change needed [no $link_path]"
-        fi
-        if [ -e "$RUN_ENABLED_FILE" ]; then
-            debug 1 "removing $RUN_ENABLED_FILE and creating $RUN_DISABLED_FILE"
-            rm -f "$RUN_ENABLED_FILE"
-        fi
-        : > "$RUN_DISABLED_FILE"
     else
         debug 0 "unexpected result '$result' 'ds=$ds'"
         ret=3

systemd/cloud-init-local.service.tmpl

@@ -26,10 +26,9 @@ Before=sysinit.target
 Conflicts=shutdown.target
 {% endif %}
 RequiresMountsFor=/var/lib/cloud
-{% if variant == "rhel" %}
 ConditionPathExists=!/etc/cloud/cloud-init.disabled
 ConditionKernelCommandLine=!cloud-init=disabled
-{% endif %}
+ConditionEnvironment=!KERNEL_CMDLINE=cloud-init=disabled
 
 [Service]
 Type=oneshot

systemd/cloud-init.service.tmpl

@@ -38,10 +38,9 @@ Conflicts=shutdown.target
 Before=shutdown.target
 Conflicts=shutdown.target
 {% endif %}
-{% if variant == "rhel" %}
 ConditionPathExists=!/etc/cloud/cloud-init.disabled
 ConditionKernelCommandLine=!cloud-init=disabled
-{% endif %}
+ConditionEnvironment=!KERNEL_CMDLINE=cloud-init=disabled
 
 [Service]
 Type=oneshot

systemd/cloud-init.target

@@ -10,3 +10,6 @@
 [Unit]
 Description=Cloud-init target
 After=multi-user.target
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
+ConditionKernelCommandLine=!cloud-init=disabled
+ConditionEnvironment=!KERNEL_CMDLINE=cloud-init=disabled