modules/mu/clouds/aws/userdata/linux.erb in cloud-mu-2.1.0beta vs modules/mu/clouds/aws/userdata/linux.erb in cloud-mu-3.0.0beta

@@ -12,11 +12,10 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
 updates_run=0
-need_reboot=0
 instance_id="`curl http://169.254.169.254/latest/meta-data/instance-id`"
 region="`curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone | sed 's/[a-z]$//'`"
 
 # cleanse inherited ephemeral devices that don't actually exist
 for d in r s t u ;do
@@ -33,31 +32,29 @@
     apt-get update -y
     if [ ! -f /usr/bin/pip ] ;then /usr/bin/apt-get --fix-missing -y install python-pip;fi
     if [ ! -f /usr/bin/curl ] ;then /usr/bin/apt-get --fix-missing -y install curl;fi
     AWSCLI=/usr/local/bin/aws
 <% if !$mu.skipApplyUpdates %>
+    set +e
     if [ ! -f /.mu-installer-ran-updates ];then
       service ssh stop
       apt-get --fix-missing -y upgrade 
+      touch /.mu-installer-ran-updates
       if [ $? -eq 0 ]
       then
         echo "Successfully updated packages"
         updates_run=1
+        # XXX this logic works on Ubuntu, is it Debian-friendly?
+        latest_kernel="`ls -1 /boot/vmlinuz-* | sed -r 's/^\/boot\/vmlinuz-//' | tail -1`"
+        running_kernel="`uname -r`"
+        if [ "$running_kernel" != "$latest_kernel" -a "$latest_kernel" != "" ];then
+          shutdown -r now "Applying new kernel"
+        fi
       else
         echo "FAILED PACKAGE UPDATE" >&2
       fi
-      # Proceed regardless
-      touch /.mu-installer-ran-updates
-
-      # XXX this logic works on Ubuntu, is it Debian-friendly?
-      latest_kernel="`ls -1 /boot/vmlinuz-* | sed -r 's/^\/boot\/vmlinuz-//' | tail -1`"
-      running_kernel="`uname -r`"
-      if [ "$running_kernel" != "$latest_kernel" -a "$latest_kernel" != "" ];then
-        need_reboot=1
-      else
-        service ssh start
-      fi
+      service ssh start
     fi
 <% end %>
   elif [ -x /usr/bin/yum ];then
     version=`/bin/rpm -qa \*-release | grep -Ei "redhat|centos" | cut -d"-" -f3`
     if [ -z "$version" ];then
@@ -87,28 +84,27 @@
     # Ugh, rando EPEL mirror
     if [ ! -f /etc/yum.repos.d/epel.repo ];then
       /bin/rpm -ivh http://mirror.metrocast.net/fedora/epel/epel-release-latest-$version.noarch.rpm
     fi
 <% if !$mu.skipApplyUpdates %>
+    set +e
     if [ ! -f /.mu-installer-ran-updates ];then
       service sshd stop
       kernel_update=`yum list updates | grep kernel`
       yum -y update
+      touch /.mu-installer-ran-updates
       if [ $? -eq 0 ]
       then
         echo "Successfully updated packages"
         updates_run=1
+        if [ -n "$kernel_update" ]; then
+          shutdown -r now "Applying new kernel"
+        fi
       else
         echo "FAILED PACKAGE UPDATE" >&2
       fi
-      # Proceed regardless
-      touch /.mu-installer-ran-updates
-      if [ -n "$kernel_update" ]; then
-        need_reboot=1
-      else
-        service sshd start
-      fi
+      service sshd start
     fi
 <% end %>
   fi
 else
   /bin/logger "***** Unable to verify internet connectivity, skipping package updates from userdata"
@@ -141,31 +137,23 @@
   AWSCLI=/bin/aws
 fi
 
 umask 0077
 
-# Install Chef now, because why not?
 if [ ! -f /opt/chef/embedded/bin/ruby ];then
   curl https://www.chef.io/chef/install.sh > chef-install.sh
   set +e
   # We may run afoul of a synchronous bootstrap process doing the same thing. So
   # wait until we've managed to run successfully.
-  while ! sh chef-install.sh -v <%= MU.chefVersion %>;do
+  while ! sh chef-install.sh -v <%= $mu.chefVersion %>;do
     sleep 10
   done
   touch /opt/mu_installed_chef
-  set -e
 fi
 
-<% if !$mu.skipApplyUpdates %>
-if [ "$need_reboot" == "1" ];then
-  shutdown -r now "Applying new kernel"
-fi
-<% end %>
-
 if [ "$AWSCLI" != "" ];then
-  $AWSCLI --region="$region" s3 cp s3://<%= MU.adminBucketName %>/<%= $mu.muID %>-secret .
+  $AWSCLI --region="$region" s3 cp s3://<%= $mu.adminBucketName %>/<%= $mu.muID %>-secret .
 fi
 
 echo '
 require "openssl"
 require "base64"
@@ -179,8 +167,8 @@
 # Make double-sure sshd is actually up
 if ! ( netstat -na | grep LISTEN | grep ':22 ' );then
   service sshd start
 fi
 
-/usr/bin/curl -k --data mu_id="<%= $mu.muID %>" --data mu_resource_name="<%= $mu.resourceName %>" --data mu_resource_type="<%= $mu.resourceType %>" --data mu_instance_id="$instance_id" --data mu_bootstrap="1" --data mu_user="<%= $mu.muUser %>" --data mu_deploy_secret="`/opt/chef/embedded/bin/ruby encrypt_deploy_secret.rb`" https://<%= $mu.publicIP %>:2260/
+/usr/bin/curl -k --data mu_id="<%= $mu.muID %>" --data mu_resource_name="<%= $mu.resourceName %>" --data mu_resource_type="<%= $mu.resourceType %>" --data mu_instance_id="$instance_id" --data mu_bootstrap="1" --data mu_user="<%= $mu.muUser %>" --data mu_deploy_secret="`/opt/chef/embedded/bin/ruby encrypt_deploy_secret.rb`" https://<%= $mu.publicIP %>:<%= $mu.mommaCatPort %>/
 /bin/rm -f <%= $mu.muID %>-secret mu_deploy_key.pub chef-install.sh encrypt_deploy_secret.rb
 touch /.mu_userdata_complete