We’ve written a lot about provisioning virtual appliances, but the process always seemed to be missing something.
Today we’re announcing some improvements, including a new feature which is actually an old feature we completely re-designed and re-implemented.
The add button
Remember the old Add button that just made no sense (RIP)? Well, we brought it back but it’s better than ever.
The new Add button will allow you to specify MULTIPLE URLs for provisioning.
“For us, this is huge!”
This means you don’t need download logic in your provisioning scripts. We’ll automatically download or clone files from the URLs you specify, and add them to /tmp/provisioning along with your provisioning scripts.
It also means you can now pre-populate the appliance with files such as custom compiled .debs, private keys, or anything which doesn’t belong in a git repository.
Caveat: The first URL must still point to your provisioning scripts, and has limitations in regards to the URL format and file extension, but additional files don’t have such restrictions.
UPDATE: File and repository caching for speed
To make things even speedier, we now also cache previously downloaded provisioning scripts, files and GIT repositories.
If you provisioned with a GIT repo, we will do a git pull on future provisions, to ensure it’s updated before transferring it to the virtual appliance.
If you specify additional provisioning URLs/files, such as custom .debs and other packages, we won’t download them again.
You’ll notice how much time you save when provisioning multiple times with the same URLs.
Bash shellshock and POSIX compliance
Our servers were not in any way vulnerable to the latest shellshock bash bug, but virtual appliances provisioned with the Jidoteki Admin (which was only available for 2 days) were affected by the SSH_ORIGINAL_COMMAND in the wrapper.sh script.
We’ve fixed this by replacing the shell interpreter with /bin/sh. For security reasons, we still strongly suggest you update your servers with the latest version of bash.
New bootstrap scripts
We take security very seriously, so we spent the weekend making ALL our bootstrap scripts POSIX compliant, to ensure they adhere to the best and most secure standards for shell scripting.
We re-wrote some functionality as well, which you can see on GitHub.
Tar vs Archive
When provisioning from a GIT repository, we clone and create a tar containing the files. Some people noticed we were doing a ’git archive’ instead of tarring the entire directory. This means it did not contain the .git metadata, and provisioning scripts were limited to the ’master’ branch or ’HEAD’ ref.
We changed this and now default to tarring the entire directory. This means you can perform a git checkout of a specific branch and also have access to other hidden files (which oddly, git archive doesn’t include).
Example provisioning URLs
We’ve moved the provisioning URL examples to a modal (I know, some people hate modals.), and added a new “Try this example” button. If you click it, the Provisioning scripts URL field will automatically be populated with an example URL and you can provision right away.
Reset button
Once again, if you’re manually editing our example bootstrap script, and you happen to screw up something, feel free to hit the reset button.
Jidoteki has a memory
Some people noticed that each re-provision would reset the bootstrap script. This was annoying if you had your own custom bootstrap script.
Well, we fixed that! We now store the most recent bootstrap script for each source appliance. This means we’ll reload the previous bootstrap script the next time you provision the appliance.
Jidoteki Admin
We keep talking about this secret Jidoteki Admin feature, and it even appears in some screenshots. Some lucky people got to use it during the 2 days it was online.
Don’t worry, we’ll re-introduce it soon. We just need to finish rewriting the update script to 1) be POSIX compliant and 2) handle our new update process.
These are the first steps to a better provisioning process. We’ve got some more improvements coming soon.
You can try all these things now on https://jidoteki.com