Add host-container user-data setting

[tjkirch]

You can set settings.host-containers.NAME.user-data to a valid base64-encoded
string to have the (decoded) data placed in a file accessible to the host
container at /.bottlerocket/host-containers/NAME/user-data.

This is a prerequisite for other upcoming work, but the basic idea is to allow easier customization of host-container agents.

Testing done:

I added this to my instance user data:

[settings.host-containers.admin]
enabled = true
user-data = "aGkgdGhlcmUKaG93IGFyZSB5b3UK"

Here's the result, the basic functionality of this change:

[ec2-user@ip-192-168-19-177 ~]$ cat /.bottlerocket/host-containers/admin/user-data
hi there
how are you

Invalid base64 data is rejected:

[ec2-user@ip-192-168-0-110 ~]$ apiclient -u /settings -m PATCH -d '{"host-containers": {"admin": {"user-data": "lkajsdf"}}}'
Failed PATCH request to '/settings': Status 400 when PATCHing /settings: Json deserialize error: Unable to deserialize into ValidBase64: Invalid base64 input: Invalid last symbol 102, offset 6. at line 1 column 54

To test the migration, I built a 1.0.4 image from the v1.0.4 tag, updated to a 1.0.5 image based on this branch, re-confirmed that the user-data setting worked, downgraded back to 1.0.4, and confirmed the user-data setting was removed and the host came back up OK.

I confirmed a pod runs OK after downgrade/upgrade cycles.

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

[tjkirch]

^ This push tries to address @zmrow's wording concerns above.

[webern]

Looks good. One probing question.

[webern]

Is there any reason to delete the user-data file(s) that might exist?

[tjkirch]

I don't think so, but it's an interesting question to leave up for others to consider.

It seems to me that the worst case might be downgrading and still using a host container that understands the user-data file but tries to do something with it that isn't compatible with the older Bottlerocket version..? For example, maybe you're using the user-data to configure a host-container that makes API calls back to the parent, and those calls are no longer valid with the downgraded version. I think, in that case, you would have created an implicit dependency from the container to the host version, and so should remove/downgrade the host container before downgrading Bottlerocket.

I'm hesitant to delete things from host container persistent storage, so I'd like to have a decent reason, or fall back to leaving what (naively) seems to be a harmless file.

[zmrow]

It's a really interesting question and one that has some pretty good arguments both ways. For now I think we should leave the file there.

[webern]

I agree, I think it's far enough out there as an edge case that it doesn't justify deleting data from the persistent store.

[zmrow]

🥾