move coreos-cloudinit into config/cloudinit

Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2025-09-09 02:31:36 +00:00 · 2017-02-22 23:55:32 +00:00
parent 9b793b5d7c
commit e2ed97648a
260 changed files with 132 additions and 25281 deletions
--- a/config/cloudinit/datasource/configdrive/configdrive.go
+++ b/config/cloudinit/datasource/configdrive/configdrive.go
@@ -0,0 +1,102 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package configdrive
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"log"
+	"os"
+	"path"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+)
+
+const (
+	openstackApiVersion = "latest"
+)
+
+type configDrive struct {
+	root     string
+	readFile func(filename string) ([]byte, error)
+}
+
+func NewDatasource(root string) *configDrive {
+	return &configDrive{root, ioutil.ReadFile}
+}
+
+func (cd *configDrive) IsAvailable() bool {
+	_, err := os.Stat(cd.root)
+	return !os.IsNotExist(err)
+}
+
+func (cd *configDrive) AvailabilityChanges() bool {
+	return true
+}
+
+func (cd *configDrive) ConfigRoot() string {
+	return cd.openstackRoot()
+}
+
+func (cd *configDrive) FetchMetadata() (metadata datasource.Metadata, err error) {
+	var data []byte
+	var m struct {
+		SSHAuthorizedKeyMap map[string]string `json:"public_keys"`
+		Hostname            string            `json:"hostname"`
+		NetworkConfig       struct {
+			ContentPath string `json:"content_path"`
+		} `json:"network_config"`
+	}
+
+	if data, err = cd.tryReadFile(path.Join(cd.openstackVersionRoot(), "meta_data.json")); err != nil || len(data) == 0 {
+		return
+	}
+	if err = json.Unmarshal([]byte(data), &m); err != nil {
+		return
+	}
+
+	metadata.SSHPublicKeys = m.SSHAuthorizedKeyMap
+	metadata.Hostname = m.Hostname
+	if m.NetworkConfig.ContentPath != "" {
+		metadata.NetworkConfig, err = cd.tryReadFile(path.Join(cd.openstackRoot(), m.NetworkConfig.ContentPath))
+	}
+
+	return
+}
+
+func (cd *configDrive) FetchUserdata() ([]byte, error) {
+	return cd.tryReadFile(path.Join(cd.openstackVersionRoot(), "user_data"))
+}
+
+func (cd *configDrive) Type() string {
+	return "cloud-drive"
+}
+
+func (cd *configDrive) openstackRoot() string {
+	return path.Join(cd.root, "openstack")
+}
+
+func (cd *configDrive) openstackVersionRoot() string {
+	return path.Join(cd.openstackRoot(), openstackApiVersion)
+}
+
+func (cd *configDrive) tryReadFile(filename string) ([]byte, error) {
+	log.Printf("Attempting to read from %q\n", filename)
+	data, err := cd.readFile(filename)
+	if os.IsNotExist(err) {
+		err = nil
+	}
+	return data, err
+}
--- a/config/cloudinit/datasource/configdrive/configdrive_test.go
+++ b/config/cloudinit/datasource/configdrive/configdrive_test.go
@@ -0,0 +1,145 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package configdrive
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/datasource/test"
+)
+
+func TestFetchMetadata(t *testing.T) {
+	for _, tt := range []struct {
+		root  string
+		files test.MockFilesystem
+
+		metadata datasource.Metadata
+	}{
+		{
+			root:  "/",
+			files: test.NewMockFilesystem(test.File{Path: "/openstack/latest/meta_data.json", Contents: ""}),
+		},
+		{
+			root:  "/",
+			files: test.NewMockFilesystem(test.File{Path: "/openstack/latest/meta_data.json", Contents: `{"ignore": "me"}`}),
+		},
+		{
+			root:     "/",
+			files:    test.NewMockFilesystem(test.File{Path: "/openstack/latest/meta_data.json", Contents: `{"hostname": "host"}`}),
+			metadata: datasource.Metadata{Hostname: "host"},
+		},
+		{
+			root: "/media/configdrive",
+			files: test.NewMockFilesystem(test.File{Path: "/media/configdrive/openstack/latest/meta_data.json", Contents: `{"hostname": "host", "network_config": {"content_path": "config_file.json"}, "public_keys":{"1": "key1", "2": "key2"}}`},
+				test.File{Path: "/media/configdrive/openstack/config_file.json", Contents: "make it work"},
+			),
+			metadata: datasource.Metadata{
+				Hostname:      "host",
+				NetworkConfig: []byte("make it work"),
+				SSHPublicKeys: map[string]string{
+					"1": "key1",
+					"2": "key2",
+				},
+			},
+		},
+	} {
+		cd := configDrive{tt.root, tt.files.ReadFile}
+		metadata, err := cd.FetchMetadata()
+		if err != nil {
+			t.Fatalf("bad error for %+v: want %v, got %q", tt, nil, err)
+		}
+		if !reflect.DeepEqual(tt.metadata, metadata) {
+			t.Fatalf("bad metadata for %+v: want %#v, got %#v", tt, tt.metadata, metadata)
+		}
+	}
+}
+
+func TestFetchUserdata(t *testing.T) {
+	for _, tt := range []struct {
+		root  string
+		files test.MockFilesystem
+
+		userdata string
+	}{
+		{
+			"/",
+			test.NewMockFilesystem(),
+			"",
+		},
+		{
+			"/",
+			test.NewMockFilesystem(test.File{Path: "/openstack/latest/user_data", Contents: "userdata"}),
+			"userdata",
+		},
+		{
+			"/media/configdrive",
+			test.NewMockFilesystem(test.File{Path: "/media/configdrive/openstack/latest/user_data", Contents: "userdata"}),
+			"userdata",
+		},
+	} {
+		cd := configDrive{tt.root, tt.files.ReadFile}
+		userdata, err := cd.FetchUserdata()
+		if err != nil {
+			t.Fatalf("bad error for %+v: want %v, got %q", tt, nil, err)
+		}
+		if string(userdata) != tt.userdata {
+			t.Fatalf("bad userdata for %+v: want %q, got %q", tt, tt.userdata, userdata)
+		}
+	}
+}
+
+func TestConfigRoot(t *testing.T) {
+	for _, tt := range []struct {
+		root       string
+		configRoot string
+	}{
+		{
+			"/",
+			"/openstack",
+		},
+		{
+			"/media/configdrive",
+			"/media/configdrive/openstack",
+		},
+	} {
+		cd := configDrive{tt.root, nil}
+		if configRoot := cd.ConfigRoot(); configRoot != tt.configRoot {
+			t.Fatalf("bad config root for %q: want %q, got %q", tt, tt.configRoot, configRoot)
+		}
+	}
+}
+
+func TestNewDatasource(t *testing.T) {
+	for _, tt := range []struct {
+		root       string
+		expectRoot string
+	}{
+		{
+			root:       "",
+			expectRoot: "",
+		},
+		{
+			root:       "/media/configdrive",
+			expectRoot: "/media/configdrive",
+		},
+	} {
+		service := NewDatasource(tt.root)
+		if service.root != tt.expectRoot {
+			t.Fatalf("bad root (%q): want %q, got %q", tt.root, tt.expectRoot, service.root)
+		}
+	}
+}
--- a/config/cloudinit/datasource/datasource.go
+++ b/config/cloudinit/datasource/datasource.go
@@ -0,0 +1,38 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package datasource
+
+import (
+	"net"
+)
+
+type Datasource interface {
+	IsAvailable() bool
+	AvailabilityChanges() bool
+	ConfigRoot() string
+	FetchMetadata() (Metadata, error)
+	FetchUserdata() ([]byte, error)
+	Type() string
+}
+
+type Metadata struct {
+	PublicIPv4    net.IP
+	PublicIPv6    net.IP
+	PrivateIPv4   net.IP
+	PrivateIPv6   net.IP
+	Hostname      string
+	SSHPublicKeys map[string]string
+	NetworkConfig interface{}
+}
--- a/config/cloudinit/datasource/file/file.go
+++ b/config/cloudinit/datasource/file/file.go
@@ -0,0 +1,55 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package file
+
+import (
+	"io/ioutil"
+	"os"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+)
+
+type localFile struct {
+	path string
+}
+
+func NewDatasource(path string) *localFile {
+	return &localFile{path}
+}
+
+func (f *localFile) IsAvailable() bool {
+	_, err := os.Stat(f.path)
+	return !os.IsNotExist(err)
+}
+
+func (f *localFile) AvailabilityChanges() bool {
+	return true
+}
+
+func (f *localFile) ConfigRoot() string {
+	return ""
+}
+
+func (f *localFile) FetchMetadata() (datasource.Metadata, error) {
+	return datasource.Metadata{}, nil
+}
+
+func (f *localFile) FetchUserdata() ([]byte, error) {
+	return ioutil.ReadFile(f.path)
+}
+
+func (f *localFile) Type() string {
+	return "local-file"
+}
--- a/config/cloudinit/datasource/metadata/cloudsigma/server_context.go
+++ b/config/cloudinit/datasource/metadata/cloudsigma/server_context.go
@@ -0,0 +1,197 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cloudsigma
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/json"
+	"errors"
+	"io/ioutil"
+	"net"
+	"os"
+	"strings"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+
+	"github.com/cloudsigma/cepgo"
+)
+
+const (
+	userDataFieldName = "cloudinit-user-data"
+)
+
+type serverContextService struct {
+	client interface {
+		All() (interface{}, error)
+		Key(string) (interface{}, error)
+		Meta() (map[string]string, error)
+		FetchRaw(string) ([]byte, error)
+	}
+}
+
+func NewServerContextService() *serverContextService {
+	return &serverContextService{
+		client: cepgo.NewCepgo(),
+	}
+}
+
+func (_ *serverContextService) IsAvailable() bool {
+	productNameFile, err := os.Open("/sys/class/dmi/id/product_name")
+	if err != nil {
+		return false
+	}
+	productName := make([]byte, 10)
+	_, err = productNameFile.Read(productName)
+
+	return err == nil && string(productName) == "CloudSigma" && hasDHCPLeases()
+}
+
+func (_ *serverContextService) AvailabilityChanges() bool {
+	return true
+}
+
+func (_ *serverContextService) ConfigRoot() string {
+	return ""
+}
+
+func (_ *serverContextService) Type() string {
+	return "server-context"
+}
+
+func (scs *serverContextService) FetchMetadata() (metadata datasource.Metadata, err error) {
+	var (
+		inputMetadata struct {
+			Name string            `json:"name"`
+			UUID string            `json:"uuid"`
+			Meta map[string]string `json:"meta"`
+			Nics []struct {
+				Mac      string `json:"mac"`
+				IPv4Conf struct {
+					InterfaceType string `json:"interface_type"`
+					IP            struct {
+						UUID string `json:"uuid"`
+					} `json:"ip"`
+				} `json:"ip_v4_conf"`
+				VLAN struct {
+					UUID string `json:"uuid"`
+				} `json:"vlan"`
+			} `json:"nics"`
+		}
+		rawMetadata []byte
+	)
+
+	if rawMetadata, err = scs.client.FetchRaw(""); err != nil {
+		return
+	}
+
+	if err = json.Unmarshal(rawMetadata, &inputMetadata); err != nil {
+		return
+	}
+
+	if inputMetadata.Name != "" {
+		metadata.Hostname = inputMetadata.Name
+	} else {
+		metadata.Hostname = inputMetadata.UUID
+	}
+
+	metadata.SSHPublicKeys = map[string]string{}
+	// CloudSigma uses an empty string, rather than no string,
+	// to represent the lack of a SSH key
+	if key, _ := inputMetadata.Meta["ssh_public_key"]; len(key) > 0 {
+		splitted := strings.Split(key, " ")
+		metadata.SSHPublicKeys[splitted[len(splitted)-1]] = key
+	}
+
+	for _, nic := range inputMetadata.Nics {
+		if nic.IPv4Conf.IP.UUID != "" {
+			metadata.PublicIPv4 = net.ParseIP(nic.IPv4Conf.IP.UUID)
+		}
+		if nic.VLAN.UUID != "" {
+			if localIP, err := scs.findLocalIP(nic.Mac); err == nil {
+				metadata.PrivateIPv4 = localIP
+			}
+		}
+	}
+
+	return
+}
+
+func (scs *serverContextService) FetchUserdata() ([]byte, error) {
+	metadata, err := scs.client.Meta()
+	if err != nil {
+		return []byte{}, err
+	}
+
+	userData, ok := metadata[userDataFieldName]
+	if ok && isBase64Encoded(userDataFieldName, metadata) {
+		if decodedUserData, err := base64.StdEncoding.DecodeString(userData); err == nil {
+			return decodedUserData, nil
+		} else {
+			return []byte{}, nil
+		}
+	}
+
+	return []byte(userData), nil
+}
+
+func (scs *serverContextService) findLocalIP(mac string) (net.IP, error) {
+	ifaces, err := net.Interfaces()
+	if err != nil {
+		return nil, err
+	}
+	ifaceMac, err := net.ParseMAC(mac)
+	if err != nil {
+		return nil, err
+	}
+	for _, iface := range ifaces {
+		if !bytes.Equal(iface.HardwareAddr, ifaceMac) {
+			continue
+		}
+		addrs, err := iface.Addrs()
+		if err != nil {
+			continue
+		}
+
+		for _, addr := range addrs {
+			switch ip := addr.(type) {
+			case *net.IPNet:
+				if ip.IP.To4() != nil {
+					return ip.IP.To4(), nil
+				}
+			}
+		}
+	}
+	return nil, errors.New("Local IP not found")
+}
+
+func isBase64Encoded(field string, userdata map[string]string) bool {
+	base64Fields, ok := userdata["base64_fields"]
+	if !ok {
+		return false
+	}
+
+	for _, base64Field := range strings.Split(base64Fields, ",") {
+		if field == base64Field {
+			return true
+		}
+	}
+	return false
+}
+
+func hasDHCPLeases() bool {
+	files, err := ioutil.ReadDir("/run/systemd/netif/leases/")
+	return err == nil && len(files) > 0
+}
--- a/config/cloudinit/datasource/metadata/cloudsigma/server_context_test.go
+++ b/config/cloudinit/datasource/metadata/cloudsigma/server_context_test.go
@@ -0,0 +1,200 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cloudsigma
+
+import (
+	"net"
+	"reflect"
+	"testing"
+)
+
+type fakeCepgoClient struct {
+	raw  []byte
+	meta map[string]string
+	keys map[string]interface{}
+	err  error
+}
+
+func (f *fakeCepgoClient) All() (interface{}, error) {
+	return f.keys, f.err
+}
+
+func (f *fakeCepgoClient) Key(key string) (interface{}, error) {
+	return f.keys[key], f.err
+}
+
+func (f *fakeCepgoClient) Meta() (map[string]string, error) {
+	return f.meta, f.err
+}
+
+func (f *fakeCepgoClient) FetchRaw(key string) ([]byte, error) {
+	return f.raw, f.err
+}
+
+func TestServerContextWithEmptyPublicSSHKey(t *testing.T) {
+	client := new(fakeCepgoClient)
+	scs := NewServerContextService()
+	scs.client = client
+	client.raw = []byte(`{
+		"meta": {
+			"base64_fields": "cloudinit-user-data",
+			"cloudinit-user-data": "I2Nsb3VkLWNvbmZpZwoKaG9zdG5hbWU6IGNvcmVvczE=",
+			"ssh_public_key": ""
+		}
+	}`)
+	metadata, err := scs.FetchMetadata()
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	if len(metadata.SSHPublicKeys) != 0 {
+		t.Error("There should be no Public SSH Keys provided")
+	}
+}
+
+func TestServerContextFetchMetadata(t *testing.T) {
+	client := new(fakeCepgoClient)
+	scs := NewServerContextService()
+	scs.client = client
+	client.raw = []byte(`{
+		"context": true,
+		"cpu": 4000,
+		"cpu_model": null,
+		"cpus_instead_of_cores": false,
+		"enable_numa": false,
+		"grantees": [],
+		"hv_relaxed": false,
+		"hv_tsc": false,
+		"jobs": [],
+		"mem": 4294967296,
+		"meta": {
+			"base64_fields": "cloudinit-user-data",
+			"cloudinit-user-data": "I2Nsb3VkLWNvbmZpZwoKaG9zdG5hbWU6IGNvcmVvczE=",
+			"ssh_public_key": "ssh-rsa AAAAB3NzaC1yc2E.../hQ5D5 john@doe"
+		},
+		"name": "coreos",
+		"nics": [
+			{
+				"boot_order": null,
+				"ip_v4_conf": {
+					"conf": "dhcp",
+					"ip": {
+						"gateway": "31.171.244.1",
+						"meta": {},
+						"nameservers": [
+							"178.22.66.167",
+							"178.22.71.56",
+							"8.8.8.8"
+						],
+						"netmask": 22,
+						"tags": [],
+						"uuid": "31.171.251.74"
+					}
+				},
+				"ip_v6_conf": null,
+				"mac": "22:3d:09:6b:90:f3",
+				"model": "virtio",
+				"vlan": null
+			},
+			{
+				"boot_order": null,
+				"ip_v4_conf": null,
+				"ip_v6_conf": null,
+				"mac": "22:ae:4a:fb:8f:31",
+				"model": "virtio",
+				"vlan": {
+					"meta": {
+						"description": "",
+						"name": "CoreOS"
+					},
+					"tags": [],
+					"uuid": "5dec030e-25b8-4621-a5a4-a3302c9d9619"
+				}
+			}
+		],
+		"smp": 2,
+		"status": "running",
+		"uuid": "20a0059b-041e-4d0c-bcc6-9b2852de48b3"
+	}`)
+
+	metadata, err := scs.FetchMetadata()
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	if metadata.Hostname != "coreos" {
+		t.Errorf("Hostname is not 'coreos' but %s instead", metadata.Hostname)
+	}
+
+	if metadata.SSHPublicKeys["john@doe"] != "ssh-rsa AAAAB3NzaC1yc2E.../hQ5D5 john@doe" {
+		t.Error("Public SSH Keys are not being read properly")
+	}
+
+	if !metadata.PublicIPv4.Equal(net.ParseIP("31.171.251.74")) {
+		t.Errorf("Public IP is not 31.171.251.74 but %s instead", metadata.PublicIPv4)
+	}
+}
+
+func TestServerContextFetchUserdata(t *testing.T) {
+	client := new(fakeCepgoClient)
+	scs := NewServerContextService()
+	scs.client = client
+	userdataSets := []struct {
+		in  map[string]string
+		err bool
+		out []byte
+	}{
+		{map[string]string{
+			"base64_fields":       "cloudinit-user-data",
+			"cloudinit-user-data": "aG9zdG5hbWU6IGNvcmVvc190ZXN0",
+		}, false, []byte("hostname: coreos_test")},
+		{map[string]string{
+			"cloudinit-user-data": "#cloud-config\\nhostname: coreos1",
+		}, false, []byte("#cloud-config\\nhostname: coreos1")},
+		{map[string]string{}, false, []byte{}},
+	}
+
+	for i, set := range userdataSets {
+		client.meta = set.in
+		got, err := scs.FetchUserdata()
+		if (err != nil) != set.err {
+			t.Errorf("case %d: bad error state (got %t, want %t)", i, err != nil, set.err)
+		}
+
+		if !reflect.DeepEqual(got, set.out) {
+			t.Errorf("case %d: got %s, want %s", i, got, set.out)
+		}
+	}
+}
+
+func TestServerContextDecodingBase64UserData(t *testing.T) {
+	base64Sets := []struct {
+		in  string
+		out bool
+	}{
+		{"cloudinit-user-data,foo,bar", true},
+		{"bar,cloudinit-user-data,foo,bar", true},
+		{"cloudinit-user-data", true},
+		{"", false},
+		{"foo", false},
+	}
+
+	for _, set := range base64Sets {
+		userdata := map[string]string{"base64_fields": set.in}
+		if isBase64Encoded("cloudinit-user-data", userdata) != set.out {
+			t.Errorf("isBase64Encoded(cloudinit-user-data, %s) should be %t", userdata, set.out)
+		}
+	}
+}
--- a/config/cloudinit/datasource/metadata/digitalocean/metadata.go
+++ b/config/cloudinit/datasource/metadata/digitalocean/metadata.go
@@ -0,0 +1,111 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package digitalocean
+
+import (
+	"encoding/json"
+	"net"
+	"strconv"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/datasource/metadata"
+)
+
+const (
+	DefaultAddress = "http://169.254.169.254/"
+	apiVersion     = "metadata/v1"
+	userdataUrl    = apiVersion + "/user-data"
+	metadataPath   = apiVersion + ".json"
+)
+
+type Address struct {
+	IPAddress string `json:"ip_address"`
+	Netmask   string `json:"netmask"`
+	Cidr      int    `json:"cidr"`
+	Gateway   string `json:"gateway"`
+}
+
+type Interface struct {
+	IPv4       *Address `json:"ipv4"`
+	IPv6       *Address `json:"ipv6"`
+	AnchorIPv4 *Address `json:"anchor_ipv4"`
+	MAC        string   `json:"mac"`
+	Type       string   `json:"type"`
+}
+
+type Interfaces struct {
+	Public  []Interface `json:"public"`
+	Private []Interface `json:"private"`
+}
+
+type DNS struct {
+	Nameservers []string `json:"nameservers"`
+}
+
+type Metadata struct {
+	Hostname   string     `json:"hostname"`
+	Interfaces Interfaces `json:"interfaces"`
+	PublicKeys []string   `json:"public_keys"`
+	DNS        DNS        `json:"dns"`
+}
+
+type metadataService struct {
+	metadata.MetadataService
+}
+
+func NewDatasource(root string) *metadataService {
+	return &metadataService{MetadataService: metadata.NewDatasource(root, apiVersion, userdataUrl, metadataPath, nil)}
+}
+
+func (ms *metadataService) FetchMetadata() (metadata datasource.Metadata, err error) {
+	var data []byte
+	var m Metadata
+
+	if data, err = ms.FetchData(ms.MetadataUrl()); err != nil || len(data) == 0 {
+		return
+	}
+	if err = json.Unmarshal(data, &m); err != nil {
+		return
+	}
+
+	if len(m.Interfaces.Public) > 0 {
+		if m.Interfaces.Public[0].IPv4 != nil {
+			metadata.PublicIPv4 = net.ParseIP(m.Interfaces.Public[0].IPv4.IPAddress)
+		}
+		if m.Interfaces.Public[0].IPv6 != nil {
+			metadata.PublicIPv6 = net.ParseIP(m.Interfaces.Public[0].IPv6.IPAddress)
+		}
+	}
+	if len(m.Interfaces.Private) > 0 {
+		if m.Interfaces.Private[0].IPv4 != nil {
+			metadata.PrivateIPv4 = net.ParseIP(m.Interfaces.Private[0].IPv4.IPAddress)
+		}
+		if m.Interfaces.Private[0].IPv6 != nil {
+			metadata.PrivateIPv6 = net.ParseIP(m.Interfaces.Private[0].IPv6.IPAddress)
+		}
+	}
+	metadata.Hostname = m.Hostname
+	metadata.SSHPublicKeys = map[string]string{}
+	for i, key := range m.PublicKeys {
+		metadata.SSHPublicKeys[strconv.Itoa(i)] = key
+	}
+	metadata.NetworkConfig = m
+
+	return
+}
+
+func (ms metadataService) Type() string {
+	return "digitalocean-metadata-service"
+}
--- a/config/cloudinit/datasource/metadata/digitalocean/metadata_test.go
+++ b/config/cloudinit/datasource/metadata/digitalocean/metadata_test.go
@@ -0,0 +1,143 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package digitalocean
+
+import (
+	"fmt"
+	"net"
+	"reflect"
+	"testing"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/datasource/metadata"
+	"github.com/rancher/os/config/cloudinit/datasource/metadata/test"
+	"github.com/rancher/os/config/cloudinit/pkg"
+)
+
+func TestType(t *testing.T) {
+	want := "digitalocean-metadata-service"
+	if kind := (metadataService{}).Type(); kind != want {
+		t.Fatalf("bad type: want %q, got %q", want, kind)
+	}
+}
+
+func TestFetchMetadata(t *testing.T) {
+	for _, tt := range []struct {
+		root         string
+		metadataPath string
+		resources    map[string]string
+		expect       datasource.Metadata
+		clientErr    error
+		expectErr    error
+	}{
+		{
+			root:         "/",
+			metadataPath: "v1.json",
+			resources: map[string]string{
+				"/v1.json": "bad",
+			},
+			expectErr: fmt.Errorf("invalid character 'b' looking for beginning of value"),
+		},
+		{
+			root:         "/",
+			metadataPath: "v1.json",
+			resources: map[string]string{
+				"/v1.json": `{
+  "droplet_id": 1,
+  "user_data": "hello",
+  "vendor_data": "hello",
+  "public_keys": [
+    "publickey1",
+    "publickey2"
+  ],
+  "region": "nyc2",
+  "interfaces": {
+    "public": [
+      {
+        "ipv4": {
+          "ip_address": "192.168.1.2",
+          "netmask": "255.255.255.0",
+          "gateway": "192.168.1.1"
+        },
+        "ipv6": {
+          "ip_address": "fe00::",
+          "cidr": 126,
+          "gateway": "fe00::"
+        },
+        "mac": "ab:cd:ef:gh:ij",
+        "type": "public"
+      }
+    ]
+  }
+}`,
+			},
+			expect: datasource.Metadata{
+				PublicIPv4: net.ParseIP("192.168.1.2"),
+				PublicIPv6: net.ParseIP("fe00::"),
+				SSHPublicKeys: map[string]string{
+					"0": "publickey1",
+					"1": "publickey2",
+				},
+				NetworkConfig: Metadata{
+					Interfaces: Interfaces{
+						Public: []Interface{
+							{
+								IPv4: &Address{
+									IPAddress: "192.168.1.2",
+									Netmask:   "255.255.255.0",
+									Gateway:   "192.168.1.1",
+								},
+								IPv6: &Address{
+									IPAddress: "fe00::",
+									Cidr:      126,
+									Gateway:   "fe00::",
+								},
+								MAC:  "ab:cd:ef:gh:ij",
+								Type: "public",
+							},
+						},
+					},
+					PublicKeys: []string{"publickey1", "publickey2"},
+				},
+			},
+		},
+		{
+			clientErr: pkg.ErrTimeout{Err: fmt.Errorf("test error")},
+			expectErr: pkg.ErrTimeout{Err: fmt.Errorf("test error")},
+		},
+	} {
+		service := &metadataService{
+			MetadataService: metadata.MetadataService{
+				Root:         tt.root,
+				Client:       &test.HttpClient{Resources: tt.resources, Err: tt.clientErr},
+				MetadataPath: tt.metadataPath,
+			},
+		}
+		metadata, err := service.FetchMetadata()
+		if Error(err) != Error(tt.expectErr) {
+			t.Fatalf("bad error (%q): want %q, got %q", tt.resources, tt.expectErr, err)
+		}
+		if !reflect.DeepEqual(tt.expect, metadata) {
+			t.Fatalf("bad fetch (%q): want %#q, got %#q", tt.resources, tt.expect, metadata)
+		}
+	}
+}
+
+func Error(err error) string {
+	if err != nil {
+		return err.Error()
+	}
+	return ""
+}
--- a/config/cloudinit/datasource/metadata/ec2/metadata.go
+++ b/config/cloudinit/datasource/metadata/ec2/metadata.go
@@ -0,0 +1,115 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package ec2
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"log"
+	"net"
+	"strings"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/datasource/metadata"
+	"github.com/rancher/os/config/cloudinit/pkg"
+)
+
+const (
+	DefaultAddress = "http://169.254.169.254/"
+	apiVersion     = "2009-04-04/"
+	userdataPath   = apiVersion + "user-data"
+	metadataPath   = apiVersion + "meta-data"
+)
+
+type metadataService struct {
+	metadata.MetadataService
+}
+
+func NewDatasource(root string) *metadataService {
+	return &metadataService{metadata.NewDatasource(root, apiVersion, userdataPath, metadataPath, nil)}
+}
+
+func (ms metadataService) FetchMetadata() (datasource.Metadata, error) {
+	metadata := datasource.Metadata{}
+
+	if keynames, err := ms.fetchAttributes(fmt.Sprintf("%s/public-keys", ms.MetadataUrl())); err == nil {
+		keyIDs := make(map[string]string)
+		for _, keyname := range keynames {
+			tokens := strings.SplitN(keyname, "=", 2)
+			if len(tokens) != 2 {
+				return metadata, fmt.Errorf("malformed public key: %q", keyname)
+			}
+			keyIDs[tokens[1]] = tokens[0]
+		}
+
+		metadata.SSHPublicKeys = map[string]string{}
+		for name, id := range keyIDs {
+			sshkey, err := ms.fetchAttribute(fmt.Sprintf("%s/public-keys/%s/openssh-key", ms.MetadataUrl(), id))
+			if err != nil {
+				return metadata, err
+			}
+			metadata.SSHPublicKeys[name] = sshkey
+			log.Printf("Found SSH key for %q\n", name)
+		}
+	} else if _, ok := err.(pkg.ErrNotFound); !ok {
+		return metadata, err
+	}
+
+	if hostname, err := ms.fetchAttribute(fmt.Sprintf("%s/hostname", ms.MetadataUrl())); err == nil {
+		metadata.Hostname = strings.Split(hostname, " ")[0]
+	} else if _, ok := err.(pkg.ErrNotFound); !ok {
+		return metadata, err
+	}
+
+	if localAddr, err := ms.fetchAttribute(fmt.Sprintf("%s/local-ipv4", ms.MetadataUrl())); err == nil {
+		metadata.PrivateIPv4 = net.ParseIP(localAddr)
+	} else if _, ok := err.(pkg.ErrNotFound); !ok {
+		return metadata, err
+	}
+
+	if publicAddr, err := ms.fetchAttribute(fmt.Sprintf("%s/public-ipv4", ms.MetadataUrl())); err == nil {
+		metadata.PublicIPv4 = net.ParseIP(publicAddr)
+	} else if _, ok := err.(pkg.ErrNotFound); !ok {
+		return metadata, err
+	}
+
+	return metadata, nil
+}
+
+func (ms metadataService) Type() string {
+	return "ec2-metadata-service"
+}
+
+func (ms metadataService) fetchAttributes(url string) ([]string, error) {
+	resp, err := ms.FetchData(url)
+	if err != nil {
+		return nil, err
+	}
+	scanner := bufio.NewScanner(bytes.NewBuffer(resp))
+	data := make([]string, 0)
+	for scanner.Scan() {
+		data = append(data, scanner.Text())
+	}
+	return data, scanner.Err()
+}
+
+func (ms metadataService) fetchAttribute(url string) (string, error) {
+	if attrs, err := ms.fetchAttributes(url); err == nil && len(attrs) > 0 {
+		return attrs[0], nil
+	} else {
+		return "", err
+	}
+}
--- a/config/cloudinit/datasource/metadata/ec2/metadata_test.go
+++ b/config/cloudinit/datasource/metadata/ec2/metadata_test.go
@@ -0,0 +1,222 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package ec2
+
+import (
+	"fmt"
+	"net"
+	"reflect"
+	"testing"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/datasource/metadata"
+	"github.com/rancher/os/config/cloudinit/datasource/metadata/test"
+	"github.com/rancher/os/config/cloudinit/pkg"
+)
+
+func TestType(t *testing.T) {
+	want := "ec2-metadata-service"
+	if kind := (metadataService{}).Type(); kind != want {
+		t.Fatalf("bad type: want %q, got %q", want, kind)
+	}
+}
+
+func TestFetchAttributes(t *testing.T) {
+	for _, s := range []struct {
+		resources map[string]string
+		err       error
+		tests     []struct {
+			path string
+			val  []string
+		}
+	}{
+		{
+			resources: map[string]string{
+				"/":      "a\nb\nc/",
+				"/c/":    "d\ne/",
+				"/c/e/":  "f",
+				"/a":     "1",
+				"/b":     "2",
+				"/c/d":   "3",
+				"/c/e/f": "4",
+			},
+			tests: []struct {
+				path string
+				val  []string
+			}{
+				{"/", []string{"a", "b", "c/"}},
+				{"/b", []string{"2"}},
+				{"/c/d", []string{"3"}},
+				{"/c/e/", []string{"f"}},
+			},
+		},
+		{
+			err: fmt.Errorf("test error"),
+			tests: []struct {
+				path string
+				val  []string
+			}{
+				{"", nil},
+			},
+		},
+	} {
+		service := metadataService{metadata.MetadataService{
+			Client: &test.HttpClient{Resources: s.resources, Err: s.err},
+		}}
+		for _, tt := range s.tests {
+			attrs, err := service.fetchAttributes(tt.path)
+			if err != s.err {
+				t.Fatalf("bad error for %q (%q): want %q, got %q", tt.path, s.resources, s.err, err)
+			}
+			if !reflect.DeepEqual(attrs, tt.val) {
+				t.Fatalf("bad fetch for %q (%q): want %q, got %q", tt.path, s.resources, tt.val, attrs)
+			}
+		}
+	}
+}
+
+func TestFetchAttribute(t *testing.T) {
+	for _, s := range []struct {
+		resources map[string]string
+		err       error
+		tests     []struct {
+			path string
+			val  string
+		}
+	}{
+		{
+			resources: map[string]string{
+				"/":      "a\nb\nc/",
+				"/c/":    "d\ne/",
+				"/c/e/":  "f",
+				"/a":     "1",
+				"/b":     "2",
+				"/c/d":   "3",
+				"/c/e/f": "4",
+			},
+			tests: []struct {
+				path string
+				val  string
+			}{
+				{"/a", "1"},
+				{"/b", "2"},
+				{"/c/d", "3"},
+				{"/c/e/f", "4"},
+			},
+		},
+		{
+			err: fmt.Errorf("test error"),
+			tests: []struct {
+				path string
+				val  string
+			}{
+				{"", ""},
+			},
+		},
+	} {
+		service := metadataService{metadata.MetadataService{
+			Client: &test.HttpClient{Resources: s.resources, Err: s.err},
+		}}
+		for _, tt := range s.tests {
+			attr, err := service.fetchAttribute(tt.path)
+			if err != s.err {
+				t.Fatalf("bad error for %q (%q): want %q, got %q", tt.path, s.resources, s.err, err)
+			}
+			if attr != tt.val {
+				t.Fatalf("bad fetch for %q (%q): want %q, got %q", tt.path, s.resources, tt.val, attr)
+			}
+		}
+	}
+}
+
+func TestFetchMetadata(t *testing.T) {
+	for _, tt := range []struct {
+		root         string
+		metadataPath string
+		resources    map[string]string
+		expect       datasource.Metadata
+		clientErr    error
+		expectErr    error
+	}{
+		{
+			root:         "/",
+			metadataPath: "2009-04-04/meta-data",
+			resources: map[string]string{
+				"/2009-04-04/meta-data/public-keys": "bad\n",
+			},
+			expectErr: fmt.Errorf("malformed public key: \"bad\""),
+		},
+		{
+			root:         "/",
+			metadataPath: "2009-04-04/meta-data",
+			resources: map[string]string{
+				"/2009-04-04/meta-data/hostname":                  "host",
+				"/2009-04-04/meta-data/local-ipv4":                "1.2.3.4",
+				"/2009-04-04/meta-data/public-ipv4":               "5.6.7.8",
+				"/2009-04-04/meta-data/public-keys":               "0=test1\n",
+				"/2009-04-04/meta-data/public-keys/0":             "openssh-key",
+				"/2009-04-04/meta-data/public-keys/0/openssh-key": "key",
+			},
+			expect: datasource.Metadata{
+				Hostname:      "host",
+				PrivateIPv4:   net.ParseIP("1.2.3.4"),
+				PublicIPv4:    net.ParseIP("5.6.7.8"),
+				SSHPublicKeys: map[string]string{"test1": "key"},
+			},
+		},
+		{
+			root:         "/",
+			metadataPath: "2009-04-04/meta-data",
+			resources: map[string]string{
+				"/2009-04-04/meta-data/hostname":                  "host domain another_domain",
+				"/2009-04-04/meta-data/local-ipv4":                "1.2.3.4",
+				"/2009-04-04/meta-data/public-ipv4":               "5.6.7.8",
+				"/2009-04-04/meta-data/public-keys":               "0=test1\n",
+				"/2009-04-04/meta-data/public-keys/0":             "openssh-key",
+				"/2009-04-04/meta-data/public-keys/0/openssh-key": "key",
+			},
+			expect: datasource.Metadata{
+				Hostname:      "host",
+				PrivateIPv4:   net.ParseIP("1.2.3.4"),
+				PublicIPv4:    net.ParseIP("5.6.7.8"),
+				SSHPublicKeys: map[string]string{"test1": "key"},
+			},
+		},
+		{
+			clientErr: pkg.ErrTimeout{Err: fmt.Errorf("test error")},
+			expectErr: pkg.ErrTimeout{Err: fmt.Errorf("test error")},
+		},
+	} {
+		service := &metadataService{metadata.MetadataService{
+			Root:         tt.root,
+			Client:       &test.HttpClient{Resources: tt.resources, Err: tt.clientErr},
+			MetadataPath: tt.metadataPath,
+		}}
+		metadata, err := service.FetchMetadata()
+		if Error(err) != Error(tt.expectErr) {
+			t.Fatalf("bad error (%q): want %q, got %q", tt.resources, tt.expectErr, err)
+		}
+		if !reflect.DeepEqual(tt.expect, metadata) {
+			t.Fatalf("bad fetch (%q): want %#v, got %#v", tt.resources, tt.expect, metadata)
+		}
+	}
+}
+
+func Error(err error) string {
+	if err != nil {
+		return err.Error()
+	}
+	return ""
+}
--- a/config/cloudinit/datasource/metadata/gce/metadata.go
+++ b/config/cloudinit/datasource/metadata/gce/metadata.go
@@ -0,0 +1,89 @@
+// Copyright 2016 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package gce
+
+import (
+	"fmt"
+	"net"
+	"net/http"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/datasource/metadata"
+)
+
+const (
+	apiVersion   = "computeMetadata/v1/"
+	metadataPath = apiVersion + "instance/"
+	userdataPath = apiVersion + "instance/attributes/user-data"
+)
+
+type metadataService struct {
+	metadata.MetadataService
+}
+
+func NewDatasource(root string) *metadataService {
+	return &metadataService{metadata.NewDatasource(root, apiVersion, userdataPath, metadataPath, http.Header{"Metadata-Flavor": {"Google"}})}
+}
+
+func (ms metadataService) FetchMetadata() (datasource.Metadata, error) {
+	public, err := ms.fetchIP("network-interfaces/0/access-configs/0/external-ip")
+	if err != nil {
+		return datasource.Metadata{}, err
+	}
+	local, err := ms.fetchIP("network-interfaces/0/ip")
+	if err != nil {
+		return datasource.Metadata{}, err
+	}
+	hostname, err := ms.fetchString("hostname")
+	if err != nil {
+		return datasource.Metadata{}, err
+	}
+
+	return datasource.Metadata{
+		PublicIPv4:  public,
+		PrivateIPv4: local,
+		Hostname:    hostname,
+	}, nil
+}
+
+func (ms metadataService) Type() string {
+	return "gce-metadata-service"
+}
+
+func (ms metadataService) fetchString(key string) (string, error) {
+	data, err := ms.FetchData(ms.MetadataUrl() + key)
+	if err != nil {
+		return "", err
+	}
+
+	return string(data), nil
+}
+
+func (ms metadataService) fetchIP(key string) (net.IP, error) {
+	str, err := ms.fetchString(key)
+	if err != nil {
+		return nil, err
+	}
+
+	if str == "" {
+		return nil, nil
+	}
+
+	if ip := net.ParseIP(str); ip != nil {
+		return ip, nil
+	} else {
+		return nil, fmt.Errorf("couldn't parse %q as IP address", str)
+	}
+}
--- a/config/cloudinit/datasource/metadata/gce/metadata_test.go
+++ b/config/cloudinit/datasource/metadata/gce/metadata_test.go
@@ -0,0 +1,99 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package gce
+
+import (
+	"fmt"
+	"net"
+	"reflect"
+	"testing"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/datasource/metadata"
+	"github.com/rancher/os/config/cloudinit/datasource/metadata/test"
+	"github.com/rancher/os/config/cloudinit/pkg"
+)
+
+func TestType(t *testing.T) {
+	want := "gce-metadata-service"
+	if kind := (metadataService{}).Type(); kind != want {
+		t.Fatalf("bad type: want %q, got %q", want, kind)
+	}
+}
+
+func TestFetchMetadata(t *testing.T) {
+	for _, tt := range []struct {
+		root         string
+		metadataPath string
+		resources    map[string]string
+		expect       datasource.Metadata
+		clientErr    error
+		expectErr    error
+	}{
+		{
+			root:         "/",
+			metadataPath: "computeMetadata/v1/instance/",
+			resources:    map[string]string{},
+		},
+		{
+			root:         "/",
+			metadataPath: "computeMetadata/v1/instance/",
+			resources: map[string]string{
+				"/computeMetadata/v1/instance/hostname": "host",
+			},
+			expect: datasource.Metadata{
+				Hostname: "host",
+			},
+		},
+		{
+			root:         "/",
+			metadataPath: "computeMetadata/v1/instance/",
+			resources: map[string]string{
+				"/computeMetadata/v1/instance/hostname":                                          "host",
+				"/computeMetadata/v1/instance/network-interfaces/0/ip":                           "1.2.3.4",
+				"/computeMetadata/v1/instance/network-interfaces/0/access-configs/0/external-ip": "5.6.7.8",
+			},
+			expect: datasource.Metadata{
+				Hostname:    "host",
+				PrivateIPv4: net.ParseIP("1.2.3.4"),
+				PublicIPv4:  net.ParseIP("5.6.7.8"),
+			},
+		},
+		{
+			clientErr: pkg.ErrTimeout{Err: fmt.Errorf("test error")},
+			expectErr: pkg.ErrTimeout{Err: fmt.Errorf("test error")},
+		},
+	} {
+		service := &metadataService{metadata.MetadataService{
+			Root:         tt.root,
+			Client:       &test.HttpClient{Resources: tt.resources, Err: tt.clientErr},
+			MetadataPath: tt.metadataPath,
+		}}
+		metadata, err := service.FetchMetadata()
+		if Error(err) != Error(tt.expectErr) {
+			t.Fatalf("bad error (%q): want %q, got %q", tt.resources, tt.expectErr, err)
+		}
+		if !reflect.DeepEqual(tt.expect, metadata) {
+			t.Fatalf("bad fetch (%q): want %#v, got %#v", tt.resources, tt.expect, metadata)
+		}
+	}
+}
+
+func Error(err error) string {
+	if err != nil {
+		return err.Error()
+	}
+	return ""
+}
--- a/config/cloudinit/datasource/metadata/metadata.go
+++ b/config/cloudinit/datasource/metadata/metadata.go
@@ -0,0 +1,72 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package metadata
+
+import (
+	"net/http"
+	"strings"
+
+	"github.com/rancher/os/config/cloudinit/pkg"
+)
+
+type MetadataService struct {
+	Root         string
+	Client       pkg.Getter
+	ApiVersion   string
+	UserdataPath string
+	MetadataPath string
+}
+
+func NewDatasource(root, apiVersion, userdataPath, metadataPath string, header http.Header) MetadataService {
+	if !strings.HasSuffix(root, "/") {
+		root += "/"
+	}
+	return MetadataService{root, pkg.NewHttpClientHeader(header), apiVersion, userdataPath, metadataPath}
+}
+
+func (ms MetadataService) IsAvailable() bool {
+	_, err := ms.Client.Get(ms.Root + ms.ApiVersion)
+	return (err == nil)
+}
+
+func (ms MetadataService) AvailabilityChanges() bool {
+	return true
+}
+
+func (ms MetadataService) ConfigRoot() string {
+	return ms.Root
+}
+
+func (ms MetadataService) FetchUserdata() ([]byte, error) {
+	return ms.FetchData(ms.UserdataUrl())
+}
+
+func (ms MetadataService) FetchData(url string) ([]byte, error) {
+	if data, err := ms.Client.GetRetry(url); err == nil {
+		return data, err
+	} else if _, ok := err.(pkg.ErrNotFound); ok {
+		return []byte{}, nil
+	} else {
+		return data, err
+	}
+}
+
+func (ms MetadataService) MetadataUrl() string {
+	return (ms.Root + ms.MetadataPath)
+}
+
+func (ms MetadataService) UserdataUrl() string {
+	return (ms.Root + ms.UserdataPath)
+}
--- a/config/cloudinit/datasource/metadata/metadata_test.go
+++ b/config/cloudinit/datasource/metadata/metadata_test.go
@@ -0,0 +1,185 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package metadata
+
+import (
+	"bytes"
+	"fmt"
+	"testing"
+
+	"github.com/rancher/os/config/cloudinit/datasource/metadata/test"
+	"github.com/rancher/os/config/cloudinit/pkg"
+)
+
+func TestAvailabilityChanges(t *testing.T) {
+	want := true
+	if ac := (MetadataService{}).AvailabilityChanges(); ac != want {
+		t.Fatalf("bad AvailabilityChanges: want %t, got %t", want, ac)
+	}
+}
+
+func TestIsAvailable(t *testing.T) {
+	for _, tt := range []struct {
+		root       string
+		apiVersion string
+		resources  map[string]string
+		expect     bool
+	}{
+		{
+			root:       "/",
+			apiVersion: "2009-04-04",
+			resources: map[string]string{
+				"/2009-04-04": "",
+			},
+			expect: true,
+		},
+		{
+			root:      "/",
+			resources: map[string]string{},
+			expect:    false,
+		},
+	} {
+		service := &MetadataService{
+			Root:       tt.root,
+			Client:     &test.HttpClient{Resources: tt.resources, Err: nil},
+			ApiVersion: tt.apiVersion,
+		}
+		if a := service.IsAvailable(); a != tt.expect {
+			t.Fatalf("bad isAvailable (%q): want %t, got %t", tt.resources, tt.expect, a)
+		}
+	}
+}
+
+func TestFetchUserdata(t *testing.T) {
+	for _, tt := range []struct {
+		root         string
+		userdataPath string
+		resources    map[string]string
+		userdata     []byte
+		clientErr    error
+		expectErr    error
+	}{
+		{
+			root:         "/",
+			userdataPath: "2009-04-04/user-data",
+			resources: map[string]string{
+				"/2009-04-04/user-data": "hello",
+			},
+			userdata: []byte("hello"),
+		},
+		{
+			root:      "/",
+			clientErr: pkg.ErrNotFound{Err: fmt.Errorf("test not found error")},
+			userdata:  []byte{},
+		},
+		{
+			root:      "/",
+			clientErr: pkg.ErrTimeout{Err: fmt.Errorf("test timeout error")},
+			expectErr: pkg.ErrTimeout{Err: fmt.Errorf("test timeout error")},
+		},
+	} {
+		service := &MetadataService{
+			Root:         tt.root,
+			Client:       &test.HttpClient{Resources: tt.resources, Err: tt.clientErr},
+			UserdataPath: tt.userdataPath,
+		}
+		data, err := service.FetchUserdata()
+		if Error(err) != Error(tt.expectErr) {
+			t.Fatalf("bad error (%q): want %q, got %q", tt.resources, tt.expectErr, err)
+		}
+		if !bytes.Equal(data, tt.userdata) {
+			t.Fatalf("bad userdata (%q): want %q, got %q", tt.resources, tt.userdata, data)
+		}
+	}
+}
+
+func TestUrls(t *testing.T) {
+	for _, tt := range []struct {
+		root         string
+		userdataPath string
+		metadataPath string
+		expectRoot   string
+		userdata     string
+		metadata     string
+	}{
+		{
+			root:         "/",
+			userdataPath: "2009-04-04/user-data",
+			metadataPath: "2009-04-04/meta-data",
+			expectRoot:   "/",
+			userdata:     "/2009-04-04/user-data",
+			metadata:     "/2009-04-04/meta-data",
+		},
+		{
+			root:         "http://169.254.169.254/",
+			userdataPath: "2009-04-04/user-data",
+			metadataPath: "2009-04-04/meta-data",
+			expectRoot:   "http://169.254.169.254/",
+			userdata:     "http://169.254.169.254/2009-04-04/user-data",
+			metadata:     "http://169.254.169.254/2009-04-04/meta-data",
+		},
+	} {
+		service := &MetadataService{
+			Root:         tt.root,
+			UserdataPath: tt.userdataPath,
+			MetadataPath: tt.metadataPath,
+		}
+		if url := service.UserdataUrl(); url != tt.userdata {
+			t.Fatalf("bad url (%q): want %q, got %q", tt.root, tt.userdata, url)
+		}
+		if url := service.MetadataUrl(); url != tt.metadata {
+			t.Fatalf("bad url (%q): want %q, got %q", tt.root, tt.metadata, url)
+		}
+		if url := service.ConfigRoot(); url != tt.expectRoot {
+			t.Fatalf("bad url (%q): want %q, got %q", tt.root, tt.expectRoot, url)
+		}
+	}
+}
+
+func TestNewDatasource(t *testing.T) {
+	for _, tt := range []struct {
+		root       string
+		expectRoot string
+	}{
+		{
+			root:       "",
+			expectRoot: "/",
+		},
+		{
+			root:       "/",
+			expectRoot: "/",
+		},
+		{
+			root:       "http://169.254.169.254",
+			expectRoot: "http://169.254.169.254/",
+		},
+		{
+			root:       "http://169.254.169.254/",
+			expectRoot: "http://169.254.169.254/",
+		},
+	} {
+		service := NewDatasource(tt.root, "", "", "", nil)
+		if service.Root != tt.expectRoot {
+			t.Fatalf("bad root (%q): want %q, got %q", tt.root, tt.expectRoot, service.Root)
+		}
+	}
+}
+
+func Error(err error) string {
+	if err != nil {
+		return err.Error()
+	}
+	return ""
+}
--- a/config/cloudinit/datasource/metadata/packet/metadata.go
+++ b/config/cloudinit/datasource/metadata/packet/metadata.go
@@ -0,0 +1,106 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package packet
+
+import (
+	"encoding/json"
+	"net"
+	"strconv"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/datasource/metadata"
+)
+
+const (
+	DefaultAddress = "https://metadata.packet.net/"
+	apiVersion     = ""
+	userdataUrl    = "userdata"
+	metadataPath   = "metadata"
+)
+
+type Netblock struct {
+	Address       net.IP `json:"address"`
+	Cidr          int    `json:"cidr"`
+	Netmask       net.IP `json:"netmask"`
+	Gateway       net.IP `json:"gateway"`
+	AddressFamily int    `json:"address_family"`
+	Public        bool   `json:"public"`
+}
+
+type Nic struct {
+	Name string `json:"name"`
+	Mac  string `json:"mac"`
+}
+
+type NetworkData struct {
+	Interfaces []Nic      `json:"interfaces"`
+	Netblocks  []Netblock `json:"addresses"`
+	DNS        []net.IP   `json:"dns"`
+}
+
+// Metadata that will be pulled from the https://metadata.packet.net/metadata only. We have the opportunity to add more later.
+type Metadata struct {
+	Hostname    string      `json:"hostname"`
+	SSHKeys     []string    `json:"ssh_keys"`
+	NetworkData NetworkData `json:"network"`
+}
+
+type metadataService struct {
+	metadata.MetadataService
+}
+
+func NewDatasource(root string) *metadataService {
+	return &metadataService{MetadataService: metadata.NewDatasource(root, apiVersion, userdataUrl, metadataPath, nil)}
+}
+
+func (ms *metadataService) FetchMetadata() (metadata datasource.Metadata, err error) {
+	var data []byte
+	var m Metadata
+
+	if data, err = ms.FetchData(ms.MetadataUrl()); err != nil || len(data) == 0 {
+		return
+	}
+
+	if err = json.Unmarshal(data, &m); err != nil {
+		return
+	}
+
+	if len(m.NetworkData.Netblocks) > 0 {
+		for _, Netblock := range m.NetworkData.Netblocks {
+			if Netblock.AddressFamily == 4 {
+				if Netblock.Public == true {
+					metadata.PublicIPv4 = Netblock.Address
+				} else {
+					metadata.PrivateIPv4 = Netblock.Address
+				}
+			} else {
+				metadata.PublicIPv6 = Netblock.Address
+			}
+		}
+	}
+	metadata.Hostname = m.Hostname
+	metadata.SSHPublicKeys = map[string]string{}
+	for i, key := range m.SSHKeys {
+		metadata.SSHPublicKeys[strconv.Itoa(i)] = key
+	}
+
+	metadata.NetworkConfig = m.NetworkData
+
+	return
+}
+
+func (ms metadataService) Type() string {
+	return "packet-metadata-service"
+}
--- a/config/cloudinit/datasource/metadata/test/test.go
+++ b/config/cloudinit/datasource/metadata/test/test.go
@@ -0,0 +1,41 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test
+
+import (
+	"fmt"
+
+	"github.com/rancher/os/config/cloudinit/pkg"
+)
+
+type HttpClient struct {
+	Resources map[string]string
+	Err       error
+}
+
+func (t *HttpClient) GetRetry(url string) ([]byte, error) {
+	if t.Err != nil {
+		return nil, t.Err
+	}
+	if val, ok := t.Resources[url]; ok {
+		return []byte(val), nil
+	} else {
+		return nil, pkg.ErrNotFound{fmt.Errorf("not found: %q", url)}
+	}
+}
+
+func (t *HttpClient) Get(url string) ([]byte, error) {
+	return t.GetRetry(url)
+}
--- a/config/cloudinit/datasource/proc_cmdline/proc_cmdline.go
+++ b/config/cloudinit/datasource/proc_cmdline/proc_cmdline.go
@@ -0,0 +1,110 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package proc_cmdline
+
+import (
+	"errors"
+	"io/ioutil"
+	"log"
+	"strings"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/pkg"
+)
+
+const (
+	ProcCmdlineLocation        = "/proc/cmdline"
+	ProcCmdlineCloudConfigFlag = "cloud-config-url"
+)
+
+type procCmdline struct {
+	Location string
+}
+
+func NewDatasource() *procCmdline {
+	return &procCmdline{Location: ProcCmdlineLocation}
+}
+
+func (c *procCmdline) IsAvailable() bool {
+	contents, err := ioutil.ReadFile(c.Location)
+	if err != nil {
+		return false
+	}
+
+	cmdline := strings.TrimSpace(string(contents))
+	_, err = findCloudConfigURL(cmdline)
+	return (err == nil)
+}
+
+func (c *procCmdline) AvailabilityChanges() bool {
+	return false
+}
+
+func (c *procCmdline) ConfigRoot() string {
+	return ""
+}
+
+func (c *procCmdline) FetchMetadata() (datasource.Metadata, error) {
+	return datasource.Metadata{}, nil
+}
+
+func (c *procCmdline) FetchUserdata() ([]byte, error) {
+	contents, err := ioutil.ReadFile(c.Location)
+	if err != nil {
+		return nil, err
+	}
+
+	cmdline := strings.TrimSpace(string(contents))
+	url, err := findCloudConfigURL(cmdline)
+	if err != nil {
+		return nil, err
+	}
+
+	client := pkg.NewHttpClient()
+	cfg, err := client.GetRetry(url)
+	if err != nil {
+		return nil, err
+	}
+
+	return cfg, nil
+}
+
+func (c *procCmdline) Type() string {
+	return "proc-cmdline"
+}
+
+func findCloudConfigURL(input string) (url string, err error) {
+	err = errors.New("cloud-config-url not found")
+	for _, token := range strings.Split(input, " ") {
+		parts := strings.SplitN(token, "=", 2)
+
+		key := parts[0]
+		key = strings.Replace(key, "_", "-", -1)
+
+		if key != "cloud-config-url" {
+			continue
+		}
+
+		if len(parts) != 2 {
+			log.Printf("Found cloud-config-url in /proc/cmdline with no value, ignoring.")
+			continue
+		}
+
+		url = parts[1]
+		err = nil
+	}
+
+	return
+}
--- a/config/cloudinit/datasource/proc_cmdline/proc_cmdline_test.go
+++ b/config/cloudinit/datasource/proc_cmdline/proc_cmdline_test.go
@@ -0,0 +1,102 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package proc_cmdline
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"testing"
+)
+
+func TestParseCmdlineCloudConfigFound(t *testing.T) {
+	tests := []struct {
+		input  string
+		expect string
+	}{
+		{
+			"cloud-config-url=example.com",
+			"example.com",
+		},
+		{
+			"cloud_config_url=example.com",
+			"example.com",
+		},
+		{
+			"cloud-config-url cloud-config-url=example.com",
+			"example.com",
+		},
+		{
+			"cloud-config-url= cloud-config-url=example.com",
+			"example.com",
+		},
+		{
+			"cloud-config-url=one.example.com cloud-config-url=two.example.com",
+			"two.example.com",
+		},
+		{
+			"foo=bar cloud-config-url=example.com ping=pong",
+			"example.com",
+		},
+	}
+
+	for i, tt := range tests {
+		output, err := findCloudConfigURL(tt.input)
+		if output != tt.expect {
+			t.Errorf("Test case %d failed: %s != %s", i, output, tt.expect)
+		}
+		if err != nil {
+			t.Errorf("Test case %d produced error: %v", i, err)
+		}
+	}
+}
+
+func TestProcCmdlineAndFetchConfig(t *testing.T) {
+
+	var (
+		ProcCmdlineTmpl    = "foo=bar cloud-config-url=%s/config\n"
+		CloudConfigContent = "#cloud-config\n"
+	)
+
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Method == "GET" && r.RequestURI == "/config" {
+			fmt.Fprint(w, CloudConfigContent)
+		}
+	}))
+	defer ts.Close()
+
+	file, err := ioutil.TempFile(os.TempDir(), "test_proc_cmdline")
+	defer os.Remove(file.Name())
+	if err != nil {
+		t.Errorf("Test produced error: %v", err)
+	}
+	_, err = file.Write([]byte(fmt.Sprintf(ProcCmdlineTmpl, ts.URL)))
+	if err != nil {
+		t.Errorf("Test produced error: %v", err)
+	}
+
+	p := NewDatasource()
+	p.Location = file.Name()
+	cfg, err := p.FetchUserdata()
+	if err != nil {
+		t.Errorf("Test produced error: %v", err)
+	}
+
+	if string(cfg) != CloudConfigContent {
+		t.Errorf("Test failed, response body: %s != %s", cfg, CloudConfigContent)
+	}
+}
--- a/config/cloudinit/datasource/test/filesystem.go
+++ b/config/cloudinit/datasource/test/filesystem.go
@@ -0,0 +1,57 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test
+
+import (
+	"fmt"
+	"os"
+	"path"
+)
+
+type MockFilesystem map[string]File
+
+type File struct {
+	Path      string
+	Contents  string
+	Directory bool
+}
+
+func (m MockFilesystem) ReadFile(filename string) ([]byte, error) {
+	if f, ok := m[path.Clean(filename)]; ok {
+		if f.Directory {
+			return nil, fmt.Errorf("read %s: is a directory", filename)
+		}
+		return []byte(f.Contents), nil
+	}
+	return nil, os.ErrNotExist
+}
+
+func NewMockFilesystem(files ...File) MockFilesystem {
+	fs := MockFilesystem{}
+	for _, file := range files {
+		fs[file.Path] = file
+
+		// Create the directories leading up to the file
+		p := path.Dir(file.Path)
+		for p != "/" && p != "." {
+			if f, ok := fs[p]; ok && !f.Directory {
+				panic(fmt.Sprintf("%q already exists and is not a directory (%#v)", p, f))
+			}
+			fs[p] = File{Path: p, Directory: true}
+			p = path.Dir(p)
+		}
+	}
+	return fs
+}
--- a/config/cloudinit/datasource/test/filesystem_test.go
+++ b/config/cloudinit/datasource/test/filesystem_test.go
@@ -0,0 +1,115 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package test
+
+import (
+	"errors"
+	"os"
+	"reflect"
+	"testing"
+)
+
+func TestReadFile(t *testing.T) {
+	tests := []struct {
+		filesystem MockFilesystem
+
+		filename string
+		contents string
+		err      error
+	}{
+		{
+			filename: "dne",
+			err:      os.ErrNotExist,
+		},
+		{
+			filesystem: MockFilesystem{
+				"exists": File{Contents: "hi"},
+			},
+			filename: "exists",
+			contents: "hi",
+		},
+		{
+			filesystem: MockFilesystem{
+				"dir": File{Directory: true},
+			},
+			filename: "dir",
+			err:      errors.New("read dir: is a directory"),
+		},
+	}
+
+	for i, tt := range tests {
+		contents, err := tt.filesystem.ReadFile(tt.filename)
+		if tt.contents != string(contents) {
+			t.Errorf("bad contents (test %d): want %q, got %q", i, tt.contents, string(contents))
+		}
+		if !reflect.DeepEqual(tt.err, err) {
+			t.Errorf("bad error (test %d): want %v, got %v", i, tt.err, err)
+		}
+	}
+}
+
+func TestNewMockFilesystem(t *testing.T) {
+	tests := []struct {
+		files []File
+
+		filesystem MockFilesystem
+	}{
+		{
+			filesystem: MockFilesystem{},
+		},
+		{
+			files: []File{{Path: "file"}},
+			filesystem: MockFilesystem{
+				"file": File{Path: "file"},
+			},
+		},
+		{
+			files: []File{{Path: "/file"}},
+			filesystem: MockFilesystem{
+				"/file": File{Path: "/file"},
+			},
+		},
+		{
+			files: []File{{Path: "/dir/file"}},
+			filesystem: MockFilesystem{
+				"/dir":      File{Path: "/dir", Directory: true},
+				"/dir/file": File{Path: "/dir/file"},
+			},
+		},
+		{
+			files: []File{{Path: "/dir/dir/file"}},
+			filesystem: MockFilesystem{
+				"/dir":          File{Path: "/dir", Directory: true},
+				"/dir/dir":      File{Path: "/dir/dir", Directory: true},
+				"/dir/dir/file": File{Path: "/dir/dir/file"},
+			},
+		},
+		{
+			files: []File{{Path: "/dir/dir/dir", Directory: true}},
+			filesystem: MockFilesystem{
+				"/dir":         File{Path: "/dir", Directory: true},
+				"/dir/dir":     File{Path: "/dir/dir", Directory: true},
+				"/dir/dir/dir": File{Path: "/dir/dir/dir", Directory: true},
+			},
+		},
+	}
+
+	for i, tt := range tests {
+		filesystem := NewMockFilesystem(tt.files...)
+		if !reflect.DeepEqual(tt.filesystem, filesystem) {
+			t.Errorf("bad filesystem (test %d): want %#v, got %#v", i, tt.filesystem, filesystem)
+		}
+	}
+}
--- a/config/cloudinit/datasource/url/url.go
+++ b/config/cloudinit/datasource/url/url.go
@@ -0,0 +1,55 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package url
+
+import (
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/pkg"
+)
+
+type remoteFile struct {
+	url string
+}
+
+func NewDatasource(url string) *remoteFile {
+	return &remoteFile{url}
+}
+
+func (f *remoteFile) IsAvailable() bool {
+	client := pkg.NewHttpClient()
+	_, err := client.Get(f.url)
+	return (err == nil)
+}
+
+func (f *remoteFile) AvailabilityChanges() bool {
+	return true
+}
+
+func (f *remoteFile) ConfigRoot() string {
+	return ""
+}
+
+func (f *remoteFile) FetchMetadata() (datasource.Metadata, error) {
+	return datasource.Metadata{}, nil
+}
+
+func (f *remoteFile) FetchUserdata() ([]byte, error) {
+	client := pkg.NewHttpClient()
+	return client.GetRetry(f.url)
+}
+
+func (f *remoteFile) Type() string {
+	return "url"
+}
--- a/config/cloudinit/datasource/vmware/vmware.go
+++ b/config/cloudinit/datasource/vmware/vmware.go
@@ -0,0 +1,159 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package vmware
+
+import (
+	"fmt"
+	"net"
+
+	"github.com/rancher/os/config/cloudinit/config"
+	"github.com/rancher/os/config/cloudinit/datasource"
+)
+
+type readConfigFunction func(key string) (string, error)
+type urlDownloadFunction func(url string) ([]byte, error)
+
+type vmware struct {
+	ovfFileName string
+	readConfig  readConfigFunction
+	urlDownload urlDownloadFunction
+}
+
+func (v vmware) AvailabilityChanges() bool {
+	return false
+}
+
+func (v vmware) ConfigRoot() string {
+	return "/"
+}
+
+func (v vmware) FetchMetadata() (metadata datasource.Metadata, err error) {
+	metadata.Hostname, _ = v.readConfig("hostname")
+
+	netconf := map[string]string{}
+	saveConfig := func(key string, args ...interface{}) string {
+		key = fmt.Sprintf(key, args...)
+		val, _ := v.readConfig(key)
+		if val != "" {
+			netconf[key] = val
+		}
+		return val
+	}
+
+	for i := 0; ; i++ {
+		if nameserver := saveConfig("dns.server.%d", i); nameserver == "" {
+			break
+		}
+	}
+
+	for i := 0; ; i++ {
+		if domain := saveConfig("dns.domain.%d", i); domain == "" {
+			break
+		}
+	}
+
+	found := true
+	for i := 0; found; i++ {
+		found = false
+
+		found = (saveConfig("interface.%d.name", i) != "") || found
+		found = (saveConfig("interface.%d.mac", i) != "") || found
+		found = (saveConfig("interface.%d.dhcp", i) != "") || found
+
+		role, _ := v.readConfig(fmt.Sprintf("interface.%d.role", i))
+		for a := 0; ; a++ {
+			address := saveConfig("interface.%d.ip.%d.address", i, a)
+			if address == "" {
+				break
+			} else {
+				found = true
+			}
+
+			ip, _, err := net.ParseCIDR(address)
+			if err != nil {
+				return metadata, err
+			}
+
+			switch role {
+			case "public":
+				if ip.To4() != nil {
+					metadata.PublicIPv4 = ip
+				} else {
+					metadata.PublicIPv6 = ip
+				}
+			case "private":
+				if ip.To4() != nil {
+					metadata.PrivateIPv4 = ip
+				} else {
+					metadata.PrivateIPv6 = ip
+				}
+			case "":
+			default:
+				return metadata, fmt.Errorf("unrecognized role: %q", role)
+			}
+		}
+
+		for r := 0; ; r++ {
+			gateway := saveConfig("interface.%d.route.%d.gateway", i, r)
+			destination := saveConfig("interface.%d.route.%d.destination", i, r)
+
+			if gateway == "" && destination == "" {
+				break
+			} else {
+				found = true
+			}
+		}
+	}
+	metadata.NetworkConfig = netconf
+
+	return
+}
+
+func (v vmware) FetchUserdata() ([]byte, error) {
+	encoding, err := v.readConfig("coreos.config.data.encoding")
+	if err != nil {
+		return nil, err
+	}
+
+	data, err := v.readConfig("coreos.config.data")
+	if err != nil {
+		return nil, err
+	}
+
+	// Try to fallback to url if no explicit data
+	if data == "" {
+		url, err := v.readConfig("coreos.config.url")
+		if err != nil {
+			return nil, err
+		}
+
+		if url != "" {
+			rawData, err := v.urlDownload(url)
+			if err != nil {
+				return nil, err
+			}
+			data = string(rawData)
+		}
+	}
+
+	if encoding != "" {
+		return config.DecodeContent(data, encoding)
+	}
+	return []byte(data), nil
+}
+
+func (v vmware) Type() string {
+	return "vmware"
+}
--- a/config/cloudinit/datasource/vmware/vmware_amd64.go
+++ b/config/cloudinit/datasource/vmware/vmware_amd64.go
@@ -0,0 +1,101 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package vmware
+
+import (
+	"io/ioutil"
+	"log"
+	"os"
+
+	"github.com/rancher/os/config/cloudinit/pkg"
+
+	"github.com/sigma/vmw-guestinfo/rpcvmx"
+	"github.com/sigma/vmw-guestinfo/vmcheck"
+	"github.com/sigma/vmw-ovflib"
+)
+
+type ovfWrapper struct {
+	env *ovf.OvfEnvironment
+}
+
+func (ovf ovfWrapper) readConfig(key string) (string, error) {
+	return ovf.env.Properties["guestinfo."+key], nil
+}
+
+func NewDatasource(fileName string) *vmware {
+	// read from provided ovf environment document (typically /media/ovfenv/ovf-env.xml)
+	if fileName != "" {
+		log.Printf("Using OVF environment from %s\n", fileName)
+		ovfEnv, err := ioutil.ReadFile(fileName)
+		if err != nil {
+			ovfEnv = make([]byte, 0)
+		}
+		return &vmware{
+			ovfFileName: fileName,
+			readConfig:  getOvfReadConfig(ovfEnv),
+			urlDownload: urlDownload,
+		}
+	}
+
+	// try to read ovf environment from VMware tools
+	data, err := readConfig("ovfenv")
+	if err == nil && data != "" {
+		log.Printf("Using OVF environment from guestinfo\n")
+		return &vmware{
+			readConfig:  getOvfReadConfig([]byte(data)),
+			urlDownload: urlDownload,
+		}
+	}
+
+	// if everything fails, fallback to directly reading variables from the backdoor
+	log.Printf("Using guestinfo variables\n")
+	return &vmware{
+		readConfig:  readConfig,
+		urlDownload: urlDownload,
+	}
+}
+
+func (v vmware) IsAvailable() bool {
+	if v.ovfFileName != "" {
+		_, err := os.Stat(v.ovfFileName)
+		return !os.IsNotExist(err)
+	}
+	return vmcheck.IsVirtualWorld()
+}
+
+func readConfig(key string) (string, error) {
+	data, err := rpcvmx.NewConfig().String(key, "")
+	if err == nil {
+		log.Printf("Read from %q: %q\n", key, data)
+	} else {
+		log.Printf("Failed to read from %q: %v\n", key, err)
+	}
+	return data, err
+}
+
+func getOvfReadConfig(ovfEnv []byte) readConfigFunction {
+	env := &ovf.OvfEnvironment{}
+	if len(ovfEnv) != 0 {
+		env = ovf.ReadEnvironment(ovfEnv)
+	}
+
+	wrapper := ovfWrapper{env}
+	return wrapper.readConfig
+}
+
+func urlDownload(url string) ([]byte, error) {
+	client := pkg.NewHttpClient()
+	return client.GetRetry(url)
+}
--- a/config/cloudinit/datasource/vmware/vmware_test.go
+++ b/config/cloudinit/datasource/vmware/vmware_test.go
@@ -0,0 +1,298 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package vmware
+
+import (
+	"errors"
+	"io/ioutil"
+	"net"
+	"os"
+	"reflect"
+	"testing"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+)
+
+type MockHypervisor map[string]string
+
+func (h MockHypervisor) ReadConfig(key string) (string, error) {
+	return h[key], nil
+}
+
+var fakeDownloader urlDownloadFunction = func(url string) ([]byte, error) {
+	mapping := map[string]struct {
+		data []byte
+		err  error
+	}{
+		"http://good.example.com": {[]byte("test config"), nil},
+		"http://bad.example.com":  {nil, errors.New("Not found")},
+	}
+	val := mapping[url]
+	return val.data, val.err
+}
+
+func TestFetchMetadata(t *testing.T) {
+	tests := []struct {
+		variables MockHypervisor
+
+		metadata datasource.Metadata
+		err      error
+	}{
+		{
+			variables: map[string]string{
+				"interface.0.mac":  "test mac",
+				"interface.0.dhcp": "yes",
+			},
+			metadata: datasource.Metadata{
+				NetworkConfig: map[string]string{
+					"interface.0.mac":  "test mac",
+					"interface.0.dhcp": "yes",
+				},
+			},
+		},
+		{
+			variables: map[string]string{
+				"interface.0.name": "test name",
+				"interface.0.dhcp": "yes",
+			},
+			metadata: datasource.Metadata{
+				NetworkConfig: map[string]string{
+					"interface.0.name": "test name",
+					"interface.0.dhcp": "yes",
+				},
+			},
+		},
+		{
+			variables: map[string]string{
+				"hostname":                        "test host",
+				"interface.0.mac":                 "test mac",
+				"interface.0.role":                "private",
+				"interface.0.ip.0.address":        "fe00::100/64",
+				"interface.0.route.0.gateway":     "fe00::1",
+				"interface.0.route.0.destination": "::",
+			},
+			metadata: datasource.Metadata{
+				Hostname:    "test host",
+				PrivateIPv6: net.ParseIP("fe00::100"),
+				NetworkConfig: map[string]string{
+					"interface.0.mac":                 "test mac",
+					"interface.0.ip.0.address":        "fe00::100/64",
+					"interface.0.route.0.gateway":     "fe00::1",
+					"interface.0.route.0.destination": "::",
+				},
+			},
+		},
+		{
+			variables: map[string]string{
+				"hostname":                        "test host",
+				"interface.0.name":                "test name",
+				"interface.0.role":                "public",
+				"interface.0.ip.0.address":        "10.0.0.100/24",
+				"interface.0.ip.1.address":        "10.0.0.101/24",
+				"interface.0.route.0.gateway":     "10.0.0.1",
+				"interface.0.route.0.destination": "0.0.0.0",
+				"interface.1.mac":                 "test mac",
+				"interface.1.role":                "private",
+				"interface.1.route.0.gateway":     "10.0.0.2",
+				"interface.1.route.0.destination": "0.0.0.0",
+				"interface.1.ip.0.address":        "10.0.0.102/24",
+			},
+			metadata: datasource.Metadata{
+				Hostname:    "test host",
+				PublicIPv4:  net.ParseIP("10.0.0.101"),
+				PrivateIPv4: net.ParseIP("10.0.0.102"),
+				NetworkConfig: map[string]string{
+					"interface.0.name":                "test name",
+					"interface.0.ip.0.address":        "10.0.0.100/24",
+					"interface.0.ip.1.address":        "10.0.0.101/24",
+					"interface.0.route.0.gateway":     "10.0.0.1",
+					"interface.0.route.0.destination": "0.0.0.0",
+					"interface.1.mac":                 "test mac",
+					"interface.1.route.0.gateway":     "10.0.0.2",
+					"interface.1.route.0.destination": "0.0.0.0",
+					"interface.1.ip.0.address":        "10.0.0.102/24",
+				},
+			},
+		},
+	}
+
+	for i, tt := range tests {
+		v := vmware{readConfig: tt.variables.ReadConfig}
+		metadata, err := v.FetchMetadata()
+		if !reflect.DeepEqual(tt.err, err) {
+			t.Errorf("bad error (#%d): want %v, got %v", i, tt.err, err)
+		}
+		if !reflect.DeepEqual(tt.metadata, metadata) {
+			t.Errorf("bad metadata (#%d): want %#v, got %#v", i, tt.metadata, metadata)
+		}
+	}
+}
+
+func TestFetchUserdata(t *testing.T) {
+	tests := []struct {
+		variables MockHypervisor
+
+		userdata string
+		err      error
+	}{
+		{},
+		{
+			variables: map[string]string{"coreos.config.data": "test config"},
+			userdata:  "test config",
+		},
+		{
+			variables: map[string]string{
+				"coreos.config.data.encoding": "",
+				"coreos.config.data":          "test config",
+			},
+			userdata: "test config",
+		},
+		{
+			variables: map[string]string{
+				"coreos.config.data.encoding": "base64",
+				"coreos.config.data":          "dGVzdCBjb25maWc=",
+			},
+			userdata: "test config",
+		},
+		{
+			variables: map[string]string{
+				"coreos.config.data.encoding": "gzip+base64",
+				"coreos.config.data":          "H4sIABaoWlUAAytJLS5RSM7PS8tMBwCQiHNZCwAAAA==",
+			},
+			userdata: "test config",
+		},
+		{
+			variables: map[string]string{
+				"coreos.config.data.encoding": "test encoding",
+			},
+			err: errors.New(`Unsupported encoding "test encoding"`),
+		},
+		{
+			variables: map[string]string{
+				"coreos.config.url": "http://good.example.com",
+			},
+			userdata: "test config",
+		},
+		{
+			variables: map[string]string{
+				"coreos.config.url": "http://bad.example.com",
+			},
+			err: errors.New("Not found"),
+		},
+	}
+
+	for i, tt := range tests {
+		v := vmware{
+			readConfig:  tt.variables.ReadConfig,
+			urlDownload: fakeDownloader,
+		}
+		userdata, err := v.FetchUserdata()
+		if !reflect.DeepEqual(tt.err, err) {
+			t.Errorf("bad error (#%d): want %v, got %v", i, tt.err, err)
+		}
+		if tt.userdata != string(userdata) {
+			t.Errorf("bad userdata (#%d): want %q, got %q", i, tt.userdata, userdata)
+		}
+	}
+}
+
+func TestFetchUserdataError(t *testing.T) {
+	testErr := errors.New("test error")
+	_, err := vmware{readConfig: func(_ string) (string, error) { return "", testErr }}.FetchUserdata()
+
+	if testErr != err {
+		t.Errorf("bad error: want %v, got %v", testErr, err)
+	}
+}
+
+func TestOvfTransport(t *testing.T) {
+	tests := []struct {
+		document string
+
+		metadata datasource.Metadata
+		userdata []byte
+	}{
+		{
+			document: `<?xml version="1.0" encoding="UTF-8"?>
+<Environment xmlns="http://schemas.dmtf.org/ovf/environment/1"
+     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+     xmlns:oe="http://schemas.dmtf.org/ovf/environment/1"
+     oe:id="CoreOS-vmw">
+   <PlatformSection>
+      <Kind>VMware ESXi</Kind>
+      <Version>5.5.0</Version>
+      <Vendor>VMware, Inc.</Vendor>
+      <Locale>en</Locale>
+   </PlatformSection>
+   <PropertySection>
+      <Property oe:key="foo" oe:value="42"/>
+      <Property oe:key="guestinfo.coreos.config.url" oe:value="http://good.example.com"/>
+      <Property oe:key="guestinfo.hostname" oe:value="test host"/>
+      <Property oe:key="guestinfo.interface.0.name" oe:value="test name"/>
+      <Property oe:key="guestinfo.interface.0.role" oe:value="public"/>
+      <Property oe:key="guestinfo.interface.0.ip.0.address" oe:value="10.0.0.100/24"/>
+      <Property oe:key="guestinfo.interface.0.ip.1.address" oe:value="10.0.0.101/24"/>
+      <Property oe:key="guestinfo.interface.0.route.0.gateway" oe:value="10.0.0.1"/>
+      <Property oe:key="guestinfo.interface.0.route.0.destination" oe:value="0.0.0.0"/>
+      <Property oe:key="guestinfo.interface.1.mac" oe:value="test mac"/>
+      <Property oe:key="guestinfo.interface.1.role" oe:value="private"/>
+      <Property oe:key="guestinfo.interface.1.route.0.gateway" oe:value="10.0.0.2"/>
+      <Property oe:key="guestinfo.interface.1.route.0.destination" oe:value="0.0.0.0"/>
+      <Property oe:key="guestinfo.interface.1.ip.0.address" oe:value="10.0.0.102/24"/>
+   </PropertySection>
+</Environment>`,
+			metadata: datasource.Metadata{
+				Hostname:    "test host",
+				PublicIPv4:  net.ParseIP("10.0.0.101"),
+				PrivateIPv4: net.ParseIP("10.0.0.102"),
+				NetworkConfig: map[string]string{
+					"interface.0.name":                "test name",
+					"interface.0.ip.0.address":        "10.0.0.100/24",
+					"interface.0.ip.1.address":        "10.0.0.101/24",
+					"interface.0.route.0.gateway":     "10.0.0.1",
+					"interface.0.route.0.destination": "0.0.0.0",
+					"interface.1.mac":                 "test mac",
+					"interface.1.route.0.gateway":     "10.0.0.2",
+					"interface.1.route.0.destination": "0.0.0.0",
+					"interface.1.ip.0.address":        "10.0.0.102/24",
+				},
+			},
+			userdata: []byte("test config"),
+		},
+	}
+
+	for i, tt := range tests {
+		file, err := ioutil.TempFile(os.TempDir(), "ovf")
+		if err != nil {
+			t.Errorf("error creating ovf file (#%d)", i)
+		}
+		defer os.Remove(file.Name())
+
+		file.WriteString(tt.document)
+		v := NewDatasource(file.Name())
+		v.urlDownload = fakeDownloader
+
+		metadata, err := v.FetchMetadata()
+		userdata, err := v.FetchUserdata()
+
+		if !reflect.DeepEqual(tt.metadata, metadata) {
+			t.Errorf("bad metadata (#%d): want %#v, got %#v", i, tt.metadata, metadata)
+		}
+		if !reflect.DeepEqual(tt.userdata, userdata) {
+			t.Errorf("bad userdata (#%d): want %#v, got %#v", i, tt.userdata, userdata)
+		}
+	}
+
+}
--- a/config/cloudinit/datasource/vmware/vmware_unsupported.go
+++ b/config/cloudinit/datasource/vmware/vmware_unsupported.go
@@ -0,0 +1,25 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// +build !amd64
+
+package vmware
+
+func NewDatasource(fileName string) *vmware {
+	return &vmware{}
+}
+
+func (v vmware) IsAvailable() bool {
+	return false
+}
--- a/config/cloudinit/datasource/waagent/waagent.go
+++ b/config/cloudinit/datasource/waagent/waagent.go
@@ -0,0 +1,117 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package waagent
+
+import (
+	"encoding/xml"
+	"io/ioutil"
+	"log"
+	"net"
+	"os"
+	"path"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+)
+
+type waagent struct {
+	root     string
+	readFile func(filename string) ([]byte, error)
+}
+
+func NewDatasource(root string) *waagent {
+	return &waagent{root, ioutil.ReadFile}
+}
+
+func (a *waagent) IsAvailable() bool {
+	_, err := os.Stat(path.Join(a.root, "provisioned"))
+	return !os.IsNotExist(err)
+}
+
+func (a *waagent) AvailabilityChanges() bool {
+	return true
+}
+
+func (a *waagent) ConfigRoot() string {
+	return a.root
+}
+
+func (a *waagent) FetchMetadata() (metadata datasource.Metadata, err error) {
+	var metadataBytes []byte
+	if metadataBytes, err = a.tryReadFile(path.Join(a.root, "SharedConfig.xml")); err != nil {
+		return
+	}
+	if len(metadataBytes) == 0 {
+		return
+	}
+
+	type Instance struct {
+		Id             string `xml:"id,attr"`
+		Address        string `xml:"address,attr"`
+		InputEndpoints struct {
+			Endpoints []struct {
+				LoadBalancedPublicAddress string `xml:"loadBalancedPublicAddress,attr"`
+			} `xml:"Endpoint"`
+		}
+	}
+
+	type SharedConfig struct {
+		Incarnation struct {
+			Instance string `xml:"instance,attr"`
+		}
+		Instances struct {
+			Instances []Instance `xml:"Instance"`
+		}
+	}
+
+	var m SharedConfig
+	if err = xml.Unmarshal(metadataBytes, &m); err != nil {
+		return
+	}
+
+	var instance Instance
+	for _, i := range m.Instances.Instances {
+		if i.Id == m.Incarnation.Instance {
+			instance = i
+			break
+		}
+	}
+
+	metadata.PrivateIPv4 = net.ParseIP(instance.Address)
+	for _, e := range instance.InputEndpoints.Endpoints {
+		host, _, err := net.SplitHostPort(e.LoadBalancedPublicAddress)
+		if err == nil {
+			metadata.PublicIPv4 = net.ParseIP(host)
+			break
+		}
+	}
+	return
+}
+
+func (a *waagent) FetchUserdata() ([]byte, error) {
+	return a.tryReadFile(path.Join(a.root, "CustomData"))
+}
+
+func (a *waagent) Type() string {
+	return "waagent"
+}
+
+func (a *waagent) tryReadFile(filename string) ([]byte, error) {
+	log.Printf("Attempting to read from %q\n", filename)
+	data, err := a.readFile(filename)
+	if os.IsNotExist(err) {
+		err = nil
+	}
+	return data, err
+}
--- a/config/cloudinit/datasource/waagent/waagent_test.go
+++ b/config/cloudinit/datasource/waagent/waagent_test.go
@@ -0,0 +1,166 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package waagent
+
+import (
+	"net"
+	"reflect"
+	"testing"
+
+	"github.com/rancher/os/config/cloudinit/datasource"
+	"github.com/rancher/os/config/cloudinit/datasource/test"
+)
+
+func TestFetchMetadata(t *testing.T) {
+	for _, tt := range []struct {
+		root     string
+		files    test.MockFilesystem
+		metadata datasource.Metadata
+	}{
+		{
+			root:  "/",
+			files: test.NewMockFilesystem(),
+		},
+		{
+			root:  "/",
+			files: test.NewMockFilesystem(test.File{Path: "/SharedConfig.xml", Contents: ""}),
+		},
+		{
+			root:  "/var/lib/waagent",
+			files: test.NewMockFilesystem(test.File{Path: "/var/lib/waagent/SharedConfig.xml", Contents: ""}),
+		},
+		{
+			root: "/var/lib/waagent",
+			files: test.NewMockFilesystem(test.File{Path: "/var/lib/waagent/SharedConfig.xml", Contents: `<?xml version="1.0" encoding="utf-8"?>
+<SharedConfig version="1.0.0.0" goalStateIncarnation="1">
+  <Deployment name="c8f9e4c9c18948e1bebf57c5685da756" guid="{1d10394f-c741-4a1a-a6bb-278f213c5a5e}" incarnation="0" isNonCancellableTopologyChangeEnabled="false">
+    <Service name="core-test-1" guid="{00000000-0000-0000-0000-000000000000}" />
+    <ServiceInstance name="c8f9e4c9c18948e1bebf57c5685da756.0" guid="{1e202e9a-8ffe-4915-b6ef-4118c9628fda}" />
+  </Deployment>
+  <Incarnation number="1" instance="core-test-1" guid="{8767eb4b-b445-4783-b1f5-6c0beaf41ea0}" />
+  <Role guid="{53ecc81e-257f-fbc9-a53a-8cf1a0a122b4}" name="core-test-1" settleTimeSeconds="0" />
+  <LoadBalancerSettings timeoutSeconds="0" waitLoadBalancerProbeCount="8">
+    <Probes>
+      <Probe name="D41D8CD98F00B204E9800998ECF8427E" />
+      <Probe name="C9DEC1518E1158748FA4B6081A8266DD" />
+    </Probes>
+  </LoadBalancerSettings>
+  <OutputEndpoints>
+    <Endpoint name="core-test-1:openInternalEndpoint" type="SFS">
+      <Target instance="core-test-1" endpoint="openInternalEndpoint" />
+    </Endpoint>
+  </OutputEndpoints>
+  <Instances>
+    <Instance id="core-test-1" address="100.73.202.64">
+      <FaultDomains randomId="0" updateId="0" updateCount="0" />
+      <InputEndpoints>
+        <Endpoint name="openInternalEndpoint" address="100.73.202.64" protocol="any" isPublic="false" enableDirectServerReturn="false" isDirectAddress="false" disableStealthMode="false">
+          <LocalPorts>
+            <LocalPortSelfManaged />
+          </LocalPorts>
+        </Endpoint>
+        <Endpoint name="ssh" address="100.73.202.64:22" protocol="tcp" hostName="core-test-1ContractContract" isPublic="true" loadBalancedPublicAddress="191.239.39.77:22" enableDirectServerReturn="false" isDirectAddress="false" disableStealthMode="false">
+          <LocalPorts>
+            <LocalPortRange from="22" to="22" />
+          </LocalPorts>
+        </Endpoint>
+      </InputEndpoints>
+    </Instance>
+  </Instances>
+</SharedConfig>`}),
+			metadata: datasource.Metadata{
+				PrivateIPv4: net.ParseIP("100.73.202.64"),
+				PublicIPv4:  net.ParseIP("191.239.39.77"),
+			},
+		},
+	} {
+		a := waagent{tt.root, tt.files.ReadFile}
+		metadata, err := a.FetchMetadata()
+		if err != nil {
+			t.Fatalf("bad error for %+v: want %v, got %q", tt, nil, err)
+		}
+		if !reflect.DeepEqual(tt.metadata, metadata) {
+			t.Fatalf("bad metadata for %+v: want %#v, got %#v", tt, tt.metadata, metadata)
+		}
+	}
+}
+
+func TestFetchUserdata(t *testing.T) {
+	for _, tt := range []struct {
+		root  string
+		files test.MockFilesystem
+	}{
+		{
+			"/",
+			test.NewMockFilesystem(),
+		},
+		{
+			"/",
+			test.NewMockFilesystem(test.File{Path: "/CustomData", Contents: ""}),
+		},
+		{
+			"/var/lib/waagent/",
+			test.NewMockFilesystem(test.File{Path: "/var/lib/waagent/CustomData", Contents: ""}),
+		},
+	} {
+		a := waagent{tt.root, tt.files.ReadFile}
+		_, err := a.FetchUserdata()
+		if err != nil {
+			t.Fatalf("bad error for %+v: want %v, got %q", tt, nil, err)
+		}
+	}
+}
+
+func TestConfigRoot(t *testing.T) {
+	for _, tt := range []struct {
+		root       string
+		configRoot string
+	}{
+		{
+			"/",
+			"/",
+		},
+		{
+			"/var/lib/waagent",
+			"/var/lib/waagent",
+		},
+	} {
+		a := waagent{tt.root, nil}
+		if configRoot := a.ConfigRoot(); configRoot != tt.configRoot {
+			t.Fatalf("bad config root for %q: want %q, got %q", tt, tt.configRoot, configRoot)
+		}
+	}
+}
+
+func TestNewDatasource(t *testing.T) {
+	for _, tt := range []struct {
+		root       string
+		expectRoot string
+	}{
+		{
+			root:       "",
+			expectRoot: "",
+		},
+		{
+			root:       "/var/lib/waagent",
+			expectRoot: "/var/lib/waagent",
+		},
+	} {
+		service := NewDatasource(tt.root)
+		if service.root != tt.expectRoot {
+			t.Fatalf("bad root (%q): want %q, got %q", tt.root, tt.expectRoot, service.root)
+		}
+	}
+}