Chapter 3. Red Hat support for cloud-init
Red Hat supports the cloud-init
utility, cloud-init
modules, and default directories and files across various Red Hat products.
3.1. cloud-init significant directories and files
By using directories and files in the following table, you can perform tasks such as:
-
Configuring
cloud-init
-
Finding information about your configuration after
cloud-init
has run - Examining log files
- Finding templates
Depending on your scenario and datasource, there can be additional files and directories important to your configuration.
Directory or File | Description |
---|---|
|
The |
|
The |
|
When |
|
The |
|
This directory includes templates that you can enable in |
|
The |
|
The |
3.2. Red Hat products that use cloud-init
You can use cloud-init
with these Red Hat products:
-
Red Hat Virtualization. Once you install
cloud-init
on a VM, you can create a template and leveragecloud-init
functions for all VMs created from that template. Refer to Using Cloud-Init to Automate the Configuration of Virtual Machines for information about usingcloud-init
with VMs. -
Red Hat OpenStack Platform. You can use
cloud-init
to help configure images for OpenStack. Refer to the Instances and Images Guide for more information. -
Red Hat Satellite. You can use
cloud-init
with Red Hat Satellite. Refer to Preparing Cloud-init Images in Red Hat Virtualization for more information. -
Red Hat OpenShift. You can use
cloud-init
when you create VMs for OpenShift. Refer to Creating Virtual Machines for more information.
3.3. Red Hat supports these cloud-init modules
Red Hat supports most cloud-init
modules. Individual modules can contain multiple configuration options. In the following table, you can find all of the cloud-init
modules that Red Hat currently supports and provides a brief description and the default module frequency. Refer to Modules in the cloud-init
Documentation section for complete descriptions and options for these modules.
cloud-init Module | Description | Default Module Frequency |
---|---|---|
bootcmd | Runs commands early in the boot process | per always |
ca_certs | Adds CA certificates | per instance |
debug | Enables or disables output of internal information to assist with debugging | per instance |
disable_ec2_metadata | Enables or disables the AWS EC2 metadata | per always |
disk_setup | Configures simple partition tables and file systems | per instance |
final_message |
Specifies the output message once | per always |
foo | Example shows module structure (Module does nothing) | per instance |
growpart | Resizes partitions to fill the available disk space | per always |
keys_to_console | Allows controls of fingerprints and keys that can be written to the console | per instance |
landscape | Installs and configures a landscape client | per instance |
locale | Configures the system locale and applies it system-wide | per instance |
mcollective |
Installs, configures, and starts | per instance |
migrator |
Moves old versions of | per always |
mounts | Configures mount points and swap files | per instance |
phone_home | Posts data to a remote host after boot completes | per instance |
power_state_change | Completes shutdown and reboot after all configuration modules have run | per instance |
puppet | Installs and configures puppet | per instance |
resizefs | Resizes a file system to use all available space on a partition | per always |
resolv_conf |
Configures | per instance |
rh_subscription | Registers a Red Hat Enterprise Linux system | per instance |
rightscale_userdata |
Adds support for RightScale configuration hooks to | per instance |
rsyslog |
Configures remote system logging using | per instance |
runcmd | Runs arbitrary commands | per instance |
salt_minion |
Installs, configures, and starts | per instance |
scripts_per_boot | Runs per boot scripts | per always |
scripts_per_instance | Runs per instance scripts | per instance |
scripts_per_once | Runs scripts once | per once |
scripts_user | Runs user scripts | per instance |
scripts_vendor | Runs vendor scripts | per instance |
seed_random | Provides random seed data | per instance |
set_hostname | Sets host name and fully qualified domain name (FQDN) | per always |
set_passwords | Sets user passwords and enables or disables SSH password authentication | per instance |
ssh_authkey_fingerprints | Logs fingerprints of user SSH keys | per instance |
ssh_import_id | Imports SSH keys | per instance |
ssh | Configures SSH, and host and authorized SSH keys | per instance |
timezone | Sets the system time zone | per instance |
update_etc_hosts |
Updates | per always |
update_hostname | Updates host name and FQDN | per always |
users_groups | Configures users and groups | per instance |
write_files | Writes arbitrary files | per instance |
yum_add_repo | Adds dnf repository configuration to the system | per always |
The following list of modules is not supported by Red Hat:
Module |
---|
apt_configure |
apt_pipeline |
byobu |
chef |
emit_upstart |
grub_dpkg |
ubuntu_init_switch |
3.4. The default cloud.cfg file
The /etc/cloud/cloud.cfg
file lists the modules comprising the basic configuration for cloud-init
.
The modules in the file are the default modules for cloud-init
. You can configure the modules for your environment or remove modules you do not need. Modules that are included in cloud.cfg
do not necessarily do anything by being listed in the file. You need to configure them individually if you want them to perform actions during one of the cloud-init
phases.
The cloud.cfg
file provides the chronology for running individual modules. You can add additional modules to cloud.cfg
as long as Red Hat supports the modules you want to add.
The default contents of the file for Red Hat Enterprise Linux (RHEL) are as follows:
-
Modules run in the order given in
cloud.cfg
. You typically do not change this order. -
The
cloud.cfg
directives can be overridden by user data. -
When running
cloud-init
manually, you can overridecloud.cfg
with command line options. - Each module includes its own configuration options, where you can add specific information.
-
To ensure optimal functionality of the configuration, prefer using module names with underscores (
_
) rather than dashes (-
).
users: 1 - default disable_root: true 2 resize_rootfs_tmp: /dev ssh_pwauth: false 3 mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service', '0', '2'] 4 ssh_deletekeys: true 5 ssh_genkeytypes: ['rsa', 'ecdsa', 'ed25519'] 6 syslog_fix_perms: ~ 7 disable_vmware_customization: false 8 cloud_init_modules: 9 - migrator - seed_random - bootcmd - write_files - growpart - resizefs - disk_setup - mounts - set_hostname - update_hostname - update_etc_hosts - ca_certs - rsyslog - users_groups - ssh cloud_config_modules: 10 - ssh_import_id - locale - set_passwords - rh_subscription - spacewalk - yum_add_repo - ntp - timezone - disable_ec2_metadata - runcmd cloud_final_modules: 11 - package_update_upgrade_install - write_files_deferred - puppet - chef - ansible - mcollective - salt_minion - reset_rmc - rightscale_userdata - scripts_vendor - scripts_per_once - scripts_per_boot - scripts_per_instance - scripts_user - ssh_authkey_fingerprints - keys_to_console - install_hotplug - phone_home - final_message - power_state_change system_info: default_user: 12 name: cloud-user lock_passwd: true gecos: Cloud User groups: [adm, systemd-journal] sudo: ["ALL=(ALL) NOPASSWD:ALL"] shell: /bin/bash distro: rhel 13 network: renderers: ['sysconfig', 'eni', 'netplan', 'network-manager', 'networkd'] paths: cloud_dir: /var/lib/cloud 14 templates_dir: /etc/cloud/templates 15 ssh_svcname: sshd 16 # vim:syntax=yaml
- 1
- Specifies the default user for the system. Refer to Users and Groups for more information.
- 2
- Enables or disables root login. Refer to Authorized Keys for more information.
- 3
- Specifies whether
ssh
is configured to accept password authentication. Refer to Set Passwords for more information. - 4
- Configures mount points; must be a list containing six values. Refer to Mounts for more information.
- 5
- Specifies whether to remove default host SSH keys. Refer to Host Keys for more information.
- 6
- Specifies key types to generate. Refer to Host Keys for more information. Note that for RHEL 8.4 and earlier, the default value of this line is
~
. - 7
cloud-init
runs at multiple stages of boot. Set this option so thatcloud-init
can log all stages to its log file. Find more information about this option in thecloud-config.txt
file in theusr/share/doc/cloud-init/examples
directory.- 8
- Enables or disables VMware vSphere customization
- 9
- The modules in this section are services that run when the
cloud-init
service starts, early in the boot process. - 10
- These modules run during
cloud-init
configuration, after initial boot. - 11
- These modules run in the final phase of
cloud-init
, after the configuration finishes. - 12
- Specifies details about the default user. Refer to Users and Groups for more information.
- 13
- Specifies the distribution
- 14
- Specifies the main directory that contains
cloud-init
-specific subdirectories. Refer to Directory layout for more information. - 15
- Specifies where templates reside
- 16
- The name of the SSH service
Additional resources
3.5. The cloud.cfg.d directory
cloud-init
acts upon directives that you provide and configure. Typically, those directives are included in the cloud.cfg.d
directory.
While you can configure modules by adding user data directives within the cloud.cfg
file, as a best practice consider leaving cloud.cfg
unmodified. Add your directives to the /etc/cloud/cloud.cfg.d
directory. Adding directives to this directory can make future modifications and upgrades easier.
There are multiple ways to add directives. You can include directives in a file named *.cfg
, which includes the heading #cloud-config
. Typically, the directory would contain multiple *cfg
files. There are other options for adding directives, for example, you can add a user data script. Refer to User-Data Formats for more information.
Additional resources
3.6. The default 05_logging.cfg file
The 05_logging.cfg
file sets logging information for cloud-init
. The /etc/cloud/cloud.cfg.d
directory includes this file, along with other cloud-init
directives that you add.
cloud-init
uses the logging configuration in 05_logging.cfg
by default. The default contents of the file for Red Hat Enterprise Linux (RHEL) are as follows:
## This yaml formatted config file handles setting ## logger information. The values that are necessary to be set ## are seen at the bottom. The top '_log' are only used to remove ## redundancy in a syslog and fallback-to-file case. ## ## The 'log_cfgs' entry defines a list of logger configs ## Each entry in the list is tried, and the first one that ## works is used. If a log_cfg list entry is an array, it will ## be joined with '\n'. _log: - &log_base | [loggers] keys=root,cloudinit [handlers] keys=consoleHandler,cloudLogHandler [formatters] keys=simpleFormatter,arg0Formatter [logger_root] level=DEBUG handlers=consoleHandler,cloudLogHandler [logger_cloudinit] level=DEBUG qualname=cloudinit handlers= propagate=1 [handler_consoleHandler] class=StreamHandler level=WARNING formatter=arg0Formatter args=(sys.stderr,) [formatter_arg0Formatter] format=%(asctime)s - %(filename)s[%(levelname)s]: %(message)s [formatter_simpleFormatter] format=[CLOUDINIT] %(filename)s[%(levelname)s]: %(message)s - &log_file | [handler_cloudLogHandler] class=FileHandler level=DEBUG formatter=arg0Formatter args=('/var/log/cloud-init.log',) - &log_syslog | [handler_cloudLogHandler] class=handlers.SysLogHandler level=DEBUG formatter=simpleFormatter args=("/dev/log", handlers.SysLogHandler.LOG_USER) log_cfgs: # Array entries in this list will be joined into a string # that defines the configuration. # # If you want logs to go to syslog, uncomment the following line. # - [ *log_base, *log_syslog ] # # The default behavior is to just log to a file. # This mechanism that does not depend on a system service to operate. - [ *log_base, *log_file ] # A file path can also be used. # - /etc/log.conf # This tells cloud-init to redirect its stdout and stderr to # 'tee -a /var/log/cloud-init-output.log' so the user can see output # there without needing to look on the console. output: {all: '| tee -a /var/log/cloud-init-output.log'}
Additional resources
3.7. The cloud-init /var/lib/cloud directory layout
When cloud-init
first runs, it creates a directory layout that includes information about your instance and cloud-init
configuration.
The directory can include optional directories, such as /scripts/vendor
.
The following is a sample directory layout for cloud-init
:
/var/lib/cloud/ - data/ - instance-id - previous-instance-id - previous-datasource - previous-hostname - result.json - set-hostname - status.json - handlers/ - instance - boot-finished - cloud-config.txt - datasource - handlers/ - obj.pkl - scripts/ - sem/ - user-data.txt - user-data.txt.i - vendor-data.txt - vendor-data.txt.i - instances/ f111ee00-0a4a-4eea-9c17-3fa164739c55/ - boot-finished - cloud-config.txt - datasource - handlers/ - obj.pkl - scripts/ - sem/ - user-data.txt - user-data.txt.i - vendor-data.txt - vendor-data.txt.i - scripts/ - per-boot/ - per-instance/ - per-once/ - vendor/ - seed/ - sem/ - config_scripts_per_once.once
Additional resources