-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathcloud-init.txt
115 lines (111 loc) · 8.28 KB
/
cloud-init.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
┏━━━━━━━━━━━━━━━━┓
┃ CLOUD-INIT ┃
┗━━━━━━━━━━━━━━━━┛
GOAL ==> #Package using init scripts specifically designed for Ubuntu images on cloud services like EC2
#By def., configure default locale, hostname, Ubuntu user, SSH keys, Mount points,
#apt-get update.
EC2 ==> #Can be set with EC2 using UserData
#Runs at first boot, but can be run at every boot by changing cloud_final_modules
#Is responsible for the metadata available at http://169.254.169.254/latest/ and /var/lib/cloud/
#Type is according to first line
#Can see log at /var/log/cloud-init[-output].log
#!... # - Script with Shabang
# - fired at rc.local level
#include[-once] #One URL per additional line
#upstart-job #Placed in /etc/init/
#cloud-config-archive #YAML OBJ to include several files according to launch-index:
# - type text/x-shellscript|etc.
# - filename STR
# - content STR
# - launch-index NUM
#cloud-boothook #Placed in /var/lib/cloud/ then run
# - might be run several times
# - first hook defined
# - use ENVVAR INSTANCE_ID
#part-handler #Python code
#ignored #For metadata not used by cloud-init
#cloud-config #Syntax is YAML:
# - VAR: VAL
# - If VAL is ARR, uses [VAL,...] or list with dashes: - VAL
# - If VAL is OBJ, uses list without dashes: VAR: VAL \n VAR2: VAL2
# - STR can have "..."
# - STR can be:
# - trailing pipe | followed by indented content
# - trailing pipe can be preceded by !!binary to signify STR is in a weird binary format
#Can be retrieved at /etc/cloud/cloud.cfg
#VAR:
# - cloud_final_modules:
# - [ "scripts-user", "always" ]: to run Cloud-init after each boot and not only first boot
# - groups { GROUP: USER_ARR }: addgroup
# - users OBJ_ARR:
# - OBJ can be "default" to mean name: Ubuntu, plain_text_passwd: 'ubuntu',
# home: /home/ubuntu, shell: /bin/bash, lock_passwd: True, gecos: Ubuntu,
# groups: [adm, audio, cdrom, dialout, floppy, video, plugdev, dip, netdev]
# - Then members are: name, gecos (real name), homedir, no-create-home BOOL, primary-group,
# groups (additional groups), no-user-group (do not create group named after user),
# selinux-user, lock-passwd BOOL (disable login), inactive BOOL,
# passwd (hash, must be created with mkpasswd --method=SHA-512 rounds=4096)
# (should avoid it and use SSH connection only, because easily crackable),
# no-log-init BOOL, system BOOL (system user, with no homedir),
# ssh-import-id STR (import SSH keys from Launchpad user),
# ssh-authorized-keys STR_ARR (add to user authorized public keys),
# sudo STR_ARR "ALL=(ALL) ALL"
# - write_files OBJ_ARR:
# - encoding "b64|gzip" (optional)
# - content STR.
# - owner USER:GROUP
# - path PATH
# - permissions "0644" (or other)
# - apt_mirror STR
# - apt_mirror_search STR_ARR
# - apt_mirror_search_dns BOOL
# - apt_proxy URL
# - apt_pipelining BOOL
# - apt_preserve_sources_list BOOL
# - packages VAL_ARR: run apt-get install. VAL can be PACKAGE_STR or [ PACKAGE_STR, VERSION ]
# - package_update BOOL (def: true): run apt-get update
# - package_upgrade BOOL (def: false): run apt-get upgrade
# - ssh_import_id STR_ARR: import SSH keys from Launchpad user
# - apt_sources OBJ:
# - source: "ppa:USER/ppa"
# - key STR (certificate PEM format), or keyid STR + filename STR
# - add_apt_repo_match REGEXP: run add-apt-repository on repos from apt-sources matching REGEXP
# - yum_repos REPO: OBJ: baseurl, enabled BOOL, failovermethod, gpgcheck BOOL,
# gpgkey file://URL, name STR
# - ssh_authorized_keys STR_ARR "ssh-rsa KEY"
# - ssh_keys:
# - rsa|dsa_private STR (PEM format)
# - rsa|dsa_public STR "ssh-rsa|dss KEY"
# - ca-certs OBJ: adds CA trusted certificates (for self-signed)
# - trusted STR (PEM format)
# - mounts ARR2_ARR where ARR2 are entries to append in /etc/fstab
# - mount_default_fields ARR2: when not specified in mounts.
# - phone_home: do a POST request
# - url URL
# - post STR_ARR (can be special variables pub_key_rsa|dsa|ecdsa or instance_id)
# - power_state: turn off:
# - mode "poweroff|halt|reboot"
# - delay "+NUM" (in mins)
# - message STR
# - timeout NUM (in secs)
# - package_reboot_if_required BOOL (def: false)
# - locale STR
# - locale_configfile PATH (def: /etc/default/locale)
# - timezone STR (must be in /usr/share/zoneinfo, e.g. US/Eastern)
# - preserve_hostname BOOL: if false, does not update /etc/hostname
# - hostname STR
# - fqdn STR
# - manage_etc_hosts BOOL (def: false):
# - If false, do nothing with /etc/hosts.
# - If true, copied from /etc/cloud/templates/hosts.tmpl (can use $hostname or $fqdn)
# - If "localhost", $fqdn will redirect to localhost
# - launch-index NUM: only if this LaunchIndex (see RunInstances())
# - chef OBJ: using Chef
# - puppet OBJ: using Puppet
# - rsyslog OBJ
# - bootcmd|runcmd: VAL_ARR:
# - array of [ command, arguments,... ] or plain STR
# - on first boot or any boot
# - final_message STR: final cloud-init-output.log line. Can contain $TIMESTAMP or $UPTIME
# - output OBJ:
# - all "| tee -a /var/log/cloud-init-output.log": Cloud-init output logs