雲平臺openstack中,cloudinit安裝、使用
cloudinit是專為雲環境中虛擬機器的初始化而開發的工具,它從各種資料來源讀取相關資料並據此對虛擬機器進行配置。常見的資料來源包括:雲平臺的metadata服務、ConfigDrive等,常見的配置包括:設定虛擬機器的hostname、hosts檔案、設定使用者名稱密碼、更新apt -get的本地快取、調整檔案系統的大小(注意不是調整分割槽的大小)等。
本文在openstack下進行測試。
(1)安裝
centos 6.4和ubuntu server 12.04的官方源中已經包含cloudinit,直接採用yum 或者 apt -get安裝即可
原始碼地址:https://launchpad.net/cloud-init
(2)配置
配置檔案/etc/cloud/cloud.cfg
user: root disable_root: 0 manage_etc_hosts: True preserve_hostname: False cloud_init_modules: - bootcmd - resizefs - set_hostname - update_hostname - update_etc_hosts - ca-certs - rsyslog - ssh cloud_config_modules: - mounts - ssh-import-id - locale - set-passwords - grub-dpkg - landscape - timezone - puppet - chef - salt-minion - mcollective - disable-ec2-metadata - runcmd - byobu cloud_final_modules: - rightscale_userdata - scripts-per-once - scripts-per-boot - scripts-per-instance - scripts-user - keys-to-console - phone-home - final-message
配置檔案大致分為兩部分,開頭的變數/引數定義部分、後邊要執行的模組列表(包括三大類cloud_init_modules、cloud_config_modules、cloud_final_modules)。
各模組在執行時,會根據之前定義的變數/引數的值,配置虛擬機器的狀態。
這裡舉一個簡單的例子,update_etc_hosts模組(原始檔:/usr/lib/python2.7/dist-packages/cloudinit/CloudConfig/cc_update_etc_hosts.py)
顧名思義,該模組用來設定主機的hosts檔案,其中就用到了hostname、fqdn、manage_etc_hosts等變數的值。模組首先嚐試從cloudinit的配置檔案中讀取這些變數的值,如果沒有定義,則嘗試從其他的資料來源中獲取變數的值,例如對於openstac來講,可以從metadata service(
(3)執行流程
cloudinit會在虛擬機器啟動的過程中分四個階段執行,按照時間順序分為:cloud-init-local, cloud-init, cloud-config, cloud-final,例如對於centos:
cloud-init-local階段主要是執行本地的一些初始化指令碼(快取下來的指令碼??)
cloud-init階段執行配置檔案中名為cloud_init_modules下的所有模組,如果模組列表為空,則什麼都不執行。其他兩個階段類似,就不介紹了。
分階段執行的必要性在於,有些模組的執行對系統當前的狀態會有要求(比如網路ready、檔案系統掛載over),因此cloudinit抽象出了四個階段,編寫自己的初始化模組時可以根據情況歸入不同的階段。
另外,模組有多種執行模式,包括per-once、per-instance、per-always,對於模式為per-once的模組,一旦執行完畢會在一個名為sem的目錄中建立一個訊號檔案,從而防止模組的在下次啟動時重複執行。
(4)實戰
控制cloudinit配置行為的方式有兩種:cloudinit的配置檔案(/etc/cloud/cloud.cfg)和資料來源(如openstack及ec2中的userdata)
這裡我們採用Mime Mult Part Archive的檔案格式,包含了四種具體的格式(cloud-config、include file、boothook、以及userscript)
Content-Type: multipart/mixed; boundary="===============2197920354430400835==" MIME-Version: 1.0 --===============2197920354430400835== Content-Type: text/cloud-config; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="cloudconfig.txt" #cloud-config runcmd: - touch /root/cloudconfig - source: "ppa:smoser/ppa" --===============2197920354430400835== Content-Type: text/x-include-url; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="includefile.txt" # these urls will be read pulled in if they were part of user-data # comments are allowed. The format is one url per line http://www.ubuntu.com/robots.txt --===============2197920354430400835== Content-Type: text/cloud-boothook; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="boothook.txt" #!/bin/sh echo "Hello World!" --===============2197920354430400835== Content-Type: text/x-shellscript; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="userscript.txt" #!/usr/bin/perl print "This is a user script (rc.local)\n" --===============2197920354430400835==--
cloudinit從資料來源中拿到該userdata後,首先會對其進行切分,並分別供各模組處理。例如抽取cloud-config部分,如:
userscript部分
cloudinit中所有的模組都放在/usr/lib/python2.7/dist-packages/cloudinit/CloudConfig/下,具體用法可以直接研究程式碼或者參考http://cloudinit.readthedocs.org/en/latest/index.html
這裡需要特別提到的一個模組是scripts-user,該模組負責執行userdata中的user scripts內容以及其他模組(如runcmd)生成的指令碼,因此cloudinit的配置檔案將其放在了cloud_final_modules階段的近乎最後。
(5)思考
為了解決雲平臺中的初始化問題,人們設計了cloudinit,它駐留在虛擬機器中,隨機啟動,根據配置檔案和雲平臺提供的userdata進行相關配置,目前支援多種檔案內容格式,包括單純的使用者指令碼,引入的cloud-config、include file等。cloudinit其實就是駐留在虛擬機器中的一個agent,唯一不同的是它僅僅在系統啟動時執行,不會常駐系統。假稍作修改,cloudinit其實也可以作為虛擬機器的agent,能做的就不僅僅是初始化了。例如,可以批量配置虛擬機器(安裝軟體,更新系統,修改密碼等),可以作為監控的agent等。
cloudinit的典型配置:http://xebia-france.googlecode.com/svn/training/xebia-spring-travel/trunk/xebia-spring-travel-amazon-aws/src/main/scripts/cloud-config-sample.txt
#cloud-config
# Update apt database on first boot
# (ie run apt-get update)
#
# Default: true
#
apt_update: false
# Upgrade the instance on first boot
# (ie run apt-get upgrade)
#
# Default: false
#
apt_upgrade: true
# Add apt repositories
#
# Default: auto select based on cloud metadata
# in ec2, the default is <region>.archive.ubuntu.com
apt_mirror: http://us.archive.ubuntu.com/ubuntu/
# Preserve existing /etc/apt/sources.list
# Default: overwrite sources_list with mirror. If this is true
# then apt_mirror above will have no effect
apt_preserve_sources_list: true
apt_sources:
- source: "deb http://ppa.launchpad.net/byobu/ppa/ubuntu karmic main"
keyid: F430BBA5 # GPG key ID published on a key server
filename: byobu-ppa.list
# PPA shortcut:
# * Setup correct apt sources.list line
# * Import the signing key from LP
#
# See https://help.launchpad.net/Packaging/PPA for more information
# this requires 'add-apt-repository'
- source: "ppa:smoser/ppa" # Quote the string
# Custom apt repository:
# * all that is required is 'source'
# * Creates a file in /etc/apt/sources.list.d/ for the sources list entry
# * [optional] Import the apt signing key from the keyserver
# * Defaults:
# + keyserver: keyserver.ubuntu.com
# + filename: cloud_config_sources.list
#
# See sources.list man page for more information about the format
- source: deb http://archive.ubuntu.com/ubuntu karmic-backports main universe multiverse restricted
# sources can use $MIRROR and $RELEASE and they will be replaced
# with the local mirror for this cloud, and the running release
# the entry below would be possibly turned into:
# - source: deb http://us-east-1.ec2.archive.ubuntu.com/ubuntu natty multiverse
- source: deb $MIRROR $RELEASE multiverse
# this would have the same end effect as 'ppa:byobu/ppa'
- source: "deb http://ppa.launchpad.net/byobu/ppa/ubuntu karmic main"
keyid: F430BBA5 # GPG key ID published on a key server
filename: byobu-ppa.list
# Custom apt repository:
# * The apt signing key can also be specified
# by providing a pgp public key block
# * Providing the PBG key here is the most robust method for
# specifying a key, as it removes dependency on a remote key server
- source: deb http://ppa.launchpad.net/alestic/ppa/ubuntu karmic main
key: | # The value needs to start with -----BEGIN PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.0.10
mI0ESpA3UQEEALdZKVIMq0j6qWAXAyxSlF63SvPVIgxHPb9Nk0DZUixn+akqytxG4zKCONz6
qLjoBBfHnynyVLfT4ihg9an1PqxRnTO+JKQxl8NgKGz6Pon569GtAOdWNKw15XKinJTDLjnj
9y96ljJqRcpV9t/WsIcdJPcKFR5voHTEoABE2aEXABEBAAG0GUxhdW5jaHBhZCBQUEEgZm9y
IEFsZXN0aWOItgQTAQIAIAUCSpA3UQIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEA7H
5Qi+CcVxWZ8D/1MyYvfj3FJPZUm2Yo1zZsQ657vHI9+pPouqflWOayRR9jbiyUFIn0VdQBrP
t0FwvnOFArUovUWoKAEdqR8hPy3M3APUZjl5K4cMZR/xaMQeQRZ5CHpS4DBKURKAHC0ltS5o
uBJKQOZm5iltJp15cgyIkBkGe8Mx18VFyVglAZey
=Y2oI
-----END PGP PUBLIC KEY BLOCK-----
# Install additional packages on first boot
#
# Default: none
#
# if packages are specified, this apt_update will be set to true
#
packages:
- pwgen
- pastebinit
# set up mount points
# 'mounts' contains a list of lists
# the inner list are entries for an /etc/fstab line
# ie : [ fs_spec, fs_file, fs_vfstype, fs_mntops, fs-freq, fs_passno ]
#
# default:
# mounts:
# - [ ephemeral0, /mnt ]
# - [ swap, none, swap, sw, 0, 0 ]
#
# in order to remove a previously listed mount (ie, one from defaults)
# list only the fs_spec. For example, to override the default, of
# mounting swap:
# - [ swap ]
# or
# - [ swap, null ]
#
# - if a device does not exist at the time, an entry will still be
# written to /etc/fstab.
# - '/dev' can be ommitted for device names that begin with: xvd, sd, hd, vd
# - if an entry does not have all 6 fields, they will be filled in
# with values from 'mount_default_fields' below.
#
# Note, that you should set 'nobootwait' (see man fstab) for volumes that may
# not be attached at instance boot (or reboot)
#
mounts:
- [ ephemeral0, /mnt, auto, "defaults,noexec" ]
- [ sdc, /opt/data ]
- [ xvdh, /opt/data, "auto", "defaults,nobootwait", "0", "0" ]
- [ dd, /dev/zero ]
# mount_default_fields
# These values are used to fill in any entries in 'mounts' that are not
# complete. This must be an array, and must have 7 fields.
mount_default_fields: [ None, None, "auto", "defaults,nobootwait", "0", "2" ]
# add each entry to ~/.ssh/authorized_keys for the configured user
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEA3FSyQwBI6Z+nCSjUUk8EEAnnkhXlukKoUPND/RRClWz2s5TCzIkd3Ou5+Cyz71X0XmazM3l5WgeErvtIwQMyT1KjNoMhoJMrJnWqQPOt5Q8zWd9qG7PBl9+eiH5qV7NZ [email protected]
- ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3I7VUf2l5gSn5uavROsc5HRDpZdQueUq5ozemNSj8T7enqKHOEaFoU2VoPgGEWC9RyzSQVeyD6s7APMcE82EtmW4skVEgEGSbDc1pvxzxtchBj78hJP6Cf5TCMFSXw+Fz5rF1dR23QDbN1mkHs7adr8GW4kSWqU7Q7NDwfIrJJtO7Hi42GyXtvEONHbiRPOe8stqUly7MvUoN+5kfjBM8Qqpfl2+FNhTYWpMfYdPUnE7u536WqzFmsaqJctz3gBxH9Ex7dFtrxR4qiqEr9Qtlu3xGn7Bw07/+i1D+ey3ONkZLN+LQ714cgj8fRS4Hj29SCmXp5Kt5/82cD/VN3NtHw== [email protected]
# Send pre-generated ssh private keys to the server
# If these are present, they will be written to /etc/ssh and
# new random keys will not be generated
ssh_keys:
rsa_private: |
-----BEGIN RSA PRIVATE KEY-----
MIIBxwIBAAJhAKD0YSHy73nUgysO13XsJmd4fHiFyQ+00R7VVu2iV9Qcon2LZS/x
1cydPZ4pQpfjEha6WxZ6o8ci/Ea/w0n+0HGPwaxlEG2Z9inNtj3pgFrYcRztfECb
1j6HCibZbAzYtwIBIwJgO8h72WjcmvcpZ8OvHSvTwAguO2TkR6mPgHsgSaKy6GJo
PUJnaZRWuba/HX0KGyhz19nPzLpzG5f0fYahlMJAyc13FV7K6kMBPXTRR6FxgHEg
L0MPC7cdqAwOVNcPY6A7AjEA1bNaIjOzFN2sfZX0j7OMhQuc4zP7r80zaGc5oy6W
p58hRAncFKEvnEq2CeL3vtuZAjEAwNBHpbNsBYTRPCHM7rZuG/iBtwp8Rxhc9I5w
ixvzMgi+HpGLWzUIBS+P/XhekIjPAjA285rVmEP+DR255Ls65QbgYhJmTzIXQ2T9
luLvcmFBC6l35Uc4gTgg4ALsmXLn71MCMGMpSWspEvuGInayTCL+vEjmNBT+FAdO
W7D4zCpI43jRS9U06JVOeSc9CDk2lwiA3wIwCTB/6uc8Cq85D9YqpM10FuHjKpnP
REPPOyrAspdeOAV+6VKRavstea7+2DZmSUgE
-----END RSA PRIVATE KEY-----
rsa_public: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEAoPRhIfLvedSDKw7XdewmZ3h8eIXJD7TRHtVW7aJX1ByifYtlL/HVzJ09nilCl+MSFrpbFnqjxyL8Rr/DSf7QcY/BrGUQbZn2Kc22PemAWthxHO18QJvWPocKJtlsDNi3 [email protected]
dsa_private: |
-----BEGIN DSA PRIVATE KEY-----
MIIBuwIBAAKBgQDP2HLu7pTExL89USyM0264RCyWX/CMLmukxX0Jdbm29ax8FBJT
pLrO8TIXVY5rPAJm1dTHnpuyJhOvU9G7M8tPUABtzSJh4GVSHlwaCfycwcpLv9TX
DgWIpSj+6EiHCyaRlB1/CBp9RiaB+10QcFbm+lapuET+/Au6vSDp9IRtlQIVAIMR
8KucvUYbOEI+yv+5LW9u3z/BAoGBAI0q6JP+JvJmwZFaeCMMVxXUbqiSko/P1lsa
LNNBHZ5/8MOUIm8rB2FC6ziidfueJpqTMqeQmSAlEBCwnwreUnGfRrKoJpyPNENY
d15MG6N5J+z81sEcHFeprryZ+D3Ge9VjPq3Tf3NhKKwCDQ0240aPezbnjPeFm4mH
bYxxcZ9GAoGAXmLIFSQgiAPu459rCKxT46tHJtM0QfnNiEnQLbFluefZ/yiI4DI3
8UzTCOXLhUA7ybmZha+D/csj15Y9/BNFuO7unzVhikCQV9DTeXX46pG4s1o23JKC
/QaYWNMZ7kTRv+wWow9MhGiVdML4ZN4XnifuO5krqAybngIy66PMEoQCFEIsKKWv
99iziAH0KBMVbxy03Trz
-----END DSA PRIVATE KEY-----
dsa_public: ssh-dss AAAAB3NzaC1kc3MAAACBAM/Ycu7ulMTEvz1RLIzTbrhELJZf8Iwua6TFfQl1ubb1rHwUElOkus7xMhdVjms8AmbV1Meem7ImE69T0bszy09QAG3NImHgZVIeXBoJ/JzByku/1NcOBYilKP7oSIcLJpGUHX8IGn1GJoH7XRBwVub6Vqm4RP78C7q9IOn0hG2VAAAAFQCDEfCrnL1GGzhCPsr/uS1vbt8/wQAAAIEAjSrok/4m8mbBkVp4IwxXFdRuqJKSj8/WWxos00Ednn/ww5QibysHYULrOKJ1+54mmpMyp5CZICUQELCfCt5ScZ9GsqgmnI80Q1h3Xkwbo3kn7PzWwRwcV6muvJn4PcZ71WM+rdN/c2EorAINDTbjRo97NueM94WbiYdtjHFxn0YAAACAXmLIFSQgiAPu459rCKxT46tHJtM0QfnNiEnQLbFluefZ/yiI4DI38UzTCOXLhUA7ybmZha+D/csj15Y9/BNFuO7unzVhikCQV9DTeXX46pG4s1o23JKC/QaYWNMZ7kTRv+wWow9MhGiVdML4ZN4XnifuO5krqAybngIy66PMEoQ= [email protected]
# remove access to the ec2 metadata service early in boot via null route
# the null route can be removed (by root) with:
# route del -host 169.254.169.254 reject
# default: false (service available)
disable_ec2_metadata: true
# run commands
# default: none
# runcmd contains a list of either lists or a string
# each item will be executed in order at rc.local like level with
# output to the console
# - if the item is a list, the items will be properly executed as if
# passed to execve(3) (with the first arg as the command).
# - if the item is a string, it will be simply written to the file and
# will be interpreted by 'sh'
#
# Note, that the list has to be proper yaml, so you have to escape
# any characters yaml would eat (':' can be problematic)
runcmd:
- [ ls, -l, / ]
- [ sh, -xc, "echo $(date) ': hello world!'" ]
- [ sh, -c, echo "=========hello world'=========" ]
- ls -l /root
- [ wget, "http://slashdot.org", -O, /tmp/index.html ]
# boot commands
# default: none
# this is very similar to runcmd above, but commands run very early
# in the boot process, only slightly after a 'boothook' would run.
# bootcmd should really only be used for things that could not be
# done later in the boot process. bootcmd is very much like
# boothook, but possibly with more friendly
bootcmd:
- echo 192.168.1.130 us.archive.ubuntu.com > /etc/hosts
# cloud_config_modules:
# default:
# cloud_config_modules:
# - mounts
# - ssh
# - apt-update-upgrade
# - puppet
# - updates-check
# - disable-ec2-metadata
# - runcmd
#
# This is an array of arrays or strings.
# if item is a string, then it is read as a module name
# if the item is an array it is of the form:
# name, frequency, arguments
# where 'frequency' is one of:
# once-per-instance
# always
# a python file in the CloudConfig/ module directory named
# cc_<name>.py
# example:
cloud_config_modules:
- mounts
- ssh-import-id
- ssh
- grub-dpkg
- [ apt-update-upgrade, always ]
- puppet
- updates-check
- disable-ec2-metadata
- runcmd
- byobu
# ssh_import_id: [ user1, user2 ]
# ssh_import_id will feed the list in that variable to
# ssh-import-id, so that public keys stored in launchpad
# can easily be imported into the configured user
# This can be a single string ('smoser') or a list ([smoser, kirkland])
ssh_import_id: [smoser]
# Provide debconf answers
#
# See debconf-set-selections man page.
#
# Default: none
#
debconf_selections: | # Need to perserve newlines
# Force debconf priority to critical.
debconf debconf/priority select critical
# Override default frontend to readline, but allow user to select.
debconf debconf/frontend select readline
debconf debconf/frontend seen false
# manage byobu defaults
# byobu_by_default:
# 'user' or 'enable-user': set byobu 'launch-by-default' for the default user
# 'system' or 'enable-system' or 'enable':
# enable 'launch-by-default' for all users, do not modify default user
# 'disable': disable both default user and system
# 'disable-system': disable system
# 'disable-user': disable for default user
# not-set: no changes made
byobu_by_default: system
# disable ssh access as root.
# if you want to be able to ssh in to the system as the root user
# rather than as the 'ubuntu' user, then you must set this to false
# default: true
disable_root: false
# disable_root_opts: the value of this variable will prefix the
# respective key in /root/.ssh/authorized_keys if disable_root is true
# see 'man authorized_keys' for more information on what you can do here
#
# The string '$USER' will be replaced with the username of the default user
#
# disable_root_opts: no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"$USER\" rather than the user \"root\".';echo;sleep 10"
# set the locale to a given locale
# default: en_US.UTF-8
locale: en_US.UTF-8
# add entries to rsyslog configuration
# The first occurance of a given filename will truncate.
# subsequent entries will append.
# if value is a scalar, its content is assumed to be 'content', and the
# default filename is used.
# if filename is not provided, it will default to 'rsylog_filename'
# if filename does not start with a '/', it will be put in 'rsyslog_dir'
# rsyslog_dir default: /etc/rsyslog.d
# rsyslog_filename default: 20-cloud-config.conf
rsyslog:
- ':syslogtag, isequal, "[CLOUDINIT]" /var/log/cloud-foo.log'
- content: "*.* @@192.0.2.1:10514"
- filename: 01-examplecom.conf
content: |
*.* @@syslogd.example.com
# resize_rootfs should the / filesytem be resized on first boot
# this allows you to launch an instance with a larger disk / partition
# and have the instance automatically grow / to accomoddate it
# set to 'False' to disable
resize_rootfs: True
# if hostname is set, cloud-init will set the system hostname
# appropriately to its value
# if not set, it will set hostname from the cloud metadata
# default: None
# final_message
# default: cloud-init boot finished at $TIMESTAMP. Up $UPTIME seconds
# this message is written by cloud-final when the system is finished
# its first boot
final_message: "The system is finally up, after $UPTIME seconds"
# configure where output will go
# 'output' entry is a dict with 'init', 'config', 'final' or 'all'
# entries. Each one defines where
# cloud-init, cloud-config, cloud-config-final or all output will go
# each entry in the dict can be a string, list or dict.
# if it is a string, it refers to stdout and stderr
# if it is a list, entry 0 is stdout, entry 1 is stderr
# if it is a dict, it is expected to have 'output' and 'error' fields
# default is to write to console only
# the special entry "&1" for an error means "same location as stdout"
# (Note, that '&1' has meaning in yaml, so it must be quoted)
output:
init: "> /var/log/my-cloud-init.log"
config: [ ">> /tmp/foo.out", "> /tmp/foo.err" ]
final:
output: "| tee /tmp/final.stdout | tee /tmp/bar.stdout"
error: "&1"
# phone_home: if this dictionary is present, then the phone_home
# cloud-config module will post specified data back to the given
# url
# default: none
# phone_home:
# url: http://my.foo.bar/$INSTANCE/
# post: all
# tries: 10
#
phone_home:
url: http://my.example.com/$INSTANCE_ID/
post: [ pub_key_dsa, pub_key_rsa, instance_id ]
# timezone: set the timezone for this instance
# the value of 'timezone' must exist in /usr/share/zoneinfo
timezone: US/Eastern
# def_log_file and syslog_fix_perms work together
# if
# - logging is set to go to a log file 'L' both with and without syslog
# - and 'L' does not exist
# - and syslog is configured to write to 'L'
# then 'L' will be initially created with root:root ownership (during
# cloud-init), and then at cloud-config time (when syslog is available)
# the syslog daemon will be unable to write to the file.
#
# to remedy this situation, 'def_log_file' can be set to a filename
# and syslog_fix_perms to a string containing "<user>:<group>"
#
# the default values are '/var/log/cloud-init.log' and 'syslog:adm'
# the value of 'def_log_file' should match what is configured in logging
# if either is empty, then no change of ownership will be done
def_log_file: /var/log/my-logging-file.log
syslog_fix_perms: syslog:root
# you can set passwords for a user or multiple users
# this is off by default.
# to set the default user's password, use the 'password' option.
# if set, to 'R' or 'RANDOM', then a random password will be
# generated and written to stdout (the console)
# password: passw0rd
#
# also note, that this will expire the password, forcing a change
# on first login. If you do not want to expire, see 'chpasswd' below.
#
# By default in the UEC images password authentication is disabled
# Thus, simply setting 'password' as above will only allow you to login
# via the console.
#
# in order to enable password login via ssh you must set
# 'ssh_pwauth'.
# If it is set, to 'True' or 'False', then sshd_config will be updated
# to ensure the desired function. If not set, or set to '' or 'unchanged'
# then sshd_config will not be updated.
# ssh_pwauth: True
#
# there is also an option to set multiple users passwords, using 'chpasswd'
# That looks like the following, with 'expire' set to 'True' by default.
# to not expire users passwords, set 'expire' to 'False':
# chpasswd:
# list: |
# user1:password1
# user2:RANDOM
# expire: True
# ssh_pwauth: [ True, False, "" or "unchanged" ]
#
# So, a simple working example to allow login via ssh, and not expire
# for the default user would look like:
password: passw0rd
chpasswd: { expire: False }
ssh_pwauth: True
# manual cache clean.
# By default, the link from /var/lib/cloud/instance to
# the specific instance in /var/lib/cloud/instances/ is removed on every
# boot. The cloud-init code then searches for a DataSource on every boot
# if your DataSource will not be present on every boot, then you can set
# this option to 'True', and maintain (remove) that link before the image
# will be booted as a new instance.
# default is False
manual_cache_clean: False
# if you wish to have /etc/hosts written from /etc/cloud/templates/hosts.tmpl
# on a per-always basis (to account for ebs stop/start), then set
# manage_etc_hosts to True. The default is 'False'
manage_etc_hosts: False
# When cloud-init is finished running including having run
# cloud_init_modules, then it will run this command. The default
# is to emit an upstart signal as shown below. If the value is a
# list, it will be passed to Popen. If it is a string, it will be
# invoked through 'sh -c'.
#
# default value:
# cc_ready_cmd: [ initctl, emit, cloud-config, CLOUD_CFG=/var/lib/instance//cloud-config.txt ]
# example:
# cc_ready_cmd: [ sh, -c, 'echo HI MOM > /tmp/file' ]
相關推薦
雲平臺openstack中,cloudinit安裝、使用
cloudinit是專為雲環境中虛擬機器的初始化而開發的工具,它從各種資料來源讀取相關資料並據此對虛擬機器進行配置。常見的資料來源包括:雲平臺的metadata服務、ConfigDrive等,常見的配置包括:設定虛擬機器的hostname、hosts檔案、設定使用者名稱密
在雲計算時代中,深度解析桌面雲aDesk
桌面雲對於桌面雲虛擬化,不少人仍舊覺得這是一個高深莫測的技術,而諸如服務器虛擬化、雲、桌面虛擬化等各種專業術語,也常常把人繞得雲裏霧裏。但事實上,桌面雲的概念並非那麽復雜,中亞矽谷桌面雲產品aDesk,就闡述了桌面雲產品的“簡化”概念。企業信息化建設過程中,到目前為止國內客戶幾乎還是采用傳統PC的辦公模式,越
SAP雲平臺CloudFoundry中的用戶自定義變量
SAP cloud cloud-foundry 環境變量 CloudFoundry應用的manifest.xml裏的env區域,允許用戶自定義變量,如下圖5個變量所示。使用cf push部署到CloudFoundry之後,在SAP Cloud Platform Cockpit的User-Pro
Oracle啟動中,spfile.ora、init<SID>.ora、spfile<SID>.ora 這三個文件正確的先後順序是什麽?
nbsp tar acl 命令 spfile 缺省 start spf 解答 Oracle啟動中,spfile.ora、init<SID>.ora、spfile<SID>.ora 這三個文件正確的先後順序是什麽? 解答:啟動數據庫,使用start
VM之Linux:Linux的Ubuntu中,解決安裝後螢幕太小的問題
1.操作環境 vmware14Pro ubuntu 16.04LTS 2.問題描述 在使用vmware14Pro安裝ubuntu 16.04LTS系統後,螢幕始終比較小,無法根據vmware的變化而變化。 3.問題原因 問題在於未設定vmware的選單選項或者未安裝vmwar
ubuntu中,新增安裝的軟體的桌面快捷方式
Linux 系統中的Desktop Entry 檔案以desktop為字尾名。Desktop Entry 檔案是 Linux 桌面系統中用於描述程式啟動配置資訊的檔案。此文是以ubuntu16.04為作業系統。整體可以分為以下幾個步驟: (1)新建檔案 所有的軟體圖示都在usr/sha
PHP開發搭建環境,PhpStorm安裝、免費啟用配置,XAMPP安裝配置
關於php的開發工具很多,目前市面上最好用最強大的莫過於PhpStorm這款開發神器了,但是鑑於很多開發者朋友在網站上下載的PhpStorm開發工具不能用,或者使用起來很不方便,筆者把最好用的下載地址及免費啟用教程共享出來。 一、安裝並配置PHP伺服器套件XAMPP整合環境,點選連結檢視
Scala環境安裝,JDK安裝、編寫HelloScala程式
因為Scala是執行在JVM平臺上的,所以安裝Scala之前要安裝JDK Scala安裝,編寫HelloScala程式 1、 系統環境安裝 第一步:下載Scala地址https://downloads.lightbend.com/scala/2.11.12/scala-2
【小卒ubantu使用】ubantu環境下的.egg檔案是什麼,如何安裝、解除安裝、使用詳解
egg的英文意思是蛋,俗稱蟒蛇的蛋,python的egg檔案有點像java中的jar檔案,是一個工程包檔案,便於安裝部署 如何製作egg檔案呢?see官方文件http://peak.telecommunity.com/De
平臺執行中,資料庫如何平滑升級
一、問題的提出 網際網路有很多“資料量較大,併發量較大,業務複雜度較高”的業務場景,其典型系統分層架構如下: (1)上游是業務層biz,實現個性化的業務邏輯 (2)中游是服務層service,封裝資料訪問 (3)下游是資料層db,儲存固化的業務資料 服務化
如何建立雲平臺聊天系統,如何解決訊息推送困難問題
聊天業務描述: 使用者1發起聊天,將聊天資訊傳送到伺服器,伺服器將資訊轉發到使用者2 需要解決的問題: 1.如何判斷使用者是否線上(通過使用者滑鼠點選範圍進行判斷,若點選離開頁面則認為使用者的關注點不
IntelliJ IDEA中Maven的安裝、配置
最近在整理關於Maven的一些筆記,以前都是用的eclipse,現在因為習慣了JetBrains的編譯器使用,所以現在記錄一下關於在IntelliJ IDEA中Maven的安裝、配置。 什麼是Maven請參考:Maven通俗講解,這篇文章寫的挺好的,我這裡就不在贅述,只是簡單寫一下怎麼配置。
MySQL/InnoDB中,樂觀鎖、悲觀鎖、共享鎖、排它鎖、行鎖、表鎖、死鎖概念的理解
MySQL/InnoDB的加鎖,一直是一個面試中常問的話題。例如,資料庫如果有高併發請求,如何保證資料完整性?產生死鎖問題如何排查並解決?我在工作過程中,也會經常用到,樂觀鎖,排它鎖,等。於是今天就對這幾個概念進行學習,屢屢思路,記錄一下。 注:MySQL是一
解決魅族MX5解除安裝debug-app不乾淨,導致安裝、升級不成功的問題
環境:魅族MX5,Android 5.1 問題:開發app使用真機除錯後,在桌面上拖動圖示解除安裝app-debug.apk,然後安裝簽名版本的app-release.apk提示替換xxx版本,按確定後提示不相容,安裝失敗。 分析:已經先解除安裝再安裝,按道理應該不會提示替換xxx,肯定
javascript中,substr | slice、substring的區別
假如有一種資料,格式為 平年2018/12/12 08:51PM,如何獲取字串2018/12/12 08:51 const str = '平年2018/12/12 08:51PM'; // '2018/12/12 08:51'.length === 16 // 第一種 slic
Linux中Nginx編譯安裝、解除安裝並新增到service中
nginx解除安裝 刪除相應資料夾和自啟動即可 nginx安裝: tar zxvf nginx-1.12.1.tar.gz 更改資料夾名稱為nginx cd nginx ./configure make make install 覆蓋二進位制檔案:cp
開發環境配置-eclipse中git的安裝、配置與使用-4
1、eclipse自帶git,如果需要替換可先刪除,然後通過以下兩種操作方式中的一種進項安裝: Help->Eclipse MarketPlace->輸入egit進行查詢和安裝 Help->Install New SoftWare->
Ubuntu中sendmail的安裝、配置
因為專案需要一個郵件伺服器功能,用已有的企業郵箱又有各種限制,就來搗鼓了下和這個相關的一些東西。一般是有好幾個選擇,比如Postfix,sendmail,qmail,第一個我之前用過,但是專案需求只有發郵件,也不知怎的就選擇了sendmail,事實證明還是不要
Ubuntu 中軟體的安裝、解除安裝以及檢視的方法總結
apt-cache search # ------(package 搜尋包)apt-cache show #------(package 獲取包的相關資訊,如說明、大小、版本等)apt-get install # ------(package 安裝包)apt-get install # -----(packa
sysbench,HammerDB 安裝、使用和測試
sysbench sysbench是一個開源的、模組化的、跨平臺的多執行緒效能測試工具,可以用來進行CPU、記憶體、磁碟I/O、執行緒、資料庫的效能測試。目前支援的資料庫有MySQL、Oracle和PostgreSQL。當前功能允許測試的系統引數有: