Chapter 3. Red Hat support for cloud-init

Red Hat supports the cloud-init utility, cloud-init modules, and default directories and files across various Red Hat products.

3.1. cloud-init significant directories and files

By using directories and files in the following table, you can perform tasks such as:

  • Configuring cloud-init
  • Finding information about your configuration after cloud-init has run
  • Examining log files
  • Finding templates

Depending on your scenario and datasource, there can be additional files and directories important to your configuration.

Table 3.1. cloud-init directories and files

Directory or FileDescription

/etc/cloud/cloud.cfg

The cloud.cfg file includes the basic cloud-init configuration and lets you know in what phase each module runs.

/etc/cloud/cloud.cfg.d

The cloud.cfg.d directory is where you can add additional directives for cloud-init.

/var/lib/cloud

When cloud-init runs, it creates a directory layout under /var/lib/cloud. The layout includes directories and files that give specifics on your instance configuration.

/usr/share/doc/cloud-init/examples

The examples directory includes multiple examples. You can use them to help model your own directives.

/etc/cloud/templates

This directory includes templates that you can enable in cloud-init for certain scenarios. The templates provide direction for enabling.

/var/log/cloud-init.log

The cloud-init.log file provides log information helpful for debugging.

/run/cloud-init

The /run/cloud-init directory includes logged information about your datasource and the ds-identify script.

3.2. Red Hat products that use cloud-init

You can use cloud-init with these Red Hat products:

3.3. Red Hat supports these cloud-init modules

Red Hat supports most cloud-init modules. Individual modules can contain multiple configuration options. In the following table, you can find all of the cloud-init modules that Red Hat currently supports and provides a brief description and the default module frequency. Refer to Modules in the cloud-init Documentation section for complete descriptions and options for these modules.

Table 3.2. Supported cloud-init modules

cloud-init ModuleDescriptionDefault Module Frequency

bootcmd

Runs commands early in the boot process

per always

ca_certs

Adds CA certificates

per instance

debug

Enables or disables output of internal information to assist with debugging

per instance

disable_ec2_metadata

Enables or disables the AWS EC2 metadata

per always

disk_setup

Configures simple partition tables and file systems

per instance

final_message

Specifies the output message once cloud-init completes

per always

foo

Example shows module structure (Module does nothing)

per instance

growpart

Resizes partitions to fill the available disk space

per always

keys_to_console

Allows controls of fingerprints and keys that can be written to the console

per instance

landscape

Installs and configures a landscape client

per instance

locale

Configures the system locale and applies it system-wide

per instance

mcollective

Installs, configures, and starts mcollective

per instance

migrator

Moves old versions of cloud-init to newer versions

per always

mounts

Configures mount points and swap files

per instance

phone_home

Posts data to a remote host after boot completes

per instance

power_state_change

Completes shutdown and reboot after all configuration modules have run

per instance

puppet

Installs and configures puppet

per instance

resizefs

Resizes a file system to use all available space on a partition

per always

resolv_conf

Configures resolv.conf

per instance

rh_subscription

Registers a Red Hat Enterprise Linux system

per instance

rightscale_userdata

Adds support for RightScale configuration hooks to cloud-init

per instance

rsyslog

Configures remote system logging using rsyslog

per instance

runcmd

Runs arbitrary commands

per instance

salt_minion

Installs, configures, and starts salt minion

per instance

scripts_per_boot

Runs per boot scripts

per always

scripts_per_instance

Runs per instance scripts

per instance

scripts_per_once

Runs scripts once

per once

scripts_user

Runs user scripts

per instance

scripts_vendor

Runs vendor scripts

per instance

seed_random

Provides random seed data

per instance

set_hostname

Sets host name and fully qualified domain name (FQDN)

per always

set_passwords

Sets user passwords and enables or disables SSH password authentication

per instance

ssh_authkey_fingerprints

Logs fingerprints of user SSH keys

per instance

ssh_import_id

Imports SSH keys

per instance

ssh

Configures SSH, and host and authorized SSH keys

per instance

timezone

Sets the system time zone

per instance

update_etc_hosts

Updates /etc/hosts

per always

update_hostname

Updates host name and FQDN

per always

users_groups

Configures users and groups

per instance

write_files

Writes arbitrary files

per instance

yum_add_repo

Adds yum repository configuration to the system

per always

The following list of modules is not supported by Red Hat:

Table 3.3. Modules not supported

Module

apt_configure

apt_pipeline

byobu

chef

emit_upstart

grub_dpkg

ubuntu_init_switch

3.4. The default cloud.cfg file

The /etc/cloud/cloud.cfg file lists the modules comprising the basic configuration for cloud-init.

The modules in the file are the default modules for cloud-init. You can configure the modules for your environment or remove modules you do not need. Modules that are included in cloud.cfg do not necessarily do anything by being listed in the file. You need to configure them individually if you want them to perform actions during one of the cloud-init phases.

The cloud.cfg file provides the chronology for running individual modules. You can add additional modules to cloud.cfg as long as Red Hat supports the modules you want to add.

The default contents of the file for Red Hat Enterprise Linux (RHEL) are as follows:

Note
  • Modules run in the order given in cloud.cfg. You typically do not change this order.
  • The cloud.cfg directives can be overridden by user data.
  • When running cloud-init manually, you can override cloud.cfg with command line options.
  • Each module includes its own configuration options, where you can add specific information. 
users: 1
 - default

disable_root: 1 2
ssh_pwauth:   0 3

mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service', '0', '2'] 4
ssh_deletekeys:   1 5
ssh_genkeytypes: ['rsa', 'ecdsa', 'ed25519'] 6
syslog_fix_perms: ~ 7
disable_vmware_customization: false 8

cloud_init_modules: 9
 - disk_setup
 - migrator
 - bootcmd
 - write-files
 - growpart
 - resizefs
 - set_hostname
 - update_hostname
 - update_etc_hosts
 - rsyslog
 - users-groups
 - ssh

cloud_config_modules: 10
 - mounts
 - locale
 - set-passwords
 - rh_subscription
 - yum-add-repo
 - package-update-upgrade-install
 - timezone
 - puppet
 - chef
 - salt-minion
 - mcollective
 - disable-ec2-metadata
 - runcmd

cloud_final_modules: 11
 - rightscale_userdata
 - scripts-per-once
 - scripts-per-boot
 - scripts-per-instance
 - scripts-user
 - ssh-authkey-fingerprints
 - keys-to-console
 - phone-home
 - final-message
 - power-state-change

system_info:
  default_user: 12
    name: cloud-user
    lock_passwd: true
    gecos: Cloud User
    groups: [adm, systemd-journal]
    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
    shell: /bin/bash
  distro: rhel 13
  paths:
    cloud_dir: /var/lib/cloud 14
    templates_dir: /etc/cloud/templates 15
  ssh_svcname: sshd 16

# vim:syntax=yaml
1
Specifies the default user for the system. Refer to Users and Groups for more information.
2
Enables or disables root login. Refer to Authorized Keys for more information.
3
Specifies whether ssh is configured to accept password authentication. Refer to Set Passwords for more information.
4
Configures mount points; must be a list containing six values. Refer to Mounts for more information.
5
Specifies whether to remove default host SSH keys. Refer to Host Keys for more information.
6
Specifies key types to generate. Refer to Host Keys for more information. Note that for RHEL 8.4 and earlier, the default value of this line is ~.
7
cloud-init runs at multiple stages of boot. Set this option so that cloud-init can log all stages to its log file. Find more information about this option in the cloud-config.txt file in the usr/share/doc/cloud-init/examples directory.
8
Enables or disables VMware vSphere customization
9
The modules in this section are services that run when the cloud-init service starts, early in the boot process.
10
These modules run during cloud-init configuration, after initial boot.
11
These modules run in the final phase of cloud-init, after the configuration finishes.
12
Specifies details about the default user. Refer to Users and Groups for more information.
13
Specifies the distribution
14
Specifies the main directory that contains cloud-init-specific subdirectories. Refer to Directory layout for more information.
15
Specifies where templates reside
16
The name of the SSH service

Additional resources

3.5. The cloud.cfg.d directory

cloud-init acts upon directives that you provide and configure. Typically, those directives are included in the cloud.cfg.d directory.

Note

While you can configure modules by adding user data directives within the cloud.cfg file, as a best practice consider leaving cloud.cfg unmodified. Add your directives to the /etc/cloud/cloud.cfg.d directory. Adding directives to this directory can make future modifications and upgrades easier.

There are multiple ways to add directives. You can include directives in a file named *.cfg, which includes the heading #cloud-config. Typically, the directory would contain multiple *cfg files. There are other options for adding directives, for example, you can add a user data script. Refer to User-Data Formats for more information.

Additional resources

3.6. The default 05_logging.cfg file

The 05_logging.cfg file sets logging information for cloud-init. The /etc/cloud/cloud.cfg.d directory includes this file, along with other cloud-init directives that you add.

cloud-init uses the logging configuration in 05_logging.cfg by default. The default contents of the file for Red Hat Enterprise Linux (RHEL) are as follows: 

## This yaml formatted config file handles setting
## logger information.  The values that are necessary to be set
## are seen at the bottom.  The top '_log' are only used to remove
## redundancy in a syslog and fallback-to-file case.
##
## The 'log_cfgs' entry defines a list of logger configs
## Each entry in the list is tried, and the first one that
## works is used.  If a log_cfg list entry is an array, it will
## be joined with '\n'.
_log:
 - &log_base |
   [loggers]
   keys=root,cloudinit

   [handlers]
   keys=consoleHandler,cloudLogHandler

   [formatters]
   keys=simpleFormatter,arg0Formatter

   [logger_root]
   level=DEBUG
   handlers=consoleHandler,cloudLogHandler

   [logger_cloudinit]
   level=DEBUG
   qualname=cloudinit
   handlers=
   propagate=1

   [handler_consoleHandler]
   class=StreamHandler
   level=WARNING
   formatter=arg0Formatter
   args=(sys.stderr,)

   [formatter_arg0Formatter]
   format=%(asctime)s - %(filename)s[%(levelname)s]: %(message)s

   [formatter_simpleFormatter]
   format=[CLOUDINIT] %(filename)s[%(levelname)s]: %(message)s
 - &log_file |
   [handler_cloudLogHandler]
   class=FileHandler
   level=DEBUG
   formatter=arg0Formatter
   args=('/var/log/cloud-init.log',)
 - &log_syslog |
   [handler_cloudLogHandler]
   class=handlers.SysLogHandler
   level=DEBUG
   formatter=simpleFormatter
   args=("/dev/log", handlers.SysLogHandler.LOG_USER)

log_cfgs:
# Array entries in this list will be joined into a string
# that defines the configuration.
#
# If you want logs to go to syslog, uncomment the following line.
# - [ *log_base, *log_syslog ]
#
# The default behavior is to just log to a file.
# This mechanism that does not depend on a system service to operate.
 - [ *log_base, *log_file ]
# A file path can also be used.
# - /etc/log.conf

# This tells cloud-init to redirect its stdout and stderr to
# 'tee -a /var/log/cloud-init-output.log' so the user can see output
# there without needing to look on the console.
output: {all: '| tee -a /var/log/cloud-init-output.log'}

Additional resources

3.7. The cloud-init /var/lib/cloud directory layout

When cloud-init first runs, it creates a directory layout that includes information about your instance and cloud-init configuration.

The directory can include optional directories, such as /scripts/vendor.

The following is a sample directory layout for cloud-init: 

/var/lib/cloud/
    - data/
       - instance-id
       - previous-instance-id
       - previous-datasource
       - previous-hostname
       - result.json
       - set-hostname
       - status.json
    - handlers/
    - instance
       - boot-finished
       - cloud-config.txt
       - datasource
       - handlers/
       - obj.pkl
       - scripts/
       - sem/
       - user-data.txt
       - user-data.txt.i
       - vendor-data.txt
       - vendor-data.txt.i
    - instances/
        f111ee00-0a4a-4eea-9c17-3fa164739c55/
          - boot-finished
          - cloud-config.txt
          - datasource
          - handlers/
          - obj.pkl
          - scripts/
          - sem/
          - user-data.txt
          - user-data.txt.i
          - vendor-data.txt
          - vendor-data.txt.i
    - scripts/
       - per-boot/
       - per-instance/
       - per-once/
       - vendor/
    - seed/
    - sem/
       - config_scripts_per_once.once

Additional resources