With cloud-init instances can be configured at boot-time. Arbitrary scripts and configuration settings can be passed as user-data via the meta-data service.

  • Scripts need to start with shebang. Example: #!/usr/bin/env python
  • Configuration settings start with the header #cloud-config

Scripts and config settings are passed at instance creation time as following:

$ openstack server create --user-data userdata.txt ...

Set hostname

By passing cloud-init config via user-data, the hostname and fully qualified name can be set for an instance at creation time.

hostname: myhost
manage_etc_hosts: yes

Add users

It’s possible to easily create users or set the root password with cloud-init.

Configuration files for cloud-init will need to be pasted to the Customization Script under the Configuration header when deploying an instance. The configuration is in YAML format and documented at cloudinitdoc.

A sample code block to set the root password and allow SSH password login for the instance.

The password hash can be created with mkpasswd --method=SHA-512 --rounds=4096. The password used in the following sample is password.

$ mkpasswd --method=SHA-512 --rounds=4096
password: $6$rounds=4096$123456789...
chpasswd: { expire: False }
ssh_pwauth: True

Creating users while preserving default users (remove default to remove default users created by the image):

  - default
  - name: foo
    shell: /bin/bash
    password: $6$rounds=4096$123456789...
    chpasswd: { expire: False }
      - some_pubkey_content

The password hash can be created with mkpasswd --method=SHA-512 --rounds=4096.

Assignment of multiple SSH keys

OpenStack allows to specify only one SSH key when instance is created. To specify several keypairs when creating an instance, cloud-config can be used.

  • Create a file userdata.sample.
  - ssh-rsa ... 001
  - ssh-rsa ... 002
  - ssh-rsa ... 003
  - ssh-rsa ... 004
  • Create an instance testing.
$ openstack --os-cloud PROJECT server create \
    --image "Ubuntu 16.04 (Xenial Xerus)" \
    --flavor 1C-1GB-10GB \
    --user-data userdata.sample \
  • When the instance is initialized, the keys are now assigned.
$ openstack --os-cloud PROJECT console log show testing
+++++Authorized keys from /home/ubuntu/.ssh/authorized_keys for user ubuntu++++++
ci-info: +---------+-------------------------------------------------+---------+---------+
ci-info: | Keytype |                Fingerprint (md5)                | Options | Comment |
ci-info: +---------+-------------------------------------------------+---------+---------+
ci-info: | ssh-rsa | e6:67:2b:9a:b3:50:33:53:28:f7:92:1c:27:13:92:0e |    -    |   003   |
ci-info: | ssh-rsa | 47:3d:4a:5e:9f:07:75:ae:18:91:48:77:a7:6b:4f:f7 |    -    |   002   |
ci-info: | ssh-rsa | a0:42:ee:70:ad:97:f2:59:9a:0a:70:11:02:99:8b:d0 |    -    |   001   |
ci-info: | ssh-rsa | 31:2b:c2:2c:c9:cc:27:38:c9:90:28:df:82:c4:1f:eb |    -    |   004   |
ci-info: +---------+-------------------------------------------------+---------+---------+