What is Cloud-Init?
Cloud-init is a widely-used cloud instance initialization service that runs during the boot process of cloud instances. It provides a standardized way to customize virtual machines across different cloud platforms.
Key Capabilities
- • User and SSH key management
- • Package installation and updates
- • File creation and modification
- • Service configuration and startup
Configuration Formats
- • YAML configuration files
- • Shell scripts
- • Cloud config directives
- • User data scripts
💡 Benefits: Cloud-init enables Infrastructure as Code practices, ensuring consistent and reproducible server deployments across your infrastructure.
Prerequisites
Before using cloud-init, ensure you have:
Infrastructure Requirements
- • SOAHost cloud hosting account
- • Access to cloud control panel
- • Cloud-init enabled images
Knowledge Requirements
- • Basic YAML syntax
- • Linux command line basics
- • Understanding of system administration
Basic Cloud-Init Configuration
Cloud-init configurations are typically written in YAML format. Here's a basic example:
#cloud-config
# Basic cloud-init configuration example
# Set hostname
hostname: my-server
fqdn: my-server.example.com
# Set timezone
timezone: UTC
# Update package cache on boot
package_update: true
package_upgrade: true
# Basic packages to install
packages:
- curl
- wget
- git
- htop
- vim
# Simple message to display after boot
final_message: "Server setup completed successfully!"
✅ This basic configuration sets up hostname, timezone, updates packages, and installs essential tools.
User Management
Cloud-init can create users, set passwords, and configure SSH keys:
#cloud-config
# User management example
users:
- name: ubuntu
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC... your-public-key
groups: [sudo, docker]
- name: deployer
sudo: ['ALL=(ALL) NOPASSWD:/usr/bin/systemctl']
shell: /bin/bash
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC... deployer-public-key
groups: [www-data]
# Disable root login
disable_root: true
# Set default user
system_info:
default_user:
name: ubuntu
lock_passwd: false
gecos: Ubuntu User
groups: [adm, audio, cdrom, dialout, dip, floppy, lxd, netdev, plugdev, sudo, video]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/bash
🔐 Security: Always use SSH keys instead of passwords for better security.
Package Installation
Install and configure software packages during instance initialization:
#cloud-config
# Package installation example
# Update package database
package_update: true
package_upgrade: true
# Install packages
packages:
- nginx
- mysql-server
- php8.1
- php8.1-fpm
- php8.1-mysql
- certbot
- python3-certbot-nginx
- ufw
- fail2ban
# Add additional repositories
apt:
sources:
docker:
source: "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
# Install packages from additional repositories
packages:
- docker-ce
- docker-ce-cli
- containerd.io
# Snap packages
snap:
commands:
- snap install core
- snap install certbot --classic
File Management
Create and modify files during instance initialization:
#cloud-config
# File management example
write_files:
- path: /etc/nginx/sites-available/default
content: |
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.php index.html index.htm;
server_name _;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
}
}
permissions: '0644'
owner: root:root
- path: /var/www/html/info.php
content: |
<?php
phpinfo();
?>
permissions: '0644'
owner: www-data:www-data
- path: /etc/fail2ban/jail.local
content: |
[DEFAULT]
bantime = 3600
findtime = 600
maxretry = 3
[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
permissions: '0644'
owner: root:root
Service Configuration
Configure and start services automatically:
#cloud-config
# Service configuration example
# Run commands during boot
runcmd:
# Configure UFW firewall
- ufw allow ssh
- ufw allow 'Nginx Full'
- ufw --force enable
# Start and enable services
- systemctl enable nginx
- systemctl start nginx
- systemctl enable mysql
- systemctl start mysql
- systemctl enable fail2ban
- systemctl start fail2ban
# Secure MySQL installation
- mysql -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'secure_password_here';"
- mysql -e "DELETE FROM mysql.user WHERE User='';"
- mysql -e "DROP DATABASE IF EXISTS test;"
- mysql -e "FLUSH PRIVILEGES;"
# Set proper permissions
- chown -R www-data:www-data /var/www/html
- chmod -R 755 /var/www/html
# Power state management
power_state:
delay: "+1"
mode: reboot
message: "Rebooting after cloud-init setup"
condition: True
💡 Tip: Use runcmd for complex setup tasks that require multiple commands or shell logic.
Advanced Examples
Here are some advanced cloud-init configurations for specific use cases:
Troubleshooting
Common issues and solutions when working with cloud-init:
Configuration Not Applied
Check cloud-init logs for errors:
# Check cloud-init status
sudo cloud-init status
# View detailed logs
sudo cat /var/log/cloud-init.log
sudo cat /var/log/cloud-init-output.log
# Force cloud-init to run again (for testing)
sudo cloud-init clean --logs
sudo cloud-init initYAML Syntax Errors
Validate your YAML syntax:
# Install YAML parser
sudo apt install python3-yaml
# Validate your cloud-init config
python3 -c "import yaml; yaml.safe_load(open('your-config.yaml'))"
# Use cloud-init's built-in validator
sudo cloud-init devel schema --config-file your-config.yamlDebug Mode
Enable verbose logging for debugging:
#cloud-config
# Enable debug mode in your cloud-init config
debug: true
# Or set via kernel parameters
# debug=1 cloud-init-debug=1Testing Configurations
Test configurations before deployment:
# Render cloud-init configuration
sudo cloud-init devel render
# Show final merged configuration
sudo cloud-init query --all
# Simulate cloud-init run
sudo cloud-init devel schema --config-file /etc/cloud/cloud.cfgBest Practices
Follow these best practices for effective cloud-init usage:
🎉 Congratulations!
You now have a comprehensive understanding of cloud-init and how to use it effectively with SOAHost's cloud hosting platform. Cloud-init enables you to automate server configuration and deploy consistent, reproducible infrastructure.
📚 Next Steps
- • Explore advanced cloud-init modules and plugins
- • Integrate cloud-init with Infrastructure as Code tools
- • Set up automated testing for your cloud-init configurations
- • Learn about cloud-init's integration with container orchestration