source/adminguide/virtual_machines/user-data.rst - cloudstack-documentation - Git at Google

 .. Licensed to the Apache Software Foundation (ASF) under one
    or more contributor license agreements.  See the NOTICE file
    distributed with this work for additional information#
    regarding copyright ownership.  The ASF licenses this file
    to you under the Apache License, Version 2.0 (the
    "License"); you may not use this file except in compliance
    with the License.  You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
    Unless required by applicable law or agreed to in writing,
    software distributed under the License is distributed on an
    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
    KIND, either express or implied.  See the License for the
    specific language governing permissions and limitations
    under the License.


 User-Data and Meta-Data
 -----------------------

 CloudStack provides APIs to attach up to 32KB of user-data to a deployed VM.

 There are two CloudStack APIs that can be used to store user-data:
 `deployVirtualMachine <https://cloudstack.apache.org/docs/api/apidocs-4.14/user/deployVirtualMachine.html>`_
 and
 `updateVirtualMachine <https://cloudstack.apache.org/docs/api/apidocs-4.14/user/updateVirtualMachine.html>`_
 They both support the parameter ``userdata=``. The value for this parameter
 must be a `base64 <https://www.base64encode.org/>`_-encoded multi-part MIME
 message. See further below for an example of what this should look like.

 HTTP GET parameters are limited to a length of 2048 bytes, but it is possible
 to store larger user-data blobs by sending them in the body via HTTP POST
 instead of GET.

 From inside the VM, the user-data is accessible via the virtual router,
 if the UserData service is enabled on the network offering.

 If you are using the DNS service of the virtual router, a special hostname
 called `data-server.` is provided, that will point to a valid user-data server.

 Otherwise you have to determine the virtual router address via other means,
 such as DHCP leases. Be careful to scan all routers if you have multiple
 networks attached to a VM, in case not all of them have the UserData service
 enabled.

 User-data is available from the URL ``http://data-server./latest/user-data``
 and can be fetched via curl or other HTTP client.

 It is also possible to fetch VM metadata from the same service, via the URL
 ``http://data-server./latest/{metadata type}``.  For backwards compatibility,
 the previous URL ``http://data-server./latest/{metadata type}`` is also supported.

 For metadata type, use one of the following:

 -  ``service-offering``. A description of the VMs service offering

 -  ``availability-zone``. The Zone name

 -  ``local-ipv4``. The guest IP of the VM

 -  ``local-hostname``. The hostname of the VM

 -  ``public-ipv4``. The first public IP for the router.

 -  ``public-hostname``. This is the same as public-ipv4

 -  ``instance-id``. The instance name of the VM


 Determining the virtual router address without DNS
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 If can't or don't want to use the virtual router's DNS service, it's also
 possible to determine the user-data server from a DHCP lease.

 #. Run the following command to find the virtual router.

    .. code:: bash

       # cat /var/lib/dhcp/dhclient.eth0.leases | grep dhcp-server-identifier | tail -1

 #. Access the data-server via its IP

    .. code:: bash

       # curl http://10.1.1.1/latest/user-data


 Fetching user-data via the API
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 User-data is not included with the normal VM state for historic reasons.
 To read out the base64-encoded user-data via the API, use the `getVirtualMachineUserData <https://cloudstack.apache.org/docs/api/apidocs-4.14/user/getVirtualMachineUserData.html>`_
 API call:

 .. code:: bash

    cmk get virtualmachineuserdata virtualmachineid=8fd996b6-a102-11ea-ba47-23394b299ae9


 Using cloud-init
 ~~~~~~~~~~~~~~~~

 `cloud-init <https://cloudinit.readthedocs.org/en/latest>`_ can be used to access
 and interpret user-data inside virtual machines. If you install cloud-init into your
 VM templates, it will allow you to store SSH keys and user passwords on each new
 VM deployment automatically (:ref:`adding-password-management-to-templates` and `using ssh keys <virtual_machines.html#using-ssh-keys-for-authentication>`_).

 #. Install cloud-init package into a VM template:

    .. code:: bash

       # yum install cloud-init
         or
       $ sudo apt-get install cloud-init

 #. Create a datasource configuration file in the VM template: ``/etc/cloud/cloud.cfg.d/99_cloudstack.cfg``

    .. code:: yaml

       datasource:
         CloudStack: {}
         None: {}
       datasource_list:
         - CloudStack


 Custom user-data example
 ~~~~~~~~~~~~~~~~~~~~~~~~

 This example uses cloud-init to automatically update all OS packages on the first launch.

 #. Create user-data, wrapped into a multi-part MIME message and encoded in base64:

 .. code:: bash

    base64 <<EOF
    Content-Type: multipart/mixed; boundary="//"
    MIME-Version: 1.0

    --//
    Content-Type: text/cloud-config; charset="us-ascii"
    MIME-Version: 1.0
    Content-Transfer-Encoding: 7bit
    Content-Disposition: attachment; filename="cloud-config.txt"

    #cloud-config

    # Upgrade the instance on first boot
    # (ie run apt-get upgrade)
    #
    # Default: false
    # Aliases: apt_upgrade
    package_upgrade: true
    EOF

 #. Deploy a VM with this user-data:

 .. code:: bash

    cmk deploy virtualmachine name=..... userdata=Q29udGVudC1UeXBlOiBtdWx0aXBhcnQvbWl4ZWQ7IGJvdW5kYXJ5PSIvLyIKTUlNRS1WZXJzaW9uOiAxLjAKCi0tLy8KQ29udGVudC1UeXBlOiB0ZXh0L2Nsb3VkLWNvbmZpZzsgY2hhcnNldD0idXMtYXNjaWkiCk1JTUUtVmVyc2lvbjogMS4wCkNvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IDdiaXQKQ29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9ImNsb3VkLWNvbmZpZy50eHQiCgojY2xvdWQtY29uZmlnCgojIFVwZ3JhZGUgdGhlIGluc3RhbmNlIG9uIGZpcnN0IGJvb3QKIyAoaWUgcnVuIGFwdC1nZXQgdXBncmFkZSkKIwojIERlZmF1bHQ6IGZhbHNlCiMgQWxpYXNlczogYXB0X3VwZ3JhZGUKcGFja2FnZV91cGdyYWRlOiB0cnVlCg==


 Disclaimer
 ~~~~~~~~~~

 Refer to the `cloud-init CloudStack datasource <http://cloudinit.readthedocs.org/en/latest/topics/datasources.html#cloudstack>`_
 documentation for latest capabilities. cloud-init and the cloud-init CloudStack
 datasource are not supported by Apache CloudStack community.
	.. Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information#
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at
	http://www.apache.org/licenses/LICENSE-2.0
	Unless required by applicable law or agreed to in writing,
	software distributed under the License is distributed on an
	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	KIND, either express or implied. See the License for the
	specific language governing permissions and limitations
	under the License.


	User-Data and Meta-Data
	-----------------------

	CloudStack provides APIs to attach up to 32KB of user-data to a deployed VM.

	There are two CloudStack APIs that can be used to store user-data:
	`deployVirtualMachine <https://cloudstack.apache.org/docs/api/apidocs-4.14/user/deployVirtualMachine.html>`_
	and
	`updateVirtualMachine <https://cloudstack.apache.org/docs/api/apidocs-4.14/user/updateVirtualMachine.html>`_
	They both support the parameter ``userdata=``. The value for this parameter
	must be a `base64 <https://www.base64encode.org/>`_-encoded multi-part MIME
	message. See further below for an example of what this should look like.

	HTTP GET parameters are limited to a length of 2048 bytes, but it is possible
	to store larger user-data blobs by sending them in the body via HTTP POST
	instead of GET.

	From inside the VM, the user-data is accessible via the virtual router,
	if the UserData service is enabled on the network offering.

	If you are using the DNS service of the virtual router, a special hostname
	called `data-server.` is provided, that will point to a valid user-data server.

	Otherwise you have to determine the virtual router address via other means,
	such as DHCP leases. Be careful to scan all routers if you have multiple
	networks attached to a VM, in case not all of them have the UserData service
	enabled.

	User-data is available from the URL ``http://data-server./latest/user-data``
	and can be fetched via curl or other HTTP client.

	It is also possible to fetch VM metadata from the same service, via the URL
	``http://data-server./latest/{metadata type}``. For backwards compatibility,
	the previous URL ``http://data-server./latest/{metadata type}`` is also supported.

	For metadata type, use one of the following:

	- ``service-offering``. A description of the VMs service offering

	- ``availability-zone``. The Zone name

	- ``local-ipv4``. The guest IP of the VM

	- ``local-hostname``. The hostname of the VM

	- ``public-ipv4``. The first public IP for the router.

	- ``public-hostname``. This is the same as public-ipv4

	- ``instance-id``. The instance name of the VM


	Determining the virtual router address without DNS
	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

	If can't or don't want to use the virtual router's DNS service, it's also
	possible to determine the user-data server from a DHCP lease.

	#. Run the following command to find the virtual router.

	.. code:: bash

	# cat /var/lib/dhcp/dhclient.eth0.leases \| grep dhcp-server-identifier \| tail -1

	#. Access the data-server via its IP

	.. code:: bash

	# curl http://10.1.1.1/latest/user-data


	Fetching user-data via the API
	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

	User-data is not included with the normal VM state for historic reasons.
	To read out the base64-encoded user-data via the API, use the `getVirtualMachineUserData <https://cloudstack.apache.org/docs/api/apidocs-4.14/user/getVirtualMachineUserData.html>`_
	API call:

	.. code:: bash

	cmk get virtualmachineuserdata virtualmachineid=8fd996b6-a102-11ea-ba47-23394b299ae9


	Using cloud-init
	~~~~~~~~~~~~~~~~

	`cloud-init <https://cloudinit.readthedocs.org/en/latest>`_ can be used to access
	and interpret user-data inside virtual machines. If you install cloud-init into your
	VM templates, it will allow you to store SSH keys and user passwords on each new
	VM deployment automatically (:ref:`adding-password-management-to-templates` and `using ssh keys <virtual_machines.html#using-ssh-keys-for-authentication>`_).

	#. Install cloud-init package into a VM template:

	.. code:: bash

	# yum install cloud-init
	or
	$ sudo apt-get install cloud-init

	#. Create a datasource configuration file in the VM template: ``/etc/cloud/cloud.cfg.d/99_cloudstack.cfg``

	.. code:: yaml

	datasource:
	CloudStack: {}
	None: {}
	datasource_list:
	- CloudStack


	Custom user-data example
	~~~~~~~~~~~~~~~~~~~~~~~~

	This example uses cloud-init to automatically update all OS packages on the first launch.

	#. Create user-data, wrapped into a multi-part MIME message and encoded in base64:

	.. code:: bash

	base64 <<EOF
	Content-Type: multipart/mixed; boundary="//"
	MIME-Version: 1.0

	--//
	Content-Type: text/cloud-config; charset="us-ascii"
	MIME-Version: 1.0
	Content-Transfer-Encoding: 7bit
	Content-Disposition: attachment; filename="cloud-config.txt"

	#cloud-config

	# Upgrade the instance on first boot
	# (ie run apt-get upgrade)
	#
	# Default: false
	# Aliases: apt_upgrade
	package_upgrade: true
	EOF

	#. Deploy a VM with this user-data:

	.. code:: bash

	cmk deploy virtualmachine name=..... userdata=Q29udGVudC1UeXBlOiBtdWx0aXBhcnQvbWl4ZWQ7IGJvdW5kYXJ5PSIvLyIKTUlNRS1WZXJzaW9uOiAxLjAKCi0tLy8KQ29udGVudC1UeXBlOiB0ZXh0L2Nsb3VkLWNvbmZpZzsgY2hhcnNldD0idXMtYXNjaWkiCk1JTUUtVmVyc2lvbjogMS4wCkNvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IDdiaXQKQ29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9ImNsb3VkLWNvbmZpZy50eHQiCgojY2xvdWQtY29uZmlnCgojIFVwZ3JhZGUgdGhlIGluc3RhbmNlIG9uIGZpcnN0IGJvb3QKIyAoaWUgcnVuIGFwdC1nZXQgdXBncmFkZSkKIwojIERlZmF1bHQ6IGZhbHNlCiMgQWxpYXNlczogYXB0X3VwZ3JhZGUKcGFja2FnZV91cGdyYWRlOiB0cnVlCg==


	Disclaimer
	~~~~~~~~~~

	Refer to the `cloud-init CloudStack datasource <http://cloudinit.readthedocs.org/en/latest/topics/datasources.html#cloudstack>`_
	documentation for latest capabilities. cloud-init and the cloud-init CloudStack
	datasource are not supported by Apache CloudStack community.