Updated on 2026-05-14 GMT+08:00

Cloud-Init/Cloudbase-Init

Cloud-Init or Cloudbase-Init is an open-source cloud program that allows you to configure specific custom details of newly created ECSs (such as the hostname, key pair, and user data) during initialization.

Using Cloud-Init or Cloudbase-Init to initialize your ECSs will affect the use of your ECS, IMS, and AS services.

Impact on IMS

To ensure that ECSs that are created using a private image support custom configurations, you must install Cloud-Init or Cloudbase-Init on the ECSs before using them to create private images.

Once installed in an image, Cloud-Init or Cloudbase-Init will automatically configure initial attributes for the ECSs when they are created using this image.

For more information, see Installing and Configuring Cloud-Init or Installing and Configuring Cloudbase-Init.

Impact on ECS

  • When creating an ECS, if the selected image supports Cloud-Init or Cloudbase-Init, you can inject custom information (such as the ECS login password) during the initialization.
  • After Cloud-Init or Cloudbase-Init is supported, you can view and use metadata to configure and manage running ECSs.

Impact on AS

  • When creating an AS configuration, you can use the User Data function to specify ECS configurations for initialization. If the AS configuration has taken effect in an AS group, the ECSs newly created in the AS group will automatically initialize their configurations based on the specified ECS configurations.
  • For an existing AS configuration, if its private image does not have Cloud-Init or Cloudbase-Init installed, the login mode of the ECSs created in the AS group where the AS configuration takes effect may fail to take effect.

    To resolve this issue, see How Does Cloud-Init Affect the AS Service? in Auto Scaling User Guide.

Notes

  • When using Cloud-Init, enable DHCP for the VPC subnet that the ECS belongs to.
  • When using Cloud-Init, ensure that security group rules for the outbound direction meet the following requirements:
    • Protocol: TCP
    • Port: 80
    • Destination: 169.254.0.0/16

    If you use the default security group rules for the outbound direction, the metadata can be accessed because the default rules meet the preceding requirements. For details about the default security group rules for the outbound direction, see Security Group.