Updated on 2022-02-22 GMT+08:00

Injecting User Data into BMSs

Application Scenarios

Use the user data injection function to inject user data into BMSs to:

  • Use scripts to simplify BMS configuration.
  • Use scripts to initialize the BMS OS configuration.
  • Upload your scripts to BMSs during BMS creation.
  • Use scripts to perform other operations.

Constraints

  • For Linux:
    • The image that is used to create BMSs must have Cloud-Init installed.
    • The user data to be injected must be less than or equal to 32 KB.
    • User data uploaded as text can contain only ASCII characters. User data uploaded as a file can contain any characters, and the file size must be less than or equal to 32 KB.
    • The image that is used to create ECSs must be a public image, a private image created based on a public image, or a private image with Cloud-Init installed.
    • The format of the customized scripts must comply with user data script specifications.
    • DHCP must be enabled for the VPC, and port 80 must be enabled for the security group in the outbound direction.
  • For Windows:
    • The image that is used to create BMSs must have Cloudbase-Init installed.
    • The user data to be injected must be less than or equal to 32 KB.
    • User data uploaded as text can contain only ASCII characters. User data uploaded as a file can contain any characters, and the file size must be less than or equal to 32 KB.
    • The image that is used to create ECSs must be a public image, a private image created based on a public image, or a private image with Cloudbase-Init installed.
    • DHCP must be enabled for the VPC, and port 80 must be enabled for the security group in the outbound direction.

Use Methods

  1. Create a user data script, the format of which complies with user data script specifications. For details, see section Helpful Links.
  2. When creating a BMS, set Advanced Settings to Configure now, and paste the content of the user data script to the User Data Injection text box or upload the user data file.
  3. The created BMS automatically runs Cloud-Init or Cloudbase-Init to read the user data script upon startup.

User Data Scripts of Linux BMSs

Customized user data scripts of Linux BMSs are based on the open-source Cloud-Init architecture. This architecture uses BMS metadata as the data source for automatically configuring the BMSs. The customized script types are compatible with open-source Cloud-Init. For details about Cloud-Init, see http://cloudinit.readthedocs.io/en/latest/topics/format.html.

  • Script execution time: A customized user data script is executed after the time when the status of the target BMS changes to Running and before the time when /etc/init is executed.

    By default, the scripts are executed as user root.

  • Script type: Both user-data scripts and Cloud-Config data scripts are supported.
    Table 1 Linux BMS script types

    -

    User-Data Script

    Cloud-Config Data

    Description

    Scripts, such as Shell and Python scripts, are used for custom configurations.

    Methods pre-defined in Cloud-Init, such as the Yum source and SSH key, are used for configuring certain BMS applications.

    Format

    A script must be started with #!, for example, #!/bin/bash and #!/usr/bin/env python.

    When a script is started for the first time, it will be executed at the rc.local-like level, indicating a low priority in the boot sequence.

    The first line must be #cloud-config, and no space is allowed in front of it.

    Constraint

    Before Base64 encoding, the size of the script, including the first line, cannot exceed 32 KB.

    Before Base64 encoding, the size of the script, including the first line, cannot exceed 32 KB.

    Frequency

    The script is executed only once when the BMS is started for the first time.

    The execution frequency varies according to the applications configured on the BMS.

  • How can I view the customized user data injected into a Linux BMS?
    1. Log in to the BMS.
    2. Run the following command to view the customized user data as user root:

      curl http://169.254.169.254/openstack/latest/user_data

  • Script usage examples

    This section describes how to inject scripts in different formats into Linux BMSs and view script execution results.

    Example 1: Inject a User-Data script.

    When creating a BMS, set User Data Injection to Text and enter the customized user data script.

    #!/bin/bash
    echo "Hello, the time is now $(date -R)" | tee /root/output.txt

    After the BMS is created, start it and run the cat [file] command to check the script execution result.

    [root@XXXXXXXX ~]# cat /root/output.txt
    Hello, the time is now Mon, 16 Jul 2016 16:03:18+0800

    Example 2: Inject a Cloud-Config Data script.

    When creating a BMS, set User Data Injection to Text and enter the customized user data script.

    #cloud-config
    bootcmd:
    - echo 192.168.1.130 us.archive.ubuntu.com >> /etc/hosts

    After the BMS is created, start it and run the cat /etc/hosts command to check the script execution result.

    Figure 1 Viewing the running result

User Data Scripts of Windows BMSs

Customized user data scripts of Windows BMSs are based on the open-source Cloudbase-Init architecture. This architecture uses BMS metadata as the data source for initializing and automatically configuring the BMSs. The customized script types are compatible with open-source Cloudbase-Init. For details about Cloudbase-Init, see https://cloudbase-init.readthedocs.io/en/latest/userdata.html.

  • Script type: Both batch-processing program scripts and PowerShell scripts are supported.
    Table 2 Windows BMS script types

    -

    Batch-Processing Program Script

    PowerShell Script

    Format

    The script must be started with rem cmd, which is the first line of the script. No space is allowed at the beginning of the first line.

    The script must be started with #ps1, which is the first line of the script. No space is allowed at the beginning of the first line.

    Constraint

    Before Base64 encoding, the size of the script, including the first line, cannot exceed 32 KB.

    Before Base64 encoding, the size of the script, including the first line, cannot exceed 32 KB.

  • How can I view the customized user data injected into a Windows BMS?
    1. Log in to the BMS.
    2. Access the following URL in the address box of the browser and view the injected user data:

      http://169.254.169.254/openstack/latest/user_data

  • Script usage examples

    This section describes how to inject scripts in different formats into Windows BMSs and view script execution results.

    Example 1: Inject a batch-processing program script.

    When creating a BMS, set User Data Injection to Text and enter the customized user data script.

    rem cmd
    echo "Hello, BAT Test" > C:\1111.txt

    After the BMS is created, start it and check the script execution result. In this example, a text file named 1111 is added to disk C:\.

    Figure 2 Creating text file 1111

    To view the user data injected into the Windows BMS, log in at http://169.254.169.254/openstack/latest/user_data.

    Figure 3 Viewing user data 1111

    Example 2: Inject a PowerShell script.

    When creating a BMS, set User Data Injection to Text and enter the customized user data script.

    #ps1
    echo "Hello, Powershell Test" > C:\aaaa.txt

    After the BMS is created, start it and check the script execution result. In this example, a text file named aaaa is added to disk C:\.

    Figure 4 Creating text file aaaa

    To view the user data injected into the Windows BMS, log in at http://169.254.169.254/openstack/latest/user_data.

    Figure 5 Viewing user data aaaa

Case 1

This case illustrates how to use the user data injection function to simplify BMS configuration.

In this example, vim is configured to enable syntax highlighting, display line numbers, and set the tab stop to 4. Configuration file .vimrc is created and injected into the /root/.vimrc directory during BMS creation. After the BMS is created, vim is automatically configured based on your requirements. This helps to improve BMS configuration efficiency, especially in batch ECS creation scenarios.

The content of the script file to be injected is as follows:

#cloud-config
write_files:
  - path: /root/.vimrc
    content: |
      syntax on
      set tabstop=4
      set number      

Case 2

This case illustrates how to use the user data injection function to reset the password for logging in to a Linux BMS.

In this example, the password of user root is reset to "******".

The new password must meet the password complexity requirements listed in Table 3.

Table 3 Password requirements

Parameter

Requirements

Example Value

Password

  • Consists of 8 characters to 26 characters.
  • Must contain at least three of the following character types:
    • Uppercase letters
    • Lowercase letters
    • Digits
    • Special characters !@$%^-_=+[]{}:,./?
  • Cannot contain the username or the username spelled backwards.
  • Cannot contain more than two characters in the same sequence as they appear in the username. (This requirement applies only to Windows BMSs.)

Test12$@

The content of the script file to be injected is as follows. (Retain the indentation in the following script.)

#cloud-config
chpasswd:
  list: |
    root:******
  expire: False

After the BMS is created, you can use the reset password to log in to it. To ensure system security, change the password of user root after logging in to the BMS for the first time.

Case 3

This case illustrates how to use the user data injection function to create a user on a Windows BMS and configure the password for the user.

In this example, the user's username is abc, its password is ******, and the user is added to the administrators user group.

The new password must meet the password complexity requirements listed in Table 4.

Table 4 Password requirements

Parameter

Requirements

Example Value

Password

  • Consists of 8 characters to 26 characters.
  • Must contain at least three of the following character types:
    • Uppercase letters
    • Lowercase letters
    • Digits
    • Special characters !@$%^-_=+[]{}:,./?
  • Cannot contain the username or the username spelled backwards.
  • Cannot contain more than two characters in the same sequence as they appear in the username. (This requirement applies only to Windows BMSs.)

Test12$@

The content of the script file to be injected is as follows:

rem cmd
net user abc ****** /add
net localgroup administrators abc /add

After the BMS is created, you can use the created username and password to log in to it.

Case 4

This case illustrates how to use the user data injection function to update system software packages for a Linux BMS and enable the HTTPd service. After the user data is injected, you can use the HTTPd service.

The content of the script file to be injected is as follows:

#!/bin/bash
yum update -y
service httpd start
chkconfig httpd on

Case 5

This case illustrates how to use the user data injection function to assign user root permission for remotely logging in to a Linux BMS. After injecting the file, you can log in to the BMS as user root in SSH key authentication mode.

The content of the script file to be injected is as follows:

#cloud-config
disable_root: false
runcmd:
- sed -i 's/^PermitRootLogin.*$/PermitRootLogin without-password/' /etc/ssh/sshd_config
- sed -i '/^KexAlgorithms.*$/d' /etc/ssh/sshd_config
- service sshd restart

Helpful Links

For more information about user data injection cases, visit the official Cloud-init/Cloudbase-init website: