Esta página ainda não está disponível no idioma selecionado. Estamos trabalhando para adicionar mais opções de idiomas. Agradecemos sua compreensão.

Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Managed Threat Detection
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive

Configuring Cloud-Init

Updated on 2024-10-31 GMT+08:00

Scenarios

You need to configure Cloud-Init after it is installed.

Prerequisites

  • Cloud-Init has been installed.
  • An EIP has been bound to the ECS.
  • You have logged in to the ECS.
  • The ECS uses DHCP to obtain IP addresses.

Procedure

The following operations are required:

  1. Configure Cloud-Init.

    For details, see Configure Cloud-Init.

  2. Check whether Cloud-Init is successfully configured.

    For details, see Check the Cloud-Init Configuration.

Configure Cloud-Init

  1. Configure the user permissions for logging in to the ECS. If you select user root, enable the SSH permissions of user root and enable remote login to the ECS using a password.
    • If you inject a password, use it to log in to the ECS remotely using SSH or noVNC.
    • If you inject a key, use it to log in to the ECS remotely using SSH.
  2. Enable remote login using the password of user root and enable the SSH permissions of user root.
    Take CentOS 6.7 as an example. If the value of disable_root in the /etc/cloud/cloud.cfg file is 0, the permissions are enabled. (In some OSs, value true indicates that the permissions are disabled, and false indicates that the permissions are enabled). Set ssh_pwauth to 1, and lock_passwd to False (indicating that user passwords are not locked).
    users:
     - name: root
       lock_passwd: False
    
    disable_root: 0
    ssh_pwauth: 1
  1. Prevent Cloud-Init from taking over the network in /etc/cloud/cloud.cfg.

    If the Cloud-Init version is 0.7.9 or later, add the following content to /etc/cloud/cloud.cfg:

    Figure 1 Preventing Cloud-Init from taking over the network
    NOTE:

    The added content must be in the YAML format.

  2. Enable the agent to access the IaaS OpenStack data source.
    Add the following information to the last line of /etc/cloud/cloud.cfg:
    datasource_list: [ OpenStack ]
    datasource:
      OpenStack:
        metadata_urls: ['http://169.254.169.254']
        max_wait: 120
        timeout: 5
        apply_network_config: false
    NOTE:
    • You can decide whether to set max_wait and timeout. The values of max_wait and timeout in the preceding command output are only for reference.
    • If the OS version is earlier than Debian 8 or CentOS 5, you cannot enable the agent to access the IaaS OpenStack data source.
    • The default zeroconf route must be disabled for CentOS and EulerOS ECSs for accurate access to the IaaS OpenStack data source.

      echo "NOZEROCONF=yes" >> /etc/sysconfig/network

    • apply_network_config: false is only requited by users who use Cloud-Init 18.3 or later.
  3. Add the following content to /etc/cloud/cloud.cfg:

    manage_etc_hosts: localhost

    This prevents the system from staying in the Waiting for cloudResetPwdAgent state for a long time during ECS startup.

    Figure 2 Adding manage_etc_hosts: localhost
  4. Run the vi /etc/ssh/sshd_config command to open the /etc/ssh/sshd_config file using the vi editor.
    Change the value of PasswordAuthentication in the sshd_config file to yes.
    NOTE:

    For SUSE and openSUSE, change the values of the following parameters in the sshd_config file to yes:

    • PasswordAuthentication
    • ChallengeResponseAuthentication
  5. Modify cloud_init_modules in the cloud.cfg configuration file.
    • Move ssh from the bottom to the top to speed up the SSH login.
    • Enable the hostname update. Do not comment out or delete the -update_hostname statement.
      cloud_init_modules:
       - ssh
       - migrator
       - bootcmd
       - write-files
       - growpart
       - resizefs
       - set_hostname
       - update_hostname
       - update_etc_hosts
       - rsyslog
       - users-groups
  6. Modify the configuration so that the hostname of the ECS created from the image does not contain the .novalocal suffix and can contain a dot (.).
    1. Run the following command to modify the __init__.py file:

      vi /usr/lib/python*.*/site-packages/cloudinit/sources/__init__.py

      The Python version varies depending on the OS.

      Press i to enter editing mode. Modify the file content as follows based on the keyword toks:

      if toks:
          toks = str(toks).split('.')
      else:
          #toks = ["ip-%s" % lhost.replace(".", "-")] # Comment out this line.
          toks = lhost.split(".novalocal")    # Add this line.
      
      if len(toks) > 1:
          hostname = toks[0]
          #domain = '.'.join(toks[1:]) # Comment out this line.
      else:
          hostname = toks[0]
      
      if fqdn and domain != defdomain:
          #return hostname   # Comment out this line.
          return "%s.%s" % (hostname, domain)   # Add this line.
      else:
          return hostname

      After the modification is complete, press Esc to exit the editing mode and enter :wq! to save the settings and exit.

    2. Run the following command to switch to the cloudinit/sources folder:

      cd /usr/lib/python*.*/site-packages/cloudinit/sources/

      The Python version varies depending on the OS.

    3. Run the following commands to delete the __init__.pyc file and the optimized __init__.pyo file:

      rm -rf __init__.pyc

      rm -rf __init__.pyo

    4. Run the following commands to clear the logs:

      rm -rf /var/lib/cloud/*

      rm -rf /var/log/cloud-init*

  7. Run the following command to edit the /etc/cloud/cloud.cfg.d/05_logging.cfg file to use cloudLogHandler to process logs:

    vim /etc/cloud/cloud.cfg.d/05_logging.cfg

    [logger_cloudinit]
    level=DEBUG
    qualname=cloudinit
    handlers=cloudLogHandler
    propagate=1
  8. Delete user linux and the /home/linux directory from the image template.

    userdel linux

    rm -fr /home/linux

  9. Ensure that Cloud-Init is enabled.

    Delete the /etc/cloud/cloud-init.disabled file by running cloud-init clean --machine-id. If there is no such a file, skip this step.

Check the Cloud-Init Configuration

Run the following command to check whether Cloud-Init has been properly configured:

cloud-init init --local

If Cloud-Init has been properly installed, the version information is displayed and no error occurs. For example, messages indicating lack of files will not be displayed.
NOTE:

(Optional) Run the following command to set the password validity period to the maximum:

chage -M 99999 $user_name

user_name is a system user, such as user root.

You are advised to set the password validity period to 99999.

Usamos cookies para aprimorar nosso site e sua experiência. Ao continuar a navegar em nosso site, você aceita nossa política de cookies. Saiba mais

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback