View Only

Understanding Cloud-init for PowerVC

By Becky Dimock posted Thu July 09, 2015 12:00 AM


By: Himabindu P J

RSI Consulting Limited


Cloud-init is an open-source package which will configure a newly deployed virtual machine on first boot. Cloud-init is available for AIX and Linux, but is currently not available for IBM i. It is not an OpenStack technology but is a package that is designed to support multiple cloud providers. The goal is to enable consistent virtual machine customization technology across different cloud environments with little modification.

When cloud-init is used to deploy a VM, it configures some of the settings like:

1.      Setting a default locale

2.      Setting the hostname

3.      Generating ssh private keys

4.      Adding ssh keys to the user's .ssh/authorized_keys so they can log in

5.      Updating the hostname

6.      Resetting RMC

Overview of the cloud.cfg file

When we install the cloud-init package, the cloud.cfg file will be generated. This file controls customization of the virtual machine. It is written in YAML data serialization format.

Below is the content of cloud-init.cfg file taken from an AIX virtual machine instance. By default the cloud.cfg file is found in in the /opt/freeware/etc/cloud directory

root@testaix:/etc# vi /opt/freeware/etc/cloud/cloud.cfg

"/opt/freeware/etc/cloud/cloud.cfg" 107 lines, 2536 characters

# The top level settings are used as module


# and system configuration.


# A set of users which may be applied and/or used by various modules

# when a 'default' entry is found it will reference the 'default_user'

# from the distro configuration specified below


- default


# If this is set, 'root' will not be able to ssh in and they

# will get a message to login instead as the above $user (ubuntu)

disable_root: true


# Allow SSH password authorization

ssh_pwauth: true


# Delete existing SSH host keys

ssh_deletekeys: true


# Regen RSA and DSA host keys

ssh_genkeytypes: ['rsa', 'dsa']


# This will cause the set+update hostname module to not operate (if true)

preserve_hostname: false


datasource_list: ['ConfigDrive']


# Example datasource config

# datasource:

# Ec2:

# metadata_urls: [ 'blah.com' ]

# timeout: 5 # (defaults to 50 seconds)

# max_wait: 10 # (defaults to 120 seconds)


# The modules that run in the 'init' stage


- migrator

- seed_random

- bootcmd

- write-files

- growpart

- resizefs

- set_hostname

- update_hostname

- update_etc_hosts

- ca-certs

- rsyslog

- users-groups

- ssh


# The modules that run in the 'config' stage


# Emit the cloud config ready event

# this can be used by upstart jobs for 'start on cloud-config'.

- emit_upstart

- disk_setup

- mounts

- ssh-import-id

- locale

- set-passwords

- grub-dpkg

- apt-pipelining

- apt-configure

- package-update-upgrade-install

- landscape

- timezone

- puppet

- chef

- salt-minion

- mcollective

- disable-ec2-metadata

- runcmd

- bylupstart_dir: /etc/rc.d/init.d/tc/cloud/templates/

ssh_svcname: sshere will be given to the distro class and/or path classes


- ibm-set-multipath-hcheck-interval

- ibm-restore-volume-groups


# The modules that run in the 'final' stage


- rightscale_userdata

- scripts-vendor

- scripts-per-once

- scripts-per-boot

- scripts-per-instance

- scripts-user

- ssh-authkey-fingerprints

- keys-to-console

- phone-home

- final-message

- power-state-change


# System and/or distro specific settings

# (not accessible to handlers/transforms)


# This will affect which distro class gets used

distro: aix

# Default user name + that default users groups (if added/used)


Cloud-init.cfg file Structure

The organization structure of cloud-init configuration file is diagrammatically shown below.

 There are three sets of modules in cloud.cfg file in the order once the instance is booted up: cloud_init_modules, cloud_config_modules, and cloud_final_modules.

Initial instance configuration section

The users key will contain information about the users that we want to create and their properties.

The default user is 'cloud-user' .

disable_root key is used if you want to be able to SSH in to the system as the root user. It will be enabled if set to 0 and disabled if set to 1.

ssh_pwauth is used if we need to enable password login via SSH.

locale_config file is the locale that is set. If we need to specifically set the locale we can add the key value pair as “locale : en_US.UTF-8”


ssh_deletekeys:   true 

boolean Indicates whether existing SSH keys should be deleted on a per-instance basis.  On a public image, this should absolutely be set  to 'True'. These are host SSH keys and it should be reset every time on every image to give each VM its own set of keys. Otherwise, each VM will have the same public and private keys.

ssh_genkeytypes:  ~

a list of the ssh key types that should be generated.  These are passed to 'ssh-keygen -t'. Possible values are ['rsa', 'dsa', 'ecdsa'].

preserve_hostname: false

Used in synchronization with set_hostname and update_hostname module under cloud_init_modules section.

Datasourcelist:[Config Drive]

The config drive can be used by any guest operating system that is capable of mounting an ISO9660 or VFAT file system.

We can pass DHCP configuration information in the config drive using PowerVC. So once we capture the image using the static IP address, we can deploy it using a DHCP network.

Cloud_init module

This contains list of modules that runs immediately when a data source is found. They are initiated once the VM instance is started

They can't rely on network being up. These modules run at the 'init' stage.

Cloud_config module

 This list runs almost immediately when a static   network comes up (where "static" means any network with an explicit configuration in /etc, including DHCP). These modules run in the 'config' stage.

Cloud Config is the simplest way to accomplish things via user-data. This syntax is built through modules (written in python). The default modules can be found in /usr/lib/python-'version'/site-packages/cloudinit/CloudConfig/. Cloud-init knows what modules are there to be processed through the file /opt/freeware/etc/cloud/cloud.cfg, which has the list of all the python modules.

Cloud-config module example

 For example, let's assume that we wanted to add a new module called mymodule. We can either write the file cc_mymodule.py directly in the modules directory (inside the instance) or write it somewhere else (your personal computer, for example) and copy it to the instance's modules directory. After doing this, edit the "cloud.cfg" file and add our module's name. The resulting file will have the“mymodule” section added to cloud_config.

Wiki link Developing Custom Cloud-Init Modules explains how to write your own module.


This list runs at unix rc.local time frame, ie "very late in boot" These modules run in the 'final' stage . For example, rebooting an instance.

Installation and configuration of Cloud-init on AIX:

The cloud-init script is written in Python language. So before installing cloud-init, we need to have python and its dependent packages.

We can install cloud init dependent packages either in two ways:

  1. Manually download all the RPMs in order from the link AIX cloud-init support using “rpm -Uvh <name of rpm>”.

  2. Execute the cloudinst.sh script from ftp://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/cloudinit/cloudinst.sh

Once dependent packages are installed, install the cloud-init RPM from ftp://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/cloudinit/

After the successful installation, the cloud.cfg file will be created under /opt/freeware/etc/cloud/.

This is the actual file where we can perform customization of a virtual machine.

Refer to this topic for information about updating the optional settings:

Cloud-init install on PowerVM

Debugging Cloud-init installation on PowerVM

For debugging cloud-init related issues,we can check the logs which will be written in /var/log/cloud-init-output.log.

Installation and configuration of Cloud-init on Red Hat Enterprise Linux:

Before we install cloud-int for the first time we need to install the dependent packages.

For RHEL, we need to download the EPEL repository using wget command and install it. EPEL(Extra packages for enterprise linux) repository contains couple of Linux add-on packages that is required for cloud-init RPM install.

The EPEL RPM's varies depending upon the RHEL server version used.

Below is the link for getting the EPEL RPMs for different versions of RHEL server.


RHEL6 Example:

wget http://dl.fedoraproject.org/pub/epel/6Server/ppc64/epel-release-6-8.noarch.rpm

rpm -Uvh epel-release-6*.rpm

RHEL7 Example:

wget http://dl.fedoraproject.org/pub/epel/7/ppc64/e/epel-release-7-5.noarch.rpm

rpm -Uvh epel-release-7*.rpm

Once the EPEL is installed, register and connect to it to Red Hat satellite network.

Install cloud init RPM using “yum install cloud-init*.rpm” . Yum will install all the dependent packages from EPEL repository which is required for cloud-init install. This cloud-init RPM can be taken from from a system that has PowerVC installed. The packages will be here: /opt/ibm/powervc/images/cloud-init/rhel


cloud-init-0.7.4-5.el6.noarch.rpm – This is for rhel 6

cloud-init-0.7.4-5.el7.noarch.rpm – This is for rhel 7

After installing the cloud-init package, modify the cloud.cfg file /etc/cloud/cloud.cfg with the following values:

disable_root: 0

ssh_pwauth: 1

ssh_deletekeys: 1

Then add the following parameters:

disable_ec2_metadata: True

datasource_list: ['ConfigDrive']

For RHEL 6.6 and above, ensure the following conditions are set:

  • Set SELinux to permissive or disabled on the virtual machine you are capturing or deploying.

  • The Network Manager should not be enabled.

  • Ensure that the net-tools package is installed.

Remove the MAC address information from /etc/sysconfig/network-scripts/ifcfg-eth0.

For RHEL server versions 7.0 and earlier:

  • Replace /etc/udev/rules.d/70-persistent-net.rules with an empty file

  • Replace /lib/udev/rules.d/75-persistent-net-generator.rules with an empty file


Debugging Cloud-init on RHEL

For debugging cloud-init related issues, edit /etc/cloud/cloud.cfg.d/05_logging.cfg and change the level from WARNING to DEBUG in order to get log entries written to /var/log/messages.




Once all the changes have been made, we can use the above created image and save it as the base image for future deployments.

For additional information about installing cloud-init including information on Ubuntu and SLES, refer to these topics in the PowerVC Knowledge Center

Cloud-init install on PowerVM

Cloud-init install on PowerKVM




Mon February 24, 2020 04:57 AM

Please take a look at the topic.
Let us know know if you still have any queries.

Fri February 21, 2020 08:50 AM

What is Cloud-init?
Is IBM product?
Why no mention about openstack?