This page describes the configuration to enable users to automate VM first boot with cloud-init or similar
In private cloud and VCD, the platform implements cloud-init with configuration drive. See Configuration drive .
In public cloud, the platform uses cloud provider metadata. Please check your provider documentation about metadata security.
For Windows in AWS, the platform supports guest setup with CLOUDBASE_INIT
, EC2LAUNCH_V2
, EC2LAUNCH
, and EC2CONFIG
.
Cloud-init in Abiquo
Abiquo supports two main kinds of first boot automation with cloud-init:
Abiquo built-in functionality:
Guest initial password
Fully qualified domain name (FQDN)
SSH key injection
User data on Configuration drive or cloud provider metadata
Initial network configuration injection (when DHCP is not present)
User bootstrap script and variables
Provider support for guest initial passwords
This table describes the priority of remote access credentials for the public cloud providers at the time of writing. Always check your cloud provider documentation for the latest information.
Provider | Operating system | Password priority |
---|---|---|
Azure | Windows | Guest initial password > Password |
Other | SSH public key > Guest initial password > Password | |
AWS | All | SSH public key > Guest initial password |
GCP | Windows | Password |
Other | SSH public key | |
OCI | Windows | Password provided by OCI |
Other | SSH public key |
Configure guest initial password
The platform can set an initial password for a VM before it deploys. The administrator can configure this option in a VM template but the user may then edit the VM to change the option.
To configure guest initial passwords, do these steps.
To configure the length and characters, on the Abiquo API server edit abiquo.properties and set the following properties:
abiquo.guest.password.exclude abiquo.guest.password.length
For more details see Abiquo configuration properties
To customize messages see the following pages.
To enable guest initial passwords, in Abiquo, go to Configuration view → Security (see Configuration view).
To enable password emails, select the Enable password emails option
To enable password SMS, enter the SMS gateway address
In Abiquo, load and configure appropriate VM templates! See Edit a VM template for guest setup below
Related pages:
Configure FQDN
Abiquo can set a hostname and fully qualified domain name (FQDN) before the VM is deployed.If a user enters an FQDN when they configure the VM, this will override the defaults because it is the highest priority FQDN
If the user does not enter an FQDN, Abiquo uses the following default:
Abiquo database ID (on Windows) or the VM_uuid (on Linux, etc); and
VM network domain name (from VM NIC or VDC default network) or localdomain
To change the default to always generate the automatic VM name from the database ID:
Login to the Abiquo API Server as administrator
Edit the abiquo.properties file and set the following property
# Generate VM name from database ID. If false use VM_uuid on Linux and VM_database ID on Windows abiquo.api.experimental.hostname13charsFromVirtualMachineDatabaseId=true
After the user deploys the VM, the user can change the FQDN in the VM operating system. In this case, Abiquo will update the FQDN stored in the platform.
Prepare templates for cloud-init
To enable users to work with cloud init, the administrator prepares VM templates that will run cloud-init services or cloudbase-init services (for Windows) or similar. The compatible version of cloud-init is version 0.7.9 or above, or cloudbase-init.
For VMware (vCenter hosts, vCenter clusters, VCD) and other private cloud hypervisors, where cloud-init uses a Configuration drive, you might need to prepare the operating system of your VM templates for this configuration.
Edit the cloud config installer file. The location of this file will vary by operating system. For example, /etc/cloud/cloud.conf.d/99-installer.cfg. Set the datasource to ConfigDrive as shown here.
datasource: ConfigDrive: datasource_list: [ConfigDrive]
In the case of Ubuntu 18+, disable any default network configuration utility.
Remove
/etc/cloud/cloud.conf.d/subiquity-disable-cloudinit-networking.cfg
Remove
/etc/netplan/00-installer-config.yml
To prepare Windows templates for public cloud, see the following pages.
Edit a VM template for guest setup
To prepare a VM template for guest setup:
Go to Catalogue
Edit a template with cloud-init or hypervisor tools installed.
Go to Advanced
For Guest setup, select Cloud-Init or Hypervisor tools.
For Windows on AWS, you can select from: CLOUDBASE_INIT, EC2LAUNCH_V2, EC2LAUNCH, EC2CONFIG
Select Guest initial password to generate an initial password according to platform configuration
For Windows systems we strongly recommend this option
The platform will log in with the template User and Password (see below) and change the Password to the guest initial password.
The platform will send the guest initial password to the user via mail or SMS, and users can display it with the VM key button
For the User, enter the default user for the template
On Windows, enter "Administrator"
On Linux, enter "root" or another user that can run chpassword, with sudo and by always entering the password
If sudo is not available, please contact Abiquo Support to configure the “nosudoerrequiredforuser” property
For the Password, enter the default password of the user on the VM template
The platform does not save VM passwords
On Linux, before deploying an instance template, edit the instance template's password to set it to the current VM password.
Select the Operating system. If required, enter the OS version. For more details see Set the guest operating system for VMware
Optionally, go to Variables and set variables for the VM template. The platform will add these variables to the VM using metadata or user data. See VM variables
If you are using Cloud-init or similar, you can enter a startup script or configuration on the Bootstrap tab. The platform will add this script to the VM and the VM user may also be able to modify it. For more details, see VM bootstrap script
Add the SSH public key to your user before you deploy VMs. To connect to your VM, you will often require the SSH key pair, for example, to connect to Windows VMs in public cloud via RDP