Skip to main content

Cloud-init directives

Cloud-init is an industry-standard tool for automating the initialization of cloud Virtual Machines. It runs on first boot, processes the YAML document in the User Data field, and supports all major Linux distributions. Every document must begin with #cloud-config on the first line.

Set a password

By default, Gcore Virtual Machines do not allow SSH authentication with a username and password — only SSH key authentication is enabled. Set ssh_pwauth: True to allow password access. 
#cloud-config
password: your_password
chpasswd: { expire: False }
ssh_pwauth: True
power_state:
  mode: reboot
  timeout: 30
  condition: True
  • password — sets the password for the default OS user (e.g. ubuntu on Ubuntu images).
  • chpasswd: { expire: False } — keeps the password active without requiring a change on first login.
  • ssh_pwauth: True — enables password-based SSH authentication.
  • power_state — reboots the VM after cloud-init finishes so the changes take effect.
After the VM is ready, connect with: 
ssh your_default_username@your_instance_ip_address

Create a user

Add a users block to create a new OS user at boot. The example below creates a guest user with sudo access. 
#cloud-config
users:
  - name:         guest
    sudo:         ALL=(ALL) NOPASSWD:ALL
    passwd:       SHA-512_encrypted_value_of_guest_password
    groups:       users,admin
    lock_passwd:  false
    shell:        /bin/bash
power_state:
  mode: reboot
  timeout: 30
  condition: True
  • sudo: ALL=(ALL) NOPASSWD:ALL — grants the user passwordless sudo rights.
  • passwd — SHA-512 encrypted password. Generate it with mkpasswd -m sha512crypt guest.
  • groups — comma-separated list of groups. The groups must already exist on the system.
  • lock_passwd: false — allows password-based login.
  • shell: /bin/bash — sets the default shell.
Run groups after connecting to verify group membership.

Enable root user

#cloud-config
disable_root: false

Configure user groups

Add the groups directive to create custom groups at boot. 
#cloud-config
groups:
  - regular-users
power_state:
  mode: reboot
  timeout: 30
  condition: True
After the VM is ready, run compgen -g to verify the group appears.

Add an SSH key

Add public SSH keys from other machines using ssh_authorized_keys. 
#cloud-config
ssh_authorized_keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDLoSbgtCDju1vmEOws3cBpU5BDZJ3iwuHb0HnNaxJDDU72TYp4DZRxhkSy7KAGCnGl1x1et3i8TR9HeYLzF4B6+lBkHL3cfxuKqrTr7bYUNmmhxMj1THdH5lyS5ezYQGsd/QUryPNw9mbl1WrWu7sbyihF+B9+tHDoJ7owUehgHEG90XNJRFFe/ZHU+wHzJIRpQxFtdfZghwSBfRGJLTL6/nJtO39P7nAen48vH4iSzJYwsNtrWLG7Sr4kU6q8UJD+lCJ2IIumr6p66W9wh7IwgPED5ABQziSFCRXbeZIraaFvAhsV0r90u9t8cR8Yf2hU1rKcEaPRxYFC3IrrY94GnjTnzSE9p9a8DnF4G28/DHSMiTQd5yJKlED/n0piHMEMiJUpAruz3eHTqBz4T8taSZGuoqG4S6qrow6zigfesrWTmqegGUcQDdkTxj6DA5xtK2IIQSTsatQ9+7ggUIOFKGjoSKFxj2rJfxBjFS4pYFjOQBTdzz6ZCJjaMkhTXK8= account-name@hostname
After the VM starts, verify with cat ~/.ssh/authorized_keys.

Add repositories and install packages

Install packages at first boot using the packages directive. Packages from external repositories require an apt.sources entry. 
#cloud-config
apt:
  sources:
    docker.list:
      source: deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable
      keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
package_update: true
package_upgrade: true
packages:
  - apt-transport-https
  - ca-certificates
  - gnupg-agent
  - software-properties-common
  - gnupg
  - docker-ce
  - docker-ce-cli
  - nmap
  - traceroute
power_state:
  mode: reboot
  timeout: 30
  condition: True

Write files

Create files on the VM at boot using the write_files directive. 
#cloud-config
write_files:
  - path: /root/useful-docker-script.sh
    permissions: '0644'
    content: |
      #!/bin/bash
      docker build -t dockerhub-username/docker-image-name .
      docker login
      docker push dockerhub-username/docker-image-name

Configure network interfaces

Add a static IP address by writing a Netplan configuration file. Cloud-init merges it with the auto-generated 50-cloud-init.yaml during boot. 
#cloud-config
write_files:
  - content: |
      network:
          version: 2
          renderer: networkd
          ethernets:
            enp3s0:
              addresses:
              - 192.170.1.25/24
              - 2020:1::1/64
              nameservers:
                addresses:
                - 8.8.8.8
                - 8.8.4.4
    path: /etc/netplan/00-add-static-ip.yaml
    permissions: '0644'
power_state:
  mode: reboot
  timeout: 30
  condition: True
After the VM reboots, run ip a to verify the static addresses appear on the enp3s0 interface.

Check cloud-init logs

Two log files are available on the VM for diagnosing cloud-init issues. /var/log/cloud-init.log — full process log with debug output: 
cat /var/log/cloud-init.log
/var/log/cloud-init-output.log — stdout/stderr from scripts cloud-init ran: 
cat /var/log/cloud-init-output.log