[00:54] I am trying to get cloud-init to leave root enabled or enable it if it is disabled [00:54] So far, the only thing it does is ignore the directives and disable root [00:54] I have tried disable_root: false and disable_root: 0 [00:56] Does anyone have any idea how I might get it to stop? [02:14] Is anyone available to look over my cloud.cfg for any obvious errors? [02:19] tr3l: What distro/is root enabled by default? [02:20] CentOS 7.5 [02:20] Root should not be disabled by default on it [02:20] I am just using the stock ISO to install on a standard KVM VM [02:20] cloud-init is being used to setup the server disks on KVM VM start [02:21] Once it is setup, I take an image of the VM and use that image to create new VMs [02:21] On start, cloud-init should do nothing except resize disks as needed [02:22] blkadder: https://pastebin.com/UE6LHcT4 [02:22] That is all I am trying to do [02:22] I am not sure what I've got wrong [02:28] Well you are missing #cloud-config for one. [02:28] If that is the complete content of the file. [02:29] It is the complete contents [02:29] What should I be adding? [02:30] I need zero additional functionality. I basically want it to resize the disk and leave the rest of the server alone and do absolutely nothing to it [02:30] You need to start the configuration file with #cloud-config as the first line. [02:31] https://www.digitalocean.com/community/tutorials/an-introduction-to-cloud-config-scripting [02:31] Also it's a stickler for spacing/indentation. [02:31] Is there any validator available to validate this? [02:31] Which has tripped me up more than once or twice (not saying you have issues there just saying you want to be careful) [02:31] They have something built-in. [02:32] It has been a while let me see if I can find it... [02:32] They have been working on a linter, just not sure how far they have gotten. [02:32] I have been struggling to find simple documentation for cloud-init [02:32] Yes, documentation is not the greatest. :-) [02:36] Many of the devs are on here, they just tend to seem to work normal business hours so this isn't the best time to find them. :-) [02:37] I appreciate your help [02:37] This cloud-init config is causing problems on production servers [02:38] I will refrain from any number of snarky comments. [02:39] If I had any other choice, it wouldn't have been used [02:41] It comes down to desperation and lack of any other choices. I admit that it is a cowboy solution, but I am trying my best to fix it [02:41] I know there is some sort of built in validator now, I am just not able to find the reference to it I had squirreled away... [02:41] and struggling a lot trying to get there [02:44] It seems like cloud-init devel schema will do something like that [02:44] My cloud-init doesn't support devel though [02:45] and I can't find any packages that install that [02:46] I think I installed from source. [02:46] Which is how I got it. [02:46] I thought they had moved at least some of it into a production branch but I am really not sure... [02:47] Sorry I can't be of more help. [02:47] I'm just an infrequent user. [02:48] The desperate are happy to have any help [02:48] Thank you [02:50] You have looked at the logs too to see what it is doing, correct? [02:53] I have tried, but I can't make sense of it [02:55] Ooh... [02:55] cloud-init devel schema [02:55] Yea [02:55] No devel features in my copy of cloud-init from epel [02:56] I also don't see any documentation anywhere about installing it or how it works even for Ubuntu [02:56] https://media.readthedocs.org/pdf/cloudinit/latest/cloudinit.pdf [02:56] That is the same type of documentation I was struggling with earlier [02:57] It doesn't give practical examples of structure, syntax, files, etc. I just lists what each thing does and gives you a MASSIVE overwhelming complex example file to start off [02:57] I'm just like.. slow down [02:58] Why can't we just get a file that changes the hostname and nothing else? [02:58] Where is the hello world of cloud-init? [02:58] cloud-init devel schema --config-file [02:58] Yeah [02:59] If my copy of cloud-init had devel it would be great :( [02:59] Best I can do for ya... Gotta run to dinner. Good luck. [03:05] thx blkadder for fielding some questiosn. [03:05] tr3l: some simple examples are here. http://cloudinit.readthedocs.io/en/latest/topics/examples.html [03:06] as per getting latest and greatest cloud-init on your epel.... we build tip and stable over in our copr repos [03:06] https://copr.fedorainfracloud.org/coprs/g/cloud-init/el-stable/ [03:06] https://copr.fedorainfracloud.org/coprs/g/cloud-init/el-testing/ [03:07] you can add those repos and install latest cloud-init on your instance, then a sudo cloud-init clean --logs --reboot would allow cloud-init to run as if the system were a new install [03:07] so if your image creator (or distro) doesn't have the latest cloud-init you can at least upgrade yourself [03:09] Thank you for the help [03:09] and cloud-init 17.1 or later would have " cloud-init devel schema --config-file --annotate" which should tell you about whether the yaml you have is properly formatted and will give hints on schema validation for a few config modules [03:10] Should disable_root and ssh_pwauth be true/false or 1/0? [03:10] we haven't finished full schema validation for all config modules, (it's on the agenda this year). then the CLI command will be promoted to "cloud-init schema " (dropping the "devel" param) [03:12] most of cloud-init accepts any of those options 0 ,False, false,no as untrue and True, 1, true yes as "true" [03:12] TRUE_STRINGS = ('true', '1', 'on', 'yes') [03:12] FALSE_STRINGS = ('off', '0', 'no', 'false') [03:12] checking those speciically to be sure [03:12] after your instance boots with latest cloud-init "cloud-init status --long" should quickly give you an idea if there were errors [03:13] otherwise check /var/log/cloud-init.log for a Traceback [03:17] disable_root and ssh_pwauth can both be any of those TRUE/FALSE_STRINGS I pasted [03:17] ssh_pwauth can also additionally be 'unchanged' [03:17] I was really hoping you would say it had to be true/false [03:18] per http://cloudinit.readthedocs.io/en/latest/topics/modules.html#set-passwords [03:20] I just upgraded it from here: [03:20] https://copr.fedorainfracloud.org/coprs/g/cloud-init/el-stable/ [03:20] cloud-init: error: invalid choice: 'devel' (choose from 'init', 'modules', 'query', 'single', 'dhclient-hook', 'features') [03:20] Updated: [03:20] cloud-init.noarch 0:0.7.9+224.g681baff-1.el7.centos [03:21] tr3l: we've had discussions a few times about being more strict on schema. I think it's a burden on the user and us to support something so flexible.... too much rope to hang oneself with. per your cloud-config yaml ..... [03:21] http://cloudinit.readthedocs.io/en/latest/topics/modules.html#set-passwords [03:21] http://paste.ubuntu.com/p/RQ4c4hgTHX/ [03:21] the rest of the file looks like valid yaml. [03:22] I don't mean to sound like a novice user. I've worked with everything from UML to KVM and everything in between. This software is just giving me a lot more trouble than I normally run into [03:23] It is a bit disconcerting if I'm honest. I usually don't have to jump into IRC [03:23] hrm, what gives with ssh_genkeytypes: ~ [03:23] syslog_fix_perms: ~? [03:23] Can I safely remove those? [03:24] I could never pin that down [03:24] yes unknown config keys are ignored [03:24] They were included in the default cloud.cfg for the distro as far as I remember [03:25] as per the other keys, you are mixing two things. [03:25] The only part I am solid on is the growroot [03:25] The rest is just trying to make it run without messing up the system [03:25] Please run without doing anything else essentially [03:25] tr3l: /etc/cloud/cloud.cfg is system configuration information. [03:26] which differs from #cloud-config user-data [03:26] I have no idea what any of that means [03:26] You lost me completely [03:26] ok sorry 'bout that [03:26] I thought you were trying originally to provide user-data to your instance which cloud-init reacts to [03:27] I am trying to use cloud-init to resize VM disks if they are a different size on boot [03:27] Nothing else [03:27] I've been able to do that by editing the /etc/cloud/cloud.cfg file with the contents in pastebin [03:27] Unfortunately, an update or something has caused it to start disabling root so now I'm trying to fix that or find why it is happening [03:27] right that minimally enables/disables various config modules [03:28] minimally for resize I think you need: [03:28] - growpart [03:28] - resizefs [03:28] - disk_setup [03:28] growroot works as is [03:28] It just won't stop randomly disabling root login [03:28] I should note that the network portion of the config there is entirely ignored [03:29] I had to use this: [03:29] cd /etc/cloud/cloud.cfg.d/ [03:29] [root@server3 cloud.cfg.d]# cat 99-disable-network-config.cfg [03:29] network: {config: disabled} [03:29] To make it leave the network alone [03:29] I am not sure why [03:31] Trying this now: [03:31] cat 97-disable-root-mods.cfg [03:31] disable_root: 0 [03:31] [root@server3 cloud.cfg.d]# cat 98-disable-root-mods.cfg [03:31] disable_root: false [03:31] might check /var/lib/cloud/instance/user-data* or /var/lib/cloud/instance/vendor-data* [03:31] Both are empty [03:31] those files generally contain configuraiton that could override any config you write on disk [03:32] ok .... I do have to bail for a dinner date but hopefully http://cloudinit.readthedocs.io/en/latest/topics/modules.html can help a bit [03:32] says this? [03:32] From nobody Sat Jun 23 00:03:23 2018 [03:32] Content-Type: multipart/mixed; boundary="===============8880678780223518493==" [03:32] MIME-Version: 1.0 [03:32] Number-Attachments: 1 [03:32] --===============8880678780223518493== [03:32] MIME-Version: 1.0 [03:32] Content-Type: text/x-not-multipart [03:32] Content-Disposition: attachment; filename="part-001"