Just sharing some scripts used here. I hope they can help you.
Create file cloud.cfg_jammy
Change the following lines:
cloud_init_modules:
.
.
- [ssh, always]
cloud_config_modules:
.
.
- [set-passwords, always]
Download the cloud-set-guest-password-configdrive.sh script.
Create custom-networking_v2.cfg:
network:
version: 2
ethernets:
ens3:
dhcp4: true
apt install libguestfs-tools
wget
https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
virt-customize --run-command 'rm /etc/cloud/cloud.cfg' -a
jammy-server-cloudimg-amd64.img
virt-customize --upload cloud.cfg_jammy:/etc/cloud/cloud.cfg -a
jammy-server-cloudimg-amd64.img
virt-customize --mkdir /var/lib/cloud/scripts/per-boot -a
jammy-server-cloudimg-amd64.img
virt-customize --mkdir /var/lib/cloud/scripts/per-instance -a
jammy-server-cloudimg-amd64.img
virt-customize --upload
cloud-set-guest-password-configdrive.sh:/var/lib/cloud/scripts/per-boot/cloud-set-guest-password-configdrive.sh
-a jammy-server-cloudimg-amd64.img
virt-customize --upload
cloud-set-guest-password-configdrive.sh:/var/lib/cloud/scripts/per-instance/cloud-set-guest-password-configdrive.sh
-a jammy-server-cloudimg-amd64.img
virt-customize --upload
cnptia-per-instance-script.sh:/var/lib/cloud/scripts/per-instance/cnptia-per-instance-script.sh
-a jammy-server-cloudimg-amd64.img
virt-customize --upload
custom-networking_v2.cfg:/etc/cloud/cloud.cfg.d/custom-networking_v2.cfg -a
jammy-server-cloudimg-amd64.img
One important thing noted here, if you intend to use a DHCP server in this
L2 network, without static configured hosts. All VMs will be launched from
the same template and the /etc/machine-id will be the same. The DHCP client
will derivate one client id from this information. So, for all VMs, the
DHCP server thinks they are the same host, offerging the same IP. Caos!
I've read some documents and posts saying the image distributor (maybe
Canonical, distributing de qcow2 image), is the indicated figure to fix the
problem, making some configuration to reset the machine id. Indeed, if you
truncate (you cannot remove the file) /etc/machine-id and
/var/lib/dbus/machine-id, it will be generated on first boot.
Here, as the template is already uploaded and distributed to the Zone, I
made one ansible that fix this problem. But, I think you could run
virt-customize and truncate them.
Maybe:
virt-customize --run-command 'truncate -s0 /etc/machine-id
/var/lib/dbus/machine-id' -a jammy-server-cloudimg-amd64.img
Em qui., 5 de out. de 2023 às 05:57, Joan g <[email protected]> escreveu:
> Thanks wei...
>
> On Thu, 5 Oct, 2023, 13:20 Wei ZHOU, <[email protected]> wrote:
>
> > You need to add a script in the template to get password from configdrive
> > and reset user password. For example
> >
> >
> https://github.com/apache/cloudstack/blob/main/setup/bindir/cloud-set-guest-sshkey-password-userdata-configdrive.in
> >
> >
> >
> > -Wei
> >
> > On Thu, 5 Oct 2023 at 09:38, Joan g <[email protected]> wrote:
> >
> > > Hello Community,
> > >
> > > Can someone guide me on configuration that should be added to
> cloud-init
> > > settings for creating password enabled templates using configdrive in
> > > ubuntu 20,22.
> > >
> > > We need to deploy passsword and sshkey enabled templates on ubuntu that
> > > will be using L2 networks.
> > >
> > > Thanks joan
> > >
> >
>
--
__________________________
Aviso de confidencialidade
Esta mensagem da
Empresa Brasileira de Pesquisa Agropecuaria (Embrapa), empresa publica
federal regida pelo disposto na Lei Federal no. 5.851, de 7 de dezembro
de 1972, e enviada exclusivamente a seu destinatario e pode conter
informacoes confidenciais, protegidas por sigilo profissional. Sua
utilizacao desautorizada e ilegal e sujeita o infrator as penas da lei.
Se voce a recebeu indevidamente, queira, por gentileza, reenvia-la ao
emitente, esclarecendo o equivoco.
Confidentiality note
This message from
Empresa Brasileira de Pesquisa Agropecuaria (Embrapa), a government
company established under Brazilian law (5.851/72), is directed
exclusively to its addressee and may contain confidential data,
protected under professional secrecy rules. Its unauthorized use is
illegal and may subject the transgressor to the law's penalties. If you
are not the addressee, please send it back, elucidating the failure.
