If you did not migrate your account yet, visit https://idp-portal-info.suse.com/
Configuration of openSUSE MicroOS and openSUSE Kubic with cloud-init
- 1 Configuration of openSUSE MicroOS and openSUSE Kubic with cloud-init
- 1.1 Datasource LocalDisk
- 1.2 Datasource NoCloud
- 1.3 meta-data
- 1.4 user-data
- 1.4.1 Header
- 1.4.2 Add Authorized SSH Keys
- 1.4.3 Set Passwords
- 1.4.4 Add custom repository and configure zypper
- 1.4.5 Timezone
- 1.4.6 Hostname
- 1.4.7 Nameserver
- 1.4.8 Salt Minion
- 1.4.9 NTP Server
- 1.4.10 Keyboard layout
- 1.4.11 openSUSE Kubic Kubeadm Node
- 1.4.12 openSUSE Kubic Cluster Node
- 1.4.13 runcmd statement
- 2 Example configuration for openSUSE MicroOS
The system will be configured with cloud-init during the boot phase. The following datasources are configured and called in this order: LocalDisk, NoCloud, OpenStack, None.
This datasource reads the configuration files from the local disk. The required configuration files are meta-data, user-data and optional vendor-data, and must be located at the root of your local disk.
The NoCloud datasource can be configured to look for configuration data on a local storage or a remote network source.
Remote Network Source
For a remote network source, the URL needs to be specified during boot at the kernel command line: cloud-init-url=http://my.example.com/cloud.cfg
The format of the file is:
#cloud-config datasource: NoCloud: # default seedfrom is None # if found, then it should contain a url with: # <url>user-data and <url>meta-data # seedfrom: http://my.example.com/<path>/
The content of the URL is stored in /etc/cloud/cloud.cfg.d/91_kernel_cmdline_url.cfg and will not be overwritten, even if the URL on the kernel commandline changes.
To setup the network to access configuration files on the network local configuration files can be used. NoCloud will search on all devices, which do not contain a partition table and contain a vfat or iso9660 filesystem. The filesystem volume label must be cidata.
So this could be a ISO-image, USB-Stick or an unpartitioned harddisk.
instance-id: iid-abcde001 network-interfaces: | auto eth0 iface eth0 inet dhcp
The instance-id is used to determine if this is "first boot”. So if changes are made to the configuration, this has to be changed.
The auto eth0 in the network configuration part means, that the network configuration should be started automatically during boot phase. In this example, the interface `eth0` is configured for dhcp.
A static network configuration would look like:
network-interfaces: | auto eth0 iface eth0 inet static address 192.168.1.10 network 192.168.1.0 netmask 255.255.255.0 broadcast 192.168.1.255 gateway 192.168.1.1
#cloud-config debug: True disable_root: False
All user-data configuration files have to start with the line #cloud-config. To get debug output, set debug: True. If you want to login with a root password and not only ssh keys, set disable_root: False.
Add Authorized SSH Keys
ssh_deletekeys: False ssh_pwauth: True ssh_authorized_keys: - ssh-rsa XXXKEY email@example.com
ssh_deletekeys: False tells cloud-init not to delete old private and public keys of the host. The default is True, which means existing keys will be deleted and new ones generated. This is a bad idea, since ssh will complain about changed or wrong keys the next time you try to login after the cloud-init configuration has changed.
ssh_authorized_keys adds the public ssh keys to the authorized_keys file of of the default user. If not specified otherwise, this is root.
ssh_pwauth: True allows to login via ssh with a password, if a password is set. ssh_pwauth: False would prevent that.
chpasswd: list: | root:linux expire: True
This will set the password for root to linux. The variable expire defines, if the user as to change the password at the first login or not. expire: True means, he has to change the password with the first login. Instead of a clear text password it's also possible to specify a hashed password:
chpasswd: list: | account:$6$salt$hash
Add custom repository and configure zypper
Here is how you can add a custom repository of your choice:
zypper: repos: - id: tumbleweed-oss name: os-oss baseurl: http://download.opensuse.org/tumbleweed/repo/oss/ enabled: 1 autorefresh: 1 - id: tumbleweed-oss-sources name: os-oss-sources baseurl: http://download.opensuse.org/tumbleweed/repo/src-oss/ enabled: 0 - id: tumbleweed-update name: os-update baseurl: http://download.opensuse.org/update/tumbleweed/ enabled: 1 autorefresh: 1 config: reposdir: /etc/zypp/repos.dir servicesdir: /etc/zypp/services.d download.use_deltarpm: true # any setting in /etc/zypp/zypp.conf
This option adds an additional custom software repository to the system, in this case the Tumbleweed OSS and update repositories. All options valid for *.repo files for zypper are valid options.
Set the timezone for this instance. The value of timezone must exist in /usr/share/zoneinfo.
hostname: myhost fqdn: myhost.example.com
manage_resolv_conf: true resolv_conf: nameservers: ['18.104.22.168', '22.214.171.124'] searchdomains: - foo.example.com - bar.example.com domain: example.com options: rotate: true timeout: 1
salt_minion: conf: master: salt.example.com public_key: | -----BEGIN PUBLIC KEY----- XXX -----END PUBLIC KEY----- private_key: | -----BEGIN RSA PRIVATE KEY----- XXX -----END RSA PRIVATE KEY-----
The Salt Minion is only available and used with openSUSE Kubic, not with openSUSE MicroOS
ntp: servers: - ntp1.example.com - ntp2.example.com - ntp3.example.com runcmd: - /usr/bin/systemctl enable --now ntpd
With this configuration, ntp is configured during the first boot to use three ntp servers. Additionally, the ntp service is enabled and started immediately. There can only be one time service running on a system at the same time. systemd-timesyncd, chrony or other time services need to be disabled first.
runcmd: - /usr/bin/localectl set-keymap de-latin1-nodeadkeys
The keyboard layout is set to the German layout with nodeadkeys.
openSUSE Kubic Kubeadm Node
Configuration of the openSUSE Kubic kubeadm node is currently not implemented.
openSUSE Kubic Cluster Node
Configuration of an openSUSE Kubic Cluster Node with cloud-init is currently not implemented.
There can only be one runcmd: statement in the user-data file. All different ones have to be grouped together to one.
Example configuration for openSUSE MicroOS
If you install with YaST2 or autoyast, you don't need to configure the network, update channel, user accounts and passwords or something similar. But you could still use cloud-init for fine tuning and additional configurations. If you use ready-to-run virtualisation images, you need something like the following. This example can be enhanced with all other valid cloud-init options.
instance-id: iid-MICROOS01 network-interfaces: | auto eth0 iface eth0 inet dhcp
#cloud-config debug: True disable_root: False ssh_pwauth: True ssh_deletekeys: False ssh_authorized_keys: - ssh-rsa AAAAxxx== firstname.lastname@example.org chpasswd: list: | root:$6$salt$hash expire: False zypper: repos: - id: tumbleweed-oss name: os-oss baseurl: http://download.opensuse.org/tumbleweed/repo/oss/ enabled: 1 autorefresh: 1 - id: tumbleweed-update name: os-update baseurl: http://download.opensuse.org/update/tumbleweed/ enabled: 1 autorefresh: 1 config: download.use_deltarpm: true