View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us

Guides - Using Cloud-Config Files to Configure a Server

Updated

Linux virtual machines equipped with a tailored set of resources designed to run any cloud-based workload.

Create a Linode account to try this guide with a $ credit.
This credit will be applied to any valid services used during your first  days.

Cloud-config files are supported by our Metadata service and are used by cloud-init to automate server configuration. This guide covers creating cloud-config files, common modules, and examples to help get you started.

Syntax

Cloud-config data is written using the YAML syntax, a commonly used data serialization format that’s more user-friendly and human-readable than alternatives (like JSON). YAML consists of key-value pairs. Each key is entered on its own line and a colon (:) is used to separate the key from its value. The scope of the key is defined by its indentation. To learn more about YAML, review the latest YAML specification.

Cloud-Config Modules

A cloud-config file must contain #cloud-config as the first line. Following that, you can utilize the keys provided by any of the cloud-init modules. Review the remaining sections of this guide for a list of common modules and how to configure them. For a full list of modules/keys, review cloud-init Module Reference.

Create a New User and Restrict Root Access

One of the most common security tasks for every new system deployment is configuring user accounts. This includes creating a limited user account for the system administrator, adding them to the sudo group, and enabling the user to log in over SSH using a public key instead of a password.

  • users (list): Configure user accounts (Reference | Example)
    • name (string): The name of the user.
    • passwd (string): The hash of the password you want to configure for this user.
    • groups (string): The name of the group the user should belong to.
    • sudo: Define a sudo rule string or set to False to deny sudo usage.
    • lock_passwd (boolean): If true (the default setting), prevents logging in with a password for that user.
    • ssh_authorized_keys (list): A list containing the public keys that should be configured for this user.
1
2
3
4
5
6
7
8

#cloud-config
users:
- name: example-user
  groups: sudo
  sudo: ALL=(ALL) NOPASSWD:ALL
  shell: /bin/bash
  ssh_authorized_keys:
  - [insert-public-key]

Update System

Updating the system is another common task that’s performed after a system is deployed.

  • package_update (boolean): Updates the apt database (cloud-init Docs)
  • package_upgrade (boolean): Upgrades the software on your system (by running the yum or apt upgrade command) (cloud-init Docs)
1
2
3

#cloud-config
package_update: true
package_upgrade: true

Install a Software Package

Almost all workloads running on a Compute Instance require additional software to be installed. You can automatically install software packages by adding them to your cloud-config file.

1
2
3
4
5

#cloud-config
packages:
- nginx
- mysql-server
- php

Run a Command

  • runcmd (list): Runs the specified commands during the first boot (cloud-init Docs)
1
2
3

#cloud-config
runcmd:
- mkdir ~/new-folder/

Write to a File

  • write_files (list): (cloud-init Docs)
    • content: The entire content to include in the file.
    • path: The path for the file. If a file already exists at this location, it is overwritten.
    • permissions: Defines the file permissions in octal format (ex: 0644).
1
2
3
4
5
6
7
8
9

#cloud-config
write_files:
- content: |
    <html>
    <h1>Hello world!</h1>

    <p>This is the content of my web page.</p>
    </html>    
  path: /var/www/html/index.html

This page was originally published on

Your Feedback Is Important

Let us know if this guide was helpful to you.