Monday, December 21, 2009

RFC: Boot-time configuration syntax for UEC/EC2 images

As part of the Boot-time configuration for UEC/EC2 images specification a configuration file can be passed to instances as user-data to customize some part of the instance without writing and maintaining custom scripts.

The goal is to support most common operations done on instance boot as well as help to bootstrap the instance to be part of an existing configuration management infrastructure.

It currently supports:

  • apt configuration

  • package installation


Other requested features looked into include:

  • runurl support

  • ssh host keys setup


Should these be included as well?

Here is an example of a configuration file (using YAML as the syntax):
# Update apt database on first boot
# (ie run apt-get update)
#
# Default: true
#
apt_update: false

# Upgrade the instance on first boot
# (ie run apt-get upgrade)
#
# Default: false
#
apt_upgrade: true

# Add apt repositories
#
# Default: none
#
apt_sources:

# PPA shortcut:
#  * Setup correct apt sources.list line
#  * Import the signing key from LP
#
#  See https://help.launchpad.net/Packaging/PPA for more information
#
- source: "ppa:user/ppa"    # Quote the string

# Custom apt repository:
#  * Creates a file in /etc/apt/sources.list.d/ for the sources list entry
#  * [optional] Import the apt signing key from the keyserver
#  * Defaults:
#    + keyserver: keyserver.ubuntu.com
#    + filename: 00-boot-sources.list
#
#    See sources.list man page for more information about the format
#
- source: "deb http://archive.example.org lucid main restricted" # Quote the string
keyid: 12345678 # GPG key ID published on a key server
keyserver: keyserver.example.org
filename: 01-mirror-example.org.list

# Custom apt repository:
#  * The apt signing key can also be specified
#    by providing a pgp public key block
#  
#  The apt repository will be added to the default sources.list file:
#  /etc/apt/sources.list.d/00-boot-sources.list
#
- source: "deb http://mirror.example.net/karmic/ ./" # Quote the string
key: | # The value needs to start with -----BEGIN PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.0.10

mI0ESXTsSQEEALuhrVwNsLIzCoaVRnrBIYraSUYCJatFcuvnhi7Q++kBBxx32JE487QgzmZc
ElIiiPxz/nRZO8rkbHjzu05Yx61AoZVByiztP0MFH15ijGocqlR9/R6BMm26bdKK22F7lTRi
lRxXxOsL2GPk5gQ1QtDXwPkHvAhjxGydV/Pcf81lABEBAAG0HUxhdW5jaHBhZCBQUEEgZm9y
IE1hdGhpYXMgR3VniLYEEwECACAFAkl07EkCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAK
CRANXKLHCU0EIIJHBAC1NCwdLwchCPIQU2bd562/YWcB7QSgYD3j+Llqm8v6ghFQ0Bdygbn1
M6tzpwDiPxXQfZRqGhJsluCVHGLCQYNm0HDNisP4+YrZF3UkmAXDwZuh8K3LmvUPM+lLY8YJ
1qnFHp3eN9M8/SYEFN0wlaVAurZD13NaU34UePd46vPtzA==
=eVIj
-----END PGP PUBLIC KEY BLOCK-----

# Add apt configuration files
#  Add an apt.conf.d/ file with the relevant content
#
#  See apt.conf man page for more information.
#
#  Defaults:
#   + filename: 00-boot-conf
#
apt_conf:

# Creates an apt proxy configuration in /etc/apt/apt.conf.d/01-proxy
- filename: "01-proxy"
content: |
Acquire::http::Proxy "http://proxy.example.org:3142/ubuntu";

# Add the following line to /etc/apt/apt.conf.d/00-boot-conf
#  (run debconf at a critical priority)
- content: |
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt -p critical|| true";

# Provide debconf answers
#
# See debconf-set-selections man page.
#
# Default: none
#
debconf_selections: |     # Need to perserve newlines
# Force debconf priority to critical.
debconf debconf/priority select critical

# Override default frontend to readline, but allow user to select.
debconf debconf/frontend select readline
debconf debconf/frontend seen false

# Install additional packages on first boot
#
# Default: none
#
packages:
- openssh-server
- postfix

I would like to get feedback on the format as well as ideas for other features, either on the wiki page or in the comments section.

2 comments:

  1. It would be *very* nice to be able to set the hostname (FQDN), so that it would integrate even more nicely with the puppet stuff, too.

    ReplyDelete
  2. Having the hostname (FQDN) would be very good. In fact I'm having a huge problem right now as it seems that the FQDN if not being set at all in UEC. This is breaking a lot of packages that expect things like "hostname -f" to return something valid.

    This seems to also make Chef not work properly and the Ubuntu apt install of RabbitMq-server fails among others.

    ReplyDelete