Home Nutanix Calm Linux VM cloud-init for Nutanix Calm

Linux VM cloud-init for Nutanix Calm

October 22, 2018 comments off

Nutanix Calm does guest customization with cloud-init for Linux VMs. Most the docs discuss using keys for increased security, but for quick tests I wanted to use password auth.  To do this I modified cloud-init within the Nutanix Calm Blueprint.  This will setup the user devmin, allow SSH access, and set the password.

#cloud-config

#set hostname
hostname: supernode
fqdn: supernode.devmin.local
manage_etc_hosts: true

#edit sshd config to allow password authentication 
ssh_pwauth: True

#create user
users:
  - name: devmin
    groups: sudo
    shell: /bin/bash
    lock_passwd: false
    passwd: $6$j212wezy$7H/1LT4f9/N3wpgNunhsIqtMj62OKiS3nyNwuizouQc3u7MbYCarYeAHWYPYb2FT.lbioDm2RrkJPb9BZMN1O/
    sudo: ["ALL=(ALL) NOPASSWD:ALL"]

Taking things a step further Nutanix Calm has built in macros and I wanted to use macros instead of the static config.  Since passwd is expecting a salted hash password the macro wasn’t being passed correctly and cloud-init was failing.  I was successful working around this by using chpasswd after creating the user.  This below allows cloud-init to use the credentials set in the Nutanix Calm Blueprint.

#cloud-config

#set hostname
hostname: supernode
fqdn: supernode.devmin.local
manage_etc_hosts: true

#edit sshd config to allow password authentication 
ssh_pwauth: True

#create user
users:
  - name: "@@{cred.username}@@"
    groups: sudo
    shell: /bin/bash
    lock_passwd: false
    sudo: ['ALL=(ALL) NOPASSWD:ALL']

#set password    
chpasswd:
 list: |
   @@{cred.username}@@:@@{cred.secret}@@
 expire: False

If you are not familiar with cloud-init you can review it here

About the Author: devmin

systems architect with interest in automation, k8s, linux, devops, bash, real estate, anonymity