From nobody Thu Jul 25 22:57:17 2024
X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WVR9w15WMz5RThB
	for <freebsd-questions@mlmmj.nyi.freebsd.org>; Thu, 25 Jul 2024 22:57:56 +0000 (UTC)
	(envelope-from dch@skunkwerks.at)
Received: from fout5-smtp.messagingengine.com (fout5-smtp.messagingengine.com [103.168.172.148])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WVR9v2mWWz4TtL
	for <freebsd-questions@freebsd.org>; Thu, 25 Jul 2024 22:57:54 +0000 (UTC)
	(envelope-from dch@skunkwerks.at)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=skunkwerks.at header.s=fm1 header.b=dfz4oXpS;
	dkim=pass header.d=messagingengine.com header.s=fm3 header.b="M J32sDp";
	dmarc=pass (policy=none) header.from=skunkwerks.at;
	spf=pass (mx1.freebsd.org: domain of dch@skunkwerks.at designates 103.168.172.148 as permitted sender) smtp.mailfrom=dch@skunkwerks.at
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
	by mailfout.nyi.internal (Postfix) with ESMTP id 13F09138016F;
	Thu, 25 Jul 2024 18:57:54 -0400 (EDT)
Received: from wimap21 ([10.202.2.81])
  by compute4.internal (MEProxy); Thu, 25 Jul 2024 18:57:54 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=skunkwerks.at;
	 h=cc:cc:content-transfer-encoding:content-type:content-type
	:date:date:from:from:in-reply-to:in-reply-to:message-id
	:mime-version:references:reply-to:subject:subject:to:to; s=fm1;
	 t=1721948274; x=1722034674; bh=R8kRZz7hiZLj7rfVRuUgcTBmMzMjqSaa
	sLT3MpxMLd8=; b=dfz4oXpSrNFp+QQXznHZxLqPhBUrUljGviPcr7JCaBFIfTfi
	DkPJTDXHJHv37eznDGvBFxqTr2kYi5NNsFLAxsJwpeLB4F0Ag9kNhFNZzi6zZfFc
	WXgl/ivIPWpEuMKm+5xkGQWczyc1aPN5NMPFZPBtldz+ogDfP+QtpVYJLzJKAAbP
	aM+AyWpHtzheEybUbT33vLf6BVCrrTVuzmF1uuHQg2EpyWsd6wVLZrvzB/LdgF6g
	qqMQbs5t997kKNV9LzPIUkseOyd7z7yukPR9yoqKF+vw7jjNvt1QesEU+8befPxY
	a81YJ6/hQfWr2NpopU4C1WjxjbJpk8OVTmiRRw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:cc:content-transfer-encoding
	:content-type:content-type:date:date:feedback-id:feedback-id
	:from:from:in-reply-to:in-reply-to:message-id:mime-version
	:references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy
	:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1721948274; x=
	1722034674; bh=R8kRZz7hiZLj7rfVRuUgcTBmMzMjqSaasLT3MpxMLd8=; b=M
	J32sDpKBMo2bFJBm+bT3fXbFQzAcMTCplZ/GypJyC5lctOhVBaMW7XUc/Y2e+/O4
	TXxQG2WZEkeKwmv6vrmU/wI4rVBUfKz8LLxSPJvTmKXuo1jcbp6xMJZiuyZZrqe3
	S3PHnzdxAtJdR1uHOfi4Atk35Pw/ySRvuM7Cd+wKB2DnsmVXKmSCigaQQPGeWNZB
	kAT7QJ29A0ruywOtVTXzo5etGoS6GockYorkmOTyz9F9pD20KNsKG3Ev/eEx/Wea
	0lXVa1KvvnxdurWJhmD+djjLD0Z0JzzuUUXGjmI4bn3Xc/syz/sRjx+ufzqAi4Us
	mNvOYohE5YXD/15A1yZVg==
X-ME-Sender: <xms:cdiiZuGNMkbeh9XVL255G68ppgR0jUT1Skw1wjtXSyvD1nhvsTwBLg>
    <xme:cdiiZvWqYIDehiRk6S39UJg_8bc1ojjXzNrCIyDVIfPKkTw2-vbwxBHEN8XcSFmCY
    qbx7tHi3hWfi3vGuA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrieeggddugecutefuodetggdotefrodftvf
    curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
    uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc
    fjughrpefofgggkfgjfhffhffvvefutgfgsehtqhertderreejnecuhfhrohhmpedfffgr
    vhgvucevohhtthhlvghhuhgsvghrfdcuoegutghhsehskhhunhhkfigvrhhkshdrrghtqe
    enucggtffrrghtthgvrhhnpeeiveelgeekgeeufeeuhfefhfduvedthfegfeeugfdtkeef
    ffevieevheeuheekheenucffohhmrghinheptghlohhuugdqihhnihhtrdhiohdpfhhrvg
    gvsghsugdrohhrghdpudeiledrvdehgedrudeiledrvdehgedpghhithhhuhgsrdgtohhm
    necuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepuggthh
    esshhkuhhnkhifvghrkhhsrdgrthdpnhgspghrtghpthhtoheptd
X-ME-Proxy: <xmx:cdiiZoJA_Yl9KOlVJMatTHWWf0u25UwlONtrh-ZkRodfUyjqLsHrCg>
    <xmx:cdiiZoGvhMHD6ggpie-VJAbjZWWW0wFecQ8BnuuG9nLYU-pdwiNAAA>
    <xmx:cdiiZkVkXIDGOaG8wrF6zMuuCxdkI8Z89rSydJB7499K_-AR3Yz2QQ>
    <xmx:cdiiZrNL72_uNZy-MOBLHnTKo_KJb5HBTbLtizvMJinCgunc06PSgg>
    <xmx:ctiiZvfJF_P9UTlVNytdfaMDEob-1IsyM9md3JFGsSXRpLhJzvdwxjwI>
Feedback-ID: ic0e84090:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501)
	id AFA0A37A0084; Thu, 25 Jul 2024 18:57:53 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.11.0-alpha0-582-g5a02f8850-fm-20240719.002-g5a02f885
List-Id: User questions <freebsd-questions.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-questions
List-Help: <mailto:questions+help@freebsd.org>
List-Post: <mailto:questions@freebsd.org>
List-Subscribe: <mailto:questions+subscribe@freebsd.org>
List-Unsubscribe: <mailto:questions+unsubscribe@freebsd.org>
X-BeenThere: freebsd-questions@freebsd.org
Sender: owner-freebsd-questions@FreeBSD.org
MIME-Version: 1.0
Message-Id: <841999d9-7e4a-41c1-93b9-c927f28ed41a@app.fastmail.com>
In-Reply-To: <fb2f4ea3-7c05-43f6-9f9c-af93c4aa54a9@sentex.net>
References: <fb2f4ea3-7c05-43f6-9f9c-af93c4aa54a9@sentex.net>
Date: Thu, 25 Jul 2024 22:57:17 +0000
From: "Dave Cottlehuber" <dch@skunkwerks.at>
To: "Mike Tancsa" <mike@sentex.net>
Cc: freebsd-questions <freebsd-questions@freebsd.org>
Subject: Re: cloud init documentation ?
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.09 / 15.00];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	SUBJECT_ENDS_QUESTION(1.00)[];
	NEURAL_HAM_SHORT(-1.00)[-1.000];
	DMARC_POLICY_ALLOW(-0.50)[skunkwerks.at,none];
	R_DKIM_ALLOW(-0.20)[skunkwerks.at:s=fm1,messagingengine.com:s=fm3];
	R_SPF_ALLOW(-0.20)[+ip4:103.168.172.128/27];
	MIME_GOOD(-0.10)[text/plain];
	RCVD_IN_DNSWL_LOW(-0.10)[103.168.172.148:from];
	XM_UA_NO_VERSION(0.01)[];
	FREEFALL_USER(0.00)[dch];
	MIME_TRACE(0.00)[0:+];
	ARC_NA(0.00)[];
	DWL_DNSWL_NONE(0.00)[messagingengine.com:dkim];
	ASN(0.00)[asn:209242, ipnet:103.168.172.0/24, country:US];
	RCVD_COUNT_THREE(0.00)[3];
	RCPT_COUNT_TWO(0.00)[2];
	FROM_EQ_ENVFROM(0.00)[];
	FROM_HAS_DN(0.00)[];
	RCVD_TLS_LAST(0.00)[];
	TO_MATCH_ENVRCPT_SOME(0.00)[];
	MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org];
	TO_DN_ALL(0.00)[];
	DKIM_TRACE(0.00)[skunkwerks.at:+,messagingengine.com:+]
X-Rspamd-Queue-Id: 4WVR9v2mWWz4TtL

On Wed, 24 Jul 2024, at 19:08, mike tancsa wrote:
> I gave the cloud-init image a spin, but beyond adding some users, I am=20
> not able to get packages added or even runcmd or bootcmd to execute.=C2=
=A0=C2=A0=20
> This is using the FreeBSD-14.1-RELEASE-amd64-BASIC-CLOUDINIT-zfs.raw=20
> image from the FreeBSD download directory.=C2=A0 Where can I find=20
> documentation on what is supported ?
>
> Is there also a way to test the config beyond deploying and seeing if =
it=20
> works or not ?
>
>  =C2=A0=C2=A0=C2=A0 ---Mike

hi Mike

cloudinit is somewhat cryptic. Please post whatever cloud-config or
user-data file you're using, what cloud provider, what cloudinit
version is in your freebsd image.

With the caveat that I've not specifcally used these CLOUDINIT images,
here's what I know about cloudinit itself on FreeBSD.

For cloudinit to work, you have to have a DataSource that provides
user data to cloudinit. Virtualbox or bhyve don't do this automatically.

You can test via qemu, or via jail, but you need to set up a DataSource,
either on the network, or on the local filesystem (good for testing).

Here's a qemu example:

https://docs.cloud-init.io/en/latest/howto/run_cloud_init_locally.html

For jails, see https://people.freebsd.org/~dch/posts/2024-07-25-cloudini=
t/
for details, and let me know if anything is awry.

TLDR: install jail, add cloudinit, add 3 files, zfs snapshot, restart ja=
il

(or restart both dsidentify, and cloudinit)

# /usr/local/etc/cloud/cloud.cfg.d/00_nocloud.cfg
datasource_list: ['NoCloud']
datasource:
  NoCloud:
    seedfrom: file:///root/cloud/
network:
  config: disabled
  timeout: 1

# /root/cloud/meta-data empty file or just copy what your cloud issues

# /root/cloud/user-data
#cloud-config
... your stuff here

I have tested all of these against cloud-init-23.3 from ports quarterly:

```yaml
#cloud-config
# deploy ssh key to primary user
# create a new account, one true shell, sudo, join wheel
users:
  - default
  - name: ansible
    groups: wheel
    shell: /bin/sh
    sudo: 'ALL=3D(ALL) NOPASSWD:ALL'
    ssh_authorized_keys:
      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJZ0cNlRkFRRleUZhFjIZYJ2p7h7=
wNWvODGBLEzfSfvr
# touch an arbitrary file very early on
write_files:
- content: |
    awesome
  path: /var/tmp/cloudinit_was_here
# run an arbitrary command which happens after that
bootcmd:
  - echo excellent | tee -a /var/tmp/cloudinit_was_here
# run an arbitrary command later on
runcmd:
  - echo fantastic | tee -a /var/tmp/cloudinit_was_here
packages:
  - www/gurl
```

this gives the expected (sorted) output in /var/tmp/cloudinit_was_here:

awesome
excellent
fantastic

latest cloudinit 24.2 also works, but now bootcmd runs before write_file=
s,
so the above output is missing 'excellent', and there are some issues
in handling datasources, because the dsidentify tool that handles that
is written in shell, and cannot process valid yaml.

In my experience, every cloudinit release has minor breakage. Mina has
made extensive progress over the last couple of years improving FreeBSD
support, with upstream.

We should actively support nuageinit (merci bapt@) in FreeBSD src, which
is missing the following features used above:

- bootcmd (early cmd)
- runcmd (late cmd)
- packages
- write_files
- fetching metadata from e.g. http://169.254.169.254/ style urls

[nuageinit]: https://cgit.freebsd.org/src/commit/?id=3D16a6da44e28d
[cloudinit]: https://github.com/canonical/cloud-init/issues?q=3Dfreebsd

A+
Dave