Instance User Data Injection

2025-11-24 08:24:52

Scenario

When you need to simplify the configuration of Elastic Cloud Server through scripts, initialize the system via scripts, upload existing scripts when creating Elastic Cloud Server, or complete other functions that require scripts, you can consider using the instance custom data injection function to configure the Elastic Cloud Server.

Limitations

Windows

· The image used to create an Elastic Cloud Server must have the cloud-init component installed.

· Custom data size limit of instance: 16 KB or less.

· If you upload custom data in text, the data can only contain ASCII characters. If you upload custom instance data as a file, you can upload only a file in text/* format and the file size must be 16 KB or less.

· You must use the public image, the private image that inherits from the public image, or the private image on which the cloud-init component is installed.

· The instance custom script must meet the format requirements of the corresponding Elastic Cloud Server custom script type.

Linux

· The image used to create an Elastic Cloud Server must have the Cloudbase-init component installed.

· Custom data size limit of instance: 16 KB or less.

· If you upload custom instance data in text, the data can only contain ASCII characters. If you upload custom data to an instance, you can use a file to contain any characters and the file size must be 16 KB or less.

· You must use the public image, the private image that inherits from the public image, or the private image on which the Cloudbase-init component is installed.

How to Use Instance Custom Data

1. Write User-Data scripts according to the actual needs, the script format must comply with the relevant specifications of Cloud-init/Cloudbase-init website.

2. When creating an Elastic Cloud Server, paste the instance custom data script content in the text box of Advanced Configuration > User Data > Configure Now > As Text, or choose to upload it as a file.

Description

Instance custom data injection supports two methods:

· Text: Paste the instance custom data script content into the text box.

· File: Save the instance custom data script content to a text file and then upload it.

3. After the system creates an Elastic Cloud Server, the Elastic Cloud Server will automatically execute the Cloud-init or Cloudbase-init component and read the instance custom data script.

Instance Custom Data Script of Windows Elastic Cloud Server

The instance custom data script of Windows Elastic Cloud Server is implemented using the open source cloudbase-init architecture (for details, see Cloud-init open source description), which utilizes the Elastic Cloud Server metadata as the data source to implement automatic configuration and initialization script execution for the Elastic Cloud Server. The following is a detailed description and usage example of the instance custom data script for Windows Elastic Cloud Server:

· Script types: including "Batch program" and "PowerShell script".

-	Batch Program	PowerShell Script
Format	Start with "rem cmd" as the first line, with no space in front of it.	Before Base64 encoding, start with "#ps1" as the first line, with no spaces in front of it.
Restrictions	Before Base64 encoding, the script content (including the first line) cannot exceed 16KB.	Before Base64 encoding, the script content (including the first line) cannot exceed 16KB.

· View the custom data injected into Windows Elastic Cloud Server:

1. Log in to the ECS.

2. Execute the following command to view instance custom data with root privileges:

http://169.254.169.254/openstack/latest/user_data

· Example of script usage:
This example describes how to enter the script of Windows Elastic Cloud Server in different formats and view the results of script execution.

Example: PowerShell Script

1. When creating an Elastic Cloud Server, select the Text form and enter the following instance custom data script:

2. #ps1

3. echo "Hello, Powershell Test" > C:\aaaa.txt

4. After the creation is successful, connect and start the Elastic Cloud Server, and check the results of script execution in the C:\ drive: a text document named "aaaa" will be created.

5. To view the instance custom data injected into the Windows Elastic Cloud Server, you can access it in a browser:

http://169.254.169.254/openstack/latest/user_data

Instance Custom Data Script of Linux Cloud Server

The instance custom data script of Linux Elastic Cloud Server is implemented using the open source cloud-init architecture (for details, see Cloud-init open source description), which utilizes the cloud server metadata as the data source to implement automatic configuration. The following is a detailed description and usage example of the instance custom data script for Linux Elastic Cloud Server:

· Script execution time: After the Elastic Cloud Server state changes to "Running", but before executing the /etc/init file.

· Script type: Instance custom data script supports two types: "User-Data Script" and "Cloud-Config Data".

-	User-Data Script	Cloud-Config Data
Description	Use script as a means of custom configuration, which can be Shell script or Python script.	Use cloud-init's predefined method to configure certain services of the cloud server, such as yum source, SSH key, etc.
Format	The first line must start with "#!" (e.g. "#!/bin/bash" or "#!/usr/bin/env python"), with no spaces in front of it. When starting for the first time, execute at the level of rc.local-like, which means later in the boot sequence.	The first line must start with "#cloud-config", with no spaces in front of it.
Restrictions	Before Base64 encoding, the script content (including the first line) cannot exceed 16KB.	Before Base64 encoding, the script content (including the first line) cannot exceed 16KB.
Frequency	Only execute once when starting the Elastic Cloud Server for the first time.	The frequency of execution varies depending on the configured services.

· To view the injected instance custom data:

1. Log in to the ECS.

2. Execute the following command to view instance custom data with root privileges:

curl http://169.254.169.254/openstack/latest/user_data

· Example of script usage:

This example describes how to enter the script of Linux Elastic Cloud Server in different formats and view the results of script execution.

Example 1: The script type of User-Data Script

1. When creating an Elastic Cloud Server, select the Text form and enter the following instance custom data script:

#!/bin/bash

echo "Hello, the time is now $(date -R)" | tee /root/output.txt

2. After the creation is successful, connect and start the Elastic Cloud Server and execute the command cat /root/output.txt to view the results of script execution:

[root@XXXXXXXX ~]# cat /root/output.txt

Hello, the time is now Mon, 03 Jul 2023 14:49:08+0800

Example 2: The script type of Cloud-Config Data

1. When creating an Elastic Cloud Server, select the Text form and enter the following instance custom data script:

2. #cloud-config

3. bootcmd:

4. - echo 192.168.1.130 us.archive.ubuntu.com >> /etc/hosts

5. After the creation is successful, connect and start the Elastic Cloud Server and execute the command cat /etc/hosts to view the results of script execution.

Case 1

The following is an example of resetting the Linux Elastic Cloud Server password through instance custom data injection.

Assuming that you want to reset the password of the root user to "******", the new password must meet the password complexity requirements, as shown in Table 1 Password Setting Rules below:

Table 1 Password Setting Rules

Parameter	Rule	Example
Password	· Password length ranges from 8 to 26 characters. · Password should contain at least 3 of the following 4 characters: Uppercase letter Lowercase letter Number Windows OS cloud server special characters: including "$", "!", "@", "%", "-", "", "=", "+", "[", "]", ": ",".","/",","and"?" Linux OS cloud server special characters: including "!", "@", "%", "-", "", "=", "+", "[", "]", ":", ". ", "/", "^", ",", "{", "}" and "?" · Password cannot contain username or reverse order of username. · Windows OS cloud server cannot contain more than two consecutive characters in the username.	UTX8@81JCA.1d8sd

Please follow the example below to inject instance custom data (please strictly adhere to the indentation standards in the example below):

#cloud-config

chpasswd:

list: |

root:******

expire: False

After successfully creating the Elastic Cloud Server, you can use the reset password to log in to the Elastic Cloud Server. To ensure password security, it is recommended that you change the password of the root user after logging into the Elastic Cloud Server for the first time.

Case 2

The following is an example of adding a user and setting a password for a Windows Elastic Cloud Server through instance custom data injection.

Assuming that you want to create a regular user with username abc and password "*******", then add it to the administrators user group.

Description

The new password must meet the password complexity requirements, as shown in Table 1 Password Setting Rules.

Please follow the example below to inject instance custom data:

rem cmd

net user abc ****** /add

net localgroup administrators abc /add

After successfully creating the Elastic Cloud Server, you can use the newly created username and password to log in to the Elastic Cloud Server. Please ensure that the password meets the password complexity requirements.

Case 3

The following is an example of updating the system package and starting the httpd service for the Linux Elastic Cloud Server through instance custom data injection.

Please follow the example below to inject instance custom data:

#!/bin/bash

yum update -y

service httpd start

chkconfig httpd on

After the injection is successful, your Elastic Cloud Server will update the system software package and start the httpd service. You can use the httpd service by accessing the public IP address of the Elastic Cloud Server. Please make sure your operating system supports the yum package manager and has the httpd service installed.

Case 4

The following is an example of activating root user remote login privileges for the Linux Elastic Cloud Server through instance custom data injection.

Example of instance custom data injection:

#cloud-config

disable_root: false

runcmd:

- sed -i 's/^PermitRootLogin.*$/PermitRootLogin without-password/' /etc/ssh/sshd_config

- sed -i '/^KexAlgorithms.*$/d' /etc/ssh/sshd_config

- service sshd restart

After the injection is successful, you will be able to use the SSH key to log in to the Elastic Cloud Server as the root account. The custom data in this example uses the cloud-config format and executes a series of commands via the runcmd field, including modifying the configuration in the /etc/ssh/sshd_config file and restarting the sshd service to make the changes take effect.

Description

Activating the root user's remote login privileges may pose security risks. It is recommended that you disable the root user's remote login privileges after completing necessary tasks to improve system security.