Description of the metadata API

Tilaa has implemented an Amazon EC2 compatible metadata service. Just like Amazon EC2, it's running at http://169.254.169.254/

The metadata service is most commonly used to bootstrap servers at first boot, using a tool like cloud-init or cloud-config.

 

Three types of metadata

Descriptive metadata

Describes a resource for purposes such as discovery and identification. It can include elements such as title, abstract, author, and keywords.

Structural metadata

Indicates how compound objects are put together, for example, how pages are ordered to form chapters.

Administrative metadata

Provides information to help manage a resource, such as when and how it was created, file type and other technical information, and who can access it. There are several subsets of administrative data; two that are sometimes listed as separate metadata types are:

- Rights management metadata, which deals with intellectual property rights.
- Preservation metadata, which contains information needed to archive and preserve a resource.

 

Query metadata service from your VPS

You can query the metadata service from your VPS, for example using curl commands:

$ curl http://169.254.169.254/latest/meta-data/instance-id50977499-7c1c-477e-957f-0ecb2e1327bf

 

Tools which can consume information from the Amazon EC2 metadata service, are compatible with the Tilaa platform. For example, the puppet tool Facter, which gathers system information to assist in configuration management, also supports our metadata service out of the box:

$ facter ec2_instance_id 50977499-7c1c-477e-957f-0ecb2e1327bf

Configuration Examples

Adding groups and users

The following example adds the ubuntu group with members 'root' and 'sys' and an empty group called cloud-users

groups:
- ubuntu: [root, sys]
- cloud-users

Adding users to the system

Users are added after groups are added.
Please note: most of these configuration options will not be honored if the user already exists.
I've given some examples for you to use below:

users:
- default
- name: foobar
gecos: Foo B. Bar
primary_group: foobar
groups: users
selinux_user: staff_u
expiredate: '2032-09-01'
ssh_import_id: foobar
lock_passwd: false
passwd: YOURP@SSW0RDHERE
- name: barfoo
gecos: Bar B. Foo
sudo: ALL=(ALL) NOPASSWD:ALL
groups: users, admin
ssh_import_id: None
lock_passwd: true
ssh_authorized_keys:
- <ssh pub key 1>
- <ssh pub key 2>
- name: cloudy
gecos: Magic Cloud App Daemon User
inactive: '5'
system: true
- name: fizzbuzz
sudo: False
ssh_authorized_keys:
- <ssh pub key 1>
- <ssh pub key 2>
- snapuser: joe@joeuser.io
- name: nosshlogins
ssh_redirect_user: true


The following options are the exceptions and they are applicable to already-existing users:
'plain_text_passwd', 'hashed_passwd', 'lock_passwd', 'sudo', 'ssh_authorized_keys', 'ssh_redirect_user'.

For more in-depth information you could check cloud-init's documentation.

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.