How to prepare a Cloud-Init Templates with Proxmox

This is an article about the preparation of Cloud-Init images for a Proxmox server to ease the deployment and setup of Virtual Machines. It covers a few common operating system environments such as Ubuntu, Debian, and CentOS.

The article is updated a few times a year or so.

Normally Cloud-Init is installed like so:

apt-get install cloud-init

However, many distributions offers ready-to-use Cloud-Init images as .qcow2 files. For Ubuntu, go here:
https://cloud-images.ubuntu.com/

The one we’re after is animal-server-cloudimg-amd64.img

I’ve included scripts for Ubuntu, CentOS 7, and Debian. There are a number of steps per image. All that changes is the VM ID 9xxx and the download file. Carefully check your syntax if you’re copy these configurations. Typically you don’t want these Image IDs to overlap because it will making things hard to find.

Install Cloud-Init If No Guest Tools

If you can’t find the virt-customize command on your system, you’ll have to install the tools first:

apt install libguestfs-tools

The size of the guest tools on Proxmox VE is about 189 MB.

Instructions for AlmaLinux 9

The biggest challenge is AlmaLinux 9 includes /etc/ssh/sshd special include directory which overwrites PasswordAuthentication.

Try this: https://forum.proxmox.com/threads/cloud-init-replaces-overwrites-passwordauthentication.57145/

Updated Script: https://github.com/Razva/newbadmin/blob/master/proxmox/cloudinit-generator

  • wget https://repo.almalinux.org/almalinux/9/cloud/x86_64/images/AlmaLinux-9-GenericCloud-latest.x86_64.qcow2
  • mv AlmaLinux-9-GenericCloud-latest.x86_64.qcow2 alma9.qcow2
  • virt-customize -a alma9.qcow2 –install qemu-guest-agent
  • virt-customize -a alma9.qcow2 –install parted
  • virt-customize -a alma9.qcow2 –install mc
  • virt-customize -a alma9.qcow2 –install spice-vdagent
  • guestfish -a alma9.qcow2 -i
  • check settings
  • virt-customize PasswordAuthentication? ChallengeResponseAuthentication? UsePAM? Fix cloud-init
  • qm create 9004 –memory 2048 –net0 virtio,bridge=vmbr0
  • qm importdisk 9004 alma9.qcow2 nas05
  • qm set 9004 –scsihw virtio-scsi-single –scsi0 nas05:vm-9004-disk-0
  • qm set 9004 –ide2 nas05:cloudinit
  • qm set 9004 –boot c –bootdisk scsi0
  • qm set 9004 –serial0 socket –vga serial0
  • qm template 9004
  • rename in UI to AlmaLinux-9
  • change CPU to x86-64-v2

Instructions for Debian Bookworm (9001)

Customization explanation:

  • Install the QEMU Guest Agent
  • Allow SSH PasswordAuthentication by using SED find and replace. Please note, this is a security risk. If you are going to forget to disable it after you have added keys, then rather just work with keys.
  • Install parted and mc
  • Optional but recommended:
    • Install Spice VDAgent
    • Install Mutt
  • Optional for Virtualmin quotas
    • linux-image-generic
wget https://cloud.debian.org/images/cloud/bookworm/20241004-1890/debian-12-generic-amd64-20241004-1890.qcow2
mv debian-12-generic-amd64-20241004-1890.qcow2 debian-12-generic-amd64.qcow2
virt-customize -a debian-12-generic-amd64.qcow2 --install qemu-guest-agent
virt-customize -a debian-12-generic-amd64.qcow2 --run-command "sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config"
virt-customize -a debian-12-generic-amd64.qcow2 --install parted
virt-customize -a debian-12-generic-amd64.qcow2 --install mc
Optional: virt-customize -a debian-12-generic-amd64.qcow2 --install mutt
qm create 9001 --memory 2048 --net0 virtio,bridge=vmbr0
qm importdisk 9001 debian-12-generic-amd64.qcow2 nas05
qm set 9001 --scsihw virtio-scsi-single --scsi0 nas05:vm-9001-disk-0
qm set 9001 --ide2 nas05:cloudinit
qm set 9001 --boot c --bootdisk scsi0
qm set 9001 --serial0 socket --vga serial0
qm template 9001

Follow up steps

Proxmox UI

  • Rename VM 9001 to Debian-12
  • Options
    • QEMU Guest Agent
      • Use QEMU Guest Agent
      • Run guest-trim after a disk move or VM migration
      • Protection: Yes
  • Hardware
    • VirtIO SCSI Single
    • Default Display instead of Serial

On Proxmox, you’ll also want to turn on protection and enable the QEMU Guest Agent with fstrim_cloned_disks: Enabled

Upgrade Notes

07 Oct 2024: Added new version and a mv command to make installation of generic files easier.
07 Oct 2024: mc command installation was missing. Also made mutt optional and re-arranged order.
07 Oct 2024: Added nas05

Instructions for Ubuntu Noble Numbat 24.04 (9401)

In the example below, bold indicates extra customization. Our customizations are:

  • Install the QEMU Guest Agent
  • Install Mutt
  • Allow SSH PasswordAuthentication by using SED find and replace. Please note, this is a security risk. If you are going to forget to disable it after you have added keys, then rather just work with keys.
wget https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img
virt-customize -a noble-server-cloudimg-amd64.img --install qemu-guest-agent
virt-customize -a noble-server-cloudimg-amd64.img --install mc
virt-customize -a noble-server-cloudimg-amd64.img --install linux-image-generic
virt-customize -a noble-server-cloudimg-amd64.img --install mutt
guestfish -a noble-server-cloudimg-amd64.img -i
virt-customize -a noble-server-cloudimg-amd64.img --run-command "sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes\nChallengeResponseAuthentication yes/' /etc/ssh/sshd_config"
#virt-customize -a noble-server-cloudimg-amd64.img --run-command "sed -i '/#PasswordAuthentication yes/ { s//#PasswordAuthentication yes/; a ChallengeResponseAuthentication yes' } /etc/ssh/sshd_config"
#virt-customize -a noble-server-cloudimg-amd64.img --run-command "sed -i 's/#PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config"
#virt-customize -a noble-server-cloudimg-amd64.img --run-command "sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/g' /etc/ssh/sshd_config"
qm create 9401 --memory 2048 --net0 virtio,bridge=vmbr0
qm importdisk 9401 noble-server-cloudimg-amd64.img nas02
qm set 9401 --scsihw virtio-scsi-single --scsi0 nas02:vm-9401-disk-0
qm set 9401 --ide2 nas02:cloudinit
qm set 9401 --boot c --bootdisk scsi0
qm set 9401 --serial0 socket --vga serial0
qm template 9401

Recent Changes

  • Added Kernel Image
  • Add MC
  • Comment out other SEDs

Follow up steps

On Proxmox, you’ll also want to turn on protection and enable the QEMU Guest Agent with fstrim_cloned_disks: Enabled

Instructions for Ubuntu Focal 20.04 (9002)

wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
virt-customize -a focal-server-cloudimg-amd64.img --run-command "sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes\nChallengeResponseAuthentication yes/' /etc/ssh/sshd_config"
virt-customize -a focal-server-cloudimg-amd64.img --install qemu-guest-agent
virt-customize -a focal-server-cloudimg-amd64.img --install mc
[optional for Virtualmin quotas] virt-customize -a focal-server-cloudimg-amd64.img --install linux-image-generic
qm create 9002 --memory 2048 --net0 virtio,bridge=vmbr0
qm importdisk 9002 focal-server-cloudimg-amd64.img nas05
qm set 9002 --scsihw virtio-scsi-single --scsi0 nas05:vm-9002-disk-0
qm set 9002 --ide2 nas05:cloudinit
qm set 9002 --boot c --bootdisk scsi0
qm set 9002 --serial0 socket --vga serial0
qm template 9002
  • Test
    • guestfish -a focal-server-cloudimg-amd64.img -i

Next, follow the configuration updates for Proxmox:

https://kb.vander.host/virtualization/how-to-prepare-a-cloud-init-templates-with-proxmox/#Follow_up_steps

Updates

08 Oct 2024

  • Had to revisit this template because we needed ChallengeResponse also!

07 Oct 2024

  • Change all references across the entire document of  -pci to -single
  • Added missing PasswordAuthentication search/replace
  • Added MC
  • Took away bold
  • Made italics for optional items
  • Changed 9000 to 9002
  • Changed local-lvm to nas05

virt-customize

See: https://registry.terraform.io/modules/sdhibit/cloud-init-vm/proxmox/latest/examples/ubuntu_single_vm

Instructions for CentOS 7 (9403)

wget https://cloud.centos.org/altarch/7/images/CentOS-7-x86_64-GenericCloud-2111.qcow2c
virt-customize -a CentOS-7-x86_64-GenericCloud-2111.qcow2c --install qemu-guest-agent
virt-customize -a CentOS-7-x86_64-GenericCloud-2111.qcow2c --install mc
guestfish -a CentOS-7-x86_64-GenericCloud-2111.qcow2c -i
edit /etc/cloud/cloud.cfg
change disable_root: 0, and ssh_pwauth: 1
qm create 9403 --memory 2048 --net0 virtio,bridge=vmbr0
qm importdisk 9403 CentOS-7-x86_64-GenericCloud-2111.qcow2c nas02
qm set 9403 --scsihw virtio-scsi-single --scsi0 nas02:vm-9403-disk-0
qm set 9403 --ide2 nas02:cloudinit
qm set 9403 --boot c --bootdisk scsi0
qm set 9403 --serial0 socket --vga serial0
qm template 9403

Updates

02 May 2024

01 May 2024

  • Updated version number to 9403
  • Added Midnight commander
  • Added instructions about protection mode, fs_trim, and VGA controller.
  • Added nas02 as storage
  • Worked on sed command removed ‘g’

11 Nov 2022

  • Added version 2111 instead of version 2009
  • Added both install qemu-guest-agent and PasswordAuthentication customizations
  • Changed identifier from 9001 to 9103

Instructions for Debian 10 – Buster (9104)

Change Log

04 Mar 2023

  • First version, merged from Debian 11 and CentOS 7 configurations and cloud image obtain from web
wget http://cloud.debian.org/images/cloud/buster/20230222-1299/debian-10-generic-amd64-20230222-1299.qcow2
virt-customize -a debian-10-generic-amd64-20230222-1299.qcow2 --install qemu-guest-agent 
virt-customize -a debian-10-generic-amd64-20230222-1299.qcow2 --run-command "sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config"
qm create 9104 --memory 2048 --net0 virtio,bridge=vmbr0 
qm importdisk 9104 debian-10-generic-amd64-20230222-1299.qcow2 local-lvm 
qm set 9104 --scsihw virtio-scsi-single --scsi0 local-lvm:vm-9104-disk-0 
qm set 9104 --ide2 local-lvm:cloudinit 
qm set 9104 --boot c --bootdisk scsi0 
qm set 9104 --serial0 socket --vga serial0 
qm template 9104

Instructions for Debian 11 – Bullseye (9002) – Released 14 August 2021

Source: http://cloud.debian.org/images/cloud/

wget http://cloud.debian.org/images/cloud/bullseye/20210814-734/debian-11-generic-amd64-20210814-734.qcow2
qm create 9002 --memory 2048 --net0 virtio,bridge=vmbr0
qm importdisk 9002 debian-11-generic-amd64-20210814-734.qcow2 local-lvm
qm set 9002 --scsihw virtio-scsi-single --scsi0 local-lvm:vm-9002-disk-0
qm set 9002 --ide2 local-lvm:cloudinit
qm set 9002 --boot c --bootdisk scsi0
qm set 9002 --serial0 socket --vga serial0
qm template 9002

Instructions for Ubuntu 21.04

wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64.img
qm create 9003 --memory 2048 --net0 virtio,bridge=vmbr0
qm importdisk 9003 hirsute-server-cloudimg-amd64.img local-lvm
qm set 9003 --scsihw virtio-scsi-single --scsi0 local-lvm:vm-9003-disk-0
qm set 9003 --ide2 local-lvm:cloudinit
qm set 9003 --boot c --bootdisk scsi0
qm set 9003 --serial0 socket --vga serial0
qm template 9003

Instructions for Ubuntu 22.04 (9101)

In the example below, bold indicates extra customization. The customizations are:

  • Install the QEMU Guest Agent
  • Allow SSH PasswordAuthentication by using SED find and replace. Please note, this is a security risk so be careful.
wget https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
guestfish -a jammy-server-cloudimg-amd64.img -i 
virt-customize -a jammy-server-cloudimg-amd64.img --run-command "sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/g' /etc/ssh/sshd_config"
virt-customize -a jammy-server-cloudimg-amd64.img --run-command "sed -i 's/KbdInteractiveAuthentication no/KbdInteractiveAuthentication yes/g' /etc/ssh/sshd_config"
virt-customize -a jammy-server-cloudimg-amd64.img --install qemu-guest-agent
virt-customize -a jammy-server-cloudimg-amd64.img --install spice-vdagent
virt-customize -a jammy-server-cloudimg-amd64.img --install mc
virt-customize -a jammy-server-cloudimg-amd64.img --install mutt
qm create 9101 --memory 2048 --net0 virtio,bridge=vmbr0
qm importdisk 9101 jammy-server-cloudimg-amd64.img nas02
qm set 9101 --scsihw virtio-scsi-single --scsi0 nas02:vm-9101-disk-0
qm set 9101 --ide2 nas02:cloudinit
qm set 9101 --boot c --bootdisk scsi0
qm set 9101 --serial0 socket --vga serial0 
qm template 9101

Ubuntu 22.04 Post Image defaults:

  • VirtIO SCSI single
  • iothread=1
  • Enable QEMU Guest Agent and at the same time set fstrim_cloned_disks
  • Turn on protection

Updates

10 June 2024

  • Redid Ubuntu 22.04 with the following:
    • Fixed PasswordAuthentication sed command
    • Added KbdInteractiveAuthentication yes sed replace command
    • Added command to check sed result
    • Re-ordered so that PasswordAuthentication goes first
    • Added these optional packages:
      • spice-vdagent
      • mc
      • mutt
  • Added a new section about VirtIO SCSI Single and iothread
  • Added default GA and protection

Reference

Tags

  • Updated:

Share this article

2 thoughts on “How to prepare a Cloud-Init Templates with Proxmox”

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright 2024 © All rights Reserved

Scroll to Top