Uploaded image for project: 'OpenStack as Infra'
  1. OpenStack as Infra
  2. OSASINFRA-3974

GH-orc-591: Cloud-init not injected

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • ORC
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • rhos-conplat-osasinfra

      Originally posted on Github: https://github.com/k-orc/openstack-resource-controller/issues/591

      Summary
      I'm trying to use OpenStack Resource Controller (ORC) to create a Server with cloud-init user data provided via a Kubernetes Secret.

      When I create a VM manually in Horizon with the same image, flavor, network and the same cloud-init script, cloud-init runs correctly (user is created, commands are executed).
      When I create the VM via ORC with spec.resource.userData.secretRef, the instance boots, but cloud-init behaves as if there is no user-data at all (no user created, no commands run, no SSH key injected).

      From the instance console log of the ORC-created VM I always see:

      ci-info: no authorized SSH keys fingerprints found for user rocky.

      On the manually created VM I do not see that line, and my cloud-init script runs as expected.

      Environment

      ORC version: 2.3.0
      Kubernetes version: v1.31.13+k3s1
      OpenStack version: 12.5.0
      OS / image: Rocky Linux 9 (cloud image with cloud-init 24.4-4.el9.0.1)
      Namespace for ORC resources: orc-system

      What I'm trying to do
      Create a Server via ORC that:

      Uses an existing image, flavor, network, subnet and security group default
      Uses cloud-init to:

      create a user with an SSH key
      optionally run some commands (e.g. write a file / install packages)

      The same cloud-init YAML works when pasted in Horizon's "Custom Script" during instance creation.

      Relevant manifests
      1. Secret with cloud-init user-data
      apiVersion: v1
      kind: Secret
      metadata:
      name: sample-cloudinit
      namespace: orc-system
      type: Opaque
      stringData:
      user-data: |
      #cloud-config
      users:

      • name: appuser
        gecos: Application User
        groups: [sudo]
        shell: /bin/bash
        sudo: ["ALL=(ALL) NOPASSWD:ALL"]
        lock_passwd: true
        ssh_authorized_keys:
      • <REDACTED_PUBLIC_SSH_KEY>

      runcmd:

      • [ sh, -c, "echo 'hello from ORC cloud-init' > /root/hello-orc.txt" ]

      #####2. Server manifest

      apiVersion: openstack.k-orc.cloud/v1alpha1
      kind: Server
      metadata:
      name: test-2
      namespace: orc-system
      spec:
      managementPolicy: managed
      cloudCredentialsRef:
      secretName: az-clouds-rm1
      cloudName: openstack
      resource:
      name: test-2
      imageRef: os-rocky-linux9-x86-64-uefi
      flavorRef: g3-24-rm1
      ports:

      • portRef: port-test
        userData:
        secretRef: sample-cloudinit

              Unassigned Unassigned
              shiftstack OpenShift On OpenStack
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: