Bug#850790: cloud.debian.org: Distribute Debian cloud images to LXD
On 01/13/2017 09:02 PM, Jeremy Bicha wrote: > Ok, well not having openssh-server installed is a bit unexpected for me. > > However, my main issue is with cloud-init being pre-installed. If > that's in place, I can easily add openssh-server and you can easily > remove it so it's not as important which is decided. Also, I'd prefer > to have root disabled from the beginning and log in with an admin user > account using an SSH key, which I can easily do with cloud-init. In the OpenStack image, the user is "debian", and that user can "sudo su" to root (and root is disabled by default). It's the same for Ubuntu (which uses "ubuntu" as a user, if I'm not mistaking). I expect that we do the same for all other Debian images. > I think cloud-init is more or less a standard for a basic Linux server > image these days. It's even a standard for Windows too! :) Cheers, Thomas Goirand (zigo)
Bug#850790: cloud.debian.org: Distribute Debian cloud images to LXD
> Eirik Schwenkewrites: > On Tue, 10 Jan 2017 03:19:45 -0500 Jeremy Bicha wrote: >> Package: cloud.debian.org >> >> I have set up LXD to test Ubuntu images. For more info, see Stephane's >> tutorials from last year. [1] >> >> The standard Ubuntu images are the Ubuntu cloud images. I tried >> testing a Debian image, but it was too basic to be useful without more >> work. I expected it to have openssh-server and cloud-init installed. +1 > Hi, > as a Debian/LXD user I Don *not* expect a default image to listen on the > network - especially with Lxd that has an easy to use built-in console/shell > access. As a tester, I prefer an ssh access out of the box that I can parametrize with cloud-init. I prefer to install packages over ssh as in several edge cases, cloud-init failures to install packages are harder to diagnose than the ones over ssh. > That way I can for example install and expose only opensmtpd as a public > facing mail server, and not worry that any other component (eg openssl) > allows remote login etc. We can all have our cake here, cloud-init can be configured to /remove/ packages (via a provided command). Worst case scenario you can uninstall ssh and cloud-init when you install and configure opensmtpd. > For certain deployments it might make sense to expose ssh on a "container" > or single-service/single-purpose image/vm - but not in general, IMNHO. In my case, it makes complete sense to be able to configure a container in a fully automated way but that requires cloud-init and ssh. And for the record, I did attempt several times to install cloud-init and ssh on the actual lxd images (last attempt was several weeks ago) to bootstrap and never achieved full automation :-/ Having cloud-init and ssh in lxd images will make my life better :-) Vincent
Bug#850790: cloud.debian.org: Distribute Debian cloud images to LXD
Ok, well not having openssh-server installed is a bit unexpected for me. However, my main issue is with cloud-init being pre-installed. If that's in place, I can easily add openssh-server and you can easily remove it so it's not as important which is decided. Also, I'd prefer to have root disabled from the beginning and log in with an admin user account using an SSH key, which I can easily do with cloud-init. I think cloud-init is more or less a standard for a basic Linux server image these days. Note that many of cloud-init's tasks are only run on the first boot. So installing cloud-init later does not do any good. Instead I have to configure everything by hand or by script when I already have a cloud-init config I could have used. Thanks, Jeremy Bicha
Bug#850790: cloud.debian.org: Distribute Debian cloud images to LXD
On Tue, 10 Jan 2017 03:19:45 -0500 Jeremy Bichawrote: > Package: cloud.debian.org > > I have set up LXD to test Ubuntu images. For more info, see Stephane's > tutorials from last year. [1] > > The standard Ubuntu images are the Ubuntu cloud images. I tried > testing a Debian image, but it was too basic to be useful without more > work. I expected it to have openssh-server and cloud-init installed. Hi, as a Debian/LXD user I Don *not* expect a default image to listen on the network - especially with Lxd that has an easy to use built-in console/shell access. That way I can for example install and expose only opensmtpd as a public facing mail server, and not worry that any other component (eg openssl) allows remote login etc. For certain deployments it might make sense to expose ssh on a "container" or single-service/single-purpose image/vm - but not in general, IMNHO. Best regards, Eirik Schwenke
Bug#850790: cloud.debian.org: Distribute Debian cloud images to LXD
Package: cloud.debian.org I have set up LXD to test Ubuntu images. For more info, see Stephane's tutorials from last year. [1] The standard Ubuntu images are the Ubuntu cloud images. I tried testing a Debian image, but it was too basic to be useful without more work. I expected it to have openssh-server and cloud-init installed. I think it would be good if the official Debian cloud images could be distributed as the default Debian in the LXD image archive. Using cloud-init with LXD works like this, assuming you have a cloud-init-config.yml ready. $ lxc init images:debian/stretch FOO $ lxc config set FOO user.user-data - < cloud-init-config.yml $ lxc start FOO And if you wanted to see how it works already with Ubuntu, use this first line instead: $ lxc init ubuntu:16.04 FOO [1] https://www.stgraber.org/2016/03/11/lxd-2-0-blog-post-series-012/ Thanks, Jeremy Bicha