Skip to content

Instantly share code, notes, and snippets.

@syntaqx
Last active November 10, 2024 20:04
Show Gist options
  • Save syntaqx/9dd3ff11fb3d48b032c84f3e31af9163 to your computer and use it in GitHub Desktop.
Save syntaqx/9dd3ff11fb3d48b032c84f3e31af9163 to your computer and use it in GitHub Desktop.
cloud init / cloud config to install Docker on Ubuntu
#cloud-config
# Option 1 - Full installation using cURL
package_update: true
package_upgrade: true
groups:
- docker
system_info:
default_user:
groups: [ docker ]
packages:
- apt-transport-https
- ca-certificates
- curl
- gnupg
- lsb-release
- unattended-upgrades
runcmd:
- mkdir -p /etc/apt/keyrings
- curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
- echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
- apt-get update
- apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
- systemctl enable docker
- systemctl start docker
final_message: "The system is finally up, after $UPTIME seconds"
#cloud-config
# Option 2: Simplified, using the default package
package_update: true
package_upgrade: true
groups:
- docker
system_info:
default_user:
groups: [docker]
packages:
- docker.io
- unattended-upgrades
final_message: "The system is finally up, after $UPTIME seconds"
@Roming22
Copy link

Roming22 commented Feb 7, 2021

Line 34 should be

add-apt-repository "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

in order to work on any architecture (e.g. arm64 for RaspberryPi).

@syntaqx
Copy link
Author

syntaqx commented Apr 1, 2021

Line 36 should be:

  - apt-get install -y docker-ce docker-ce-cli containerd.io

Yep - I second that. Without the -y the install prompts for user input and ultimately fails

Updated.

@syntaqx
Copy link
Author

syntaqx commented Apr 1, 2021

Line 34 should be

add-apt-repository "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

in order to work on any architecture (e.g. arm64 for RaspberryPi).

Updated

@ngaffa
Copy link

ngaffa commented Jul 30, 2021

@UromPLAt
Copy link

UromPLAt commented Jun 7, 2022

Why create a user named 'ubuntu'? it should already exist in the system.
doing so might mess with the existing user (disabling login in example)

@syntaqx
Copy link
Author

syntaqx commented Jun 7, 2022

Why create a user named 'ubuntu'? it should already exist in the system. doing so might mess with the existing user (disabling login in example)

Did you run into any issues with this? This ended up being necessary for the use case when I originally created this, but might no longer be.

@UromPLAt
Copy link

UromPLAt commented Jun 7, 2022

Why create a user named 'ubuntu'? it should already exist in the system. doing so might mess with the existing user (disabling login in example)

Did you run into any issues with this? This ended up being necessary for the use case when I originally created this, but might no longer be.

Yeah...basically killed my EC2 env.
I think because of this: lock_passwd: true
Basically the AMI of Ubuntu comes with the user 'ubuntu'

Running this cloud-init locked this user for login, so I was left with an EC2 machine that I can't SSH into

I ended up simplifying this part to:

groups:
  - docker

users:
 - name: ubuntu
 - groups: docker

It just created a docker group and adds 'ubuntu' to it

@syntaqx
Copy link
Author

syntaqx commented Jun 7, 2022

Yeah...basically killed my EC2 env. I think because of this: lock_passwd: true Basically the AMI of Ubuntu comes with the user 'ubuntu'

Running this cloud-init locked this user for login, so I was left with an EC2 machine that I can't SSH into

I ended up simplifying this part to:

groups:
  - docker

users:
 - name: ubuntu
 - groups: docker

It just created a docker group and adds 'ubuntu' to it

You should've still been able to ssh into the user with keys, just not with passwords, but not all usecases match everyone's goals. I'm glad you were able to get it working for your usecase though!

@UromPLAt
Copy link

UromPLAt commented Jun 7, 2022

I wasn't able to, I used a key..

@RomanDanyk
Copy link

You can instruct cloud-init to preserve the default user:

users:
  - default
  - second_user

Read more in the cloud-init documentation.

# Default user creation:
#
# Unless you define users, you will get a 'ubuntu' user on Ubuntu systems with the
# legacy permission (no password sudo, locked user, etc). If however, you want
# to have the 'ubuntu' user in addition to other users, you need to instruct
# cloud-init that you also want the default user. To do this use the following
# syntax:
#   users:
#     - default

@syntaqx
Copy link
Author

syntaqx commented Jul 26, 2022

Appreciate the comment! This is a pretty old cloud-init file, so the one I use these days has changed quite a bit, but the reason the user was explicit was to ensure that the user was added to the right group, which I believe the default user did not have.

@syntaqx
Copy link
Author

syntaqx commented Sep 15, 2022

Thanks for all the feedback over time, I've updated the script with some latest goodies, and hope that the latest form maps more closely with some of the information regarding the default_user as well as the latest recommended docker installation commands and packages (and removed the resolv_conf usage as this is probably not the best place for it right now)

@MarkusOstermayer
Copy link

MarkusOstermayer commented Nov 10, 2024

Thanks for updating it over time 👍

Changing line 25 from

https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

to

https://download.docker.com/linux/$(lsb_release -is | tr '[:upper:]' '[:lower:]') $(lsb_release -cs) stable"

allows you to use this cloud-init on debian aswell.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment