You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Feature reference

Unable to render Jira issues macro, execution error.


Config drive is an ISO file that is mounted as a cd-rom on a user VM and contains the user VM related userdata, metadata (incl. ssh-keys) and password files.

This work is loosely based on previous work on config drive for Cloudstack as described in “DHCP/DNS offload and Config drive support for adv shared network“. And extended from shared networks to all networks.

ConfigDrive content

Extra data is added to the VM profile to enable the creation of the config drive:

  1. VMdata - a list of String arrays representing [“directory”, “filename”, “content”] on the ConfigDrive device.

    • <mountdir>/cloudstack

      • /metadata:

        • availability_zone.txt  

        • instance_id.txt     

        • service_offering.txt

        • cloud_identifier.txt  

        • local_hostname.txt  

        • vm_id.txt

        • public_keys.txt

      • /password

        • vm_password.txt

        • vm_password_md5checksum (for windows VM’s)

  2. label, which is configurable in global settings:

    • name : vm.configdrive.label

    • default: config

ConfigDrive network element

A new provider “ConfigDrive, implementing the userdata service, will be made available to create, update and delete the ConfigDrive ISO on the secondary store.

  • When triggered to create userdata

    • the vmdata is created and added to the virtual machine profile. As is the ConfigDrive label fetched from the global settings.

    • The secondary store agent is triggered to create the ISO file.

    • At successful creation the ISO file is added as a new disk to the virtual machine profile


  • An update of userdata/password/ssh-keys has a few extra steps as some hypervisors don’t handle the update of the ISO file, while attached to the virtual machine, very well.

    • Detach ISO

    • Update

    • Re-attach

For update of userdata it is important the user VM does not keep the ConfigDrive cdrom mounted all the time as update will fail if the ConfigDrive cdrom is in use by the user VM.


  • The ConfigDrive ISO file is removed from the secondary store up on release of the default nic and, if still necessary, at VM expunge time.

ISO creation

The ConfigDrive network element in the management server triggers the Secondary Storage VM to build the ISO.

The metadata, userdata en password information associated with the VM are used to create the above directory structure in a the base directory /tmp/<VM-NAME>/configdrive/. Then the genisoimage utility is used to create the ISO file. The temporary data is removed as soon as the ISO is created. The ISO is stored on the secondary storage at


ConfigDrive/<vmName>/configdrive.iso


Creating the ISO file implies that the SystemVM needs the genisoimage package installed and the cloudstack software updated.

ConfigDrive availability

  • At VM start the config drive iso is attached on 2nd cd/dvd drive of the user instance, such that any other iso image (e.g. boot image or vmware tools) get mounted on 1st cd/dvd drive. This means existing functionality of supporting 1 cd/dvd drive is still available.

  • At Password reset or update userdata, Secondary Storage VM will rebuild the ConfigDrive iso. That is the existing ISO is mounted on a temporary directory, password, userdata or ssh-keys are updated and a new ISO is build from the updated directory structure.

    • In case of password reset the new password will be picked-up at VM start

    • To access updated userdata the user needs to remount the config drive cdrom

  • As a VM is stopped the ConfigDrive network element will trigger the Secondary Storage VM  to remove the ISO from the secondary storage

  • Since the ISO is available on the second storage there is no need for an extra implementation in case of migration


Enable config drive

To use the config drive the network offering must have the “ConfigDrive” provider selected for userdata service.

If the networkoffering uses ConfigDrive for userdata and the template is password enabled, the password string for the VM is placed in password.txt file and it is included in the ISO.

To enable the ConfigDrive functionality on VPC tiers a few extra changes are required:

  • Update the UI to allow the selection of the ConfigDrive provider when creating a VPC network offering for Vpc tiers.

  • Add ConfigDrive as a supported provider for VPC.

Accessing data in the ConfigDrive

Accessing ConfigDrive depends on the guest VM OS. The guest VM template needs to be adapted to retrieve the password from the config drive i.s.o. the Virtual router. It is also possible to  enable both options.

  1. Windows VM
    For  windows VM the ISO is mounted automatically. So user can browse through the files in the ConfigDrive cd.

  2. Linux VM

Config drive iso is created by-label under /dev/disk/by-label/config.
It can be found using
blkid -t LABEL='config‘ /dev/xvdb: LABEL="config" TYPE="iso9660"
or
blkid -t LABEL=”config” /dev/disk/by-id/*

Hypervisor support

This feature will be implemented and tested for KVM and ESXI.


  • No labels