Jump to: navigation, search



  • Images with cloud-init and heat-cfntools packages installed. It is easier to use the prebuild images from the Heat team.
  • Nova metadata server up and running
  • Heat CFN API service up and running

Walk-through in a stack's lifetime

  • The user calls the Heat API to create a stack ("heat stack-create ... myStack")
  • Heat engine generates a mime multipart data blob that will be consumed by cloud-init
  • Heat engine asks nova to create an instance with the cloud-init data
  • Nova selects a compute node to run the instance with the cloud-init data
  • When the instance boots up, it runs the cloud-init script:
  • Download the data from the metadata server
  • Splits the multiple parts into the /var/lib/cloud/ directory
  • Run the different cloud-init parts (resize the root filesystem, set the hostname, install the user's SSH key, etc.)
  • Runs the user's script (located at /var/lib/cloud/data/cfn-userdata), it can be any kind of script (Bash, Python, etc.) but at some point this script should call cfn-init.
  • cfn-init loads /var/lib/cloud/data/cfn-init-data (a copy of the Metadata->AWS::CloudFormation::Init->Config attribute from the AWS template) and can install packages, setup users & groups, create files, etc.

Note that heat-cfntools leverage the boto library and that the boto configuration is stored at /var/lib/heat-cfntools/cfn-boto-cfg on the instance.


If you can logged into the instance, look at the following files:

  • /var/log/cloud-init.log => cloud-init logs
  • /var/log/part-handler.log => logs of the Heat-specific script managing data with content-type=text/x-cfninitdata
  • /var/log/heat-provision.log => logs of the user's script including cfn-init logs

You can also query the metadata server for the user's data generated by Heat:

curl -s

Tips & tricks

Getting the private IP address within the instance

If the UserData script needs to know the private IP address of the instance, it cannot be resolved by Fn::GetAtt(instance, "PrivateIp") since it is not available when the UserData file is resolved by the Heat engine. Instead your script can get that information from the (Nova) metadata server:

curl -s

Installing cfn tools on Ubuntu cloud images

apt-get -y install python-argparse cloud-init python-psutil python-pip
apt-get -y remove python-boto
pip install 'boto==2.5.2' heat-cfntools
cfn-create-aws-symlinks -s /usr/local/bin/