@BSmithITGuy said in Ubuntu 22.04.5 custom template - additional steps missing from documentation:
If you are trying to create an Ubuntu template and are having trouble on XCP-NG 8.3 (some or all probably applies to previous versions), keep reading.
Very nice. Very thorough. This inspired me to share a relevant part of my cleanup script. Maybe it will be of some additional help to everyone:
echo "Resetting machine ID..."
> /etc/machine-id
rm -f /etc/machine-info
echo "Cleaning APT cache..."
apt-get clean
echo "Removing netplan configuration..."
# Ubuntu < 24.04
rm -f /etc/netplan/00-installer-config.yaml
# Ubuntu >= 24.04
rm -f /etc/netplan/50-cloud-init.yaml
echo "Cloud-init cleanup..."
if [[ -f "/etc/cloud/clean.d/99-installer" ]]; then
chmod a-x /etc/cloud/clean.d/99-installer
fi
# Ubuntu < 24.04
rm -f /etc/cloud/cloud.cfg.d/99-installer.cfg /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg
# Ubuntu >= 24.04
rm -f /etc/cloud/cloud.cfg.d/90-installer-network.cfg
if [[ -x "$(command -v cloud-init)" ]]; then
cloud-init clean --logs --seed
else
echo " No cloud-init detected. Skipping cloud-init cleanup!"
fi
echo "Removing SSH host keys..."
find /etc/ssh/ -type f -name 'ssh_host_*' -delete
The code is self explanatory but here are some additional tips:
It's nice to do cleanup of APT cache. This will free up some space but also force the user to update APT cache on first run after VM has been provisioned. If APT cache is not cleaned, it will grow stale over time inside a template and, after some time, package installation in new VMs will start to break. Doing apt update before any package installation is good practice but people tend to easily forget it. This will force them to do it.
Ubuntu installer relies on some cloud-init config for some first boot setup which has to be removed if cloud-init is to be used once again for provisioning VMs. You correctly identified these files for removal but there is a difference in Ubuntu older than 24.04 and Ubuntu 24.04 and newer.
The reason I do chmod a-x /etc/cloud/clean.d/99-installer is to prevent cloud-init from removing /etc/cloud/ds-identify.cfg when doing cloud-init clean (default behavior). Because I override the default /etc/cloud/ds-identify.cfg, I don't want cloud-init clean to remove it. I remove all the other files explicitly. Additional note, /etc/cloud/clean.d/99-installer should not be removed. It should just be chmoded because it is part of the cloud-init package and will reappear on cloud-init package update.
It's better to use cloud-init clean --logs --seed command to clean any runtime cloud-init leftovers and logs instead of removing them explicitly like rm -rf /var/lib/cloud/instance.
SSH host keys should be removed so that they can be regenerated on first boot of newly provisioned VM. If you don't do it, all your VMs will have same host keys which could be considered as security issue.