Problems with Bare Metal Install in Data Center (Specifically cloud-config.yml)

I am trying to do a RancherOS install on my colocated bare metal server at my Data Center. The DC has download the latest rancheros.ios (0.44, I believe), and made it available to my server on CD.

I am able to boot and log in (rancher/rancher) without a problem. I am following this guide:

So, I think I understand that I need to create a cloud-config.yml file, I believe I know how to create it, and I think, to get me started, that I need nothing more than my SSH keys. However, therein lies the rub.

My RancherOS.iso does not have any networking, so how is one suppose to get a previously created SSH key into the cloud-config.yml file? OK, so what about creating the key on RancherOS, then simply copying it off…no network. Well, then, I’ll just copy and paste…no copy/paste functionality on IPKVM.

What am I missing? I then thought maybe I could leave my server “open to the world” for a few seconds, and log into the new machine with rancher/rancher, until I read this: “After you install RancherOS to disk, the rancher/rancher user/password will no longer be valid, unless you’ve booted off the ISO again, and you’ll need to have added in SSH keys within your cloud config file.”

I searched the forums, and found: How to install RancherOS.?
But, the solution was scp…no network, no scp.

Do I really have to manually copy however thousand many characters in an SSH key into the cloud-config.yml file?!

Sorry for not knowing much about RancherOS…I am hoping to learn!!


  • Paul

Just checking in…am I missing something basic, and everyone is saying, “duh…” and rushing on to the next good question, or is this actually a difficult question?

Please point out the, “duh” if I am missing it, this is my first ever RancherOS install attempt…it seems like this would be a fairly standard use and installation request (RancherOS to be installed on a bare metal server), so hopefully if it isn’t a straightforward problem someone can give me some pointers?

In essence the question I have is, how do I get to a point where I can install RancherOS on my bare metal server drive from the rancheros.iso, and can assess my server via ssh passwordless or ssh user/password, given that my RancherOS ISO does not have networking, does not have persistent storage, and does not have a way to access it via SSH. I do have console access. Thoughts?


  • Paul

Hey Paul,

I’m also currently trying to install RancherOS on a bare metal server so maybe we can both help each other out. I found the Docs to be all over the place and not very helpful… missing some critical steps. Makes me feel incredibly dumb to not be able to perform a simply install. A step by step guide on how to get an install of RancherOS going would be great.

I was able to get networking to work by just plugging in the server to the network. It received a dhcp address automatically and displayed that ip address after it finished booting. What do you get if you do a “ifconfig eth0”?

As soon as you get your networking to work, you can ssh into the machine using rancher@ip-address and the password rancher. You can then configure your ssh key into cloud-config.yml as follows:

“ros config set ssh_authorized_keys ‘[ssh-rsa AAA…]’”

And you can verify with “ros config export” and install with “ros install -c /var/lib/rancher/conf/cloud-config.yml -d /dev/sd*”

The problem I’m having is that even with my ssh key in the cloud-config, it is still asking for a password when I try to ssh into it, after the install and after it reboots. The Docs say that it should just log you in without asking for a password. This is not the case and the default rancher/rancher login does not work. I’m currently locked out of the brand new install of RancherOS :frowning:

Hey Chris!

Thanks for your reply. Nice to know I am not alone and apparently not missing the obvious.

Since my server is collocated directly into the internet, I don’t have a DHCP server to hand out an IP address to either the ISO or the new RancherOS machine. Typically I would just go in after my install (of whatever OS), use the root/password I set up during the install (or the default), and configure/SCP my SSH keys from there, remove root password login, etc. Or, for that matter, the ISO install usually allows you to set up networking, too! But I can’t even get to that step, because, as you, I’m locked out of my server as well since I don’t have networking, and only have IPKVM console access with user/password login.

What I am working on now, is that RancherOS apparently comes with a pair of (hopefully valid) ssh keys. I went ahead and installed RancherOS onto the VDisk of a VM on my local network; now I am going to boot the ISO back up and try to pull off the private key, import it to my SSH client, and see if I can SSH into the RancherOS VM. If that works, I can then do the same thing in the DataCenter…maybe, if networking is set up…which it probably won’t be (but I think I read somewhere about how to tell the ISO to set it up on the server). I really need to be able to have user/password access into RancherOS!!!

I guess my only hope is to either figure out how to make the ISO configure network on the server for me and hope the preinstalled SSH keys work, or hack the ISO so that it either doesn’t disable rancher/rancher (best).

I guess I understand why it is a 0.44RC software; not quite ready for primetime. I really wanted to try RancherOS, but maybe I should just move forward with CoreOS or Snappy or Atomic.

I don’t understand why the decision to disable the rancher/rancher user/password was made…any sysadmin worth anything knows the first thing you do is change the password and/or username. Every other distribution either asks you or assigns a default that you change as soon as you install…

Well, I’ll stay in touch until success or I give up and move on to one of the other minimal OS’s. Thanks again for letting me know I’m not alone!

  • Paul

Hey Guys,

I’ve deployed a fair few rancher installs to bare metal through ISO’s mounted to the servers.
I’ll see if i can write something up ‘proper’ soon, in the meantime, below is an extract of the documentation we use, you may need to adjust it but hopefully it helps.
(These instructions are for an environment without DHCP, DHCP should be easier if you have that).


  • Log in through the iLo (see the BladeSystem Overview page for access details.)
  • Mount the image and boot
  • If you have previously installed RancherOS on this host it may have auto-mounted the disk device. If that happens, you need to use fdisk to wipe the partition table, then reboot before continuing.
sudo umount /dev/sda1
sudo fdisk /dev/sda
d <enter>
w <enter>
sudo reboot

Boot Machine from ISO

After Booting

Log in with the default credentials: rancher/rancher
Use the following commands to set up the network configuration:

# disable the dhcp settings applied to all ethernet adaptors
sudo ros config set*.dhcp false
# set a new static network config
sudo ros config set <ipaddress>/<mask> # e.g.
sudo ros config set <ipaddress> # e.g.
sudo ros config set 1500
# view the new network config
sudo ros config get
Reload the networking by finding the ID of the existing networking container and restarting it:
sudo system-docker restart network

Run ip a to check that the new IP has been assigned on eth0
Ping an external server, e.g., to test network connectivity

Create your cloud config
You can manually create this, we do this once the first time then store it in git. If you need an example, i can paste one in?
We put our SSH key details in here, when the host is built you can connect straight in.

Upload configuration and install

  • SCP the cloud-config.yml to the RancherOS host home directory (/home/rancher).
  • Ensure that your public key is listed in the ssh_authorized_keys section. If it is not, please add and commit it to all cloud-configs.
#Install RancherOS to the disk
sudo ros install -c cloud-config.yml -d /dev/sda -i rancher/os:v0.4.3
# Add -f to suppress the disk related prompt
# press 'y' to install

Once complete, shutdown the host, unmount the optical drive image and turn the host back on.
RancherOS should come up and you should now be able to SSH into it:
ssh -i <privatekey> rancher@<ip>

This pretty much works for us, hope it’s of use.

1 Like

That looks like the missing piece(s) for me! Getting the network connectivity was the problem, and it looks like you’ve described that really well. I’ll give it a try over the weekend (once I finish taxes!).


PS: A cloud-config.yml might be handy, tia.

Glad it helped, bare-metal installs always present these type of issues. Never once found a nice way of doing this stuff that doesn’t involve horrible software or manual work!

hostname: SERVER_NAME
  - ssh-rsa 
  - ssh-rsa
        dhcp: false
        mtu: 1500

^ Above example of one of our servers config

I’m having trouble with the cloud config. What ever I put in it, doesn’t seem to carry over to the install. I have used your cloud config with my ssh key, but after the reboot, my ssh key does not work and my server is still getting an IP address from the DHCP server. Any ideas?

Long shot, but are you ensuring the install media is disconnected / ejected at the stage you tell the server to reboot following the install to disk?

Yes. As soon as I say Yes to reboot the machine, I remove the flash drive.

The default rancher password does not work so I know it got installed on the system.

These instructions are still not working for me. I’m using rancher 0.4.4. It appears that my install is not taking my cloud-config. I try to assign it a static IP and put my ssh key in, but after the reboot it gets an address from dhcp and I cannot log into the machine. I’ve already checked it with a yaml online checker. Can someone take a look and let me know if anything is wrong with it?

`[root@rancher conf]# cat cloud-config.yml
hostname: docker

  • ssh-rsa AAAAB3…(the rest of my sshkey) cabel@rancher
    dhcp: false
    mtu: 1500

Then I issue this:
ros install -c cloud-config.yml -d /dev/sdb
Doesn’t give me any warning about my cloud config so it must like it and I continue the install. Then I press y to restart the machine and I take out the flash drive with the rancherOS install on it. After it boots up, it gives me a different address than the one I specified. I try to log into the machine anyway with this:

ssh -i ~/.ssh/ rancher@thedhcpaddress

and I am prompted to enter a password. The password “rancher” does not work.

I cannot be the only one having this problem. I’ve checked my work 100 times. Hopefully another set of eyes can help me or perhaps it some sort of bug.

Here was my process to set this up on bare metal

boot the machine with the rancheros.iso
create a cloud-config.yml file on my desktop that contains my ssh pub key and a hostname
from the rancheros.iso prompt, do an scp of the cloud-config.yml file to the curent directory

use sudo ros install -c cloud-config.yml -d /dev/sda

after reboot do an ssh into the ip address displayed on rancheos box



RancherOS (and maybe any system that uses cloud-config.yml) is super sensitive to spacing. If there were no spaces stripped out between the output of your cat and what we see here in this question, that could positively be the problem.

Check out the spacing in the sample cloud-config.yml that Rucknar posted, and see if you can’t emulate that.

If I recall, what worked for me was each level of indention was 2 spaces. Tabs don’t work, and I don’t think more or less spaces work, though I didn’t verify that.

I did want to point out that my cloud-config.yml (working) has my key one space after the “- ssh-rsa” so, it is:
" - ssh-rsa AAAAA… paul@rancher"


  • Paul

For this step:

Which is the default password? I cannot scp to a boot from iso.

Since v0.6.0, there isn’t a default password. You can set it manually with chpasswd, or use the rancher.password kernel parameter.

1 Like

Headed down this rabbit hole myself - With no default password, I can’t log in at all to change it.

I had this problem earlier as well. What I did was after booting with the ISO, I set a new password for the rancher user like so:
[rancher@rancher ~]$ sudo passwd rancher
Changing password for rancher
New password:

This allowed me to scp my local copy of cloud-config.yml over to the rancher machine before proceeding with bare metal installation as per the docs. You might want to also run your cloud-config.yml through a YAML validator just to ensure it’s working. Hope this helps.