Cloud-Init is an open-source cloud initialization program, which initializes some of the customized configurations of a newly created ECS, such as the hostname, key pair, and user data.

All standard (Standard_xxx) and enterprise (Enterprise_xxx) images support Cloud-Init. Only certain community images (Community_xxx) do not support it.

Using Cloud-Init to initialize your ECSs will affect your ECS, IMS, and AS services.

Impact on IMS

To ensure that ECSs created using a private image support customized configurations, you must install Cloud-Init or Cloudbase-Init on the ECSs before using them to create private images.

  • For Windows OSs, download and install Cloudbase-Init.

  • For Linux OSs, download and install Cloud-Init.

After being installed in an image, Cloud-Init or Cloudbase-Init automatically configures initial attributes for the ECSs created using this image.

For more information, see Image Management Service User Guide.

Impact on ECS

Impact on AS

  • When creating an AS configuration, you can use the User Data function to specify ECS configurations for initialization. If the AS configuration has taken effect in an AS group, the ECSs newly created in the AS group will automatically initialize their configurations based on the specified ECS configurations.

  • For an existing AS configuration, if its private image does not have Cloud-Init or Cloudbase-Init installed, the login mode of the ECSs created in the AS group where the AS configuration takes effect may fail to take effect.

    To resolve this issue, see "How Does Cloud-Init Affect the AS Service?" in Auto Scaling User Guide.


  • When using Cloud-Init, enable DHCP in the VPC to which the ECS belongs.

  • When using Cloud-Init, ensure that security group rules for the outbound direction meet the following requirements:

    • Protocol: TCP

    • Port: 80

    • Destination:


    If you use the default security group rules for the outbound direction, the metadata can be accessed because the default rules meet the preceding requirements. Default security group rules for the outbound direction are as follows:

    • Protocol: All

    • Port: All

    • Destination: