search

florianutz / ubuntu2004_cis

Ubuntu CIS Hardening Ansible Role
MIT License
108 stars 67 forks source link

Cloud-init problem #32

Closed PerkinTahmaz closed 2 years ago

PerkinTahmaz commented 2 years ago

Describe the bug After running the script on digital ocean droplet, and after taking a snapshot of the droplet, and creating a new droplet from the snapshot causes the new droplet to lose its public network connectivity because the changed network values can't be applied by digital ocean cloud-init. To Reproduce Steps to reproduce the behavior:

  1. Create a droplet on DO
  2. Run the script
  3. Snapshot the droplet
  4. Create new droplet from the snapshot
  5. You will observe that the machine has no internet connectivity because the cis harden somehow disables cloud-init function.

Expected behavior

  1. Create a droplet on DO
  2. Run the script
  3. Snapshot the droplet
  4. Create new droplet from the snapshot
  5. Cloud-init applied the new public ip settings to netplan config.

Software (please complete the following information):

PerkinTahmaz commented 2 years ago

I know this couldn't be a bug, there is probably flag for this. Could you please direct me on how to achieve this?

florianutz commented 2 years ago

DO provides a web shell for droplets. Log in there and search the logs for errors

PerkinTahmaz commented 2 years ago

Hello, after using this script the web shell is unavailable also. I have tested multiple times. There is no way to enter the droplet.

florianutz commented 2 years ago

Did you invest some more time in your problem to support the community? I have tried it several times now and cannot recreate your problem on digital ocean. it works without errors.