For on-prem images, we recommend using the NoCloud data source:

https://cloudinit.readthedocs.io/en/latest/topics/datasources/nocloud.html

On-prem images also support the AltCloud, ConfigDrive, and OVF
cloud-init data sources. More information on datasources at:

https://cloudinit.readthedocs.io/en/latest/topics/datasources.html#datasource-documentation


The seed image for NoCloud can be generated by writing two YAML files,
meta-data and user-data, and making them part of an ISO image. This ISO
needs to be attached to the virtual machine on first boot. More information on
generating the seed ISO is at:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/amazon-linux-2-virtual-machine.html


-----BEGIN meta-data SAMPLE------
local-hostname: amazonlinux.onprem

# eth0 is the default network interface enabled in the image. You can
# configure static network settings with an entry like below.

network-interfaces: |
  iface eth0 inet static
  address 192.168.1.10
  network 192.168.1.0
  netmask 255.255.255.0
  broadcast 192.168.1.255
  gateway 192.168.1.254
-----END meta-data SAMPLE------

-----BEGIN user-data SAMPLE------
#cloud-config
# vim:syntax=yaml
users:
# A user by the name ec2-user is created in the image by default.
- default
# The following entry creates user1 and assigns a plain text password.
# Please note Security best practises recommend not using plain text password.
  - name: user1
    gecos: test user1 with plain passwd configured and sudo nopasswd enabled
    groups: sudo
    sudo: ['ALL=(ALL) NOPASSWD:ALL']
    plain_text_passwd: < plain text password here >
    lock_passwd: false
# The following entry creates user2 and attaches a hashed password to the user.
# Hashed passwords can be generated with the following command on Amazon Linux 2:
# python -c 'import crypt,getpass; print crypt.crypt(getpass.getpass())'
  - name: user2
    gecos: test user2 with hashed passwd configured
    passwd: < hashed password here >
    lock_passwd: false
# The following entry creates user3, disables password-based login and enables an SSH public key.
  - name: user3
    gecos: test user3 with SSH key configured
    ssh-authorized-keys:
      - ssh-public-key-information
    lock_passwd: true
chpasswd:
  list: |
    ec2-user:<plain text password here>
# In the above line, do not add any spaces after 'ec2-user:'.

# NOTE: Cloud-init applies network settings on every boot by default. To retain network settings from first
boot, uncomment the following ‘write_files’ section:
#write_files:
#  - path: /etc/cloud/cloud.cfg.d/80_disable_network_after_firstboot.cfg
#    content: |
#       # Disable network configuration after first boot
#       network:
           config: disabled
-----END user-data SAMPLE------


To build seed.iso from user-data and meta-data files:

$ genisoimage  -output seed.iso -volid cidata -joliet -rock user-data meta-data