Develop Reference

cloud-init: delay disk_setup and fs_setup

I have a cloud-init file that sets up all requirements for our AWS instances, and part of those requirements is formating and mounting an EBS volume. The issue is that on some instances volume attachment occurs after the instance is up, so when cloud-init executes the volume /dev/xvdf does not yet exist and it fails.
I have something like:
#cloud-config
resize_rootfs: false
disk_setup:
/dev/xvdf:
table_type: 'gpt'
layout: true
overwrite: false
fs_setup:
- label: DATA
filesystem: 'ext4'
device: '/dev/xvdf'
partition: 'auto'
mounts:
- [xvdf, /data, auto, "defaults,discard", "0", "0"]
And would like to have something like a sleep 60 or something like that before the disk configuration block.
If the whole cloud-init execution can be delayed, that would also work for me.
Also, I'm using terraform to create the infrastructure.
Thanks!

I guess cloud-init does have an option for running adhoc commands. have a look into this link.
https://cloudinit.readthedocs.io/en/latest/topics/modules.html?highlight=runcmd#runcmd
Not sure what your code looks like, but I just tried to pass the below as user_data in AWS and could see that the init script sleep for 1000 seconds... ( Just added a couple of echo statements to check later). I guess you can add a little more logic as well to verify the presence of the volume.
#cloud-config
runcmd:
- [ sh, -c, "echo before sleep:`date` >> /tmp/user_data.log" ]
- [ sh, -c, "sleep 1000" ]
- [ sh, -c, "echo after sleep:`date` >> /tmp/user_data.log" ]
<Rest of the script>

I was able to resolve the issue with two changes:
Changed the mount options, adding nofail option.
Added a line to the runcmd block, deleting the semaphore file for disk_setup.
So my new cloud-init file now looks like this:
#cloud-config
resize_rootfs: false
disk_setup:
/dev/xvdf:
table_type: 'gpt'
layout: true
overwrite: false
fs_setup:
- label: DATA
filesystem: 'ext4'
device: '/dev/xvdf'
partition: 'auto'
mounts:
- [xvdf, /data, auto, "defaults,discard", "0", "0"]
runcmd:
- [rm, -f, /var/lib/cloud/instances/*/sem/config_disk_setup]
power_state:
mode: reboot
timeout: 30
It will reboot, then it will execute the disk_setup module once more. By this time, the volume will be attached so the operation won't fail.
I guess this is kind of a hacky way to solve this, so if someone has a better answer (like how to delay the whole cloud-init execution) please share it.

Transform ansible variable value based on input

Total noob here learning Network Automation using Ansible with Jinja2.
I need to determine a range command based on the number of switches in a stack, for example, i ask for input in the playbook, something along the lines of "How many switches in your stack?" and based on that answer i would derive the range command and assign it to a variable that i can call in my playbook.
I know what i want it to do, but i just can't for the life of me figure out how to execute it in Ansible, i'm completely aware that below is wrong, but hopefully it should give you an idea of what i am trying to achieve?
vars_prompt;
- name: numberOfSwitches
prompt: 'How many switches in the stack?'
private: no
if {{ number of switches }} == '4' then
numberOfSwitches='gi1/0/1-48,gi2/0/1-48,gi3/0/1-48,gi4/0/1-48'
i can then call this variable in my jinja2 template to configure all access ports on the switch
Sorry again for my noobness :-)
EDIT
Playbook
---
- name: Generate and Deploy Configuration
hosts: switches
gather_facts: false
connection: network_cli
vars_prompt:
- name: hostname
prompt: "What is the hostname?"
private: no
- name: dataVlanID
prompt: "What is the Data Vlan ID?"
private: no
- name: dataVlanName
prompt: "What is the Data Vlan name?"
private: no
- name: voiceVlanID
prompt: "What is the Voice Vlan ID?"
private: no
- name: voiceVlanName
prompt: "What is the Voice Vlan Name?"
private: no
- name: snmpLocation
prompt: "For SNMP, where will this switch be installed?"
private: no
- name: mgmtVlanIP
prompt: "What is the management IP of this switch?"
private: no
vars:
ansible_ssh_user: staging
ansible_ssh_pass: staging
ansible_network_os: ios
enableSecret: cisco2
userName: cisco2
userPassword: cisco2
nameServerOne: 10.50.191.3
nameServerTwo: 10.50.191.131
startSwitch: 1
ntpPrefer: 10.50.191.3
ntpBackup: 10.50.191.131
tasks:
- name: Generate Running Configuration
template:
src="/etc/ansible/jinja2-template/base_with_vars.j2"
dest=/etc/ansible/config/{{ inventory_hostname }}_interface.txt
register: interface
- name: Push Configuration to Device
ios_config:
src: /etc/ansible/config/{{ inventory_hostname }}_interface.txt
notify: Write Memory
when: interface.changed
handlers:
- name: Write Memory
ios_command:
commands: wr
Hosts
[switches]
SW1 ansible_host=10.222.0.131
Jija2 Template
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone
service password-encryption
no service dhcp
!
hostname {{hostname}}
!
boot-start-marker
boot-end-marker
!
logging buffered 1000000
enable secret {{enableSecret}}
!
username {{userName}} privilege 15 secret {{userPassword}}
aaa new-model
!
!
aaa authentication login AAA_METHOD_CONSOLE local
aaa authentication login AAA_METHOD_VTY group radius local
aaa authorization commands 0 default if-authenticated
aaa authorization commands 1 default if-authenticated
aaa authorization commands 15 default if-authenticated
!
!
!
!
!
!
aaa session-id common
clock timezone AEST 10 0
!
!
!
!
no ip source-route
ip dhcp bootp ignore
!
!
ip dhcp snooping vlan 1-4094
ip dhcp snooping database flash:dhcp-snooping.db
ip dhcp snooping
ip domain-name rccprd.redland.qld.gov.au
ip name-server {{nameServerOne}}
ip name-server {{nameServerTwo}}
login block-for 120 attempts 3 within 30
login on-failure log
login on-success log
vtp domain {{hostname}}
vtp mode transparent
!
!
!
!
vlan 8
name PRD-RCC-SECURITY
!
vlan 16
name PRD-RCC-PRINTER
!
!
vlan 56
name PRD-RCC-WIFI-AD
!
vlan {{dataVlanID}}
name {{dataVlanName}}
!
vlan {{voiceVlanID}}
name {{voiceVlanName}}
!
vlan 998
name PRD_RCC_DEAD-VLAN
!
vlan 999
name PRD_RCC_NATIVE-VLAN
!
vlan 4000
name MANAGEMENT_VLAN
!
lldp run
!
!
!
!
interface Vlan4000
ip address {{mgmtVlanIP}} 255.255.255.0
no shutdown
!
!
!
!
!
flow record Scrutinizer-Record1
match datalink mac source address input
match datalink mac destination address input
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect transport tcp flags
collect interface input
collect flow sampler
collect counter bytes long
collect counter packets long
collect timestamp sys-uptime first
collect timestamp sys-uptime last
!
!
flow exporter Scrutinizer-Export1
destination 10.50.150.231
source Vlan4000
transport udp 2055
template data timeout 60
option interface-table
option exporter-stats
option sampler-table
!
!
flow monitor Scrutinizer-Monitor1
exporter Scrutinizer-Export1
cache timeout active 60
statistics packet protocol
record Scrutinizer-Record1
!
!
archive
path flash:/Config-Archive/
write-memory
memory reserve critical 4096
memory free low-watermark processor 20
memory free low-watermark IO 20
!
spanning-tree mode mst
spanning-tree extend system-id
!
spanning-tree mst configuration
name RCC-MST
instance 1 vlan 1-4094
!
spanning-tree mst 1 priority 61440
!
!
!
!
!
!
!
!
interface Port-channel1
description LACP to HO HP Core
switchport trunk allowed vlan 1,2,8,16,48,56,121,621,4000
switchport trunk native vlan 999
switchport mode trunk
ip dhcp snooping trust
!
interface range GigabitEthernet{{startSwitch}}/0/1-48
description Client Access Port
switchport access vlan {{dataVlanID}}
switchport voice vlan {{voiceVlanID}}
switchport mode access
switchport port-security maximum 10
switchport port-security violation restrict
switchport port-security aging time 1440
switchport port-security
ip flow monitor Scrutinizer-Monitor1 input
storm-control broadcast level 80.00 50.00
storm-control multicast level 80.00 50.00
storm-control action trap
spanning-tree portfast edge
!
!
ip default-gateway 10.2.0.254
!
no ip http server
no ip http secure-server
!
ip ssh time-out 10
ip ssh source-interface Vlan4000
ip ssh version 2
!
ip access-list standard SNMP-SERVERS
permit 10.50.150.232
permit 10.50.150.231
permit 10.50.150.20
permit 10.50.220.35
permit 10.50.220.28
permit 10.50.220.29
permit 10.50.220.27
deny any log
!
kron occurrence KRON-OCC-0200 at 2:00 recurring
policy-list KRON-POL-SAVE-CONFIG
!
kron occurrence KRON-OCC-0300 at 3:00 recurring
policy-list KRON-POL-SCP-CONFIG
!
kron policy-list KRON-POL-SAVE-CONFIG
cli wr
!
kron policy-list KRON-POL-SCP-CONFIG
cli copy running-config scp://admin:rgrs753jlh#10.50.40.170/{{hostname}}/
!
logging origin-id hostname
logging facility local6
logging source-interface Vlan4000
logging host 10.50.220.63
logging host 10.50.150.20
!
snmp-server group RCC-SNMP-GROUP v3 priv read SNMPv3-RO-VIEW access SNMP-SERVERS
snmp-server view SNMPv3-RO-VIEW internet included
snmp-server trap-source Vlan4000
snmp-server location {{snmpLocation}}
snmp-server contact IT Service Desk (07) 3829 8432
snmp-server chassis-id {{hostname}}
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps config
snmp-server enable traps cpu threshold
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps envmon fan shutdown supply temperature status
!
!
radius server RADIUS-POOL
address ipv4 10.50.220.62 auth-port 1645 acct-port 1646
key 7 0214325C06045D17790F28352F54260A19060B6F122D0B760631322F2719027E7C5C711A0E4C52480F706A5D5C615F54372D6C0306362C14481801280C6B401F2B
!
banner exec ^CC
#######################################################################
# This computer system is for authorised use only. #
# Users have no explicit or implicit expectation of privacy. #
# Any or all uses of this system and all data on this system may #
# be intercepted, monitored, recorded, copied, audited, inspected, #
# and disclosed to authorised sites and law enforcement personnel, #
# as well as authorised officials of other agencies. #
# By using this system, you consent to such disclosure at the #
# discretion of authorised site personnel. #
# Unauthorised or improper use of this system may result in #
# administrative disciplinary action, civil and criminal penalties. #
# By continuing to use this system you indicate your awareness of #
# and consent to these terms and conditions of use. STOP IMMEDIATELY #
# if you do not agree to the conditions stated in this warning. #
#######################################################################
^C
banner login ^CC
#######################################################################
# This computer system is for authorised use only. #
# Users have no explicit or implicit expectation of privacy. #
# Any or all uses of this system and all data on this system may #
# be intercepted, monitored, recorded, copied, audited, inspected, #
# and disclosed to authorised sites and law enforcement personnel, #
# as well as authorised officials of other agencies. #
# By using this system, you consent to such disclosure at the #
# discretion of authorised site personnel. #
# Unauthorised or improper use of this system may result in #
# administrative disciplinary action, civil and criminal penalties. #
# By continuing to use this system you indicate your awareness of #
# and consent to these terms and conditions of use. STOP IMMEDIATELY #
# if you do not agree to the conditions stated in this warning. #
#######################################################################
^C
configuration mode exclusive
!
line con 0
logging synchronous
login authentication AAA_METHOD_CONSOLE
line vty 0 4
exec-timeout 30 0
privilege level 15
logging synchronous
login authentication AAA_METHOD_VTY
length 0
transport input ssh
line vty 5 15
exec-timeout 30 0
privilege level 15
logging synchronous
login authentication AAA_METHOD_VTY
transport input ssh
!
exception memory ignore overflow processor
exception memory ignore overflow io
ntp source Vlan4000
ntp server {{ntpPrefer}} prefer
ntp server {{ntpBackup}}
!
end

The play below
- hosts: localhost
vars_prompt:
- name: numberOfSwitches
prompt: 'How many switches in the stack?'
private: no
tasks:
- set_fact:
my_switches: "{{ my_switches|default([]) +
[ 'gi' ~ item ~ '/0/1-48' ] }}"
loop: "{{ range(1, numberOfSwitches|int + 1, 1)|list }}"
- template:
src: my_switches.j2
dest: /tmp/my_switches.conf
with this template
$ cat my_switches.j2
{{ my_switches|join(", ") }}
gives
$ cat /tmp/my_switches.conf
gi1/0/1-48, gi2/0/1-48, gi3/0/1-48, gi4/0/1-48

Impossible to kill processes via SNMP

I'm trying to kill processes using SNMP.
I know that is possible setting to 4 the "status" field of a process like:
snmpset -v 2c -c community_string ipaddress 1.3.6.1.2.1.25.4.2.1.7.PID i 4
I always receive the same message:
Error in packet.
Reason: not Writable (That Object does not support modification)
Failed object: iso.3.6.1.2.1.25.4.2.1.7.PID
I don't know why, but this also happens when I use the "localhost" that normally has all the privileges. Maybe there is something wrong in my settings? This is my snmpd.conf file:
# AGENT BEHAVIOUR
#
# Listen for connections from the local system only
agentAddress udp:161
# Listen for connections on all interfaces (both IPv4 *and* IPv6)
#agentAddress udp:161,udp6:[::1]:161
###############################################################################
#
# ACCESS CONTROL
#
# system + hrSystem groups only
view systemonly included .1.3.6.1.2.1.1
view systemonly included .1.3.6.1.2.1.25.1
# Full access from the local host
rwcommunity public localhost
rwcommunity ubuntulaptop
# Default access to basic system info
rocommunity public default -V systemonly
# rocommunity6 is for IPv6
rocommunity6 public default -V systemonly
# Full access from an example network
# Adjust this network address to match your local
# settings, change the community string,
# and check the 'agentAddress' setting above
#rocommunity secret 10.0.0.0/16
# Full read-only access for SNMPv3
rouser authOnlyUser
# Full write access for encrypted requests
# Remember to activate the 'createUser' lines above
#rwuser authPrivUser priv
# It's no longer typically necessary to use the full 'com2sec/group/access' configuration
# r[ow]user and r[ow]community, together with suitable views, should cover most requirements
###############################################################################
#
# SYSTEM INFORMATION
#
# Note that setting these values here, results in the corresponding MIB objects being 'read-only'
# See snmpd.conf(5) for more details
sysLocation Sitting on the Dock of the Bay
sysContact Me <me#example.org>
# Application + End-to-End layers
sysServices 72
#
# Process Monitoring
#
# At least one 'mountd' process
proc mountd
# No more than 4 'ntalkd' processes - 0 is OK
proc ntalkd 4
# At least one 'sendmail' process, but no more than 10
proc sendmail 10 1
# Walk the UCD-SNMP-MIB::prTable to see the resulting output
# Note that this table will be empty if there are no "proc" entries in the snmpd.conf file
#
# Disk Monitoring
#
# 10MBs required on root disk, 5% free on /var, 10% free on all other disks
disk / 10000
disk /var 5%
includeAllDisks 10%
# Walk the UCD-SNMP-MIB::dskTable to see the resulting output
# Note that this table will be empty if there are no "disk" entries in the snmpd.conf file
#
# System Load
#
# Unacceptable 1-, 5-, and 15-minute load averages
load 12 10 5
# Walk the UCD-SNMP-MIB::laTable to see the resulting output
# Note that this table *will* be populated, even without a "load" entry in the snmpd.conf file

Error in packet. Reason: not Writable (That Object does not support >modification) Failed object: iso.3.6.1.2.1.25.4.2.1.7.PID
This message above is probably just what it says. The variable is a read-only and cant be edited. If the variable is writable or not is specified in the MIB. You better check the MIB first. If a variable is read-only it doesnt matter what you do.
Killing processes with SNMP, as far as i know, is not that usual. At least you usually do not do it in that way. SNMP is for managing the network. But again if you have a proprietary MIB you must check it and see what it says there.

Remove EC2's entry from resolv.conf

I have private DNS servers and I want to write them to resolv.conf with resolvconf on Debian on AWS/EC2.
There is a problem in the order of nameserver entries.
In my resolv.conf, EC2's default nameserver is always written at first line like so:
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 172.16.0.23
nameserver 10.0.1.185
nameserver 10.100.0.130
search ap-northeast-1.compute.internal
172.16.0.23 is EC2's default nameserver and others are mine.
How to remove EC2 entry? Or, how to move EC2 entry to third?
Here I have an interface file:
% ls -l /etc/resolvconf/run/interface/
-rw-r--r-- 1 root root 62 Jun 7 23:35 eth0
It seems that the file eth0 is automatically generated by dhcp so can't remove it permanently.
% cat /etc/resolvconf/run/interface/eth0
search ap-northeast-1.compute.internal
nameserver 172.16.0.23
My private DNS entry is here:
% cat /etc/resolvconf/resolv.conf.d/base
nameserver 10.0.1.185
nameserver 10.100.0.130
Please help.

I think I just solved a very similar problem. I was bothered by Amazon EC2's crappy internal DNS servers so I wanted to run a local caching dnsmasq daemon and use that in /etc/resolv.conf. At first I just did echo nameserver 127.0.0.1 > /etc/resolv.conf but then I realized that my change would eventually be overwritten by the DHCP client after a reboot or DHCP lease refresh.
What I've now done instead is to edit /etc/dhcp3/dhclient.conf and uncomment the line prepend domain-name-servers 127.0.0.1;. You should be able to use the prepend directive in a very similar way.
Update: These instructions are based on Ubuntu Linux but I imagine the general concept applies on other systems as well, even other DHCP clients must have similar configuration options.

I'm approaching this problem from the other direction (wanting the internal nameservers), much of what I've learned may be of interest.
There are several options to control name resolution in the VPC management console.
VPC -> DHCP option sets -> Create dhcp option set
You can specify your own name servers there.
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html
Be sure to attach this dhcp option set to your VPC to get it to take effect.
Alternatively (I found this out by mistake) local dns servers are not set if the following settings are disabled in VPC settings:
DnsHostnames
and
DnsSupport
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-dns.html
Settings can also be overridden locally (which you'll notice if you move instances between vpcs). /etc/dhcp/dhclient.conf
The following line might be of interest:
prepend domain-name-servers
Changes, of course, take effect on dhclient start.

How do I assign a static DNS server to a private Amazon EC2 instance running Ubuntu, RHEL, or Amazon Linux?
Short Description
Default behavior for an EC2 instance associated with a virtual private cloud (VPC) is to request a DNS server address at startup using the Dynamic Host Configuration Protocol (DHCP). The VPC responds to DHCP requests with the address of an internal DNS server. The DNS server addresses returned in the DHCP response are written to the local /etc/resolv.conf file and are used for DNS name resolution requests. Any manual modifications to the resolv.conf file are overwritten when the instance is restarted.
Resolution
To configure an EC2 instance running Linux to use static DNS server entries, use a text editor such as vim to edit the file /etc/dhcp/dhclient.conf and add the following line to the end of the file:
supersede domain-name-servers xxx.xxx.xxx.xxx, xxx.xxx.xxx.xxx;
Ubuntu - dhclient.conf - DHCP client configuration file 
The supersede statement
supersede [ option declaration ] ;
If for some option the client should always use a locally-configured value or values
rather than whatever is supplied by the server, these values can be defined in the
supersede statement.
The prepend statement
prepend [ option declaration ] ;
If for some set of options the client should use a value you supply, and then use the
values supplied by the server, if any, these values can be defined in the prepend
statement. The prepend statement can only be used for options which allow more than one
value to be given. This restriction is not enforced - if you ignore it, the behaviour
will be unpredictable.
The append statement
append [ option declaration ] ;
If for some set of options the client should first use the values supplied by the server,
if any, and then use values you supply, these values can be defined in the append
statement. The append statement can only be used for options which allow more than one
value to be given. This restriction is not enforced - if you ignore it, the behaviour
will be unpredictable.

In here someone come with solution that basically replaces the file on boot using rc.local
https://forums.aws.amazon.com/thread.jspa?threadID=74497
Edit /etc/sysconfig/network-scripts/ifcfg-eth0 to say PEERDNS=no
Create a file called /etc/resolv.backup with what you want
Add the following 2 lines to /etc/rc.local:
rm -f /etc/resolv.conf cp /etc/resolv.backup /etc/resolv.conf

This is what we are doing for our servers in the environment.
interface "eth0"
{
prepend domain-name-servers 10.x.x.x;
supersede host-name "{Hostname}";
append domain-search "domain";
supersede domain-name "DOMAIN";
}
Hope this helps.

The following worked in a Debian stretch on AWS EC2.
Just create /etc/dhcp/dhclient-enter-hooks.d/nodnsupdate:
#!/bin/sh
make_resolv_conf(){
:
}
Then you can modify /etc/resolv.conf and it will persist your changes across restarts.

Setup in crontab as
#reboot cp -r /home/.../resolv.conf /etc/resolv.conf

How to mount ext2 fs?

fdisk is used to create mmcblk0p3 on the 64G SD card.
Disk /dev/mmcblk0: 63.8 GB, 63864569856 bytes
255 heads, 63 sectors/track, 7764 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/mmcblk0p1 * 2 6 40162+ c Win95 FAT32 (LBA)
/dev/mmcblk0p2 7 130 996030 83 Linux
/dev/mmcblk0p3 131 7764 61320105 83 Linux
The fs is then formatted like this:
$ mke2fs -L media /dev/mmcblk0p3
Filesystem label=media
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
3833856 inodes, 15330026 blocks
766501 blocks (5%) reserved for the super user
First data block=0
Maximum filesystem blocks=16777216
468 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, ...
Mount point /media definitely exists and $ mount /dev/mmcblk0p3 /media works fine when mmcblk0p3 is a FAT32 FS on a Win95 FAT32 partition. I need to change from FAT32 to ext2 since the FAT32 partition 3 is too easily hosed in this embedded Linux target (power cycle, USB mass storage disconnects, etc.). An Ubuntu 10.04 desktop system has been used to verify that the partition type is ext2 and is able to mount the SD card partition but this needs to work on the embedded Linux target. The kernel version is 2.6.32-17-ridgerun with BusyBox v1.18.2.
Why does $ mount /dev/mmcblk0p3 /media cause mount: mounting /dev/mmcblk0p3 on /media failed: Invalid argument?
Why does mount -t ext2 /dev/mmcblk0p3 /media cause mount: mounting /dev/mmcblk0p3 on /media failed: No such device?

Why does $ mount /dev/mmcblk0p3 /media cause mount: mounting
/dev/mmcblk0p3 on /media failed: Invalid argument?
The kernel can probably mount the filesystem, but it wrongly guess its type.
Why does mount -t ext2 /dev/mmcblk0p3 /media cause mount: mounting
/dev/mmcblk0p3 on /media failed: No such device?
If, after you specified -t, you get a problem like that, it is very likely that the kernel cannot mount the requested filesystem for you. Check if there is a module for that filesystem and it is loaded.
lsmod # show modules
modprobe ext2 # load module
Sources : http://www.silas.net.br/doc.notes/unix/linux/busybox-troubleshooting.html
As far as I know ext2 modules are already loaded by default. But it won't hurt to check.
The problem here I think is the ambiguity due to mke2fs. mke2fs can be used to create ext2/ext3/ext4 filesystems. You have to specify the file system via -t option. Try doing this :
#mkfs -t ext2 /dev/hda1
#mkfs.ext2 /dev/hda1
You missed out -t option in your command making mke2fs format it with filesystem in default conf.