diff --git a/doc/module-docs/cc_users_groups/example3.yaml b/doc/module-docs/cc_users_groups/example3.yaml
index ed79daa9d25..b39665b1b1a 100644
--- a/doc/module-docs/cc_users_groups/example3.yaml
+++ b/doc/module-docs/cc_users_groups/example3.yaml
@@ -1,9 +1,4 @@
 #cloud-config
 users:
-- gecos: Big Stuff
-  groups: users, admin
-  lock_passwd: true
-  name: newsuper
+- name: newsuper
   shell: /bin/bash
-  ssh_import_id: ['lp:falcojr', 'gh:TheRealFalcon']
-  sudo: ALL=(ALL) NOPASSWD:ALL
diff --git a/doc/module-docs/cc_users_groups/example4.yaml b/doc/module-docs/cc_users_groups/example4.yaml
index 4c764b9c6fa..cd5647f85a5 100644
--- a/doc/module-docs/cc_users_groups/example4.yaml
+++ b/doc/module-docs/cc_users_groups/example4.yaml
@@ -1,8 +1,5 @@
 #cloud-config
 users:
 - doas: [permit nopass newsuper, deny newsuper as root]
-  gecos: Big Stuff
-  groups: users, admin
-  lock_passwd: true
   name: newsuper
-  ssh_import_id: ['lp:falcojr', 'gh:TheRealFalcon']
+
diff --git a/doc/rtd/explanation/about-cloud-config.rst b/doc/rtd/explanation/about-cloud-config.rst
new file mode 100644
index 00000000000..dae73a65dfc
--- /dev/null
+++ b/doc/rtd/explanation/about-cloud-config.rst
@@ -0,0 +1,141 @@
+.. _about-cloud-config:
+
+About the cloud-config file
+***************************
+
+The ``#cloud-config`` file is a type of user data that cloud-init can consume
+to automatically set up various aspects of the system. It is commonly referred
+to as **cloud config**. Using cloud config to configure your machine leverages
+the best practices encoded into cloud-init's modules in a distribution-agnostic
+way.
+
+Note that networks are not configurable via the ``#cloud-config`` file because
+:ref:`network configuration <network_config>` comes from the cloud.
+
+How do I create a cloud-config file?
+====================================
+
+The cloud-config file uses `YAML version 1.1`_. The file is composed of a
+**header** and one or more **modules**.
+
+* **The header**:
+  The first line **must start** with ``#cloud-config``. This line identifies
+  the file to cloud-init and ensures that it will be processed as intended.
+
+* **The modules**:
+  After the header, every aspect of the system's configuration is controlled
+  through specific cloud-init modules.
+
+Most modules are specified through the use of one or more **top-level keys**,
+and the configuration options are set using YAML key-value pairs or list types,
+according to the config schema. It follows this general format:
+
+.. code-block:: yaml
+
+   #cloud-config
+   top-level-key:
+     config-key-1: config-value-1
+     config-key-2: config-value-2
+     list-type:
+     - list-value-1
+       additional-list-value-1
+     - list-value-2
+
+The order of the top-level keys is unimportant -- they can be written in any
+order, and cloud-init handles the order of operations.
+
+Let us consider a real example using the :ref:`Keyboard <mod_cc_keyboard>`
+module. The top-level key for this module is ``keyboard:``, and beneath that
+are the various configuration options for the module shown as key-value pairs:
+
+.. code-block:: yaml
+
+   #cloud-config
+   keyboard:
+     layout: us
+     model: pc105
+     variant: nodeadkeys
+     options: compose:rwin
+
+Not all modules require a top-level key, and will run on the system anyway if
+certain conditions are met. A full list of modules can be found
+:ref:`on our modules page <modules>`. This list also shows the valid schema for
+every module, and simple YAML examples.
+
+Checking your cloud-config file
+===============================
+
+Once you have constructed your cloud-config file, you can check it against
+the :ref:`cloud-config validation tool <check_user_data_cloud_config>`. This
+tool tests the YAML in your file against the cloud-init schema and will warn
+you of any errors.
+
+Example cloud-config file
+=========================
+
+The following code is an example of a complete user data cloud-config file.
+The :ref:`cloud-config example library <yaml_examples>` contains further
+examples that can be copy/pasted and adapted to your needs.
+
+.. code-block:: yaml
+
+   #cloud-config
+
+   # Basic system setup
+   hostname: example-host
+   fqdn: example-host.example.com
+
+   # User setup configuration
+   users:
+     - name: exampleuser
+       gecos: Example User
+       sudo: ['ALL=(ALL) NOPASSWD:ALL']
+       groups: sudo
+       homedir: /home/exampleuser
+       shell: /bin/bash
+       ssh_authorized_keys:
+         - ssh-rsa AAAAB3...restofpublickey user@host
+
+   # Change passwords for exampleuser using chpasswd
+   chpasswd:
+     expire: false
+     users:
+     - {name: exampleuser, password: terriblepassword12345, type: text}
+
+   # Package management
+   package_update: true
+   package_upgrade: true
+   packages:
+     - git
+     - nginx
+     - python3
+
+   # Commands to run at the end of the cloud-init process
+   runcmd:
+     - echo "Hello, world!" > /etc/motd
+     - systemctl restart nginx
+     - mkdir -p /var/www/html
+     - echo "<html><body><h1>Welcome to the party, pal!</h1></body></html>" > /var/www/html/index.html
+
+   # Write files to the instance
+   write_files:
+     - path: /etc/example_config.conf
+       content: |
+         [example-config]
+         key=value
+     - path: /etc/motd
+       content: |
+         Some text that will appear in your MOTD!
+
+   # Final message, shown after cloud-init completes
+   final_message: "The system is up, after $UPTIME seconds"
+
+   # Reboot the instance after configuration
+   power_state:
+     mode: reboot
+     message: Rebooting after initial setup
+     timeout: 30
+     condition: True
+
+.. LINKS
+.. _YAML version 1.1: https://yaml.org/spec/1.1/current.html
diff --git a/doc/rtd/explanation/index.rst b/doc/rtd/explanation/index.rst
index 8a1adc4639e..9e2b82a790d 100644
--- a/doc/rtd/explanation/index.rst
+++ b/doc/rtd/explanation/index.rst
@@ -12,6 +12,7 @@ knowledge and become better at using and configuring ``cloud-init``.
 
    introduction.rst
    format.rst
+   about-cloud-config.rst
    configuration.rst
    boot.rst
    first_boot.rst
diff --git a/doc/rtd/reference/examples.rst b/doc/rtd/reference/examples.rst
index fe2703031ac..c88eed3cb88 100644
--- a/doc/rtd/reference/examples.rst
+++ b/doc/rtd/reference/examples.rst
@@ -1,7 +1,12 @@
 .. _yaml_examples:
 
-Cloud config examples
-*********************
+All cloud config examples
+*************************
+
+.. note::
+   This page is a summary containing all the cloud config YAML examples
+   together. If you would like to explore examples by operation or process
+   instead, refer to the :ref:`examples library <examples_library>`.
 
 Including users and groups
 ==========================
@@ -150,3 +155,4 @@ Create partitions and filesystems
 .. _chef: http://www.chef.io/chef/
 .. _puppet: http://puppetlabs.com/
 .. _ansible: https://docs.ansible.com/ansible/latest/
+
diff --git a/doc/rtd/reference/examples_library.rst b/doc/rtd/reference/examples_library.rst
new file mode 100644
index 00000000000..43a34766b0b
--- /dev/null
+++ b/doc/rtd/reference/examples_library.rst
@@ -0,0 +1,59 @@
+.. _examples_library:
+
+Cloud config examples library
+*****************************
+
+.. note::
+   This page is an index to all the cloud config YAML examples, organised by
+   operation or process. If you prefer to use a single-page summary containing
+   every cloud config yaml example, refer to the
+   :ref:`all examples page <yaml_examples>`.
+
+.. include:: yaml_examples/index_boot.rst
+   :end-before: .. TOC
+
+.. include:: yaml_examples/index_security.rst
+   :end-before: .. TOC
+
+.. include:: yaml_examples/index_fs.rst
+   :end-before: .. TOC
+
+.. include:: yaml_examples/index_users.rst
+   :end-before: .. TOC
+
+.. include:: yaml_examples/index_hostname.rst
+   :end-before: .. TOC
+
+.. include:: yaml_examples/index_network.rst
+   :end-before: .. TOC
+
+.. include:: yaml_examples/index_packages.rst
+   :end-before: .. TOC
+
+.. include:: yaml_examples/index_logging.rst
+   :end-before: .. TOC
+
+.. include:: yaml_examples/index_config_manager.rst
+   :end-before: .. TOC
+
+.. include:: yaml_examples/index_distro.rst
+   :end-before: .. TOC
+
+.. include:: yaml_examples/index_misc.rst
+   :end-before: .. TOC
+
+.. toctree::
+    :hidden:
+    :titlesonly:
+
+    yaml_examples/index_boot
+    yaml_examples/index_security
+    yaml_examples/index_fs
+    yaml_examples/index_users
+    yaml_examples/index_hostname
+    yaml_examples/index_network
+    yaml_examples/index_packages
+    yaml_examples/index_logging
+    yaml_examples/index_config_manager
+    yaml_examples/index_distro
+    yaml_examples/index_misc
diff --git a/doc/rtd/reference/index.rst b/doc/rtd/reference/index.rst
index d1791fa9631..cb6fa1736ff 100644
--- a/doc/rtd/reference/index.rst
+++ b/doc/rtd/reference/index.rst
@@ -12,6 +12,7 @@ matrices and so on.
 
    modules.rst
    examples.rst
+   examples_library.rst
    cli.rst
    availability.rst
    faq.rst
diff --git a/doc/rtd/reference/yaml_examples/ansible.rst b/doc/rtd/reference/yaml_examples/ansible.rst
new file mode 100644
index 00000000000..fe0a9ce0f23
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/ansible.rst
@@ -0,0 +1,54 @@
+.. _cce-ansible:
+
+Install Ansible
+***************
+
+These examples show how to achieve a basic installation of Ansible, and
+configures the location that playbooks should be pulled from.
+
+For a full list of keys, refer to the :ref:`Ansible module <mod_cc_ansible>`
+schema.
+
+Install via package manager
+===========================
+
+This example will use the operating system distribution's package manager to
+install Ansible.
+
+.. literalinclude:: ../../../module-docs/cc_ansible/example1.yaml
+   :language: yaml
+   :linenos:
+
+Install via pip
+===============
+
+This example uses the Python package manager ``pip`` to install Ansible.
+
+.. literalinclude:: ../../../module-docs/cc_ansible/example2.yaml
+   :language: yaml
+   :linenos:
+
+Install and run Ansible pull
+============================
+
+If you're already installing other packages, you may want to manually install
+Ansible to avoid multiple calls to your package manager. This example shows
+how to install Ansible using ``pip`` and run the ``ubuntu.yml`` playbook,
+pulled from a specific git repository.
+
+For a full list of keys, refer to the :ref:`Ansible module <mod_cc_ansible>`
+schema.
+
+.. code-block:: yaml
+
+    #cloud-config
+    package_update: true
+    package_upgrade: true
+    packages:
+      - git
+    ansible:
+      install_method: pip
+      pull:
+        url: "https://github.com/holmanb/vmboot.git"
+        playbook_name: ubuntu.yml
+
diff --git a/doc/rtd/reference/yaml_examples/ansible_controller.rst b/doc/rtd/reference/yaml_examples/ansible_controller.rst
new file mode 100644
index 00000000000..b7da819f310
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/ansible_controller.rst
@@ -0,0 +1,146 @@
+.. _cce-ansible-controller:
+
+Configure instance to be an Ansible controller
+**********************************************
+
+This slightly more complex example demonstrates how to set up an Ansible
+controller host on boot. The example installs a playbook repository from a
+remote private repository and then runs two of the plays.
+
+For a full list of keys, refer to the `Ansible module`_ schema.
+
+.. code-block:: yaml
+
+    #cloud-config
+
+    # Update, upgrade and install packages
+    # ------------------------------------
+    package_update: true
+    package_upgrade: true
+    packages: ['git', 'python3-pip']
+
+    # Set up an Ansible user
+    # ----------------------
+    # We give the local Ansible user password-less ``sudo`` so that Ansible can
+    # write to a local root-only file.
+    users:
+    - name: ansible
+      gecos: Ansible User
+      shell: /bin/bash
+      groups: users,admin,wheel,lxd
+      sudo: ALL=(ALL) NOPASSWD:ALL
+
+    # Initialize LXD using cloud-init
+    # -------------------------------
+    # A LXD container is started (using Ansible) on boot, so we must
+    # initialize LXD.
+    lxd:
+      init:
+        storage_backend: dir
+
+    # Configure and run Ansible on boot
+    # ---------------------------------
+    # First we install Ansible using ``pip``, and ensure that the
+    # ``community.general`` collection is installed (it is likely to be already
+    # installed by ``pip``).
+    # Then we use a deploy key to clone a remote private repository and run two
+    # playbooks:
+    # * The first starts a LXD container and creates a new inventory file
+    # * The second connects to and configures the container using Ansible
+    # The public version of the playbooks can be inspected at this URL:
+    # ``https://github.com/holmanb/ansible-lxd-public``
+    ansible:
+      install_method: pip
+      package_name: ansible
+      run_user: ansible
+      galaxy:
+        actions: ['ansible-galaxy', 'collection', 'install', 'community.general']
+      setup_controller:
+        repositories:
+          - path: /home/ansible/my-repo/
+            source: git@github.com:holmanb/ansible-lxd-private.git
+        run_ansible:
+          - playbook_dir: /home/ansible/my-repo
+            playbook_name: start-lxd.yml
+            timeout: 120
+            forks: 1
+            private_key: /home/ansible/.ssh/id_rsa
+          - playbook_dir: /home/ansible/my-repo
+            playbook_name: configure-lxd.yml
+            become_user: ansible
+            timeout: 120
+            forks: 1
+            private_key: /home/ansible/.ssh/id_rsa
+            inventory: new_ansible_hosts
+
+    # Write a deploy key to the filesystem for Ansible
+    # ------------------------------------------------
+    # This deploy key is tied to a `private GitHub repository`_. It exists to
+    # demonstrate how deploy keys are used in Ansible. A duplicate public copy
+    # of the repository `exists here`_.
+    write_files:
+      - path: /home/ansible/.ssh/known_hosts
+        owner: ansible:ansible
+        permissions: 0o600
+        defer: true
+        content: |
+          |1|YJEFAk6JjnXpUjUSLFiBQS55W9E=|OLNePOn3eBa1PWhBBmt5kXsbGM4= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
+          |1|PGGnpCpqi0aakERS4BWnYxMkMwM=|Td0piZoS4ZVC0OzeuRwKcH1MusM= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
+          |1|OJ89KrsNcFTOvoCP/fPGKpyUYFo=|cu7mNzF+QB/5kR0spiYmUJL7DAI= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=
+      - path: /home/ansible/.ssh/id_rsa
+        owner: ansible:ansible
+        permissions: 0o600
+        defer: true
+        encoding: base64
+        content: |
+          LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFB
+          QUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUJsd0FBQUFkemMyZ3RjbgpOaEFBQUFB
+          d0VBQVFBQUFZRUEwUWlRa05WQS9VTEpWZzBzT1Q4TEwyMnRGckg5YVR1SWFNT1FiVFdtWjlNUzJh
+          VTZ0cDZoClJDYklWSkhmOHdsaGV3MXNvWmphWVVQSFBsUHNISm5UVlhJTnFTTlpEOGF0Rldjd1gy
+          ZTNBOElZNEhpN0NMMDE3MVBoMVUKYmJGNGVIT1JaVkY2VVkzLzhmbXQ3NmhVYnpiRVhkUXhQdVdh
+          a0IyemxXNTdFclpOejJhYVdnY2pJUGdHV1RNZWVqbEpOcQpXUW9MNlFzSStpeUlzYXNMc1RTajha
+          aVgrT1VjanJEMUY4QXNKS3ZWQStKbnVZNUxFeno1TGQ2SGxGc05XVWtoZkJmOWVOClpxRnJCc1Vw
+          M2VUY1FtejFGaHFFWDJIQjNQT3VSTzlKemVGcTJaRE8wUlNQN09acjBMYm8vSFVTK3V5VkJNTDNi
+          eEF6dEIKQWM5dFJWZjRqcTJuRjNkcUpwVTFFaXZzR0sxaHJZc0VNQklLK0srVzRwc1F5c3ZTL0ZK
+          V2lXZmpqWVMwei9IbkV4MkpHbApOUXUrYkMxL1dXSGVXTGFvNGpSckRSZnNIVnVscTE2MElsbnNx
+          eGl1MmNHd081V29Fc1NHdThucXB5ZzQzWkhDYjBGd21CCml6UFFEQVNsbmlXanFjS21mblRycHpB
+          eTNlVldhd3dsTnBhUWtpZFRBQUFGZ0dLU2o4ZGlrby9IQUFBQUIzTnphQzF5YzIKRUFBQUdCQU5F
+          SWtKRFZRUDFDeVZZTkxEay9DeTl0clJheC9XazdpR2pEa0cwMXBtZlRFdG1sT3JhZW9VUW15RlNS
+          My9NSgpZWHNOYktHWTJtRkR4ejVUN0J5WjAxVnlEYWtqV1EvR3JSVm5NRjludHdQQ0dPQjR1d2k5
+          TmU5VDRkVkcyeGVIaHprV1ZSCmVsR04vL0g1cmUrb1ZHODJ4RjNVTVQ3bG1wQWRzNVZ1ZXhLMlRj
+          OW1tbG9ISXlENEJsa3pIbm81U1RhbGtLQytrTENQb3MKaUxHckM3RTBvL0dZbC9qbEhJNnc5UmZB
+          TENTcjFRUGlaN21PU3hNOCtTM2VoNVJiRFZsSklYd1gvWGpXYWhhd2JGS2QzawozRUpzOVJZYWhG
+          OWh3ZHp6cmtUdlNjM2hhdG1RenRFVWorem1hOUMyNlB4MUV2cnNsUVRDOTI4UU03UVFIUGJVVlgr
+          STZ0CnB4ZDNhaWFWTlJJcjdCaXRZYTJMQkRBU0N2aXZsdUtiRU1yTDB2eFNWb2xuNDQyRXRNL3g1
+          eE1kaVJwVFVMdm13dGYxbGgKM2xpMnFPSTBhdzBYN0IxYnBhdGV0Q0paN0tzWXJ0bkJzRHVWcUJM
+          RWhydko2cWNvT04yUndtOUJjSmdZc3owQXdFcFo0bApvNm5DcG41MDY2Y3dNdDNsVm1zTUpUYVdr
+          SkluVXdBQUFBTUJBQUVBQUFHQUV1ejc3SHU5RUVaeXVqTE9kVG5BVzlhZlJ2ClhET1pBNnBTN3lX
+          RXVmanc1Q1NsTUx3aXNSODN5d3cwOXQxUVd5dmhScUV5WW12T0JlY3NYZ2FTVXRuWWZmdFd6NDRh
+          cHkKL2dRWXZNVkVMR0thSkFDL3E3dmpNcEd5cnhVUGt5TE1oY2tBTFUyS1lnVisvcmovajZwQk1l
+          VmxjaG1rM3Bpa1lyZmZVWApKRFk5OTBXVk8xOTREbTBidUxSekp2Zk1LWUYyQmNmRjRUdmFyak9Y
+          V0F4U3VSOHd3dzA1MG9KOEhkS2FoVzdDbTVTMHBvCkZSbk5YRkdNbkxBNjJ2TjAwdkpXOFY3ajd2
+          dWk5dWtCYmhqUldhSnVZNXJkRy9VWW16QWU0d3ZkSUVucGs5eEluNkpHQ3AKRlJZVFJuN2xUaDUr
+          L1FsUTZGWFJQOElyMXZYWkZuaEt6bDBLOFZxaDJzZjRNNzlNc0lVR0FxR3hnOXhkaGpJYTVkbWdw
+          OApOMThJRURvTkVWS1ViS3VLZS9aNXlmOFo5dG1leGZIMVl0dGptWE1Pb2pCdlVISWpSUzVoZEk5
+          TnhuUEdSTFkya2pBemNtCmdWOVJ2M3Z0ZEYvK3phbGszZkFWTGVLOGhYSytkaS83WFR2WXBmSjJF
+          WkJXaU5yVGVhZ2ZOTkdpWXlkc1F5M3pqWkFBQUEKd0JOUmFrN1VycW5JSE1abjdwa0NUZ2NlYjFN
+          ZkJ5YUZ0bE56ZCtPYmFoNTRIWUlRajVXZFpUQkFJVFJlTVpOdDlTNU5BUgpNOHNRQjhVb1pQYVZT
+          QzNwcElMSU9mTGhzNktZajZSckdkaVl3eUloTVBKNWtSV0Y4eEdDTFVYNUNqd0gyRU9xN1hoSVd0
+          Ck13RUZ0ZC9nRjJEdTdIVU5GUHNaR256SjNlN3BES0RuRTd3MmtoWjhDSXBURmdENzY5dUJZR0F0
+          azQ1UVlURG81SnJvVk0KWlBEcTA4R2IvUmhJZ0pMbUlwTXd5cmVWcExMTGU4U3dvTUpKK3JpaG1u
+          Slp4TzhnQUFBTUVBMGxoaUtlemVUc2hodDR4dQpyV2MwTnh4RDg0YTI5Z1NHZlRwaERQT3JsS1NF
+          WWJrU1hoanFDc0FaSGQ4UzhrTXIzaUY2cG9PazNJV1N2Rko2bWJkM2llCnFkUlRnWEg5VGh3azRL
+          Z3BqVWhOc1F1WVJIQmJJNTlNbytCeFNJMUIxcXptSlNHZG1DQkw1NHd3elptRktEUVBRS1B4aUwK
+          bjBNbGM3R29vaURNalQxdGJ1Vy9PMUVMNUVxVFJxd2dXUFRLaEJBNnI0UG5HRjE1MGhaUklNb29a
+          a0Qyelg2YjFzR29qawpRcHZLa0V5a1R3bktDekY1VFhPOCt3SjNxYmNFbzlBQUFBd1FEK1owcjY4
+          YzJZTU5wc215ajNaS3RaTlBTdkpOY0xteUQvCmxXb05KcTNkakpONHMySmJLOGw1QVJVZFczeFNG
+          RURJOXl4L3dwZnNYb2FxV255Z1AzUG9GdzJDTTRpMEVpSml5dnJMRlUKcjNKTGZEVUZSeTNFSjI0
+          UnNxYmlnbUVzZ1FPelRsM3hmemVGUGZ4Rm9PaG9rU3ZURzg4UFFqaTFBWUh6NWtBN3A2WmZhegpP
+          azExckpZSWU3K2U5QjBsaGt1MEFGd0d5cWxXUW1TL01oSXBuakhJazV0UDRoZUhHU216S1FXSkRi
+          VHNrTldkNmFxMUc3CjZIV2ZEcFg0SGdvTThBQUFBTGFHOXNiV0Z1WWtCaGNtTT0KLS0tLS1FTkQg
+          T1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg==
+
+.. LINKS
+.. _Ansible module: https://cloudinit.readthedocs.io/en/latest/reference/modules.html#ansible
+.. _private GitHub repository: https://github.com/holmanb/ansible-lxd-private
+.. _exists here: https://github.com/holmanb/ansible-lxd-public
diff --git a/doc/rtd/reference/yaml_examples/ansible_managed.rst b/doc/rtd/reference/yaml_examples/ansible_managed.rst
new file mode 100644
index 00000000000..83eff726c42
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/ansible_managed.rst
@@ -0,0 +1,69 @@
+.. _cce-ansible-managed:
+
+Configure instance to be managed by Ansible
+*******************************************
+
+A common use for cloud-init is to bootstrap user and SSH settings, to be
+managed by a remote configuration management tool (such as Ansible).
+
+This example assumes a default Ubuntu cloud image, which should contain
+the required software to be managed remotely by Ansible.
+
+For a full list of keys, refer to the :ref:`Ansible module <mod_cc_ansible>`
+schema.
+
+.. code-block:: yaml
+
+    #cloud-config
+    ssh_pwauth: false
+    users:
+    - name: ansible
+      gecos: Ansible User
+      groups: users,admin,wheel
+      sudo: ALL=(ALL) NOPASSWD:ALL
+      shell: /bin/bash
+      lock_passwd: true
+      ssh_authorized_keys:
+        - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDRCJCQ1UD9QslWDSw5Pwsvba0Wsf1pO4how5BtNaZn0xLZpTq2nqFEJshUkd/zCWF7DWyhmNphQ8c+U+wcmdNVcg2pI1kPxq0VZzBfZ7cDwhjgeLsIvTXvU+HVRtsXh4c5FlUXpRjf/x+a3vqFRvNsRd1DE+5ZqQHbOVbnsStk3PZppaByMg+AZZMx56OUk2pZCgvpCwj6LIixqwuxNKPxmJf45RyOsPUXwCwkq9UD4me5jksTPPkt3oeUWw1ZSSF8F/141moWsGxSnd5NxCbPUWGoRfYcHc865E70nN4WrZkM7RFI/s5mvQtuj8dRL67JUEwvdvEDO0EBz21FV/iOracXd2omlTUSK+wYrWGtiwQwEgr4r5bimxDKy9L8UlaJZ+ONhLTP8ecTHYkaU1C75sLX9ZYd5YtqjiNGsNF+wdW6WrXrQiWeyrGK7ZwbA7lagSxIa7yeqnKDjdkcJvQXCYGLM9AMBKWeJaOpwqZ+dOunMDLd5VZrDCU2lpCSJ1M="
+    # use the following passwordless demonstration key for testing or
+    # replace with your own key pair
+    #
+    # -----BEGIN OPENSSH PRIVATE KEY-----
+    # b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
+    # NhAAAAAwEAAQAAAYEA0QiQkNVA/ULJVg0sOT8LL22tFrH9aTuIaMOQbTWmZ9MS2aU6tp6h
+    # RCbIVJHf8wlhew1soZjaYUPHPlPsHJnTVXINqSNZD8atFWcwX2e3A8IY4Hi7CL0171Ph1U
+    # bbF4eHORZVF6UY3/8fmt76hUbzbEXdQxPuWakB2zlW57ErZNz2aaWgcjIPgGWTMeejlJNq
+    # WQoL6QsI+iyIsasLsTSj8ZiX+OUcjrD1F8AsJKvVA+JnuY5LEzz5Ld6HlFsNWUkhfBf9eN
+    # ZqFrBsUp3eTcQmz1FhqEX2HB3POuRO9JzeFq2ZDO0RSP7OZr0Lbo/HUS+uyVBML3bxAztB
+    # Ac9tRVf4jq2nF3dqJpU1EivsGK1hrYsEMBIK+K+W4psQysvS/FJWiWfjjYS0z/HnEx2JGl
+    # NQu+bC1/WWHeWLao4jRrDRfsHVulq160Ilnsqxiu2cGwO5WoEsSGu8nqpyg43ZHCb0FwmB
+    # izPQDASlniWjqcKmfnTrpzAy3eVWawwlNpaQkidTAAAFgGKSj8diko/HAAAAB3NzaC1yc2
+    # EAAAGBANEIkJDVQP1CyVYNLDk/Cy9trRax/Wk7iGjDkG01pmfTEtmlOraeoUQmyFSR3/MJ
+    # YXsNbKGY2mFDxz5T7ByZ01VyDakjWQ/GrRVnMF9ntwPCGOB4uwi9Ne9T4dVG2xeHhzkWVR
+    # elGN//H5re+oVG82xF3UMT7lmpAds5VuexK2Tc9mmloHIyD4BlkzHno5STalkKC+kLCPos
+    # iLGrC7E0o/GYl/jlHI6w9RfALCSr1QPiZ7mOSxM8+S3eh5RbDVlJIXwX/XjWahawbFKd3k
+    # 3EJs9RYahF9hwdzzrkTvSc3hatmQztEUj+zma9C26Px1EvrslQTC928QM7QQHPbUVX+I6t
+    # pxd3aiaVNRIr7BitYa2LBDASCvivluKbEMrL0vxSVoln442EtM/x5xMdiRpTULvmwtf1lh
+    # 3li2qOI0aw0X7B1bpatetCJZ7KsYrtnBsDuVqBLEhrvJ6qcoON2Rwm9BcJgYsz0AwEpZ4l
+    # o6nCpn5066cwMt3lVmsMJTaWkJInUwAAAAMBAAEAAAGAEuz77Hu9EEZyujLOdTnAW9afRv
+    # XDOZA6pS7yWEufjw5CSlMLwisR83yww09t1QWyvhRqEyYmvOBecsXgaSUtnYfftWz44apy
+    # /gQYvMVELGKaJAC/q7vjMpGyrxUPkyLMhckALU2KYgV+/rj/j6pBMeVlchmk3pikYrffUX
+    # JDY990WVO194Dm0buLRzJvfMKYF2BcfF4TvarjOXWAxSuR8www050oJ8HdKahW7Cm5S0po
+    # FRnNXFGMnLA62vN00vJW8V7j7vui9ukBbhjRWaJuY5rdG/UYmzAe4wvdIEnpk9xIn6JGCp
+    # FRYTRn7lTh5+/QlQ6FXRP8Ir1vXZFnhKzl0K8Vqh2sf4M79MsIUGAqGxg9xdhjIa5dmgp8
+    # N18IEDoNEVKUbKuKe/Z5yf8Z9tmexfH1YttjmXMOojBvUHIjRS5hdI9NxnPGRLY2kjAzcm
+    # gV9Rv3vtdF/+zalk3fAVLeK8hXK+di/7XTvYpfJ2EZBWiNrTeagfNNGiYydsQy3zjZAAAA
+    # wBNRak7UrqnIHMZn7pkCTgceb1MfByaFtlNzd+Obah54HYIQj5WdZTBAITReMZNt9S5NAR
+    # M8sQB8UoZPaVSC3ppILIOfLhs6KYj6RrGdiYwyIhMPJ5kRWF8xGCLUX5CjwH2EOq7XhIWt
+    # MwEFtd/gF2Du7HUNFPsZGnzJ3e7pDKDnE7w2khZ8CIpTFgD769uBYGAtk45QYTDo5JroVM
+    # ZPDq08Gb/RhIgJLmIpMwyreVpLLLe8SwoMJJ+rihmnJZxO8gAAAMEA0lhiKezeTshht4xu
+    # rWc0NxxD84a29gSGfTphDPOrlKSEYbkSXhjqCsAZHd8S8kMr3iF6poOk3IWSvFJ6mbd3ie
+    # qdRTgXH9Thwk4KgpjUhNsQuYRHBbI59Mo+BxSI1B1qzmJSGdmCBL54wwzZmFKDQPQKPxiL
+    # n0Mlc7GooiDMjT1tbuW/O1EL5EqTRqwgWPTKhBA6r4PnGF150hZRIMooZkD2zX6b1sGojk
+    # QpvKkEykTwnKCzF5TXO8+wJ3qbcEo9AAAAwQD+Z0r68c2YMNpsmyj3ZKtZNPSvJNcLmyD/
+    # lWoNJq3djJN4s2JbK8l5ARUdW3xSFEDI9yx/wpfsXoaqWnygP3PoFw2CM4i0EiJiyvrLFU
+    # r3JLfDUFRy3EJ24RsqbigmEsgQOzTl3xfzeFPfxFoOhokSvTG88PQji1AYHz5kA7p6Zfaz
+    # Ok11rJYIe7+e9B0lhku0AFwGyqlWQmS/MhIpnjHIk5tP4heHGSmzKQWJDbTskNWd6aq1G7
+    # 6HWfDpX4HgoM8AAAALaG9sbWFuYkBhcmM=
+    # -----END OPENSSH PRIVATE KEY-----
+
diff --git a/doc/rtd/reference/yaml_examples/apk_repo.rst b/doc/rtd/reference/yaml_examples/apk_repo.rst
new file mode 100644
index 00000000000..91531cefe18
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/apk_repo.rst
@@ -0,0 +1,37 @@
+.. _cce-apk-repo:
+
+Configure APK repositories
+**************************
+
+These examples show how to configure the ``/etc/apk/repositories`` file. For a
+full list of keys, refer to the
+:ref:`APK configure module <mod_cc_apk_configure>` schema.
+
+Keep the existing ``/etc/apk/repositories`` file unaltered.
+
+.. literalinclude:: ../../../module-docs/cc_apk_configure/example1.yaml
+   :language: yaml
+   :linenos:
+
+Alpine v3.12
+============
+
+Create the repositories file for Alpine v3.12 main and community, using the
+default mirror site.
+
+.. literalinclude:: ../../../module-docs/cc_apk_configure/example2.yaml
+   :language: yaml
+   :linenos:
+
+Alpine Edge
+===========
+
+Create the repositories file for Alpine Edge main, community, and testing,
+using a specified mirror site and a local repo.
+
+.. literalinclude:: ../../../module-docs/cc_apk_configure/example3.yaml
+   :language: yaml
+   :linenos:
+
+.. LINKS
+.. _APK configure module: https://cloudinit.readthedocs.io/en/latest/reference/modules.html#apk-configure
diff --git a/doc/rtd/reference/yaml_examples/apt.rst b/doc/rtd/reference/yaml_examples/apt.rst
new file mode 100644
index 00000000000..106a734ccc3
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/apt.rst
@@ -0,0 +1,93 @@
+.. _cce-apt:
+
+Configure APT
+*************
+
+For a full list of keys, refer to the
+:ref:`APT configure module <mod_cc_apt_configure>` schema.
+
+Example 1
+=========
+
+Cloud-init version 23.4 will generate a ``deb822``-formatted ``sources`` file
+at ``/etc/apt/sources.list.d/<distro>.sources`` instead of
+``/etc/apt/sources.list`` when ``sources_list`` content is in ``deb822``
+format.
+
+.. literalinclude:: ../../../module-docs/cc_apt_configure/example2.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+=========
+
+.. literalinclude:: ../../../module-docs/cc_apt_configure/example1.yaml
+   :language: yaml
+   :linenos:
+
+Update APT on first boot
+========================
+
+This example will update the ``apt`` repository on first boot; it runs the
+``apt-get update`` command.
+
+
+The default is ``false``. However, if packages are given, or if
+``package_upgrade`` is set to ``true``, then the update will be done
+irrespective of this setting.
+
+.. code-block:: yaml
+
+    #cloud-config
+    package_update: true
+
+Specify mirrors
+===============
+
+* Default: auto select based on cloud metadata in EC2, the default is
+  ``<region>.archive.ubuntu.com``.
+
+One can either specify a URI to use as a mirror with the ``uri`` key, or a list
+of URLs using the ``search`` key, which will have cloud-init search the list
+for the first mirror available. This option is limited in that it only verifies
+that the mirror is DNS-resolvable (or an IP address).
+
+If neither mirror is set (the default), then use the mirror provided by the
+DataSource. In EC2, that means using ``<region>.ec2.archive.ubuntu.com``.
+
+If no mirror is provided by the DataSource, but ``search_dns`` is true, then
+search for DNS names ``<distro>-mirror`` in each of:
+- FQDN of this host per cloud metadata
+- localdomain
+- no domain (which would search domains listed in ``/etc/resolv.conf``)
+
+If there is a DNS entry for ``<distro>-mirror``, then it is assumed that there
+is a distro mirror at ``http://<distro>-mirror.<domain>/<distro>``. That gives
+the cloud provider the opportunity to set up mirrors of a distro and expose
+them only by creating DNS entries.
+
+If none of that is found, then the default distro mirror is used.
+
+.. code-block:: yaml
+
+    #cloud-config
+    apt:
+      primary:
+        - arches: [default]
+          uri: http://us.archive.ubuntu.com/ubuntu/
+    # or
+    apt:
+      primary:
+        - arches: [default]
+          search:
+            - http://local-mirror.mydomain
+            - http://archive.ubuntu.com
+    # or
+    apt:
+      primary:
+        - arches: [default]
+          search_dns: True
+
+
+.. LINKS
+.. _APT configure module: https://cloudinit.readthedocs.io/en/latest/reference/modules.html#apt-configure
diff --git a/doc/rtd/reference/yaml_examples/apt_pipeline.rst b/doc/rtd/reference/yaml_examples/apt_pipeline.rst
new file mode 100644
index 00000000000..9cc468fb27b
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/apt_pipeline.rst
@@ -0,0 +1,35 @@
+.. _cce-apt-pipeline:
+
+APT pipelining
+**************
+
+For a full list of keys, refer to the
+:ref:`APT pipelining module <mod_cc_apt_pipelining>` schema.
+
+Example 1
+=========
+
+This example disables pipelining.
+
+.. literalinclude:: ../../../module-docs/cc_apt_pipelining/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+=========
+
+This setting is the default -- uses the default for the distribution.
+
+.. literalinclude:: ../../../module-docs/cc_apt_pipelining/example2.yaml
+   :language: yaml
+   :linenos:
+
+Example 3
+=========
+
+Manually specify a pipeline depth of three. This method is not recommended.
+
+.. literalinclude:: ../../../module-docs/cc_apt_pipelining/example3.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/boot_cmds.rst b/doc/rtd/reference/yaml_examples/boot_cmds.rst
new file mode 100644
index 00000000000..d9957ffd793
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/boot_cmds.rst
@@ -0,0 +1,45 @@
+.. _cce-boot-cmds:
+
+Run commands during boot
+************************
+
+Both ``runcmd`` and ``bootcmd`` can be used to run commands during the boot
+process. They contain either a list of lists or a list of strings. Each item is
+run in order, with output printed to the console.
+
+The list must be written in proper YAML -- be sure to quote any characters
+such as colons (``:``) that would otherwise be "eaten".
+
+- ``runcmd`` only runs on first boot, **after** the instance has been started
+  and all other configuration has been applied. In general, you should use
+  ``runcmd`` unless you need to run something earlier in boot.
+- ``bootcmd`` runs on every boot, and is typically used to run commands very
+  early in the boot process (just after a boothook, and often before other
+  cloud-init modules have run).
+
+For a full list of keys for these two modules, refer to the
+:ref:`runcmd module <mod_cc_runcmd>` and :ref:`bootcmd module <mod_cc_bootcmd>`
+schema.
+
+Run commands on instance initialization
+=======================================
+
+.. literalinclude:: ../../../module-docs/cc_runcmd/example1.yaml
+   :language: yaml
+   :linenos:
+
+.. note::
+   Don't write files to ``/tmp`` from cloud-init -- use ``/run/somedir``
+   instead. Early boot environments can race ``systemd-tmpfiles-clean`` (LP:
+   #1707222).
+
+Run commands in early boot
+==========================
+
+The ``cloud-init-per`` command can be used to make ``bootcmd`` run exactly
+once.
+
+.. literalinclude:: ../../../module-docs/cc_bootcmd/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/byobu.rst b/doc/rtd/reference/yaml_examples/byobu.rst
new file mode 100644
index 00000000000..2fe51de577a
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/byobu.rst
@@ -0,0 +1,22 @@
+.. _cce-byobu:
+
+Enable/disable Byobu
+********************
+
+For a full list of keys, refer to the :ref:`Byobu module <mod_cc_byobu>`
+schema.
+
+Enable for the default user
+===========================
+
+.. literalinclude:: ../../../module-docs/cc_byobu/example1.yaml
+   :language: yaml
+   :linenos:
+
+Disable system-wide
+===================
+
+.. literalinclude:: ../../../module-docs/cc_byobu/example2.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/ca_certs.rst b/doc/rtd/reference/yaml_examples/ca_certs.rst
new file mode 100644
index 00000000000..657b2c20bfe
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/ca_certs.rst
@@ -0,0 +1,52 @@
+.. _cce-ca-certs:
+
+Add and configure trusted CA certificates
+*****************************************
+
+These examples demonstrate adding CA certificates to the system's CA store,
+and configuring the same.
+
+For a full list of keys, refer to the
+:ref:`CA certificates module <mod_cc_ca_certs>` schema.
+
+Add a single-line certificate
+=============================
+
+.. literalinclude:: ../../../module-docs/cc_ca_certs/example1.yaml
+   :language: yaml
+   :linenos:
+
+Configure multiline certificates
+================================
+
+This example configures CA certificates (system-wide) to establish SSL/TLS
+trust when the instance boots for the first time.
+
+- If present and set to ``true``, the ``remove_defaults`` parameter will
+  disable all trusted CA certifications normally shipped with Alpine, Debian or
+  Ubuntu. On RedHat, this action will delete those certificates.
+
+  This is primarily for security-sensitive use cases -- most users will not
+  need this functionality.
+
+- If present, the ``trusted`` parameter should contain a certificate (or list
+  of certificates) to add to the system as trusted CA certificates.
+
+  In this example, note the YAML multiline list syntax, which configures a list
+  of multiline certificates.
+
+.. code-block:: yaml
+
+    #cloud-config
+    ca_certs:
+      remove_defaults: true
+      trusted:
+      - |
+       -----BEGIN CERTIFICATE-----
+       YOUR-ORGS-TRUSTED-CA-CERT-HERE
+       -----END CERTIFICATE-----
+      - |
+       -----BEGIN CERTIFICATE-----
+       YOUR-ORGS-TRUSTED-CA-CERT-HERE
+       -----END CERTIFICATE-----
+
diff --git a/doc/rtd/reference/yaml_examples/chef.rst b/doc/rtd/reference/yaml_examples/chef.rst
new file mode 100644
index 00000000000..6d930b7dbb4
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/chef.rst
@@ -0,0 +1,179 @@
+.. _cce-chef:
+
+Install and run Chef recipes
+****************************
+
+This example file automatically installs the Chef client and runs a list of
+recipes when the instance boots for the first time. It should be passed as user
+data when starting the instance.
+
+The default is to install from packages.
+
+The key used in this example is from https://packages.chef.io/chef.asc.
+
+For a full list of accepted keys, refer to the :ref:`Chef module <mod_cc_chef>`
+schema.
+
+Example 1
+=========
+
+.. literalinclude:: ../../../module-docs/cc_chef/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+=========
+
+.. code-block:: yaml
+
+    #cloud-config
+    apt:
+      sources:
+        source1:
+          source: "deb http://packages.chef.io/repos/apt/stable $RELEASE main"
+          key: |
+            -----BEGIN PGP PUBLIC KEY BLOCK-----
+            Version: GnuPG v1.4.12 (Darwin)
+            Comment: GPGTools - http://gpgtools.org
+            mQGiBEppC7QRBADfsOkZU6KZK+YmKw4wev5mjKJEkVGlus+NxW8wItX5sGa6kdUu
+            twAyj7Yr92rF+ICFEP3gGU6+lGo0Nve7KxkN/1W7/m3G4zuk+ccIKmjp8KS3qn99
+            dxy64vcji9jIllVa+XXOGIp0G8GEaj7mbkixL/bMeGfdMlv8Gf2XPpp9vwCgn/GC
+            JKacfnw7MpLKUHOYSlb//JsEAJqao3ViNfav83jJKEkD8cf59Y8xKia5OpZqTK5W
+            ShVnNWS3U5IVQk10ZDH97Qn/YrK387H4CyhLE9mxPXs/ul18ioiaars/q2MEKU2I
+            XKfV21eMLO9LYd6Ny/Kqj8o5WQK2J6+NAhSwvthZcIEphcFignIuobP+B5wNFQpe
+            DbKfA/0WvN2OwFeWRcmmd3Hz7nHTpcnSF+4QX6yHRF/5BgxkG6IqBIACQbzPn6Hm
+            sMtm/SVf11izmDqSsQptCrOZILfLX/mE+YOl+CwWSHhl+YsFts1WOuh1EhQD26aO
+            Z84HuHV5HFRWjDLw9LriltBVQcXbpfSrRP5bdr7Wh8vhqJTPjrQnT3BzY29kZSBQ
+            YWNrYWdlcyA8cGFja2FnZXNAb3BzY29kZS5jb20+iGAEExECACAFAkppC7QCGwMG
+            CwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRApQKupg++Caj8sAKCOXmdG36gWji/K
+            +o+XtBfvdMnFYQCfTCEWxRy2BnzLoBBFCjDSK6sJqCu0IENIRUYgUGFja2FnZXMg
+            PHBhY2thZ2VzQGNoZWYuaW8+iGIEExECACIFAlQwYFECGwMGCwkIBwMCBhUIAgkK
+            CwQWAgMBAh4BAheAAAoJEClAq6mD74JqX94An26z99XOHWpLN8ahzm7cp13t4Xid
+            AJ9wVcgoUBzvgg91lKfv/34cmemZn7kCDQRKaQu0EAgAg7ZLCVGVTmLqBM6njZEd
+            Zbv+mZbvwLBSomdiqddE6u3eH0X3GuwaQfQWHUVG2yedyDMiG+EMtCdEeeRebTCz
+            SNXQ8Xvi22hRPoEsBSwWLZI8/XNg0n0f1+GEr+mOKO0BxDB2DG7DA0nnEISxwFkK
+            OFJFebR3fRsrWjj0KjDxkhse2ddU/jVz1BY7Nf8toZmwpBmdozETMOTx3LJy1HZ/
+            Te9FJXJMUaB2lRyluv15MVWCKQJro4MQG/7QGcIfrIZNfAGJ32DDSjV7/YO+IpRY
+            IL4CUBQ65suY4gYUG4jhRH6u7H1p99sdwsg5OIpBe/v2Vbc/tbwAB+eJJAp89Zeu
+            twADBQf/ZcGoPhTGFuzbkcNRSIz+boaeWPoSxK2DyfScyCAuG41CY9+g0HIw9Sq8
+            DuxQvJ+vrEJjNvNE3EAEdKl/zkXMZDb1EXjGwDi845TxEMhhD1dDw2qpHqnJ2mtE
+            WpZ7juGwA3sGhi6FapO04tIGacCfNNHmlRGipyq5ZiKIRq9mLEndlECr8cwaKgkS
+            0wWu+xmMZe7N5/t/TK19HXNh4tVacv0F3fYK54GUjt2FjCQV75USnmNY4KPTYLXA
+            dzC364hEMlXpN21siIFgB04w+TXn5UF3B4FfAy5hevvr4DtV4MvMiGLu0oWjpaLC
+            MpmrR3Ny2wkmO0h+vgri9uIP06ODWIhJBBgRAgAJBQJKaQu0AhsMAAoJEClAq6mD
+            74Jq4hIAoJ5KrYS8kCwj26SAGzglwggpvt3CAJ0bekyky56vNqoegB+y4PQVDv4K
+            zA==
+            =IxPr
+            -----END PGP PUBLIC KEY BLOCK-----
+    chef:
+      chef_license: accept
+      encrypted_data_bag_secret: /etc/chef/encrypted_data_bag_secret
+      environment: production
+      force_install: false
+      initial_attributes:
+        apache:
+          prefork: {maxclients: 100}
+          keepalive: false
+      install_type: packages
+      node_name: your-node-name
+      omnibus_url: https://www.chef.io/chef/install.sh
+      omnibus_version: 12.3.0
+      run_list: ['recipe[apache2]', 'role[db]']
+      server_url: https://chef.yourorg.com
+      validation_name: yourorg-validator
+      validation_cert: |
+        -----BEGIN RSA PRIVATE KEY-----
+        YOUR-ORGS-VALIDATION-KEY-HERE
+        -----END RSA PRIVATE KEY-----
+
+.. note::
+   - ``chef_license``: Valid values are 'accept' and 'accept-no-persist'.
+   - ``install_type``: Valid values are 'gems', 'packages' and 'omnibus'. If
+     ``install_type`` is 'omnibus', pass pinned version string to the install
+     script via ``omnibus_version``, and change the url to download via
+     ``omnibus_url``.
+   - ``force_install``: (boolean) run ``install_type`` code even if
+     ``chef-client`` appears to be already installed.
+   - If ``validation_cert``'s value is "system" then it is expected that the
+     file already exists on the system.
+   - If encrypted data bags are used, the client needs to have a secrets file
+     configured to decrypt them
+
+
+Chef oneiric
+============
+
+This example file, as in the example above, automatically installs the Chef
+client and runs a list of recipes when the instance boots for the first time.
+
+However, in this case, the example uses the instance 11.10 (oneiric). The file
+should be passed as user-data when starting the instance.
+
+The default is to install from packages.
+
+The key used in this example is from
+http://apt.opscode.com/packages@opscode.com.gpg.key.
+
+.. code-block:: yaml
+
+    #cloud-config
+    apt:
+      sources:
+         source1:
+            source: "deb http://apt.opscode.com/ $RELEASE-0.10 main"
+            key: |
+             -----BEGIN PGP PUBLIC KEY BLOCK-----
+             Version: GnuPG v1.4.9 (GNU/Linux)
+             mQGiBEppC7QRBADfsOkZU6KZK+YmKw4wev5mjKJEkVGlus+NxW8wItX5sGa6kdUu
+             twAyj7Yr92rF+ICFEP3gGU6+lGo0Nve7KxkN/1W7/m3G4zuk+ccIKmjp8KS3qn99
+             dxy64vcji9jIllVa+XXOGIp0G8GEaj7mbkixL/bMeGfdMlv8Gf2XPpp9vwCgn/GC
+             JKacfnw7MpLKUHOYSlb//JsEAJqao3ViNfav83jJKEkD8cf59Y8xKia5OpZqTK5W
+             ShVnNWS3U5IVQk10ZDH97Qn/YrK387H4CyhLE9mxPXs/ul18ioiaars/q2MEKU2I
+             XKfV21eMLO9LYd6Ny/Kqj8o5WQK2J6+NAhSwvthZcIEphcFignIuobP+B5wNFQpe
+             DbKfA/0WvN2OwFeWRcmmd3Hz7nHTpcnSF+4QX6yHRF/5BgxkG6IqBIACQbzPn6Hm
+             sMtm/SVf11izmDqSsQptCrOZILfLX/mE+YOl+CwWSHhl+YsFts1WOuh1EhQD26aO
+             Z84HuHV5HFRWjDLw9LriltBVQcXbpfSrRP5bdr7Wh8vhqJTPjrQnT3BzY29kZSBQ
+             YWNrYWdlcyA8cGFja2FnZXNAb3BzY29kZS5jb20+iGAEExECACAFAkppC7QCGwMG
+             CwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRApQKupg++Caj8sAKCOXmdG36gWji/K
+             +o+XtBfvdMnFYQCfTCEWxRy2BnzLoBBFCjDSK6sJqCu5Ag0ESmkLtBAIAIO2SwlR
+             lU5i6gTOp42RHWW7/pmW78CwUqJnYqnXROrt3h9F9xrsGkH0Fh1FRtsnncgzIhvh
+             DLQnRHnkXm0ws0jV0PF74ttoUT6BLAUsFi2SPP1zYNJ9H9fhhK/pjijtAcQwdgxu
+             wwNJ5xCEscBZCjhSRXm0d30bK1o49Cow8ZIbHtnXVP41c9QWOzX/LaGZsKQZnaMx
+             EzDk8dyyctR2f03vRSVyTFGgdpUcpbr9eTFVgikCa6ODEBv+0BnCH6yGTXwBid9g
+             w0o1e/2DviKUWCC+AlAUOubLmOIGFBuI4UR+rux9affbHcLIOTiKQXv79lW3P7W8
+             AAfniSQKfPWXrrcAAwUH/2XBqD4Uxhbs25HDUUiM/m6Gnlj6EsStg8n0nMggLhuN
+             QmPfoNByMPUqvA7sULyfr6xCYzbzRNxABHSpf85FzGQ29RF4xsA4vOOU8RDIYQ9X
+             Q8NqqR6pydprRFqWe47hsAN7BoYuhWqTtOLSBmnAnzTR5pURoqcquWYiiEavZixJ
+             3ZRAq/HMGioJEtMFrvsZjGXuzef7f0ytfR1zYeLVWnL9Bd32CueBlI7dhYwkFe+V
+             Ep5jWOCj02C1wHcwt+uIRDJV6TdtbIiBYAdOMPk15+VBdweBXwMuYXr76+A7VeDL
+             zIhi7tKFo6WiwjKZq0dzctsJJjtIfr4K4vbiD9Ojg1iISQQYEQIACQUCSmkLtAIb
+             DAAKCRApQKupg++CauISAJ9CxYPOKhOxalBnVTLeNUkAHGg2gACeIsbobtaD4ZHG
+             0GLl8EkfA8uhluM=
+             =zKAm
+             -----END PGP PUBLIC KEY BLOCK-----
+    chef:
+      environment: "production"
+      initial_attributes:
+        apache:
+          keepalive: false
+          prefork: {maxclients: 100}
+      install_type: packages
+      node_name: your-node-name
+      run_list: ['recipe[apache2]', 'role[db]']
+      server_url: https://chef.yourorg.com:4000
+      validation_cert: unused
+      validation_name: yourorg-validator
+      validation_key: |
+        -----BEGIN RSA PRIVATE KEY-----
+        YOUR-ORGS-VALIDATION-KEY-HERE
+        -----END RSA PRIVATE KEY-----
+
+.. note::
+   11.10 will fail if ``install_type`` is "gems" (LP: #960576).
+
+   The value of ``validation_cert`` is not used if ``validation_key`` is
+   defined, but the variable needs to be defined (LP: #960547).
+
+.. LINKS
+.. _chef: http://www.chef.io/chef/
+
diff --git a/doc/rtd/reference/yaml_examples/datasources.rst b/doc/rtd/reference/yaml_examples/datasources.rst
new file mode 100644
index 00000000000..dc3f3d1afc5
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/datasources.rst
@@ -0,0 +1,95 @@
+.. _cce-datasources:
+
+Configure datasources
+*********************
+
+These examples show datasource configuration options for various datasources.
+
+The options shown are as follows:
+
+* ``timeout``: The timeout value for a request at metadata service
+* ``max_wait``: The length of time to wait (in seconds) before giving up on
+  the metadata service. The actual total wait could be up to:
+  ``len(resolvable_metadata_urls)*timeout``
+* ``metadata_url``: List of URLs to check for metadata services. There are no
+  default values for this field.
+
+EC2
+===
+
+.. code-block:: yaml
+
+    #cloud-config
+    datasource:
+      EC2:
+        timeout : 50
+        max_wait : 120
+        metadata_url:
+         - http://169.254.169.254:80
+         - http://instance-data:8773
+
+MAAS
+====
+
+.. code-block:: yaml
+
+    #cloud-config
+    datasource:
+      MAAS:
+        timeout : 50
+        max_wait : 120
+        metadata_url: http://mass-host.localdomain/source
+        consumer_key: Xh234sdkljf
+        token_key: kjfhgb3n
+        token_secret: 24uysdfx1w4
+
+NoCloud
+=======
+
+.. code-block:: yaml
+
+    #cloud-config
+    datasource:
+      NoCloud:
+        seedfrom: None
+        fs_label: cidata
+        user-data: |
+          # This is the user-data verbatim
+        meta-data:
+          instance-id: i-87018aed
+          local-hostname: myhost.internal
+
+* ``seedfrom``: The default value is None. If found, it should contain a URL
+  with ``<url>/user-data`` and ``<url>/meta-data``. For example:
+  ``seedfrom: http://my.example.com/i-abcde/``
+* ``fs_label``: The label on filesystems to be searched for NoCloud source
+* ``user-data`` and ``meta-data`` (optional): Allows a datasource to be
+  provided directly.
+
+SmartOS
+=======
+
+.. code-block:: yaml
+
+    #cloud-config
+    datasource:
+      SmartOS:
+        # For KVM guests:
+        # Smart OS datasource works over a serial console interacting with
+        # a server on the other end. By default, the second serial console is the
+        # device. SmartOS also uses a serial timeout of 60 seconds.
+        serial_device: /dev/ttyS1
+        serial_timeout: 60
+        # For LX-Brand Zones guests:
+        # Smart OS datasource works over a socket interacting with
+        # the host on the other end. By default, the socket file is in
+        # the native .zoncontrol directory.
+        metadata_sockfile: /native/.zonecontrol/metadata.sock
+        # a list of keys that will not be base64 decoded even if base64_all
+        no_base64_decode: ['root_authorized_keys', 'motd_sys_info',
+                           'iptables_disable']
+        # a plaintext, comma delimited list of keys whose values are b64 encoded
+        base64_keys: []
+        # a boolean indicating that all keys not in 'no_base64_decode' are encoded
+        base64_all: False
+
diff --git a/doc/rtd/reference/yaml_examples/disable_ec2_metadata.rst b/doc/rtd/reference/yaml_examples/disable_ec2_metadata.rst
new file mode 100644
index 00000000000..e4047c11d62
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/disable_ec2_metadata.rst
@@ -0,0 +1,15 @@
+.. _cce-disable-ec2-metadata:
+
+Disable AWS EC2 metadata
+************************
+
+The default value for this module is ``false``. Setting it to ``true`` disables
+the IPv4 routes to EC2 metadata.
+
+For more details, refer to the
+:ref:`disable EC2 metadata module <mod_cc_disable_ec2_metadata>` schema.
+
+.. literalinclude:: ../../../module-docs/cc_disable_ec2_metadata/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/disk_setup.rst b/doc/rtd/reference/yaml_examples/disk_setup.rst
new file mode 100644
index 00000000000..1827fdf343b
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/disk_setup.rst
@@ -0,0 +1,374 @@
+.. _cce-disk-setup:
+
+Configure partitions and filesystems
+************************************
+
+Cloud-init supports the creation of simple partition tables and filesystems
+on devices.
+
+- Disk partitioning is done using the ``disk_setup`` directive.
+- File system configuration is done using the ``fs_setup`` directive.
+
+For a full list of keys, refer to the `disk setup module`_ schema.
+
+General example
+===============
+
+.. literalinclude:: ../../../module-docs/cc_disk_setup/example1.yaml
+   :language: yaml
+   :linenos:
+
+Partition a disk
+================
+
+The ``disk_setup`` directive instructs Cloud-init to partition a disk. The
+format is:
+
+.. code-block:: yaml
+
+    #cloud-config
+    disk_setup:
+      ephemeral0:
+        table_type: 'mbr'
+        layout: true
+      /dev/xvdh:
+        table_type: 'mbr'
+        layout:
+          - 33
+          - [33, 82]
+          - 33
+        overwrite: True
+
+The format is a list of "dicts of dicts". The first value is the name of the
+device and the subsequent values define how to create and lay out the
+partition. The general format is:
+
+.. code-block:: yaml
+
+   disk_setup:
+     <DEVICE>:
+       table_type: 'mbr'
+       layout: <LAYOUT|BOOL>
+       overwrite: <BOOL>
+
+Where:
+
+- ``<DEVICE>``:
+  The name of the device. ``ephemeralX`` and ``swap`` are special values which
+  are specific to the cloud. For these devices, cloud-init will look up what
+  the real device is and then use it.
+
+  For other devices, the kernel device name is used. At this time, only simple
+  kernel devices are supported, meaning that device mapper and other targets
+  may not work.
+
+  Note: There is currently no handling or setup of device mapper targets.
+
+- ``table_type=<TYPE>``:
+  Currently, the following are supported:
+
+  - ``mbr``: (default) sets up an MS-DOS partition table
+  - ``gpt``: sets up a GPT partition table
+
+  Note: At this time only ``mbr`` and ``gpt`` partition tables are allowed.
+  We anticipate that in the future we will also have ``RAID`` to create a
+  ``mdadm`` RAID.
+
+- ``layout={...}``:
+  The device layout. This is a list of values, with the percentage of disk that
+  the partition will take. Valid options are:
+
+  - ``[<SIZE>, [<SIZE>, <PART_TYPE]]``
+
+    Where ``<SIZE>`` is the **percentage** of the disk to use, while
+    ``<PART_TYPE>`` is the numerical value of the partition type.
+
+  The following sets up two partitions, with the first partition having a swap
+  label, taking 1/3 of the disk space, and the remainder being used as the
+  second partition: ::
+
+   /dev/xvdh':
+     table_type: 'mbr'
+     layout:
+       - [33,82]
+       - 66
+     overwrite: True
+
+  - When layout is "true", it instructs cloud-init to single-partition the
+    entire device.
+  - When layout is "false" it means "don't partition" or "ignore existing
+    partitioning".
+
+  If layout is set to "true" and overwrite is set to "false", cloud-init will
+  skip partitioning the device without a failure.
+
+- ``overwrite=<BOOL>``: This describes whether to "ride with safetys on and
+  everything holstered".
+
+  - "false" is the default, which means that:
+
+    1. The device will be checked for a partition table
+    2. The device will be checked for a filesystem
+    3. If either a partition of filesystem is found, then the operation will
+       be **skipped**.
+
+  - "true" is **cowboy mode**. There are no checks and things are done blindly.
+    Use this option only with caution, you can do things you really, really
+    don't want to do.
+
+Set up the filesystem
+=====================
+
+``fs_setup`` describes the how the filesystems are supposed to look.
+
+.. code-block:: yaml
+
+    fs_setup:
+      - label: ephemeral0
+        filesystem: 'ext3'
+        device: 'ephemeral0'
+        partition: 'auto'
+      - label: mylabl2
+        filesystem: 'ext4'
+        device: '/dev/xvda1'
+      - cmd: mkfs -t %(filesystem)s -L %(label)s %(device)s
+        label: mylabl3
+        filesystem: 'btrfs'
+        device: '/dev/xvdh'
+
+The general format is:
+
+.. code-block:: yaml
+
+   fs_setup:
+     - label: <LABEL>
+       filesystem: <FS_TYPE>
+       device: <DEVICE>
+       partition: <PART_VALUE>
+       overwrite: <OVERWRITE>
+       replace_fs: <FS_TYPE>
+
+Where:
+
+- ``<LABEL>``:
+  The filesystem label to be used. If set to "None", no label is used.
+
+- ``<FS_TYPE>``:
+  The filesystem type. It is assumed that the there will be a
+  ``mkfs.<FS_TYPE>`` that behaves likes ``mkfs``. On a standard Ubuntu Cloud
+  Image, this means that you have the option of ``ext{2,3,4}`` and ``vfat`` by
+  default.
+
+- ``<DEVICE>``:
+  The device name. Special names of ``ephemeralX`` or ``swap`` are allowed and
+  the actual device is acquired from the cloud datasource.
+
+  When using ``ephemeralX`` (i.e. ``ephemeral0``), be sure to leave the label
+  as ``ephemeralX`` or there may be issues with mounting the ephemeral storage
+  layer.
+
+  If you define the device as ``ephemeralX.Y`` then Y will be interpeted as a
+  partition value. However, ``ephemeralX.0`` is the **same** as ``ephemeralX``.
+
+- ``<PART_VALUE>``:
+  Partition definitions are overwritten if you use the ``<DEVICE>.Y`` notation.
+  The valid options are:
+
+  - ``auto|any``:
+    Tells cloud-init not to care if there is a partition or not.
+    Auto will use the first partition that does not already contain a
+    filesystem. In the absence of a partition table, it will put it directly
+    on the disk.
+
+  - ``auto``:
+    If a filesystem that matches the specification (in terms of label),
+    filesystem and device, then cloud-init will skip the filesystem creation.
+
+  - ``any``:
+    If a filesystem that matches the filesystem type and device, then
+    cloud-init will skip the filesystem creation.
+
+  Devices are selected based on first-detected, starting with partitions and
+  then the raw disk. Consider the following: ::
+
+           NAME     FSTYPE LABEL
+           xvdb
+           |-xvdb1  ext4
+           |-xvdb2
+           |-xvdb3  btrfs  test
+           \-xvdb4  ext4   test
+
+  If you ask for ``auto``, label of ``test``, and filesystem of ``ext4`` then
+  cloud-init will select the 2nd partition, even though there is a partition
+  match at the 4th partition.
+
+  If you ask for ``any`` and a label of ``test``, then cloud-init will select
+  the 1st partition.
+
+  If you ask for ``auto`` and don't define label, then cloud-init will select
+  the 1st partition.
+
+  In general, if you have a specific partition configuration in mind, you
+  should define either the device or the partition number. ``auto`` and ``any``
+  are specifically intended for formatting ephemeral storage or for simple
+  schemes.
+
+- ``none``:
+  Put the filesystem directly on the device.
+
+- ``<NUM>``:
+  Where ``NUM`` is the actual partition number.
+
+- ``<OVERWRITE>``:
+  Defines whether or not to overwrite any existing filesystem:
+
+  - ``"true"``:
+    Indiscriminately destroy any pre-existing filesystem. Use at your own risk.
+
+  - ``"false"``:
+    If a filesystem already exists, skip the creation.
+
+- ``<REPLACE_FS>``:
+  This is a special directive, used for Microsoft Azure, which instructs
+  cloud-init to replace a filesystem of ``<FS_TYPE>``.
+
+  Note that unless you define a label, this requires the use of the ``any``
+  partition directive.
+
+.. note::
+   Expected behavior: The default behavior is to check if the filesystem
+   exists. If a filesystem matches the specification, then the operation is a
+   no-op.
+
+.. _cce-resizefs:
+
+Resize partitions and filesystems
+=================================
+
+These examples show how to resize a filesystem to use all available space on
+the partition. The ``resizefs`` module can be used alongside the ``growpart``
+module so that if the root partition is resized by ``growpart`` then the root
+filesystem is also resized.
+
+For a full list of keys, refer to the :ref:`resizefs module <mod_cc_resizefs>`
+and the :ref:`growpart module <mod_cc_growpart>` schema.
+
+Disable root filesystem resize operation
+----------------------------------------
+
+.. literalinclude:: ../../../module-docs/cc_resizefs/example1.yaml
+   :language: yaml
+   :linenos:
+
+Run resize operation in background
+----------------------------------
+
+.. literalinclude:: ../../../module-docs/cc_resizefs/example2.yaml
+   :language: yaml
+   :linenos:
+
+.. _cce-growpart:
+
+Grow partitions
+===============
+
+For a full list of keys, refer to the :ref:`Growpart module <mod_cc_growpart>`
+schema.
+
+Example 1
+---------
+
+.. literalinclude:: ../../../module-docs/cc_growpart/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+---------
+
+.. literalinclude:: ../../../module-docs/cc_growpart/example2.yaml
+   :language: yaml
+   :linenos:
+
+
+Cloud examples
+==============
+
+Default disk definitions for AWS
+--------------------------------
+
+This only works for non-NVME devices on supported instance types.
+
+.. code-block:: yaml
+
+    #cloud-config
+    disk_setup:
+      ephemeral0:
+        table_type: 'mbr'
+        layout: True
+        overwrite: False
+    fs_setup:
+      - label: None,
+        filesystem: ext3
+        device: ephemeral0
+        partition: auto
+
+Default disk definitions for Microsoft Azure
+--------------------------------------------
+
+.. code-block:: yaml
+
+    #cloud-config
+    device_aliases: {'ephemeral0': '/dev/sdb'}
+    disk_setup:
+      ephemeral0:
+        table_type: mbr
+        layout: True
+        overwrite: False
+    fs_setup:
+      - label: ephemeral0
+        filesystem: ext4
+        device: ephemeral0.1
+        replace_fs: ntfs
+
+Data disks definitions for Microsoft Azure
+------------------------------------------
+
+.. code-block:: yaml
+
+    #cloud-config
+    disk_setup:
+      /dev/disk/azure/scsi1/lun0:
+        table_type: gpt
+        layout: True
+        overwrite: True
+    fs_setup:
+      - device: /dev/disk/azure/scsi1/lun0
+        partition: 1
+        filesystem: ext4
+
+Default disk definitions for SmartOS
+------------------------------------
+
+.. code-block:: yaml
+
+    #cloud-config
+    device_aliases: {'ephemeral0': '/dev/vdb'}
+    disk_setup:
+      ephemeral0:
+        table_type: mbr
+        layout: False
+        overwrite: False
+    fs_setup:
+      - label: ephemeral0
+        filesystem: ext4
+        device: ephemeral0.0
+
+.. note::
+    For SmartOS, if the ephemeral disk is not defined, then the disk will
+    not be automatically added to the mounts.
+
+    The default definition is used to make sure that the ephemeral storage is
+    setup properly.
+
+.. LINKS
+.. _disk setup module: https://cloudinit.readthedocs.io/en/latest/reference/modules.html#disk-setup
diff --git a/doc/rtd/reference/yaml_examples/fan.rst b/doc/rtd/reference/yaml_examples/fan.rst
new file mode 100644
index 00000000000..8763f02d26c
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/fan.rst
@@ -0,0 +1,14 @@
+.. _cce-fan:
+
+Configure Ubuntu fan networking
+*******************************
+
+This example will install the ``ubuntu-fan`` package (if it is not already
+installed), write the config path, and start (or restart) the service.
+
+For a full list of keys, refer to the :ref:`Fan module <mod_cc_fan>` schema.
+
+.. literalinclude:: ../../../module-docs/cc_fan/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/final_message.rst b/doc/rtd/reference/yaml_examples/final_message.rst
new file mode 100644
index 00000000000..2ea2d5f5965
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/final_message.rst
@@ -0,0 +1,18 @@
+.. _cce-final-message:
+
+Output message when cloud-init finishes
+***************************************
+
+It is possible to configure the final message that cloud-init prints when it
+has finished.
+
+The message is written to the cloud-init log (usually
+``/var/log/cloud-init.log``) and stderr.
+
+For a full list of keys, refer to the
+:ref:`final message module <mod_cc_final_message>` schema.
+
+.. literalinclude:: ../../../module-docs/cc_final_message/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/gluster.rst b/doc/rtd/reference/yaml_examples/gluster.rst
new file mode 100644
index 00000000000..dd847698d26
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/gluster.rst
@@ -0,0 +1,22 @@
+.. _cce-gluster:
+
+Gluster
+*******
+
+This example mounts ``volfile`` exported by ``glusterfsd``, running on
+``volfile-server-hostname`` onto the local mount point ``/mnt/data``.
+
+Replace ``volfile-server-hostname`` with one of your nodes running
+``glusterfsd``.
+
+.. code-block:: yaml
+
+    #cloud-config
+    packages:
+     - glusterfs-client
+    mounts:
+     - [ 'volfile-server-hostname:6996', /mnt/data, glusterfs, "defaults,nofail", "0", "2" ]
+    runcmd:
+     - [ modprobe, fuse ]
+     - [ mkdir, '-p', /mnt/data ]
+     - [ mount, '-a' ]
diff --git a/doc/rtd/reference/yaml_examples/grub_dpkg.rst b/doc/rtd/reference/yaml_examples/grub_dpkg.rst
new file mode 100644
index 00000000000..12d49a47bae
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/grub_dpkg.rst
@@ -0,0 +1,12 @@
+.. _cce-grub-dpkg:
+
+Configure target for GRUB installation
+**************************************
+
+For a full list of keys, refer to the
+:ref:`GRUB dpkg module <mod_cc_grub_dpkg>` schema.
+
+.. literalinclude:: ../../../module-docs/cc_grub_dpkg/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/index_boot.rst b/doc/rtd/reference/yaml_examples/index_boot.rst
new file mode 100644
index 00000000000..fc23a582929
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_boot.rst
@@ -0,0 +1,31 @@
+System initialization and boot
+==============================
+
+* :ref:`cce-boot-cmds` using ``bootcmd`` and ``runcmd``
+* :ref:`cce-scripts` on boot
+* :ref:`cce-seed-random`
+* :ref:`cce-write-files`
+
+System configuration
+--------------------
+
+* :ref:`cce-keyboard`
+* :ref:`cce-locale-timezone`
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   boot_cmds
+   scripts
+   seed_random
+   write_files
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   keyboard
+   locale_and_timezone
diff --git a/doc/rtd/reference/yaml_examples/index_config_manager.rst b/doc/rtd/reference/yaml_examples/index_config_manager.rst
new file mode 100644
index 00000000000..fee5c61f84b
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_config_manager.rst
@@ -0,0 +1,34 @@
+Configuration managers
+======================
+
+**Ansible**
+
+* :ref:`cce-ansible`
+* :ref:`cce-ansible-managed`
+* :ref:`cce-ansible-controller`
+
+**Chef**
+
+* :ref:`cce-chef`
+
+**Puppet**
+
+* :ref:`cce-puppet`
+
+**Salt Minion**
+
+* :ref:`cce-salt-minion`
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   ansible
+   ansible_managed
+   ansible_controller
+   chef
+   puppet
+   salt_minion
+
diff --git a/doc/rtd/reference/yaml_examples/index_distro.rst b/doc/rtd/reference/yaml_examples/index_distro.rst
new file mode 100644
index 00000000000..34b0e0a71ca
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_distro.rst
@@ -0,0 +1,31 @@
+Distribution-specific setup
+===========================
+
+Red Hat
+-------
+
+* :ref:`cce-redhat-subscription`
+
+Ubuntu
+------
+
+* :ref:`cce-ubuntu-pro`
+* :ref:`cce-ubuntu-drivers`
+* :ref:`cce-landscape`
+* :ref:`cce-fan`
+* Configure which device is used as
+  :ref:`the target for GRUB installation <cce-grub-dpkg>`
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   redhat_subscription
+   ubuntu_pro
+   ubuntu_drivers
+   landscape
+   fan
+   grub_dpkg
+
diff --git a/doc/rtd/reference/yaml_examples/index_fs.rst b/doc/rtd/reference/yaml_examples/index_fs.rst
new file mode 100644
index 00000000000..2d72ca65ed4
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_fs.rst
@@ -0,0 +1,17 @@
+Disk and file system setup
+==========================
+
+* :ref:`cce-disk-setup` - this includes initial disk and filesystem setup,
+  resizing the file system, and growing partitions
+* :ref:`cce-mounts`
+* :ref:`cce-gluster`
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   disk_setup
+   mounts
+   gluster
diff --git a/doc/rtd/reference/yaml_examples/index_hostname.rst b/doc/rtd/reference/yaml_examples/index_hostname.rst
new file mode 100644
index 00000000000..b6226ba0ad8
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_hostname.rst
@@ -0,0 +1,14 @@
+Hostname
+========
+
+* :ref:`cce-set-hostname`
+* :ref:`cce-update-hostname`
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   set_hostname
+   update_hostname
diff --git a/doc/rtd/reference/yaml_examples/index_logging.rst b/doc/rtd/reference/yaml_examples/index_logging.rst
new file mode 100644
index 00000000000..9cd8933d1fb
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_logging.rst
@@ -0,0 +1,16 @@
+System monitoring and logging
+=============================
+
+* Create :ref:`cce-reporting` endpoints
+* :ref:`cce-final-message`
+* :ref:`cce-rsyslog`
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   reporting
+   final_message
+   rsyslog
diff --git a/doc/rtd/reference/yaml_examples/index_misc.rst b/doc/rtd/reference/yaml_examples/index_misc.rst
new file mode 100644
index 00000000000..51d7291fc52
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_misc.rst
@@ -0,0 +1,30 @@
+Miscellaneous
+=============
+
+* :ref:`Configure LXD <cce-lxd>`
+* :ref:`cce-byobu` terminal multiplexer
+* :ref:`cce-install-hotplug`
+* :ref:`cce-mcollective`
+* :ref:`cce-phone-home`
+* :ref:`cce-power-state-change`
+* :ref:`cce-spacewalk`
+* :ref:`cce-datasources`
+* :ref:`cce-launch-index`
+
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   lxd
+   byobu
+   install_hotplug
+   mcollective
+   phone_home
+   power_state_change
+   spacewalk
+   datasources
+   launch_index
+
diff --git a/doc/rtd/reference/yaml_examples/index_network.rst b/doc/rtd/reference/yaml_examples/index_network.rst
new file mode 100644
index 00000000000..ea77f02fda2
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_network.rst
@@ -0,0 +1,19 @@
+Networking
+==========
+
+* Configure :ref:`cce-ntp`
+* :ref:`cce-resolv-conf`
+* :ref:`cce-wireguard`
+* :ref:`cce-update-etc-hosts`
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   ntp
+   resolv_conf
+   wireguard
+   update_etc_hosts
+
diff --git a/doc/rtd/reference/yaml_examples/index_packages.rst b/doc/rtd/reference/yaml_examples/index_packages.rst
new file mode 100644
index 00000000000..7eca229ece4
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_packages.rst
@@ -0,0 +1,26 @@
+Package management
+==================
+
+* :ref:`cce-update-upgrade`
+* :ref:`cce-apt`
+* :ref:`cce-apt-pipeline`
+
+* :ref:`cce-apk-repo` (Alpine)
+* :ref:`cce-snap` (Ubuntu)
+* :ref:`cce-yum-repo` (RPM-based)
+* :ref:`cce-zypper-repo` (OpenSUSE)
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   package_update_upgrade
+   apt
+   apt_pipeline
+   apk_repo
+   snap
+   yum_repo
+   zypper_repo
+
diff --git a/doc/rtd/reference/yaml_examples/index_security.rst b/doc/rtd/reference/yaml_examples/index_security.rst
new file mode 100644
index 00000000000..cca5e0c5153
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_security.rst
@@ -0,0 +1,25 @@
+SSH and security
+================
+
+* :ref:`cce-ssh`
+
+  There are four modules related to SSH keys and their configuration, all of
+  which are described in this page:
+
+  * :ref:`SSH <cce-ssh>`
+  * :ref:`SSH Import ID <cce-ssh-import-id>`
+  * :ref:`Keys to Console <cce-keys-to-console>`
+  * :ref:`SSH AuthKey Fingerprints <cce-ssh-authkey-fingerprints>`.
+
+* :ref:`cce-ca-certs`
+* :ref:`cce-disable-ec2-metadata`
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   ssh
+   ca_certs
+   disable_ec2_metadata
diff --git a/doc/rtd/reference/yaml_examples/index_users.rst b/doc/rtd/reference/yaml_examples/index_users.rst
new file mode 100644
index 00000000000..29c68fe2330
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/index_users.rst
@@ -0,0 +1,14 @@
+Manage users
+============
+
+* :ref:`cce-user-groups`
+* :ref:`cce-set-passwords`
+
+.. TOC
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   user_groups
+   set_passwords
diff --git a/doc/rtd/reference/yaml_examples/install_hotplug.rst b/doc/rtd/reference/yaml_examples/install_hotplug.rst
new file mode 100644
index 00000000000..1c079618531
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/install_hotplug.rst
@@ -0,0 +1,25 @@
+.. _cce-install-hotplug:
+
+Install hotplug udev rules
+**************************
+
+These examples show how to install the necessary udev rules to enable
+hotplugging (if supported by the datasource).
+
+For a full list of keys, refer to the
+:ref:`install hotplug module <mod_cc_install_hotplug>` schema.
+
+Enable network device hotplugging
+=================================
+
+.. literalinclude:: ../../../module-docs/cc_install_hotplug/example1.yaml
+   :language: yaml
+   :linenos:
+
+Enable hotplug alongside boot events
+====================================
+
+.. literalinclude:: ../../../module-docs/cc_install_hotplug/example2.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/keyboard.rst b/doc/rtd/reference/yaml_examples/keyboard.rst
new file mode 100644
index 00000000000..f7e61b0641a
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/keyboard.rst
@@ -0,0 +1,36 @@
+.. _cce-keyboard:
+
+Set keyboard layout
+*******************
+
+For a full list of keys, refer to the :ref:`keyboard module <mod_cc_keyboard>`
+schema.
+
+Minimal example
+===============
+
+Set the keyboard layout to "US"
+
+.. literalinclude:: ../../../module-docs/cc_keyboard/example1.yaml
+   :language: yaml
+   :linenos:
+
+Additional options
+==================
+
+Set the specific keyboard layout, model, variant, and options.
+
+.. literalinclude:: ../../../module-docs/cc_keyboard/example2.yaml
+   :language: yaml
+   :linenos:
+
+Alpine Linux setup
+==================
+
+For Alpine Linux, set specific keyboard layout and variant as used by
+``setup-keymap``. Model and options are ignored.
+
+.. literalinclude:: ../../../module-docs/cc_keyboard/example3.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/landscape.rst b/doc/rtd/reference/yaml_examples/landscape.rst
new file mode 100644
index 00000000000..27ee4744141
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/landscape.rst
@@ -0,0 +1,37 @@
+.. _cce-landscape:
+
+Install Landscape client
+************************
+
+These examples will install and configure the Landscape client.
+
+For a full list of keys, refer to the
+:ref:`landscape module <mod_cc_landscape>` schema, or run
+``man landscape-config``.
+
+Example 1
+=========
+
+.. literalinclude:: ../../../module-docs/cc_landscape/example1.yaml
+   :language: yaml
+   :linenos:
+
+Minimum viable config
+=====================
+
+The minimum viable Landscape config requires ``account_name`` and
+``computer_title``.
+
+.. literalinclude:: ../../../module-docs/cc_landscape/example2.yaml
+   :language: yaml
+   :linenos:
+
+Install from a PPA
+==================
+
+To install ``landscape-client`` from a PPA, specify ``apt.sources``.
+
+.. literalinclude:: ../../../module-docs/cc_landscape/example3.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/launch_index.rst b/doc/rtd/reference/yaml_examples/launch_index.rst
new file mode 100644
index 00000000000..4012398a7d6
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/launch_index.rst
@@ -0,0 +1,25 @@
+.. _cce-launch-index:
+
+Amazon EC2 launch index
+***********************
+
+This configuration syntax can be provided to have a given set of cloud config
+data show up on a certain launch index (and not other launches).
+This is done by providing a key here which acts as a filter on the instance's
+user data. When this key is absent (or non-integer) then the content of this
+file will always be used for all launch-indexes (i.e. the default behavior).
+
+.. code-block:: yaml
+
+    #cloud-config
+    launch-index: 5
+    # Upgrade the instance on first boot
+    # Default: false
+    package_upgrade: true
+
+For further information on launch indexes, refer to the
+`Amazon EC2 documentation`.
+
+.. LINKS
+
+.. _Amazon EC2 documentation: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMI-launch-index-examples.html
diff --git a/doc/rtd/reference/yaml_examples/locale_and_timezone.rst b/doc/rtd/reference/yaml_examples/locale_and_timezone.rst
new file mode 100644
index 00000000000..c5a920d93dc
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/locale_and_timezone.rst
@@ -0,0 +1,37 @@
+.. _cce-locale-timezone:
+
+Set system locale and timezone
+******************************
+
+Configure the system locale and timezone. For a full list of keys, refer to
+the :ref:`locale module <mod_cc_locale>` and the
+:ref:`timezone module <mod_cc_timezone>` schema.
+
+Set the system locale
+=====================
+
+By default, cloud-init uses the locale specified by the datasource.
+
+Set the locale directly
+-----------------------
+
+.. literalinclude:: ../../../module-docs/cc_locale/example1.yaml
+   :language: yaml
+   :linenos:
+
+Set the locale via config file
+------------------------------
+
+This example sets the locale to ``fr_CA`` in ``/etc/alternate_path/locale``.
+
+.. literalinclude:: ../../../module-docs/cc_locale/example2.yaml
+   :language: yaml
+   :linenos:
+
+Set the system timezone
+=======================
+
+.. literalinclude:: ../../../module-docs/cc_timezone/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/lxd.rst b/doc/rtd/reference/yaml_examples/lxd.rst
new file mode 100644
index 00000000000..eb3f913ee8f
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/lxd.rst
@@ -0,0 +1,58 @@
+.. _cce-lxd:
+
+LXD
+***
+
+LXD can be configured using ``lxd init`` (and optionally, ``lxd bridge``. If
+LXD configuration is provided, it will be installed on the system if it is not
+already present.
+
+For a full list of keys, refer to the :ref:`LXD module <mod_cc_lxd>` schema.
+
+Minimal configuration
+=====================
+
+The simplest working configuration of LXD, with a directory backend, is as
+follows:
+
+.. literalinclude:: ../../../module-docs/cc_lxd/example1.yaml
+   :language: yaml
+   :linenos:
+
+Config options showcase
+=======================
+
+This example shows a fuller configuration example, showcasing many of the LXD
+options. For a more complete list of the config options available, refer to the
+:ref:`LXD module <mod_cc_lxd>` docs. If an option is not specified, it will
+default to "none".
+
+.. literalinclude:: ../../../module-docs/cc_lxd/example2.yaml
+   :language: yaml
+   :linenos:
+
+Advanced configuration
+======================
+
+For more complex, non-interactive LXD configuration of networks, storage pools,
+profiles, projects, clusters and core config, ``lxd:preseed`` config will be
+passed as stdin to the command:
+
+.. code-block:: bash
+
+    lxd init --preseed
+
+See the `non-interactive LXD configuration`_ documentation, or run
+``lxd init --dump`` to see the viable preseed YAML allowed.
+
+Preseed settings configure the LXD daemon to listen for HTTPS connections on
+``192.168.1.1`` port 9999, a nested profile which allows for LXD nesting on
+containers, and a limited project allowing for RBAC approach when defining
+behavior for sub-projects.
+
+.. literalinclude:: ../../../module-docs/cc_lxd/example3.yaml
+   :language: yaml
+   :linenos:
+
+.. LINKS
+.. _non-interactive LXD configuration: https://documentation.ubuntu.com/lxd/en/latest/howto/initialize/#non-interactive-configuration
diff --git a/doc/rtd/reference/yaml_examples/mcollective.rst b/doc/rtd/reference/yaml_examples/mcollective.rst
new file mode 100644
index 00000000000..7ba5f705aa8
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/mcollective.rst
@@ -0,0 +1,23 @@
+.. _cce-mcollective:
+
+Install and configure MCollective
+*********************************
+
+This example shows how MCollective can be installed, configured and started.
+For a full list of keys, refer to the
+:ref:`MCollective module <mod_cc_mcollective>` schema.
+
+.. warning::
+   The EC2 metadata service is a network service, and thus is readable by
+   non-root users on the system (i.e. ``ec2metadata --user-data``).
+
+   If you want security against this, use ``include-once`` + SSL URLs.
+
+The example provides server private and public keys, and provides the following
+config settings in ``/etc/mcollective/server.cfg``:
+
+.. literalinclude:: ../../../module-docs/cc_mcollective/example1.yaml
+   :language: yaml
+   :linenos:
+
+
diff --git a/doc/rtd/reference/yaml_examples/mounts.rst b/doc/rtd/reference/yaml_examples/mounts.rst
new file mode 100644
index 00000000000..4c9534bc68b
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/mounts.rst
@@ -0,0 +1,107 @@
+.. _cce-mounts:
+
+Configure mount points and swap files
+*************************************
+
+For a full list of keys, refer to the :ref:`mounts module <mod_cc_mounts>`
+schema.
+
+Create swap file
+================
+
+This example creates a 2 GB swap file at ``/swapfile`` using human-readable
+values.
+
+.. literalinclude:: ../../../module-docs/cc_mounts/example2.yaml
+   :language: yaml
+   :linenos:
+
+Set mount point and create swap file
+====================================
+
+In this example we mount:
+- ``ephemeral0`` with the ``"noexec"`` flag,
+- ``/dev/sdc`` with ``mount_default_fields``, and
+- ``/dev/xvdh`` with ``custom fs_passno`` "0" to avoid ``fsck`` on the mount.
+
+The config also provides an automatically-sized swap with a maximum size of
+10485760 bytes.
+
+.. literalinclude:: ../../../module-docs/cc_mounts/example1.yaml
+   :language: yaml
+   :linenos:
+
+Explanation of fields
+=====================
+
+Let us break down some of the options available.
+
+Mounts
+------
+
+Set up mount points. ``mounts`` contains a list of lists. The inner list
+contains entries for an ``/etc/fstab`` line, e.g.:
+
+.. code-block:: yaml
+
+   [ fs_spec, fs_file, fs_vfstype, fs_mntops, fs-freq, fs_passno ]
+
+With defaults:
+
+.. code-block:: yaml
+
+   mounts:
+     - [ ephemeral0, /mnt ]
+     - [ swap, none, swap, sw, 0, 0 ]
+
+To remove a previously-listed mount (i.e., a default one), list only the
+``fs_spec``.  For example, to override the default, of mounting swap
+``[ swap ]`` or ``[ swap, null ]``.
+
+- If a device does not exist at the time, an entry will still be written to
+  ``/etc/fstab``.
+- ``/dev`` can be omitted for device names that begin with: ``xvd``, ``sd``,
+  ``hd``, or ``vd``.
+- If an entry does not have all 6 fields, they will be filled in with values
+  from the ``mount_default_fields`` below.
+
+.. note::
+    You should set ``nofail`` (see ``man fstab``) for volumes that may not
+    be attached at instance boot (or reboot).
+
+Example for ``mounts``
+----------------------
+
+.. code-block:: yaml
+
+    mounts:
+     - [ ephemeral0, /mnt, auto, "defaults,noexec" ]
+     - [ sdc, /opt/data ]
+     - [ xvdh, /opt/data, "auto", "defaults,nofail", "0", "0" ]
+     - [ dd, /dev/zero ]
+
+Mount default fields
+--------------------
+
+The ``mount_default_fields`` values are used to fill in any incomplete entries
+in ``mounts``. This must be an array, and must have 6 fields.
+
+.. code-block:: yaml
+
+    mount_default_fields: [ None, None, "auto", "defaults,nofail", "0", "2" ]
+
+Swap
+----
+
+``swap`` can also be set up by the ``mounts`` module. The default behavior is
+to not create any swap files, because ``size`` is set to 0.
+
+.. code-block:: yaml
+
+    swap:
+      filename: /swap.img
+      size: "auto" # or size in bytes
+      maxsize: 10485760   # size in bytes
+
+.. LINKS
+.. _mounts module: https://cloudinit.readthedocs.io/en/latest/reference/modules.html#mounts
diff --git a/doc/rtd/reference/yaml_examples/ntp.rst b/doc/rtd/reference/yaml_examples/ntp.rst
new file mode 100644
index 00000000000..b88692c09d4
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/ntp.rst
@@ -0,0 +1,66 @@
+.. _cce-ntp:
+
+Network Time Protocol (NTP)
+***************************
+
+The NTP module configures NTP services. If NTP is not installed on the system,
+but NTP configuration is specified, NTP will be installed.
+
+For a full list of keys, refer to the :ref:`NTP module <mod_cc_ntp>` schema.
+
+Available keys:
+===============
+
+- ``servers``:
+  List of NTP servers to sync with.
+- ``pools``:
+  List of NTP pool servers to sync with. Pools are typically DNS hostnames
+  which resolve to different specific servers to load balance a set of
+  services.
+
+Each server in the list will be added in list-order in the format:
+
+.. code-block:: yaml
+
+   [pool|server] <server entry> iburst
+
+If no servers or pools are defined but NTP is enabled, then cloud-init will
+render the distro default list of pools:
+
+.. code-block:: yaml
+
+    pools = [
+       '0.{distro}.pool.ntp.org',
+       '1.{distro}.pool.ntp.org',
+       '2.{distro}.pool.ntp.org',
+       '3.{distro}.pool.ntp.org',
+    ]
+
+So putting these together, we can see a straightforward example:
+
+.. code-block:: yaml
+
+    #cloud-config
+    ntp:
+      pools: ['0.company.pool.ntp.org', '1.company.pool.ntp.org', 'ntp.myorg.org']
+      servers: ['my.ntp.server.local', 'ntp.ubuntu.com', '192.168.23.2']
+
+Override NTP with chrony
+========================
+
+Here we override NTP with chrony configuration on Ubuntu. The example uses
+cloud-init's default chrony configuration.
+
+.. literalinclude:: ../../../module-docs/cc_ntp/example1.yaml
+   :language: yaml
+   :linenos:
+
+Custom NTP client config
+========================
+
+This example provides a custom NTP client configuration.
+
+.. literalinclude:: ../../../module-docs/cc_ntp/example2.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/package_update_upgrade.rst b/doc/rtd/reference/yaml_examples/package_update_upgrade.rst
new file mode 100644
index 00000000000..f8d42d091af
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/package_update_upgrade.rst
@@ -0,0 +1,30 @@
+.. _cce-update-upgrade:
+
+Update, upgrade and install packages
+************************************
+
+These examples show you how to install, update, and upgrade packages during
+boot.
+
+For a full list of keys, refer to the
+:ref:`package update upgrade install <mod_cc_package_update_upgrade_install>`
+module schema.
+
+Install arbitrary packages
+==========================
+
+.. code-block:: yaml
+
+    #cloud-config
+    packages:
+     - pwgen
+     - pastebinit
+     - [libpython2.7, 2.7.3-0ubuntu3.1]
+
+Update and upgrade packages
+===========================
+
+.. literalinclude:: ../../../module-docs/cc_package_update_upgrade_install/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/phone_home.rst b/doc/rtd/reference/yaml_examples/phone_home.rst
new file mode 100644
index 00000000000..66a58d93d0c
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/phone_home.rst
@@ -0,0 +1,22 @@
+.. _cce-phone-home:
+
+Phone home: post data to remote host
+************************************
+
+For a full list of keys, refer to the
+:ref:`Phone Home module <mod_cc_phone_home>` schema.
+
+Example 1
+=========
+
+.. literalinclude:: ../../../module-docs/cc_phone_home/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+=========
+
+.. literalinclude:: ../../../module-docs/cc_phone_home/example2.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/power_state_change.rst b/doc/rtd/reference/yaml_examples/power_state_change.rst
new file mode 100644
index 00000000000..5a97b927d5d
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/power_state_change.rst
@@ -0,0 +1,25 @@
+.. _cce-power-state-change:
+
+Change power state
+******************
+
+These examples demonstrate how to configure the shutdown/reboot of the system
+after all other config modules have been run.
+
+For a full list of keys, refer to the
+:ref:`power state change module <mod_cc_power_state_change>` schema.
+
+Example 1
+=========
+
+.. literalinclude:: ../../../module-docs/cc_power_state_change/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+=========
+
+.. literalinclude:: ../../../module-docs/cc_power_state_change/example2.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/puppet.rst b/doc/rtd/reference/yaml_examples/puppet.rst
new file mode 100644
index 00000000000..8339d5c47bb
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/puppet.rst
@@ -0,0 +1,22 @@
+.. _cce-puppet:
+
+Puppet
+******
+
+For a full list of keys, refer to the :ref:`Puppet module <mod_cc_puppet>`
+schema.
+
+Example 1
+=========
+
+.. literalinclude:: ../../../module-docs/cc_puppet/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+=========
+
+.. literalinclude:: ../../../module-docs/cc_puppet/example2.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/redhat_subscription.rst b/doc/rtd/reference/yaml_examples/redhat_subscription.rst
new file mode 100644
index 00000000000..cd3459d69d2
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/redhat_subscription.rst
@@ -0,0 +1,29 @@
+.. _cce-redhat-subscription:
+
+Register a Red Hat system
+*************************
+
+For a full list of keys, refer to the
+:ref:`Red Hat subscription module <mod_cc_rh_subscription>` schema.
+
+Example 1
+=========
+
+.. literalinclude:: ../../../module-docs/cc_rh_subscription/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+=========
+
+.. literalinclude:: ../../../module-docs/cc_rh_subscription/example2.yaml
+   :language: yaml
+   :linenos:
+
+Example 3
+=========
+
+.. literalinclude:: ../../../module-docs/cc_rh_subscription/example3.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/reporting.rst b/doc/rtd/reference/yaml_examples/reporting.rst
new file mode 100644
index 00000000000..f7bd2442ae5
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/reporting.rst
@@ -0,0 +1,21 @@
+.. _cce-reporting:
+
+Reporting
+*********
+
+The following sets up 2 reporting endpoints; a 'webhook' and a 'log' type.
+
+.. code-block:: yaml
+
+    #cloud-config
+    reporting:
+      smtest:
+        type: webhook
+        endpoint: 'http://myhost:8000/'
+        consumer_key: 'ckey_foo'
+        consumer_secret: 'csecret_foo'
+        token_key: 'tkey_foo'
+        token_secret: 'tkey_foo'
+      smlogger:
+        type: log
+        level: WARN
diff --git a/doc/rtd/reference/yaml_examples/resolv_conf.rst b/doc/rtd/reference/yaml_examples/resolv_conf.rst
new file mode 100644
index 00000000000..4fb511ebff8
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/resolv_conf.rst
@@ -0,0 +1,19 @@
+.. _cce-resolv-conf:
+
+Configure resolv.conf
+*********************
+
+When it comes to managing nameserver information on your operating system, many
+distros have moved away from manually editing the ``/etc/resolv.conf`` file.
+
+It's often recommended to use :ref:`network configuration <network_config>`
+instead. Be sure to verify the preferred method for your distro before making
+any edits to the ``resolv.conf`` file.
+
+For a full list of keys, refer to the
+:ref:`resolv conf module <mod_cc_resolv_conf>` schema.
+
+.. literalinclude:: ../../../module-docs/cc_resolv_conf/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/rsyslog.rst b/doc/rtd/reference/yaml_examples/rsyslog.rst
new file mode 100644
index 00000000000..f341c0d5f33
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/rsyslog.rst
@@ -0,0 +1,31 @@
+.. _cce-rsyslog:
+
+Configure system logging via rsyslog
+************************************
+
+For a full list of keys, refer to the :ref:`rsyslog module <mod_cc_rsyslog>`
+schema.
+
+Example 1
+=========
+
+.. literalinclude:: ../../../module-docs/cc_rsyslog/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+=========
+
+.. literalinclude:: ../../../module-docs/cc_rsyslog/example2.yaml
+   :language: yaml
+   :linenos:
+
+Example 3
+=========
+
+Default (no) configuration with package installation on FreeBSD.
+
+.. literalinclude:: ../../../module-docs/cc_rsyslog/example3.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/salt_minion.rst b/doc/rtd/reference/yaml_examples/salt_minion.rst
new file mode 100644
index 00000000000..62866d27359
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/salt_minion.rst
@@ -0,0 +1,12 @@
+.. _cce-salt-minion:
+
+Salt Minion
+***********
+
+For a full list of keys, refer to the
+:ref:`Salt Minion module <mod_cc_salt_minion>` schema.
+
+.. literalinclude:: ../../../module-docs/cc_salt_minion/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/scripts.rst b/doc/rtd/reference/yaml_examples/scripts.rst
new file mode 100644
index 00000000000..2a4412359aa
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/scripts.rst
@@ -0,0 +1,34 @@
+.. _cce-scripts:
+
+Control vendor data use
+***********************
+
+The use of :ref:`vendor data <vendordata>` can be controlled by the user.
+Vendor data can be used (or disabled) with an optional prefix.
+
+For a full list of keys, refer to the
+:ref:`scripts vendor module <mod_cc_scripts_vendor>` docs.
+
+Example 1
+---------
+
+.. literalinclude:: ../../../module-docs/cc_scripts_vendor/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+---------
+
+.. literalinclude:: ../../../module-docs/cc_scripts_vendor/example2.yaml
+   :language: yaml
+   :linenos:
+
+Example 3
+---------
+
+With this example, vendor data will not be processed.
+
+.. literalinclude:: ../../../module-docs/cc_scripts_vendor/example3.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/seed_random.rst b/doc/rtd/reference/yaml_examples/seed_random.rst
new file mode 100644
index 00000000000..71534ccd0b3
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/seed_random.rst
@@ -0,0 +1,25 @@
+.. _cce-seed-random:
+
+Provide random seed data
+************************
+
+For a full list of keys, refer to the
+:ref:`seed random module <mod_cc_seed_random>` schema.
+
+Example 1
+=========
+
+.. literalinclude:: ../../../module-docs/cc_seed_random/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+=========
+
+This example uses ``pollinate`` to gather data from a remote entropy server,
+and writes that data to ``/dev/urandom``:
+
+.. literalinclude:: ../../../module-docs/cc_seed_random/example2.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/set_hostname.rst b/doc/rtd/reference/yaml_examples/set_hostname.rst
new file mode 100644
index 00000000000..b8a58368f2e
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/set_hostname.rst
@@ -0,0 +1,34 @@
+.. _cce-set-hostname:
+
+Set hostname and FQDN
+*********************
+
+For a full list of keys, refer to the
+:ref:`set hostname module <mod_cc_set_hostname>` schema.
+
+Example 1
+=========
+
+.. literalinclude:: ../../../module-docs/cc_set_hostname/example1.yaml
+   :language: yaml
+   :linenos:
+
+Example 2
+=========
+
+.. literalinclude:: ../../../module-docs/cc_set_hostname/example2.yaml
+   :language: yaml
+   :linenos:
+
+Example 3
+=========
+
+On a machine without an ``/etc/hostname`` file, don't create it.
+
+In most clouds, this will result in a DHCP-configured hostname provided by the
+cloud.
+
+.. literalinclude:: ../../../module-docs/cc_set_hostname/example3.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/set_passwords.rst b/doc/rtd/reference/yaml_examples/set_passwords.rst
new file mode 100644
index 00000000000..f72bd06ee46
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/set_passwords.rst
@@ -0,0 +1,34 @@
+.. _cce-set-passwords:
+
+User passwords
+**************
+
+For a full list of keys, refer to the
+:ref:`set passwords module <mod_cc_set_passwords>` schema.
+
+Set default password
+====================
+
+This example sets a default password that would need to be changed by the
+user the first time they log in.
+
+.. literalinclude:: ../../../module-docs/cc_set_passwords/example1.yaml
+   :language: yaml
+   :linenos:
+
+Multi-user configuration
+========================
+
+This example does several things:
+
+- Disables SSH password authentication
+- Doesn't require users to change their passwords on next login
+- Sets the password for ``user1`` to be ``'password1'`` (OS does hashing)
+- Sets the password for ``user2`` to a pre-hashed password
+- Sets the password for ``user3`` to be a randomly generated password, which
+  will be written to the system console
+
+.. literalinclude:: ../../../module-docs/cc_set_passwords/example2.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/snap.rst b/doc/rtd/reference/yaml_examples/snap.rst
new file mode 100644
index 00000000000..b58b30aef04
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/snap.rst
@@ -0,0 +1,42 @@
+.. _cce-snap:
+
+Manage snaps
+************
+
+These examples will show you how to set up ``snapd`` and install snap packages.
+
+For a full list of keys, refer to the :ref:`snap module <mod_cc_snap>` schema.
+
+General usage
+=============
+
+.. literalinclude:: ../../../module-docs/cc_snap/example1.yaml
+   :language: yaml
+   :linenos:
+
+Omitting the snap command
+=========================
+
+For convenience, the ``snap`` command can be omitted when specifying commands
+as a list, and ``'snap'`` will automatically be prepended. The following
+commands are all equivalent:
+
+.. literalinclude:: ../../../module-docs/cc_snap/example2.yaml
+   :language: yaml
+   :linenos:
+
+Using lists
+===========
+
+You can use a list of commands:
+
+.. literalinclude:: ../../../module-docs/cc_snap/example3.yaml
+   :language: yaml
+   :linenos:
+
+And you can also use a list of assertions:
+
+.. literalinclude:: ../../../module-docs/cc_snap/example4.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/spacewalk.rst b/doc/rtd/reference/yaml_examples/spacewalk.rst
new file mode 100644
index 00000000000..ef38bd8445b
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/spacewalk.rst
@@ -0,0 +1,17 @@
+.. _cce-spacewalk:
+
+Install and configure Spacewalk
+*******************************
+
+The example demonstrates the installation and basic configuration of
+`Spacewalk`_.
+
+For a full list of keys, refer to the
+:ref:`Spacewalk module <mod_cc_spacewalk>` schema.
+
+.. literalinclude:: ../../../module-docs/cc_spacewalk/example1.yaml
+   :language: yaml
+   :linenos:
+
+.. LINKS
+.. _Spacewalk: https://fedorahosted.org/spacewalk/
diff --git a/doc/rtd/reference/yaml_examples/ssh.rst b/doc/rtd/reference/yaml_examples/ssh.rst
new file mode 100644
index 00000000000..dad17b7c208
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/ssh.rst
@@ -0,0 +1,119 @@
+.. _cce-ssh:
+
+Configure SSH and SSH keys
+**************************
+
+For a full list of keys, refer to the :ref:`SSH module <mod_cc_ssh>` schema.
+
+General example
+===============
+
+.. literalinclude:: ../../../module-docs/cc_ssh/example1.yaml
+   :language: yaml
+   :linenos:
+
+Configure instance's SSH keys
+=============================
+
+.. code-block:: yaml
+
+    #cloud-config
+    ssh_authorized_keys:
+      - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEyQwBI6Z+nCSU... mykey@host
+      - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEVUf2l5gSn5uR... smoser@brickies
+    ssh_keys:
+      rsa_private: |
+        -----BEGIN RSA PRIVATE KEY-----
+        MIIBxwIBAAJhAKD0YSHy73nUgysO13XsJmd4fHiFyQ+0Qcon2LZS/x...
+        -----END RSA PRIVATE KEY-----
+      rsa_public: ssh-rsa AAAAB3NzaC1AAAABIwAAAGEAoPRh... smoser@localhost
+    no_ssh_fingerprints: false
+    ssh:
+      emit_keys_to_console: false
+
+.. _cce-SSH-import-ID:
+
+Import SSH ID
+=============
+
+This example imports SSH keys from:
+
+- GitHub (``gh:``)
+- A public keyserver (in this case, Launchpad, ``lp:``)
+
+Keys are referenced by the username they are associated with on the keyserver.
+
+For a full list of keys, refer to the
+:ref:`SSH import ID module <mod_cc_ssh_import_id>` schema. You may also find it
+helpful to consult `the manual page`_.
+
+.. literalinclude:: ../../../module-docs/cc_ssh_import_id/example1.yaml
+   :language: yaml
+   :linenos:
+
+.. _cce-ssh-authkey-fingerprints:
+
+Log fingerprints of user SSH keys
+=================================
+
+Writing the fingerprints of authorized user keys to logs is enabled by default.
+
+For a full list of keys, refer to the
+:ref:`SSH authkey fingerprints module <mod_cc_ssh_authkey_fingerprints>`
+schema.
+
+Do not write SSH fingerprints
+-----------------------------
+
+This example prevents SSH fingerprints from being written. The default is
+``false``.
+
+.. literalinclude:: ../../../module-docs/cc_ssh_authkey_fingerprints/example1.yaml
+   :language: yaml
+   :linenos:
+
+Configure hash type
+-------------------
+
+This example configures the hash type to be ``sha512`` instead of the default
+``sha256``.
+
+.. literalinclude:: ../../../module-docs/cc_ssh_authkey_fingerprints/example2.yaml
+   :language: yaml
+   :linenos:
+
+.. _cce-keys-to-console:
+
+Control SSH key printing to console
+===================================
+
+By default, all supported host keys (and their fingerprints) are written to
+the console, but for security reasons, this may not be desirable.
+
+These examples show you how to prevent SSH host keys from being written out.
+For a full list of keys, refer to the
+:ref:`keys to console module <mod_cc_keys_to_console>` schema.
+
+Do not print any SSH keys
+-------------------------
+
+.. literalinclude:: ../../../module-docs/cc_keys_to_console/example1.yaml
+   :language: yaml
+   :linenos:
+
+Do not print specific key types
+-------------------------------
+
+.. literalinclude:: ../../../module-docs/cc_keys_to_console/example2.yaml
+   :language: yaml
+   :linenos:
+
+Do not print specific fingerprints
+----------------------------------
+
+.. literalinclude:: ../../../module-docs/cc_keys_to_console/example3.yaml
+   :language: yaml
+   :linenos:
+
+.. LINKS
+.. _the manual page: https://manpages.ubuntu.com/manpages/noble/en/man1/ssh-import-id.1.html
diff --git a/doc/rtd/reference/yaml_examples/ubuntu_drivers.rst b/doc/rtd/reference/yaml_examples/ubuntu_drivers.rst
new file mode 100644
index 00000000000..c98bf1ccea6
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/ubuntu_drivers.rst
@@ -0,0 +1,15 @@
+.. _cce-ubuntu-drivers:
+
+Third party drivers in Ubuntu
+******************************
+
+This example demonstrates how to install third-party driver packages in
+Ubuntu.
+
+For a full list of keys, refer to the
+:ref:`Ubuntu drivers module <mod_cc_ubuntu_drivers>` schema.
+
+.. literalinclude:: ../../../module-docs/cc_ubuntu_drivers/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/ubuntu_pro.rst b/doc/rtd/reference/yaml_examples/ubuntu_pro.rst
new file mode 100644
index 00000000000..70da68acc4d
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/ubuntu_pro.rst
@@ -0,0 +1,89 @@
+.. _cce-ubuntu-pro:
+
+Configure Ubuntu Pro services
+*****************************
+
+All the examples in this page require an Ubuntu Pro contract token, which is
+provided with a subscription. Pro is available for free for personal use on
+up to five machines. Your subscription (and contract token) can be obtained
+from: https://ubuntu.com/pro
+
+Some services are incompatible with others and cannot be enabled at the same
+time. Refer to this `compatibility matrix`_ for more details.
+
+For a full list of keys, refer to the
+:ref:`Ubuntu Pro module <mod_cc_ubuntu_pro>` schema.
+
+Attach machine to a subscription
+================================
+
+This example attaches the machine to the subscription linked to the contract
+token specified.
+
+.. literalinclude:: ../../../module-docs/cc_ubuntu_pro/example1.yaml
+   :language: yaml
+   :linenos:
+
+Attach and enable FIPS and ESM
+==============================
+
+This example attaches the machine to an Ubuntu Pro subscription, also enabling
+the FIPS and ESM services.
+
+.. literalinclude:: ../../../module-docs/cc_ubuntu_pro/example2.yaml
+   :language: yaml
+   :linenos:
+
+Attach, enable FIPS and reboot
+==============================
+
+This example shows how to attach the machine to subscription and enable the
+FIPS service, then perform a reboot after cloud-init has completed to ensure
+the machine boots into the FIPS kernel.
+
+.. literalinclude:: ../../../module-docs/cc_ubuntu_pro/example3.yaml
+   :language: yaml
+   :linenos:
+
+Configure a HTTP(S) proxy
+=========================
+
+This example will set a HTTP(S) proxy before attaching the machine to
+subscription and enabling the FIPS service.
+
+.. literalinclude:: ../../../module-docs/cc_ubuntu_pro/example4.yaml
+   :language: yaml
+   :linenos:
+
+Auto-attach but don't enable services
+=====================================
+
+Enabling services can be skipped as follows:
+
+.. literalinclude:: ../../../module-docs/cc_ubuntu_pro/example5.yaml
+   :language: yaml
+   :linenos:
+
+Enable beta services
+====================
+
+This example shows how to enable both ESM and the beta real-time kernel
+services. Note that real-time Ubuntu is `available on specific releases`_.
+
+.. literalinclude:: ../../../module-docs/cc_ubuntu_pro/example6.yaml
+   :language: yaml
+   :linenos:
+
+Note that a reboot will be required after the real-time kernel has been
+installed.
+
+Disable auto-attach
+===================
+
+.. literalinclude:: ../../../module-docs/cc_ubuntu_pro/example7.yaml
+   :language: yaml
+   :linenos:
+
+.. LINKS
+.. _compatibility matrix: https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/references/compatibility_matrix/
+.. _available on specific releases: https://documentation.ubuntu.com/real-time/en/latest/reference/releases/
diff --git a/doc/rtd/reference/yaml_examples/update_etc_hosts.rst b/doc/rtd/reference/yaml_examples/update_etc_hosts.rst
new file mode 100644
index 00000000000..c1384aac912
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/update_etc_hosts.rst
@@ -0,0 +1,53 @@
+.. _cce-update-etc-hosts:
+
+Update the hosts file
+*********************
+
+For a full list of keys, refer to the
+:ref:`update etc hosts module <mod_cc_update_etc_hosts>` schema.
+
+Do not update /etc/hosts
+========================
+
+The default behavior is for cloud-init to not update or manage ``/etc/hosts``
+at all. Whatever is present at instance boot time will be present after boot.
+User changes will not be overwritten.
+
+.. literalinclude:: ../../../module-docs/cc_update_etc_hosts/example1.yaml
+   :language: yaml
+   :linenos:
+
+Manage /etc/hosts with cloud-init
+=================================
+
+With this example, ``/etc/hosts`` will be re-written on every boot from
+``/etc/cloud/templates/hosts.tmpl``.
+
+The strings ``$hostname`` and ``$fqdn`` are replaced in the template with the
+appropriate values -- either from the ``config-config`` ``fqdn``, or
+``hostname`` if provided.
+
+When absent, the cloud metadata will be checked for ``local-hostname`` which
+can be split into ``<hostname>.<fqdn>``.
+
+To make your modifications persist across a reboot, you must modify
+``/etc/cloud/templates/hosts.tmpl``.
+
+.. literalinclude:: ../../../module-docs/cc_update_etc_hosts/example2.yaml
+   :language: yaml
+   :linenos:
+
+Update /etc/hosts every boot
+============================
+
+Updating ``/etc/hosts`` every boot, providing a ``localhost`` 127.0.1.1 entry
+with the latest hostname and FQDN (as provided by either IMDS or cloud-config).
+
+All other entries will be left unmodified.
+
+``ping hostname`` will ping ``127.0.1.1``.
+
+.. literalinclude:: ../../../module-docs/cc_update_etc_hosts/example3.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/update_hostname.rst b/doc/rtd/reference/yaml_examples/update_hostname.rst
new file mode 100644
index 00000000000..c3a0597ffbc
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/update_hostname.rst
@@ -0,0 +1,67 @@
+.. _cce-update-hostname:
+
+Update hostname and FQDN
+************************
+
+For a full list of keys, refer to the
+:ref:`update hostname module <mod_cc_update_hostname>` schema.
+
+Default behavior
+================
+
+When ``preserve_hostname`` is not specified, cloud-init updates
+``/etc/hostname`` per-boot based on the cloud-provided ``local-hostname``
+setting. If you manually change ``/etc/hostname`` after boot, cloud-init will
+no longer modify it.
+
+This default cloud-init behavior is equivalent to this cloud-config:
+
+.. literalinclude:: ../../../module-docs/cc_update_hostname/example1.yaml
+   :language: yaml
+   :linenos:
+
+Note that the same cloud-config will also prevent cloud-init from updating the
+system hostname.
+
+Prevent updates to ``/etc/hostname``
+====================================
+
+This example will prevent cloud-init from updating the system hostname or
+``/etc/hostname``.
+
+.. literalinclude:: ../../../module-docs/cc_update_hostname/example2.yaml
+   :language: yaml
+   :linenos:
+
+Set hostname
+============
+
+This example sets the hostname to ``external.fqdn.me`` instead of ``myhost``.
+
+.. literalinclude:: ../../../module-docs/cc_update_hostname/example4.yaml
+   :language: yaml
+   :linenos:
+
+Override cloud metadata
+=======================
+
+Set the hostname to ``external`` instead of ``external.fqdn.me`` when cloud
+metadata provides the ``local-hostname``: ``external.fqdn.me``.
+
+.. literalinclude:: ../../../module-docs/cc_update_hostname/example5.yaml
+   :language: yaml
+   :linenos:
+
+Don't create ``/etc/hostname`` file
+===================================
+
+On a machine without an ``/etc/hostname`` file, this config instructs
+cloud-init not to create one.
+
+In most clouds, this will result in a DHCP-configured hostname provided by the
+cloud.
+
+.. literalinclude:: ../../../module-docs/cc_update_hostname/example6.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/user_groups.rst b/doc/rtd/reference/yaml_examples/user_groups.rst
new file mode 100644
index 00000000000..1a23dd1b1cb
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/user_groups.rst
@@ -0,0 +1,139 @@
+.. _cce-user-groups:
+
+Configure users and groups
+**************************
+
+These examples will show how you can configure users and groups.
+
+For a full list of keys, and more details of how to use this module, refer to
+the :ref:`users and groups module <mod_cc_users_groups>` schema.
+
+Add default user
+================
+
+.. literalinclude:: ../../../module-docs/cc_users_groups/example1.yaml
+   :language: yaml
+   :linenos:
+
+Don't create any default user
+=============================
+
+.. literalinclude:: ../../../module-docs/cc_users_groups/example8.yaml
+   :language: yaml
+   :linenos:
+
+Add groups to the system
+========================
+
+The following example adds the ``'admingroup'`` group, with members ``'root'``
+and ``'sys'``, and the empty group ``cloud-users``.
+
+.. literalinclude:: ../../../module-docs/cc_users_groups/example2.yaml
+   :language: yaml
+   :linenos:
+
+Add users to the system
+=======================
+
+Users are added after groups. Note that most of these configuration options
+will not be honored if the user already exists. The following options are
+exceptions and can be applied to already-existing users:
+
+- ``plain_text_passwd``
+- ``hashed_passwd``
+- ``lock_passwd``
+- ``sudo``
+- ``ssh_authorized_keys``
+- ``ssh_redirect_user``
+
+.. code-block:: yaml
+
+    #cloud-config
+    users:
+    - default
+    - name: foobar
+      gecos: Foo B. Bar
+      primary_group: foobar
+      groups: users
+      selinux_user: staff_u
+      expiredate: '2032-09-01'
+      ssh_import_id:
+        - lp:falcojr
+        - gh:TheRealFalcon
+      lock_passwd: false
+      passwd: $6$j212wezy$7H/1LT4f9/N3wpgNunhsIqtMj62OKiS3nyNwuizouQc3u7MbYCarYeAHWYPYb2FT.lbioDm2RrkJPb9BZMN1O/
+    - name: barfoo
+      gecos: Bar B. Foo
+      sudo: ALL=(ALL) NOPASSWD:ALL
+      groups: users, admin
+      ssh_import_id:
+        - lp:falcojr
+        - gh:TheRealFalcon
+      lock_passwd: true
+      ssh_authorized_keys:
+        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSL7uWGj8cgWsp... csmith@fringe
+    - name: cloudy
+      gecos: Magic Cloud App Daemon User
+      inactive: '5'
+      system: true
+    - name: fizzbuzz
+      sudo: false
+      shell: /bin/bash
+      ssh_authorized_keys:
+        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSL7uWGj8cgWsp... csmith@fringe
+    - snapuser: joe@joeuser.io
+    - name: nosshlogins
+      ssh_redirect_user: true
+
+Set the default shell
+=====================
+
+The default shell for ``newsuper`` is bash instead of the system default.
+
+.. literalinclude:: ../../../module-docs/cc_users_groups/example3.yaml
+   :language: yaml
+   :linenos:
+
+Configure doas/opendoas
+=======================
+
+Here we configure ``doas``/``opendoas`` to permit this user to run commands as
+other users without being prompted for a password (except not as root).
+
+.. literalinclude:: ../../../module-docs/cc_users_groups/example4.yaml
+   :language: yaml
+   :linenos:
+
+On SELinux
+==========
+
+On a system with SELinux enabled, this example will add ``youruser`` and set
+the SELinux user to ``staff_u``. When omitted on SELinux, the system will
+select the configured default SELinux user.
+
+.. literalinclude:: ../../../module-docs/cc_users_groups/example5.yaml
+   :language: yaml
+   :linenos:
+
+Redirect legacy username
+========================
+
+To redirect a legacy username to the default user for a distribution,
+``ssh_redirect_user`` will accept an SSH connection and show a message telling
+the client to SSH as the default user. SSH clients will get the message:
+
+.. literalinclude:: ../../../module-docs/cc_users_groups/example6.yaml
+   :language: yaml
+   :linenos:
+
+Override default user config
+============================
+
+Override any ``default_user`` config in ``/etc/cloud/cloud.cfg`` with
+supplemental config options. This config will make the default user
+``mynewdefault`` and change the user to not have ``sudo`` rights.
+
+.. literalinclude:: ../../../module-docs/cc_users_groups/example7.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/wireguard.rst b/doc/rtd/reference/yaml_examples/wireguard.rst
new file mode 100644
index 00000000000..aeecd6d633b
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/wireguard.rst
@@ -0,0 +1,25 @@
+.. _cce-wireguard:
+
+Configure Wireguard tunnel
+**************************
+
+In this example, we show how to configure one (or more) Wireguard interfaces,
+and also provide (optional) readiness probes.
+
+Each interface you wish to create will be named after the ``name`` parameter,
+and the config will be written to a file located under ``config_path``.
+
+The ``content`` parameter should be set with a valid Wireguard configuration.
+
+The readiness probes ensure Wireguard has connectivity before continuing the
+cloud-init process. This could be useful if you need access to specific
+services like an internal APT repository server (e.g., Landscape) to install or
+update packages.
+
+For a full list of keys, refer to the
+:ref:`Wireguard module <mod_cc_wireguard>` schema.
+
+.. literalinclude:: ../../../module-docs/cc_wireguard/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/write_files.rst b/doc/rtd/reference/yaml_examples/write_files.rst
new file mode 100644
index 00000000000..c2f3c1ba66d
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/write_files.rst
@@ -0,0 +1,54 @@
+.. _cce-write-files:
+
+Writing out arbitrary files
+***************************
+
+Encoding can be given as base64 (b64) or gzip. The content will be decoded
+accordingly and then written to the path provided.
+
+For a full list of keys, refer to the
+:ref:`write files module <mod_cc_write_files>` schema.
+
+Write content to file
+=====================
+
+This example will write out base64-encoded content to
+``/etc/sysconfig/selinux``.
+
+.. literalinclude:: ../../../module-docs/cc_write_files/example1.yaml
+   :language: yaml
+   :linenos:
+
+Append content to file
+======================
+
+This config will append content to an existing file.
+
+.. literalinclude:: ../../../module-docs/cc_write_files/example2.yaml
+   :language: yaml
+   :linenos:
+
+Provide gzipped binary content
+==============================
+
+.. literalinclude:: ../../../module-docs/cc_write_files/example3.yaml
+   :language: yaml
+   :linenos:
+
+Create empty file on the system
+===============================
+
+.. literalinclude:: ../../../module-docs/cc_write_files/example4.yaml
+   :language: yaml
+   :linenos:
+
+Defer writing content
+=====================
+
+This example shows how to defer writing the file until after the packages have
+been installed and its user is created alongside.
+
+.. literalinclude:: ../../../module-docs/cc_write_files/example5.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/yum_repo.rst b/doc/rtd/reference/yaml_examples/yum_repo.rst
new file mode 100644
index 00000000000..8d127dacf29
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/yum_repo.rst
@@ -0,0 +1,59 @@
+.. _cce-yum-repo:
+
+Yum repositories
+****************
+
+This example shows how to configure a ``yum`` repository. For a full list of
+keys, refer to the :ref:`yum add repo module <mod_cc_yum_add_repo>` schema.
+
+Add a yum repo (basic example)
+==============================
+
+.. literalinclude:: ../../../module-docs/cc_yum_add_repo/example1.yaml
+   :language: yaml
+   :linenos:
+
+Add daily testing repo
+======================
+
+This example enables cloud-init upstream's daily testing repo for EPEL 8 to
+install the latest version of cloud-init from tip of ``main`` for testing.
+
+.. literalinclude:: ../../../module-docs/cc_yum_add_repo/example2.yaml
+   :language: yaml
+   :linenos:
+
+Add EPEL testing repo
+=====================
+
+The following example adds the ``/etc/yum.repos.d/epel_testing.repo`` file,
+which can be subsequently used by ``yum`` for later operations.
+
+.. literalinclude:: ../../../module-docs/cc_yum_add_repo/example3.yaml
+   :language: yaml
+   :linenos:
+
+Upgrade ``yum`` on boot
+=======================
+
+This example will upgrade the ``yum`` repository on first boot. The default
+is ``false``.
+
+.. code-block:: yaml
+
+    #cloud-config
+    package_upgrade: true
+
+Configure a yum repo
+====================
+
+Any ``yum`` repo configuration can be passed directly into the repository file
+created. See ``man yum.conf`` for supported config keys.
+
+This example will write ``/etc/yum.conf.d/my-package-stream.repo``, with
+``gpgkey`` checks on the repo data of the enabled repository.
+
+.. literalinclude:: ../../../module-docs/cc_yum_add_repo/example4.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/reference/yaml_examples/zypper_repo.rst b/doc/rtd/reference/yaml_examples/zypper_repo.rst
new file mode 100644
index 00000000000..dcbd9602b56
--- /dev/null
+++ b/doc/rtd/reference/yaml_examples/zypper_repo.rst
@@ -0,0 +1,13 @@
+.. _cce-zypper-repo:
+
+Configure Zypper repositories
+*****************************
+
+This example shows how to configure a Zypper repository. For a full list of
+keys, refer to the :ref:`Zypper add repo module <mod_cc_zypper_add_repo>`
+schema.
+
+.. literalinclude:: ../../../module-docs/cc_zypper_add_repo/example1.yaml
+   :language: yaml
+   :linenos:
+
diff --git a/doc/rtd/spelling_word_list.txt b/doc/rtd/spelling_word_list.txt
index 5f4783af65b..0b2ba2d3314 100644
--- a/doc/rtd/spelling_word_list.txt
+++ b/doc/rtd/spelling_word_list.txt
@@ -153,6 +153,7 @@ nonexistent
 ntp
 ntpd
 ntpdate
+nvme
 openbsd
 opendoas
 openeuler