If I understand correctly, we currently deploy a web server on port 8080 on the VR and send a specially crafted request to retrieve the password.
This requires special made scripts or software on the guest vms to execute the password reset. At the same time cloud-init has become the de facto standard of pushing configuration to guest vms. cloud-init does support password resets out of the box, through the usage of user-data. There are a couple of issues with this that I can think of, and there are probably more that I currently cannot think of, but hopefully someone else might :-) - we cannot change/update user-data (yet) in acs (i think?) - if the vm has an existing user-data, we have to modify it. how to handle custom scripts as user-data? - should we clean up the user-data after some time? how to pick up that the cloud-init has run? If you want to test how this works you can deploy a machine with cloud-init installed. I used this[1] from Lucian as source for its configuration. After that, you have to manually log on to the VR, go to /var/www/html/userdata/<vm ip>/ and modify the user-data file. Example content is here[2]. Then on your test machine, issue: rm -rf /var/lib/cloud/ && cloud-init init && cloud-init modules --mode config && cloud-init modules --mode final If you chose to use the random password generator it will display on the screen. This is most likely beyond my programming skills, so I cannot say what amount of effort it would take to accomplish. [1] http://dl.openvm.eu/cloudstack/centos/ks/vanilla/7/post_cloudstack.ks [2] https://gist.github.com/terbolous/e0ab09afaa6be2a5f3bb -- Erik
