Wanted to let you know I'm working on a nova metadata vendordata plugin that will help automate instance enrollment into a freeIPA server.
This will do a number of things for a user: - provide centralized user identity, sudo and host-based access control for the instances - provide the instance an identity it can use for itself - using this identity a host can obtain SSL certificates for itself from your freeIPA CA If ipa_enroll is set to True in the instance metadata (or in the image metadata) when a nova instance is spawned then a one-time password will be created and IPA enrollment will occur during the cloud-init stage. Code is currently at https://github.com/rcritten/novajoin rob __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev