Those agents use the Xen/XenAPI specific stuff called xenstore. There was talk of extending cloud-init and the metadata service to support some kind of password generation on boot or at a poll interval, but I don't remember that conversation getting too far. Anyone one else remember what came of those ideas?
John From: openstack-bounces+john.garbutt=citrix....@lists.launchpad.net [mailto:openstack-bounces+john.garbutt=citrix....@lists.launchpad.net] On Behalf Of Sam Stoelinga Sent: 28 November 2012 06:26 To: Pádraig Brady Cc: openstack@lists.launchpad.net Subject: Re: [Openstack] Handling of adminPass is arguably broken (essex) Hi, Just noticed the following two projects: https://github.com/rackspace/openstack-guest-agents-windows-xenserver https://github.com/rackspace/openstack-guest-agents-unix Would those be useful in creating an agent like Vish described? It seems they currently only support Xen? Haven't taken a deep look yet. a) put a public key on the instance via metadata or config drive (for ease of use this could actually just be the ssh public key you normally use for logging into the vm). b) have a daemon in the windows instance that: * generates a random password * sets the administrator password to the random password * encrypts it with the public key * serves the encrypted password over https on a known port (say 9999) c) open up port (9999) in the instance's security group d) retrieve the encrypted password and decrypt it e) close port (9999) in the instances security group Was wondering if it's planned for Grizzly a way to change the password for libvirt/kvm guests (unix and windows)? Is there any blueprint available? Sam On Sat, Nov 3, 2012 at 3:15 AM, Pádraig Brady <p...@draigbrady.com<mailto:p...@draigbrady.com>> wrote: On 11/02/2012 07:03 PM, Lars Kellogg-Stedman wrote: On Thu, Nov 01, 2012 at 11:03:14AM -0700, Vishvananda Ishaya wrote: The new config drive code defaults to iso-9660, so that should work. The vfat version should probably create a partition table. Is that what Folsom is using? Or is it new-er than that? That's in Folsom _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net<mailto:openstack@lists.launchpad.net> Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp