cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nux! <>
Subject Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way
Date Tue, 26 Aug 2014 21:44:03 GMT
Hi Erik and thanks for your effort. Using user data is a nice idea.
Let's see what more experienced programmers have to say on this.

One thing that I noticed; though it might have been OK in your particular case, "rm -rf /var/lib/cloud/"
is a bad idea as it can include various useful scripts along that path. As you noticed I copy
the cloudstack-set-password script in /var/lib/cloud/scripts/per-boot, so that's one example.


Sent from the Delta quadrant using Borg technology!


----- Original Message -----
> From: "Erik Weber" <>
> To: "dev" <>
> Sent: Tuesday, 26 August, 2014 9:34:44 PM
> Subject: [DISCUSS] Changing the way password reset works, or allowing the cloud-init
> If I understand correctly, we currently deploy a web server on port 8080 on
> the VR and send a specially crafted request to retrieve the password.
> This requires special made scripts or software on the guest vms to execute
> the password reset.
> At the same time cloud-init has become the de facto standard of pushing
> configuration to guest vms.
> cloud-init does support password resets out of the box, through the usage
> of user-data.
> There are a couple of issues with this that I can think of, and there are
> probably more that I currently cannot think of, but hopefully someone else
> might :-)
>  - we cannot change/update user-data (yet) in acs (i think?)
>  - if the vm has an existing user-data, we have to modify it. how to handle
> custom scripts as user-data?
>  - should we clean up the user-data after some time? how to pick up that
> the cloud-init has run?
> If you want to test how this works you can deploy a machine with cloud-init
> installed.
> I used this[1] from Lucian as source for its configuration.
> After that, you have to manually log on to the VR, go to
> /var/www/html/userdata/<vm ip>/ and modify the user-data file. Example
> content is here[2].
> Then on your test machine, issue: rm -rf /var/lib/cloud/ && cloud-init init
> && cloud-init modules --mode config && cloud-init modules --mode final
> If you chose to use the random password generator it will display on the
> screen.
> This is most likely beyond my programming skills, so I cannot say what
> amount of effort it would take to accomplish.
> [1]
> [2]
> --
> Erik

View raw message