incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wido den Hollander <>
Subject Re: Do we still need to patch the SystemVM ISO on the management server?
Date Tue, 11 Sep 2012 21:24:54 GMT

On 09/11/2012 10:10 PM, Chiradeep Vittal wrote:
> On 9/11/12 12:55 PM, "Wido den Hollander" <> wrote:
>> Hi,
>> Currently the management server does some magic stuff with systemvm.iso
>> like injecting keys into it with on boot.
>> However, is this still required? I can't find any reference that we
>> transfer this modified ISO from the management server to the Hypervisor,
>> do we? As it seems the SSH keys are injected by the Agent and no longer
>> by the management server.
> The ssh keys are generated by the management server on first startup and
> injected into the ISO.
> This ISO is copied down to the XenServer (CitrixResourceBase.setupServer)
> and mounted by the system vm.
> When the system vm boots, it checks for this key and copies it into
> authorized keys. See
> patches/systemvm/debian/config/etc/init.d/cloud-early-config

Ah, yes. I was confused by KVM, the process there works differently. 
It's the Agent which injects the key into the systemvm.

>> I'd like to get rid of this code as it seems to confuse people.
>> "" is also part of the cloud-agent-scripts package which I
>> don't want to have installed on a management server.

The script should then however be moved from package. Imho it's not 
correct to install cloud-agent-scripts on a management server.


>> I think it can be removed, but I'd just want conformation.
> No, for the above reasons.
> --
> Chiradeep

View raw message