|
12 | 12 | KIND, either express or implied. See the License for the |
13 | 13 | specific language governing permissions and limitations |
14 | 14 | under the License. |
15 | | - |
| 15 | +
|
16 | 16 |
|
17 | 17 | The CloudStack API is a low level API that has been used to implement |
18 | 18 | the CloudStack web UIs. It is also a good basis for implementing other |
@@ -177,6 +177,29 @@ VMdata - a list of String arrays representing [“directory”, “filename”, |
177 | 177 |
|
178 | 178 | - default: config-2 |
179 | 179 |
|
| 180 | +Virtual machine password via ConfigDrive |
| 181 | +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 182 | + |
| 183 | +The ConfigDrive metadata provider delivers the virtual machine password simultaneously in two variants, leaving which one to use to the user discretion: |
| 184 | + |
| 185 | +1. As the ``<mountdir>/cloudstack/password/vm_password.txt`` file. |
| 186 | + |
| 187 | +This file is intended to be used by an external script that runs inside the virtual machine every boot, and changes the password if needed. |
| 188 | +The init-script that implements this functionality can be found in the `Cloudstack source <https://github.com/apache/cloudstack/blob/main/setup/bindir/cloud-set-guest-password-configdrive.in>`_. |
| 189 | + |
| 190 | +.. note:: |
| 191 | + The ``vm_password.txt`` file is not compatible with cloud-init password module, so the cloud-init will ignore it. |
| 192 | + It is up to Cloudstack administrator to include the script processing it in the virtual machines and/or their templates. |
| 193 | + |
| 194 | +2. As the ``<mountdir>/openstack/latest/vendor_data.json``. |
| 195 | +This is a standard password location supported by cloud-init's both ConfigDrive datasource and the password module. |
| 196 | +Therefore, this variant allows using cloud-init as the only tool for provisioning a virtual machine, without using external scripts. |
| 197 | + |
| 198 | +.. warning:: |
| 199 | + Cloud-init password module is designed to only perform the initial virtual machine password setup. |
| 200 | + It will ignore the changes in ``vendor_data.json`` after the first run. Therefore, resetting the virtual machine password from Cloudstack will not work with this variant. |
| 201 | + |
| 202 | + |
180 | 203 | For more detailed information about the Config Drive implementation refer to |
181 | 204 | the `Wiki Article |
182 | 205 | <https://cwiki.apache.org/confluence/display/CLOUDSTACK/Using+ConfigDrive+for+Metadata%2C+Userdata+and+Password#:~:text=CLOUDSTACK%2D9813%20%2D%20(),%2Dkeys)%20and%20password%20files>`_ |
0 commit comments