Hi Erik and thanks for your effort. Using user data is a nice idea. Let's see what more experienced programmers have to say on this.
One thing that I noticed; though it might have been OK in your particular case, "rm -rf /var/lib/cloud/" is a bad idea as it can include various useful scripts along that path. As you noticed I copy the cloudstack-set-password script in /var/lib/cloud/scripts/per-boot, so that's one example. :-) Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message ----- > From: "Erik Weber" <terbol...@gmail.com> > To: "dev" <dev@cloudstack.apache.org> > Sent: Tuesday, 26 August, 2014 9:34:44 PM > Subject: [DISCUSS] Changing the way password reset works, or allowing the > cloud-init way > > If I understand correctly, we currently deploy a web server on port 8080 on > the VR and send a specially crafted request to retrieve the password. > > This requires special made scripts or software on the guest vms to execute > the password reset. > > At the same time cloud-init has become the de facto standard of pushing > configuration to guest vms. > > cloud-init does support password resets out of the box, through the usage > of user-data. > > There are a couple of issues with this that I can think of, and there are > probably more that I currently cannot think of, but hopefully someone else > might :-) > - we cannot change/update user-data (yet) in acs (i think?) > - if the vm has an existing user-data, we have to modify it. how to handle > custom scripts as user-data? > - should we clean up the user-data after some time? how to pick up that > the cloud-init has run? > > If you want to test how this works you can deploy a machine with cloud-init > installed. > I used this[1] from Lucian as source for its configuration. > > After that, you have to manually log on to the VR, go to > /var/www/html/userdata/<vm ip>/ and modify the user-data file. Example > content is here[2]. > > Then on your test machine, issue: rm -rf /var/lib/cloud/ && cloud-init init > && cloud-init modules --mode config && cloud-init modules --mode final > > If you chose to use the random password generator it will display on the > screen. > > This is most likely beyond my programming skills, so I cannot say what > amount of effort it would take to accomplish. > > > [1] http://dl.openvm.eu/cloudstack/centos/ks/vanilla/7/post_cloudstack.ks > [2] https://gist.github.com/terbolous/e0ab09afaa6be2a5f3bb > > -- > Erik >
