I agree with David. This feature is useless to me as the end-user if it's admin-only as I could never guarantee having admin access if I decided to move my app to another provider/cloud that I don't administer.
-Jason On Mon, Jan 13, 2014 at 2:32 PM, David Nalley <da...@gnsa.us> wrote: > The end-user has an even more compelling reason to be able to query > that information without resorting to querying from the host than an > admin ever will. > > Why would a cloud administrator need to see/care about userdata? I can > see the end-user/instance admin caring, but not the root admin. > > --David > > > > On Mon, Jan 13, 2014 at 5:25 PM, Alena Prokharchyk > <alena.prokharc...@citrix.com> wrote: > > User can always access it through his Vm. The feature is more meant to > > cover the case when Admin needs to get all the user data info for all vms > > of a) network b) system > > > > On 1/13/14, 1:55 PM, "David Nalley" <da...@gnsa.us> wrote: > > > >>On Mon, Jan 13, 2014 at 12:56 PM, Alena Prokharchyk > >><alena.prokharc...@citrix.com> wrote: > >>> I would like to propose to introduce API (Admin only, 4.4) that returns > >>>user data to the admin. Current UserData behavior: > >>> > >>> * userData is passed to the deployVm/updateVm call > >>> * its stored in CS db and on the VR > >>> * the only one way to retrieve the data, is to request it from the > >>>user vm inside the network by sending http request to the Virtual > Router. > >>> > >>> We've adopted this model from Amazon EC2 APIs. But along the way I've > >>>noticed that some third party integrators needed to read UserData by > >>>Admin to get the information about all vms in the system/network. To > >>>solve the problem, people were using different kinds of workarounds - db > >>>scripts to read userData from cloudstack DB, or writing CS API > >>>extensions: https://github.com/jasonhancock/cloudstack-api-extension. > >>> > >>> So the API I'm proposing, will let you to retrieve User Data via Admin > >>>API. It will be available to Root admin only. > >>> > >>> If anyone has any objection, or see the flaws in the proposal, please > >>>signal. > >>> > >>> -Alena. > >> > >> > >>Why make this root admin-only? Why shouldn't the user be able to see > >>their own instances user-data? > >> > >>While the ability to see user-data is compelling; limiting it to > >>root-admin only is much less desirable IMO. > >> > >>--David > > >
