git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cloudstack reset VM password files


Hey guys, I do not know how cloud-init is supposed to work regarding
passwords, but I recall having similar issues with SSH keys. After having a
key deployed, cloud-init would not update the key, if it was changed in
ACS/OpenStack (it has been almost two years that I tested this, so I am not
sure if this still persists). After reaching out the community
(cloud-init), I discovered that it was designed this way, and to change it
would require some work Cloud-init (not just ACS/OpenStack modules).

On Fri, Nov 9, 2018 at 4:56 PM Yordan Kostov <
Yordan.Kostov@xxxxxxxxxxxxxxxxx> wrote:

> Ivan,
>
> I can verify that deleting /run/cloud-init does not make the VM get
> another root password on the next boot (after changing it from ACD gui).
> Thank you for the info, if I make it work I will let you know.
>
> Best regards,
> Jordan
>
> -----Original Message-----
> From: Ivan Kudryavtsev [mailto:kudryavtsev_ia@xxxxxxxxx]
> Sent: Friday, November 9, 2018 8:51 PM
> To: users <users@xxxxxxxxxxxxxxxxxxxxx>
> Subject: Re: cloudstack reset VM password files
>
> Hi, Jordan. That's the question, indeed. That's why I was interested in
> the topic. I don't know the answer to your question. Hopefully, the best
> one is to change the CloudStack module, but the trick with removing
> 'breadcrumb'
> files also should work.
>
> пт, 9 нояб. 2018 г. в 13:43, Yordan Kostov <
> Yordan.Kostov@xxxxxxxxxxxxxxxxx
> >:
>
> > Hello Ivan,
> >
> >         Currently working on cloud-init (for Centos 7.5) and how it
> > can be used without the Cloudstack default scripts. I tried deleting
> > the /run/cloud-init folder but the password is not changed. Is there
> > any other place that should be edited/removed  ?
> >
> > Best regards,
> > Jordan
> >
> > -----Original Message-----
> > From: Ivan Kudryavtsev [mailto:kudryavtsev_ia@xxxxxxxxx]
> > Sent: Friday, November 9, 2018 8:01 PM
> > To: users <users@xxxxxxxxxxxxxxxxxxxxx>
> > Subject: Re: cloudstack reset VM password files
> >
> > Hi, Fernando. We also use them. Just wondering if anyone managed these
> > tasks with pure cloud-init. I know it may be forced to do every time
> > checking by removing its tracking files from '/run/...'
> >
> > пт, 9 нояб. 2018 г. в 12:56, Alvarez Fernando
> > <falvarez@xxxxxxxxxxxx.invalid
> > >:
> >
> > > Hello Ivan,
> > >
> > >
> > > We use the scripts cloud-set-guest-password (first password and
> > > reset
> > > password) and cloud-set-guest-sshkey (use sshkey user) in Debian 8,
> > > Debian 9, Centos 6 - RHEL6 and Centos 7 - RHEL 7 and works fine!.
> > >
> > > if you need them I can give them to you.
> > >
> > > You must put this 2 files in /etc/init.d in Debian and
> > > /etc/rc.d/init.d in Centos/RHEL.
> > > For other template initialization tasks we use cloud-init and works
> > > well too.
> > >
> > > Regards,
> > > Fernando.
> > > ________________________________
> > > De: Ivan Kudryavtsev <kudryavtsev_ia@xxxxxxxxx>
> > > Enviado: viernes, 9 de noviembre de 2018 12:44:51
> > > Para: users
> > > Asunto: Re: cloudstack reset VM password files
> > >
> > > Hello, colleagues.
> > >
> > > Can cloud-init reset password as well? AFAIK initially it runs once
> > > for the password, root volume resizes, keys which is fine for
> > > initial deployment, but is not good for resetting the credentials.
> > >
> > > ср, 7 нояб. 2018 г. в 4:58, Yordan Kostov
> > > <Yordan.Kostov@xxxxxxxxxxxxxxxxx
> > > >:
> > >
> > > > Thank you Simon and Andrija :).
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Andrija Panic [mailto:andrija.panic@xxxxxxxxx]
> > > > Sent: Wednesday, November 7, 2018 11:31 AM
> > > > To: users <users@xxxxxxxxxxxxxxxxxxxxx>
> > > > Subject: Re: cloudstack reset VM password files
> > > >
> > > > Good stuff (btw I have been using old password init and MSI
> > > > installer for
> > > > win2016 and it works just fine for me).
> > > >
> > > > Cloudinit also supports automatic resize of root
> > > > partitions/filesystem on boot (usefull when you deploy VM from
> > > > small template but choose to make root disk bigger during vm
> creation).
> > > >
> > > > Cheers
> > > > Andrija
> > > >
> > > > On Wed, Nov 7, 2018, 10:01 <simon.voelker@xxxxxxxxxxxxxxxx wrote:
> > > >
> > > > > Hi,
> > > > >
> > > > > I can also highly recommend cloud-init. We use it for our
> > > > > templates as well. There is also a Windows analogue of it (
> > > > > https://cloudbase.it/cloudbase-init/) that I recently used to
> > > > > finally get password functionality to work properly on Windows
> > Server 2016.
> > > > >
> > > > >
> > > > > Simon Völker
> > > > >
> > > > > Fraunhofer-Gesellschaft e.V.
> > > > > Schloss Birlinghoven
> > > > > 53754 Sankt Augustin
> > > > > Telefon: +49 2241 14-2311
> > > > > E-mail: simon.voelker@xxxxxxxxxxxxxxxx<mailto:
> > > > > simon.voelker@xxxxxxxxxxxxxxxx>
> > > > >
> > > > >
> > > > >
> > > > > Am 07.11.2018 um 09:55 schrieb Yordan Kostov <
> > > > > Yordan.Kostov@xxxxxxxxxxxxxxxxx<mailto:Yordan.Kostov@worldsupport.
> > > > > info
> > > > >>:
> > > > >
> > > > > Thank you René,
> > > > >
> > > > > I will take it from here and test it. Some documentation will be
> > > > > on the way as well.
> > > > >
> > > > > Best regards,
> > > > > Jordan
> > > > >
> > > > > -----Original Message-----
> > > > > From: Rene Moser [mailto:mail@xxxxxxxxxxxxx]
> > > > > Sent: Wednesday, November 7, 2018 10:46 AM
> > > > > To:
> > > > > users@xxxxxxxxxxxxxxxxxxxxx<mailto:users@xxxxxxxxxxxxxxxxxxxxx>
> > > > > Subject: Re: cloudstack reset VM password files
> > > > >
> > > > > Hi
> > > > >
> > > > > Nowadays the cloud-init [1] project supports cloudstack out of
> > > > > the box and we switched our templates to only use cloud-init.
> > > > >
> > > > > Unfortunately the docs regarding cloudstack is not that great
> > > > > (it is on my list to give back my finding). There are some great
> > > > > docs here https://wiki.archlinux.org/index.php/Cloud-init.
> > > > >
> > > > > Our config under config dir /etc/cloud/cloud.cfg.d/ has two
> > > > > files
> > > > >
> > > > > - 80_root.cfg
> > > > > - 99_cloudstack.cfg
> > > > >
> > > > > 80_root.cfg contents is...
> > > > >
> > > > > system_info:
> > > > >  default_user:
> > > > >    name: root
> > > > > disable_root: 0
> > > > > ssh_pwauth: 1
> > > > >
> > > > > ...and 99_cloudstack.cfg looks like...
> > > > >
> > > > > datasource:
> > > > >  CloudStack: {}
> > > > >  None: {}
> > > > > datasource_list:
> > > > >  - CloudStack
> > > > >
> > > > > Note that cloud-init has a ton of great features beside the
> > > > > support of cloudstack.
> > > > >
> > > > > Hope that helps
> > > > >
> > > > > René
> > > > >
> > > > > [1] https://cloudinit.readthedocs.io/en/latest/
> > > > >
> > > > >
> > > > >
> > > >
> > >
> > >
> > > --
> > > With best regards, Ivan Kudryavtsev
> > > Bitworks LLC
> > > Cell RU: +7-923-414-1515
> > > Cell USA: +1-201-257-1512
> > > WWW: http://bitworks.software/ <http://bw-sw.com/>
> > >
> >
> >
> > --
> > With best regards, Ivan Kudryavtsev
> > Bitworks LLC
> > Cell RU: +7-923-414-1515
> > Cell USA: +1-201-257-1512
> > WWW: http://bitworks.software/ <http://bw-sw.com/>
> >
>
>
> --
> With best regards, Ivan Kudryavtsev
> Bitworks LLC
> Cell RU: +7-923-414-1515
> Cell USA: +1-201-257-1512
> WWW: http://bitworks.software/ <http://bw-sw.com/>
>


-- 
Rafael Weingärtner