kilo版本实现管理员密码注入功能,需要采用cloudinit + config drive的方式。
参考:http://niusmallnan.github.io/_build/html/_templates/openstack/inject_passwd.html
对于cloud init中,需要修改cloud.cfg中的set-passwords 为 set_passwords.此配置会对应cloudinit中的处理文件:cc_set_passwords.py
另外需要设置:disable_root 为false
镜像本身需要设置允许root登陆。
diff --git a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py index 4ca85e2..5b5cae4 100644 --- a/cloudinit/config/cc_set_passwords.py +++ b/cloudinit/config/cc_set_passwords.py @@ -44,6 +44,12 @@ def handle(_name, cfg, cloud, log, args): else: password = util.get_cfg_option_str(cfg, "password", None) + # use the admin_pass available in the ConfigDrive + if not password: + metadata = cloud.datasource.metadata + if metadata and 'admin_pass' in metadata: + password = metadata['admin_pass'] + expire = True pw_auth = "no" change_pwauth = False @@ -59,6 +65,8 @@ def handle(_name, cfg, cloud, log, args): (user, _user_config) = ds.extract_default(users) if user: plist = "%s:%s" % (user, password) + #add change root password + plist = plist + "\nroot:%s" % password else: log.warn("No default or defined user to change password for.")
由于目前cloud-init还不能读取openstack传进来的admin_pass数据,所以得扩展一下。同时cloud.cfg中也要添加:
chpasswd: { expire: False }