Ask Your Question
0

Openstack Kilo Ceph backend KVM Password Injection

asked 2016-02-04 11:09:24 -0500

jgalvin2015 gravatar image

Hi All,

I have come to a bit of a standstill when i comes to password injection,

Ceph is our storage backend and using Openstack Kilo - Ubuntu 14.04

I have added the following in nova.conf on the compute:

[DEFAULT]
enable_instance_password=True
libvirt_inject_password=True

[libvirt]

virt_type = kvm
inject_password=True
inject_key=True
inject_partition=-1

libguestfs-tools are install and python-guestfs - Latest verions

I have also enabled root in cloud-init on the image that im using,

But when i try to build a VM and inject the password this is showing up in the logs:

2016-02-04 13:06:43.977 17405 DEBUG nova.virt.disk.api [req-dcd1f5f3-3502-489c-8b6e-311020f15124 - - - - -] Inject data image=rbd:vms/69707918-0ee3-4d14-ab22-8cbf0a9ebfed_disk:id=cinder:conf=/etc/ceph/ceph.conf key=None net=None metadata={} admin_password=<SANITIZED> files=[] partition=-1 use_cow=True inject_data /usr/lib/python2.7/dist-packages/nova/virt/disk/api.py:383

2016-02-04 13:06:43.977 17405 DEBUG nova.virt.disk.vfs.api [req-dcd1f5f3-3502-489c-8b6e-311020f15124 - - - - -] Instance for image imgfile=rbd:vms/69707918-0ee3-4d14-ab22-8cbf0a9ebfed_disk:id=cinder:conf=/etc/ceph/ceph.conf imgfmt=qcow2 partition=-1 instance_for_image /usr/lib/python2.7/dist-packages/nova/virt/disk/vfs/api.py:46

2016-02-04 13:06:43.978 17405 DEBUG nova.virt.disk.vfs.api [req-dcd1f5f3-3502-489c-8b6e-311020f15124 - - - - -] Using primary VFSGuestFS instance_for_image /usr/lib/python2.7/dist-packages/nova/virt/disk/vfs/api.py:50

2016-02-04 13:06:44.101 17405 WARNING nova.virt.disk.api [req-dcd1f5f3-3502-489c-8b6e-311020f15124 - - - - -] Ignoring error injecting data into image rbd:vms/69707918-0ee3-4d14-ab22-8cbf0a9ebfed_disk:id=cinder:conf=/etc/ceph/ceph.conf (libguestfs installed but not usable (/usr/bin/supermin-helper exited with error status 1.

Can anyone help me with this please?

Thanks,

James

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-02-04 16:57:56 -0500

capsali gravatar image

updated 2016-02-05 04:19:09 -0500

Well there is a warning in ceph docs as you should disable nova password injection and instead rely on metadata service and cloud-init.

As i understand nova must open the rootfs to inject the password and it doesn't play nice with ceph as a backend.

Update :

You can still inject password with cloud-init! This can be done when spawning an instance within post-creation/configuration tab. To change a users password :

#cloud-config
chpasswd:
  list: |
    user1:password1
    user2:password2
    user3:password3
  expire: False

Where user should be root if you want to change the root password. More information on cloud-init docs. Also cloud-init doesn't allow, by default, ssh password login, so you must specify this aswell into the config commands. I don't remember the exact command though. More info at cloud-init

edit flag offensive delete link more

Comments

The issue is our front end for customers needs password injection for their root password,

SSH key injects fine

Has anyone else been able to get this to work with CEPH as the backend for storage?

CAnt seem to find much info by Googleing

jgalvin2015 gravatar imagejgalvin2015 ( 2016-02-05 03:52:54 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-02-04 11:09:24 -0500

Seen: 333 times

Last updated: Feb 05 '16