Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Issue with password injection and centos 6.7

There are many things to consider in this issue, so let's start by explaining the infrastructure a bit.

-This openstack setup uses ceph as a backend, so libguestfs cannot be used to inject passwords.

-Metadata password injection is not secure, as the root password can be curled from inside the instance

Considering this, we decided to inject password through libvirt and use metadata for other settings. This actually work very well on ubuntu 14.04 and centos 7. Where there is an issue though is with centos 6.7. We made our own custom centos 6.7 image as the official one does not support all the required features of cloud-init. However, we can't inject password into it. I have read that it's suggested to use libguestfs to inject the password, but that's not possible because our images and block devices are on ceph.

So, my question is, is there something I can install inside my image of CentOS 6.7 to make it compatible with the way openstack Kilo inject passwords?