[openstack-dev] Disabling file injection *by default*
Richard W.M. Jones
rjones at redhat.com
Tue Jan 21 22:31:15 UTC 2014
On Wed, Jan 22, 2014 at 10:57:29AM +1300, Robert Collins wrote:
I'm a bit surprised that file injection is on by default. I thought
it was disabled by default upstream. (Just checked and it is enabled
as you say.) So yes, file injection should be off by default, but
> There's nothing wrong with libguestfs, this is about the feature which
> has been discussed, here, a lot :) - for delivering metadata to
> images, config-drive || metadata service are much better.
I generally agree that it's nicer to use cloud-init etc instead of
injection, although some (declining) number of guests that people want
to run might not have cloud-init.
The current file injection setting is tricky from the libguestfs point
of view because all we have is this "inject_partition" integer ... per
Nova instance! The knob makes no sense since libguestfs can inspect
guests, and it definitely makes no sense that the user can't set it
when uploading a guest to glance or starting a guest. [Or is this
possible? I've never found a way] This single "partition" setting is
a hang-over from some really ancient code that predates libguestfs
file injection, and we just reused and overloaded the same setting.
> Hypervisors shouldn't be in the business of tinkering inside VM file
> systems at all.
Yes and no. In theory there should be a clean separation. In
practice libguestfs lets you do some wonderful things based on
tinkering inside VMs :-)
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)
More information about the OpenStack-dev