[openstack-dev] [Ironic] File Injection (and the lack thereof)

Devananda van der Veen devananda.vdv at gmail.com
Fri Jan 24 14:15:12 UTC 2014

In going through the bug list, I spotted this one and would like to discuss

"can't disable file injection for bare metal"

There's a #TODO in Ironic's PXE driver to *add* support for file injection,
but I don't think we should do that. For the various reasons that Robert
raised a while ago (
file injection for Ironic instances is neither scalable nor secure. I'd
just as soon leave support for it completely out.

However, Michael raised an interesting counter-point (
that some deployments may not be able to use cloud-init due to their
security policy.

As we don't have support for config drives in Ironic yet, and we won't
until there is a way to control either virtual media or network volumes on
ironic nodes. So, I'd like to ask -- do folks still feel that we need to
support file injection?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140124/09d86ba7/attachment.html>

More information about the OpenStack-dev mailing list