[openstack-dev] [Ironic] File Injection (and the lack thereof)

Clint Byrum clint at fewbar.com
Fri Jan 24 22:27:24 UTC 2014


Excerpts from Joshua Harlow's message of 2014-01-24 14:17:38 -0800:
> Cloud-init 0.7.5 (not yet released) will have the ability to read from an
> ec2-metadata server using SSL.
> 
> In a recent change I did we now use requests which correctly does SSL for
> the ec2-metadata/ec2-userdata reading.
> 
> - http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/revision/910
> 
> For ssl-certs that it will use by default (if not provided) will be looked
> for in the following locations.
> 
> - /var/lib/cloud/data/ssl
>    - cert.pem
>    - key
> - /var/lib/cloud/instance/data/ssl
>    - cert.pem
>    - key
> - ... Other custom paths (typically datasource dependent)
> 
> So I think in 0.7.5 for cloud-init this support will be improved and as
> long as there is a supporting ssl ec2 metadata endpoint then this should
> all work out fine...

\o/ my heroes! ;)



More information about the OpenStack-dev mailing list