[openstack-dev] [Ironic] File Injection (and the lack thereof)
Clint Byrum
clint at fewbar.com
Fri Jan 24 22:27:24 UTC 2014
Excerpts from Joshua Harlow's message of 2014-01-24 14:17:38 -0800:
> Cloud-init 0.7.5 (not yet released) will have the ability to read from an
> ec2-metadata server using SSL.
>
> In a recent change I did we now use requests which correctly does SSL for
> the ec2-metadata/ec2-userdata reading.
>
> - http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/revision/910
>
> For ssl-certs that it will use by default (if not provided) will be looked
> for in the following locations.
>
> - /var/lib/cloud/data/ssl
> - cert.pem
> - key
> - /var/lib/cloud/instance/data/ssl
> - cert.pem
> - key
> - ... Other custom paths (typically datasource dependent)
>
> So I think in 0.7.5 for cloud-init this support will be improved and as
> long as there is a supporting ssl ec2 metadata endpoint then this should
> all work out fine...
\o/ my heroes! ;)
More information about the OpenStack-dev
mailing list