[openstack-dev] [nova] Using image metadata to sanity check supplied authentication data at nova 'create' or 'recreate' time?

Michael Still mikal at stillhq.com
Mon Jun 6 22:31:35 UTC 2016


On Tue, Jun 7, 2016 at 7:41 AM, Clif Houck <me at clifhouck.com> wrote:

> Hello all,
>
> At Rackspace we're running into an interesting problem: Consider a user
> who boots an instance in Nova with an image which only supports SSH
> public-key authentication, but the user doesn't provide a public key in
> the boot request. As far as I understand it, today Nova will happily
> boot that image and it may take the user some time to realize their
> mistake when they can't login to the instance.
>

What about images where the authentication information is inside the image?
For example, there's just a standard account baked in that everyone knows
about? In that case Nova doesn't need to inject anything into the instance,
and therefore the metadata doesn't need to supply anything.

Cheers,
Michael

-- 
Rackspace Australia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160607/6e7260ba/attachment.html>


More information about the OpenStack-dev mailing list