Open Stack

Wanted to let you know I'm working on a nova metadata vendordata plugin
that will help automate instance enrollment into a freeIPA server.

This will do a number of things for a user:
- provide centralized user identity, sudo and host-based access control
for the instances
- provide the instance an identity it can use for itself
- using this identity a host can obtain SSL certificates for itself from
your freeIPA CA

If ipa_enroll is set to True in the instance metadata (or in the image
metadata) when a nova instance is spawned then a one-time password will
be created and IPA enrollment will occur during the cloud-init stage.

Code is currently at https://github.com/rcritten/novajoin

rob