core os password reset
Florian Rommel
florian at datalounges.com
Wed Sep 16 14:49:51 UTC 2020
Thank you Sean, appreciate it. Learned something new !:)
//Florian
> On 16. Sep 2020, at 17.36, Sean Mooney <smooney at redhat.com> wrote:
>
> On Wed, 2020-09-16 at 17:25 +0300, Florian Rommel wrote:
>> Just as a side question, is there a benefit of ignition over cloud-init? (Not trying to start a flame war.. genuinely
>> interested, and not trying to hijack the thread either)
> im not really sure. i think core os created ignition because of some limitation with cloud init
>
> they use it for a lot more then jsut basic first boot setup. its used for all system configtion in
> container linux so i imagin they hit edgecases and developed ignition to adress those.
> most cloud image like ubuntu or fedora i think dont ship with ignition support out of the box.
> i did not have anything in my history on this topic but i did fine this
> https://coreos.com/ignition/docs/latest/what-is-ignition.html
> coreos are generally pretty good at documenting there deision are thigns like this
> also https://coreos.com/ignition/docs/latest/rationale.html
>
> i really have not had much interaction with it however so in practis i dont know which is "better" in general.
>>
>> //florian
>>
>>>> On 16. Sep 2020, at 16.45, Sean Mooney <smooney at redhat.com> wrote:
>>>
>>> On Wed, 2020-09-16 at 06:39 -0700, Michael STFC wrote:
>>>> Our openstack env automatically injects SSH keys) and already does that
>>>> with all other images I have downloaded to deployed e.g fedora cloud images
>>>> and ceros cloud image.
>>>>
>>>> However core os is different and I have tried to edit grub added
>>>> coreos.autologin=tty1
>>>> but nothing.
>>>>
>>>> Also tried to do this via cloud-config
>>>>
>>>> #cloud-config
>>>>
>>>> coreos:
>>>> units:
>>>> - name: etcd.service
>>>> command: start
>>>>
>>>> users:
>>>> - name: core
>>>> passwd: coreos
>>>> ssh_authorized_keys:
>>>> - "ssh-rsa xxxxx"
>>>>
>>>>
>>>> And not luck - when vm boots it hangs.
>>>
>>> Coreos does not use cloud config by default it uses ignition.
>>> i belive you can still configure it with cloud init but you have to do it
>>> slightly differnet then normal.
>>> https://coreos.com/os/docs/latest/booting-on-openstack.html#container-linux-configs
>>> has the detail you need. basically you have to either pass an ignition script as the user
>>> data or Container Linux Config format.
>>>
>>> cloud init wont work.
>>>
>>> e.g.
>>> nova boot \
>>> --user-data ./config.ign \
>>> --image cdf3874c-c27f-4816-bc8c-046b240e0edd \
>>> --key-name coreos \
>>> --flavor m1.medium \
>>> --min-count 3 \
>>> --security-groups default,coreos
>>>
>>> were ./config.ign is an ignition file.
>>>
>>>>
>>>> On 16 Sep 2020 at 13:31:10, Florian Rommel <florian at datalounges.com> wrote:
>>>>
>>>>> Hi Michael.
>>>>> So, if I remember coreOS correctly, its the same as all of the cloud based
>>>>> images. It uses SSH keys to authenticate. If you have a an SSH public key
>>>>> in there where you do no longer have the private key for, you can “easily”
>>>>> reset it by 2 ways.
>>>>> 1. If its volume based instance, delete the instance but not the volume.
>>>>> Create the instance again by adding your own ssh key into the boot process.
>>>>> This will ADD the ssh key, but not overwrite the existing one in the
>>>>> authorized_key file
>>>>> 2. If it is normal ephermal disk based instance, make a snapshot and
>>>>> create a new instance from the snapshot, adding your own ssh key into it.
>>>>>
>>>>> Either or, if they are ssh key authenticated (which they should be), there
>>>>> isn’t really an EASY way unless you want to have the volume directly.
>>>>>
>>>>> Best regards,
>>>>> //Florian
>>>>>
>>>>> On 16. Sep 2020, at 13.53, Michael STFC <mtint.stfc at gmail.com> wrote:
>>>>>
>>>>>
>>>>> Hi
>>>>>
>>>>>
>>>>> New to openstack and wanting to know how to get boot core os and reset
>>>>> user core password.
>>>>>
>>>>>
>>>>> Please advise.
>>>>>
>>>>>
>>>>> Michael
>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>>
>>
>>
>
>
More information about the openstack-discuss
mailing list