 | 1 | initial version |
The #cloud-config user data format is mostly Linux specific. Although we are planning to add support in Cloudbase-Init for parts of it where it makes sense for Windows, it's not necessary for your Windows images requirements.
The main issue with your #cloud-config example is that it uses clear-text passwords, with a big security concern, as there is a non trivial risk that somebody can intercept it.
This is the reason why OpenStack supports encrypted passwords (since the Grizzly release). The main difference is that passwords are not provided by the user but generated by the instance and encrypted using the keypair passed as instance.
The general workflow is very simple:
Retrieve the password with:
nova get-password your-instance /path/to/id_rsa
Note: this is also supported in Horizon since Icehouse.
Login using the "Admin" user (or any alternative name configured when installing cloudbase-init) either via RDP or PowerShell and change password if needed.
The only drawback of this option is that it requires OpenStack HTTP metadata and it does not work with ConfigDrive or EC2 metadata.
Said that, if you still prefer to use clear-text passwords (e.g. for proof of concepts or scenarios where security is not a primary concern), you can use a simple userdata script:
#ps1_sysnative
net user Admin YourPassword
Hope this helps, a blog post will follow up soon to shed some more light on this recurrent topic :-)
© 2014-2023 Cloudbase Solutions Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.