diff options
author | Steven Hardy <shardy@redhat.com> | 2017-01-04 18:07:13 +0000 |
---|---|---|
committer | Steven Hardy <shardy@redhat.com> | 2017-01-04 18:07:13 +0000 |
commit | 724ba3a32f20349ed20093758a48ca1297a0534e (patch) | |
tree | 6573d02807d55f347c32aabb311733f2dfc38443 /firstboot | |
parent | 0bfe7c9279f407c525527103a79e5002adfdc01b (diff) |
Add example showing how to set root password via cloud-init
There have been some requests to enable this, and although it's not
something we should enable by default, this shows how you can use
the generic NodeUserData interface to have cloud-init do it.
To use this you create an environment file like:
resource_registry:
OS::TripleO::NodeUserData: path/to/userdata_root_password.yaml
parameter_defaults:
NodeRootPassword: insecure_changeme
Obviously this isn't that secure, and thus isn't intended for
production environments, but it may be useful for debugging and
as a further example showing how to configure things via cloud-init.
Change-Id: If87a1e1dbfaf31b84cc0667c9a60bbd3c757d8cd
Diffstat (limited to 'firstboot')
-rw-r--r-- | firstboot/userdata_root_password.yaml | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/firstboot/userdata_root_password.yaml b/firstboot/userdata_root_password.yaml new file mode 100644 index 00000000..63dd5a9c --- /dev/null +++ b/firstboot/userdata_root_password.yaml @@ -0,0 +1,38 @@ +heat_template_version: ocata + +description: > + Uses cloud-init to enable root logins and set the root password. + Note this is less secure than the default configuration and may not be + appropriate for production environments, it's intended for illustration + and development/debugging only. + +parameters: + NodeRootPassword: + description: Root password for the nodes + hidden: true + type: string + +resources: + userdata: + type: OS::Heat::MultipartMime + properties: + parts: + - config: {get_resource: root_config} + + root_config: + type: OS::Heat::CloudConfig + properties: + cloud_config: + ssh_pwauth: true + disable_root: false + chpasswd: + list: + str_replace: + template: "root:PASSWORD" + params: + PASSWORD: {get_param: NodeRootPassword} + expire: False + +outputs: + OS::stack_id: + value: {get_resource: userdata} |