summaryrefslogtreecommitdiffstats
path: root/firstboot
diff options
context:
space:
mode:
authorSteven Hardy <shardy@redhat.com>2017-01-04 18:07:13 +0000
committerSteven Hardy <shardy@redhat.com>2017-01-04 18:07:13 +0000
commit724ba3a32f20349ed20093758a48ca1297a0534e (patch)
tree6573d02807d55f347c32aabb311733f2dfc38443 /firstboot
parent0bfe7c9279f407c525527103a79e5002adfdc01b (diff)
Add example showing how to set root password via cloud-init
There have been some requests to enable this, and although it's not something we should enable by default, this shows how you can use the generic NodeUserData interface to have cloud-init do it. To use this you create an environment file like: resource_registry: OS::TripleO::NodeUserData: path/to/userdata_root_password.yaml parameter_defaults: NodeRootPassword: insecure_changeme Obviously this isn't that secure, and thus isn't intended for production environments, but it may be useful for debugging and as a further example showing how to configure things via cloud-init. Change-Id: If87a1e1dbfaf31b84cc0667c9a60bbd3c757d8cd
Diffstat (limited to 'firstboot')
-rw-r--r--firstboot/userdata_root_password.yaml38
1 files changed, 38 insertions, 0 deletions
diff --git a/firstboot/userdata_root_password.yaml b/firstboot/userdata_root_password.yaml
new file mode 100644
index 00000000..63dd5a9c
--- /dev/null
+++ b/firstboot/userdata_root_password.yaml
@@ -0,0 +1,38 @@
+heat_template_version: ocata
+
+description: >
+ Uses cloud-init to enable root logins and set the root password.
+ Note this is less secure than the default configuration and may not be
+ appropriate for production environments, it's intended for illustration
+ and development/debugging only.
+
+parameters:
+ NodeRootPassword:
+ description: Root password for the nodes
+ hidden: true
+ type: string
+
+resources:
+ userdata:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: root_config}
+
+ root_config:
+ type: OS::Heat::CloudConfig
+ properties:
+ cloud_config:
+ ssh_pwauth: true
+ disable_root: false
+ chpasswd:
+ list:
+ str_replace:
+ template: "root:PASSWORD"
+ params:
+ PASSWORD: {get_param: NodeRootPassword}
+ expire: False
+
+outputs:
+ OS::stack_id:
+ value: {get_resource: userdata}