openstack team mailing list archive

[Lars Kellogg-Stedman <lars@xxxxxxxxxxxxxxxx>]

On Wed, Oct 31, 2012 at 06:17:29PM -0700, Joshua Harlow wrote:
> Just fyi, the cloud-init format 'spec' has something similar that bypasses
> the file injection (which is a bad/insecure/incompatible concept that
> needs to be gotten rid of imho) by having the following syntax it
> understands:
> 
> http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc
> /examples/cloud-config-user-groups.txt

The cloud-init stuff works via the user-data attribute available from
the metadata server.  This makes it unsuitable for security
credentials, since *anyone* on the instance can query the metadata
server.

Injection via files on a configuration disk seems to me the best way
to handle security credentials like this, because disks in many cases
require privileges to mount on a system and the configuration script
can delete the credentials file after processing it.

> Is there anyway a windows version of cloud-init could be done, either
> ported, or patched, or a service like cloud-init could be added to windows
> images (using a startup program in the windows image that could just be a
> call-out to a python interpreter or something different...).

As I said, this is pretty much what we're doing to provision an ssh
key for administrator access to our windows host.

-- 
Lars Kellogg-Stedman <lars@xxxxxxxxxxxxxxxx>  |
Senior Technologist                           | http://ac.seas.harvard.edu/
Academic Computing                            | http://code.seas.harvard.edu/
Harvard School of Engineering                 |
  and Applied Sciences                        |