OpenStack Heat

user can't get the admin password of server

Bug #1643761 reported by huangtianhua
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Heat
Won't Fix
Medium
huangtianhua
OpenStack Heat ocata-3

Bug Description

User create a stack with nova server resource by heat, and don't specify the property 'admin_pass', then heat will return the stack info to user and async to ask nova to create the server, nova generates 'admin_pass' randomly and returns to heat, but heat won't store the password, then there is no way for user to get the admin pass.

huangtianhua (huangtianhua)
Changed in heat:
assignee: nobody → huangtianhua (huangtianhua)
huangtianhua (huangtianhua)
Changed in heat:
importance: Undecided → Medium
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to heat (master)

Fix proposed to branch: master
Review: https://review.openstack.org/400616

Changed in heat:
status: New → In Progress
huangtianhua (huangtianhua)
Changed in heat:
milestone: none → ocata-3
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on heat (master)

Change abandoned by huangtianhua (<email address hidden>) on branch: master
Review: https://review.openstack.org/400616

Revision history for this message
huangtianhua (huangtianhua) wrote :

There are two good workarounds for this:
Use ssh keys
Specify the root password as an input parameter
In the latter case we have mechanisms to keep the password somewhat secure (the template author can set the parameter to "hidden" so that users can't obtain it through the API, and the parameter and any properties that use it can be encrypted in the database if the operator so chooses). We don't have any similar mechanism for secure one-time attributes/outputs, and it's probably not feasible to create one that will work in the way users expect. I think we should chalk this one up as a use case that just doesn't fit Heat, and direct people to the two alternatives above.

Changed in heat:
status: In Progress → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.