OpenStack Compute (Nova)

libvirt should have support for CreateServer password

Reported by Victor Galkin on 2011-04-20
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
High
Mike Pittaro

Bug Description

cactus 2011.2

API 1.1

Create server. Take password from response.

Root cannot login to instance with returned password.

Victor Galkin (vgalkin) on 2011-04-20
Changed in nova:
assignee: nobody → openstack-gd (openstack-gd)
Changed in nova:
assignee: openstack-gd (openstack-gd) → Ilya Alekseyev (ilyaalekseyev)
Brian Lamar (blamar) wrote :

More information is needed as to what hypervisor you're using. If the answer is libvirt then currently this is not supported. I believe it might be supported by XenServer?

Thierry Carrez (ttx) on 2011-04-21
Changed in nova:
status: New → Incomplete
Ilya Alekseyev (ilyaalekseyev) wrote :

Brian, we're using libvirt. Actually seems we have gap between different virt drivers. I checked it, you're right, there is no support for this feature in libvirt driver. But as soon as in OS API spec describe this feature this is definitely bug.

Victor Galkin (vgalkin) on 2011-04-22
Changed in nova:
status: Incomplete → New
Thierry Carrez (ttx) on 2011-05-02
summary: - returned in create server password is not set to root
+ libvirt should have support for CreateServer password
Changed in nova:
importance: Undecided → Wishlist
status: New → Confirmed
tags: added: consistency
Thierry Carrez (ttx) wrote :

@Ilya: are you actually working on this ? Or should we unassign you to let someone else have a shot at it ?

Thierry Carrez (ttx) on 2011-07-22
Changed in nova:
assignee: Ilya Alekseyev (ilyaalekseyev) → nobody
Brian Waldon (bcwaldon) on 2012-01-29
Changed in nova:
importance: Wishlist → High
Mike Pittaro (mikeyp-3) on 2012-02-02
Changed in nova:
assignee: nobody → Mike Pittaro (mikeyp-3)
Mike Pittaro (mikeyp-3) wrote :

There was some discussion on this during BugSquash day.

The issue goes deeper than just libvirt, since even if the hypervisor
supports instance admin passwords, the mechanics of how that password
is passed into the instance are unclear.

The final path might be through injection, or could potentially depend
on having the correct agent running within the vm.

Vish Ishaya (vishvananda) wrote :

Agreed. Although a version that can actually set the password for a linux box that could be optionally turned on would at least get us closer to feature parity. We could do it with chroot while we have the filesystem mounted. I think this is particularly nasty, but it at least gives us the option to support it until we get proper support through metadata/config_drive/guest agent.

Fix proposed to branch: master
Review: https://review.openstack.org/4098

Changed in nova:
status: Confirmed → In Progress

Reviewed: https://review.openstack.org/4098
Committed: http://github.com/openstack/nova/commit/1463839ff37c1baa7736a88cdd573dee802b29f0
Submitter: Jenkins
Branch: master

commit 1463839ff37c1baa7736a88cdd573dee802b29f0
Author: Mike Pittaro <email address hidden>
Date: Fri Feb 10 18:42:38 2012 -0800

    Add support for admin_password to LibVirt

    If the config flag --libvirt_inject_password is set, Libvirt now makes
    an attempt to inject the admin_password to instances at startup time.

    Fixes bug 767202

    Change-Id: I1491c84825bf0bbad43a7d53b379271caa2b76f6

Changed in nova:
status: In Progress → Fix Committed
Thierry Carrez (ttx) on 2012-02-29
Changed in nova:
milestone: none → essex-4
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2012-04-05
Changed in nova:
milestone: essex-4 → 2012.1
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers