search

cloudbase / cloudbase-init

Cross-platform instance initialization
http://openstack.org
Apache License 2.0
408 stars 149 forks source link

Cannot inject administrator password into images when using OpenStack #129

Open dniasoff opened 7 months ago

dniasoff commented 7 months ago

Hi

Use OpenStack 2023.2

And built Windows images with cloudbase-init using default config.

Setting the password using an SSH-key works nicely.

When I try to preconfigure the password and inject in into the instance.

I get the following logs


2023-12-06 22:34:38.358 3788 DEBUG cloudbaseinit.utils.classloader [-] Loading class 'cloudbaseinit.plugins.common.userdataplugins.cloudconfigplugins.users.UsersPlugin' load_class C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\utils\classloader.py:27
2023-12-06 22:34:38.389 3788 DEBUG cloudbaseinit.utils.classloader [-] Loading class 'cloudbaseinit.plugins.common.userdataplugins.cloudconfigplugins.runcmd.RunCmdPlugin' load_class C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\utils\classloader.py:27
2023-12-06 22:34:38.389 3788 ERROR cloudbaseinit.plugins.common.userdataplugins.cloudconfig [-] Plugin 'disable_root' is currently not supported
2023-12-06 22:34:38.405 3788 ERROR cloudbaseinit.plugins.common.userdataplugins.cloudconfig [-] Plugin 'ssh_pwauth' is currently not supported
2023-12-06 22:34:38.405 3788 ERROR cloudbaseinit.plugins.common.userdataplugins.cloudconfig [-] Plugin 'password' is currently not supported
2023-12-06 22:34:38.405 3788 DEBUG cloudbaseinit.plugins.common.userdata [-] Executing userdata plugin: ShellScriptPlugin _process_part C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\plugins\common\userdata.py:145
2023-12-06 22:34:38.405 3788 DEBUG cloudbaseinit.utils.classloader [-] Loading class 'cloudbaseinit.osutils.windows.WindowsUtils' load_class C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\utils\classloader.py:27
2023-12-06 22:34:38.421 3788 WARNING cloudbaseinit.plugins.common.fileexecutils [-] An error occurred during file execution: '[WinError 2] The system cannot find the file specified': FileNotFoundError: [WinError 2] The system cannot find the file specified
2023-12-06 22:34:38.421 3788 INFO cloudbaseinit.plugins.common.fileexecutils [-] Script "C:\Users\CLOUDB~1\AppData\Local\Temp\passwd-script.txt" ended with exit code: 0
2023-12-06 22:34:38.421 3788 INFO cloudbaseinit.init [-] Executing plugin 'SetUserPasswordPlugin'
2023-12-06 22:34:38.421 3788 DEBUG cloudbaseinit.utils.classloader [-] Loading class 'cloudbaseinit.osutils.windows.WindowsUtils' load_class C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\utils\classloader.py:27
2023-12-06 22:34:38.421 3788 DEBUG cloudbaseinit.metadata.services.base [-] Using cached copy of metadata: 'openstack/latest/meta_data.json' _get_cache_data C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\metadata\services\base.py:74
2023-12-06 22:34:38.452 3788 INFO cloudbaseinit.plugins.common.setuserpassword [-] Password succesfully updated for user Admin
2023-12-06 22:34:38.452 3788 DEBUG cloudbaseinit.metadata.services.base [-] Executing http request GET at http://169.254.169.254/openstack/2013-04-04/meta_data.json _http_request C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\metadata\services\base.py:315
2023-12-06 22:34:38.561 3788 DEBUG cloudbaseinit.metadata.services.base [-] Executing http request GET at http://169.254.169.254/openstack/2013-04-04/password _http_request C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\metadata\services\base.py:315
2023-12-06 22:34:38.670 3788 DEBUG cloudbaseinit.metadata.services.base [-] Using cached copy of metadata: 'openstack/latest/meta_data.json' _get_cache_data C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\metadata\services\base.py:74
2023-12-06 22:34:38.686 3788 INFO cloudbaseinit.plugins.common.setuserpassword [-] No SSH public key available for password encryption
2023-12-06 22:34:38.686 3788 INFO cloudbaseinit.init [-] Executing plugin 'ConfigWinRMListenerPlugin'
2023-12-06 22:34:38.686 3788 DEBUG cloudbaseinit.utils.classloader [-] Loading class 'cloudbaseinit.osutils.windows.WindowsUtils' load_class C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\utils\classloader.py:27
2023-12-06 22:34:38.686 3788 DEBUG cloudbaseinit.osutils.windows [-] Checking if service exists: WinRM check_service_exists C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\osutils\windows.py:1097
2023-12-06 22:34:38.702 3788 DEBUG cloudbaseinit.osutils.windows [-] Getting service start mode for: WinRM get_service_start_mode C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\osutils\windows.py:1117
2023-12-06 22:34:38.702 3788 DEBUG cloudbaseinit.osutils.windows [-] Setting service start mode for: WinRM set_service_start_mode C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\osutils\windows.py:1128
2023-12-06 22:34:38.718 3788 DEBUG cloudbaseinit.osutils.windows [-] Getting service status for: WinRM get_service_status C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\osutils\windows.py:1107
2023-12-06 22:34:38.718 3788 DEBUG cloudbaseinit.osutils.windows [-] Starting service WinRM start_service C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\osutils\windows.py:1139
2023-12-06 22:34:39.297 3788 INFO cloudbaseinit.plugins.windows.winrmlistener [-] Generating self signed certificate for WinRM HTTPS listener
2023-12-06 22:34:39.422 3788 INFO cloudbaseinit.plugins.windows.winrmlistener [-] Configuring WinRM listener for protocol: HTTPS, certificate thumbprint: 0099b8a49511f6c0e001081d7de2711c013ed52e
2023-12-06 22:34:39.578 3788 INFO cloudbaseinit.init [-] Executing plugin 'ConfigWinRMCertificateAuthPlugin'
2023-12-06 22:34:39.578 3788 DEBUG cloudbaseinit.metadata.services.base [-] Using cached copy of metadata: 'openstack/latest/meta_data.json' _get_cache_data C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\metadata\services\base.py:74
2023-12-06 22:34:39.594 3788 DEBUG cloudbaseinit.metadata.services.base [-] Using cached copy of metadata: 'openstack/latest/user_data' _get_cache_data C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\metadata\services\base.py:74
2023-12-06 22:34:39.594 3788 INFO cloudbaseinit.plugins.windows.winrmcertificateauth [-] WinRM certificate authentication cannot be configured as a certificate has not been provided in the metadata
2023-12-06 22:34:39.594 3788 INFO cloudbaseinit.init [-] Executing plugin 'LocalScriptsPlugin'
2023-12-06 22:34:39.594 3788 INFO cloudbaseinit.init [-] Plugins execution done
2023-12-06 22:34:39.594 3788 INFO cloudbaseinit.init [-] Stopping Cloudbase-Init service
2023-12-06 22:34:42.614 3788 DEBUG cloudbaseinit.osutils.windows [-] Stopping service cloudbase-init stop_service C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\lib\site-packages\cloudbaseinit\osutils\windows.py:1145```

And I have no way of logging into the instance.

Any ideas?

Thanks for a great project.

Daniel
ader1990 commented 7 months ago

Hello,

Cloudbase-init supports a subset of the cloud-config plugins. From your logs:

2023-12-06 22:34:38.389 3788 ERROR cloudbaseinit.plugins.common.userdataplugins.cloudconfig [-] Plugin 'disable_root' is currently not supported
2023-12-06 22:34:38.405 3788 ERROR cloudbaseinit.plugins.common.userdataplugins.cloudconfig [-] Plugin 'ssh_pwauth' is currently not supported
2023-12-06 22:34:38.405 3788 ERROR cloudbaseinit.plugins.common.userdataplugins.cloudconfig [-] Plugin 'password' is currently not supported

The password, disable_root, ssh_pwauth are not currently supported.

Here is the list of the supported cloud-config plugins: https://cloudbase-init.readthedocs.io/en/latest/userdata.html#cloud-config .

In your case, you can leverage the users cloud config plugin. Here is an example

#cloud-config
users:
  -
    name: brian
    gecos: 'Brian Cohen'
    primary_group: Users
    groups: cloud-users
    passwd: StrongPassw0rd
    inactive: False
    expiredate: 2020-10-01
    ssh_authorized_keys:
      - ssh-rsa AAAB...byV
      - ssh-rsa AAAB...ctV

For more debugging, can you please share the userdata content?

Thank you, Adrian Vladu