Closed rgl closed 4 years ago
At least the ConfigWinRMCertificateAuthPlugin
seems to need the password. Is this expected?
2019-10-20 16:54:11.765 2648 INFO cloudbaseinit.init [-] Executing plugin 'ConfigWinRMCertificateAuthPlugin'
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init [-] plugin 'ConfigWinRMCertificateAuthPlugin' failed with error 'Cannot execute plugin as the password has not been set in the plugins shared data, nor it was retrieved from the metadata service.': cloudbaseinit.exception.CloudbaseInitException: Cannot execute plugin as the password has not been set in the plugins shared data, nor it was retrieved from the metadata service.
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init [-] Cannot execute plugin as the password has not been set in the plugins shared data, nor it was retrieved from the metadata service.: cloudbaseinit.exception.CloudbaseInitException: Cannot execute plugin as the password has not been set in the plugins shared data, nor it was retrieved from the metadata service.
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init Traceback (most recent call last):
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init File "c:\program files\cloudbase solutions\cloudbase-init\python\lib\site-packages\cloudbaseinit\init.py", line 66, in _exec_plugin
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init shared_data)
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init File "c:\program files\cloudbase solutions\cloudbase-init\python\lib\site-packages\cloudbaseinit\plugins\windows\winrmcertificateauth.py", line 58, in execute
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init user_name, password = self._get_credentials(service, shared_data)
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init File "c:\program files\cloudbase solutions\cloudbase-init\python\lib\site-packages\cloudbaseinit\plugins\windows\winrmcertificateauth.py", line 47, in _get_credentials
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init "Cannot execute plugin as the password has not been set "
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init cloudbaseinit.exception.CloudbaseInitException: Cannot execute plugin as the password has not been set in the plugins shared data, nor it was retrieved from the metadata service.
2019-10-20 16:54:11.765 2648 ERROR cloudbaseinit.init
In the mean time, I've worked around this at https://github.com/rgl/cloudbase-init/tree/add-no-cloud by implementing the get_admin_username
and get_admin_password
methods that get the information from the nocloud service and now all plugins can be used without a blacklist.
My terraform file now looks like:
# a cloudbase-init cloud-config disk.
# NB this creates an iso image that will be used by the NoCloud cloudbase-init datasource.
# see https://github.com/dmacvicar/terraform-provider-libvirt/blob/master/website/docs/r/cloudinit.html.markdown
# see https://github.com/dmacvicar/terraform-provider-libvirt/blob/v0.6.0/libvirt/cloudinit_def.go#L133-L162
resource "libvirt_cloudinit_disk" "example_cloudinit" {
name = "${var.prefix}_example_cloudinit.iso"
meta_data = jsonencode({
"admin-username": var.winrm_username,
"admin-password": var.winrm_password,
"public-keys": [trimspace(file("~/.ssh/id_rsa.pub"))],
})
}
you can easily redefine the metadata plugins list in the cloudbase-init config file, an example is already done in the unattend cloudbase-init config file. You can put there the exact set of plugins you require in your environment.
ConfigWinRMCertificateAuthPlugin is expected to have the username/password requirement, as the certificate mapping can be done only with the user credential.
OK, so we are really expected to edit that configuration file. Did that at https://github.com/rgl/windows-2016-vagrant/blob/master/provision-cloudbase-init.ps1. Thank you!
My base image already has an administrator (the
vagrant
user) with a specific password and I do not want to change it or create a new administrator user.To disable this behavior do I have to somehow blacklist the following plugins or is there other way?
Does cloudbase-init internally (or its plugins) use/need this user? Or is this just an user that will be used by an human?
For reference this is how I got the default plugins:
And currently, this list is: