[Rdo-list] CentOS 6.5 Guest image file available now

Perry Myers pmyers at redhat.com
Sat Jan 18 00:30:32 UTC 2014


On 01/17/2014 07:21 PM, Karanbir Singh wrote:
> On 01/17/2014 10:32 PM, Perry Myers wrote:
>> Are they really OpenStack specific though, or are they more 'Cloud
>> Enabled CentOS images'?
>>
>> For Fedora/RHEL, we just have one qcow2 image that works across a
>> variety of Cloud platforms.
> 
> How do you contextualise for cloudstack / opennebula / brightbox etc ?
> Even the AWS images dont quite work as-is all the time everywhere else
> down to the xvda -> xvde farkage and how that maps to /dev/sda foo under
> kvm.

Actually, I take part of my statement back... In RHEL/Fedora we have two
types of images.  AMIs for AWS and qcow2 for kvm in general, which also
works under OpenStack and oVirt/RHEV.

But, tbh, I'm not sure what add'l contextualization would need to be
done for cloudstack/opennebula/brightbox.  So perhaps those all do
require separate images.

But maybe we can get away with a single image for use in both vanilla
kvm, oVirt/RHEV and OpenStack, since we have done that for RHEL/Fedora,
it should be possible to do it for CentOS as well.

> given enough cycles, its possible for an instance to workout what
> controller its running under and then adapt the context scripts to do
> the right thing, hopefully with the added bandwidth of community we can
> get there.
> 
>>> One big difference is that we push an etc/cloud snippet to disable
>>> cloud-user and enable root logins ( without passwords ).
>>
>> Isn't that a potential security issue?  On RHEL guest images we
>> explicitly disable root passwords and recommend folks who want to use
>> root passwords in their image to set them explicitly after downloading
>> an image via a tool like virt-sysprep.
> 
> So, no password access; its by key only. Plus, on firstboot we set a
> random root password.

Ah ok.  When you said you enabled root logins without passwords, I
interpreted that differently (i.e. empty password, just hit enter to
login). :)

No worries then.

Perry




More information about the dev mailing list