NAZAN CENGIZ via FreeIPA-users wrote:
Hi, We communication openstack server with Freeipa server successfull. We a image setting ipa-client install then using a yaml file. deneme.yaml; runcmd: - hostnamectl set-hostname $(hostname).5ghvl.local - ipa-client-install --principal admin --password 'xxxxx' --domain 5ghvl.local --server example.5ghvl.local --unattended #server create; openstack server create --flavor m1.tiny --config-drive true --availability-zone zonecp2 --image ipa_deneme_imaje --nic net-id=net1man --wait ipa_deneme --user-data /home/stack/deneme.yaml But we don't want a user deneme.yaml config see.Because config file have freeipa server password.We want use to a Open Tools for communication Openstack server with Freeipa server. Could you please help me?Are you use to Open tools which? Best Regards, Nazan.
As I said in the other thread, novajoin does exactly this.
It is an openstack service that will pre-add a host to IPA when nova requests an instance. It will set a one-time password (OTP) on the host when it is added.
This OTP is then passed into the instance via metadata. A cloud-init script is will retrieve the OTP from metadata and enroll the new instance as an IPA client.
rob