Hi, We communication openstack server with Freeipa server successfull. We a image setting ipa-client install then using a yaml file. deneme.yaml; runcmd: - hostnamectl set-hostname $(hostname).5ghvl.local - ipa-client-install --principal admin --password 'xxxxx' --domain 5ghvl.local --server example.5ghvl.local --unattended #server create; openstack server create --flavor m1.tiny --config-drive true --availability-zone zonecp2 --image ipa_deneme_imaje --nic net-id=net1man --wait ipa_deneme --user-data /home/stack/deneme.yaml But we don't want a user deneme.yaml config see.Because config file have freeipa server password.We want use to a Open Tools for communication Openstack server with Freeipa server. Could you please help me?Are you use to Open tools which? Best Regards, Nazan.
This e-mail and any attached files are confidential and may be legally privileged. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this communication is strictly prohibited. If you have received this transmission in error please notify the sender immediately and then delete this mail.<br>
NAZAN CENGIZ via FreeIPA-users wrote:
Hi, We communication openstack server with Freeipa server successfull. We a image setting ipa-client install then using a yaml file. deneme.yaml; runcmd: - hostnamectl set-hostname $(hostname).5ghvl.local - ipa-client-install --principal admin --password 'xxxxx' --domain 5ghvl.local --server example.5ghvl.local --unattended #server create; openstack server create --flavor m1.tiny --config-drive true --availability-zone zonecp2 --image ipa_deneme_imaje --nic net-id=net1man --wait ipa_deneme --user-data /home/stack/deneme.yaml But we don't want a user deneme.yaml config see.Because config file have freeipa server password.We want use to a Open Tools for communication Openstack server with Freeipa server. Could you please help me?Are you use to Open tools which? Best Regards, Nazan.
As I said in the other thread, novajoin does exactly this.
It is an openstack service that will pre-add a host to IPA when nova requests an instance. It will set a one-time password (OTP) on the host when it is added.
This OTP is then passed into the instance via metadata. A cloud-init script is will retrieve the OTP from metadata and enroll the new instance as an IPA client.
rob
freeipa-users@lists.fedorahosted.org