修改openstack centos镜像默认root密码

郑全

概要：
在新建虚拟机的过程中，可以对root密码进行初始化。这样可以保障虚拟机的安全，同时也可以给用户自定义root密码的机会。


步骤：修改控制节点的nova配置项：

首先修改nova的配置文件。文件位置 /etc/nova/nova.conf
将inject_password改为True

[libvirt]

# There is no agent needed within the image to do this. If *libguestfs* is
# available on the host, it will be used. Otherwise *nbd* is used. Thefile
# system of the image will be mounted and the admin password, which isprovided
# in the REST API call will be injected as password for the root user. Ifno
# root user is available, the instance won't be launched and an error isthrown.
# Be aware that the injection is *not* possible when the instance getslaunched
# from a volume.
#
# Possible values:
#
# * True: Allows the injection.
# * False (default): Disallows the injection. Any via the REST API provided
# admin password will be silently ignored.
#
# Related options:
#
# * ``inject_partition``: That option will decide about the discovery andusage
#   of the file system. It also candisable the injection at all.
#  (boolean value)
inject_password=true



重启nova服务：
systemctl restart openstack-nova-*




然后在创建虚拟机的过程注入脚本

                               
登录/注册后可看大图

                               
登录/注册后可看大图

                               
登录/注册后可看大图

[img][/img]



[img][/img]



如下：
#!/bin/sh
passwd root<<EOF
sztech
sztech
EOF

sztech替换成你的密码

注意下面的配置驱动一定要勾上，不然虚拟机初始化root密码会失败的。

                               
登录/注册后可看大图

centos系统则需要过一段时间才能生效（我测试的时间大概是5-15分钟期间）。
[img][/img]