Bug 1205444

Summary: RFE: Configurable root password or sudo account for overcloud nodes
Product: Red Hat OpenStack Reporter: Dan Sneddon <dsneddon>
Component: openstack-tripleo-heat-templatesAssignee: Tomas Sedovic <tsedovic>
Status: CLOSED DUPLICATE QA Contact: yeylon <yeylon>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.0 (Kilo)CC: calfonso, kbasil, rhel-osp-director-maint, srevivo, yeylon
Target Milestone: ---Keywords: FutureFeature, ZStream
Target Release: Director   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-07-31 18:22:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dan Sneddon 2015-03-24 22:08:56 UTC 
Description of problem:
When deploying overcloud nodes, an ssh key is placed in the root account to allow ssh from the undercloud. If there are networking problems in the overcloud it becomes very hard to diagnose when you can't log in to a node via the console.

Version-Release number of selected component (if applicable):
N/A (all versions of RDO/RHEL-OSP with tripleo)

How reproducible:
Every time

Steps to Reproduce:
1. Install undercloud
2. Deploy overcloud
3. Try to log in via console

Actual results:
Since there is no root password, it is impossible to log in from the console.

Expected results:
There should be a way to log in, either with a root account or a non-root account with sudo.

Additional info:
It's possible that there shouldn't be a root password or non-root user with login privs by default. This should really be a configurable option, however, because it would benefit both development and customer deployments.

Currently, when this happens, I usually either create a custom boot image with a root password or boot via a RHEL installation CD and mount the hard drive read-write and chroot to make modifications. This is a lot of work just to find out what is wrong with a server's networking.

This is affecting at least one Partner, who is trying to debug a failed overcloud right now (and this is a major stumbling block that takes a long time to work around).
Comment 4 James Slagle 2015-03-25 02:46:55 UTC 
this would be accomplished via cloud-init and passing the right cloud-config data via the heat template. reassigning to tripleo-heat-templates
Comment 6 chris alfonso 2015-07-31 18:05:36 UTC 
We agree it's a useful feature, but we probably get to until the end of the calendar year.
Comment 7 chris alfonso 2015-07-31 18:22:07 UTC 

*** This bug has been marked as a duplicate of bug 1225069 ***