Cloned from launchpad blueprint https://blueprints.launchpad.net/nova/+spec/hyper-v-metadata-password-post.

Description:

Metadata password POST (i.e.: nova get-password) has been added in Grizzly and is currently supported by Cloudbase-Init (Windows Cloud-Init).

The main issue with the current approach is that it is not supported by ConfigDrive and requires HTTP POST access from the guest, with all the security, deployment, scalability and management issues  involved.

In order to support this feature in scenarios in which metadata HTTP access from the guest instances is not allowed, the Nova driver can take care of the metadata POST on behalf of the guest instance. The guest instance will still be in charge of generating and encrypting the password with the SSH public key, passing the encrypted data to the Hypervisor using a specific guest / host channel available on the hypervisor.

KVP is The guest / host communication channel available on Hyper-V. An implementation can be added in the Nova Hyper-V driver, considering a common interface that each hypervisor driver can implement (e.g. XenServer, KVM, etc). The same interface can be implemented on the client side in Cloud-Init and/or Cloudbase-Init.

Specification URL (additional information):

None