This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
heat-windows [2014/02/10 08:30] admin |
heat-windows [2014/04/14 22:23] (current) admin |
||
---|---|---|---|
Line 41: | Line 41: | ||
All the operations executed by Cloudbase-Init are logged to file and can be optionally logged to a serial port. The latter allows to perform troubleshooting by accessing the console log in Horizon or via **nova console-log**. | All the operations executed by Cloudbase-Init are logged to file and can be optionally logged to a serial port. The latter allows to perform troubleshooting by accessing the console log in Horizon or via **nova console-log**. | ||
- | {{ :: | + | |
+ | {{: | ||
===== Windows specific Heat issues ===== | ===== Windows specific Heat issues ===== | ||
Line 59: | Line 60: | ||
The user data script can keep track of the current state before a reboot by using custom registry values in order to resume execution at the desired point during the next boot. | The user data script can keep track of the current state before a reboot by using custom registry values in order to resume execution at the desired point during the next boot. | ||
+ | |||
+ | ==== Password-less authentication ==== | ||
+ | |||
+ | Access to Linux instances can be performed via SSH without using a password by employing public key authentication and a keypair deployed via Nova. Windows can use client certificate authentication with WinRM for this objective, as described [[http:// | ||
==== Domain join passwords ==== | ==== Domain join passwords ==== | ||
Line 67: | Line 72: | ||
A partial solution for avoiding the need to specify clear text passwords as template parameters is to deploy a keypair in the instance, use the public key to encrypt the sensitive data and subsequently the private key during user data script execution for decryption. The main security limit of this option is that all instances of a given image will share the same keypair. | A partial solution for avoiding the need to specify clear text passwords as template parameters is to deploy a keypair in the instance, use the public key to encrypt the sensitive data and subsequently the private key during user data script execution for decryption. The main security limit of this option is that all instances of a given image will share the same keypair. | ||
+ | |||
+ | ==== Volumes ==== | ||
+ | |||
+ | New volumes are attached unpartitioned, | ||
+ | A new volume must be set online, initialized and partitioned. New partitions need also to be formatted and if necessary a drive letter can be assigned as well. | ||
+ | |||
+ | The following example performs all the required activities, including assigning the " | ||
+ | |||
+ | <code powershell> | ||
+ | $d = Get-Disk | where {$_.OperationalStatus -eq " | ||
+ | $d | Set-Disk -IsOffline $false | ||
+ | $d | Initialize-Disk -PartitionStyle MBR | ||
+ | $p = $d | New-Partition -UseMaximumSize -DriveLetter " | ||
+ | $p | Format-Volume -FileSystem NTFS -NewFileSystemLabel " | ||
+ | </ | ||
==== Install ISOs ==== | ==== Install ISOs ==== |