[pve-devel] rfc : implementing a cloudinit metadata server
Alexandre DERUMIER
aderumier at odiso.com
Wed Aug 30 07:52:15 CEST 2017
Hi,
the previous cloudinit patches used a cdrom for config drive.
Wolfgang tell me that it could be great to get it work for lxc too.
So maybe we could try to implement a cloudinit metadataserver, with same api than cloudstack (or amazon ec2, or both)
The process is:
- client generate a local link address (169.254.0.0/16)
- cloudinit agent call http://169.254.169.254/ which is the metadataserver.
endpoints for openstack are
http://169.254.169.254/openstack/latest/meta_data.json
http://169.254.169.254/openstack/latest/user_data
http://169.254.169.254/openstack/latest/network_data.json
(see http://www.madorn.com/openstack-metadata-types.html for examples)
- meta_data.json && network_data.json could be generated from vm config (ip, hostname, dns, ssh keys).
- user_data could be a separate yaml file, like /etc/pve/qemu-server/<vmid>.userdata for example.
on proxmox host, we add an iptables rules like
iptables -t nat -A PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --port 80 -j DNAT - to-destination <proxmoxhostip>:8006
to redirect request to proxmox host.
(Not sure if we need to implement a separate daemon, or reuse pveproxy and add openstack endpoints)
Now, the tricky part, is that we need to make api responding the correct datas for the correct client.
I don't have found how they are doing that in openstack or ec2,
but I think it could be possible to check client macaddress in arp table from the src ip 169.254.x.x, then from mac address, find vmid.
What do you think about it ?
More information about the pve-devel
mailing list