Hi gu haven, There is also the UserData service that can be enabled in the virtual router (actually: on the Network Offering). It provides simple HTTP-based access to the metadata. Access Control is done through the host's IP or MAC address, as far as I know. https://docs.cloudstack.apache.org/en/latest/adminguide/virtual_machines/user-data.html
I actually submitted a PR yesterday that should improve the documentation a bit, as it's somewhat outdated and not very clear: https://github.com/apache/cloudstack-documentation/pull/132 To be honest, I think address-based access control is also not very secure. Maybe there should some sort of authorization for the metadata service. Gruss, Gregor ________________________________ From: gu haven <[email protected]> Sent: 29 May 2020 06:04 To: [email protected] <[email protected]> Subject: Config drive password is unsafe Hi Friends I have test config drive features https://cwiki.apache.org/confluence/display/CLOUDSTACK/Using+ConfigDrive+for+Metadata%2C+Userdata+and+Password#UsingConfigDriveforMetadata,UserdataandPassword-OpenStack(cloud-init)compatibility(version2 In Windows Guest the password in config drive cdrom can be access by all user ,so everyuser guest VM could get the administrator password, It is not security,Is there a safer way。
