summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorThomas Stringer <git@trstringer.com>2020-09-10 14:29:54 -0400
committerGitHub <noreply@github.com>2020-09-10 14:29:54 -0400
commite56b55452549cb037da0a4165154ffa494e9678a (patch)
tree96be0a4e985e2c2ff1a91fcde8a438c2cdd4af8e /doc
parent987f89efa1615087c6d87470f758fc609b14e1b8 (diff)
downloadvyos-cloud-init-e56b55452549cb037da0a4165154ffa494e9678a.tar.gz
vyos-cloud-init-e56b55452549cb037da0a4165154ffa494e9678a.zip
Retrieve SSH keys from IMDS first with OVF as a fallback (#509)
* pull ssh keys from imds first and fall back to ovf if unavailable * refactor log and diagnostic messages * refactor the OpenSSLManager instantiation and certificate usage * fix unit test where exception was being silenced for generate cert * fix tests now that certificate is not always generated * add documentation for ssh key retrieval * add ability to check if http client has security enabled * refactor certificate logic to GoalState
Diffstat (limited to 'doc')
-rw-r--r--doc/rtd/topics/datasources/azure.rst6
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/rtd/topics/datasources/azure.rst b/doc/rtd/topics/datasources/azure.rst
index fdb919a5..e04c3a33 100644
--- a/doc/rtd/topics/datasources/azure.rst
+++ b/doc/rtd/topics/datasources/azure.rst
@@ -68,6 +68,12 @@ configuration information to the instance. Cloud-init uses the IMDS for:
- network configuration for the instance which is applied per boot
- a preprovisioing gate which blocks instance configuration until Azure fabric
is ready to provision
+- retrieving SSH public keys. Cloud-init will first try to utilize SSH keys
+ returned from IMDS, and if they are not provided from IMDS then it will
+ fallback to using the OVF file provided from the CD-ROM. There is a large
+ performance benefit to using IMDS for SSH key retrieval, but in order to
+ support environments where IMDS is not available then we must continue to
+ all for keys from OVF
Configuration