Merge remote-tracking branch 'origin/4.15' into main

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Author: yadvr

source/adminguide/api.rst

@@ -43,8 +43,8 @@ possible as well. For example, see Using an LDAP Server for User
 Authentication.
 
 
-User Data and Meta Data
------------------------
+User Data and Meta Data via the Virtual Router
+----------------------------------------------
 
 CloudStack provides API access to attach up to 32KB of user data to a
 deployed VM. Deployed VMs also have access to instance metadata via the
@@ -87,4 +87,93 @@ is also supported.) For metadata type, use one of the following:
 
 -  instance-id. The instance name of the VM
 
+User Data and Meta Data via Config Drive
+----------------------------------------
 
+The user-data service on a Shared or L2 Network can be provided through the
+Virtual Router or through an attached iso called the Config drive.
+
+Config drive is an ISO file that is mounted as a cd-rom on a user VM and
+contains the user VM related userdata, metadata (incl. ssh-keys) and
+password files.
+
+Enable config drive
+~~~~~~~~~~~~~~~~~~~
+To use the config drive the network offering must have the “ConfigDrive”
+provider selected for the userdata service.
+
+If the networkoffering uses ConfigDrive for userdata and the template is
+password enabled, the password string for the VM is placed in password.txt file
+and it is included in the ISO.
+
+ConfigDrive availability
+~~~~~~~~~~~~~~~~~~~~~~~~
+At VM start the config drive ISO is attached on the 2nd cd/dvd drive of the
+user instance, such that any other ISO image (e.g. boot image or vmware tools)
+is mounted on 1st cd/dvd drive. This means existing functionality of
+supporting 1 cd rom drive is still available.
+
+At Password reset or update of user data, Secondary Storage VM will rebuild the
+ConfigDrive ISO image. That is the existing ISO is mounted on a temporary directory,
+password, userdata or ssh-keys are updated and a new ISO is built from the
+updated directory structure.
+
+In case of a password reset, the new password will be picked-up at VM start.
+To access the updated userdata, the user needs to remount the config drive ISO.
+
+When a VM is stopped, the ConfigDrive network element will trigger the
+Secondary Storage VM to remove the ISO from the secondary storage.
+
+Since the ISO is available on secondary storage, there is no need for an extra
+implementation in case of migration.
+
+Supporting ConfigDrive
+~~~~~~~~~~~~~~~~~~~~~~
+
+Extra data is added to the VM profile to enable the creation of the config drive:
+
+VMdata - a list of String arrays representing [“directory”, “filename”, “content”] on the ConfigDrive device.
+
+- <mountdir>/cloudstack
+
+  - /metadata:
+
+    - availability-zone.txt
+
+    - instance-id.txt
+
+    - service-offering.txt
+
+    - cloud-identifier.txt
+
+    - local-hostname.txt
+
+    - vm-id.txt
+
+    - public-keys.txt
+
+  - /password
+
+    - vm_password.txt
+
+    - vm_password_md5checksum (for windows VM’s)
+
+- <mountdir>/openstack/version/:
+
+  - user_data (=hardlink to <mountdir>/cloudstack/user_data/user_data.txt)
+
+    - vendor_data.json
+
+    - meta_data.json
+
+    - Network_data.json
+
+  - label, which is configurable in global settings:
+
+    - name : vm.configdrive.label
+
+    - default: config-2
+
+For more detailed information about the Config Drive implementation refer to
+the `Wiki Article
+<https://cwiki.apache.org/confluence/display/CLOUDSTACK/Using+ConfigDrive+for+Metadata%2C+Userdata+and+Password#:~:text=CLOUDSTACK%2D9813%20%2D%20(),%2Dkeys)%20and%20password%20files>`_

source/adminguide/networking/advanced_zone_config.rst

@@ -29,33 +29,36 @@ Configure Guest Traffic in an Advanced Zone
 These steps assume you have already logged in to the CloudStack UI. To
 configure the base guest network:
 
-#. In the left navigation, choose Infrastructure. On Zones, click View
-   More, then click the zone to which you want to add a network.
+#. In the left navigation, choose Network.
 
-#. Click the Network tab.
-
-#. Click Add guest network.
+#. Click Add network.
 
    The Add guest network window is displayed:
 
    |addguestnetwork.png|
 
-#. Provide the following information:
+#. Provide the following information for creating an isolated network:
 
    -  **Name**: The name of the network. This will be user-visible
-
-   -  **Display Text**: The description of the network. This will be
+ 
+   -  **Description**: The description of the network. This will be
       user-visible
 
    -  **Zone**: The zone in which you are configuring the guest network.
 
    -  **Network offering**: If the administrator has configured multiple
       network offerings, select the one you want to use for this network
 
-   -  **Guest Gateway**: The gateway that the guests should use
+   -  **External Id**: ID of the network in an external system.
+ 
+   -  **Gateway**: The gateway that the guests instances will use.
+ 
+   -  **Netmask**: The netmask in use on the subnet the guest instances
+      will use.
 
-   -  **Guest Netmask**: The netmask in use on the subnet the guests
-      will use
+   -  **Network Domain**: A custom DNS suffix at the level of a network. If you
+      want to assign a special domain name to the guest VM network, specify a
+      DNS suffix.
 
 #. Click OK.