[rhos-list] EXTERNAL: Re: SSH Key Injection not working.

Joshua Harlow harlowja at yahoo-inc.com
Mon Mar 25 20:44:10 UTC 2013 

More gray hair!

J/k,

Let me get u to run this module also.

Its a new one that shows debug stuff, if u feel comfortable adjusting the
cloud-init config to use it.

http://paste.openstack.org/show/34557/

Then adding 'verbose: True' in your yaml userdata file will show exactly
the userdata/metadata that is available.

I should upstream that sometime soon.

Btw, if u have any questions, feel free to jump on #cloud-init on freenode
irc.

Also these errors would explain a lot:

- Failed reading from http://169.254.169.254/2009-04-04/

Then after that it defaulted back to the 'none' datasource, which makes me
wonder if the ec2 metadata server is alive (and forwarded correctly). I
personally use the config drive datasource (no special network stuff
required). U can try that also (its a setting in nova.conf).

On 3/25/13 9:45 AM, "Minton, Rich" <rich.minton at lmco.com> wrote:

>Josh,
>
>I did a lot of reading over the weekend and have a better understanding
>of how cloud-init works. I thought that the ssk key injection was a
>onetime thing at first boot and by booting my image to make changes was
>affecting how cloud-init was working when I launched an image. So I went
>back and created a master image without cloud-init so that I could make
>changes to the image as needed and then install cloud-init as the last
>step before powering down the image. Then I ran "glance image-create"
>with that image so that when an instance was launched cloud-init would be
>run for the first time. That didn't seem to matter. Still no keys in
>"authorized_keys" file for root or "cloud-user". I used Wire shark to
>watch the traffic to the meta-data server and I can even see the ssh keys
>coming back to the VM. I just don't see them in the authorized_keys file
>anywhere.
>
>No today my VMs on a particular host cannot reach the meta-data server. I
>get "no route to host" errors but it still seems to be getting the
>hostname and host keys. It fails on "Applying ssh credentials". I
>included the boot.log and cloud-init.log.
>
>Any help you can provide would be greatly appreciated. I already have
>grey hair so the next phase would be... I don't even want to mention it.
>
>Thanks,
>Rick
>
>
>Richard Minton
>LMICC Systems Administrator
>4000 Geerdes Blvd, 13D31
>King of Prussia, PA 19406
>Phone: 610-354-5482
>
>
>
>-----Original Message-----
>From: Joshua Harlow [mailto:harlowja at yahoo-inc.com]
>Sent: Friday, March 22, 2013 1:13 PM
>To: Minton, Rich; Russell Bryant; rhos-list at redhat.com
>Subject: Re: [rhos-list] EXTERNAL: Re: SSH Key Injection not working.
>
>If u need more help. I am the second most active dev (and added all the RH
>stuffs) in cloud-init.
>
>Here to serve :-P
>
>-Josh
>
>On 3/22/13 9:33 AM, "Minton, Rich" <rich.minton at lmco.com> wrote:
>
>>It looks like my problem was with the older cloud-init package. I
>>updated to the latest Red Hat version of cloud-init and now everything
>>works great.
>>
>>Thanks,
>>Rick
>>
>>-----Original Message-----
>>From: rhos-list-bounces at redhat.com
>>[mailto:rhos-list-bounces at redhat.com]
>>On Behalf Of Russell Bryant
>>Sent: Friday, March 22, 2013 6:32 AM
>>To: rhos-list at redhat.com
>>Subject: EXTERNAL: Re: [rhos-list] SSH Key Injection not working.
>>
>>On 03/21/2013 06:13 PM, Minton, Rich wrote:
>>> While logged into the VM, I can run
>>> http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key and
>>> the ssh key is returned. So I guess the metadata service is working
>>> properly. Do I need to have the .ssh directory and the
>>> authorized_keys file already in place and with the correct permissions?
>>
>>If you were able to verify that the metadata server returns the SSH
>>key, then the problem seems to be with however the instance is trying
>>to get it (as in, an issue with the image, not OpenStack).
>>
>>--
>>Russell Bryant
>>
>>_______________________________________________
>>rhos-list mailing list
>>rhos-list at redhat.com
>>https://www.redhat.com/mailman/listinfo/rhos-list
>>
>>_______________________________________________
>>rhos-list mailing list
>>rhos-list at redhat.com
>>https://www.redhat.com/mailman/listinfo/rhos-list
>

More information about the rhos-list mailing list