You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2021/03/12 18:50:24 UTC
[GitHub] [cloudstack] aleskxyz opened a new issue #4809: Missing password.txt in ConfigDrive in multihomed VM
aleskxyz opened a new issue #4809:
URL: https://github.com/apache/cloudstack/issues/4809
<!--
Verify first that your issue/request is not already reported on GitHub.
Also test if the latest release and master branch are affected too.
Always add information AFTER of these HTML comments, but no need to delete the comments.
-->
##### ISSUE TYPE
<!-- Pick one below and delete the rest -->
* Bug Report
##### COMPONENT NAME
<!--
Categorize the issue, e.g. API, VR, VPN, UI, etc.
-->
~~~
ConfigDrive
~~~
##### CLOUDSTACK VERSION
<!--
New line separated list of affected versions, commit ID for issues on master branch.
-->
~~~
4.14.1
~~~
##### CONFIGURATION
<!--
Information about the configuration if relevant, e.g. basic network, advanced networking, etc. N/A otherwise
-->
advanced networking
##### OS / ENVIRONMENT
<!--
Information about the environment if relevant, N/A otherwise
-->
CentOS7
ESXi 6.5
##### SUMMARY
<!-- Explain the problem/feature briefly -->
When attach a VM to 2 networks which one of them uses VirtualRouter as userdata provider and other uses ConfigDrive, after password reset, you can't find password.txt file in ConfigDrive ISO
##### STEPS TO REPRODUCE
<!--
For bugs, show exactly how to reproduce the problem, using a minimal test-case. Use Screenshots if accurate.
For new features, show how the feature would be used.
-->
<!-- Paste example playbooks or commands between quotes below -->
~~~
Create a network with VirtualRouter as userdata provider
Create a network with ConfigDrive as userdata provider
Create a VM and attach it to both networks
~~~
<!-- You can also paste gist.github.com links for larger files -->
##### EXPECTED RESULTS
<!-- What did you expect to happen when running the steps above? -->
~~~
Get password from VirtualRouter as well as ConfigDrive
~~~
##### ACTUAL RESULTS
<!-- What actually happened? -->
<!-- Paste verbatim command output between quotes below -->
~~~
VritualRouter gives you the password but there is no password.txt in ConfigDrive ISO
~~~
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] aleskxyz commented on issue #4809: Missing password.txt in ConfigDrive in multihomed VM
Posted by GitBox <gi...@apache.org>.
aleskxyz commented on issue #4809:
URL: https://github.com/apache/cloudstack/issues/4809#issuecomment-800057126
> @aleskxyz
> most cloudstack users use the following scripts (or similar)
> https://github.com/apache/cloudstack/blob/master/setup/bindir/cloud-set-guest-password.in
> https://github.com/apache/cloudstack/blob/master/setup/bindir/cloud-set-guest-password-configdrive.in
>
> the vm password is processed like
> (1) save vm password in VR
> (2) when vm starts, it gets dhcp ip from dhcp server (VR), then sends request to the a password server (=dhcp server/VR from dhcp lease file)
> (3) when vm gets password from password server(VR), it sends a request to remove the password in password server (VR).
>
> the scripts get password from only 1 password server/VR (and exit). password is also saved into only 1 password server/VR.
> that's the expected behavior in cloudstack.
>
> in cloudstack , each nic has a `device_id` in `nics` table.
> deviceId will be also displayed in response and UI, see #4768
Thanks @weizhouapache
Did you use these scripts with cloud-init?
One of the reasons that I open this issue was simplifying password management with cloud-init.
If you have any experience with it, please leave your comment in the related question in mailing-list:
https://lists.apache.org/thread.html/r57b74dcd13d656ee0351bdf93bf3ee0ca307ce972c701821d3245706%40%3Cusers.cloudstack.apache.org%3E
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache edited a comment on issue #4809: Missing password.txt in ConfigDrive in multihomed VM
Posted by GitBox <gi...@apache.org>.
weizhouapache edited a comment on issue #4809:
URL: https://github.com/apache/cloudstack/issues/4809#issuecomment-799281481
@aleskxyz vm password is only sent to the Virtual Router of first network, not all networks.
this is the expected behavior.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] aleskxyz edited a comment on issue #4809: Missing password.txt in ConfigDrive in multihomed VM
Posted by GitBox <gi...@apache.org>.
aleskxyz edited a comment on issue #4809:
URL: https://github.com/apache/cloudstack/issues/4809#issuecomment-799462625
> @aleskxyz vm password is only sent to the Virtual Router of first network, not all networks.
> this is the expected behavior.
@weizhouapache
Thanks for you comment.
I can confirm that when I use L2 network as the default network, I can find password.txt file in the iso.
I don't know why it should be expected behavior that only one of virtual routers provides the password. Maybe it is due to this fact that lifecycle management of password is handled by virtual router it self, not the CS management. I mean that when the VM gets the password from the virtual router, it sends a confirmation to router then router forgets the password.
But I think from VM point of view, using ConfigDrive for getting userdata is not relevant to type and order of attached networks. It is an independent datasource.
How can I figure out that attached ConfigDrive iso is a result of a default network or an additional network?!
Thanks
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] aleskxyz commented on issue #4809: Missing password.txt in ConfigDrive in multihomed VM
Posted by GitBox <gi...@apache.org>.
aleskxyz commented on issue #4809:
URL: https://github.com/apache/cloudstack/issues/4809#issuecomment-800163273
Thank you @weizhouapache
I will test it and write a document about it.
Regards
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on issue #4809: Missing password.txt in ConfigDrive in multihomed VM
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on issue #4809:
URL: https://github.com/apache/cloudstack/issues/4809#issuecomment-800081388
> > @aleskxyz
> > most cloudstack users use the following scripts (or similar)
> > https://github.com/apache/cloudstack/blob/master/setup/bindir/cloud-set-guest-password.in
> > https://github.com/apache/cloudstack/blob/master/setup/bindir/cloud-set-guest-password-configdrive.in
> > the vm password is processed like
> > (1) save vm password in VR
> > (2) when vm starts, it gets dhcp ip from dhcp server (VR), then sends request to the a password server (=dhcp server/VR from dhcp lease file)
> > (3) when vm gets password from password server(VR), it sends a request to remove the password in password server (VR).
> > the scripts get password from only 1 password server/VR (and exit). password is also saved into only 1 password server/VR.
> > that's the expected behavior in cloudstack.
> > in cloudstack , each nic has a `device_id` in `nics` table.
> > deviceId will be also displayed in response and UI, see #4768
>
> Thanks @weizhouapache
> Did you use these scripts with cloud-init?
> One of the reasons that I open this issue was simplifying password management with cloud-init.
> If you have any experience with it, please leave your comment in the related question in mailing-list:
> https://lists.apache.org/thread.html/r57b74dcd13d656ee0351bdf93bf3ee0ca307ce972c701821d3245706%40%3Cusers.cloudstack.apache.org%3E
@aleskxyz
I have not subscribed to the users mailing list. see my answer below
(1) we use cloud-init to set up cloud server, but we do not use it to manage/update password and ssh keys. we use a script similar as the scripts in my previous comment. the script will be executed when an interface is up.
(2) I guess the reason of ssh key is not applied is that, you use `- ssh`, not `- [ ssh, always ]`.
(3) for configdrive, please use script https://github.com/apache/cloudstack/blob/master/setup/bindir/cloud-set-guest-password-configdrive.in, it looks good.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] aleskxyz closed issue #4809: Missing password.txt in ConfigDrive in multihomed VM
Posted by GitBox <gi...@apache.org>.
aleskxyz closed issue #4809:
URL: https://github.com/apache/cloudstack/issues/4809
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on issue #4809: Missing password.txt in ConfigDrive in multihomed VM
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on issue #4809:
URL: https://github.com/apache/cloudstack/issues/4809#issuecomment-799601726
@aleskxyz
most cloudstack users use the following scripts (or similar)
https://github.com/apache/cloudstack/blob/master/setup/bindir/cloud-set-guest-password.in
https://github.com/apache/cloudstack/blob/master/setup/bindir/cloud-set-guest-password-configdrive.in
the vm password is processed like
(1) save vm password in VR
(2) when vm starts, it gets dhcp ip from dhcp server (VR), then sends request to the a password server (=dhcp server/VR from dhcp lease file)
(3) when vm gets password from password server(VR), it sends a request to remove the password in password server (VR).
the scripts get password from only 1 password server/VR (and exit). password is also saved into only 1 password server/VR.
that's the expected behavior in cloudstack.
in cloudstack , each nic has a `device_id` in `nics` table.
deviceId will be also displayed in response and UI, see #4768
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] aleskxyz commented on issue #4809: Missing password.txt in ConfigDrive in multihomed VM
Posted by GitBox <gi...@apache.org>.
aleskxyz commented on issue #4809:
URL: https://github.com/apache/cloudstack/issues/4809#issuecomment-799462625
> @aleskxyz vm password is only sent to the Virtual Router of first network, not all networks.
> this is the expected behavior.
@weizhouapache
Thanks for you comment.
I can confirm that when I use L2 network as the default network, I can find password.txt file in the iso.
I don't know why it should be expected behavior that only one of virtual routers provides the password. Maybe it is due to this fact that lifecycle management of password is handled by virtual router it self, not the CS management. I mean that when the VM gets the password from the virtual router, it sends a confirmation to router then router forgets the password.
But I think from VM point of view, using ConfigDrive for getting userdata is not relevant to type and order of attached networks. It is an independent datasource.
How can I figure out that attached ConfigDrive iso is a result of a default network or an additional network?!
Thanks
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on issue #4809: Missing password.txt in ConfigDrive in multihomed VM
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on issue #4809:
URL: https://github.com/apache/cloudstack/issues/4809#issuecomment-799281481
@aleskxyz vm password is only sent to the Virtual Router of first network, not all networks.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org