You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@brooklyn.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/01/26 15:04:24 UTC
[jira] [Commented] (BROOKLYN-186) OpenStack deploy fails: get wrong
loginUser, and password+key
[ https://issues.apache.org/jira/browse/BROOKLYN-186?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15839814#comment-15839814 ]
ASF GitHub Bot commented on BROOKLYN-186:
-----------------------------------------
Github user neykov commented on a diff in the pull request:
https://github.com/apache/brooklyn-server/pull/529#discussion_r98000373
--- Diff: locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/JcloudsLocation.java ---
@@ -2610,24 +2514,32 @@ public boolean apply(@Nullable WinRmMachineLocation machine) {
return credsSuccessful.get();
}
- protected LoginCredentials waitForSshable(final ComputeService computeService, final NodeMetadata node, HostAndPort managementHostAndPort, ConfigBag setup) {
- LoginCredentials nodeCreds = node.getCredentials();
+ protected LoginCredentials waitForSshableGuessCredentials(final ComputeService computeService, final NodeMetadata node, HostAndPort managementHostAndPort, ConfigBag setup) {
+ // See https://issues.apache.org/jira/browse/BROOKLYN-186
+ // Handle where jclouds gives us the wrong login user (!) and both a password + ssh key.
+ // Try all the permutations to find the one that works.
+ Iterable<LoginCredentials> credentialsToTry = generateCredentials(node.getCredentials(), setup.get(LOGIN_USER));
+ return waitForSshable(computeService, node, managementHostAndPort, credentialsToTry, setup);
+ }
+
+ /** @deprecated Since 0.11.0. Use {@link #waitForSshableGuessCredentials} instead. */
+ @Deprecated
+ protected LoginCredentials waitForSshable(ComputeService computeService, NodeMetadata node, HostAndPort managementHostAndPort, ConfigBag setup) {
+ return waitForSshableGuessCredentials(computeService, node, managementHostAndPort, setup);
+ }
+
+ /** @return An Iterable of credentials based on nodeCreds containing different parameters. */
+ Iterable<LoginCredentials> generateCredentials(LoginCredentials nodeCreds, @Nullable String loginUserOverride) {
String nodeUser = nodeCreds.getUser();
- String loginUserOverride = setup.get(LOGIN_USER);
Set<String> users = MutableSet.of();
-
if (Strings.isNonBlank(nodeUser)) {
users.add(nodeUser);
}
-
if (Strings.isNonBlank(loginUserOverride)) {
users.add(loginUserOverride);
}
-
- // See https://issues.apache.org/jira/browse/BROOKLYN-186
- // Handle where jclouds gives us the wrong login user (!) and both a password + ssh key.
- // Try all the permutations to find the one that works.
- List<LoginCredentials> credentialsToTry = Lists.newArrayList();
+ List<LoginCredentials> credentialsToTry = new ArrayList<>();
+ Lists.newArrayList();
--- End diff --
Remove.
> OpenStack deploy fails: get wrong loginUser, and password+key
> -------------------------------------------------------------
>
> Key: BROOKLYN-186
> URL: https://issues.apache.org/jira/browse/BROOKLYN-186
> Project: Brooklyn
> Issue Type: Bug
> Affects Versions: 0.8.0
> Reporter: Aled Sage
> Assignee: Aled Sage
> Fix For: 0.9.0
>
>
> I deployed an app to OpenStack (below is a cut-down app, which I have seen fail in the same way):
> {noformat}
> name: machine @ bluebox
> location:
> jclouds:openstack-nova:
> endpoint: https://myorg.openstack.blueboxgrid.com:5001/v2.0
> identity: mygroup:myname
> credential: mys3cr3t
> minRam: 3072
> jclouds.keystone.credential-type: passwordCredentials
> jclouds.openstack-nova.auto-create-floating-ips: true
> jclouds.openstack-nova.auto-generate-keypairs: true
> useJcloudsSshInit: false
> logCredentials: true
> destroyOnFailure: false
> waitForSshable: 10m
> templateOptions:
> networks: [ "b780de77-a13b-483d-89e7-021297c04033" ]
> floatingIpPoolNames: [['external']]
> securityGroups: [ "everything" ]
> services:
> - type: org.apache.brooklyn.entity.machine.MachineEntity
> {noformat}
> The logging shows that, within jclouds, we get back a VM whose metadata says the login-user is "root" and it has both a password and a private ssh key. This is very surprising as the logged image metadata shows the login-user is "ubuntu".
> However, on other runs (maybe just for the same Brooklyn installed on other machines?) it seemed to give back the correct info - login-user of "ubuntu" and only the password.
> When using the default {{useJcloudsSshInit=true}}, then jclouds repeatedly tried to ssh with {{root@}}.
> When I tried with {{useJcloudsSshInit=false}}, then brooklyn tried to connect via {{root@}} using the password - which failed.
> I also tried with an explicit brooklyn.properties config of {{loginUser=ubuntu}}, but it still seemed to fail - it still tried to ssh as {{root@}}.
> Below are logs from a failed run:
> {noformat}
> 2015-10-13 22:34:42,630 DEBUG o.a.b.l.j.JcloudsLocation [brooklyn-execmanager-HjrEV9YC-5625]: jclouds using templateBuilder PortableTemplateBuilder[ports=[22], imageChooserFunction=org.apache.brooklyn.location.jclouds.BrooklynImageChooser$ImageChooserFromOrdering@58f87f64, minRam=3072] for provisioning in JcloudsLocation[openstack-nova:https://myorg.openstack.blueboxgrid.com:5001/v2.0:mygroup:myname/openstack-nova:https://myorg.openstack.blueboxgrid.com:5001/v2.0@MHmV3Nyz] for openstack-nova:https://myorg.openstack.blueboxgrid.com:5001/v2.0@NginxControllerImpl{id=vOEda2Y9}
> 2015-10-13 22:34:44,326 DEBUG o.a.b.l.j.JcloudsLocation [brooklyn-execmanager-HjrEV9YC-5625]: jclouds using template {image={id=RegionOne/91c8f9f1-597b-4f33-bf18-6fd0
> 40d9e1ee, providerId=91c8f9f1-597b-4f33-bf18-6fd040d9e1ee, name=Ubuntu 14.04, location={scope=REGION, id=RegionOne, description=RegionOne, parent=openstack-nova}, os=
> {family=ubuntu, name=Ubuntu 14.04, version=14.04, description=Ubuntu 14.04, is64Bit=true}, description=Ubuntu 14.04, status=AVAILABLE, loginUser=root}, hardware={id=R
> egionOne/3, providerId=3, name=m1.medium, location={scope=REGION, id=RegionOne, description=RegionOne, parent=openstack-nova}, processors=[{cores=2.0, speed=1.0}], ra
> m=4096, volumes=[{type=LOCAL, size=40.0, bootDevice=true, durable=true}], supportsImage=Predicates.alwaysTrue()}, location={scope=REGION, id=RegionOne, description=Re
> gionOne, parent=openstack-nova}, options={inboundPorts=[22, 8000, 8443], securityGroups=[everything], userMetadata={Name=brooklyn-nw6k1u-aled-bluebox-riak-c-dlc1-ngin
> x-voed-mcc4, brooklyn-user=aled, brooklyn-app-id=dLc10KLr, brooklyn-app-name=Bluebox - Riak Cluster with Webapp Cluster, brooklyn-entity-id=vOEda2Y9, brooklyn-entity-
> name=NginxController:vOEd, brooklyn-server-creation-date=2015-10-13-2234}, networks=[b780de77-a13b-483d-89e7-021297c04033], floatingIpPoolNames=[external], generateKe
> yPair=true, configDrive=false}} / options {inboundPorts=[22, 8000, 8443], securityGroups=[everything], userMetadata={Name=brooklyn-nw6k1u-aled-bluebox-riak-c-dlc1-ngi
> nx-voed-mcc4, brooklyn-user=aled, brooklyn-app-id=dLc10KLr, brooklyn-app-name=Bluebox - Riak Cluster with Webapp Cluster, brooklyn-entity-id=vOEda2Y9, brooklyn-entity
> -name=NginxController:vOEd, brooklyn-server-creation-date=2015-10-13-2234}, networks=[b780de77-a13b-483d-89e7-021297c04033], floatingIpPoolNames=[external], generateK
> eyPair=true, configDrive=false} to provision machine in openstack-nova:https://myorg.openstack.blueboxgrid.com:5001/v2.0@NginxControllerImpl{id=vOEda2Y9}
> 2015-10-13 22:34:56,274 DEBUG o.a.b.l.j.JcloudsLocation [brooklyn-execmanager-HjrEV9YC-5625]: jclouds created {id=RegionOne/a6bd5583-0e5e-4f18-b154-a2db0d2df2e2, prov
> iderId=a6bd5583-0e5e-4f18-b154-a2db0d2df2e2, uri=http://myorg.openstack.blueboxgrid.com:8777/v2/bba97b44a7dd40b1ad8a0b90510129f7/servers/a6bd5583-0e5e-4f18-b1
> 54-a2db0d2df2e2, name=brooklyn-nw6k1u-aled-bluebox-riak-c-dlc1-nginx-voed-ef9, uri=http://myorg.openstack.blueboxgrid.com:8777/v2/bba97b44a7dd40b1ad8a0b905101
> 29f7/servers/a6bd5583-0e5e-4f18-b154-a2db0d2df2e2, location={scope=HOST, id=721cdb3e1f7184999e3b4dbf6a116edb03ece628978cf5a9ffc4accb, description=721cdb3e1f7184999e3b
> 4dbf6a116edb03ece628978cf5a9ffc4accb, parent=RegionOne}, group=brooklyn-nw6k1u-aled-bluebox-riak-c-dlc1-nginx-voed, imageId=RegionOne/91c8f9f1-597b-4f33-bf18-6fd040d9
> e1ee, os={family=ubuntu, name=Ubuntu 14.04, version=14.04, description=Ubuntu 14.04, is64Bit=true}, status=RUNNING, loginPort=22, hostname=brooklyn-nw6k1u-aled-bluebox-riak-c-dlc1-nginx-voed-ef9, privateAddresses=[192.168.1.170], publicAddresses=[158.85.166.42], hardware={id=RegionOne/3, providerId=3, name=m1.medium, location={scope=REGION, id=RegionOne, description=RegionOne, parent=openstack-nova}, processors=[{cores=2.0, speed=1.0}], ram=4096, volumes=[{type=LOCAL, size=40.0, bootDevice=tru
> e, durable=true}], supportsImage=Predicates.alwaysTrue()}, loginUser=root, userMetadata={brooklyn-app-name=Bluebox - Riak Cluster with Webapp Cluster, brooklyn-entity
> -id=vOEda2Y9, brooklyn-app-id=dLc10KLr, brooklyn-user=aled, brooklyn-entity-name=NginxController:vOEd, brooklyn-server-creation-date=2015-10-13-2234, Name=brooklyn-nw
> 6k1u-aled-bluebox-riak-c-dlc1-nginx-voed-mcc4, jclouds-group=brooklyn-nw6k1u-aled-bluebox-riak-c-dlc1-nginx-voed}} for openstack-nova:https://myorg.openstack.
> blueboxgrid.com:5001/v2.0@NginxControllerImpl{id=vOEda2Y9}
> 2015-10-13 22:35:09,036 DEBUG o.a.b.l.j.JcloudsLocation [brooklyn-execmanager-HjrEV9YC-5625]: VM openstack-nova:https://myorg.openstack.blueboxgrid.com:5001/v2.0@NginxControllerImpl{id=vOEda2Y9}: reported online, now waiting 10m for it to be contactable on root@158.85.166.42:22 (setup user is different: aled); using credentials password=QP55w0rd; key=-----BEGIN RSA PRIVATE KEY-----
> {noformat}
> And here is the logging output from a successful run from somewhere else:
> {noformat}
> 2015-10-13 17:50:30,992 DEBUG jclouds.compute [brooklyn-execmanager-OrWlmPRc-146]: >> running 1 node group(brooklyn-z5rv-myname-machine-uxfy-machineentity-ya-yaoi) lo
> cation(RegionOne) image(RegionOne/91c8f9f1-597b-4f33-bf18-6fd040d9e1ee) hardwareProfile(RegionOne/3) options({scriptPresent=true, securityGroups=[everything], userMetadata={Name=brooklyn-z5rv-myname-machine-uxfy-machineentity-ya-yaoi-vg4s, brooklyn-user=myname, brooklyn-app-id=uXFyqgbc, brooklyn-app-name=machine @ bluebox (Myname)
> , brooklyn-entity-id=yAOi3ze4, brooklyn-entity-name=MachineEntity:yAOi, brooklyn-server-creation-date=2015-10-13-1750}, networks=[b780de77-a13b-483d-89e7-021297c04033], floatingIpPoolNames=[external], generateKeyPair=true, configDrive=false})
> 2015
> 2015-10-13 17:50:40,684 DEBUG jclouds.wire [user thread 15]: << "{"server": {"status": "ACTIVE", "updated": "2015-10-13T15:50:40Z", "hostId": "721cdb3e1f7184999e3b4dbf6a116edb03ece628978cf5a9ffc4accb", "OS-EXT-SRV-ATTR
> :host": "ds0011", "addresses": {"my-test-network": [{"OS-EXT-IPS-MAC:mac_addr": "fa:16:3e:85:8c:da", "version": 4, "addr": "192.168.1.151", "OS-EXT-IPS:type": "fixed"}]}, "links": [{"href": "http://myorg.openst
> ack.blueboxgrid.com:8777/v2/bba97b44a7dd40b1ad8a0b90510129f7/servers/ede2b45c-93e9-41ac-a5b7-d86b2fd7a5d3", "rel": "self"}, {"href": "http://myorg.openstack.blueboxgrid.com:8777/bba97b44a7dd40b1ad8a0b90510129f7
> /servers/ede2b45c-93e9-41ac-a5b7-d86b2fd7a5d3", "rel": "bookmark"}], "key_name": "jclouds-brooklyn-z5rv-myname-machine-uxfy-machineentity-ya-yaoi-b2f", "image": {"id": "91c8f9f1-597b-4f33-bf18-6fd040d9e1ee", "links": [
> {"href": "http://myorg.openstack.blueboxgrid.com:8777/bba97b44a7dd40b1ad8a0b90510129f7/images/91c8f9f1-597b-4f33-bf18-6fd040d9e1ee", "rel": "bookmark"}]}, "OS-EXT-STS:task_state": null, "OS-EXT-STS:vm_state": "
> active", "OS-EXT-SRV-ATTR:instance_name": "instance-00000325", "OS-SRV-USG:launched_at": "2015-10-13T15:50:40.000000", "OS-EXT-SRV-ATTR:hypervisor_hostname": "ds0011.sjc01.blueboxgrid.com", "flavor": {"id": "3", "links
> ": [{"href": "http://myorg.openstack.blueboxgrid.com:8777/bba97b44a7dd40b1ad8a0b90510129f7/flavors/3", "rel": "bookmark"}]}, "id": "ede2b45c-93e9-41ac-a5b7-d86b2fd7a5d3", "security_groups": [{"name": "everythin
> g"}], "OS-SRV-USG:terminated_at": null, "OS-EXT-AZ:availability_zone": "nova", "user_id": "54fec3f6661c488a9b2d3fbbf2a20b38", "name": "brooklyn-z5rv-myname-machine-uxfy-machineentity-ya-yaoi-f37", "created": "2015-10-1
> 3T15:50:35Z", "tenant_id": "bba97b44a7dd40b1ad8a0b90510129f7", "OS-DCF:diskConfig": "MANUAL", "os-extended-volumes:volumes_attached": [], "accessIPv4": "", "accessIPv6": "", "progress": 0, "OS-EXT-STS:power_state": 1,
> "config_drive": "", "metadata": {"brooklyn-app-name": "machine @ bluebox (Myname)", "brooklyn-entity-id": "yAOi3ze4", "brooklyn-app-id": "uXFyqgbc", "brooklyn-user": "myname", "brooklyn-entity-name": "MachineEntity:yAO
> i", "brooklyn-server-creation-date": "2015-10-13-1750", "Name": "brooklyn-z5rv-myname-machine-uxfy-machineentity-ya-yaoi-vg4s", "jclouds-group": "brooklyn-z5rv-myname-machine-uxfy-machineentity-ya-yaoi"}}}"
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)