You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@vcl.apache.org by Michael Jinks <mj...@uchicago.edu> on 2012/06/22 00:19:21 UTC
VCL: How to preconfigure deployed images?
We're still trying to work out image capture on our VCL setup, but I'm
wondering about an issue I think we'll encounter fairly soon and how
others are addressing it.
On our Linux image, /etc/ssh/sshd_config (the private-facing sshd
configuration) has a ListenAddress hard-coded to the private IP that the
image has before capture. Obviously, when we deploy that image to a new
instance, that IP address will be wrong, and sshd will fail to bind.
The same issue exists for the public-facing instance.
We can't set either one to the 0.0.0.0 wildcard, because then the first
sshd to come up will prevent the second from binding.
All of that has been done according to the VCL docs, so I'm sure this is
an issue that everybody faces, but what is the cure?
We do have a confugration manager (puppet) which we can use to perform
per-host tweaks, but the host has to be on the wire first, and I'm
worried that a failure to have sshd running at boot time will cause the
deployment of the image to fail. Maybe that's a non-issue.
Anyhow... How are other sites dealing with this? Is there something in
VCL that takes care of this that I've just missed?
Thanks,
-m
--
Michael Jinks :: mjinks@uchicago.edu
University of Chicago IT Services
Re: VCL: How to preconfigure deployed images?
Posted by Josh Thompson <jo...@ncsu.edu>.
Michael,
Good job thinking through that problem. What vcld does to deal with
it is to add some lines to rc.local that will parse the private IP,
update what is in sshd_config, and restart sshd on the private
interface.
Josh
On Thu, Jun 21, 2012 at 6:19 PM, Michael Jinks <mj...@uchicago.edu> wrote:
> We're still trying to work out image capture on our VCL setup, but I'm
> wondering about an issue I think we'll encounter fairly soon and how
> others are addressing it.
>
> On our Linux image, /etc/ssh/sshd_config (the private-facing sshd
> configuration) has a ListenAddress hard-coded to the private IP that the
> image has before capture. Obviously, when we deploy that image to a new
> instance, that IP address will be wrong, and sshd will fail to bind.
> The same issue exists for the public-facing instance.
>
> We can't set either one to the 0.0.0.0 wildcard, because then the first
> sshd to come up will prevent the second from binding.
>
> All of that has been done according to the VCL docs, so I'm sure this is
> an issue that everybody faces, but what is the cure?
>
> We do have a confugration manager (puppet) which we can use to perform
> per-host tweaks, but the host has to be on the wire first, and I'm
> worried that a failure to have sshd running at boot time will cause the
> deployment of the image to fail. Maybe that's a non-issue.
>
> Anyhow... How are other sites dealing with this? Is there something in
> VCL that takes care of this that I've just missed?
>
> Thanks,
> -m
>
> --
> Michael Jinks :: mjinks@uchicago.edu
> University of Chicago IT Services