You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@brooklyn.apache.org by Spico Florin <sp...@gmail.com> on 2017/03/14 11:01:10 UTC

Connect to the created Brooklyn machine via ssh and the private keys

Hello!

I have deployed a Brooklyn server (from the public repository rpm file,
version 0.10) on AWS.

 The AMI is an RedHat 7.


I have created a location (see the tom-location.yml or tom-id-aws-8 in
Brooklyn server).

I created a tomcat application with the tom1.yml blueprint.



I got an error

Required entity not healthy: Tomcat8ServerImpl{id=fvbtcdjzlf}
*Failure running task invoking start[locations] on 1 node (KvxNMfPm)
<http://ec2-35-157-168-250.eu-central-1.compute.amazonaws.com:8081/#/v1/applications/hh4dq4cg0l/entities/hh4dq4cg0l/activities/subtask/KvxNMfPm>:
*Error
invoking start at Tomcat8ServerImpl{id=fvbtcdjzlf}: *FileNotFoundException:
/home/ec2-user/.ssh/brooklyn/tomcat-key.pem (Permission denied)*



The file is there and it has 600 rights.



Questions:

1.     Which user executes the ssh from the brooklyn server machine to the
new instantiated tomcat machine?

2.     In the above scenario I would like to provide my own pem file
(private key)  to the new machine created by Brooklyn. Why doesn’t work?
What permission should I set for the pem file?

3.     In the scenario that I don’t want to provide a private key file but
let the Brooklyn generates one for me, I could not find the generated key
for the ssh in the persistence entity file. In. How can I instruct Brooklyn
to include the generated key in the entity file?

 4. I have read the documentation about the ssh keys but is still not clear
for me what is the default behavior for the Brooklyn when no providing the
pem file. Will it generates one? Where is stored? AS I said I couldn't find
it in the /var/lib/data/entities/id_app_entity


I look forward for your answers.

  Florin

1. Yaml application when providing the key

YAML application:

name: simple-appserver-with-location

location: tom-id-aws-8

services:

- type: org.apache.brooklyn.entity.webapp.tomcat.Tomcat8Server


2. Location for the application with private key file provided

brooklyn.catalog:

  items:

  - id: tom-id-aws-8

    # NB: the version may need to be increased

    version: 0.0.1

    itemType: location

    item:

        type: jclouds:aws-ec2

        brooklyn.config:

          displayName: tom-id-aws-8

          region: eu-central-1

          identity: hidden

          credential: hidden

          keyPair: MyKeyPair

          loginUser: ec2-user

          loginUser.privateKeyFile:
/home/ec2-user/.ssh/brooklyn/tomcat-key.pem



3. Application when no providing the key


brooklyn.catalog:

  items:

  - id: tom-id-aws-1

    # NB: the version may need to be increased

    version: 0.0.1

    itemType: location

    item:

        type: jclouds:aws-ec2

        brooklyn.config:

          displayName: tom-id-aws-1

          region: eu-central-1

          identity: hidden

          credential: hidden