[Openstack] Key injection failure on boot
Vishvananda Ishaya
vishvananda at gmail.com
Fri Jan 11 19:30:58 UTC 2013
If it isn't showing up sometimes, there should be some data in the guest console log from cloud-init about failing to download the key or failing to get metadata or something. If you could track down what is going on there it would be very helpful. If you have some other means to login to the instance you could also verify that the public key is actually showing in the metadata server:
curl http://169.254.169.254/2009-04-04/meta-data/public-keys/0/openssh-key
(from http://docs.openstack.org/trunk/openstack-compute/admin/content/metadata-service.html)
Vish
On Jan 11, 2013, at 11:25 AM, David Kranz <david.kranz at qrclab.com> wrote:
> Thanks Vish, but I am still a little confused. I am using an ubuntu precise cloudimg and normally when I pass a keyname to "boot", the public key shows up in ~ubuntu/.ssh/authorized_keys.
> Looking at the console log, I presume it is the guest cloud-init that is doing that. But sometimes not. This has to be a bug some where even if it is not in nova. There is a lot of mechanism here that I don't understand. If there is documentation some where about exactly how to use metadata to install an ssh key I can't find it. Do you have any more advice?
>
> -David
>
> On 1/11/2013 1:32 PM, Vishvananda Ishaya wrote:
>> Key name is the recommended method, but injecting it into the guest is not. The key should be downloaded from the metadata server using a guest process like cloud-init.
>>
>> Vish
>>
>> On Jan 11, 2013, at 10:20 AM, David Kranz <david.kranz at qrclab.com> wrote:
>>
>>> Sometimes when I boot a bunch of vms seconds apart, using the key_name argument, some instance will not have its key injected.
>>> I found a bug ticket marked "won't fix" with a comment from Vish that key injection was for "developer convenience"[1]. Of course
>>> the personality argument could also be used to inject the file. This is odd because key_name is a documented part of nova client, as the files
>>> mechanism. So what is the recommended way to do what the key_name argument is documented to do?
>>>
>>> I think if key_name is not intended to work it should be removed from nova client.
>>>
>>> -David
>>>
>>>
>>> [1] https://bugs.launchpad.net/nova/+bug/967994
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to : openstack at lists.launchpad.net
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help : https://help.launchpad.net/ListHelp
>
More information about the Openstack
mailing list