brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gowri LN <gowri.ln...@gmail.com>
Subject Re: Need help in deploying Brooklyn on OpenStack liberty
Date Fri, 24 Jun 2016 06:21:26 GMT
Hi Andrea,

Apologies. My mistake..I corrected the yaml


The yaml that I am trying now is :


name: VM-new24
services:
- type: brooklyn.entity.basic.EmptySoftwareProcess
  name: Empty software process
ocation:
  jclouds:openstack-devtest-compute:
    endpoint: http://x.x.x.x:5000/v2.0/
    identity: "my-tenant:my-username"
    credential: my-password
    # optional
    imageId: RegionOne/my-image-id
    hardwareId: RegionOne/2
    loginUser: 'ubuntu'
    loginUser.privateKeyFile: /path-to/my/privatekey
    templateOptions:
      networks: [ "my-network" ]
      floatingIpPoolNames: [ "ext-net" ]
      securityGroups: ['my-security-group']

Error :


2016-06-24 05:29:29,348 WARN  net.schmizz.sshj.DefaultConfig [user thread
5]: Disabling high-strength ciphers: cipher strengths apparently limited by
JCE policy
2016-06-24 05:29:29,506 ERROR net.schmizz.concurrent.Promise [user thread
5]: <<authenticated>> woke to: net.schmizz.sshj.userauth.UserAuthException:
publickey auth failed
2016-06-24 05:29:29,507 INFO  jclouds.ssh [user thread 5]: <<
(ubuntu:rsa[fingerprint(56:.....:2c),sha1(c1:a5:7f:09:d5:..........3c:59)]@X.x.x.x:22)
error acquiring {hostAndPort=X.x.x.x:22, loginUser=ubuntu, ssh=null,
connectTimeout=60000, sessionTimeout=60000} (attempt 1 of 50): Exhausted
available authentication methods
2016-06-24 05:29:29,508 DEBUG o.j.h.h.BackoffLimitedRetryHandler [user
thread 5]: Retry 1/50: delaying for 204 ms:
(ubuntu:rsa[fingerprint(56:7d:66:68:2a:f1:5c:1b:52:ec:34:21:c2:6c:37:2c),sha1(c1:a5:7f:09:d5:7a:44:52............42:fc:4d:7a:3c:59)]@x.x.x.x:22)
error acquiring {hostAndPort=x.x.x.x:22, loginUser=ubuntu, ssh=null,
connectTimeout=60000, sessionTimeout=60000}: Exhausted available
authentication methods
2016-06-24 05:29:29,712 DEBUG jclouds.ssh [user thread 5]: >>
(ubuntu:rsa[fingerprint(56:7d..............c2:6c:37:2c),sha1(c1:a5:7f::7a:3c:59)]@X.x.x.x:22)
acquiring {hostAndPort=X.x.x.x:22, loginUser=ubuntu, ssh=null,
connectTimeout=60000, sessionTimeout=60000}


Another question - Should the   'loginUser.privateKeyFile' be generated as
login.User ? What I mean is , when I try with a keypair generated by
OpenStack I get the "no credential or ssh agent found for ubuntu " error . But
, I generated a different keypair with keygen and this resulted in
different error as above for the same yaml. I am not sure if this makes
sense but I could not understand the reason

Also , I tried to manually ssh into the new VM with key pair which resulted
in -

$ssh  -v  -i my-key ubuntu@X.x.x.x
> OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 19: Applying options for *
> debug1: Connecting to X.x.x.x [X.x.x.x] port 22.
> debug1: Connection established.
> debug1: identity file ubuntu type 1
> debug1: identity file ubuntu-cert type -1
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.7
> debug1: Remote protocol version 2.0, remote software version
> OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.7
> debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.7 pat OpenSSH_6.6.1* compat
> 0x04000000
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
> debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
> debug1: sending SSH2_MSG_KEX_ECDH_INIT
> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
> debug1: Server host key: ECDSA 34:08:75...e:7a:57:5f:38:37
> debug1: Host 'X.x.x.x' is known and matches the ECDSA host key.
> debug1: Found key in /home/ubuntu/.ssh/known_hosts:1
> debug1: ssh_ecdsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Offering RSA public key: ubuntu
> debug1: Authentications that can continue: publickey
> debug1: No more authentication methods to try.
> Permission denied (publickey).
>

Thanks a lot for the support ,
Gowri

On Thu, Jun 23, 2016 at 5:52 PM, Andrea Turli <
andrea.turli@cloudsoftcorp.com> wrote:

> I think it is
>
>     loginUser.privateKeyFile: /path/to/private/key/for/loginUser
>
> not
>
>     loginUser.privateKeyData: "/home/ubuntu/openstack-in-key-g-priv.ppk"
>
> On 23 June 2016 at 14:15, Gowri LN <gowri.ln123@gmail.com> wrote:
>
> > Hi Andrea,
> >
> > Apologies. I missed out the difference of including
> > loginUser,loginUser.privateKeyyFile outside template options.
> >
> > I tried the new yaml as suggested but I get the following error :
> >
> >
> > RunNodesException: error running 1 node
> > > group(brooklyn-o982m4-ubuntu-vm-ne-pdy7-empty-software-p-hkpn)
> > > location(RegionOne) image(...imageid..) size(2)
> > options({loginUser=ubuntu,
> > > loginPrivateKeyPresent=true, scriptPresent=true,
> > > securityGroups=[..my-security-group-name],
> > >
> >
> userMetadata={Name=brooklyn-o982m4-ubuntu-vm-ne-pdy7-empty-software-p-hkpn-artw,
> > > brooklyn-user=ubuntu, brooklyn-app-id=PDy7dD1P,
> > brooklyn-app-name=VM-new13,
> > > brooklyn-entity-id=hKpNlTVx, brooklyn-entity-name=Empty software
> process,
> > > brooklyn-server-creation-date=2016-06-23-1130}, networks=[......],
> > > floatingIpPoolNames=[.....], generateKeyPair=true, configDrive=false})
> > > Execution failures:
> > > 0 error[s]
> > > Node failures:
> > > 1) IllegalArgumentException on node
> > > RegionOne/e9ded49e-8ae0-404b-9a0f-7705f6a55622:
> > > java.lang.IllegalArgumentException: no credential or ssh agent found
> for
> > > ubuntu on node RegionOne/e9ded49e-8ae0-404b-9a0f-7705f6a55622
> > > at
> > >
> >
> com.google.common.base.Preconditions.checkArgument(Preconditions.java:148)
> > >
> >  yaml I tried:
> > name: VM-new13
> > services:
> > - type: brooklyn.entity.basic.EmptySoftwareProcess
> >   name: Empty software process
> > location:
> >   jclouds:openstack-devtest-compute:
> >     endpoint: https://x.x.x.x:5000/v2.0/
> >     identity: "my-tenant:my-username"
> >     credential: password
> >     imageId: RegionOne/image-id
> >     hardwareId: RegionOne/2
> >     loginUser: "ubuntu"
> >     loginUser.privateKeyData: "/home/ubuntu/openstack-in-key-g-priv.ppk"
> >     templateOptions:
> >       networks: [ "network-id" ]
> >       floatingIpPoolNames: [ "name-of-my-floatingIp-pool" ]
> >       securityGroups: ['my-security-group-name']
> >
> >
> > Thanks,
> > Gowri
> >
> >
> > On Thu, Jun 23, 2016 at 1:32 PM, Andrea Turli <
> > andrea.turli@cloudsoftcorp.com> wrote:
> >
> > > Hi Gowri,
> > >
> > > > 2016-06-23 06:05:12,297 WARN  o.a.b.l.j.JcloudsLocation
> > > > [brooklyn-execmanager-XlwkWB3k-312]: Ignoring request to set template
> > > > option loginUser because this is not supported by
> > > > org.jclouds.openstack.nova.v2_0.compute.options.NovaTemplateOptions
> > > > 2016-06-23 06:05:12,298 WARN  o.a.b.l.j.JcloudsLocation
> > > > [brooklyn-execmanager-XlwkWB3k-312]: Ignoring request to set template
> > > > option loginUser.privateKeyData because this is not supported by
> > > > org.jclouds.openstack.nova.v2_0.compute.options.NovaTemplateOptions
> > >
> > >
> > > I guess this means that you are passing `loginUser` and
> > > `loginUser.privateKeyData` as templateOptions. Try again exactly with
> > > this one, and let us know:
> > >
> > > services:
> > > - type: brooklyn.entity.basic.EmptySoftwareProcess
> > >
> > > location:
> > >   jclouds:openstack-devtest-compute:
> > >     endpoint: https://x.x.x.x:5000/v2.0/
> > >     identity: "my-tenant:my-username"
> > >     credential: password
> > >     loginUser: ubuntu
> > >     loginUser.privateKeyFile: /path/to/private/key/for/loginUser
> > >     imageId: RegionOne/image-id
> > >     hardwareId: RegionOne/2
> > >     templateOptions:
> > >       networks: [ "network-id" ]
> > >       floatingIpPoolNames: [ "name-of-my-floatingIp-pool" ]
> > >
> > > Best,
> > > Andrea
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message