brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mikezaccardo <...@git.apache.org>
Subject [GitHub] brooklyn-docs pull request #98: Improve location docs
Date Tue, 02 Aug 2016 21:34:40 GMT
Github user mikezaccardo commented on a diff in the pull request:

    https://github.com/apache/brooklyn-docs/pull/98#discussion_r73242356
  
    --- Diff: guide/ops/locations/_openstack.md ---
    @@ -91,33 +143,95 @@ This is the same OpenStack location in a format that can be added
to your
         brooklyn.location.named.My\ OpenStack.securityGroups=your-security-group
         brooklyn.location.named.My\ OpenStack.keyPair=your-keypair
     
    -Chose a value of `your-flavor-id` from one of the defaults, or create your own flavor
if
    -you have administrator privileges.
    -For for more information, see the
    -[OpenStack flavors guide](http://docs.openstack.org/admin-guide/cli_manage_flavors.html).
     
    -The default flavors are:
    +### Troubleshooting
     
    -    +-----+-----------+-----------+------+
    -    | ID  | Name      | Memory_MB | Disk |
    -    +-----+-----------+-----------+------+
    -    | 1   | m1.tiny   | 512       | 1    |
    -    | 2   | m1.small  | 2048      | 20   |
    -    | 3   | m1.medium | 4096      | 40   |
    -    | 4   | m1.large  | 8192      | 80   |
    -    | 5   | m1.xlarge | 16384     | 160  |
    -    +-----+-----------+-----------+------+
    +#### Cloud Credentials Failing
     
    -For an even more detailed example location configuration, consult the
    -[template properties file](https://brooklyn.apache.org/v/latest/start/brooklyn.properties).
    +If the cloud API calls return `401 Unauthorized` (e.g. in a `org.jclouds.rest.AuthorizationException`),
    +then this could be because the credentials are incorrect.
     
    +A good way to check this is to try the same credentials with the 
    +[OpenStack nova command line client](http://docs.openstack.org/user-guide/common/cli_install_openstack_command_line_clients.html).
     
    -### Other features
     
    -Consult jclouds' [Nova template options](https://jclouds.apache.org/reference/javadoc/1.9.x/org/jclouds/openstack/nova/v2_0/compute/options/NovaTemplateOptions.html)
    -for futher options when configuring Openstack locations.
    +#### Unable to SSH: Wrong User
    +
    +If SSH authentication fails, it could be that the login user is incorrect. For most clouds,
this 
    +is inferred from the image metadata, but if no (or the wrong) login user is specified
then it will  
    +default to root. The correct login user can be specified using the configuration option
`loginUser`.
    +For example, `loginUser: ubuntu`.
    +
    +The use of the wrong login user can also result in the obscure error shown below, caused
by 
    +an unexpected response saying to use a different user. For more technical information,
see 
    +this [sshj github issue](https://github.com/hierynomus/sshj/issues/75):
    +
    +    Received message too long 1349281121
    +
    +
    +#### I Want to Use my Own KeyPair
    +
    +By default, jclouds will auto-generate a new [key pair](http://docs.openstack.org/user-guide/cli_nova_configure_access_security_for_instances.html)
    +for the VM. This key pair will be deleted automatically when the VM is deleted.
    +
    +Alternatively, you can use a pre-existing key pair. If so, you must also specify the
corresponding
    +private key (pem file, or data) to be used for the initial login. For example:
    +   
    +    location:
    +      jclouds:clouds:openstack-nova:
    +        ...
    +        jclouds.openstack-nova.auto-generate-keypairs: false
    +        keyPair: "my-keypair"
    +        loginUser: ubuntu
    +        loginUser.privateKeyFile: /path/to/my/privatekey.pem
    +
    +
    +#### Error "doesn't contain ... -----BEGIN"
    +
    +If using `loginUser.privateKeyFile` (or `loginUser.privateKeyData`), this is expected
to be a .pem
    +file. If a different format is used (e.g. a .ppk file), it will give an error like that
below:
    +
    +    Error invoking start at EmptySoftwareProcessImpl{id=TrmhitVc}: chars
    +    PuTTY-User-Key-File-2: ssh-rsa
    +    ...
    +    doesn't contain % line [-----BEGIN ]
    +
    +
    +#### Warning Message: "Ignoring request to set..."
    +
    +If you see a warning log message like that below:
    +
    +    2016-06-23 06:05:12,297 WARN  o.a.b.l.j.JcloudsLocation [brooklyn-execmanager-XlwkWB3k-312]:

    +    Ignoring request to set template option loginUser because this is not supported by

    +    org.jclouds.openstack.nova.v2_0.compute.options.NovaTemplateOptions
    +
    +It can mean that the location configuration option is in the wrong place. The configuration
under 
    +`templateOptions` must correspond to those options on the
    +[jclouds Nova template options](https://jclouds.apache.org/reference/javadoc/1.9.x/org/jclouds/openstack/nova/v2_0/compute/options/NovaTemplateOptions.html).
    +However, template options such as `loginUser` are top-level configuration options that
should not
    +be inside the `templateOptions` section.
    +
    +
    +#### HttpResponseException Accessing Compute Endpoint
    +
    +The Keystone endpoint is first queried to get the API access endpoints for the appropriate
services.
    +
    +Some private OpenStack installs are (mis)configured such that the returned addresses
are not always 
    +directly accessible. It could be that the service is behind a VPN, or that they rely
on hostnames
    +that are only in a private DNS.
    +
    +You can find the service endpoints in OpenStack, either using the CLI or the web-console.
For 
    +example, in Blue Box the URL is https://tenant-region.openstack.blueboxgrid.com/project/access_and_security/.
    --- End diff --
    
    Same question as @andreaturli about whether we should use this non "public" cloud?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message