cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nux! <...@li.nux.ro>
Subject Re: Need help in getting CentOS 7 templates to run on Cloudstack 4.9 and VMWare
Date Wed, 05 Apr 2017 18:21:13 GMT
Syed,

NetworkManager strikes again! ... I'll make sure it disappears from the template. Darn ...

The centos user password as set by the kickstart is indeed "password" so the template can
be accessed should cloud-init fail.
I am not entirely at peace with this as could lead to security problems.

The thing is, if cloud-init fails to retrieve the metadata, then it will not continue the
setup in which it adds the user to sudoers, setup swap etc etc.

That is why you could login with "password" but everything else was broken.

Thanks for spotting this.

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

----- Original Message -----
> From: "Syed Ahmed" <sahmed@cloudops.com>
> To: "dev" <dev@cloudstack.apache.org>
> Cc: "Nux!" <nux@li.nux.ro>
> Sent: Wednesday, 5 April, 2017 16:41:27
> Subject: Re: Need help in getting CentOS 7 templates to run on Cloudstack 4.9 and VMWare

> Hi Nux,
> 
> So I'm still having trouble with the template :)
> 
> As per the configuration
> http://dl.openvm.eu/cloudstack/config/centos/centos7-vmware.cfg the
> `centos` user gets the password set to as `password` but is never added to
> the sudoers list. When does that happen? Also, From the cloud-init logs it
> looks like it's not using the DHCP server but the default gateway so things
> like ssh-key is not being set.
> 
> Apr  5 15:17:26 syed-test cloud-init: Cloud-init v. 0.7.5 running
> 'init-local' at Wed, 05 Apr 2017 15:17:26 +0000. Up 8.99 seconds.
> Apr  5 15:18:13 syed-test cloud-init: Cloud-init v. 0.7.5 running 'init' at
> Wed, 05 Apr 2017 15:18:13 +0000. Up 16.84 seconds.
> Apr  5 15:18:13 syed-test cloud-init: ci-info:
> ++++++++++++++++++++++++++Net device info+++++++++++++++++++++++++++
> Apr  5 15:18:13 syed-test cloud-init: ci-info:
> +--------+------+--------------+---------------+-------------------+
> Apr  5 15:18:13 syed-test cloud-init: ci-info: | Device |  Up  |
> Address    |      Mask     |     Hw-Address    |
> Apr  5 15:18:13 syed-test cloud-init: ci-info:
> +--------+------+--------------+---------------+-------------------+
> Apr  5 15:18:13 syed-test cloud-init: ci-info: |  lo:   | True |
> 127.0.0.1   |   255.0.0.0   |         .         |
> Apr  5 15:18:13 syed-test cloud-init: ci-info: | eth0:  | True |
> 172.31.0.130 | 255.255.254.0 | 06:5a:58:00:01:6a |
> Apr  5 15:18:13 syed-test cloud-init: ci-info:
> +--------+------+--------------+---------------+-------------------+
> Apr  5 15:18:13 syed-test cloud-init: ci-info:
> +++++++++++++++++++++++++++++++Route info+++++++++++++++++++++++++++++++
> Apr  5 15:18:13 syed-test cloud-init: ci-info:
> +-------+-------------+------------+---------------+-----------+-------+
> Apr  5 15:18:13 syed-test cloud-init: ci-info: | Route | Destination |
> Gateway   |    Genmask    | Interface | Flags |
> Apr  5 15:18:13 syed-test cloud-init: ci-info:
> +-------+-------------+------------+---------------+-----------+-------+
> Apr  5 15:18:13 syed-test cloud-init: ci-info: |   0   |   0.0.0.0   |
> 172.31.0.1 |    0.0.0.0    |    eth0   |   UG  |
> Apr  5 15:18:13 syed-test cloud-init: ci-info: |   1   |  172.31.0.0 |
> 0.0.0.0   | 255.255.254.0 |    eth0   |   U   |
> Apr  5 15:18:13 syed-test cloud-init: ci-info:
> +-------+-------------+------------+---------------+-----------+-------+
> Apr  5 15:19:03 syed-test cloud-init: 2017-04-05 15:19:03,970 -
> url_helper.py[WARNING]: Calling '
> http://172.31.0.1//latest/meta-data/instance-id' failed [50/120s]:
> unexpected error ['NoneType' object has no attribute 'status_code']
> Apr  5 15:19:55 syed-test cloud-init: 2017-04-05 15:19:55,026 -
> url_helper.py[WARNING]: Calling '
> http://172.31.0.1//latest/meta-data/instance-id' failed [101/120s]:
> unexpected error ['NoneType' object has no attribute 'status_code']
> Apr  5 15:20:13 syed-test cloud-init: 2017-04-05 15:20:13,048 -
> url_helper.py[WARNING]: Calling '
> http://172.31.0.1//latest/meta-data/instance-id' failed [119/120s]:
> unexpected error ['NoneType' object has no attribute 'status_code']
> Apr  5 15:20:14 syed-test cloud-init: 2017-04-05 15:20:14,050 -
> DataSourceCloudStack.py[CRITICAL]: Giving up on waiting for the metadata
> from ['http://172.31.0.1//latest/meta-data/instance-id'] after 120 seconds
> Apr  5 15:20:14 syed-test cloud-init: 2017-04-05 15:20:14,050 -
> util.py[WARNING]: No instance datasource found! Likely bad things to come!
> 
> Looking at DataSourceCloudStack.py it seems like it is looking for leases
> in "/var/lib/dhclient", "/var/lib/dhcp" however the leases are located in
> "/var/lib/NetworkManager/" Do you know who maintains the
> DataSourceCloudStack.py? We fix this by either changing
> DataSourceCloudStack.py or by adding NM_CONTROLLED=no (and other conf
> params) in /etc/sysconfig/network-scripts/ifcfg-ethX . Let me know what you
> think.
> 
> Thanks,
> -Syed
> 
> 
> On Mon, Apr 3, 2017 at 10:15 AM, Syed Ahmed <sahmed@cloudops.com> wrote:
> 
>> I'd love to see the 169.254.169.254 implemented. Maybe something we
>> can hack on at the CCC in Miami ;)
>>
>> On Mon, Apr 3, 2017 at 4:24 AM, Erik Weber <terbolous@gmail.com> wrote:
>> > On Mon, Apr 3, 2017 at 9:41 AM, Nux! <nux@li.nux.ro> wrote:
>> >> Syed,
>> >>
>> >> AFAIK the standard behaviour that is baked in the password script as
>> well as in the cloud-init Cloudstack meta source is to try whichever
>> address provides the DHCP.
>> >>
>> >> Can't wait to see config drive implemented so we can get rid of all
>> these head aches.
>> >
>> > Or the 169.254.169.254 address implemented :-)
>> >
>> > --
>> > Erik

Mime
View raw message