Hi Andrea, Yes, I can manually provision VM with the image ( my-image-id) and ssh into it using my-keypair .
What should be the next step ? Thanks, Gowri On Fri, Jun 24, 2016 at 9:29 PM, Andrea Turli < [email protected]> wrote: > Gowri, > > Can you try to manually provision a VM and ssh to it. > With those details, we will then setup the brooklyn location accordingly. > > Andrea > > Il 24/giu/2016 08:21, "Gowri LN" <[email protected]> ha scritto: > > > Hi Andrea, > > > > Apologies. My mistake..I corrected the yaml > > > > > > The yaml that I am trying now is : > > > > > > name: VM-new24 > > services: > > - type: brooklyn.entity.basic.EmptySoftwareProcess > > name: Empty software process > > ocation: > > jclouds:openstack-devtest-compute: > > endpoint: http://x.x.x.x:5000/v2.0/ > > identity: "my-tenant:my-username" > > credential: my-password > > # optional > > imageId: RegionOne/my-image-id > > hardwareId: RegionOne/2 > > loginUser: 'ubuntu' > > loginUser.privateKeyFile: /path-to/my/privatekey > > templateOptions: > > networks: [ "my-network" ] > > floatingIpPoolNames: [ "ext-net" ] > > securityGroups: ['my-security-group'] > > > > Error : > > > > > > 2016-06-24 05:29:29,348 WARN net.schmizz.sshj.DefaultConfig [user thread > > 5]: Disabling high-strength ciphers: cipher strengths apparently limited > by > > JCE policy > > 2016-06-24 05:29:29,506 ERROR net.schmizz.concurrent.Promise [user thread > > 5]: <<authenticated>> woke to: > net.schmizz.sshj.userauth.UserAuthException: > > publickey auth failed > > 2016-06-24 05:29:29,507 INFO jclouds.ssh [user thread 5]: << > > > > > (ubuntu:rsa[fingerprint(56:.....:2c),sha1(c1:a5:7f:09:d5:..........3c:59)]@X.x.x.x:22) > > error acquiring {hostAndPort=X.x.x.x:22, loginUser=ubuntu, ssh=null, > > connectTimeout=60000, sessionTimeout=60000} (attempt 1 of 50): Exhausted > > available authentication methods > > 2016-06-24 05:29:29,508 DEBUG o.j.h.h.BackoffLimitedRetryHandler [user > > thread 5]: Retry 1/50: delaying for 204 ms: > > > > > (ubuntu:rsa[fingerprint(56:7d:66:68:2a:f1:5c:1b:52:ec:34:21:c2:6c:37:2c),sha1(c1:a5:7f:09:d5:7a:44:52............42:fc:4d:7a:3c:59)]@x.x.x.x:22) > > error acquiring {hostAndPort=x.x.x.x:22, loginUser=ubuntu, ssh=null, > > connectTimeout=60000, sessionTimeout=60000}: Exhausted available > > authentication methods > > 2016-06-24 05:29:29,712 DEBUG jclouds.ssh [user thread 5]: >> > > > > > (ubuntu:rsa[fingerprint(56:7d..............c2:6c:37:2c),sha1(c1:a5:7f::7a:3c:59)]@X.x.x.x:22) > > acquiring {hostAndPort=X.x.x.x:22, loginUser=ubuntu, ssh=null, > > connectTimeout=60000, sessionTimeout=60000} > > > > > > Another question - Should the 'loginUser.privateKeyFile' be generated > as > > login.User ? What I mean is , when I try with a keypair generated by > > OpenStack I get the "no credential or ssh agent found for ubuntu " error > . > > But > > , I generated a different keypair with keygen and this resulted in > > different error as above for the same yaml. I am not sure if this makes > > sense but I could not understand the reason > > > > Also , I tried to manually ssh into the new VM with key pair which > resulted > > in - > > > > $ssh -v -i my-key [email protected] > > > OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 > > > debug1: Reading configuration data /etc/ssh/ssh_config > > > debug1: /etc/ssh/ssh_config line 19: Applying options for * > > > debug1: Connecting to X.x.x.x [X.x.x.x] port 22. > > > debug1: Connection established. > > > debug1: identity file ubuntu type 1 > > > debug1: identity file ubuntu-cert type -1 > > > debug1: Enabling compatibility mode for protocol 2.0 > > > debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.7 > > > debug1: Remote protocol version 2.0, remote software version > > > OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.7 > > > debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.7 pat OpenSSH_6.6.1* > > compat > > > 0x04000000 > > > debug1: SSH2_MSG_KEXINIT sent > > > debug1: SSH2_MSG_KEXINIT received > > > debug1: kex: server->client aes128-ctr [email protected] none > > > debug1: kex: client->server aes128-ctr [email protected] none > > > debug1: sending SSH2_MSG_KEX_ECDH_INIT > > > debug1: expecting SSH2_MSG_KEX_ECDH_REPLY > > > debug1: Server host key: ECDSA 34:08:75...e:7a:57:5f:38:37 > > > debug1: Host 'X.x.x.x' is known and matches the ECDSA host key. > > > debug1: Found key in /home/ubuntu/.ssh/known_hosts:1 > > > debug1: ssh_ecdsa_verify: signature correct > > > debug1: SSH2_MSG_NEWKEYS sent > > > debug1: expecting SSH2_MSG_NEWKEYS > > > debug1: SSH2_MSG_NEWKEYS received > > > debug1: SSH2_MSG_SERVICE_REQUEST sent > > > debug1: SSH2_MSG_SERVICE_ACCEPT received > > > debug1: Authentications that can continue: publickey > > > debug1: Next authentication method: publickey > > > debug1: Offering RSA public key: ubuntu > > > debug1: Authentications that can continue: publickey > > > debug1: No more authentication methods to try. > > > Permission denied (publickey). > > > > > > > Thanks a lot for the support , > > Gowri > > > > On Thu, Jun 23, 2016 at 5:52 PM, Andrea Turli < > > [email protected]> wrote: > > > > > I think it is > > > > > > loginUser.privateKeyFile: /path/to/private/key/for/loginUser > > > > > > not > > > > > > loginUser.privateKeyData: > "/home/ubuntu/openstack-in-key-g-priv.ppk" > > > > > > On 23 June 2016 at 14:15, Gowri LN <[email protected]> wrote: > > > > > > > Hi Andrea, > > > > > > > > Apologies. I missed out the difference of including > > > > loginUser,loginUser.privateKeyyFile outside template options. > > > > > > > > I tried the new yaml as suggested but I get the following error : > > > > > > > > > > > > RunNodesException: error running 1 node > > > > > group(brooklyn-o982m4-ubuntu-vm-ne-pdy7-empty-software-p-hkpn) > > > > > location(RegionOne) image(...imageid..) size(2) > > > > options({loginUser=ubuntu, > > > > > loginPrivateKeyPresent=true, scriptPresent=true, > > > > > securityGroups=[..my-security-group-name], > > > > > > > > > > > > > > > userMetadata={Name=brooklyn-o982m4-ubuntu-vm-ne-pdy7-empty-software-p-hkpn-artw, > > > > > brooklyn-user=ubuntu, brooklyn-app-id=PDy7dD1P, > > > > brooklyn-app-name=VM-new13, > > > > > brooklyn-entity-id=hKpNlTVx, brooklyn-entity-name=Empty software > > > process, > > > > > brooklyn-server-creation-date=2016-06-23-1130}, networks=[......], > > > > > floatingIpPoolNames=[.....], generateKeyPair=true, > > configDrive=false}) > > > > > Execution failures: > > > > > 0 error[s] > > > > > Node failures: > > > > > 1) IllegalArgumentException on node > > > > > RegionOne/e9ded49e-8ae0-404b-9a0f-7705f6a55622: > > > > > java.lang.IllegalArgumentException: no credential or ssh agent > found > > > for > > > > > ubuntu on node RegionOne/e9ded49e-8ae0-404b-9a0f-7705f6a55622 > > > > > at > > > > > > > > > > > > > > > com.google.common.base.Preconditions.checkArgument(Preconditions.java:148) > > > > > > > > > yaml I tried: > > > > name: VM-new13 > > > > services: > > > > - type: brooklyn.entity.basic.EmptySoftwareProcess > > > > name: Empty software process > > > > location: > > > > jclouds:openstack-devtest-compute: > > > > endpoint: https://x.x.x.x:5000/v2.0/ > > > > identity: "my-tenant:my-username" > > > > credential: password > > > > imageId: RegionOne/image-id > > > > hardwareId: RegionOne/2 > > > > loginUser: "ubuntu" > > > > loginUser.privateKeyData: > > "/home/ubuntu/openstack-in-key-g-priv.ppk" > > > > templateOptions: > > > > networks: [ "network-id" ] > > > > floatingIpPoolNames: [ "name-of-my-floatingIp-pool" ] > > > > securityGroups: ['my-security-group-name'] > > > > > > > > > > > > Thanks, > > > > Gowri > > > > > > > > > > > > On Thu, Jun 23, 2016 at 1:32 PM, Andrea Turli < > > > > [email protected]> wrote: > > > > > > > > > Hi Gowri, > > > > > > > > > > > 2016-06-23 06:05:12,297 WARN o.a.b.l.j.JcloudsLocation > > > > > > [brooklyn-execmanager-XlwkWB3k-312]: Ignoring request to set > > template > > > > > > option loginUser because this is not supported by > > > > > > > org.jclouds.openstack.nova.v2_0.compute.options.NovaTemplateOptions > > > > > > 2016-06-23 06:05:12,298 WARN o.a.b.l.j.JcloudsLocation > > > > > > [brooklyn-execmanager-XlwkWB3k-312]: Ignoring request to set > > template > > > > > > option loginUser.privateKeyData because this is not supported by > > > > > > > org.jclouds.openstack.nova.v2_0.compute.options.NovaTemplateOptions > > > > > > > > > > > > > > > I guess this means that you are passing `loginUser` and > > > > > `loginUser.privateKeyData` as templateOptions. Try again exactly > with > > > > > this one, and let us know: > > > > > > > > > > services: > > > > > - type: brooklyn.entity.basic.EmptySoftwareProcess > > > > > > > > > > location: > > > > > jclouds:openstack-devtest-compute: > > > > > endpoint: https://x.x.x.x:5000/v2.0/ > > > > > identity: "my-tenant:my-username" > > > > > credential: password > > > > > loginUser: ubuntu > > > > > loginUser.privateKeyFile: /path/to/private/key/for/loginUser > > > > > imageId: RegionOne/image-id > > > > > hardwareId: RegionOne/2 > > > > > templateOptions: > > > > > networks: [ "network-id" ] > > > > > floatingIpPoolNames: [ "name-of-my-floatingIp-pool" ] > > > > > > > > > > Best, > > > > > Andrea > > > > > > > > > > > > > > >
