Hi Eswar, Thanks for the suggestions. The changes you mentioned did not help resolve the permission error. I confirmed that there is not timeout in copying the key and the right pub_key details are copied to authorized_keys in the dcaeorcl00 VM. I have seen many key configuration in the bootstrap VM , at following files . My understanding is that only priv_key and pub_key.txt in /opt/config need to be updated. But lloks like that is not sufficient
· /opt/config : priv_key and pub_key.txt · /opt/app/config/key which is a copy of /opt/config/priv_key (copied by dcae2_install.sh) · /opt/app/inputs-templates/inputs.yaml : key_filename: '/opt/dcae/key' -> I don’t have this file. Probably I need to point this parameter to /opt/app/config/key · /opt/app/inputs-templates/cdapinputs.yaml : key_filename: '/opt/dcae/key' -> Same as above I don’t have this file. · /opt/app/config/inputs.yaml : keypair: 'onap_dcae_key' -> This is the key pair I have created exclusively for DCAE instances with public key imported from dcae bootstrap VM (root user) · /opt/app/config/cdapinputs.yaml: -> Same as above I have private key, public_key in all the above corresponding to dcae_bootstrap root user . Hope this is the correct configuration. Thanks Manoj From: ESWAR RAO [mailto:eswar7...@gmail.com] Sent: Monday, February 12, 2018 3:12 PM To: Manoj K Nair Cc: onap-discuss@lists.onap.org Subject: Re: [onap-discuss] [dcae] DCAE Installation Failure [External Email] ________________________________ Hi Manoj, Recently I observed two problems that can cause this issue during DCAE bring-up. (1) check key in dcae VM same as your provate_key root@onap-dcae-bootstrap:/home/ubuntu# cat /opt/app/config/key (2) Check console logs of dcaeorcl00 VM. Check for any timing out issues with meta-data agent 169.254.169.254 to import keys. Hope this helps !!! Thanks Eswar Rao On Mon, Feb 12, 2018 at 3:02 PM, Manoj K Nair <manoj.k.n...@netcracker.com<mailto:manoj.k.n...@netcracker.com>> wrote: Hi DCAE Team, I am trying to install DCAE (official Amsterdam Release, not the patch 1.1.0 or beyond) using bootstrap VM on Openstack Ocata and got installation failure while bringing up the associated VMs from boot container. We are using a proxy-less installation as we have Designate support in the target Openstack. Following is the error message noted in the boot docker logs Installing Cloudify Manager on 192.168.1.175. + echo 'Installing Cloudify Manager on 192.168.1.175.' ++ grep PVTIP ++ sed s/PVTIP=// ++ ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i ./key600 centos@192.168.1.175<mailto:centos@192.168.1.175> 'echo PVTIP=`curl --silent http://169.254.169.254/2009-04-04/meta-data/local-ipv4`<http://169.254.169.254/2009-04-04/meta-data/local-ipv4>' Warning: Permanently added '192.168.1.175' (ECDSA) to the list of known hosts. Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). + PVTIP= Cannot access specified machine at 192.168.1.175 using supplied credentials Noted that there is an error with the key being used . In the bootstrap VM I have used the target Openstack keypair for Priv_key and pub_key.txt in /opt/config (This is automatically read from the Openstack heat environment dcae* parameters) . We have adjusted the Keystone URLs to point to the target Openstack environment. We are able to see one new VM being instantiatied (192.168.1.175). But further access to this VM is not possible due to the above error. We have used Centos-7-x86_v64 image available here<http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1801-01.qcow2> for DCAE VM images. We also tried to use key from dcae-bootstrap VM (created using ssh-keygen) in priv_key and pub-key.txt , but that did not work. We assume there is some issue in copying the keys to the authorized_keys in the VMs brought up by Cloudify. Appreciate if you can let us know if any additional configuration is required. Thanks Manoj ________________________________ The information transmitted herein is intended only for the person or entity to which it is addressed and may contain confidential, proprietary and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. _______________________________________________ onap-discuss mailing list onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org> https://lists.onap.org/mailman/listinfo/onap-discuss ________________________________ The information transmitted herein is intended only for the person or entity to which it is addressed and may contain confidential, proprietary and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.
_______________________________________________ onap-discuss mailing list onap-discuss@lists.onap.org https://lists.onap.org/mailman/listinfo/onap-discuss
