Regarding SSH Keys and logging into nodes, you need to set the NODEPOOL_SSH_KEY 

1.       I documented my notes here

2.       This is also documented ‘officially’ here:

3.       Also, I had an issue getting puppet to do the right thing with keys, 
so it gets forced here:


From: Eduard Matei []
Sent: Friday, January 09, 2015 8:58 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [OpenStack-Infra] [ThirdPartyCI] Need help setting 
up CI

Thanks Patrick,
Indeed it seems the cloud provider was setting up vms on a bridge whose eth was 
DOWN so the vms could not connect to the outside world so the prepare script 
was failing.
Looking into that.



On Fri, Jan 9, 2015 at 6:44 PM, Patrick East 
<<>> wrote:
Ah yea, sorry, should have specified; I am having it run the from the infra repo. I see it adding the same public 
key to the user specified in my nodepool.yaml. The strange part (and I need to 
double check.. feel like it can't be right) is that on my master node the 
nodepool users id_rsa changed at some point in the process.


On Fri, Jan 9, 2015 at 8:38 AM, Jeremy Stanley 
<<>> wrote:
On 2015-01-09 08:28:39 -0800 (-0800), Patrick East wrote:
> On a related note, I am having issues with the ssh keys. Nodepool
> is able to log in to the node to set up the template and create an
> image from it, but then fails to log in to a build node. Have you
> run into any issues with that?

Your image build needs to do _something_ to make SSH into the
resulting nodes possible. We accomplish that by applying a puppet
manifest which sets up an authorized_keys file for the account we
want it to use, but there are countless ways you could go about it
in your environment.
Jeremy Stanley

OpenStack-dev mailing list<>

OpenStack-dev mailing list<>


Eduard Biceri Matei, Senior Software Developer<>


CloudFounders, The Private Cloud Software Company


This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.
If you are not the named addressee or an employee or agent responsible for 
delivering this message to the named addressee, you are hereby notified that 
you are not authorized to read, print, retain, copy or disseminate this message 
or any part of it. If you have received this email in error we request you to 
notify us by reply e-mail and to delete all electronic files of the message. If 
you are not the intended recipient you are notified that disclosing, copying, 
distributing or taking any action in reliance on the contents of this 
information is strictly prohibited.
E-mail transmission cannot be guaranteed to be secure or error free as 
information could be intercepted, corrupted, lost, destroyed, arrive late or 
incomplete, or contain viruses. The sender therefore does not accept liability 
for any errors or omissions in the content of this message, and shall have no 
liability for any loss or damage suffered by the user, which arise as a result 
of e-mail transmission.
OpenStack-dev mailing list

Reply via email to