Thanks Rickard, I've run with -on-error=ask and I'm able to log in with the generated password, find the temporary public key has not been put on the server and no .ssh directory exists. Once I add the public key ro .ssh/authorized keys and retry the rest of the process completes without a hitch.
This is what I get back from the URLs the page you linked show [root@localhost ~]# curl http://192.168.1.1/latest/user-data [root@localhost ~]# curl http://192.168.1.1/latest/meta-data service-offering availability-zone local-ipv4 local-hostname public-ipv4 public-hostname instance-id vm-id public-keys cloud-identifier [root@localhost ~]# curl http://192.168.1.1/latest/meta-data/cloud-identifier CloudStack-{2f818df1-6d64-40e2-aa67-9bfa3a6a6637} [root@localhost ~]# curl http://192.168.1.1/latest/meta-data/public-ipv4 x.x.x.x [root@localhost ~]# curl http://192.168.1.1/latest/meta-data/local-ipv4 192.168.1.71 This is what I see in logs: Sep 19 13:14:59 localhost rc.local: Starting cloud cloud-set-guest-password. Sep 19 13:15:09 localhost cloud: Found password server IP 192.168.1.1 in / var/lib/NetworkManager/dhclient-3f280eb6-a130-4589-9cd4-4947081d6ae8- eno16777752.lease Sep 19 13:15:09 localhost cloud: Sending request to password server at 192.168.1.1 Sep 19 13:15:10 localhost cloud: Got response from server at 192.168.1.1 Sep 19 13:15:10 localhost cloud: VM got a valid password from server at 192.168.1.1 Sep 19 13:15:10 localhost cloud: Changing password ... Sep 19 13:15:10 localhost cloud: Sending acknowledgment to password server at 192.168.1.1 Don't see anything in our external logging either that sheds any light On Tuesday, September 19, 2017 at 12:47:53 PM UTC+1, Rickard von Essen wrote: > > I would start by creating a template where you have some fixed credentials > that you can use for debugging (or use the console). Run packer build > --on-error=ask, so when it fails you have time to troubleshoot. > > Jump into the node to debug if cloud-init is functioning as it should, see > http://cloudinit.readthedocs.io/en/latest/topics/datasources/cloudstack.html > > You should be able to curl down the public key for the key-pair somewhere > on http://10.1.1.1/latest/user-data. Then check the cloud-init logs to > see if there is any error configuring you image. > > If you get stuck post some more details here. > > On 19 September 2017 at 13:26, David Curran <[email protected] > <javascript:>> wrote: > >> I'm trying to build CentOS templates in cloudstack using Packer. >> >> Below is a config.json that works for ubuntu using temporary keys: >> >> >> "builders": [{ >> "type": "cloudstack", >> "communicator": "ssh", >> "ssh_username": "{{user `ssh_username`}}", >> "ssh_handshake_attempts": 2, >> "ssh_password": "", >> >> "api_url": "{{user `api_url`}}", >> "api_key": "{{user `api_key`}}", >> "network": "{{user `network`}}", >> "secret_key": "{{user `secret_key`}}", >> "service_offering": "{{user `service_offering`}}", >> "source_template": "{{user `source_template`}}", >> "template_os": "{{user `template_os`}}", >> "zone": "{{user `zone`}}", >> "expunge": true, >> "public_ip_address": "{{user `public_ip`}}", >> >> "template_name": "{{user `template_name`}}-{{isotime \"020106-0304\"}}", >> "template_password_enabled": true, >> "template_scalable": true >> >> }], >> >> >> The part that is failing is SSH on to the newly built VM. >> >> >> "handshake error: ssh: handshake failed: ssh: unable to authenticate, >> attempted methods [none publickey], no supported methods remain" >> >> I am able to log in to the machine with the password generated by cloud >> stack (passwordenabled = true) but not with the generated key. When I log >> in with password I can't see any .ssh/ directory and therefore the >> temporary public key isn't in the correct authorized_keys file. >> >> That explains why SSH fails, it is trying public key auth but can't do it. >> >> However, when using winrm communicator with windows VMs, if >> winrm_password is left blank or is left out entirely then it defaults to >> the generated password. Is this not possible with the SSH communicator? >> >> Or is there a reason that the public key isn't being put on to the VM in >> the first place? >> >> -- >> This mailing list is governed under the HashiCorp Community Guidelines - >> https://www.hashicorp.com/community-guidelines.html. Behavior in >> violation of those guidelines may result in your removal from this mailing >> list. >> >> GitHub Issues: https://github.com/mitchellh/packer/issues >> IRC: #packer-tool on Freenode >> --- >> You received this message because you are subscribed to the Google Groups >> "Packer" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/packer-tool/ad3279b3-dd6c-4392-aaa3-883e0c223910%40googlegroups.com >> >> <https://groups.google.com/d/msgid/packer-tool/ad3279b3-dd6c-4392-aaa3-883e0c223910%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/329d81fa-8b24-4887-ae33-d40cf2a759d0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
