Think I understand the problem! There is no /etc/cloud
That suggests cloud-init isn't even installed? That means the people who looked after our templates previously didn't install it. Easy enough to fix :) Thanks for your help Rickard On Tuesday, September 19, 2017 at 3:20:33 PM UTC+1, Rickard von Essen wrote: > > What's your CentOS and cloud-init version? > > What's the content of /etc/cloud/cloud.cfg ? > > On 19 September 2017 at 15:57, David Curran <[email protected] > <javascript:>> wrote: > >> Odd thing is, they file isn't created in /var/log and I can't find it >> anywhere else. It's there on the successful Ubuntu builds but not for CentOS >> >> I got the previous log messages from /var/log/messages but that's all >> there was relating to "cloud" >> >> On Tuesday, September 19, 2017 at 2:45:10 PM UTC+1, Rickard von Essen >> wrote: >>> >>> So then the problem is that the cloud-init in the template doesn't add >>> that to the user you expect. >>> Do you have a logline similar to "ci-info: no authorized ssh keys >>> fingerprints found for user XXX" in /var/log/cloud-init-output.log >>> >>> On 19 September 2017 at 15:32, David Curran <[email protected]> wrote: >>> >>>> Yes, that was the link I used to get the public key into my >>>> authorized_keys file >>>> >>>> On Tuesday, September 19, 2017 at 2:31:09 PM UTC+1, Rickard von Essen >>>> wrote: >>>>> >>>>> Does curl http://192.168.1.1/latest/meta-data/public-keys give you >>>>> the pub key for the keypair? >>>>> >>>>> On 19 September 2017 at 15:26, David Curran <[email protected]> >>>>> wrote: >>>>> >>>>>> Thanks Rickard, >>>>>> >>>>>> I've run with -on-error=ask and I'm able to log in with the generated >>>>>> password, find the temporary public key has not been put on the server >>>>>> and >>>>>> no .ssh directory exists. Once I add the public key ro .ssh/authorized >>>>>> keys >>>>>> and retry the rest of the process completes without a hitch. >>>>>> >>>>>> This is what I get back from the URLs the page you linked show >>>>>> >>>>>> [root@localhost ~]# curl http://192.168.1.1/latest/user-data >>>>>> >>>>>> [root@localhost ~]# curl http://192.168.1.1/latest/meta-data >>>>>> service-offering >>>>>> availability-zone >>>>>> local-ipv4 >>>>>> local-hostname >>>>>> public-ipv4 >>>>>> public-hostname >>>>>> instance-id >>>>>> vm-id >>>>>> public-keys >>>>>> cloud-identifier >>>>>> >>>>>> [root@localhost ~]# curl >>>>>> http://192.168.1.1/latest/meta-data/cloud-identifier >>>>>> CloudStack-{2f818df1-6d64-40e2-aa67-9bfa3a6a6637} >>>>>> >>>>>> >>>>>> [root@localhost ~]# curl >>>>>> http://192.168.1.1/latest/meta-data/public-ipv4 >>>>>> x.x.x.x >>>>>> >>>>>> [root@localhost ~]# curl >>>>>> http://192.168.1.1/latest/meta-data/local-ipv4 >>>>>> 192.168.1.71 >>>>>> >>>>>> This is what I see in logs: >>>>>> Sep 19 13:14:59 localhost rc.local: Starting cloud cloud-set-guest- >>>>>> password. >>>>>> Sep 19 13:15:09 localhost cloud: Found password server IP 192.168.1.1 >>>>>> in /var/lib/NetworkManager/dhclient-3f280eb6-a130-4589-9cd4- >>>>>> 4947081d6ae8-eno16777752.lease >>>>>> Sep 19 13:15:09 localhost cloud: Sending request to password server >>>>>> at 192.168.1.1 >>>>>> Sep 19 13:15:10 localhost cloud: Got response from server at 192.168. >>>>>> 1.1 >>>>>> Sep 19 13:15:10 localhost cloud: VM got a valid password from server >>>>>> at 192.168.1.1 >>>>>> Sep 19 13:15:10 localhost cloud: Changing password ... >>>>>> Sep 19 13:15:10 localhost cloud: Sending acknowledgment to password >>>>>> server at 192.168.1.1 >>>>>> >>>>>> Don't see anything in our external logging either that sheds any light >>>>>> >>>>>> >>>>>> On Tuesday, September 19, 2017 at 12:47:53 PM UTC+1, Rickard von >>>>>> Essen wrote: >>>>>>> >>>>>>> I would start by creating a template where you have some fixed >>>>>>> credentials that you can use for debugging (or use the console). Run >>>>>>> packer >>>>>>> build --on-error=ask, so when it fails you have time to troubleshoot. >>>>>>> >>>>>>> Jump into the node to debug if cloud-init is functioning as it >>>>>>> should, see >>>>>>> http://cloudinit.readthedocs.io/en/latest/topics/datasources/cloudstack.html >>>>>>> >>>>>>> You should be able to curl down the public key for the key-pair >>>>>>> somewhere on http://10.1.1.1/latest/user-data. Then check the >>>>>>> cloud-init logs to see if there is any error configuring you image. >>>>>>> >>>>>>> If you get stuck post some more details here. >>>>>>> >>>>>>> On 19 September 2017 at 13:26, David Curran <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> I'm trying to build CentOS templates in cloudstack using Packer. >>>>>>>> >>>>>>>> Below is a config.json that works for ubuntu using temporary keys: >>>>>>>> >>>>>>>> >>>>>>>> "builders": [{ >>>>>>>> "type": "cloudstack", >>>>>>>> "communicator": "ssh", >>>>>>>> "ssh_username": "{{user `ssh_username`}}", >>>>>>>> "ssh_handshake_attempts": 2, >>>>>>>> "ssh_password": "", >>>>>>>> >>>>>>>> "api_url": "{{user `api_url`}}", >>>>>>>> "api_key": "{{user `api_key`}}", >>>>>>>> "network": "{{user `network`}}", >>>>>>>> "secret_key": "{{user `secret_key`}}", >>>>>>>> "service_offering": "{{user `service_offering`}}", >>>>>>>> "source_template": "{{user `source_template`}}", >>>>>>>> "template_os": "{{user `template_os`}}", >>>>>>>> "zone": "{{user `zone`}}", >>>>>>>> "expunge": true, >>>>>>>> "public_ip_address": "{{user `public_ip`}}", >>>>>>>> >>>>>>>> "template_name": "{{user `template_name`}}-{{isotime >>>>>>>> \"020106-0304\"}}", >>>>>>>> "template_password_enabled": true, >>>>>>>> "template_scalable": true >>>>>>>> >>>>>>>> }], >>>>>>>> >>>>>>>> >>>>>>>> The part that is failing is SSH on to the newly built VM. >>>>>>>> >>>>>>>> >>>>>>>> "handshake error: ssh: handshake failed: ssh: unable to >>>>>>>> authenticate, attempted methods [none publickey], no supported methods >>>>>>>> remain" >>>>>>>> >>>>>>>> I am able to log in to the machine with the password generated by >>>>>>>> cloud stack (passwordenabled = true) but not with the generated key. >>>>>>>> When I >>>>>>>> log in with password I can't see any .ssh/ directory and therefore the >>>>>>>> temporary public key isn't in the correct authorized_keys file. >>>>>>>> >>>>>>>> That explains why SSH fails, it is trying public key auth but can't >>>>>>>> do it. >>>>>>>> >>>>>>>> However, when using winrm communicator with windows VMs, if >>>>>>>> winrm_password is left blank or is left out entirely then it defaults >>>>>>>> to >>>>>>>> the generated password. Is this not possible with the SSH communicator? >>>>>>>> >>>>>>>> Or is there a reason that the public key isn't being put on to the >>>>>>>> VM in the first place? >>>>>>>> >>>>>>>> -- >>>>>>>> This mailing list is governed under the HashiCorp Community >>>>>>>> Guidelines - https://www.hashicorp.com/community-guidelines.html. >>>>>>>> Behavior in violation of those guidelines may result in your removal >>>>>>>> from >>>>>>>> this mailing list. >>>>>>>> >>>>>>>> GitHub Issues: https://github.com/mitchellh/packer/issues >>>>>>>> IRC: #packer-tool on Freenode >>>>>>>> --- >>>>>>>> You received this message because you are subscribed to the Google >>>>>>>> Groups "Packer" group. >>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>> send an email to [email protected]. >>>>>>>> To view this discussion on the web visit >>>>>>>> https://groups.google.com/d/msgid/packer-tool/ad3279b3-dd6c-4392-aaa3-883e0c223910%40googlegroups.com >>>>>>>> >>>>>>>> <https://groups.google.com/d/msgid/packer-tool/ad3279b3-dd6c-4392-aaa3-883e0c223910%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>>>> . >>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>> >>>>>>> >>>>>>> -- >>>>>> This mailing list is governed under the HashiCorp Community >>>>>> Guidelines - https://www.hashicorp.com/community-guidelines.html. >>>>>> Behavior in violation of those guidelines may result in your removal >>>>>> from >>>>>> this mailing list. >>>>>> >>>>>> GitHub Issues: https://github.com/mitchellh/packer/issues >>>>>> IRC: #packer-tool on Freenode >>>>>> --- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "Packer" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/d/msgid/packer-tool/329d81fa-8b24-4887-ae33-d40cf2a759d0%40googlegroups.com >>>>>> >>>>>> <https://groups.google.com/d/msgid/packer-tool/329d81fa-8b24-4887-ae33-d40cf2a759d0%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>> >>>>> >>>>> -- >>>> This mailing list is governed under the HashiCorp Community Guidelines >>>> - https://www.hashicorp.com/community-guidelines.html. Behavior in >>>> violation of those guidelines may result in your removal from this mailing >>>> list. >>>> >>>> GitHub Issues: https://github.com/mitchellh/packer/issues >>>> IRC: #packer-tool on Freenode >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "Packer" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/packer-tool/cae34e4c-f42c-4633-976a-5a6514b929ea%40googlegroups.com >>>> >>>> <https://groups.google.com/d/msgid/packer-tool/cae34e4c-f42c-4633-976a-5a6514b929ea%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> -- >> This mailing list is governed under the HashiCorp Community Guidelines - >> https://www.hashicorp.com/community-guidelines.html. Behavior in >> violation of those guidelines may result in your removal from this mailing >> list. >> >> GitHub Issues: https://github.com/mitchellh/packer/issues >> IRC: #packer-tool on Freenode >> --- >> You received this message because you are subscribed to the Google Groups >> "Packer" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/packer-tool/832a1c19-7096-4f88-88e8-e96a12404794%40googlegroups.com >> >> <https://groups.google.com/d/msgid/packer-tool/832a1c19-7096-4f88-88e8-e96a12404794%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> >> For more options, visit https://groups.google.com/d/optout. >> > > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/f2ce498a-38c1-4eaf-b190-51291fd721df%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
