Dear everyone,
Did a draft on Creating Linux template guide you can find it here -
https://github.com/apache/cloudstack-documentation/pull/215.
A separate page has been done that can be considered as additions to
the basic Linux guide. It relates to cloud-init and its features that serve as
a middleware to Cloudstack instances GUI functions.
Guides are based on the following scripts:
- Centos 7 -
https://github.com/dredknight/cloud_scripts/blob/master/CloudStack-Xen/templates/centos7_clean.bash
- Ubuntu 20 -
https://github.com/dredknight/cloud_scripts/blob/master/CloudStack-Xen/templates/ubuntu20_prep_clean.bash
Could you take a look and let me know if anything needs to be changed -
technical or format wise?
During tests all features seem to work fine with the following
peculiarity.
- When ssh keys are reset in coudstack, the public key is added in
/home/cloud-user/.ssh/authorized_keys but the old one is not removed.
This means that users having previous private keys will still be able
to login is there a way Cloudstack to delete the old key?
Best regards,
Jordan
-----Original Message-----
From: Alireza Eskandari <astro.alir...@gmail.com>
Sent: Sunday, May 23, 2021 1:53 AM
To: users@cloudstack.apache.org
Subject: Re: Centos 7.9 - cloud-init password reset?
[X] This message came from outside your organization
It seems cloud-init cannot execute the script so it shows an error but the
script is running fine standalone.
I'll try it on centos stream.
Notice that cloud-init can handle password and ssh key from user data server
without extra script, but it can't reset ssh key or set password from
configdrive.
The script resolves these problems.
On Fri, May 21, 2021 at 12:45 AM 조대형 <carl...@renet.kr> wrote:
> Hi,
>
> I have attached the logs that I execute the password script and cloud-init.
>
> # ./password.bash
>
> Results : executed password reset file.
>
> Cloud Password Manager: Searching for ConfigDrive Cloud Password
> Manager: ConfigDrive not found Cloud Password Manager: Detecting
> primary network Cloud Password Manager: Trying to find userdata server
> Cloud Password Manager: Operating System is using NetworkManager Cloud
> Password Manager: Found userdata server IP VR's IP address in
> NetworkManager config Cloud Password Manager: Sending request to
> userdata server at VR's IP address to get public key Cloud Password
> Manager: Got response from userdata server at VR's IP address Cloud
> Password Manager: Did not receive any public keys from userdata server
> Cloud Password Manager: Sending request to userdata server at VR's IP
> address to get the password Cloud Password Manager: Got response from
> userdata server at VR's IP address Cloud Password Manager: VM has
> already saved a password from the userdata server at VR's IP address
>
>
>
> # cloud-init init
>
> Cloud-init v. 20.3-10.el8 running 'init' at Fri, 21 May 2021 04:40:34
> +0000. Up 268624.75 seconds.
> ci-info: +++++++++++++++++++++++++++++++++++++++Net device
> info++++++++++++++++++++++++++++++++++++++++
> ci-info:
> +--------+------+-----------------------------+-----------------+--------+-------------------+
> ci-info: | Device | Up | Address | Mask |
> Scope | Hw-Address |
> ci-info:
> +--------+------+-----------------------------+-----------------+--------+-------------------+
> ci-info: | eth0 | True | VR'S IP address1 |
> 255.255.255.192 | global | 1e:00:8f:00:02:8f |
> ci-info: | eth0 | True | fe80::1c00:8fff:fe00:28f/64 | .
> | link | 1e:00:8f:00:02:8f |
> ci-info: | lo | True | 127.0.0.1 | 255.0.0.0
> | host | . |
> ci-info: | lo | True | ::1/128 | .
> | host | . |
> ci-info:
> +--------+------+-----------------------------+-----------------+--------+-------------------+
> ci-info: +++++++++++++++++++++++++++++Route IPv4
> info++++++++++++++++++++++++++++++
> ci-info:
> +-------+-------------+------------+-----------------+-----------+-------+
> ci-info: | Route | Destination | Gateway | Genmask | Interface
> | Flags |
> ci-info:
> +-------+-------------+------------+-----------------+-----------+-------+
> ci-info: | 0 | 0.0.0.0 | x.x.x.1 | 0.0.0.0 | eth0 |
> UG |
> ci-info: | 1 | x.x.x.0 | 0.0.0.0 | 255.255.255.192 | eth0 |
> U |
> ci-info:
> +-------+-------------+------------+-----------------+-----------+-------+
> ci-info: +++++++++++++++++++Route IPv6 info+++++++++++++++++++
> ci-info: +-------+-------------+---------+-----------+-------+
> ci-info: | Route | Destination | Gateway | Interface | Flags |
> ci-info: +-------+-------------+---------+-----------+-------+
> ci-info: | 1 | fe80::/64 | :: | eth0 | U |
> ci-info: | 3 | local | :: | eth0 | U |
> ci-info: | 4 | ff00::/8 | :: | eth0 | U |
> ci-info: +-------+-------------+---------+-----------+-------+
> [root@CentOS8pass ~]# cd /var/log/cloud-init
> cloud-init.log cloud-init-output.log
> [root@CentOS8pass ~]# cd /var/log/cloud-init.log
> -bash: cd: /var/log/cloud-init.log: Not a directory [root@CentOS8pass
> ~]# cat /var/log/cloud-init.log | grep password
> 2021-05-18 02:03:39,575 - subp.py[DEBUG]: Running command ['wget',
> '--quiet', '--tries', '3', '--timeout', '20', '--output-document',
> '-', '--header', 'DomU_Request: send_my_password', 'VR'S IP
> address:8080'] with allowed return codes [0] (shell=False,
> capture=True)
> 2021-05-18 02:03:39,598 - subp.py[DEBUG]: Running command ['wget',
> '--quiet', '--tries', '3', '--timeout', '20', '--output-document',
> '-', '--header', 'DomU_Request: saved_password', 'VR'S IP
> address:8080'] with allowed return codes [0] (shell=False,
> capture=True)
> 2021-05-18 02:03:40,785 - subp.py[DEBUG]: Running command
> ['/var/lib/cloud/scripts/per-instance/password.bash'] with allowed
> return codes [0] (shell=False, capture=False)
> Command: ['/var/lib/cloud/scripts/per-instance/password.bash']
> Reason: [Errno 8] Exec format error:
> b'/var/lib/cloud/scripts/per-instance/password.bash'
> RuntimeError: Runparts: 1 failures (password.bash) in 1 attempted
> commands
> 2021-05-21 04:40:34,599 - subp.py[DEBUG]: Running command ['wget',
> '--quiet', '--tries', '3', '--timeout', '20', '--output-document',
> '-', '--header', 'DomU_Request: send_my_password', 'VR'S IP
> address:8080'] with allowed return codes [0] (shell=False,
> capture=True)
>
>
> -----Original Message-----
> From: Alireza Eskandari [mailto:astro.alir...@gmail.com]
> Sent: Thursday, May 20, 2021 9:46 PM
> To: users@cloudstack.apache.org
> Subject: Re: Centos 7.9 - cloud-init password reset?
>
> Before trying to run it by cloud-init, run the script manually and
> examine the output log so ensure it is working as expected.
> Are you sure that cloud-init is running correctly? You can check the
> log of cloid-init
>
> On Thu, May 20, 2021, 11:23 조대형 <carl...@renet.kr> wrote:
>
> > Hi, All
> >
> > #1 Issue. Tested on CentOS8-Stream.
> > I have tested the script this;
> > https://urldefense.com/v3/__https://github.com/apache/cloudstack/pul
> > l/4890/files__;!!A6UyJA!yR2trQHUBLsjM1ZHCvV4rHbvZtqjfKew-I37A9mNtMlk
> > nz8k9iGFBp7Yzc9XLEuRVgWVAngjieId$
> >
> > I put this script into
> > /var/lib/cloud/scripts/per-instance/password.bash
> > file which is executable.
> > And turn off the VM. Then Create the template.
> >
> > Resetting the root Password on Cloudstack, it was not worked.
> >
> > Did I miss something?
> >
> >
> >
> > #2 Issue.
> > On Cloudstack, I can't use VNC console.
> > The following error message is poped up.
> >
> >
> >
> https://urldefense.com/v3/__https://drive.google.com/file/d/1AR8ijZ9K3
> ZCseIM7069-d589o8AM76gT/view?usp=sharing__;!!A6UyJA!yR2trQHUBLsjM1ZHCv
> V4rHbvZtqjfKew-I37A9mNtMlknz8k9iGFBp7Yzc9XLEuRVgWVAuU7pDba$
> >
> >
> > Please, give me some advice to resolve those issues.
> >
> >
> >
> >
> > Thanks,
> >
> >
> >
> >
> > -----Original Message-----
> > From: Alireza Eskandari [mailto:astro.alir...@gmail.com]
> > Sent: Saturday, May 15, 2021 12:32 AM
> > To: users@cloudstack.apache.org
> > Subject: Re: Centos 7.9 - cloud-init password reset?
> >
> > Take a look at this pr:
> > https://urldefense.com/v3/__https://github.com/apache/cloudstack/pul
> > l/4890__;!!A6UyJA!yR2trQHUBLsjM1ZHCvV4rHbvZtqjfKew-I37A9mNtMlknz8k9i
> > GFBp7Yzc9XLEuRVgWVAhGhCv2d$
> >
> > On Fri, May 14, 2021, 17:08 Yordan Kostov <yord...@nsogroup.com> wrote:
> >
> > > Hey Andrija and 조대형,
> > >
> > > Here is a script a threw
> > >
> >
> https://urldefense.com/v3/__https://github.com/dredknight/cloud_script
> s/blob/master/CloudStack-Xen/centos7_prep.bash__;!!A6UyJA!yR2trQHUBLsj
> M1ZHCvV4rHbvZtqjfKew-I37A9mNtMlknz8k9iGFBp7Yzc9XLEuRVgWVAr2oXtYa$
> > > It implements the following features:
> > > - some OS prep + install some packets
> > > - install cloud-init related packets
> > >
> > > Cloud-init features:
> > > - datasources - sets as ConfigDrive and CloudStack as
> > > default datasources
> > > - password + reset
> > > - makes password module run on every boot instead
> > > of
> once
> > > per instance - - cloud.cfg
> > > - assigns user with name cloud-user to be
> > > integrated
> with
> > > Cloudstack (initial password set + reset) - 80_root.cfg
> > > - autoextend root partition (only) upon resize from
> > > Cloudstack
> > GUI
> > > - uses growpart to rewrite MBR tables -
> > 50_growpartion.cfg
> > > - adds additional commands to extend PVS, VGS and
> > > LVS after that - 51_extend_volume.cfg
> > >
> > > Script is in a bit of raw shape but it works.
> > > Currently I am doing similar script for Ubuntu.
> > >
> > > Thanks for the heads up Andrija, I have to do a documentation for
> > > the
> > team
> > > anyway so I better contribute to what is already existing instead
> > > of
> > doing
> > > it from scratch 😊.
> > >
> > > Btw if anyone has some tips on the cloud-init feature for the SSH
> > > keys
> I
> > > would like to add that too to the bundle.
> > >
> > > Best regards,
> > > Jordan
> > >
> > >
> > > -----Original Message-----
> > > From: 조대형 <carl...@renet.kr>
> > > Sent: Friday, May 14, 2021 7:14 AM
> > > To: users@cloudstack.apache.org
> > > Subject: RE: Centos 7.9 - cloud-init password reset?
> > >
> > >
> > > [X] This message came from outside your organization
> > >
> > >
> > > Hi, Jordan.
> > >
> > > I am the one who is testing the same solution and need a solution.
> > > Can you share the knowledge?
> > >
> > > Thanks in advance.
> > >
> > > Thanks,
> > >
> > >
> > > -----Original Message-----
> > > From: Andrija Panic [mailto:andrija.pa...@gmail.com]
> > > Sent: Friday, May 14, 2021 7:24 AM
> > > To: users
> > > Subject: Re: Centos 7.9 - cloud-init password reset?
> > >
> > > Would it be nice if you could update the ACS documentation on the
> > > password-reset script, to very briefly explain how the same can be
> > achieved
> > > with cloud-init, and what to look-for (i.e. issues you had etc)
> > >
> > > This would help the product and other users which might have the
> > > same issue.
> > >
> > > Thanks,
> > >
> > > On Thu, 13 May 2021 at 11:27, Yordan Kostov <yord...@nsogroup.com>
> > wrote:
> > >
> > > > Thank you Alireza!
> > > >
> > > > I tested it and it is working!
> > > >
> > > > Best regards,
> > > > Jordan
> > > >
> > > > -----Original Message-----
> > > > From: Yordan Kostov <yord...@nsogroup.com>
> > > > Sent: Wednesday, May 12, 2021 1:17 PM
> > > > To: users@cloudstack.apache.org
> > > > Subject: RE: Centos 7.9 - cloud-init password reset?
> > > >
> > > >
> > > > [X] This message came from outside your organization
> > > >
> > > >
> > > > Thank you Alireza,
> > > >
> > > > I am currently reconfiguring the template from scratch
> > > > and will test!
> > > >
> > > > Best regards,
> > > > Jordan
> > > >
> > > > -----Original Message-----
> > > > From: Alireza Eskandari <astro.alir...@gmail.com>
> > > > Sent: Tuesday, May 11, 2021 5:09 PM
> > > > To: users@cloudstack.apache.org
> > > > Subject: Re: Centos 7.9 - cloud-init password reset?
> > > >
> > > >
> > > > [X] This message came from outside your organization
> > > >
> > > >
> > > > Hi
> > > > You should check log files in /run/cloud-init directory for the
> > > > root
> > > cause.
> > > > If cloud-init cannot find the datasource, it won't run.
> > > > The better way to configure datasource in cloud-init is using
> > > > ds-identify.cfg file Delete
> "/etc/cloud/cloud.cfg.d/99_cloudstack.cfg"
> > > > and create "/etc/cloud/ds-identify.cfg" file with this content:
> > > > datasource: ConfigDrive, CloudStack Then check output of this
> > > > command:
> > > > DEBUG_LEVEL=2 DI_LOG=stderr /usr/lib/cloud-init/ds-identify
> > > > --force Unfortunately cloud-init is poorly documented and you
> > > > should do some try and error to fix it.
> > > > Take a look at this link:
> > > >
> > > >
> https://urldefense.com/v3/__https://cloudinit.readthedocs.io/en/latest
> > > >
> /topics/faq.html__;!!A6UyJA!2vfkFVGQOoMM0mDg1l-3C6bstn_Yp1e6L5bcnqYmIw
> > > > w2wWMz3EgdTU6-DlC5Z-6zLeBde_X0gZxc$
> > > >
> > > > On Tue, May 11, 2021 at 7:52 AM Yordan Kostov
> > > > <yord...@nsogroup.com>
> > > > wrote:
> > > >
> > > > > Hey everyone,
> > > > >
> > > > > I try to use cloud-init for password reset but
> > > > > for some reason it does not work. I thought it is out of the box ☹.
> Here
> > > > > is my
> > > > > config:
> > > > >
> > > > > == Centos 7.9 minimal
> > > > >
> > > > > yum -y install cloud-init cloud-utils-growpart systemctl
> > > > > enable cloud-init
> > > > >
> > > > > echo "datasource:
> > > > > CloudStack: {}
> > > > > None: {}
> > > > > datasource_list:
> > > > > CloudStack" > /etc/cloud/cloud.cfg.d/99_cloudstack.cfg
> > > > >
> > > > >
> > > > > echo "system_info:
> > > > > default_user:
> > > > > name: root
> > > > > disable_root: 0
> > > > > ssh_pwauth: 1" > /etc/cloud/cloud.cfg.d/80_root.cfg
> > > > >
> > > > > First and foremost cloud-init does not run at all. There is
> > > > > noting in the logs /var/logs/cloud-init.log When launched
> > > > > manual via cloud-init init, logs say it is all successful but
> > > > > root password is
> > > not changed.
> > > > >
> > > > > Not sure If I do something wrong but everyplace I do read says
> > > > > it should be working without pretty much complications.
> > > > > Do I do something wrong?
> > > > >
> > > > > Regards,
> > > > > Jordan
> > > > >
> > > >
> > >
> > >
> > > --
> > >
> > > Andrija Panić
> > >
> > >
> >
> >
>
>
