Fuel for OpenStack

[image provisioning] Ssh keys aren't uploaded to slaves during provisioning in case of image based provisioning

Bug #1378832 reported by Andrey Sledzinskiy on 2014-10-08

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Fuel for OpenStack	Fix Released	Medium	Vladimir Kozhukalov	Fuel for OpenStack 6.0

Bug Description

custom iso with image-based provisioning
{

    "build_id": "2014-10-07_13-04-02",
    "ostf_sha": "45fe4038ba861673f3a6877d64582c2f66607d30",
    "build_number": "465",
    "auth_required": true,
    "api": "1.0",
    "nailgun_sha": "6ba1397de286eddd9d404f93303e34320849ad90",
    "production": "docker",
    "fuelmain_sha": "d4aa7399ba28fcd643ae0b07b7ce0a71e87c6749",
    "astute_sha": "157fcf2037205f0696816cb41b9db6a04fdc1ab4",
    "feature_groups": [
        "mirantis",
        "experimental",
        "imagebased"
    ],
    "release": "6.0",
    "release_versions": {
        "2014.2-6.0": {
            "VERSION": {
                "build_id": "2014-10-07_13-04-02",
                "ostf_sha": "45fe4038ba861673f3a6877d64582c2f66607d30",
                "build_number": "465",
                "api": "1.0",
                "nailgun_sha": "6ba1397de286eddd9d404f93303e34320849ad90",
                "production": "docker",
                "fuelmain_sha": "d4aa7399ba28fcd643ae0b07b7ce0a71e87c6749",
                "astute_sha": "157fcf2037205f0696816cb41b9db6a04fdc1ab4",
                "feature_groups": [
                    "mirantis",
                    "experimental",
                    "imagebased"
                ],
                "release": "6.0",
                "fuellib_sha": "e43e9ba98f33f8fced49dcbac35847b42c04bc82"
            }
        }
    },
    "fuellib_sha": "e43e9ba98f33f8fced49dcbac35847b42c04bc82"

}

Steps:
1. Create simple cluster with all default values - 1 controller, 1 compute, 1 cinder nodes
2. Deploy cluster
3. Ssh to master node
4. Try to ssh to any slave from master

Expected - it's possible to ssh to slave from master
Actual - connection impossible because there is no authorized keys on slaves

Logs are attached

Revision history for this message

Andrey Sledzinskiy (asledzinskiy) wrote on 2014-10-08:

fuel-snapshot-2014-10-08_09-44-09.tgz Edit (59.6 MiB, application/x-tar)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-10-09: Fix proposed to fuel-library (master)

Fix proposed to branch: master
Review: https://review.openstack.org/127158

Changed in fuel:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-10-13: Fix merged to fuel-library (master)

Reviewed: https://review.openstack.org/127158
Committed: https://git.openstack.org/cgit/stackforge/fuel-library/commit/?id=5106d31ee80a683c618fada7b0186263e1d20a28
Submitter: Jenkins
Branch: master

commit 5106d31ee80a683c618fada7b0186263e1d20a28
Author: Vladimir Kozhukalov <email address hidden>
Date: Thu Oct 9 11:26:02 2014 +0400

Added AUTHORIZED_KEYS field into settings.yaml.erb

    This is for making it possible for nailgun to pass
    default (aka system) public key into provisioning data
    so as to put them on a target node apart from user
    defined public key.

Related PR to fuel-web is
https://review.openstack.org/#/c/127490/

    Change-Id: Id5dff61444d7dfb278e0ae6c49b0f772ff68ffd6
    Closes-Bug: 1378832
    Implements: blueprint image-based-provisioning

Changed in fuel:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-10-13: Fix merged to fuel-web (master)

Reviewed: https://review.openstack.org/127490
Committed: https://git.openstack.org/cgit/stackforge/fuel-web/commit/?id=0425f9ac78ad546cf75c85d64ce8630beeb3a168
Submitter: Jenkins
Branch: master

commit 0425f9ac78ad546cf75c85d64ce8630beeb3a168
Author: Vladimir Kozhukalov <email address hidden>
Date: Fri Oct 10 14:53:36 2014 +0400

Added ATHORIZED_KEYS into settings.yaml

    We have two types of ssh keys:
    1) system which is from /root/.ssh/id_rsa.pub
    2) user defined which is set by user via web interface

    Cobbler during provisioning gets user defined
    ssh key from provisioning data (come from nailgun
    provisioning serializer) and system ssh key directly
    from /etc/cobbler/authorized_keys.

    Image based provisioning is implemented as fully
    data driven process. So we need system ssh public key
    to come inside provisioning data and to make nailgun
    able to put this key into provisioning data we need
    to have this key in settings.yaml.

    Besides there is a PR to fuel-library. This patch is
    about putting system ssh public key into settings.yaml
    during master node deployment. For details see
    https://review.openstack.org/#/c/127158/

    Change-Id: If3d44903cb8f1ca6636041905dc269edf5088494
    Implements: blueprint image-based-provisioning
    Closes-Bug: 1378832

Revision history for this message

Kirill Omelchenko (komelchenko) wrote on 2014-11-18:

Verified.
{
   "build_id":"2014-11-17_17-53-34",
   "ostf_sha":"82465a94eed4eff1fc8d8e1f2fb7e9993c22f068",
   "build_number":"504",
   "auth_required":true,
   "api":"1.0",
   "nailgun_sha":"8d23d1b1bcd9213a70a40c38c3c1486d215d40b5",
   "production":"docker",
   "fuelmain_sha":"8d4943d5ead7a894d4af5e10172510fa60eeed84",
   "astute_sha":"65eb911c38afc0e23d187772f9a05f703c685896",
   "feature_groups":[
      "mirantis",
      "experimental"
   ],
   "release":"6.0",
   "release_versions":{
      "2014.2-6.0":{
         "VERSION":{
            "build_id":"2014-11-17_17-53-34",
            "ostf_sha":"82465a94eed4eff1fc8d8e1f2fb7e9993c22f068",
            "build_number":"504",
            "api":"1.0",
            "nailgun_sha":"8d23d1b1bcd9213a70a40c38c3c1486d215d40b5",
            "production":"docker",
            "fuelmain_sha":"8d4943d5ead7a894d4af5e10172510fa60eeed84",
            "astute_sha":"65eb911c38afc0e23d187772f9a05f703c685896",
            "feature_groups":[
               "mirantis"
            ],
            "release":"6.0",
            "fuellib_sha":"8a0ceff90777af75a3f9363a57185e608f3ee10d"
         }
      }
   },
   "fuellib_sha":"8a0ceff90777af75a3f9363a57185e608f3ee10d"
}

Changed in fuel:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

fuel-snapshot-2014-10-08_09-44-09.tgz Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.