Azure: Azure datasource needs to wait longer for SSH pubkey to be dropped by waagent

Bug #1717611 reported by Paul Meyer on 2017-09-15
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
cloud-init
Medium
Paul Meyer

Bug Description

In Azure SSH pubkeys are transported in a certificate through the wireserver protocol. When cloud-init is configured to use waagent, which is the current default, cloud-init will wait maxwait=60 seconds for waagent to drop the .crt files corresponding to the fingerprint that was mentioned in the ovf-env.xml.
We've had a couple of cases where the wireserver was flaky from more than 1 minute during provisioning which yielded a user without password or keys. These VM's are not usable without further action, we would rather have cloud-init wait forever for these .crt files to be provided. Azure VM provisioning will timeout and kill the VM when provisioning takes too long.

Related branches

Paul Meyer (paul-meyer) wrote :

Sep 14 10:52:27 vm0000TL cloud-init[1032]: 2017-09-14 10:52:22,886 - DataSourceAzure.py[WARNING]: Still missing files after 60 seconds: {'/var/lib/waagent/F87B398E4F6D8385585D905BA9166BB0EACB1A98.crt'}
Sep 14 10:52:27 vm0000TL cloud-init[1032]: 2017-09-14 10:52:22,887 - DataSourceAzure.py[WARNING]: Did not find files, but going on: {'/var/lib/waagent/F87B398E4F6D8385585D905BA9166BB0EACB1A98.crt'}
Sep 14 10:52:27 vm0000TL cloud-init[1032]: 2017-09-14 10:52:22,919 - DataSourceAzure.py[WARNING]: failed to convert the crt files to pubkey: ['/var/lib/waagent/F87B398E4F6D8385585D905BA9166BB0EACB1A98.crt']

Paul Meyer (paul-meyer) wrote :

Decided to cap timeout at 900 sec in MP discussion

summary: - Azure: Azure datasource needs to wait forever for SSH pubkey to be
+ Azure: Azure datasource needs to wait longer for SSH pubkey to be
dropped by waagent
Chad Smith (chad.smith) on 2017-09-18
Changed in cloud-init:
status: New → Fix Committed
assignee: nobody → Paul Meyer (paul-meyer)
importance: Undecided → Medium
Paul Meyer (paul-meyer) on 2017-09-18
description: updated

This bug is believed to be fixed in cloud-init in ['17.1']. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

This bug is believed to be fixed in cloud-init in 17.1. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Scott Moser (smoser) on 2017-09-23
Changed in cloud-init:
status: Fix Committed → Fix Released
Rakesh (rp2343) wrote :

I am using Ubuntu-17.1 Azure VM image but couldn't see the bug being fixed yet.

$ cat /etc/os-release
NAME="Ubuntu"
VERSION="17.04 (Zesty Zapus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 17.04"
VERSION_ID="17.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=zesty
UBUNTU_CODENAME=zesty

~$ uname -a
Linux ubuntujumpvm1 4.10.0-32-generic #36-Ubuntu SMP Tue Aug 8 12:10:06 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

# dpkg -l |grep -i cloud
ii cloud-guest-utils 0.30-0ubuntu2 all cloud guest utilities
ii cloud-init 0.7.9-153-g16a7302f-0ubuntu1~17.04.2 all Init scripts for cloud instances

~/cloud-init-0.7.9-233-ge586fe35/cloudinit/sources$ less DataSourceAzure.py
def wait_for_files(flist, maxwait=60, naplen=.5, log_pre=""):
    need = set(flist)
    waited = 0

Chad Smith (chad.smith) wrote :

Rakesh, thanks for the feedback here. Unfortunately the version you have listed is cloud-init vesion 0.7.9 instead of our new cloud-init 17.1. We have not yet published cloud-init to xenial-updates, it is still in xenial-proposed, but this fix will land/publish this week I expect.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers