diskimage-builder

ironic-agent ramdisk does not generate SSH hostkey on boot

Bug #1556145 reported by aeva black on 2016-03-11

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	diskimage-builder	Fix Released	High	Gregory Haynes

Bug Description

When using debian, ubuntu, or ubuntu-minimal as the base OS for building a ramdisk from the "ironic-agent" element, the ramdisk does not generate an ssh host key on startup. This results in the inability to SSH into the ramdisk (eg, for debugging purposes). The symptom of this problem is that port 22 is open and SSH clients can initiate a connection, but the connection is closed at the KEYX stage of connection negotiation.

Environment:

Ubuntu 14.04.4 LTS
diskimage-builder==1.11.2.dev12

Example build command:

DIB_DEV_USER_USERNAME=stack DIB_DEV_USER_PWDLESS_SUDO=yes DIB_DEV_USER_AUTHORIZED_KEYS=/home/stack/.ssh/id_rsa.pub \
disk-image-create ironic-agent devuser ubuntu-minimal simple-init -p openssh-server -o ironic-agent

Tags:

Clint Byrum (clint-fewbar) on 2016-05-24

Changed in diskimage-builder:
importance:	Undecided → High

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-10-06: Fix proposed to diskimage-builder (master)

Fix proposed to branch: master
Review: https://review.openstack.org/383481

Changed in diskimage-builder:
assignee:	nobody → Gregory Haynes (greghaynes)
status:	New → In Progress

Stephane Miller (stephaneeee) on 2016-10-14

tags:

added: ironic

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-12-19: Fix merged to diskimage-builder (master)

Reviewed: https://review.openstack.org/383481
Committed: https://git.openstack.org/cgit/openstack/diskimage-builder/commit/?id=c67e7ed15ede7e3d387dca82c06845f0c0e332f9
Submitter: Jenkins
Branch: master

commit c67e7ed15ede7e3d387dca82c06845f0c0e332f9
Author: Gregory Haynes <email address hidden>
Date: Thu Oct 6 14:29:23 2016 -0700

Generate ssh-hostkeys on boot for ironic agent

Ironic agent images should have ssh hostkeys in image on boot.

Change-Id: If8d42bb8b8bff417d5b1d4d8bc371425697edde5
Closes-Bug: #1556145

Changed in diskimage-builder:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-01-25: Fix proposed to diskimage-builder (master)

Fix proposed to branch: master
Review: https://review.openstack.org/424988

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-01-25: Change abandoned on diskimage-builder (master)

Change abandoned by Ian Wienand (<email address hidden>) on branch: master
Review: https://review.openstack.org/424988
Reason: wrong branch

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-01-25: Fix proposed to diskimage-builder (feature/v2)

Fix proposed to branch: feature/v2
Review: https://review.openstack.org/424989

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-01-31: Change abandoned on diskimage-builder (feature/v2)

Change abandoned by Ian Wienand (<email address hidden>) on branch: feature/v2
Review: https://review.openstack.org/424989
Reason: i'm going to try this in smaller increments

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-02-02: Fix proposed to diskimage-builder (feature/v2)

Fix proposed to branch: feature/v2
Review: https://review.openstack.org/427984

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-02-02:

Fix proposed to branch: feature/v2
Review: https://review.openstack.org/428050

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-02-02: Change abandoned on diskimage-builder (feature/v2)

Change abandoned by Ian Wienand (<email address hidden>) on branch: feature/v2
Review: https://review.openstack.org/427984
Reason: oops, new version in Ib9eb3dd1d384fc5b6a9846608216e056c57a173a

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-02-02: Fix merged to diskimage-builder (feature/v2)

#10

Download full text (7.9 KiB)

Reviewed: https://review.openstack.org/428050
Committed: https://git.openstack.org/cgit/openstack/diskimage-builder/commit/?id=adf39c52cf483be06d000e659129c1eebb8533be
Submitter: Jenkins
Branch: feature/v2

commit 7603f97cadbf92c79549547dabbe252650343cac
Author: Gregory Haynes <email address hidden>
Date: Wed Dec 21 17:39:27 2016 +0000

Revert "Revert Xenial to Python 2"

We landed the fix for this in
Icdb769541eee9793f261b4b8ec563be76ee13fe2.

This reverts commit 2978ff885b1084fee923be7efcac3524d6ee2b56.

Change-Id: Iecfc41ab2aad57bc4f6f86a13810b534d19a8fd5

commit 54b2733ad8b5807fdae1267c5475d4a0fba38237
Author: Gregory Haynes <email address hidden>
Date: Wed Dec 21 08:17:40 2016 +0000

Dont run with VIRTUAL_ENV set

    debian ships a modified site.py which has some interesting behavior when
    VIRTUAL_ENV is set. In this case it will add
    /usr/lib/pythonx.x/site-packages to the start of sys.path. This causes
    pip to install packages to this location (rather than /usr/local). As a
    result, later on when booting where VIRTUAL_ENV is not set this branch
    is not hit and the path where python packages were installed is not part
    of sys.path.

Change-Id: Icdb769541eee9793f261b4b8ec563be76ee13fe2

commit 2978ff885b1084fee923be7efcac3524d6ee2b56
Author: Ian Wienand <email address hidden>
Date: Wed Dec 21 05:11:07 2016 +0000

Revert Xenial to Python 2

There are issues with pip packages and a python3 only Xenial systems.
This is occuring after Ie609de51cc5fcde701296c9474e315981d9778a2.

    We believe the issue is with VIRTUAL_ENV being set within the chroot
    and messing up pip installs
    (Icdb769541eee9793f261b4b8ec563be76ee13fe2) but a full solution is not
    yet clear.

    For now, set Xenial to ensure we use python2. Install the package for
    the ubuntu element (75-debian-minimal-baseinstall will install python2
    for the minimal elements).

Change-Id: Id403919b0af93b375a900186c01a0d3a3bdfafea

commit 9d9a1e3000b72a5ab2de0366d5068af89e252cd8
Author: Paul Belanger <email address hidden>
Date: Fri Dec 16 12:30:10 2016 -0500

Start func testing on centos-minimal again

Because we run this image in openstack-infra, we want to increase our
test coverage to help avoid potential breaks to our CI systems.

Change-Id: I26405e3f7465654075278ec35b5e0da1338bb45e
Signed-off-by: Paul Belanger <email address hidden>

commit d9dcb3fe99a4782b1cb4ddb9179a5e86ff73be96
Author: Paul Belanger <email address hidden>
Date: Fri Dec 16 11:42:59 2016 -0500

Increase func testing for ubuntu-minimal element

Since we still run these 3 version of ubuntu-minimal elements in
openstack-infra, also run functional testing for them.

Trusty and xenial will be in voting gate, precise added as skipped for
non-voting.

Add the default skip/run status to the "-l" output just to confirm
this too.

Change-Id: Icfbfd0cb7d9acae824972474b77e2fe0486c4f69
Signed-off-by: Paul Belanger <email address hidden>

commit 61087d33e9ef67f05ef4a3b0dfc90ab521604292
Author: Ian Wienand <iwienand@redhat...

Reviewed:  https://review.openstack.org/428050
Committed: https://git.openstack.org/cgit/openstack/diskimage-builder/commit/?id=adf39c52cf483be06d000e659129c1eebb8533be
Submitter: Jenkins
Branch:    feature/v2

commit 7603f97cadbf92c79549547dabbe252650343cac
Author: Gregory Haynes <greg@greghaynes.net>
Date:   Wed Dec 21 17:39:27 2016 +0000

Revert "Revert Xenial to Python 2"
    
    We landed the fix for this in
    Icdb769541eee9793f261b4b8ec563be76ee13fe2.
    
    This reverts commit 2978ff885b1084fee923be7efcac3524d6ee2b56.
    
    Change-Id: Iecfc41ab2aad57bc4f6f86a13810b534d19a8fd5

commit 54b2733ad8b5807fdae1267c5475d4a0fba38237
Author: Gregory Haynes <greg@greghaynes.net>
Date:   Wed Dec 21 08:17:40 2016 +0000

Dont run with VIRTUAL_ENV set
    
    debian ships a modified site.py which has some interesting behavior when
    VIRTUAL_ENV is set. In this case it will add
    /usr/lib/pythonx.x/site-packages to the start of sys.path. This causes
    pip to install packages to this location (rather than /usr/local). As a
    result, later on when booting where VIRTUAL_ENV is not set this branch
    is not hit and the path where python packages were installed is not part
    of sys.path.
    
    Change-Id: Icdb769541eee9793f261b4b8ec563be76ee13fe2

commit 2978ff885b1084fee923be7efcac3524d6ee2b56
Author: Ian Wienand <iwienand@redhat.com>
Date:   Wed Dec 21 05:11:07 2016 +0000

Revert Xenial to Python 2
    
    There are issues with pip packages and a python3 only Xenial systems.
    This is occuring after Ie609de51cc5fcde701296c9474e315981d9778a2.
    
    We believe the issue is with VIRTUAL_ENV being set within the chroot
    and messing up pip installs
    (Icdb769541eee9793f261b4b8ec563be76ee13fe2) but a full solution is not
    yet clear.
    
    For now, set Xenial to ensure we use python2.  Install the package for
    the ubuntu element (75-debian-minimal-baseinstall will install python2
    for the minimal elements).
    
    Change-Id: Id403919b0af93b375a900186c01a0d3a3bdfafea

commit 9d9a1e3000b72a5ab2de0366d5068af89e252cd8
Author: Paul Belanger <pabelanger@redhat.com>
Date:   Fri Dec 16 12:30:10 2016 -0500

Start func testing on centos-minimal again
    
    Because we run this image in openstack-infra, we want to increase our
    test coverage to help avoid potential breaks to our CI systems.
    
    Change-Id: I26405e3f7465654075278ec35b5e0da1338bb45e
    Signed-off-by: Paul Belanger <pabelanger@redhat.com>

commit d9dcb3fe99a4782b1cb4ddb9179a5e86ff73be96
Author: Paul Belanger <pabelanger@redhat.com>
Date:   Fri Dec 16 11:42:59 2016 -0500

Increase func testing for ubuntu-minimal element
    
    Since we still run these 3 version of ubuntu-minimal elements in
    openstack-infra, also run functional testing for them.
    
    Trusty and xenial will be in voting gate, precise added as skipped for
    non-voting.
    
    Add the default skip/run status to the "-l" output just to confirm
    this too.
    
    Change-Id: Icfbfd0cb7d9acae824972474b77e2fe0486c4f69
    Signed-off-by: Paul Belanger <pabelanger@redhat.com>

commit 61087d33e9ef67f05ef4a3b0dfc90ab521604292
Author: Ian Wienand <iwienand@redhat.com>
Date:   Fri Dec 2 14:08:06 2016 +1100

Set grub timeout default
    
    Set the grub timeout to 5 seconds by default, and add notes on how to
    update this.  This will stop infra having to carry an element that
    goes and rewrites the grub configuration.
    
    Change-Id: I556b3f48eff1b67ee8c4b9b64f749af95100fb99

commit 54dd54d81d38a1f4e027aa68b3249130258e58cf
Author: Gregory Haynes <greg@greghaynes.net>
Date:   Mon Dec 19 23:21:24 2016 +0000

Switch py34 tests to py35
    
    Py35 is now commonly available on things like -infra test nodes, lets
    use that instead.
    
    Change-Id: I554ec84d709a9937df5ec3c2fa7eab8f158cf64e

commit 7c4c304f8aee21cec8a98cf8eec55c0f2ff6cb4f
Author: Gregory Haynes <greg@greghaynes.net>
Date:   Mon Dec 19 18:51:55 2016 +0000

Update our package classifiers
    
    Our setuptools action classifiers are woefully out of date, notably: we
    are no longer alpha and we support python3.
    
    Change-Id: I2425152129406e22073936275761bd5d850903fb

commit 4789aa317e02995cfaddeaf548624df82813fb4f
Author: Noam Angel <noama@mellanox.com>
Date:   Mon Dec 19 09:26:42 2016 +0200

set default DIB_PYTHON_VERSION=2 for rhel7
    
    python 3 not exist on minimal/KVM guest image. set default python version
    2 for rhel7 also.
    
    Change-Id: Icbc10e742da8dded25625a1eed0a79065702837d

commit 9d13084c4183b63587e1f5e4b03395a8df6538f6
Author: Tristan Cacqueray <tdecacqu@redhat.com>
Date:   Sun Dec 18 01:59:07 2016 +0000

Add squashfs output image format
    
    The squashfs format brings a couple of advantages over the other
    formats. Image is often an order of magnitude smaller and it can
    be used natively, either as an initrd, either with loop mount.
    
    Change-Id: If72940b0c4dafb2504c52dd0429a8eb3f8305751

commit da41ee6012b064aa6901c871a1104a3a3933117e
Author: Paul Belanger <pabelanger@redhat.com>
Date:   Sat Dec 17 16:41:14 2016 -0500

Add output image format tgz support
    
    We now support tgz (tar.gz) as an output format.
    
    Change-Id: Iadec92f2f96c3f904f28bd49f87ffc7d48ef7bd7
    Signed-off-by: Paul Belanger <pabelanger@redhat.com>

commit 54f4e127654e1adabaebbe37f943b0ca45ea47c8
Author: Dirk Mueller <dirk@dmllr.de>
Date:   Fri Dec 9 11:33:56 2016 +0100

Switch to openSUSE Leap 42.2 release by default
    
    openSUSE 13.1 was discontinued on Feb 3rd, 2016, so defaulting
    to it doesn't make sense (see https://en.opensuse.org/Lifetime).
    
    Leap 42.2 is the most current release that is supported by
    disk-image-builder and being tested in a 3rd party ci.
    
    Enable functests for it to ensure we're not regressing again.
    Moved to non-voting gate first.
    
    Depends-On: Iff495b3cd0b6c3558c44cf4883651eca67b572d6
    Change-Id: Iae6cd34a5853f1e309861c554d94d8595cbd9993

commit ba93e6314501697024d3f17d4cc339387ecf4617
Author: Jeffrey Zhang <zhang.lei.fly@gmail.com>
Date:   Sat Dec 17 11:51:32 2016 +0800

FIx the DIB_CLOUD_INIT_ALLOW_SSH_PWAUTH variable name in README file
    
    DIB_CLOUD_INIT_ALLOW_SSH_PWAUTH is the correct one.
    
    Change-Id: I3813cadf21327fcc8d960deb43df2309d812a05a

commit 9d7725b47585edf4d2276b18fd68e4ea53c46387
Author: Mikhail S Medvedev <mmedvede@us.ibm.com>
Date:   Thu Dec 15 17:58:14 2016 -0600

Fix bootloader element on ppc
    
    For some reason [1] introduced -m option without ever checking that the
    mapping exists. Because there is no grub-ieee1275 mapping anywhere (not
    in base, not in bootloader), pkg-map fails. So stop using the mapping in
    package-install of grub-ieee1275 on ppc.
    
    There is another patch that tries to solve the same bug by adding the
    mapping [2]. I think it is better to undo the breakage introduced in [1]
    first, and then, if various distributions have differing names for the
    package, introduce various mappings. My reasoning is that at the moment
    this element is broken for all ppc64 distributions. This patch would
    fix it for some (namely, Ubuntu). Then we can add mappings as tests
    are done for other distributions.
    
    [1] Ibca43173c30c2a74a73a2e2d9dd6d6d832c62694
    [2] Id2b0f63a7015f883070fd59b79fd96a1c024858a
    
    Change-Id: I8425876c26e9e416c8ce2f53a4e38d26b4208633
    Closes-Bug: #1624021

commit 3417bd6298f6121deddfa25005e9bcdaf100bde6
Author: Saverio Proto <saverio.proto@switch.ch>
Date:   Mon Dec 12 18:05:36 2016 +0100

Support sysv init system used by Debian Wheezy
    
    Change-Id: Ia6ca11ab78f16a51aba7b627c72c615c184d338d

commit c67e7ed15ede7e3d387dca82c06845f0c0e332f9
Author: Gregory Haynes <greg@greghaynes.net>
Date:   Thu Oct 6 14:29:23 2016 -0700

Generate ssh-hostkeys on boot for ironic agent
    
    Ironic agent images should have ssh hostkeys in image on boot.
    
    Change-Id: If8d42bb8b8bff417d5b1d4d8bc371425697edde5
    Closes-Bug: #1556145

tags:

added: in-feature-v2

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.