StarCluster - Mailing List Archive

Re: [Starcluster] instance ssh problem...

From: Nicholas Ampazis <no email>
Date: Mon, 29 Mar 2010 02:22:54 -0700

Justin,

Thanks for the info. I'll try to test your modifications today.

By the way, the version of eucalyptus that I'm using is:

FRONT-END:

dpkg -l | grep euca

ii euca2ools
1.0+bzr20091007-0ubuntu1.1 managing cloud instances for
Eucalyptus
ii eucalyptus-cc 1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Clu
ii eucalyptus-cloud 1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Clo
ii eucalyptus-common 1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Com
ii eucalyptus-gl 1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Log
ii eucalyptus-java-common 1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Com
ii eucalyptus-sc 1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Sto
ii eucalyptus-walrus 1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Wal
ii libeucalyptus-commons-ext-java 0.4.2-0ubuntu1
            Eucalyptus commons external Java library

NODE:

dpkg -l | grep euca

ii euca2ools 1.0+bzr20091007-0ubuntu1.1
     managing cloud instances for Eucalyptus
ii eucalyptus-common 1.6~bzr931-0ubuntu7.5
     Elastic Utility Computing Architecture - Com
ii eucalyptus-gl 1.6~bzr931-0ubuntu7.5
     Elastic Utility Computing Architecture - Log
ii eucalyptus-nc 1.6~bzr931-0ubuntu7.5
     Elastic Utility Computing Architecture - Nod


Also, my keypairs have to be OK since I can ssh successfuly to
instances of other EMIs.

Finally, I've noticed the same problem with the 169.254.169.254 ip,
since curl or wget (invoked from the front-end) always return an error
for all directories other than root, e.g.

wget -c http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
HTTP request sent, awaiting response... 404 Not Found
2010-03-29 12:16:50 ERROR 404: Not Found.

whereas

wget -c http://169.254.169.254/
Connecting to 169.254.169.254:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 177 [text/html]
Saving to: `index.html'

100%[==============================================================================================================>]
177 --.-K/s in 0s

2010-03-29 12:20:40 (15.1 MB/s) - `index.html' saved [177/177]


returns an index.html page with a plain "It Works!" message.


Thanks,


Nicholas


On Sun, Mar 28, 2010 at 7:58 PM, Justin Riley <jtriley_at_mit.edu> wrote:
> Also, you'll need to modify line 19 of /etc/init.d/ec2-get-credentials to:
>
> until(new IO::Socket::INET("<ip-address>:8773")){print"Waiting for network...
> \n";sleep 1}
>
> Replace <ip-address> with the cloud controller's ip.
>
> ~Justin
>
> On Sunday 28 March 2010 10:52:39 pm Justin Riley wrote:
>> Hi Nicholas,
>>
>> Sorry for the late response on this. What version of Eucalyptus are you
>>  using? I just created an EMI from the starcluster iso that boots and that
>>  I can ssh into without modifying the image. I'm using Eucalyptus 1.6.2.
>>
>> What's weird to me is that I can ssh in, however, I cannot access
>> 169.254.169.254 ip within the instance which means the ec2-get-credentials
>> file can not be running successfully at startup. Something else must be
>> configuring the authorized_keys file for root. This is why I wonder if
>> something's up with eucalyptus on your end? Are you sure your keypair
>>  setting is correct when calling euca-run-instances?
>>
>> In any event, the exact file that fetches the credentials is in
>> /etc/init.d/ec2-get-credentials
>>
>> If you still want to try manually editing this file, you need to change
>>  line 11 of this file to:
>>
>> public_key_url = http://<ip-address>:8773/latest/meta-data/public-
>> keys/0/openssh-key
>>
>> Replace ip-address with your Eucalyptus cloud controller ip.
>>
>> Let me know if that helps,
>>
>> ~Justin
>>
>> On Friday 26 March 2010 9:12:59 am you wrote:
>> > Dear Justin,
>> >
>> > I've been trying to solve the ssh problem and I've read from your e-mail
>> >  that:
>> >
>> > "The login problem is likely related to the way an "EMI" needs to fetch
>> > it's credentials. For starcluster on EC2, there is a script in
>> > /usr/loca/bin that uses curl to fetch the ssh pub keys from Amazon's
>> > user-data server: http://169.254.169.254. This is in fact how all EC2
>> > images enable ssh access (to my knowledge anyway...). So, that script
>> > may need to be adjusted for eucalyptus to get ssh pubkey login to work."
>> >
>> > Could you please be more specific (name of the script, location, etc)
>> > since I was unable to find anything in the /usr/local/bin directory of
>> > the starcluster iso when I chroot into it.
>> >
>> > Thanks,
>> >
>> > Nicholas
>>
>> _______________________________________________
>> Starcluster mailing list
>> Starcluster_at_mit.edu
>> http://mailman.mit.edu/mailman/listinfo/starcluster
>>
>
Received on Mon Mar 29 2010 - 05:23:16 EDT
This archive was generated by hypermail 2.3.0.

Search:

Sort all by:

Date

Month

Thread

Author

Subject