[Starcluster] instance ssh problem...

Nicholas Ampazis n.ampazis at gmail.com
Mon Mar 29 05:22:54 EDT 2010 

Justin,

Thanks for the info. I'll try to test your modifications today.

By the way, the version of eucalyptus that I'm using is:

FRONT-END:

dpkg -l | grep euca

ii  euca2ools
1.0+bzr20091007-0ubuntu1.1            managing cloud instances for
Eucalyptus
ii  eucalyptus-cc                            1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Clu
ii  eucalyptus-cloud                         1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Clo
ii  eucalyptus-common                        1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Com
ii  eucalyptus-gl                            1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Log
ii  eucalyptus-java-common                   1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Com
ii  eucalyptus-sc                            1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Sto
ii  eucalyptus-walrus                        1.6~bzr931-0ubuntu7.6
            Elastic Utility Computing Architecture - Wal
ii  libeucalyptus-commons-ext-java           0.4.2-0ubuntu1
            Eucalyptus commons external Java library

NODE:

dpkg -l | grep euca

ii  euca2ools                         1.0+bzr20091007-0ubuntu1.1
     managing cloud instances for Eucalyptus
ii  eucalyptus-common                 1.6~bzr931-0ubuntu7.5
     Elastic Utility Computing Architecture - Com
ii  eucalyptus-gl                     1.6~bzr931-0ubuntu7.5
     Elastic Utility Computing Architecture - Log
ii  eucalyptus-nc                     1.6~bzr931-0ubuntu7.5
     Elastic Utility Computing Architecture - Nod


Also, my keypairs have to be OK since I can ssh successfuly to
instances of other EMIs.

Finally, I've noticed the same problem with the 169.254.169.254 ip,
since curl or wget (invoked from the front-end) always return an error
for all directories other than root, e.g.

wget -c http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
HTTP request sent, awaiting response... 404 Not Found
2010-03-29 12:16:50 ERROR 404: Not Found.

whereas

wget -c http://169.254.169.254/
Connecting to 169.254.169.254:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 177 [text/html]
Saving to: `index.html'

100%[==============================================================================================================>]
177         --.-K/s   in 0s

2010-03-29 12:20:40 (15.1 MB/s) - `index.html' saved [177/177]


returns an index.html page with a plain "It Works!" message.


Thanks,


Nicholas


On Sun, Mar 28, 2010 at 7:58 PM, Justin Riley <jtriley at mit.edu> wrote:
> Also, you'll need to modify line 19 of /etc/init.d/ec2-get-credentials to:
>
> until(new IO::Socket::INET("<ip-address>:8773")){print"Waiting for network...
> \n";sleep 1}
>
> Replace <ip-address> with the cloud controller's ip.
>
> ~Justin
>
> On Sunday 28 March 2010 10:52:39 pm Justin Riley wrote:
>> Hi Nicholas,
>>
>> Sorry for the late response on this. What version of Eucalyptus are you
>>  using? I just created an EMI from the starcluster iso that boots and that
>>  I can ssh into without modifying the image. I'm using Eucalyptus 1.6.2.
>>
>> What's weird to me is that I can ssh in, however, I cannot access
>> 169.254.169.254 ip within the instance which means the ec2-get-credentials
>> file can not be running successfully at startup. Something else must be
>> configuring the authorized_keys file for root. This is why I wonder if
>> something's up with eucalyptus on your end? Are you sure your keypair
>>  setting is correct when calling euca-run-instances?
>>
>> In any event, the exact file that fetches the credentials is in
>> /etc/init.d/ec2-get-credentials
>>
>> If you still want to try manually editing this file, you need to change
>>  line 11 of this file to:
>>
>> public_key_url = http://<ip-address>:8773/latest/meta-data/public-
>> keys/0/openssh-key
>>
>> Replace ip-address with your Eucalyptus cloud controller ip.
>>
>> Let me know if that helps,
>>
>> ~Justin
>>
>> On Friday 26 March 2010 9:12:59 am you wrote:
>> > Dear Justin,
>> >
>> > I've been trying to solve the ssh problem and I've read from your e-mail
>> >  that:
>> >
>> > "The login problem is likely related to the way an "EMI" needs to fetch
>> > it's credentials. For starcluster on EC2, there is a script in
>> > /usr/loca/bin that uses curl to fetch the ssh pub keys from Amazon's
>> > user-data server: http://169.254.169.254. This is in fact how all EC2
>> > images enable ssh access (to my knowledge anyway...). So, that script
>> > may need to be adjusted for eucalyptus to get ssh pubkey login to work."
>> >
>> > Could you please be more specific (name of the script, location, etc)
>> > since I was unable to find anything in the /usr/local/bin directory of
>> > the starcluster iso when I chroot into it.
>> >
>> > Thanks,
>> >
>> > Nicholas
>>
>> _______________________________________________
>> Starcluster mailing list
>> Starcluster at mit.edu
>> http://mailman.mit.edu/mailman/listinfo/starcluster
>>
>

More information about the StarCluster mailing list