On 26.01.2014 22:47, Nux! wrote: > On 26.01.2014 20:59, Karanbir Singh wrote: >> given that cloud-init does work and do the right thing for eucalyptus >> and openstack ( I've just tested those two ) - what fails for >> CloudInit >> ? is the data provider from CS itself incomplete or not hooking into >> the >> right place ? > > I have not tested ssh key and/or user data functionality, I believe > this was already reported to work[1], but from my tests cloud-init > never > makes a request to the virtual router on port 8080 to retrieve the > password. Why that is, I'll leave it to someone who knows how > cloud-init > works and can read code... > > [1] > http://shankerbalan.net/blog/ssh-keys-on-cloudstack-guest-instances-using-cloud-init/ Furthermore, cloud-init does seem to be trying various stuff as it can be seen from the virtual router's apache logs, but it makes 0 requests (verified via tcpdump) to the password service on port 8080: "GET //latest/meta-data/instance-id HTTP/1.1" 200 241 "-" "Cloud-Init/0.7.4" "GET //latest/user-data HTTP/1.1" 200 222 "-" "Python-urllib/2.6" "GET //latest/meta-data/ HTTP/1.1" 200 361 "-" "Python-urllib/2.6" "GET //latest/meta-data/ HTTP/1.1" 200 361 "-" "Python-urllib/2.6" "GET //latest/meta-data/local-ipv4 HTTP/1.1" 200 236 "-" "Python-urllib/2.6" "GET //latest/meta-data/local-hostname HTTP/1.1" 200 224 "-" "Python-urllib/2.6" "GET //latest/meta-data/public-hostname HTTP/1.1" 200 222 "-" "Python-urllib/2.6" "GET //latest/meta-data/public-keys HTTP/1.1" 200 222 "-" "Python-urllib/2.6" "GET //latest/meta-data/cloud-identifier HTTP/1.1" 200 273 "-" "Python-urllib/2.6" "GET //latest/meta-data/service-offering HTTP/1.1" 200 242 "-" "Python-urllib/2.6" "GET //latest/meta-data/public-ipv4 HTTP/1.1" 200 236 "-" "Python-urllib/2.6" "GET //latest/meta-data/vm-id HTTP/1.1" 200 260 "-" "Python-urllib/2.6" "GET //latest/meta-data/availability-zone HTTP/1.1" 200 233 "-" "Python-urllib/2.6" "GET //latest/meta-data/instance-id HTTP/1.1" 200 260 "-" "Python-urllib/2.6" The weird thing is that it does indeed change the password, because the default password no longer works, but to what, I do not know. [root at ce ~]# grep -i password /var/log/cloud-init.log Jan 26 23:46:52 ce [CLOUDINIT] importer.py[DEBUG]: Looking for modules ['cc_set_passwords', 'cloudinit.config.cc_set_passwords'] that have attributes ['handle'] Jan 26 23:46:52 ce [CLOUDINIT] importer.py[DEBUG]: Found cc_set_passwords with attributes ['handle'] in ['cloudinit.config.cc_set_passwords'] Jan 26 23:46:52 ce [CLOUDINIT] util.py[DEBUG]: Writing to /var/lib/cloud/instances/e4212973-1224-43f9-aba9-d1582bf8d881/sem/config_set_passwords - wb: [420] 20 bytes Jan 26 23:46:52 ce [CLOUDINIT] util.py[DEBUG]: Restoring selinux mode for /var/lib/cloud/instances/e4212973-1224-43f9-aba9-d1582bf8d881/sem/config_set_passwords (recursive=False) Jan 26 23:46:52 ce [CLOUDINIT] util.py[DEBUG]: Restoring selinux mode for /var/lib/cloud/instances/e4212973-1224-43f9-aba9-d1582bf8d881/sem/config_set_passwords (recursive=False) Jan 26 23:46:52 ce [CLOUDINIT] helpers.py[DEBUG]: Running config-set-passwords using lock (<FileLock using file '/var/lib/cloud/instances/e4212973-1224-43f9-aba9-d1582bf8d881/sem/config_set_passwords'>) Jan 26 23:46:52 ce [CLOUDINIT] cc_set_passwords.py[DEBUG]: Replacing auth line 66 with yes Jan 26 23:46:52 ce [CLOUDINIT] cc_set_passwords.py[DEBUG]: Restarted the ssh daemon Jan 26 23:51:44 ce [CLOUDINIT] importer.py[DEBUG]: Looking for modules ['cc_set_passwords', 'cloudinit.config.cc_set_passwords'] that have attributes ['handle'] Jan 26 23:51:44 ce [CLOUDINIT] importer.py[DEBUG]: Found cc_set_passwords with attributes ['handle'] in ['cloudinit.config.cc_set_passwords'] Jan 26 23:51:44 ce [CLOUDINIT] helpers.py[DEBUG]: config-set-passwords already ran (freq=once-per-instance) [root at ce ~]# cat /var/lib/cloud/instances/e4212973-1224-43f9-aba9-d1582bf8d881/sem/config_set_passwords 1261: 1390780012.61 So, I would say Cloudstack support is incomplete at this time, unless someone tells me I need to enable some other module. I'll look up in the following days how to hook a script into it, perhaps we can do it this way. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro