search

F5Networks / f5-google-gdm-templates

Google Deployment Templates for quickly deploying BIG-IP services in Google Cloud Platform
28 stars 45 forks source link

BigIP AutoScale Experimental Template #23

Closed Milbrab closed 4 years ago

Milbrab commented 5 years ago

Do you already have an issue opened with F5 support?

No

Description

The autoscale experimental template says " If you want access to the BIG-IP web-based Configuration utility, you must first SSH into the BIG-IP VE using the SSH key you provided in the template". I looked at the YAML file and the python script listed in the repo and there is NOT a section to list your RSA public key. When deploying the configuration this does not inject any SSH key into the instances so therefore we can't connect to add a local admin account.

Template

https://github.com/F5Networks/f5-google-gdm-templates/tree/master/experimental/autoscale/waf/via-lb/existing-stack/payg

Severity Level

For bugs, enter the bug severity level. Do not set any labels.

Severity: 3

Severity level definitions:

  1. Severity 1 (Critical) : Defect is causing systems to be offline and/or nonfunctional. immediate attention is required.
  2. Severity 2 (High) : Defect is causing major obstruction of system operations.
  3. Severity 3 (Medium) : Defect is causing intermittent errors in system operations.
  4. Severity 4 (Low) : Defect is causing infrequent interuptions in system operations.
  5. Severity 5 (Trival) : Defect is not causing any interuptions to system operations, but none-the-less is a bug.
Milbrab commented 5 years ago

I was able to change the linux username to admin and use a password of admin but if there is a different method to use like SSH keys than please update the templates to reflect that, otherwise I might suggest to remove those prerequisites.

Thanks

jsevedge commented 5 years ago

@Milbrab Quick note: In GCE it works off the assumption that the keys have been added to the project-wide ssh public keys metadata prior to deployment, as described here: https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys#project-wide

Milbrab commented 5 years ago

@jsevedge I get the use of project wide metadata but thats not what the F5 readme state. It states that there is a field somewhere, were we are to provide the SSH key values. Hence the note from the repo stating "If you want access to the BIG-IP web-based Configuration utility, you must first SSH into the BIG-IP VE using the SSH key you provided in the template", if SSH relied on the project wide public keys then why does F5 have this in their documentation. As I mentioned it may be up for clarification on the F5 readme.

jsevedge commented 5 years ago

@Milbrab Internal ID 1425 was opened for this issue. Readme's should be updated with better verbiage in the upcoming release.

shyawnkarim commented 4 years ago

Closing. This was fixed in release 3.0.