Closed nfisdev closed 4 years ago
EarthmanT
commented
4 years ago check the number of SSHD connections that your machine has and try increasing them. Or use a larger flavor. The kubespray playbook is a mammoth and keeping those connections alive is a major drag on the system.
nfisdev
commented
4 years ago I did increase the flavor significantly and I am still observing the same behavior.
As for the SSHD configuration, I have checked and the instances are set with the maximum of 10 connections. Could that be an issue? This test that I am running I am not trying to run any ansible playbooks.
My process is:
In this most recent case (with the increased flavor size) the "node" has the IP of 10.20.0.106, here I was able to log in:
[nfisdev@jump2 ~]$ ssh -i k8.pem centos@10.20.0.106
Warning: Permanently added '10.20.0.106' (RSA) to the list of known hosts.
[centos@k8-cfy-node ~]$ exit
logout
Connection to 10.20.0.106 closed.The "master" has the IP of 10.20.0.189. Which times out when I try to SSH in. Here is the result of an Nmap scan against the "master", it looks like its not listening on any ports:
[nfisdev@jump2 ~]$ nmap -Pn 10.20.0.189
Starting Nmap 6.40 ( http://nmap.org ) at 2020-01-09 18:14 UTC
Nmap scan report for 10.20.0.189
Host is up.
All 1000 scanned ports on 10.20.0.189 are filtered
Nmap done: 1 IP address (1 host up) scanned in 201.37 secondsHere are the results when I run the same blueprint with the "node" commented out.
To be as precise as possible, these are the exact lines that are removed from the blueprint above:
k8-cfy-node:
type: cloudify.nodes.openstack.Server
properties:
client_config: { get_input: client_config_dict }
agent_config:
install_method: none
resource_config:
name: k8-cfy-node
image_id: { get_input: image_id }
flavor_id: { get_input: flavor_id }
relationships:
- type: cloudify.relationships.openstack.server_connected_to_port
target: k8-cfy-node-port
- type: cloudify.relationships.openstack.server_connected_to_keypair
target: k8-cfy-keypairHere is the result of an Nmap scan on the "master" host:
[nfisdev@jump2 ~]$ nmap -Pn 10.20.0.106
Starting Nmap 6.40 ( http://nmap.org ) at 2020-01-09 19:03 UTC
Nmap scan report for 10.20.0.106
Host is up (0.0013s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
Nmap done: 1 IP address (1 host up) scanned in 4.87 secondsAfter confirming the server is listening on 22, I attempted an SSH connection which was successful:
[nfisdev@jump2 ~]$ ssh -i k8.pem 10.20.0.106
The authenticity of host '10.20.0.106 (10.20.0.106)' can't be established.
ECDSA key fingerprint is 15:e4:3e:2d:87:55:72:06:05:48:3e:b4:40:57:0a:3e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.20.0.106' (ECDSA) to the list of known hosts.
[centos@k8-cfy-master ~]$Is there any reason why this works with 1 server but not with 2?
nfisdev
commented
4 years ago I have been having a lot of struggles with getting Cloudify to behave predictably over the last month, I have now found that my organization has had a faulty CentOS7 image.
@EarthmanT thank you so much for your help. I have this blueprint working now.
EarthmanT
commented
4 years ago @nfisdev sorry could not be more help I just was about to take a deeper look. glad you got it sorted out.
Hello, I have observed some unpredictable behavior in the openstack plugin while working on a kubespray implementation. The servers I am trying to create are referred to as "master" and "node"
Running my blueprint with just "master", SSH works just fine. As soon as I add the "node" openstack.server SSH breaks for both VMs, the error is often slightly different
Usually the error is
ssh_exchange_identification: Connection closed by remote host,ssh: connect to host <host> port 22: Connection refused, I have even had it ask me for a password, even though there is no way that could be set up. The weird part is that sometimes its the "master" that SSH works for and sometimes the "node" that SSH works for, but neither of them work at the same time.Running the exact same code, these have been my results:
ssh_exchange_identificationerrorssh_exchange_identificationerrorI have spun up the same image in the Openstack UI and SSH works fine. When I remove the "node" openstack.server from the blueprint, SSH works for master.
Here is the blueprint that I am using.
I get the same issue when using the kubernetes openstack example, which is why I started my own blueprint: https://github.com/cloudify-community/blueprint-examples/tree/master/kubernetes
Any help is greatly appreciated, hopefully I'm doing something obviously wrong. Thanks