Open TrumanLing opened 9 years ago
Actually, the OpenStack driver already implements the deployment of the SSH key on the machine. On your command line you did not provide the flag --openstack-ssh-user
, that means docker-machine will use the user root
to SSH into the machine. Are you sure you can log in with root
on your machine ? Often in cloud images, remote login with root is not possible.
Can you check :
ssh -i /home/docker/.docker/machine/machines/dockermachine/id_rsa roo@xxx.xxx.xxx.xxx
@ggiamarchi thx for your reponse. Generally, root
can not be permitted to access, but the environment I used is just a test environment and don't make strict policy for user SSH login. Below lines are the result I checked for your two questions:
For the 1st one, it outputted like below, and it shows root
has logined into the machine.
console
docker@host-xxx-xxx-xxx-xxx:~/xxx$ sudo ssh -i /home/docker/.docker/machine/machines/dockermachine/id_rsa root@xxx.xxx.xxx.xxx
[sudo] password for docker:
The authenticity of host 'xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)' can't be established.
ECDSA key fingerprint is cf:b0:08:f1:6a:f0:dd:e8:3d:5c:aa:65:2c:91:08:77.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'xxx.xxx.xxx.xxx' (ECDSA) to the list of known hosts.
root@xxx.xxx.xxx.xxx's password:
Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-24-generic x86_64)
Documentation: https://help.ubuntu.com/
System information as of Mon Apr 13 18:04:40 CST 2015
System load: 0.0 Processes: 360 Usage of /: 5.4% of 74.44GB Users logged in: 1 Memory usage: 8% IP address for eth0: xxx.xxx.xxx.xxx Swap usage: 0%
Graph this data and manage this system at: https://landscape.canonical.com/
Last login: Mon Apr 13 18:04:45 2015 from host-xxx-xxx-xxx-xxx.openstacklocal
For the 2nd one, it outputted as following
``` console```
xxx@C8018E13-D21D-B211-9630-000000821800:/> sudo nova keypair-list
+-----------------------------------------------------------------------------------+-------------------------------------------------+
| Name | Fingerprint |
+-----------------------------------------------------------------------------------+-------------------------------------------------+
| dockermachine-8ccd59e096be16527c6aa38e9266d58513c7021341175f799c6229a857c3ce4a | 6b:d4:29:fc:54:22:ba:37:68:99:5b:f3:47:88:a3:ed |
and below are messages for creating the VM, which are including the keypare name and fingerprint, they are matched to those listed by commandnova keypare-list
console
DEBU[0000] Creating Key Pair... Name=dockermachine-8ccd59e096be16527c6aa38e9266d58513c7021341175f799c6229a857c3ce4a
DEBU[0000] executing: /usr/bin/ssh-keygen ssh-keygen -t rsa -N -f /home/docker/.docker/machine/machines/dockermachine/id_rsa
Generating public/private rsa key pair. Your identification has been saved in /home/docker/.docker/machine/machines/dockermachine/id_rsa. Your public key has been saved in /home/docker/.docker/machine/machines/dockermachine/id_rsa.pub. The key fingerprint is: 6b:d4:29:fc:54:22:ba:37:68:99:5b:f3:47:88:a3:ed root@host-xxx-xxx-xxx-xxx
I created machine on openstack, but it needs password input, like below message. Thus, it is not convinient to deploy VM at real engineering environment.
console
docker@host-xxx-xxx-xx-xxx:~/xxx$ sudo ./docker-machine_linux-amd64 -D create -d openstack --openstack-insecure --openstack-auth-url=https://xxx.xxx.xxx.xxx.xxx:443/identity/v2.0 --openstack-username=xxx --openstack-password=xxx --openstack-tenant-id=1234567890 --openstack-tenant-name=xxx --openstack-flavor-id=123 --openstack-image-id=xxxx --openstack-region=xxx --openstack-net-id=xxx dockermachine DEBU[0000] Instantiating OpenStack driver... caCert=/home/docker/.docker/machine/certs/ca.pem machineName=dockermachine privateKey=/home/docker/.docker/machine/certs/ca-key.pem storePath=/home/docker/.docker/machine/machines/dockermachine DEBU[0000] Creating Key Pair... Name=dockermachine-xxx DEBU[0000] executing: /usr/bin/ssh-keygen ssh-keygen -t rsa -N -f /home/docker/.docker/machine/machines/dockermachine/id_rsaGenerating public/private rsa key pair. Your identification has been saved in /home/docker/.docker/machine/machines/dockermachine/id_rsa. Your public key has been saved in /home/docker/.docker/machine/machines/dockermachine/id_rsa.pub. The key fingerprint is: a7:a0:83:54:3f:c5:63:83:9d:fe:ef:ad:1c:6b:1b:ca root@host-xxx-xxx-xxx-xxx The key's randomart image is: +--[ RSA 2048]----+ | | | + . | | . . O | | . . + o | | . + S . | | . . . o + | | . o . . o | | . . +.= | | EoBo. | +-----------------+ DEBU[0000] Authenticating... AuthUrl=https://xxx.xxx.xxx.xxx.xxx:443/identity/v2.0 Insecure=true TenantID=1234567890 TenantName=xxx Username=xxx DEBU[0001] Creating OpenStack instance... FlavorId=123 ImageId=xxx INFO[0001] Creating machine... DEBU[0002] Waiting for the OpenStack instance to be ACTIVE... MachineId=xxx DEBU[2027] Looking for the IP address... MachineId=xxx DEBU[2027] IP address found IP=xxx.xxx.xxx.xxx MachineId=xxx DEBU[2027] Waiting for the SSH server to be started... IP=xxx.xxx.xxx.xxx MachineId=xxx DEBU[2027] Getting to WaitForSSH function... DEBU[2027] executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -p 22 -i /home/docker/.docker/machine/machines/dockermachine/id_rsa root@xxx.xxx.xxx.xxx exit 0 root@xxx.xxx.xxx.xxx's password: DEBU[2269] Error running ssh command 'exit 0' : exit status 255 DEBU[2272] Getting to WaitForSSH function... DEBU[2272] executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -p 22 -i /home/docker/.docker/machine/machines/dockermachine/id_rsa root@xxx.xxx.xxx.xxx exit 0 root@xxx.xxx.xxx's password: DEBU[2314] executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -p 22 -i /home/docker/.docker/machine/machines/dockermachine/id_rsa root@xxx.xxxx.xxx.xxx cat /etc/os-release root@xxx.xxx.xxx.xxx's password: DEBU[2358] executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -p 22 -i /home/docker/.docker/machine/machines/dockermachine/id_rsa root@xxx.xxx.xxx.xxx sudo hostname dockermachine && echo "dockermachine" | sudo tee /etc/hostname && echo "127.0.0.1 dockermachine" | sudo tee -a /etc/hosts root@xxx.xxx.xxx.xxx's password: sudo: unable to resolve host dockermachine dockermachine sudo: unable to resolve host dockermachine 127.0.0.1 dockermachine DEBU[2446] executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -p 22 -i /home/docker/.docker/machine/machines/dockermachine/id_rsa root@xxx.xxx.xxx.xxx DEBIAN_FRONTEND=noninteractive sudo -E apt-get install -y curl root@xxx.xxx.xxx.xxx's password: Reading package lists... Building dependency tree... Reading state information... curl is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. DEBU[2555] executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -p 22 -i /home/docker/.docker/machine/machines/dockermachine/id_rsa root@xxx.xxx.xxx.xxx if ! type docker; then curl -sSL https://get.docker.com | sh -; fi root@xxx.xxx.xxx.xxx's password: docker is /usr/bin/docker DEBU[2613] generating server cert: /home/docker/.docker/machine/machines/dockermachine/server.pem ca-key=/home/docker/.docker/machine/certs/ca.pem private-key=/home/docker/.docker/machine/certs/ca-key.pem org=dockermachine DEBU[2614] executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -p 22 -i /home/docker/.docker/machine/machines/dockermachine/id_rsa root@xxx.xxx.xxx.xxx sudo service docker stop root@xxx.xxx.xxx.xxx's password: docker: unrecognized service ERRO[2739] Error creating machine: exit status 1 WARN[2739] You will want to check the provider to make sure the machine and associated resources were properly removed. FATA[2739] Error creating machine