search

oracle-quickstart / oci-arch-ci-cd

Set up a CI/CD pipeline for cloud deployments
Universal Permissive License v1.0
11 stars 14 forks source link

Need documentation on how to ssh to Jenkins server with code created public-private key-pair #11

Closed sundeepdhall closed 2 years ago

sundeepdhall commented 2 years ago

When the default installation options are accepted, the installation completes successfully. ie. The Jenkins server is created and is accessible via the browser. But there are no instructions on how to retrieve the private key that would be needed to ssh to the Jenkins server.
Do I use the private_key_pem value from the state file to construct the private key ? I tried ssh using that and its looking for a passphrase.

lfeldman commented 2 years ago

@sundeepdhall it depends where you are deploying the code. In the case of Terraform CLI you need to extract generated private key by using terraform console:

Apply complete! Resources: 22 added, 0 changed, 0 destroyed.

Outputs:

jenkins_login_url = "http://129.158.57.175:8080"
jenkins_public_ip = "129.158.57.175"

terraform-server# terraform console
>nonsensitive(tls_private_key.public_private_key_pair.private_key_pem)

-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAK (...)2NQSMX8FrR1dmFNy0=
-----END RSA PRIVATE KEY-----

EOT
> Ctr-C

terraform-server# vi id_rsa <- here you should inject private key content.

terraform-server# chmod 400 id_rsa

terraform-server# ssh -i id_rsa opc@129.158.57.175 <- jenkins_public_ip output
The authenticity of host '129.158.57.175 (129.158.57.175)' can't be established.
ECDSA key fingerprint is SHA256:sgy0aiE6LSBVmragqEQ5L52Av3O4oSZaJ4RX89qWq+g.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '129.158.57.175' (ECDSA) to the list of known hosts.
Last login: Thu Dec  2 10:31:38 2021 from 89-64-91-8.dynamic.chello.pl
[opc@jenkinsvm ~]$
sundeepdhall commented 2 years ago

Thank you. This worked. I also needed to install the latest version of terraform. I was on a 0.14.5 with the older version the "nonsensitive" command did not work. It still gave me the private key, but it had "\n" all over it. When I use that in a file, I get prompted for a "passphrase" I replaced it with v1.0.11 and ran the "nonsensitive(tls_private_key.public_private_key_pair.private_key_pem) This now gave me a well formatted private key. and does not prompt for passphrase I am able to connect to the jenkinsvm using this. Thank you so much

lfeldman commented 2 years ago

That is good news @sundeepdhall. Closing the ticket.