search

sealerio / sealer

Build, Share and Run Both Your Kubernetes Cluster and Distributed Applications (Project under CNCF)
http://sealer.cool
Apache License 2.0
2.06k stars 361 forks source link

sealer apply -f Clusterfile failed #ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain #1548

Open VinceHouJianyu opened 2 years ago

VinceHouJianyu commented 2 years ago

What happen?

deploy cluster used commond : sealer apply -f Clusterfile , then run failed

#sealer apply -f Clusterfile 
2022-06-28 17:39:42 [INFO] [local.go:288] Start to create a new cluster: master [xxx xxx xxx], worker [xxx]
Error: exec command failed xxx uname -m [ssh][xxx] create ssh session failed, ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
Usage:
  sealer apply [flags]

Examples:
sealer apply -f Clusterfile

Flags:
  -f, --Clusterfile string   apply a kubernetes cluster (default "Clusterfile")
      --force                We also can input an --force flag to delete cluster by force
  -h, --help                 help for apply

Global Flags:
      --config string   config file (default is $HOME/.sealer.json)
  -d, --debug           turn on debug mode
      --hide-path       hide the log path
      --hide-time       hide the log time

exec command failed xxx uname -m [ssh][xxx] create ssh session failed, ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Relevant log output?

can exec command 
#ssh xxx "uname -m"
x86_64

can exec command
#ssh -v  xxx "uname -m"
OpenSSH_8.8p1, OpenSSL 1.0.2k-fips  26 Jan 2017
debug1: Reading configuration data /root/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to xxx [xxx] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type 0
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat 0x04000000
debug1: Authenticating to xxx:22 as 'root'
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:xB4UcKMbtY8/v5P8Qv8Ew7cKB6mwJAjDtlfBVpulfUM
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'xxx' is known and matches the ED25519 host key.
debug1: Found key in /root/.ssh/known_hosts:12
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /root/.ssh/id_rsa RSA SHA256:cXDQLSyDCHj9jPJsi0XNIQJ4tVOTABabKl2LDMTCiP8
debug1: Will attempt key: /root/.ssh/id_dsa 
debug1: Will attempt key: /root/.ssh/id_ecdsa 
debug1: Will attempt key: /root/.ssh/id_ecdsa_sk 
debug1: Will attempt key: /root/.ssh/id_ed25519 
debug1: Will attempt key: /root/.ssh/id_ed25519_sk 
debug1: Will attempt key: /root/.ssh/id_xmss 
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:cXDQLSyDCHj9jPJsi0XNIQJ4tVOTABabKl2LDMTCiP8
debug1: Server accepts key: /root/.ssh/id_rsa RSA SHA256:cXDQLSyDCHj9jPJsi0XNIQJ4tVOTABabKl2LDMTCiP8
Authenticated to xxx ([xxx]:22) using "publickey".
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: filesystem full
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: client_input_hostkeys: searching /root/.ssh/known_hosts for xxx / (none)
debug1: client_input_hostkeys: searching /root/.ssh/known_hosts2 for xxx / (none)
debug1: client_input_hostkeys: hostkeys file /root/.ssh/known_hosts2 does not exist
debug1: client_input_hostkeys: host key found matching a different name/address, skipping UserKnownHostsFile update
debug1: Remote: /root/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /root/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Sending command: uname -m
x86_64
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 3164, received 3128 bytes, in 0.1 seconds
Bytes per second: sent 44304.1, received 43800.0
debug1: Exit status 0

What you expected to happen?

No response

How to reproduce it (as minimally and precisely as possible)?

apiVersion: sealer.cloud/v2
kind: Cluster
metadata:
  name: middleware
spec:
  # TODO
  image: image
  ssh:
    pk: /root/.ssh/id_rsa
    user: root
    port: "22"
  # TODO
  # roles填master/node
  # ips列表用,分隔
  hosts:
    - ips: [ xxx ]
      roles: [ master ]
    - ips: [ xxx ]
      roles: [ node ]

Anything else we need to know?

No response

What is the version of Sealer you using?

{"gitVersion":"v0.8.5","gitCommit":"f9c3d99","buildDate":"2022-04-28 14:16:58","goVersion":"go1.16.15","compiler":"gc","platform":"linux/amd64"}

What is your OS environment?

NAME="CentOS Linux" VERSION="7 (Core)" ID="centos" ID_LIKE="rhel fedora" VERSION_ID="7" PRETTY_NAME="CentOS Linux 7 (Core)" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:centos:centos:7" HOME_URL="https://www.centos.org/" BUG_REPORT_URL="https://bugs.centos.org/" CENTOS_MANTISBT_PROJECT="CentOS-7" CENTOS_MANTISBT_PROJECT_VERSION="7" REDHAT_SUPPORT_PRODUCT="centos" REDHAT_SUPPORT_PRODUCT_VERSION="7"

What is the Kernel version?

Linux node-0 3.10.0-1160.66.1.el7.x86_64

Other environment you want to tell us?

Stevent-fei commented 2 years ago

You can use this template to configure the Clusterfile http://sealer.cool/docs/getting-started/using-clusterfile.html

VinceHouJianyu commented 2 years ago

You can use this template to configure the Clusterfile http://sealer.cool/docs/getting-started/using-clusterfile.html

is not work

sealer apply -f Clusterfile

2022-06-28 18:28:43 [INFO] [local.go:288] Start to create a new cluster: master [xxx], worker [xxx] Error: exec command failed xxx uname -m [ssh][xxx] create ssh session failed, ssh: handshake failed: ssh: unable to authenticate, attempted methods [none], no supported methods remain Usage: sealer apply [flags]

Examples: sealer apply -f Clusterfile

Flags: -f, --Clusterfile string apply a kubernetes cluster (default "Clusterfile") --force We also can input an --force flag to delete cluster by force -h, --help help for apply

Global Flags: --config string config file (default is $HOME/.sealer.json) -d, --debug turn on debug mode --hide-path hide the log path --hide-time hide the log time

exec command failed xxx uname -m [ssh][xxx] create ssh session failed, ssh: handshake failed: ssh: unable to authenticate, attempted methods [none], no supported methods remain

Clusterfile

apiVersion: sealer.cloud/v2 kind: Cluster metadata: name: middleware spec:

TODO

image: xxx ssh: passwd: pk: /root/.ssh/id_rsa pkPasswd: /root/.ssh/id_rsa user: root port: "22"

TODO

roles填master/node

ips列表用,分隔

hosts:

VinceHouJianyu commented 2 years ago

clusterfile

apiVersion: sealer.cloud/v2 kind: Cluster metadata: name: middleware spec: image: hub-vpc.jdcloud.com/devops/sealer/middleware-k8s:ha-beta-0618 ssh: passwd: pk: /root/.ssh/id_rsa pkPasswd: /root/.ssh/id_rsa user: root port: "22" hosts: