思享工具箱

ironic 注入秘钥失败 & 169.254.169.254

摘要:
grepauthorized_keyscloud-init*log正常请况下grepauthorized_keyscloud-init*log[root@sysu--2log]#grepcentoscloud-init*log2019-10-2202:14:17,322-__init__.py[INFO]:Usercentosalreadyexists,skipping.2019-10-2202:

grep authorized_keys cloud-init*log

ironic 注入秘钥失败 & 169.254.169.254第1张

正常请况下

grep authorized_keys cloud-init*log

ironic 注入秘钥失败 & 169.254.169.254第2张

[root@sysu--2 log]# grep centos cloud-init*log
2019-10-22 02:14:17,322 -__init__.py[INFO]: User centos already exists, skipping.
2019-10-22 02:14:17,323 - util.py[DEBUG]: Running command ['passwd', '-l', 'centos'] with allowed return codes [0] (shell=False, capture=True)
2019-10-22 02:14:17,355 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh (recursive=True)
2019-10-22 02:14:17,356 - util.py[DEBUG]: Reading from /home/centos/.ssh/authorized_keys (quiet=False)
2019-10-22 02:14:17,356 - util.py[DEBUG]: Read 0 bytes from /home/centos/.ssh/authorized_keys
2019-10-22 02:14:17,357 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh (recursive=False)
2019-10-22 02:14:17,357 - util.py[DEBUG]: Writing to /home/centos/.ssh/authorized_keys - wb: [600] 399bytes
2019-10-22 02:14:17,357 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh/authorized_keys (recursive=False)
2019-10-22 02:14:17,358 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh/authorized_keys (recursive=False)
2019-10-22 02:14:17,358 - util.py[DEBUG]: Changing the ownership of /home/centos/.ssh/authorized_keys to 1000:1000
2019-10-22 02:14:17,358 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh (recursive=True)
2019-10-22 02:14:38,400 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh (recursive=True)
2019-10-22 02:14:38,401 - util.py[DEBUG]: Reading from /home/centos/.ssh/authorized_keys (quiet=False)
2019-10-22 02:14:38,401 - util.py[DEBUG]: Read 399 bytes from /home/centos/.ssh/authorized_keys

调试cloud init

ironic 注入秘钥失败 & 169.254.169.254第3张

[root@fenghuo log]#  rm -rf /var/lib/cloud/instance
[root@fenghuo log]# cloud-init init && cloud-init modules --mode config && cloud-init modules --mode final

ironic 注入秘钥失败 & 169.254.169.254第4张

#cloud-config
ssh_deletekeys: falsessh_authorized_keys:
  - <ENTER YOUR PUBLIC KEY HERE>cloud_final_modules:
  -[ssh, always]
Explanation for the parameters used above inthe code:

- ssh_deletekeys: False --> Instructing cloud-init to not to delete the current ssh key for the defaultusers

- ssh_authorized_keys --> Add the below ssh publickey to the authorized_keys file

- cloud_final_modules --> The keyword "always" is instructing cloud-init to add the ssh key every time upon reboot.

I will provide you an example to understand it better:

#cloud-config
ssh_deletekeys: falsessh_authorized_keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCB....
cloud_final_modules:
  - [ssh, always]
/usr/lib/python3.7/site-packages/cloudinit/config/cc_rsyslog.py:205: FutureWarning: Possible nested set at position 23r'^(?P<proto>[@]{0,2})'
2020-05-17 09:05:18,625 - util.py[WARNING]: Failed growpart --dry-run for (/dev/sda, 2)
Cloud-init v. 17.1 running 'modules:config' at Sun, 17 May 2020 09:05:19 +0000. Up 2210.05seconds.
Cloud-init v. 17.1 running 'modules:final' at Sun, 17 May 2020 09:05:20 +0000. Up 2211.03seconds.
ci-info: no authorized ssh keys fingerprints found foruser openEuler.
Cloud-init v. 17.1 finished at Sun, 17 May 2020 09:05:20 +0000. Datasource DataSourceOpenStack [net,ver=2].  Up 2211.25seconds
[root@fenghuo log]#

169.254.169.254

[Unauthorized System] root@controller-17L-A41920U-165:~/ssh_key# ip netns exec qrouter-21414d4f-592c-4c5d-aa1f-eae48fcfb4d3 bash

ironic 注入秘钥失败 &amp; 169.254.169.254第5张

ip netns exec qrouter-21414d4f-592c-4c5d-aa1f-eae48fcfb4d3 bash

[Unauthorized System] root@controller-17L-A41920U-165:~/ssh_key# netstat -lpn
激活Internet连接 (仅服务器)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:9697            0.0.0.0:*               LISTEN      21257/python    
活跃的UNIX域套接字 (仅服务器)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name    路径

[Note] System unauthorized, Please contact the system supplier.

[Unauthorized System] root@controller-17L-A41920U-165:~/ssh_key# ps -f --pid 21257 | fold -s -w 82UID        PID  PPID  C STIME TTY          TIME CMD
42435    21257 31543  0 2月28 ?       00:00:13 /usr/bin/python 
/usr/bin/neutron-ns-metadata-proxy 
--pid_file=/var/lib/neutron/external/pids/21414d4f-592c-4c5d-aa1f-eae48fcfb4d3.pid
 --metadata_proxy_socket=/var/lib/neutron/kolla/metadata_proxy 
--router_id=21414d4f-592c-4c5d-aa1f-eae48fcfb4d3 --state_path=/var/lib/neutron 
--metadata_port=9697 --metadata_proxy_user=42435 --metadata_proxy_group=42435 
--verbose 
--log-file=neutron-ns-metadata-proxy-21414d4f-592c-4c5d-aa1f-eae48fcfb4d3.log 
--log-dir=/var/log/kolla/neutron

nova show 原来是没有key

ironic 注入秘钥失败 &amp; 169.254.169.254第6张

标签:#ssh#centos#log#keys | 浏览:129 | 发布日期:

免责声明:文章转载自《ironic 注入秘钥失败 &amp;amp; 169.254.169.254》仅用于学习参考。如对内容有疑问,请及时联系本站处理。

上篇Bootstrap-CL:字体图标(Glyphicons)Qt学习--初学注意事项下篇

宿迁高防,2C2G15M,22元/月;香港BGP,2C5G5M,25元/月 雨云优惠码:MjYwNzM=

相关文章

Linux(Centos)全自动异地备份数据(WEB+Mysql)

文章开始之前,先问下各位站长一个问题:什么东西对于站长是十分重要的?其实对于站长而言,很多东西都是很重要的。但我们现在排除外在因素,把范围缩小到网站系统本身,哪些是非常重要的呢?网站数据就是其中之一了。 网站数据包括程序文件本身、网站运行过程中不断产生的附件数据(图片、文档、视频等)以及数据库文件,三大块总括为网站数据。 以 自己为例,在这两年多的站长经历...

CentOS服务器的16个监控命令

你可以通过图形化用户界面(GUI)程序来获取这些外壳命令提供的大量信息,具体取决于使用哪一种Linux发行版。比如说,SUSE Linux就有一款出色的、图形化配置和管理工具YaST,KDE的KDE System Guard同样很出色。 不过,Linux管理员要明白的一个常理是:只有绝对必要时,才应该在服务器上运行GUI。那是由于,Linux GUI耗用...

总结Selenium自动化测试方法(四)WebDriver常用的操作

四、WebDriver常用的操作 1、控制浏览器操作 #控制浏览器的大小 self.driver.set_window_size(480,800) #控制浏览器返回 self.driver.back() #控制浏览器前进到下个页面 self.driver.forward() #刷新当前页面 self.driver.refresh() 2、控制页面元素的简单...

深入拆解Tomcat &amp;amp;Jetty——极客时间

1.开篇词 2.web容器 spring、tomcat、jetty 基于servlet 3.tomcat Tomcat 目录: /bin:存放 Windows 或 Linux 平台上启动和关闭 Tomcat 的脚本文件。/conf:存放 Tomcat 的各种全局配置文件,其中最重要的是 server.xml。/lib:存放 Tomcat 以及所有 We...

linux应用之jdk环境的安装(centos)

一、yum安装 1.执行:yum search jdk 已加载插件:fastestmirror, securityLoading mirror speeds from cached hostfile * base: mirror.bit.edu.cn * extras: mirror.bit.edu.cn * updates: mirror.bit.edu...

centos下面配置key登录

centos下需要配置使用key登录,并且要禁止root登录 下面的操作都是用root来设置的 1.添加新用户 例如用户名leisiyuan useradd leisiyuan 2.设置密码 passwd leisyuan 3.给新用户添加到root权限组 运行visudo命令,找到root ALL=(ALL) ALL,在下面添加一行 ,然后保存即可 le...

最新文章

随机推荐

思享工具箱导航