grep authorized_keys cloud-init*log
正常请况下
grep authorized_keys cloud-init*log
[root@sysu--2 log]# grep centos cloud-init*log 2019-10-22 02:14:17,322 -__init__.py[INFO]: User centos already exists, skipping. 2019-10-22 02:14:17,323 - util.py[DEBUG]: Running command ['passwd', '-l', 'centos'] with allowed return codes [0] (shell=False, capture=True) 2019-10-22 02:14:17,355 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh (recursive=True) 2019-10-22 02:14:17,356 - util.py[DEBUG]: Reading from /home/centos/.ssh/authorized_keys (quiet=False) 2019-10-22 02:14:17,356 - util.py[DEBUG]: Read 0 bytes from /home/centos/.ssh/authorized_keys 2019-10-22 02:14:17,357 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh (recursive=False) 2019-10-22 02:14:17,357 - util.py[DEBUG]: Writing to /home/centos/.ssh/authorized_keys - wb: [600] 399bytes 2019-10-22 02:14:17,357 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh/authorized_keys (recursive=False) 2019-10-22 02:14:17,358 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh/authorized_keys (recursive=False) 2019-10-22 02:14:17,358 - util.py[DEBUG]: Changing the ownership of /home/centos/.ssh/authorized_keys to 1000:1000 2019-10-22 02:14:17,358 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh (recursive=True) 2019-10-22 02:14:38,400 - util.py[DEBUG]: Restoring selinux mode for /home/centos/.ssh (recursive=True) 2019-10-22 02:14:38,401 - util.py[DEBUG]: Reading from /home/centos/.ssh/authorized_keys (quiet=False) 2019-10-22 02:14:38,401 - util.py[DEBUG]: Read 399 bytes from /home/centos/.ssh/authorized_keys
调试cloud init
[root@fenghuo log]# rm -rf /var/lib/cloud/instance [root@fenghuo log]# cloud-init init && cloud-init modules --mode config && cloud-init modules --mode final
#cloud-config ssh_deletekeys: falsessh_authorized_keys: - <ENTER YOUR PUBLIC KEY HERE>cloud_final_modules: -[ssh, always] Explanation for the parameters used above inthe code: - ssh_deletekeys: False --> Instructing cloud-init to not to delete the current ssh key for the defaultusers - ssh_authorized_keys --> Add the below ssh publickey to the authorized_keys file - cloud_final_modules --> The keyword "always" is instructing cloud-init to add the ssh key every time upon reboot. I will provide you an example to understand it better: #cloud-config ssh_deletekeys: falsessh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCB.... cloud_final_modules: - [ssh, always]
/usr/lib/python3.7/site-packages/cloudinit/config/cc_rsyslog.py:205: FutureWarning: Possible nested set at position 23r'^(?P<proto>[@]{0,2})' 2020-05-17 09:05:18,625 - util.py[WARNING]: Failed growpart --dry-run for (/dev/sda, 2) Cloud-init v. 17.1 running 'modules:config' at Sun, 17 May 2020 09:05:19 +0000. Up 2210.05seconds. Cloud-init v. 17.1 running 'modules:final' at Sun, 17 May 2020 09:05:20 +0000. Up 2211.03seconds. ci-info: no authorized ssh keys fingerprints found foruser openEuler. Cloud-init v. 17.1 finished at Sun, 17 May 2020 09:05:20 +0000. Datasource DataSourceOpenStack [net,ver=2]. Up 2211.25seconds [root@fenghuo log]#
169.254.169.254
[Unauthorized System] root@controller-17L-A41920U-165:~/ssh_key# ip netns exec qrouter-21414d4f-592c-4c5d-aa1f-eae48fcfb4d3 bash
ip netns exec qrouter-21414d4f-592c-4c5d-aa1f-eae48fcfb4d3 bash
[Unauthorized System] root@controller-17L-A41920U-165:~/ssh_key# netstat -lpn 激活Internet连接 (仅服务器) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:9697 0.0.0.0:* LISTEN 21257/python 活跃的UNIX域套接字 (仅服务器) Proto RefCnt Flags Type State I-Node PID/Program name 路径 [Note] System unauthorized, Please contact the system supplier. [Unauthorized System] root@controller-17L-A41920U-165:~/ssh_key# ps -f --pid 21257 | fold -s -w 82UID PID PPID C STIME TTY TIME CMD 42435 21257 31543 0 2月28 ? 00:00:13 /usr/bin/python /usr/bin/neutron-ns-metadata-proxy --pid_file=/var/lib/neutron/external/pids/21414d4f-592c-4c5d-aa1f-eae48fcfb4d3.pid --metadata_proxy_socket=/var/lib/neutron/kolla/metadata_proxy --router_id=21414d4f-592c-4c5d-aa1f-eae48fcfb4d3 --state_path=/var/lib/neutron --metadata_port=9697 --metadata_proxy_user=42435 --metadata_proxy_group=42435 --verbose --log-file=neutron-ns-metadata-proxy-21414d4f-592c-4c5d-aa1f-eae48fcfb4d3.log --log-dir=/var/log/kolla/neutron
nova show 原来是没有key