Hi all, think i`m getting somewhere with it now.
currently when I try to change the password it says NetworkManager is not running Jul 28 11:51:17 centos8-base-m1Dd4 cloud-set-guest-password[886]: Error: NetworkManager is not running. Jul 28 11:51:17 centos8-base-m1Dd4 cloud[924]: Unable to determine the password server, falling back to data-server Jul 28 11:51:17 centos8-base-m1Dd4 cloud[925]: Sending request to password server at data-server Jul 28 11:51:17 centos8-base-m1Dd4 cloud[936]: Failed to send request to password server at data-server Jul 28 11:51:17 centos8-base-m1Dd4 cloud[939]: Did not need to change password. i`m guessing this means its not running on boot when the script is running as once i'm logged if I check the service status it says it running, however I have noticed that under CGroup the is a dhclient line in my working Centos7 Template which doesnt appear in my new Centos8 Template: CGroup: /system.slice/NetworkManager.service ├─774 /usr/sbin/NetworkManager --no-daemon └─903 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-eno16777984.pid -lf /var/lib/NetworkManager/dhclient-dcf53092-0072-3182-bb91-c33e31d619e3-eno16777984.lease -cf /var/lib/NetworkManager/dhc... not sure if that is whats wrong at the minute more looking at differences between working and not working. On Fri, 24 Jul 2020 at 14:13, Craig Dunn <sendai...@googlemail.com> wrote: > thanks Andrija, > > I`m having vpn trouble atm so cant get onto the VR to check but, if I run > the wget command manually against the VR I get back the password which was > shown in the UI. > > I`m guessing the VR has done its but its just not being applied to the VM > itself for some reason. > > > > On Fri, 24 Jul 2020 at 12:20, Andrija Panic <andrija.pa...@gmail.com> > wrote: > >> When you change the password for a VM (while VM is stopped) - ACS will >> store the password (in readable form) inside the VR in >> /var/cache/cloud/password-xxxxxxxx - so if you see the password here (as >> given in the UI) - that means that nobody fetched the password from the VR >> - but if it's missing (replaced with word "saved") that means that the >> script/cloud-init already downloaded the password (but it's question if it >> was applied or not on the OS/VM itself) >> >> Hope that helps >> >> On Fri, 24 Jul 2020 at 12:34, Craig Dunn <sendai...@googlemail.com >> .invalid> >> wrote: >> >> > Hey all, >> > >> > So, spent yesterday messing around with it, if I run wget -q -t 3 -T 20 >> -O >> > - --header "DomU_Request: send_my_password" $192.168.81.1:8080. Replace >> > $PASSWORD_SERVER manually it shows nothing. >> > >> > [image: image.png] >> > but this behaviour seems normal as a working template does not respond >> > either. >> > >> > I have also noticed that the leases file in /var/lib/dhclient doesnt >> > generate till you run dhclient (this is fine I can figure that out >> later) >> > but running reset password from cloudstack doesn't actually change it. >> Only >> > only thing I have done is a symbolic link on the script from the init.d >> > folder to rc0.d folder (I had to do this with ubuntu so assumed I would >> > here too) >> > >> > any troubleshooting tips anyone can offer? >> > >> > Thanks >> > >> > On Thu, 23 Jul 2020 at 12:27, Andrija Panic <andrija.pa...@gmail.com> >> > wrote: >> > >> >> cloud-init has the "plugin" for cloudstack, so it "behaves" well with >> it. >> >> >> >> best, >> >> >> >> On Thu, 23 Jul 2020 at 12:48, Craig Dunn <sendai...@googlemail.com >> >> .invalid> >> >> wrote: >> >> >> >> > Thanks Andrija i`ll have a look into that, does the platform need to >> >> > support it, or does cloudstack support it by default? >> >> > >> >> > @Vivek strangely its generated a lease file in /var/lib/dhclient (not >> >> sure >> >> > if I did anything to force it) I have tried resetting both manually >> and >> >> via >> >> > the UI with no changes >> >> > >> >> > On Thu, 23 Jul 2020 at 11:22, Andrija Panic <andrija.pa...@gmail.com >> > >> >> > wrote: >> >> > >> >> > > that script used to work only with initd and not systemd, so better >> >> > invest >> >> > > some time in cloud-init, and achieve the same thing (and more if >> >> needed). >> >> > > You can i.e. download the >> http://dl.openvm.eu/cloudstack/macchinina/ >> >> > > template >> >> > > and see how the cloud-init is configured there (afaik, it uses >> >> > cloud-init) >> >> > > >> >> > > Best, >> >> > > >> >> > > On Thu, 23 Jul 2020 at 12:17, Vivek Kumar <vivek.ku...@indiqus.com >> >> > > .invalid> >> >> > > wrote: >> >> > > >> >> > > > That won’t help because it fetch the password from router . Can >> you >> >> > just >> >> > > > run “dhclient” and check the lease folder wether you are getting >> >> lease >> >> > > file >> >> > > > generated or not. >> >> > > > >> >> > > > Vivek Kumar >> >> > > > Manager - Cloud & DevOps >> >> > > > IndiQus Technologies >> >> > > > 24*7 O +91 11 4055 1411 | M +91 7503460090 >> >> > > > www.indiqus.com <http://indiqus.com/> >> >> > > > >> >> > > > This message is intended only for the use of the individual or >> >> entity >> >> > to >> >> > > > which it is addressed and may contain information that is >> >> confidential >> >> > > > and/or privileged. If you are not the intended recipient please >> >> delete >> >> > > the >> >> > > > original message and any copy of it from your computer system. >> You >> >> are >> >> > > > hereby notified that any dissemination, distribution or copying >> of >> >> this >> >> > > > communication is strictly prohibited unless proper authorization >> has >> >> > been >> >> > > > obtained for such action. If you have received this >> communication in >> >> > > error, >> >> > > > please notify the sender immediately. Although IndiQus attempts >> to >> >> > sweep >> >> > > > e-mail and attachments for viruses, it does not guarantee that >> both >> >> are >> >> > > > virus-free and accepts no liability for any damage sustained as a >> >> > result >> >> > > of >> >> > > > viruses. >> >> > > > >> >> > > > > On 23-Jul-2020, at 3:43 PM, Craig Dunn < >> sendai...@googlemail.com >> >> > > .INVALID> >> >> > > > wrote: >> >> > > > > >> >> > > > > Hi, >> >> > > > > >> >> > > > > I have found a leases file BUT it only specifies the IP of the >> VM >> >> > > itself >> >> > > > > and not the gateway (which is where DHCP is served) >> >> > > > > >> >> > > > > [root@VM-222c78e8-a8f7-4746-b28b-6f1b66bdf34b NetworkManager]# >> >> cat >> >> > > > > internal-3e6e8f47-404a-46a9-9ad2-1b2a9217384a-ens35.lease >> >> > > > > # This is private data. Do not parse. >> >> > > > > ADDRESS=192.168.81.40 >> >> > > > > >> >> > > > > this is in the /var/lib/NetworkManager folder >> >> > > > > >> >> > > > > if I run the script manually specifying the IP it doesnt change >> >> > > anything >> >> > > > > >> >> > > > > Thanks >> >> > > > > >> >> > > > > On Thu, 23 Jul 2020 at 10:31, Craig Dunn < >> >> sendai...@googlemail.com> >> >> > > > wrote: >> >> > > > > >> >> > > > >> Hi Vivek, >> >> > > > >> >> >> > > > >> thanks for the response, seems its fallen at the first hurdle >> the >> >> > > > >> /var/lib/dhclient folder is empty so, i`ll look into why thats >> >> not >> >> > > being >> >> > > > >> generated. >> >> > > > >> >> >> > > > >> I have password enabled set on the template, I thought cloud >> init >> >> > and >> >> > > > the >> >> > > > >> script were two different ways of achieving the same thing? Or >> >> does >> >> > > the >> >> > > > >> script actually require it as a prerequisite? >> >> > > > >> >> >> > > > >> Thanks >> >> > > > >> >> >> > > > >> On Thu, 23 Jul 2020 at 10:03, Vivek Kumar < >> >> vivek.ku...@indiqus.com >> >> > > > .invalid> >> >> > > > >> wrote: >> >> > > > >> >> >> > > > >>> Hello Craig, >> >> > > > >>> >> >> > > > >>> So setup-password scripts works from inside of the VM. If you >> >> just >> >> > > look >> >> > > > >>> on the script - >> >> > > > >>> >> >> > > > >>> 1- First it finds the DHCP server IP from lease file. So make >> >> sure >> >> > > that >> >> > > > >>> you are getting you lease file in your any of the folder >> >> mentioned >> >> > in >> >> > > > >>> script - i.e DHCP_FOLDERS="/var/lib/dhclient/* >> /var/lib/dhcp3/* >> >> > > > >>> /var/lib/dhcp/*”. Sometimes it does’t generate the lease >> file, >> >> So >> >> > you >> >> > > > have >> >> > > > >>> to check first why is it got generating the lease file. >> >> > > > >>> 2- Now just try to run the manual command to see wether you >> are >> >> > > > receiving >> >> > > > >>> any password or not i.e 'wget -q -t 3 -T 20 -O - --header >> >> > > > "DomU_Request: >> >> > > > >>> send_my_password" $PASSWORD_SERVER_IP:8080. Replace >> >> > $PASSWORD_SERVER >> >> > > > with >> >> > > > >>> you DHCP serve IP, which you can find in step -1 >> >> > > > >>> 3- If you are able to get things you wanted in Step-1 and >> Step-2 >> >> > then >> >> > > > run >> >> > > > >>> the script manually (It should reset the password by running >> >> > > manually ) >> >> > > > >>> weather to check if it is running on successfully on boot or >> >> not. >> >> > > > >>> 4- I am assuming that you have already enabled the password >> box >> >> in >> >> > > your >> >> > > > >>> templates and cloud-init installed on you template. >> >> > > > >>> >> >> > > > >>> >> >> > > > >>> >> >> > > > >>> Vivek Kumar >> >> > > > >>> Manager - Cloud & DevOps >> >> > > > >>> IndiQus Technologies >> >> > > > >>> 24*7 O +91 11 4055 1411 | M +91 7503460090 >> >> > > > >>> www.indiqus.com <http://indiqus.com/> >> >> > > > >>> >> >> > > > >>> This message is intended only for the use of the individual >> or >> >> > entity >> >> > > > to >> >> > > > >>> which it is addressed and may contain information that is >> >> > > confidential >> >> > > > >>> and/or privileged. If you are not the intended recipient >> please >> >> > > delete >> >> > > > the >> >> > > > >>> original message and any copy of it from your computer >> system. >> >> You >> >> > > are >> >> > > > >>> hereby notified that any dissemination, distribution or >> copying >> >> of >> >> > > this >> >> > > > >>> communication is strictly prohibited unless proper >> authorization >> >> > has >> >> > > > been >> >> > > > >>> obtained for such action. If you have received this >> >> communication >> >> > in >> >> > > > error, >> >> > > > >>> please notify the sender immediately. Although IndiQus >> attempts >> >> to >> >> > > > sweep >> >> > > > >>> e-mail and attachments for viruses, it does not guarantee >> that >> >> both >> >> > > are >> >> > > > >>> virus-free and accepts no liability for any damage sustained >> as >> >> a >> >> > > > result of >> >> > > > >>> viruses. >> >> > > > >>> >> >> > > > >>>> On 23-Jul-2020, at 2:01 PM, Craig Dunn < >> >> sendai...@googlemail.com >> >> > > > .INVALID> >> >> > > > >>> wrote: >> >> > > > >>>> >> >> > > > >>>> Hi all, >> >> > > > >>>> >> >> > > > >>>> Just subscribed and after some advise. I'm trying to setup a >> >> new >> >> > > > Centos8 >> >> > > > >>>> template for our cloud platform. >> >> > > > >>>> >> >> > > > >>>> I want to use the guest password script so we can deploy >> and a >> >> > > > password >> >> > > > >>> is >> >> > > > >>>> generated on deployment but I'm having issues getting it to >> >> work. >> >> > > I'm >> >> > > > >>>> following this guide: >> >> > > > >>>> >> >> > > > >>>> >> >> > > > >>> >> >> > > > >> >> > > >> >> > >> >> >> http://docs.cloudstack.apache.org/projects/archived-cloudstack-administration/en/latest/templates/_password.html >> >> > > > >>>> >> >> > > > >>>> And it seems straightforward I have got the script in >> >> /etc/init.d >> >> > > and >> >> > > > >>> made >> >> > > > >>>> it executable and changed the permissions and run the >> chkconfig >> >> > > > command >> >> > > > >>> but >> >> > > > >>>> it still doesn't work, I have tried reverse engineering one >> of >> >> our >> >> > > > >>> working >> >> > > > >>>> templates (which I didn't do) but it doesn't seem obvious >> how >> >> it >> >> > > > >>> working. >> >> > > > >>>> Can anyone help or advise? >> >> > > > >>>> >> >> > > > >>>> Thanks >> >> > > > >>> >> >> > > > >>> >> >> > > > >> >> > > > >> >> > > >> >> > > -- >> >> > > >> >> > > Andrija Panić >> >> > > >> >> > >> >> >> >> >> >> -- >> >> >> >> Andrija Panić >> >> >> > >> >> -- >> >> Andrija Panić >> >