Hey Aaron,
I found that the post_load() routine is called from the new.pm. But as the
image has not set the up external_sshd etc the commands in the routine
fail, however those commands as far as i understand are only used hide rsa
keys and root password. These action can be performed from my module, and
thus making the call for post_load() unnecessary. So I let the request
continue even if the post_load commands fail to see what will happen.
What I saw was that procedure continued without a problem and started
logging into the machine to adding user etc. However when the connect
button was available on the web-interface the IP that it gave was 127.0.0.1
so i when back to the log and found the following.
1.1.1.1 represents the public ip of the instance, i replaced here with the
dummy one for security reasons.
2010-08-17 16:27:03|31471|6:6|new|utils.pm:getdynamicaddress(1605)|
PrivateIP address for ibm1 collected 1.1.1.1
2010-08-17 16:27:03|31471|6:6|new|utils.pm:run_ssh_command(6180)|
executing SSH command on ibm1:
|31471|6:6|new| /usr/bin/ssh -i /etc/vcl/vclsandbox_rsa -l root -p 22
-x ibm1 '/sbin/ifconfig |grep inet' 2>&1
2010-08-17 16:27:04|31471|6:6|new|utils.pm:run_ssh_command(6262)|
run_ssh_command output:
|31471|6:6|new| inet addr:1.1.1.1 Bcast:170.224.175.255
Mask:255.255.240.0
|31471|6:6|new| inet6 addr: fe80::dcad:beff:feef:1510/64 Scope:Link
|31471|6:6|new| inet addr:127.0.0.1 Mask:255.0.0.0
|31471|6:6|new| inet6 addr: ::1/128 Scope:Host
2010-08-17 16:27:04|31471|6:6|new|utils.pm:run_ssh_command(6276)|SSH
command executed on ibm1, returning (0, "inet addr:1.1.1.1 Bcas...")
2010-08-17 16:27:04|31471|6:6|new|utils.pm:getdynamicaddress(1652)|
dynamic IP address for ibm1 collected: 127.0.0.1
2010-08-17 16:27:04|31471|6:6|new|new.pm:reserve_computer(1033)|
retrieved dynamic DHCP IP address from 127.0.0.1: 127.0.0.1
2010-08-17 16:27:04|31471|6:6|new|DataStructure.pm:_automethod(697)|data
structure updated: $self->request_data->
{reservation}{6}{computer}{IPaddress}
|31471|6:6|new| computer_ip_address = 127.0.0.1
Now because I was able to monitor the progress from the IBM Cloud as well I
found out the IP that I needed and was able to log into the image with the
credentials provided by VCL. So the only problem that I can see is that VCL
fetched the wrong IP. Any idea why this happened?
Best Regards,
Milen Paskov
WSTI Intern
[email protected]
|------------>
| From: |
|------------>
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|Aaron Peeler <[email protected]>
|
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|------------>
| To: |
|------------>
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|[email protected]
|
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|------------>
| Date: |
|------------>
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|08/17/2010 12:18 PM
|
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|------------>
| Subject: |
|------------>
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|Re: Setting up Base Image
|
>--------------------------------------------------------------------------------------------------------------------------------------------------|
In the upcoming release, rc.local will be overwritten on image capture
by the OS/Linux.pm module.
a post_load script would probably be a good way to go until we can make
the dependency on two networks optional.
Aaron
On 8/17/10 10:55 AM, Milen P Paskov wrote:
>
> Hey Josh,
>
> Regarding the first question I was able to modify the image so I can
> ssh in as root.
>
> Regarding the fooling I was think more about making minor changes to
> the script /etc/rc.local (suggested in the guide to created Base
> Image), located on the image, as well as implement my own version of
> post_load(). What I do not know is what needs to be done after the
> image has started up before handing it to the end user. If some of the
> action required different approach then the one already defined in VCL
> i can rewrite them for my module.
>
> Best Regards,
> Milen Paskov
> WSTI Intern
> [email protected]
>
> Inactive hide details for Josh Thompson ---08/17/2010 09:24:24
> AM--------BEGIN PGP SIGNED MESSAGE----- Hash: SHA1Josh Thompson
> ---08/17/2010 09:24:24 AM--------BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>
>
> From:
> Josh Thompson <[email protected]>
>
> To:
> [email protected]
>
> Date:
> 08/17/2010 09:24 AM
>
> Subject:
> Re: Setting up Base Image
>
> ------------------------------------------------------------------------
>
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Monday August 16, 2010, Milen P Paskov wrote:
> > Hello Community,
> >
> > I have made some progress with the provisioning module that will
> > communicate with IBM Cloud, now I need to set up the image on the cloud
> > properly so that VCL can access them.
> >
> > I am been following this documentation:
> >
> https://cwiki.apache.org/confluence/display/VCL/Create+a+Linux+Base+Image
> >
> > I have come across two problems.
> > 1. Currently the images are set so that you can not ssh directly as
root
> > user, but it is possible to use "sudo bash" once logged on. Is there
> a way
> > to modify the image so I can directly ssh as root as required by vcl?
>
> man sshd_config - look for PermitRootLogin
>
> > 2. Once the IBM Cloud provisions the image it has only access to one
> > network (I am given one IP, through which I can connect) a public
> one. Is
> > it possible to fool VCL to use the public network to log in and make
the
> > necessary changes to the image before giving to the end users?
>
> One of the backend guys will have to answer this part, but keep in
> mind that
> when you "fool" part of a system, you are often going against underlying
> assumptions upon which the system was built. This can result in a
> long trail
> of fooling one part, then another part, then another one, etc.
>
> Josh
>
> > Any help would be greatly appreciated.
> >
> > Best Regards,
> > Milen Paskov
> > WSTI Intern
> > [email protected]
> >
> - --
> - -------------------------------
> Josh Thompson
> Systems Programmer
> Advanced Computing | VCL Developer
> North Carolina State University
>
> [email protected]
> 919-515-5323
>
> my GPG/PGP key can be found at pgp.mit.edu
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.14 (GNU/Linux)
>
> iEYEARECAAYFAkxqjIYACgkQV/LQcNdtPQNoBwCfXhiNXkiYJotVWID1QcaMQ9SP
> xFoAniAl3Fq5etPpoVjKYAyAQa7PHLsA
> =clPU
> -----END PGP SIGNATURE-----
>
>
--
Aaron Peeler
Program Manager
Virtual Computing Lab
NC State University
[email protected]
919-513-4571
