Bug 824615

Summary: Unable to ssh to the wordpress Apache machine
Product: CloudForms Cloud Engine Reporter: Chris Pelland <cpelland>
Component: aeolus-audrey-agentAssignee: Dan Radez <dradez>
Status: CLOSED ERRATA QA Contact: dgao
Severity: high Docs Contact:
Priority: unspecified    
Version: 1.0.0CC: athomas, cpelland, dajohnso, dgao, dmacpher, dradez, hbrock, jlaska, jrd, redakkan, sachua, whayutin
Target Milestone: 1.0.1Keywords: Rebase, ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
User-supplied tooling scripts can render an instance unusable if they hang and never return. All user tooling scripts should be fully tested before including them in a deployable. If user is unable to ssh into an instance launched on EC2, it is possible the user tooling script hung and never completed. If this occurs, manually test the user tooling script in a manually launched EC2 instance.
Story Points: ---
Clone Of: 816104 Environment:
Last Closed: 2012-07-10 03:23:08 EDT Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Bug Depends On: 816104    
Bug Blocks:    

Description Chris Pelland 2012-05-23 16:27:10 EDT
+++ This bug was initially created as a clone of Bug #816104 +++

Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.Launch instances using wordpress application blueprint.
2. Observed that ssh to Apache machine was failing, but i could ssh to mysql machine with out any issue.

log:
ssh -v -i wrdpress-multi-ec2_apache_1335345356_key_70284478636280.pem root@ec2-23-20-71-201.compute-1.amazonaws.com
OpenSSH_5.8p2, OpenSSL 1.0.0h-fips 12 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to ec2-23-20-71-201.compute-1.amazonaws.com [23.20.71.201] port 22.
debug1: Connection established.
debug1: identity file wrdpress-multi-ec2_apache_1335345356_key_70284478636280.pem type -1
debug1: identity file wrdpress-multi-ec2_apache_1335345356_key_70284478636280.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 26:ac:5f:63:4e:a4:87:96:8f:fd:1f:ef:59:fe:38:3f
debug1: Host 'ec2-23-20-71-201.compute-1.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /home/rehana/.ssh/known_hosts:118
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1000' not found

debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1000' not found

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Next authentication method: publickey
debug1: Trying private key: wrdpress-multi-ec2_apache_1335345356_key_70284478636280.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
  
Actual results:
unable to ssh to Apache machine

Expected results:
Should be able to ssh to Apache machine

Additional info:

 rpm -qa | grep aeolus
aeolus-conductor-0.8.13-1.el6_2.noarch
aeolus-configure-2.5.3-1.el6.noarch
rubygem-aeolus-image-0.3.0-12.el6.noarch
rubygem-aeolus-cli-0.3.1-1.el6.noarch
aeolus-all-0.8.13-1.el6_2.noarch
aeolus-conductor-doc-0.8.13-1.el6_2.noarch
aeolus-conductor-daemons-0.8.13-1.el6_2.noarch
Comment 2 sachua 2012-06-06 00:37:38 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
User-supplied tooling scripts can render an instance unusable if they hang and never return. All user tooling scripts should be fully tested before including them in a deployable. If user is unable to ssh into an instance launched on EC2, it is possible the user tooling script hung and never completed. If this occurs, manually test the user tooling script in a manually launched EC2 instance.
Comment 3 dgao 2012-06-20 14:02:46 EDT
[root@dhcp77-213 ~]# rpm -qa | grep "aeolus-audrey"
aeolus-audrey-agent-0.4.9-1.el6_2.noarch


2012-06-19 07:38:12,886 - INFO    : audrey:951 Invoked CSClient.get_cs_tooling()
2012-06-19 07:38:12,929 - INFO    : audrey:683 Invoked unpack_tooling()
2012-06-19 07:38:12,936 - INFO    : audrey:908 Invoked CSClient.get_cs_configs()
2012-06-19 07:38:12,976 - INFO    : audrey:1369 No configuration parameters provided. status: 202
.
.
.

2012-06-19 07:48:18,513 - INFO    : audrey:908 Invoked CSClient.get_cs_configs()
2012-06-19 07:48:18,560 - INFO    : audrey:1369 No configuration parameters provided. status: 202

Audrey agent exits after 10mins. Verified.
Comment 5 errata-xmlrpc 2012-07-10 03:23:08 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-1063.html