Version: Grizzly on rhel6.4 with openstack-packstack-2013.1.1-0.20.dev632.el6ost. Description: Packstack asks for ssh password more than once per machine instead of setting up the ssh keys as a first step. Note that sometimes packstack asks for ssh password only once per machine, however I couldn't point on the difference that makes that happen. # packstack --answer-file=ANSWER_FILE Welcome to Installer setup utility Installing: Clean Up... [ DONE ] OS support check...root.160.29's password: root.160.27's password: [ DONE ] Adding pre install manifest entries... [ DONE ] Installing time synchronization via NTP... [ DONE ] Setting up ssh keys...root.160.29's password: root.160.27's password: ...
I think that this reproduces on disributed installation rather than all-in-one.
I wasn't able to reproduce this. Do you have a reproducer for it?
Yes, I managed to reporoduce that, I think that default answer file with CONFIG_NOVA_COMPUTE_HOSTS changed to another ip make this happens: openstack-packstack-2013.1.1-0.23.dev642.el6ost # packstack --answer-file=ANSWER_FILE Welcome to Installer setup utility Installing: Clean Up... [ DONE ] OS support check...root.160.23's password: root.160.25's password: [ DONE ] Adding pre install manifest entries... [ DONE ] Installing time synchronization via NTP... [ DONE ] Setting up ssh keys...root.160.23's password: root.160.25's password: [ DONE ] Adding MySQL manifest entries... [ DONE ] ... =================================================================== The answer file (removed the ntp server from it): [general] # Path to a Public key to install on servers. If a usable key has not # been installed on the remote servers the user will be prompted for a # password and this key will be installed so the password will not be # required again CONFIG_SSH_KEY=/root/.ssh/id_rsa.pub # Set to 'y' if you would like Packstack to install Glance CONFIG_GLANCE_INSTALL=y # Set to 'y' if you would like Packstack to install Cinder CONFIG_CINDER_INSTALL=y # Set to 'y' if you would like Packstack to install Nova CONFIG_NOVA_INSTALL=y # Set to 'y' if you would like Packstack to install Quantum CONFIG_QUANTUM_INSTALL=y # Set to 'y' if you would like Packstack to install Horizon CONFIG_HORIZON_INSTALL=y # Set to 'y' if you would like Packstack to install Swift CONFIG_SWIFT_INSTALL=n # Set to 'y' if you would like Packstack to install the OpenStack # Client packages. An admin "rc" file will also be installed CONFIG_CLIENT_INSTALL=y # Comma separated list of NTP servers. Leave plain if Packstack # should not install ntpd on instances. CONFIG_NTP_SERVERS=<snip> # Set to 'y' if you would like Packstack to install Nagios to monitor # openstack hosts CONFIG_NAGIOS_INSTALL=n # The IP address of the server on which to install MySQL CONFIG_MYSQL_HOST=10.35.160.23 # Username for the MySQL admin user CONFIG_MYSQL_USER=root # Password for the MySQL admin user CONFIG_MYSQL_PW=123456 # The IP address of the server on which to install the QPID service CONFIG_QPID_HOST=10.35.160.23 CONFIG_KEYSTONE_TOKEN_FORMAT=UUID # The IP address of the server on which to install Keystone CONFIG_KEYSTONE_HOST=10.35.160.23 # The password to use for the Keystone to access DB CONFIG_KEYSTONE_DB_PW=123456 # The token to use for the Keystone service api CONFIG_KEYSTONE_ADMIN_TOKEN=dc93b668b4bb43a3833333dca3b4cb58 # The password to use for the Keystone admin user CONFIG_KEYSTONE_ADMIN_PW=123456 # The IP address of the server on which to install Glance CONFIG_GLANCE_HOST=10.35.160.23 # The password to use for the Glance to access DB CONFIG_GLANCE_DB_PW=123456 # The password to use for the Glance to authenticate with Keystone CONFIG_GLANCE_KS_PW=123456 # The IP address of the server on which to install Cinder CONFIG_CINDER_HOST=10.35.160.23 # The password to use for the Cinder to access DB CONFIG_CINDER_DB_PW=123456 # The password to use for the Cinder to authenticate with Keystone CONFIG_CINDER_KS_PW=123456 # Create Cinder's volumes group. This should only be done for testing # on a proof-of-concept installation of Cinder. This will create a # file-backed volume group and is not suitable for production usage. CONFIG_CINDER_VOLUMES_CREATE=y # Cinder's volumes group size CONFIG_CINDER_VOLUMES_SIZE=20G # The IP address of the server on which to install the Nova API # service CONFIG_NOVA_API_HOST=10.35.160.23 # The IP address of the server on which to install the Nova Cert # service CONFIG_NOVA_CERT_HOST=10.35.160.23 # The IP address of the server on which to install the Nova VNC proxy CONFIG_NOVA_VNCPROXY_HOST=10.35.160.23 # A comma separated list of IP addresses on which to install the Nova # Compute services CONFIG_NOVA_COMPUTE_HOSTS=10.35.160.25 # Private interface for Flat DHCP on the Nova compute servers CONFIG_NOVA_COMPUTE_PRIVIF=eth3 # The IP address of the server on which to install the Nova Network # service CONFIG_NOVA_NETWORK_HOST=10.35.160.23 # The IP address of the server on which to install the Nova Conductor # service CONFIG_NOVA_CONDUCTOR_HOST=10.35.160.23 # The password to use for the Nova to access DB CONFIG_NOVA_DB_PW=123456 CONFIG_QUANTUM_OVS_VLAN_RANGES= CONFIG_QUANTUM_OVS_BRIDGE_IFACES=br:eth3 # The password to use for the Nova to authenticate with Keystone CONFIG_NOVA_KS_PW=123456 # Public interface on the Nova network server CONFIG_NOVA_NETWORK_PUBIF=eth2 # Private interface for Flat DHCP on the Nova network server CONFIG_NOVA_NETWORK_PRIVIF=eth2 # IP Range for Flat DHCP CONFIG_NOVA_NETWORK_FIXEDRANGE=172.16.0.0/24 # IP Range for Floating IP's CONFIG_NOVA_NETWORK_FLOATRANGE=10.35.164.0/24 # Name of the default floating pool to which the specified floating # ranges are added to CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL=nova # Automatically assign a floating IP to new instances CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP=n # The IP address of the server on which to install the Nova Scheduler # service CONFIG_NOVA_SCHED_HOST=10.35.160.23 # The overcommitment ratio for virtual to physical CPUs. Set to 1.0 # to disable CPU overcommitment CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO=16.0 # The overcommitment ratio for virtual to physical RAM. Set to 1.0 to # disable RAM overcommitment CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO=1.5 # The IP addresses of the server on which to install the Quantum # server CONFIG_QUANTUM_SERVER_HOST=10.35.160.23 # Enable network namespaces for Quantum CONFIG_QUANTUM_USE_NAMESPACES=y # The password to use for Quantum to authenticate with Keystone CONFIG_QUANTUM_KS_PW=123456 # The password to use for Quantum to access DB CONFIG_QUANTUM_DB_PW=123456 # A comma separated list of IP addresses on which to install Quantum # L3 agent CONFIG_QUANTUM_L3_HOSTS=10.35.160.23 # The name of the bridge that the Quantum L3 agent will use for # external traffic CONFIG_QUANTUM_L3_EXT_BRIDGE=br-ex # A comma separated list of IP addresses on which to install Quantum # DHCP plugin CONFIG_QUANTUM_DHCP_HOSTS=10.35.160.23 # The name of the L2 plugin to be used with Quantum CONFIG_QUANTUM_L2_PLUGIN=openvswitch # A comma separated list of IP addresses on which to install Quantum # metadata agent CONFIG_QUANTUM_METADATA_HOSTS=10.35.160.23 # A comma separated list of IP addresses on which to install Quantum # metadata agent CONFIG_QUANTUM_METADATA_PW=123456 # The type of network to allocate for tenant networks CONFIG_QUANTUM_LB_TENANT_NETWORK_TYPE=local # A comma separated list of VLAN ranges for the Quantum linuxbridge # plugin CONFIG_QUANTUM_LB_VLAN_RANGES= # A comma separated list of interface mappings for the Quantum # linuxbridge plugin CONFIG_QUANTUM_LB_INTERFACE_MAPPINGS= # Type of network to allocate for tenant networks CONFIG_QUANTUM_OVS_TENANT_NETWORK_TYPE=vlan # A comma separated list of VLAN ranges for the Quantum openvswitch # plugin CONFIG_QUANTUM_OVS_VLAN_RANGES=phy_vlan:186:187,ext_vlan:185:185 # A comma separated list of bridge mappings for the Quantum # openvswitch plugin CONFIG_QUANTUM_OVS_BRIDGE_MAPPINGS=phy_vlan:br-vlans # The IP address of the server on which to install the OpenStack # client packages. An admin "rc" file will also be installed CONFIG_OSCLIENT_HOST=10.35.160.23 # The IP address of the server on which to install Horizon CONFIG_HORIZON_HOST=10.35.160.23 # To set up Horizon communication over https set this to "y" CONFIG_HORIZON_SSL=n # PEM encoded certificate to be used for ssl on the https server, # leave blank if one should be generated, this certificate should not # require a passphrase CONFIG_SSL_CERT= # Keyfile corresponding to the certificate if one was entered CONFIG_SSL_KEY= # The IP address on which to install the Swift proxy service CONFIG_SWIFT_PROXY_HOSTS=10.35.160.23 # The password to use for the Swift to authenticate with Keystone CONFIG_SWIFT_KS_PW=123456 # A comma separated list of IP addresses on which to install the # Swift Storage services, each entry should take the format # <ipaddress>[/dev], for example 127.0.0.1/vdb will install /dev/vdb # on 127.0.0.1 as a swift storage device(packstack does not create the # filesystem, you must do this first), if /dev is omitted Packstack # will create a loopback device for a test setup CONFIG_SWIFT_STORAGE_HOSTS=10.35.160.23 # Number of swift storage zones, this number MUST be no bigger than # the number of storage devices configured CONFIG_SWIFT_STORAGE_ZONES=1 # Number of swift storage replicas, this number MUST be no bigger # than the number of storage zones configured CONFIG_SWIFT_STORAGE_REPLICAS=1 # FileSystem type for storage nodes CONFIG_SWIFT_STORAGE_FSTYPE=ext4 # To subscribe each server to EPEL enter "y" CONFIG_USE_EPEL=n # A comma separated list of URLs to any additional yum repositories # to install CONFIG_REPO= # To subscribe each server with Red Hat subscription manager, include # this with CONFIG_RH_PW CONFIG_RH_USER= # To subscribe each server with Red Hat subscription manager, include # this with CONFIG_RH_USER CONFIG_RH_PW= # To subscribe each server to Red Hat Enterprise Linux 6 Server Beta # channel (only needed for Preview versions of RHOS) enter "y" CONFIG_RH_BETA_REPO=n # To subscribe each server with RHN Satellite,fill Satellite's URL # here. Note that either satellite's username/password or activtion # key has to be provided/ CONFIG_SATELLITE_URL= # Username to access RHN Satellite CONFIG_SATELLITE_USER= # Password to access RHN Satellite CONFIG_SATELLITE_PW= # Activation key for subscription to RHN Satellite CONFIG_SATELLITE_AKEY= # Specify a path or URL to a SSL CA certificate to use CONFIG_SATELLITE_CACERT= # If required specify the profile name that should be used as an # identifier for the system in RHN Satellite CONFIG_SATELLITE_PROFILE= # Comma separated list of flags passed to rhnreg_ks. Valid flags are: # novirtinfo, norhnsd, nopackages CONFIG_SATELLITE_FLAGS= # Specify a HTTP proxy to use with RHN Satellite CONFIG_SATELLITE_PROXY= # Specify a username to use with an authenticated HTTP proxy CONFIG_SATELLITE_PROXY_USER= # Specify a password to use with an authenticated HTTP proxy. CONFIG_SATELLITE_PROXY_PW= # The IP address of the server on which to install the Nagios server CONFIG_NAGIOS_HOST=10.35.160.23 # The password of the nagiosadmin user on the Nagios server CONFIG_NAGIOS_PW=123456 # The IP address of the server on which to install the Nova Scheduler # service CONFIG_NOVA_SCHED_HOST=10.35.160.23 # The overcommitment ratio for virtual to physical CPUs. Set to 1.0 # to disable CPU overcommitment CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO=16.0 # The overcommitment ratio for virtual to physical RAM. Set to 1.0 to # disable RAM overcommitment CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO=1.5
Ah, now I see why it happens. In the time of OS check there is not ssh key set on the server node yet. Ok, will have to move OS check step later in the setup. Thanks for discovering it.
(In reply to Martin Magr from comment #4) > Ah, now I see why it happens. In the time of OS check there is not ssh key > set on the server node yet. Ok, will have to move OS check step later in the > setup. Thanks for discovering it. Verified NVR: openstack-packstack-2013.2.1-0.9.dev840.el6ost.noarch packstack asks for password only once: Setting up ssh keys...root@<IP_ADDRESS>'s password:
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2013-1859.html