Ask Your Question

Ubuntu Cloud Image: Key Injection [closed]

asked 2014-01-05 06:45:54 -0500

Mathias Ewald gravatar image

updated 2014-01-05 06:55:08 -0500

Hi, I am playing with VMwareESXDriver and Ubuntu Cloud Images for a couple of hour. Finally, I managed to sucessfully spawn an instance at all. Right now, the instance is powered on hangs a long while with only a "_" in the upper left corner of the console screen and then finally jumps right to the login prompt. The instance starts pinging way earlier though. But I believe that might be normal...

My actual problem is that after the instance seems to be up and running, I cannot SSH into it:

root@controller:~# nova keypair-list
| Name  | Fingerprint                                     |
| mykey | 3b:b1:fc:29:b2:24:37:c8:5f:10:f2:ba:ec:9c:ce:14 |
root@controller:~# ssh-keygen -lf ~/.ssh/
2048 3b:b1:fc:29:b2:24:37:c8:5f:10:f2:ba:ec:9c:ce:14  root@controller (RSA)
root@controller:~# ssh -i .ssh/id_rsa root@
Read from socket failed: Connection reset by peer
root@controller:~# ssh -i .ssh/id_rsa root@
Connection closed by
root@controller:~# ssh -i .ssh/id_rsa root@
Read from socket failed: Connection reset by peer
root@controller:~# telnet 22
Connected to
Escape character is '^]'.
SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
telnet> quit
Connection closed.
root@controller:~# ssh root@                                                                                                                                                                                                                                                                                   
Read from socket failed: Connection reset by peer
root@controller:~# ssh -v root@
OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to [] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer

I create my instances using

nova boot --flavor 2 --image 7a81cac3-91c9-427d-a08c-9a34b301bae5 --key-name mykey ubuntu01

so I assume a key should have been injected.

Now as I don't know about the mechanism being used to inject a key with VMwareESXiDriver, I cannot guess where the problem might be or what needs to be done to make it possible.

Any ideas? Looking at the output of ssh -v, I am not even sure its a key injection problem :( please help!

edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by koolhead17
close date 2014-02-17 14:18:34.662137


Does the output of "nova console-log <instance>" show anything useful? Unless you configured something specific in OpenStack, I *think* key injection will be done via the metadata service, but I'm not 100% on that.

jtopjian ( 2014-01-11 06:58:36 -0500 )edit

Do you have the nova-api-metadata service installed on the compute node which is using the VMwareESXiDriver?

scarecrow ( 2014-02-14 10:16:50 -0500 )edit

3 answers

Sort by ยป oldest newest most voted

answered 2014-02-17 02:10:18 -0500

rasca gravatar image

updated 2014-02-17 02:12:40 -0500

I finally find out what was the problem, and I saw it by using guestfish, since it was not working too. The command was this one:

guestfish --ro -a /var/lib/nova/instances/8bfb118a-ac1c-4634-9ec6-a6388693b4ba/disk -i

And the output this:

febootstrap-supermin-helper: ext2: parent directory not found: /lib: File not found by ext2_lookup

So I went deep into the supermin environment creation, finding out that there were a segfault while generating it:

root@compute1:~# update-guestfs-appliance
Segmentation fault

I don't know why I got this problem, but launching it on a different ubuntu fresh install ended up correctly and so I took the content of /usr/lib/guestfs/supermin.d/ and put it on my compute node. After this (which is obviously a workaround) kyes where correclty injected into the image (and guestfish command worked too).

edit flag offensive delete link more

answered 2014-02-16 00:31:58 -0500

mspreitz gravatar image

This symptom reminds me of the problem described here: (

There is an explanation with workaround late in the comments.

Can you reach the VM through the Horizon console?

edit flag offensive delete link more

answered 2014-02-14 06:19:03 -0500

rasca gravatar image

I have got exactly the same problem. Looking into the logs it seems that:

2014-02-14 11:48:14.908 1456 WARNING nova.virt.disk.api [req-3f48df30-d9ef-40ac-b847-369f2aca15c9 7387de194bf64179bd65fb7e88f1b3f8 2a039dd0fd424036a9657c971f6d13bf] Ignoring error injecting data into image (Error mounting /var/lib/nova/instances/71b9ea55-4bca-4cf6-a45b-c0c989ac3f33/disk with libguestfs (external command failed, see earlier error messages))

So, for some reason, the external command failed. The point is that there is no earlier message to read and libguestfs is correctly installed on the system.

edit flag offensive delete link more


Can you download the image from glance an manually inject a file using guestfish or others?

Mathias Ewald ( 2014-02-17 01:05:07 -0500 )edit

Hi Mathias, as I wrote in the new answer the problem is related to the update-guestfs-appliance and it's segfault while launching on my Precise LTS. The same command launched from a fresh Precise LTS install go fine. Don't know what else to check.

rasca ( 2014-02-17 02:14:54 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-01-05 06:45:54 -0500

Seen: 1,151 times

Last updated: Feb 17 '14