From df824ca8b33fdf928d51bd63d096dc887c700b78 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Stephan=20M=C3=BCller?= Date: Tue, 28 Jul 2020 20:36:30 +0200 Subject: [PATCH] cephadm: Update error message on host failure MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Now the error message explains how to add the ssh key to the not reachable host Fixes: https://tracker.ceph.com/issues/46551 Signed-off-by: Stephan Müller (cherry picked from commit 1bfb044518d8b771c8f6cac2396f636b0cbdf12e) --- doc/cephadm/adoption.rst | 4 ++-- doc/cephadm/troubleshooting.rst | 32 ++++++++++++++++---------------- src/pybind/mgr/cephadm/module.py | 12 ++++++++---- 3 files changed, 26 insertions(+), 22 deletions(-) diff --git a/doc/cephadm/adoption.rst b/doc/cephadm/adoption.rst index 701c3d75f5593..5c1d2ad1bca28 100644 --- a/doc/cephadm/adoption.rst +++ b/doc/cephadm/adoption.rst @@ -75,11 +75,11 @@ Adoption process #. Generate an SSH key:: # ceph cephadm generate-key - # ceph cephadm get-pub-key > ceph.pub + # ceph cephadm get-pub-key > ~/ceph.pub #. Install the cluster SSH key on each host in the cluster:: - # ssh-copy-id -f -i ceph.pub root@ + # ssh-copy-id -f -i ~/ceph.pub root@ .. note:: It is also possible to import an existing ssh key. See diff --git a/doc/cephadm/troubleshooting.rst b/doc/cephadm/troubleshooting.rst index a439b3d7d3f05..5d7a29c3a0649 100644 --- a/doc/cephadm/troubleshooting.rst +++ b/doc/cephadm/troubleshooting.rst @@ -110,44 +110,44 @@ ssh errors Error message:: - xxxxxx.gateway_bootstrap.HostNotFound: -F /tmp/cephadm-conf-kbqvkrkw root@10.10.1.2 - raise OrchestratorError('Failed to connect to %s (%s). Check that the host is reachable and accepts connections using the cephadm SSH key' % (host, addr)) from - orchestrator._interface.OrchestratorError: Failed to connect to 10.10.1.2 (10.10.1.2). Check that the host is reachable and accepts connections using the cephadm SSH key + execnet.gateway_bootstrap.HostNotFound: -F /tmp/cephadm-conf-73z09u6g -i /tmp/cephadm-identity-ky7ahp_5 root@10.10.1.2 + ... + raise OrchestratorError(msg) from e + orchestrator._interface.OrchestratorError: Failed to connect to 10.10.1.2 (10.10.1.2). + Please make sure that the host is reachable and accepts connections using the cephadm SSH key + ... Things users can do: 1. Ensure cephadm has an SSH identity key:: - - [root@mon1~]# cephadm shell -- ceph config-key get mgr/cephadm/ssh_identity_key > key + + [root@mon1~]# cephadm shell -- ceph config-key get mgr/cephadm/ssh_identity_key > ~/cephadm_private_key INFO:cephadm:Inferring fsid f8edc08a-7f17-11ea-8707-000c2915dd98 INFO:cephadm:Using recent ceph image docker.io/ceph/ceph:v15 obtained 'mgr/cephadm/ssh_identity_key' - [root@mon1 ~] # chmod 0600 key + [root@mon1 ~] # chmod 0600 ~/cephadm_private_key If this fails, cephadm doesn't have a key. Fix this by running the following command:: - + [root@mon1 ~]# cephadm shell -- ceph cephadm generate-ssh-key or:: - - [root@mon1 ~]# cat key | cephadm shell -- ceph cephadm set-ssk-key -i - + + [root@mon1 ~]# cat ~/cephadm_private_key | cephadm shell -- ceph cephadm set-ssk-key -i - 2. Ensure that the ssh config is correct:: - + [root@mon1 ~]# cephadm shell -- ceph cephadm get-ssh-config > config 3. Verify that we can connect to the host:: - - [root@mon1 ~]# ssh -F config -i key root@mon1 - - + [root@mon1 ~]# ssh -F config -i ~/cephadm_private_key root@mon1 Verifying that the Public Key is Listed in the authorized_keys file ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ To verify that the public key is in the authorized_keys file, run the following commands:: - [root@mon1 ~]# cephadm shell -- ceph config-key get mgr/cephadm/ssh_identity_pub > key.pub - [root@mon1 ~]# grep "`cat key.pub`" /root/.ssh/authorized_keys + [root@mon1 ~]# cephadm shell -- ceph cephadm get-pub-key > ~/ceph.pub + [root@mon1 ~]# grep "`cat ~/ceph.pub`" /root/.ssh/authorized_keys Failed to infer CIDR network error ---------------------------------- diff --git a/src/pybind/mgr/cephadm/module.py b/src/pybind/mgr/cephadm/module.py index 27e6ae0fe624b..13c60fbc2e6e7 100644 --- a/src/pybind/mgr/cephadm/module.py +++ b/src/pybind/mgr/cephadm/module.py @@ -1046,12 +1046,16 @@ class CephadmOrchestrator(orchestrator.Orchestrator, MgrModule): user = self.ssh_user if self.mode == 'root' else 'cephadm' msg = f'''Failed to connect to {host} ({addr}). -Check that the host is reachable and accepts connections using the cephadm SSH key +Please make sure that the host is reachable and accepts connections using the cephadm SSH key -you may want to run: +To add the cephadm SSH key to the host: +> ceph cephadm get-pub-key > ~/ceph.pub +> ssh-copy-id -f -i ~/ceph.pub {user}@{host} + +To check that the host is reachable: > ceph cephadm get-ssh-config > ssh_config -> ceph config-key get mgr/cephadm/ssh_identity_key > key -> ssh -F ssh_config -i key {user}@{host}''' +> ceph config-key get mgr/cephadm/ssh_identity_key > ~/cephadm_private_key +> ssh -F ssh_config -i ~/cephadm_private_key {user}@{host}''' raise OrchestratorError(msg) from e except Exception as ex: self.log.exception(ex) -- 2.39.5