OpenStack L 版密钥的方式无法登录

  我从CentOS和Ubuntu官方下载了qcow2的镜像，大家应该知道，这些镜像并不会告知密码。所以在Openstack使用访问&安全－－密钥对，下载了密钥对后使用ssh -i的方式登录。    ssh -i soshare.pem root@192.168.131.217 登录虚拟机，还会提示输入密码。创建虚拟机时候选择了soshare这个密钥对。
现在存在问题是，虚拟机启动慢，貌似在等待什么。然后就是所有的官方镜像都无法通过ssh 注入方式，然后终端无密码登录。
在Dashboard中日志如下

[  256.794792] cloud-init[747]: 2016-04-01 07:37:02,953 - url_helper.py[WARNING]: Calling 'http://192.168.134.200/latest/meta-data/instance-id' failed [119/120s]: request error [('Connection aborted.', BlockingIOError(115, 'Operation now in progress'))]

[ 67.751296] cloud-init[745]: 2016-04-01 08:07:19,022 - url_helper.py[WARNING]: Calling 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [51/120s]: request error [HTTPConnectionPool(host='169.254.169.254', port=80): Max retries exceeded with url: /2009-04-04/meta-data/instance-id (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7fe99c7e7940>, 'Connection to 169.254.169.254 timed out. (connect timeout=50.0)'))]

[  263.196095] cloud-init[745]: 2016-04-01 08:10:34,474 - DataSourceCloudStack.py[CRITICAL]: Giving up on waiting for the metadata from ['http://192.168.134.200/latest/meta-data/instance-id'] after 126 seconds

[  271.405827] cloud-init[789]: 2016-04-01 09:27:11,630 - url_helper.py[WARNING]: Calling 'http://192.168.134.200//latest/meta-data/instance-id' failed [87/120s]: unexpected error ['NoneType' object has no attribute 'status_code']

[  298.998119] cloud-init[2088]: ci-info: no authorized ssh keys fingerprints found for user centos.

操作方面我对比了下论坛老帖子，感觉操作上面应该没有问题。毕竟K版我就是这么用的。妥妥的无密码登录，这回不知道怎么了。http://www.aboutyun.com/thread-6499-1-1.html

还麻烦高手帮忙看下。

goldtimes · 发表于 2016-4-1 18:32:18

官方的镜像是提供用户名和密码的。
先创建实例，然后启动实例，开机界面中显示了用户名和密码

myufo · 发表于 2016-4-1 18:35:58

goldtimes 发表于 2016-4-1 18:32
官方的镜像是提供用户名和密码的。
先创建实例，然后启动实例，开机界面中显示了用户名和密码

只有cirros系统会把密码打印成日志啊。其他ubuntu和centos都没有的。看下面我的实际日志

[[32m OK [0m] Started Authenticate and Authorize Users to Run Privileged Tasks.accounts-daemon.service[[32m OK [0m] Started Accounts Service.[[32m OK [0m] Started Wait for all "auto" /etc/ne...be up for network-online.target.[[32m OK [0m] Reached target Network is Online. Starting LSB: Cleans up any mess left by 0dns-up...ifup-wait-all-auto.service[[32m OK [0m] Started LSB: Cleans up any mess left by 0dns-up.dns-clean.servicetmp-tmpaqrautyw.mount[ 5.935899] cloud-init[578]: Cloud-init v. 0.7.7 running 'init-local' at Fri, 01 Apr 2016 09:03:40 +0000. Up 5.62 seconds.cloud-init-local.service[[32m OK [0m] Started Initial cloud-init job (pre-networking). Starting Initial cloud-init job (metadata service crawler)...tmp-tmp87xl72gs.mount[ 67.195046] cloud-init[745]: Cloud-init v. 0.7.7 running 'init' at Fri, 01 Apr 2016 09:03:40 +0000. Up 6.32 seconds.[ 67.195668] cloud-init[745]: ci-info: ++++++++++++++++++++++++++++++++++++++Net device info+++++++++++++++++++++++++++++++++++++++[ 67.195967] cloud-init[745]: ci-info: +--------+------+------------------------------+---------------+-------+-------------------+[ 67.196355] cloud-init[745]: ci-info: | Device | Up | Address | Mask | Scope | Hw-Address |[ 67.196656] cloud-init[745]: ci-info: +--------+------+------------------------------+---------------+-------+-------------------+[ 67.196960] cloud-init[745]: ci-info: | lo | True | 127.0.0.1 | 255.0.0.0 | . | . |[ 67.197296] cloud-init[745]: ci-info: | lo | True | ::1/128 | . | host | . |[ 67.197601] cloud-init[745]: ci-info: | eth0 | True | 192.168.134.216 | 255.255.255.0 | . | fa:16:3e:d4:6c:90 |[ 67.197901] cloud-init[745]: ci-info: | eth0 | True | fe80::f816:3eff:fed4:6c90/64 | . | link | fa:16:3e:d4:6c:90 |[ 67.198221] cloud-init[745]: ci-info: +--------+------+------------------------------+---------------+-------+-------------------+[ 67.198518] cloud-init[745]: ci-info: ++++++++++++++++++++++++++++++++Route IPv4 info++++++++++++++++++++++++++++++++[ 67.198814] cloud-init[745]: ci-info: +-------+---------------+-----------------+---------------+-----------+-------+[ 67.199129] cloud-init[745]: ci-info: | Route | Destination | Gateway | Genmask | Interface | Flags |[ 67.199433] cloud-init[745]: ci-info: +-------+---------------+-----------------+---------------+-----------+-------+[ 67.199732] cloud-init[745]: ci-info: | 0 | 0.0.0.0 | 192.168.134.254 | 0.0.0.0 | eth0 | UG |[ 67.200051] cloud-init[745]: ci-info: | 1 | 192.168.134.0 | 0.0.0.0 | 255.255.255.0 | eth0 | U |[ 67.200476] cloud-init[745]: ci-info: +-------+---------------+-----------------+---------------+-----------+-------+

goldtimes · 发表于 2016-4-1 18:40:48

myufo 发表于 2016-4-1 18:35
只有cirros系统会把密码打印成日志啊。其他ubuntu和centos都没有的。看下面我的实际日志

[[32m OK ...

那就是注入的问题，确保本地和服务器密钥是成对的

myufo · 发表于 2016-4-2 08:48:58

goldtimes 发表于 2016-4-1 18:40
那就是注入的问题，确保本地和服务器密钥是成对的

注入的服务是谁来负责？我看了计算节点的nova日志，没有记录。

goldtimes · 发表于 2016-4-2 09:11:32

myufo 发表于 2016-4-2 08:48
注入的服务是谁来负责？我看了计算节点的nova日志，没有记录。

应该是Nova
这里有篇文章，希望对楼主有帮助
OpenStack文件注入相关分析
http://www.aboutyun.com/forum.php?mod=viewthread&tid=9833

myufo · 发表于 2016-4-6 10:19:32

自己回答下，有两个方面导致
/etc/neutron/dhcp_agent.ini
enable_isolated_metadata = True 这个被我注了。（应打开）

控制节点的
/etc/nova/nova.conf
metadata_proxy_shared_secret = 这条我给配了个空，当时也不知怎么想的。应该配metadata的密码。

图文精华

OpenStack L 版密钥的方式无法登录

相关帖子

已有(6)人评论

推荐 /2