Closed
Bug 1338557
Opened 8 years ago
Closed 8 years ago
Please add pmoore public key to authorized_keys file of cltbld/root user of t-yosemite-r7-{0040..0049}
Categories
(Infrastructure & Operations Graveyard :: CIDuty, task)
Infrastructure & Operations Graveyard
CIDuty
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: pmoore, Assigned: aselagea)
References
Details
Attachments
(2 files)
245 bytes,
text/plain
|
Details | |
663 bytes,
patch
|
coop
:
review+
aselagea
:
checked-in+
|
Details | Diff | Splinter Review |
I'm also working on bb->tc OS X worker migration, so will need access to these machines.
Many thanks!
Reporter | ||
Comment 1•8 years ago
|
||
Based on https://bugzilla.mozilla.org/show_bug.cgi?id=1298437#c25 is a WONTFIX.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
Reporter | ||
Comment 2•8 years ago
|
||
It looks like puppet resets password, and authorized_keys for root user, so it looks like it will be best to get me added after all.
I've reduced the range of machines, as in the meantime, 10 machines have been returned to the pool, so this is now just for t-yosemite-r7-{0040..0049}.
Many thanks,
Pete
Status: RESOLVED → REOPENED
Flags: needinfo?(aselagea)
Resolution: WONTFIX → ---
Summary: Please add pmoore public key to authorized_keys file of cltbld user of t-yosemite-r7-{0040..0059} → Please add pmoore public key to authorized_keys file of cltbld user of t-yosemite-r7-{0040..0049}
Reporter | ||
Updated•8 years ago
|
Summary: Please add pmoore public key to authorized_keys file of cltbld user of t-yosemite-r7-{0040..0049} → Please add pmoore public key to authorized_keys file of cltbld/root user of t-yosemite-r7-{0040..0049}
Assignee | ||
Updated•8 years ago
|
Assignee: nobody → aselagea
Flags: needinfo?(aselagea)
Assignee | ||
Comment 3•8 years ago
|
||
I think this should do it.
Attachment #8836729 -
Flags: review?(coop)
Updated•8 years ago
|
Attachment #8836729 -
Flags: review?(coop) → review+
Assignee | ||
Comment 4•8 years ago
|
||
Comment on attachment 8836729 [details] [diff] [review]
bug_1338557.patch
https://hg.mozilla.org/build/puppet/rev/3e8583e1cd0d
https://hg.mozilla.org/build/puppet/rev/b23ee209ad53
Attachment #8836729 -
Flags: checked-in+
Assignee | ||
Comment 5•8 years ago
|
||
These machines will need another puppet run for the changes to be applied.
Reporter | ||
Comment 7•8 years ago
|
||
Wander, would you be able to reboot them all for me? Many thanks!
Comment 8•8 years ago
|
||
(In reply to Pete Moore [:pmoore][:pete] from comment #7)
> Wander, would you be able to reboot them all for me? Many thanks!
Done, except by machine 45 that I can't ssh.
Flags: needinfo?(wcosta)
Reporter | ||
Comment 9•8 years ago
|
||
pmoore@Petes-iMac:~ $ ssh pmoore@t-yosemite-r7-0040
pmoore@t-yosemite-r7-0040's password:
pmoore@Petes-iMac:~ $ ssh root@t-yosemite-r7-0040
root@t-yosemite-r7-0040's password:
pmoore@Petes-iMac:~ $ ssh cltbld@t-yosemite-r7-0040
cltbld@t-yosemite-r7-0040's password:
pmoore@Petes-iMac:~ $ ssh pmoore@t-yosemite-r7-0041
pmoore@t-yosemite-r7-0041's password:
pmoore@Petes-iMac:~ $ ssh root@t-yosemite-r7-0041
root@t-yosemite-r7-0041's password:
pmoore@Petes-iMac:~ $ ssh cltbld@t-yosemite-r7-0041
cltbld@t-yosemite-r7-0041's password:
pmoore@Petes-iMac:~ $ ssh pmoore@t-yosemite-r7-0042
pmoore@t-yosemite-r7-0042's password:
pmoore@Petes-iMac:~ $ ssh root@t-yosemite-r7-0042
root@t-yosemite-r7-0042's password:
pmoore@Petes-iMac:~ $ ssh cltbld@t-yosemite-r7-0042
cltbld@t-yosemite-r7-0042's password:
pmoore@Petes-iMac:~ $ ssh pmoore@t-yosemite-r7-0043
pmoore@t-yosemite-r7-0043's password:
pmoore@Petes-iMac:~ $ ssh root@t-yosemite-r7-0043
root@t-yosemite-r7-0043's password:
pmoore@Petes-iMac:~ $ ssh cltbld@t-yosemite-r7-0043
cltbld@t-yosemite-r7-0043's password:
pmoore@Petes-iMac:~ $
Hi Wander, Alin, I couldn't access the machines ^^^ - am I doing something wrong?
Flags: needinfo?(wcosta)
Flags: needinfo?(aselagea)
Assignee | ||
Comment 11•8 years ago
|
||
For some reason, Pete's public key is not found when running puppet:
Mon Feb 13 13:54:51 -0800 2017 Puppet (err): Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to realize virtual resources Users::Person[pmoore] on node t-yosemite-r7-0041.test.releng.scl3.mozilla.com
Mon Feb 13 13:54:51 -0800 2017 Puppet (err): Could not retrieve catalog; skipping run
I checked the hiera file and the key is present there though.
Flags: needinfo?(aselagea)
Assignee | ||
Comment 12•8 years ago
|
||
This line seems to be the issue: https://dxr.mozilla.org/build-central/source/puppet/manifests/moco-nodes.pp#15
It looks to me that the old approach to ensure access to a certain person is not valid anymore.
I did some testing by removing that line and noticed the key was properly added to the machine. However, I think we should have a prior verification step here to ensure that the key is actually present in hiera.
Some suggestions would be much appreciated.
Comment 13•8 years ago
|
||
(In reply to Alin Selagea [:aselagea][:buildduty] from comment #12)
> This line seems to be the issue:
> https://dxr.mozilla.org/build-central/source/puppet/manifests/moco-nodes.
> pp#15
> It looks to me that the old approach to ensure access to a certain person is
> not valid anymore.
>
> I did some testing by removing that line and noticed the key was properly
> added to the machine. However, I think we should have a prior verification
> step here to ensure that the key is actually present in hiera.
> Some suggestions would be much appreciated.
How did you add my ssh key?
Flags: needinfo?(aselagea)
Assignee | ||
Comment 14•8 years ago
|
||
(In reply to Wander Lairson Costa [:wcosta] from comment #13)
> (In reply to Alin Selagea [:aselagea][:buildduty] from comment #12)
> > This line seems to be the issue:
> > https://dxr.mozilla.org/build-central/source/puppet/manifests/moco-nodes.
> > pp#15
> > It looks to me that the old approach to ensure access to a certain person is
> > not valid anymore.
> >
> > I did some testing by removing that line and noticed the key was properly
> > added to the machine. However, I think we should have a prior verification
> > step here to ensure that the key is actually present in hiera.
> > Some suggestions would be much appreciated.
>
> How did you add my ssh key?
Your key was already added in hiera.
The thing is the "realize" statement resulted in an error which caused the puppet run to fail (and thus, your key could not be added to those machines).
I removed that line and rebooted the machines to force a new puppet run.
https://hg.mozilla.org/build/puppet/rev/64dc854fda8a
https://hg.mozilla.org/build/puppet/rev/5b08e82bcf9d
Checked several machines and your key is now present there, so you should be able to login.
I think we'll still need to figure out a way to make sure the key is actually present in hiera before using it, but that is not a blocker right now.
Flags: needinfo?(aselagea)
Reporter | ||
Comment 15•8 years ago
|
||
Many thanks Alin! I can access machines now - perfect. :-)
(In reply to Alin Selagea [:aselagea][:buildduty] from comment #14)
> (In reply to Wander Lairson Costa [:wcosta] from comment #13)
> > How did you add my ssh key?
> Your key was already added in hiera.
Comment 13 was from wcosta not from me... ;)
Assignee | ||
Updated•8 years ago
|
Status: REOPENED → RESOLVED
Closed: 8 years ago → 8 years ago
Resolution: --- → FIXED
Updated•7 years ago
|
Product: Release Engineering → Infrastructure & Operations
Updated•5 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•