=== harlowja is now known as harlowja_away
[15:17] <smoser> lotia, yes, you can do that or give user-data to do it.
[15:17] <smoser> ie, something that isn't well understood / known is that cloud-config provided by userdata == cloud-init configuration files in /etc/cloud/cloud.cfg.d/
=== harlowja_away is now known as harlowja
=== medberry is now known as med_
[21:10] <harmw> harlowja: I read yahoo switching to https on e-mail, probably related :)
[21:43] <harlowja> harmw i think so :-P
[21:46] <alevy> HI all, my ssh key does not seam to get imported from openstack when cloud-init runs. How would I debug this?
[21:47] <harlowja> alevy which datasource are u using with openstack?
[21:48] <harlowja> config drive?
[21:48] <harlowja> other?
[21:48] <harlowja> what version of cloud-init 
[21:51] <alevy> harlowja: im not sure what data source, how do I check? 0.7.3
[21:52] <harmw> cloudinit will tell you which sources it tried
[21:52] <harlowja> do u know how the openstack u are using is setup?
[21:52] <harlowja> that will affect which datasource cloud-init should try
[21:52] <harlowja> but as harmw said, the console log of openstack should also tell u what was being tried
[21:53] <harmw> you didn't forget to pass --key mykeyname on booting the instance alevy :)
[21:53] <harlowja> and if not /var/log/cloud-init.log usually has more
[21:53] <alevy> harmw: started it from the console
[21:54] <alevy> harlowja: it is a nebula one openstack cloud
[21:54] <alevy> one image is working the other isn't...
[21:54] <harmw> nova boot --flavor bla [..] --key-name thisismykey 
[21:54] <harmw> ah
[21:54] <harlowja> alevy hmmm, then it could vary, do u know what the nebular people recommend for images?
[21:54] <smoser> alevy, you can check to see if your key is there in 'ec2metadata'
[21:54] <harlowja> is that image known to work (that they are providing)
[21:54] <harmw> which image works, which one doesn't?
[21:54] <alevy> the one someone downloaded but I am trying to build my own (for certain rrsons)
[21:55] <smoser> i think nebula use ubuntu cloud images (even pull them in by default)
[21:55] <alevy> both centos 6.4 with the same cloud-init package installed and same config
[21:56] <harlowja> alevy build your own, hmmm
[21:56] <alevy> Can i run it interactively to see what is happening, I dont understand what is in the logs...
[21:56] <harlowja> alevy is it possible for u to pastebin the logs somewhere (filter out anything u don't want to show?)
[21:56] <alevy> smoser: how do I check that
[21:56] <alevy> harlowj: sure
[21:58] <smoser> alevy, in ubuntu you'd have a package 'ec2metadata'
[21:58] <smoser> just run it and it will crawl the metadata
[21:58] <smoser> from inside the system (assuming you got in, but you clearly might not bee able to)
[22:01] <alevy> smoser: bash: ec2metadata: command not found
[22:01] <alevy> smoser: centos
[22:01] <smoser> ah. well then
[22:02] <harlowja> logs at /var/log/cloud-init.log should be useful here
[22:02] <harlowja> *if any
[22:02] <smoser> $ curl -q http://169.254.169.254/latest/meta-data/public-keys; echo
[22:02] <smoser> 0=brickies
[22:03] <alevy> curl -q http://169.254.169.254/latest/meta-data/public-keys;
[22:03] <alevy> 0=alevy
[22:03] <alevy> looks ok there...
[22:07] <alevy> does cloud-init care about selinux?
[22:09] <harlowja> define 'care'?
[22:11] <smoser> it should handle it.
[22:11] <smoser> i have to run
[22:11] <smoser> later.
[22:16] <alevy> harlowja: i noticed one image has it enabled and the other doesn't, just looking for differences...
[22:17] <harlowja> kk, can u also check the diff between the cloud.cfg files @  /etc/cloud/cloud.cfg 
[22:17] <harlowja> a diff there might be part of the issue
[22:18] <alevy> harlowja: nothing commented out matters right?
[22:18] <harlowja> right
[22:19] <alevy> ok they are identical then
[22:19] <harlowja> hmmm, k, thats pretty odd
[22:20] <alevy> harlowja: is there a way to run cloud-init and see if it is puking or something?
[22:20] <harlowja> ya, u can run cloud-init just via $ cloud-init
[22:20] <alevy> do indents matter?
[22:20] <alevy> i.e. "-" vs. " -"
[22:21] <harlowja> potentially
[22:21] <harlowja> yaml is white space sensitive
[22:21] <alevy> gr
[22:21] <alevy> ok i see what may be the problem then
[22:21] <harlowja> kk
[22:27] <alevy> yaml is valid and nothing changed when I re-ran cloud-init
[22:31] <harlowja> valid yaml could still mean the yaml isn't right, if the spacing is right thats usually valid, but it might still be off
[22:31] <harlowja> u should be able to run $ cloud-init single 'module-name'
[22:31] <harlowja> and then see if one is dying
[22:31] <harlowja> perhaps run just the ssh one
[22:33] <alevy> harlowja: cloud-init single --name ssh ?
[22:34] <harlowja> i think so
[22:35] <alevy> cloud-init single --name 'ssh' --frequency once
[22:35] <alevy> that did something...
[22:36] <alevy> generated public private keypair
[22:36] <alevy> how do I test the fetch of keys from openstack?
[22:37] <harlowja> so i think u should be able to run $ cloud-init init
[22:37] <harlowja> and that will rerun the fetching part
[22:37] <alevy> does not seem to
[22:38] <harlowja> any output at all?
[22:38] <alevy> just prints out the networking stuffs
[22:38] <harlowja> k, its probably noticing u already fetched the data
[22:38] <harlowja> can u check /var/lib/cloud/
[22:38] <harlowja> if u temporarily move that directory to somewhere else, it should re-run
[22:39] <harlowja> that directory is where cloud-init stores alot of its data
[22:39] <harlowja> especially under /var/lib/cloud/instance
[22:40] <alevy> ok moved it and now it prints the networking and generates the keys again but says Failed to generate ecdsa key
[22:41] <harlowja> ok, afaik rhel has issues with the ecdsa key, but the rest of the keys should be getting made, 
[22:41] <harlowja> the question i guess is did it put your keys in place
[22:41] <harlowja> maybe try the cloud-init single --name ssh  again
[22:42] <alevy> it makes the ones in /etcssh/ for sure i just checked the fingerprint
[22:43] <harlowja> k
[22:43] <alevy> is the ssh module the one that fetches the key from openstack?
[22:44] <alevy> http://cloudinit.readthedocs.org/en/latest/topics/modules.html
[22:44] <alevy> that is totally empty.. ha ha
[22:45] <harlowja> hmmm, ya, thought that had some data in it
[22:45] <harlowja> the modules are @ http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/files/head:/cloudinit/config/
[22:48] <alevy> https://gist.github.com/8326025
[22:48] <alevy> that is the log btw, gist came back up
[22:48] <harlowja> ah, k
[22:50] <harlowja> hmmm, ya, its using 'iid-datasource-none' which confuses me
[22:51] <alevy> what does that mean?
[22:51] <harlowja> its supposed to find the ec2 one
[22:51] <harlowja> datasources provide where cloudinit gets info from, ec2 being one
[22:51] <harlowja> the none one is like a fallback
[22:53] <alevy> do i need to set that in cloud.cfg?
[22:53] <alevy> let me paste that too
[22:53] <alevy> https://gist.github.com/8326105
[22:54] <harlowja> u can, it might help reduce the set of ones it will try
[22:54] <harlowja> adding the following will help reduce the options
[22:54] <harlowja> # Only these datasources will be attempted (in order)
[22:54] <harlowja> datasource_list:
[22:54] <harlowja>  - ConfigDrive
[22:54] <harlowja>  - Ec2
[22:54] <harlowja>  - None
[22:54] <harlowja> or something like that
[22:55] <harlowja> u are running the '- disable-ec2-metadata' module though
[22:55] <harlowja> that alters iptables, so that means u can't probably run cloud-init twice
[22:55] <harlowja> without unblocking that iptables filter
[22:55] <harlowja> probably for testing disable that module running
[22:59] <alevy> ok i disabled that module
[22:59] <alevy> and ran again 
[22:59] <alevy> still not fetching any keys
[23:00] <alevy> https://gist.github.com/8326270
[23:00] <alevy> https://gist.github.com/8326272
[23:01] <harlowja> did u make a new instance? or the same one?
[23:01] <alevy> same one. should I make a new one?
[23:02] <harlowja> ya, if that module already ran, it turned on an iptables rule that stops the metdata from being fetched
[23:02] <alevy> can i just flush iptables?
[23:03] <harlowja> probably
[23:04] <alevy> seems to still be using None
[23:05] <alevy> ok I have to run
[23:05] <alevy> i guess i just need to keep looking?
[23:06] <harlowja> ya, make sure u are removing /varl/lib/cloud each time u try to re-run
[23:06] <harlowja> i'd restrict what datasources are allowed to
[23:06] <harlowja> to avoid all these other ones being activated
[23:07] <alevy> ok