=== harlowja is now known as harlowja_away
=== ijw_ is now known as ijw
=== harlowja_away is now known as harlowja
[19:42] <championofcyrodi> Hi guys.  I'm running ubuntu 14.04 and everytime i reboot a nova instance using SSH i get: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!, where the ECDSA key is changed and i have to clean it from my known hosts file.  Is there a way or document describing how to disable this ssh key injection so that it is always the same, or that it doesnt not change?
[19:47] <harlowja> i'd ask your cloud provider, they are likely the ones that are changing the keys around and doing injection
[19:47] <harlowja> or doing something else (probably isn't cloud-init doing this)
[19:49] <championofcyrodi> i'm running my own fuel+mantis cluster w/ openstack
[19:50] <championofcyrodi> (which i guess makes me the only cloud provider i can ask)
[19:51] <harmw> this isn't keyinjection, it's c-i resetting your ssh host keys. Isn't that configurable in c-i.conf?
[19:52] <championofcyrodi> I would think it is, but I'm not sure what the key/value pair is to configure.
[19:52] <harmw> you're just using the default config?
[19:52] <championofcyrodi> yea
[19:52] <harmw> hmk, well I doubt thats the problem then
[19:52] <harmw> did you check the logs?
[19:52] <championofcyrodi> i pass in my own user-data to install some packages. but that's it.
[19:52] <harmw> sounds fairly harmless :)
[19:53] <championofcyrodi> let me check the logs...
[19:55] <harmw> btw harlowja, my instance is only again after applying some hardcore raw sql :p
[19:55] <harlowja> hardcore sql
[19:55] <harlowja> sounds naughty
[19:55] <harlowja> lol
[19:55] <harmw> damn right
[19:55] <harlowja> *hardcore raw sql
[19:55] <harlowja> lol
[19:56] <championofcyrodi> maybe this?  http://pastebin.com/zDYVkGnP
[19:57] <harmw> well there is the reason why you keep having to edit your known_hosts file
[19:57] <harmw> but what causes it (my guess, something in c-i.conf)
[19:58] <championofcyrodi> I see an 'ssh' module set in the init stage...
[20:10] <championofcyrodi> hmm this is frustrating.  I am seeing a module named 'ssh_config' is performing the action(s) in the DEBUG logs from cloud-init.log.   However, I'm not finding "c-i.conf" anywhere in this distro, nor am I finding anything matching the string "ssh_config"
[20:11] <championofcyrodi> only 'ssh', 'ssh-authkey-fingerprints', and 'ssh-import-id'
[20:11] <championofcyrodi> clear
[20:11] <championofcyrodi> oops
[20:25] <kwadronaut> well, the import-id is something you want to run only *once* per instance
[20:40] <championofcyrodi> i think i found it...
[20:40] <championofcyrodi> http://cloudinit.readthedocs.org/en/latest/topics/examples.html#configure-instances-ssh-keys
[20:40] <championofcyrodi> it looks like i'll need to define it in the #cloud-config, otherwise it's randomly generated everytime.
[20:59] <smoser> championofcyrodi, cloud-init will re-run the ssh key creation on 'per-instance' basis.
[21:00] <smoser> its not "every time".
[21:00] <championofcyrodi> so maybe the known key was just an issue for instances i terminated and re-created.
[21:00] <smoser> its every time it sees a new instance-id.
[21:00] <smoser> well, that would be very much by design :)
[21:01] <championofcyrodi> thanks for telling me that.  is there a doc that describes the modules and when they are used?
[21:01] <championofcyrodi> i found this, which has been helpful: http://cloudinit.readthedocs.org/en/latest/topics/modules.html  but the modules section is empty
[21:01] <smoser> http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/examples/cloud-config.txt#L300
[21:02] <smoser> then look at the ocnfig on your system (which cna be changed in user-data) in /etc/cloud/cloud.cfg and /etc/cloud/cloud.cfg.d/*.cfg
[21:03] <championofcyrodi> thank you!!! you have saved my bacon.
[21:03] <smoser> the dfeault frequency is 'per-instance'.
[21:03] <smoser> you can change that ifyou'd like. but generally you do not want ot have multiple systems with the same ssh host keys.
[21:04] <smoser> if you change it to 'once', it will write a file /var/lib/cloud/something-or-other/ssh.once
[21:04] <smoser> and if that file is still there, it will never run it again
[21:22] <harlowja> hmmm, need to work on that module.html doc 
[21:27] <smoser> harlowja, 2.0
[21:27] <harlowja> ya
[21:27] <smoser> think about how to do it well.
[21:27] <harlowja> lol
[21:27] <harlowja> hmmm
[21:27] <smoser> and then tell dumb people like smoser
[21:32] <harlowja> :-P
[21:36] <harlowja> smoser modules that have self-contained docs would be cool, then can use that in online docs :)
[21:38] <smoser> yeah, that is what i want. 
[21:38] <smoser> config modules with python comment that describe them.
[21:38] <harlowja> >>> from cloudinit.config import cc_ssh
[21:38] <harlowja> >>> cc_ssh.__doc__
[21:38] <smoser> yeah.
[21:38] <harlowja> put a module level comment/docstring and it can be found
[21:38] <harlowja> by magic!
[21:38] <harlowja> ha
[21:38] <harlowja> then sphinx can read that afaik
[21:39] <harlowja> doesn't seem so hard
[21:40] <harlowja> get er' done