/srv/irclogs.ubuntu.com/2019/10/02/#cloud-init.txt

aissenI reported an issue with ubuntu cloud-images arm64 first boot taking a long time a few weeks (months?) ago. I finally took the time to open a ticket and provide a reproducer: https://bugs.launchpad.net/cloud-images/+bug/184635514:58
ubot5Launchpad bug 1846355 in cloud-images "cloud-init very slow to set password on arm64 cloud image" [Undecided,New]14:59
Odd_Blokeaissen: Thanks for the bug report!  Unfortunately, I think you are being bitten by snapd.seeded being very slow.16:23
Odd_BlokeThere are some snapd changes in the works to make that less painful, which _are_ targetted to land in eoan.16:23
Odd_BlokeThat said, it's pretty close to eoan release day, so they may not make it in quite in time.16:24
Odd_Bloke(AIUI, they will be backported to stable releases once they're in, so missing release day isn't quite as bad as it is for most software in the archive.)16:24
aissenOdd_Bloke: it might be indeed. Is there a bug report for this specific issue ?16:26
aissenis there a specific reason why cloud-init password setting depends on snap.seeded (but not ssh key setup for example) ?16:27
aissenthe hostname is also setup relatively early.16:27
Odd_Blokeaissen: With reference to https://cloudinit.readthedocs.io/en/latest/topics/boot.html, the SSH keys are put in place in the "Network" phase, and passwords are set in the "Config" phase.16:33
Odd_BlokeI'm not 100% sure why passwords are set in that later phase.16:33
aissenmaybe something in the config phase installs snaps ? (seems weird, but maybe people put arbitrary commands that install snaps ?)16:34
Odd_Blokesnapd.seeded.service is installing pre-seeded snaps into the system.16:35
Odd_BlokeSo, for example, lxd gets installed by it.16:35
Odd_Blokeruncmd runs in the Config phase, so we need to be sure that all the system software is in place before that happens.16:36
Odd_BlokeSo it has to block on snapd.seeded.service.16:36
aissenthat's interesting, thanks.16:59
Moo464Good evening, sir,does anyone like to answer a question about importing SSH keys?20:05
Moo464I'm having trouble usind Cloud Init20:05
Odd_BlokeMoo464: o/ It's best to post what your problem is, then anyone coming along can help you out. :)20:06
Moo464Okay.My problem is this. I want to set up a cloud server at Hetzner. It should receive a previously generated key pair. With this key pair the server should be able to make a git clone via ssh. With GitHub I have already deposited the public key. Nevertheless, the server does not have authorization.I have entered the following:>20:12
Moo464ssh_keys:  rsa_private: |    -----BEGIN RSA PRIVATE KEY-----    MIIBxwIBAAJhAKD0YSHy73nUgysO13XsJmd4fHiFyQ+00R7VVu2iV9Qcon2LZS/x    1cydPZ4pQpfjEha6WxZ6o8ci/Ea/w0n+0HGPwaxlEG2Z9inNtj3pgFrYcRztfECb    1j6HCibZbAzYtwIBIwJgO8h72WjcmvcpZ8OvHSvTwAguO2TkR6mPgHsgSaKy6GJo    PUJnaZRWuba/HX0KGyhz19nPzLpzG5f0fYahlMJAyc13FV7K6kMBPXTRR6FxgHEg20:12
Moo464L0MPC7cdqAwOVNcPY6A7AjEA1bNaIjOzFN2sfZX0j7OMhQuc4zP7r80zaGc5oy6W    p58hRAncFKEvnEq2CeL3vtuZAjEAwNBHpbNsBYTRPCHM7rZuG/iBtwp8Rxhc9I5w    ixvzMgi+HpGLWzUIBS+P/XhekIjPAjA285rVmEP+DR255Ls65QbgYhJmTzIXQ2T9    luLvcmFBC6l35Uc4gTgg4ALsmXLn71MCMGMpSWspEvuGInayTCL+vEjmNBT+FAdO    W7D4zCpI43jRS9U06JVOeSc9CDk2lwiA3wIwCTB/6uc8Cq85D9YqpM10FuHjKpnP20:12
Moo464REPPOyrAspdeOAV+6VKRavstea7+2DZmSUgE    -----END RSA PRIVATE KEY-----  rsa_public: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEAoPRhIfLvedSDKw7XdewmZ3h8eIXJD7TRHtVW7aJX1ByifYtlL/HVzJ09nilCl+MSFrpbFnqjxyL8Rr/DSf7QcY/BrGUQbZn2Kc22PemAWthxHO18QJvWPocKJtlsDNi3 smoser@localhost20:12
Moo464It seems as if the server does not insert the key pair20:13
Odd_BlokeMoo464: Umm, I hope that you aren't too attached to that particular key, because it's now logged in everyone's IRC clients and online.20:18
Moo464Yeah those are Dummy keys20:19
Odd_BlokeOK, phew.20:19
Odd_BlokeMoo464: ssh_keys is used to configure the SSH _host_ keys.  You're probably looking for ssh_authorized_keys instead.20:20
Odd_BlokeThis is not entirely obvious in the docs, but the example at the bottom of https://cloudinit.readthedocs.io/en/latest/topics/modules.html#ssh is instructive.20:20
Moo464Thank you. So there a two lines with  - ssh-rsa AAAAB3Nza[...] Which one is the Public Key and which one the private?20:22
Moo464If I am not totally wrong I have to enter something like this:20:23
Moo464ssh_authorized_keys:    - ssh-rsa PRIVAT KEY    - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3I7VUf2l5gSn5uavROsc5HRDpZ ...20:23
Moo464and the other one is the Public key20:23
Odd_BlokeMoo464: The private key is private; you keep that locally.20:26
Odd_BlokeMoo464: You only need to include the public key in the ssh_authorized_keys list.20:26
Moo464I know but in order to use git clone SSH I need to transfer the private key as well, dont I?20:27
Moo464Otherwise I would transfer the public key to the server and also to GitHub, but then GitHub could not verify that I am allowed to make changes20:28
Odd_BlokeMoo464: Oh, I see what you mean.20:29
Moo464Sorry, I am not that good in writing english :D20:30
Odd_BlokeHey, we got there. :)20:30
Odd_Blokecloud-init doesn't provide a way to put private keys in-place for users, because it's a relatively uncommon operation.20:30
Moo464Oh okay, now I see20:30
Moo464I misunderstood the Docs20:30
Odd_BlokeYeah, they are definitely confusing.20:31
Odd_BlokeMost people will approach them assuming they're talking about _user_ keys.20:31
Odd_BlokeLet me file/find an issue about that.20:31
Moo464So there is no way to deposit a key during the creation?20:32
Odd_Blokehttps://bugs.launchpad.net/cloud-init/+bug/1827021 <-- there we go, I knew I'd seen one before20:32
ubot5Launchpad bug 1827021 in cloud-init "SSH Documentation should mention "Host Key"" [Medium,Triaged]20:32
Moo464Good to know I am not the only one20:32
Odd_BlokeMoo464: If you know the name of your default user, you could use write_files.20:32
Moo464Great idea. I'm going to try this. Thank you very very much!20:35
Odd_BlokeHappy I could help!20:37
=== rezroo1 is now known as rezroo

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!