More informations about how to use Generic driver #1357
Comments
@nathanleclaire I read your whole article about 'generic' driver and swarm, but it didn't help because it doesn't really explain the requirements before how to use it... |
This is exactly my experience as well, just tried it by running the clients on OS X and pointing them at an Ubuntu 14.04 box. |
Currently if you want to use password protected SSH keys you will have to enter the password each time (perhaps we should look into agent support). This is why you keep getting prompted (we have several SSH calls to provision). Actually, now that I think about it, adding that key to your ssh agent might work. I'm not sure if the |
@ehazlett Thanks. So I followed the github stuff to add my passphrase to my ssh-agent. And now,
Thanks for your time! (I think this may also help ppl in the same case than mine) |
Hey @Oliboy50, try running the create with a -D to see what's failing (docker-machine -D create -d...). |
@clnperez +1 -- I will do some local testing. I think it would be good to support the SSH agent in any case. |
@clnperez Thanks for the tip ;) For some reasons now, I can't use the Here is my output with
BTW, it gives me the same output if I type my correct passphrase or if I don't type any passphrase... Thanks |
After some tests, here is what work for me to connect to my remote machine:
(note the So I'm pretty sure that the problem comes from the SSH program needs my remote user password to establish a connection... So, what kind of settings should I do, on my remote machine, to prevent SSH for asking my user password? As I said in my first comment, I already added this to my Does anyone know the proper way to do that? P.S: It seems that I have to add |
Ah, yes, we turned the |
I have Docker 1.6.2 running in a RHEL 7 host and I'm trying to connect to it using docker-machine and it fails with the regular setup...
Lots of attempts are made and nothing happens... What else should I do to get it to work?
thanks! |
no able to add an existing Host to docker-machine $ docker-machine create -d generic --generic-ip-address SERVER_IP --generic-ssh-user root --generic-ssh-key |
Same problem here. Using version docker-machine version 0.3.0 (0a251fe). Running Getting:
|
I am seeing this issue as well on OSX with ssh-agent running, and a password protected ssh-key: I've added the key to ssh-agent via |
Keeps prompting for passphrase when newly created key does not contain a passphrase.
docker-machine create -d generic \
--generic-ssh-user XXX \
--generic-ssh-key /Users/XXX/.ssh/test_for_dm \
--generic-ip-address XXX \
--generic-ssh-port XXX \
my-host |
so, this is a terrible work around but... keep entering your password. its not asking again to retry the password, its asking again cause its running another ssh command. EDIT: no way to trick ssh-agent. just keep entering the pass until it stops asking
|
same here, +1 for more detailed docs |
same here and this worked for me on Mint/Ubuntu: a bug in gnome-keyring produces similar symptoms https://chrisjean.com/ubuntu-ssh-fix-for-agent-admitted-failure-to-sign-using-the-key/ |
I was able to make progress... Here's a summary of what I did today:
The result is that $ docker-machine create
--driver generic --generic-ip-address discovery.corp.bus.net
--generic-ssh-user mdesales --generic-ssh-key ~/.ssh/id_rsa.pub consul-ui
Running pre-create checks...
Creating machine...
(consul-ui) Importing SSH key...
Waiting for machine to be running, this may take a few minutes...
Machine is running, waiting for SSH to be available...
Detecting operating system of created instance...
Detecting the provisioner...
Provisioning with redhat...
^C After I exited the process, I could see that $ docker-machine ls
NAME ACTIVE DRIVER STATE URL
SWARM DOCKER ERRORS
consul-ui - generic Running tcp://discovery.corp.bus.net:2376
Unknown Unable to query docker version: Unable to read TLS config: open
/home/mdesales/.docker/machine/machines/consul-ui/server.pem: no such file or directory Questions
Running in Debug Mode$ docker-machine -D create --driver generic
--generic-ip-address discovery.corp.bus.net
--generic-ssh-user mdesales --generic-ssh-key ~/.ssh/id_rsa.pub consul-ui
Docker Machine Version: 0.5.4, build 6643d0e
Found binary path at /usr/bin/docker-machine
Launching plugin server for driver generic
Plugin server listening at address 127.0.0.1:56463
() Calling .GetVersion
Using API Version 1
() Calling .SetConfigRaw
() Calling .GetMachineName
(flag-lookup) Calling .GetCreateFlags
Making call to close connection to plugin binary
Making call to close driver server
(flag-lookup) Calling .Close
Successfully made call to close driver server
Found binary path at /usr/bin/docker-machine
Launching plugin server for driver generic
Plugin server listening at address 127.0.0.1:35153
() Calling .GetVersion
Using API Version 1
() Calling .SetConfigRaw
() Calling .GetMachineName
(consul-ui) Calling .GetMachineName
(consul-ui) Calling .DriverName
(consul-ui) Calling .GetCreateFlags
(consul-ui) Calling .SetConfigFromFlags
Running pre-create checks...
(consul-ui) Calling .PreCreateCheck
(consul-ui) Calling .GetConfigRaw
Creating machine...
(consul-ui) Calling .Create
(consul-ui) Importing SSH key...
(consul-ui) Calling .GetConfigRaw
(consul-ui) DBG | IP: discovery.corp.bus.net
(consul-ui) Calling .DriverName
Waiting for machine to be running, this may take a few minutes...
(consul-ui) Calling .GetState
Machine is running, waiting for SSH to be available...
Getting to WaitForSSH function...
(consul-ui) Calling .GetSSHHostname
(consul-ui) Calling .GetSSHPort
(consul-ui) Calling .GetSSHKeyPath
(consul-ui) Calling .GetSSHKeyPath
(consul-ui) Calling .GetSSHUsername
Using SSH client type: external
About to run SSH command:
exit 0
SSH cmd err, output: <nil>:
Detecting operating system of created instance...
Detecting the provisioner...
(consul-ui) Calling .GetSSHHostname
(consul-ui) Calling .GetSSHPort
(consul-ui) Calling .GetSSHKeyPath
(consul-ui) Calling .GetSSHKeyPath
(consul-ui) Calling .GetSSHUsername
Using SSH client type: external
About to run SSH command:
cat /etc/os-release
SSH cmd err, output: <nil>: NAME="Red Hat Enterprise Linux Server"
VERSION="7.1 (Maipo)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="7.1"
PRETTY_NAME="Red Hat Enterprise Linux Server 7.1 (Maipo)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:7.1:GA:server"
HOME_URL="https://www.redhat.com/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_BUGZILLA_PRODUCT_VERSION=7.1
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="7.1"
Couldn't set key CPE_NAME, no corresponding struct field found
Couldn't set key , no corresponding struct field found
Couldn't set key REDHAT_BUGZILLA_PRODUCT, no corresponding struct field found
Couldn't set key REDHAT_BUGZILLA_PRODUCT_VERSION, no corresponding struct field found
Couldn't set key REDHAT_SUPPORT_PRODUCT, no corresponding struct field found
Couldn't set key REDHAT_SUPPORT_PRODUCT_VERSION, no corresponding struct field found
found compatible host: rhel
Provisioning with redhat...
(consul-ui) Calling .GetMachineName
(consul-ui) Calling .GetSSHHostname
(consul-ui) Calling .GetSSHPort
(consul-ui) Calling .GetSSHKeyPath
(consul-ui) Calling .GetSSHKeyPath
(consul-ui) Calling .GetSSHUsername
Using SSH client type: external |
I had this issue also, and was able to resolve it by creating an SSH key for the user running
|
@mefellows So, can you describe the process a bit more? Is it something like:
Is that what we need? |
Actually @marcellodesales, I'm not sure that was a permanent fix either as I had troubles getting it to work later. The password-less SSH key was only installed on the docker machine client host, an nowhere else. What I ended up doing that worked reliably (and will revise once I have a better overall understanding) was creating the machine and providing ssh certs/keys whilst doing it i.e.
This leads me to believe it's an issue with local SSH confguration, but further investigation is required. |
@mefellows This looks more promising so far because I can see where all the client/server certs are being used, as well as the generic ssh key value is... I will try using it and report... |
Excellent @marcellodesales, keen to hear how you go. |
Looks like using a protected key with an ssh-agent loaded with it, but without specifying the key as an option to the generic driver, worked for me. Counter intuitive, but ... Maybe the documentation should reflect this! |
Closing. Generic driver supports password protected ssh keys through ssh-agent as specified here: https://github.com/docker/machine/blob/master/docs/drivers/generic.md#interaction-with-ssh-agents |
Agreed, but the error message right now is very cryptic and should give you something else than a number (ie: key not found / not unlocked / agent not found ... ?) |
@dgageot Still having the same exact problem...
docker-machine ls showing
|
I upgraded the machine manually to match my laptop's version... I re-ran the command and it failed with the following:
Laptop and Host Docker on same docker version
|
I finally got it to work...
Missing Pieces
Reviewing https://docs.docker.com/engine/security/https/, I noticed that the ca.pem is NOT retrieved the
The last change is the config.json file to change the location from ca.pem from the default machine ca.pem to the one we just copied... "CaCertPath": "/Users/mdesales/.docker/machine/machines/config-server/ca.pem", Lastly, you need select the machine to use...
The eval switches to the other machine... The environment variable is now switched.
The error about
At this point, all the commands are being sent to the generic machine that's selected.
At this point, everything started working... |
I'm trying to use
Docker Machine 0.3.0rc2
to create ageneric
remote machine on a Virtual Private Server.Here is the OS running on this VPS:
Ubuntu 15.04 (GNU/Linux 2.6.32-042stab106.4 x86_64)
There, I configured the whole thing to be able to connect through SSH only with a user called
oliboy50
.Here is what I added to my
visudo
file:oliboy50 ALL=(ALL)NOPASSWD: ALL
Now, back on my host machine, here is what I get when I try to create the docker-machine:
Then I enter my passphrase, but it keeps asking for my passphrase, each time I enter it (BTW I'm sure the passphrase is the good one and docker-machine understand it because it takes more time to give me an output back when my passphrase is correct):
Then if I exit the process, here is what I get when I list existing machines:
Then if I try to set my environment variables:
Can someone explain me what I'm doing wrong, or what should I try to make it work?
Thanks
The text was updated successfully, but these errors were encountered: