yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1333920] Re: sshd can start before cloud-init injects keys

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Scott Moser <smoser@xxxxxxxxxx>
Date: Fri, 10 Oct 2014 15:39:11 -0000
Reply-to: Bug 1333920 <1333920@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

fixed in 0.7.6

** Changed in: cloud-init
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1333920

Title:
  sshd can start before cloud-init injects keys

Status in Init scripts for use on cloud images:
  Fix Released

Bug description:
  Description of problem:

  When using automated scripts for deployment, many wait for sshd to
  come up, then ssh in. Since cloud-init and sshd are started in
  parallel, this creates a race condition for cloud-init to add ssh keys
  before sshd starts or the user can't login and the automated scripts
  can fail.

  Specifically, this is happening to me using test-kitchen with the
  kitchen-openstack plugin, which uses Fog. It calls wait_for and
  watches for sshd to come up. It catches sshd before cloud-init
  finishes installing keys, and fails to ssh.

  Reproducing:

  Attempt to ssh in before cloud-init finishes but after sshd is up and
  running.

  Steps to Reproduce:
  1. Pull in Fedora Cloud image for OpenStack
  2. Configure test kitchen to use Fedora
  3. Run test-kitchen tests

  Actual results:

  ssh fails, which causes test-kitchen or other automated scripts to
  fail.

  Expected results:

  ssh should succeed.

  This is specifically affecting me on Fedora-20, but can potentially
  affect any distribution using systemd.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1333920/+subscriptions

References

[Bug 1333920] [NEW] sshd can start before cloud-init injects keys
From: Jordan Evans, 2014-06-24