Giters

jhorey / ferry

Ferry lets you define, run, and deploy big data applications on AWS, OpenStack, and your local machine using Docker

Home Page:http://ferry.opencore.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

vagrant ferry.box with ferry start spark and ferry ssh requires root password?

cons0l3 opened this issue · comments

commented

Hi all,

I hope this is an error and not a case of RTFM. I have started a ferry.box via vagrant on virtualbox. I have then started ferry server and ferry start spark. I have not changed any config, but rather followed the getting started quickstart guide. When I try to ferry ssh into the spark client/connector I receive:

vagrant@vagrant-ubuntu-trusty-64:~$ ferry ps
       UUID            Storage               Compute              Connectors         Status      Base     Time
       ----            -------               -------              ----------         ------      ----     ----
   sa-b8653a1e     [u'se-45981657']     [[u'se-7c7438d3']]     [u'se-bfbd5492']     running     spark
vagrant@vagrant-ubuntu-trusty-64:~$ ferry ssh sa-b8653a1e
[12/01/2014 02:55:17] [WARNING] ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /usr/local/lib/python2.7/dist-packages/ferry/data/key/insecure_ferry_key.pem root@172.18.0.10
Warning: Permanently added '172.18.0.10' (ECDSA) to the list of known hosts.
root@172.18.0.10's password:

I think the operation is meant to be passwordless, hence the -i option to ssh with the insecure key.
I can see the docker containers, jvm's running hadoop etc in the list of processes. When starting or stopping the "cluster", I do receive many warning of ssh:

WARNING:root:LC_ALL=C && ssh -o ConnectTimeout=20 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /usr/local/lib/python2.7/dist-packages/ferry/data/key/insecure_ferry_key.pem -t -t root@172.18.0.6 '/service/sbin/startnode halt'
WARNING:root:com msg: Warning: Permanently added '172.18.0.6' (ECDSA) to the list of known hosts.

So the ssh seems to work there, as it starts or stops the respective services in the docker container via ssh.

How can I fix it.

Keep up the good work.

Cheers
Carsten

commented

Can you run the ferry ssh command as root (either via the root prompt or using sudo)?

commented

Sorry for the delay I screwed up my vagrant virtualbox environment. I had to setup everything from scratch. Good news is, the issue is reproducable. If have tested both sudo ferry ssh and su -; ferry ssh both connect with the container fine.

vagrant@vagrant-ubuntu-trusty-64:~$ sudo ferry ssh sa-5dfe90b7
[12/02/2014 02:42:08] [WARNING] ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /usr/local/lib/python2.7/dist-packages/ferry/data/key/insecure_ferry_key.pem root@172.18.0.10
Warning: Permanently added '172.18.0.10' (ECDSA) to the list of known hosts.
Last login: Tue Dec  2 14:41:20 2014 from 172.18.42.1

I have also looked into the access rights of the ssh-key.

vagrant@vagrant-ubuntu-trusty-64:~$ ls -la /usr/local/lib/python2.7/dist-packages/ferry/data/key/
total 16
drwxr-sr-x 2 root staff  4096 Oct 19 21:39 .
drwxr-sr-x 7 root staff  4096 Oct 19 21:39 ..
-rw-r--r-- 1 root staff   393 Oct 19 21:39 insecure_ferry_key
-rw------- 1 root docker 1675 Oct 19 21:39 insecure_ferry_key.pem

The pem is very restricted in its access rights. I have changed that for now. Could you please consider of either relaxing the access rights or give a hint in to documentation.

Thanks for your quick response.

Cheers
Carsten