Alliance Doc

Managing your cloud resources with OpenStack: Difference between revisions

Page Discussion

Managing your cloud resources with OpenStack (view source)

Revision as of 20:04, 23 September 2016

139 bytes removed ,  8 years ago
copyediting
(copyedit first para only)
(copyediting)
Line 125: Line 125:


<!--T:29-->
<!--T:29-->
There are a number of ways to allow more than one person to log in to a VM. The recommended methods involve adding public [[Ssh keys|SSH keys]] to the VM. You can add additional public keys to the <code>authorized_keys</code> file of the primary user account (''e.g.'' user <code>ubuntu</code> or <code>centos</code>) or to a newly created user account. In Ubuntu you can create a new user account with the command {{Command|sudo adduser USERNAME}}
There are a number of ways to allow more than one person to log in to a VM. We recommend creating new user accounts and adding public [[Ssh keys|SSH keys]] to these accounts. To do so manually, first create a new user account (under Ubuntu, for example) with the command {{Command|sudo adduser USERNAME}}
Then add the supplied public key to that user's <code>.ssh/authorized_keys</code> file as described in [[Ssh keys|SSH keys]] and linked pages.
Then add the person's public key to the <code>/home/$USER/.ssh/authorized_keys</code> file as described in [[Ssh keys|SSH keys]] and linked pages.


<!--T:30-->
<!--T:30-->
Another alternative would be to do this during the creation of your VM using [http://cloudinit.readthedocs.org/en/latest/index.html# CloudInit]. The following CloudInit script (which uses the YAML format, see [http://www.yaml.org/spec/1.2/spec.html#Preview YAML Preview]):
Alternatively, you can do this during the creation of a VM using [http://cloudinit.readthedocs.org/en/latest/index.html# CloudInit]. The following CloudInit script adds two users <code>gretzky</code> and <code>lemieux</code> with and without sudo permissions respectively.


  <!--T:31-->
  <!--T:31-->
#cloud-config
#cloud-config
  users:
  users:
   - name: sysadmin
   - name: gretzky
     shell: /bin/bash
     shell: /bin/bash
     sudo: ALL=(ALL) NOPASSWD:ALL
     sudo: ALL=(ALL) NOPASSWD:ALL
     ssh_authorized_keys:
     ssh_authorized_keys:
       - <Insert public key>
       - <Gretzky's public key goes here>
   - name: user
   - name: lemieux
     shell: /bin/bash
     shell: /bin/bash
     ssh_authorized_keys:
     ssh_authorized_keys:
       - <Insert public key>
       - <Lemieux's public key goes here>


<!--T:32-->
<!--T:32-->
adds two users <code>sysadmin</code> and <code>user</code> with and without sudo permissions respectively. The <code><Insert public key></code> must be replaced with the public key to use for that user. Note that YAML is very picky about white space formatting, so that there must be a space after the "-" before your public key string. Also, this configuration overwrites the default user that is added when no CloudInit script is specified, so that the users listed in this configuration script will be the only users on the newly created VM so it is important to have at least one user with sudo permission. More users can be added by simply including another <code>- name: username</code> section.
For more about the YAML format used by CloudInit, see [http://www.yaml.org/spec/1.2/spec.html#Preview YAML Preview]. Note that YAML is very picky about white space formatting, so that there must be a space after the "-" before your public key string. Also, this configuration overwrites the default user that is added when no CloudInit script is specified, so the users listed in this configuration script will be the ''only'' users on the newly created VM. It is therefore vital to have at least one user with sudo permission. More users can be added by simply including more <code>- name: username</code> sections.


<!--T:33-->
<!--T:33-->
If you wish to preserve the default user created by the distribution (debian, centos, ubuntu, etc.), use the following form:
If you wish to preserve the default user created by the distribution (users <code>debian, centos, ubuntu,</code> ''etc.''), use the following form:


  <!--T:34-->
  <!--T:34-->
#cloud-config
#cloud-config
  users:
  users:
   - default
   - default
   - name: sysadmin
   - name: gretzky
     shell: /bin/bash
     shell: /bin/bash
     sudo: ALL=(ALL) NOPASSWD:ALL
     sudo: ALL=(ALL) NOPASSWD:ALL
     ssh_authorized_keys:
     ssh_authorized_keys:
       - <Insert public key>
       - <Gretzky's public key goes here>
   - name: user
   - name: lemieux
     shell: /bin/bash
     shell: /bin/bash
     ssh_authorized_keys:
     ssh_authorized_keys:
       - <Insert public key>
       - <Lemieux's public key goes here>


<!--T:35-->
<!--T:35-->
After the VM has finished spawning, take a look at the log to ensure that the public keys have been added correctly for those users. The log can be found by click the name of the instance under the "Compute->Instances" panel and then selecting the "log" tab.  The log should show something like:
After the VM has finished spawning, look at the log to ensure that the public keys have been added correctly for those users. The log can be found by clicking on the name of the instance on the "Compute->Instances" panel and then selecting the "log" tab.  The log should show something like this:


<!--T:36-->
<!--T:36-->
ci-info: ++++++++Authorized keys from /home/sysadmin/.ssh/authorized_keys for user sysadmin++++++++
ci-info: ++++++++Authorized keys from /home/gretzky/.ssh/authorized_keys for user gretzky++++++++
  ci-info: +---------+-------------------------------------------------+---------+------------------+
  ci-info: +---------+-------------------------------------------------+---------+------------------+
  ci-info: | Keytype |                Fingerprint (md5)                | Options |    Comment      |
  ci-info: | Keytype |                Fingerprint (md5)                | Options |    Comment      |
Line 174: Line 174:
  ci-info: | ssh-rsa | ad:a6:35:fc:2a:17:c9:02:cd:59:38:c9:18:dd:15:19 |    -    | rsa-key-20160229 |
  ci-info: | ssh-rsa | ad:a6:35:fc:2a:17:c9:02:cd:59:38:c9:18:dd:15:19 |    -    | rsa-key-20160229 |
  ci-info: +---------+-------------------------------------------------+---------+------------------+
  ci-info: +---------+-------------------------------------------------+---------+------------------+
  ci-info: ++++++++++++Authorized keys from /home/user/.ssh/authorized_keys for user user++++++++++++
  ci-info: ++++++++++++Authorized keys from /home/lemieux/.ssh/authorized_keys for user lemieux++++++++++++
  ci-info: +---------+-------------------------------------------------+---------+------------------+
  ci-info: +---------+-------------------------------------------------+---------+------------------+
  ci-info: | Keytype |                Fingerprint (md5)                | Options |    Comment      |
  ci-info: | Keytype |                Fingerprint (md5)                | Options |    Comment      |
Line 182: Line 182:


<!--T:37-->
<!--T:37-->
Once this is done, users can log into the VM with their private keys as usual (see [[ssh keys]]).
Once this is done, users can log into the VM with their private keys as usual (see [[Ssh keys]]).


=Downloading an image= <!--T:38-->
=Downloading an image= <!--T:38-->
Rdickson
Bureaucrats, cc_docs_admin, cc_staff
2,879

edits

Retrieved from "https://docs.alliancecan.ca/wiki/Special:MobileDiff/3017"