Generating Cluster Log Bundles Prompts for a Password When Not Required
search cancel

Generating Cluster Log Bundles Prompts for a Password When Not Required


Article ID: 325406


Updated On:


VMware VMware Telco Cloud Automation


Generating TKG workload cluster log bundles via kbsctl and CCLI asks for a password, however, no known password works.


VMware Telco Cloud Automation 2.1
VMware Telco Cloud Automation 2.1.1


This issue is caused by the TCA SSH public keys not being passed along during cluster creation when clusters are created externally via cluster operator and then imported into TCA.


This issue has been resolved in VMware Telco Cloud Automation 2.2.


The following procedure allows the TCA-CP SSH public keys to be copied to the cluster nodes and prevent the prompting of the node password during log collection using kbsctl or CCLI.

All steps are done from an SSH session on the TCA-CP.
1. SSH into the TCA-CP, switch user to root.
2. Download and copy the sshpass binary to the /usr/bin directory in TCA-CP. 
3. Change the binary permissions to make it executable using the chmod command:
[root@tca-cp-10-upgradetest ~]# chmod 0755 /usr/bin/sshpass

4. Download and copy the ssh-copy-id binary to the /usr/bin directory in TCA-CP. 
5. Change the binary permissions to make it executable using the chmod command:
[root@tca-cp-10-upgradetest ~]# chmod 0755 /usr/bin/ssh-copy-id
6. Download and copy the script to the /usr/bin directory in TCA-CP. 
7. Make the script executable by using the chmod command:
[root@tca-cp-10-upgradetest ~]# chmod 0755 /usr/bin/
8. Create a file named node_info to be used as an argument by the script which includes the Node IP addresses and/or passwords.  Create this file in the /usr/bin/ directory of the TCA-CP using one of the following formats. Users can decide which format they want to use for running the script.

File format 1: Node IP only

Use this format if all the cluster nodes have the same password.
File format sample:

Set the "SSHPASS" environment variable using the export command and the script will use the node password to copy the public key to the cluster node.
[root@tca-cp-10-upgradetest ~]# export SSHPASS=<username>\<some_password> // Note : use '\' before a special character in the password
[root@tca-cp-10-upgradetest ~]# echo $SSHPASS

If the nodes do not have the same password, then the script will prompt the user to enter a password before copying the key to the node.
The script provides up to 3 retries to enter the correct password. After 3 incorrect retries, the copy will fail and move on to the next node.

File Format 2: Node IP and Password

In this file format the user can also provide the node password along with the node IP address separated by a space as shown below. This will not prompt the user to enter the password while copying the keys.
x.x.x.x password1
y.y.y.y password2
z.z.z.z password3

9. The script uses the file created above as an argument during its execution from the TCA-CP command.

The user can check the script usage before running by running the script with -h argument as shown below.
[root@tca-cp-10-upgradetest ~]# ./ -h
10. When ready to run the script, switch user to root.
11. Run the script as shown below.
[root@tca-cp-10-upgradetest ~]# ./ input.txt ^C
Make note of any failed or skipped nodes so you can re-run the script.
12. To confirm that public key has been copied, SSH into the cluster node from the TCA-CP. There should not be a prompt for a password.
13. Update the node_info file by removing the nodes that were successful and leave only the failed nodes. Re-run the script with the updated node info for the failed node IP addresses.

Additional Information

Impacts VMware Telco Cloud Automation 2.1.X