3.1 SSH Demo Script Brought to you by: Carla Mott, Rajiv Mordani, Joe Di Pol
- Demonstration of instance lifecycle management over SSH (create-instance, start-instance, start-cluster, etc).
- DAS uses SSH client to communicate to instance servers and run local commands on those servers
- MS2 contains initial integration: Unix only (Windows in MS3) and there are rough edges.
- Refining in MS3
Setup
Setup:
- Configure ssh on all nodes to use key (certificate) authentication. From the DAS machine you must be able to: ssh hostname without being prompted for anything when you are logged in as the user that will be running the DAS.
- Currently only key authentication using unencrypted key files is supported.
- Details on configuring SSH is comming
- GlassFish MS2 installed on instance machines in a known location (/export/glassfishv3 in this demo)
- Start the DAS on the DAS machine (MacBook in this demo)
|
Demo
- asadmin create-cluster c1
- asadmin create-node-ssh --nodehost nwc.red.iplanet.com --nodehome /export/glassfishv3 n1
- asadmin create-node-ssh --nodehost sidewinder.red.iplanet.com --nodehome /export/glassfishv3 n2
- asadmin list-nodes
- asadmin create-instance --cluster c1 --node n1 i1
- asadmin create-instance --cluster c1 --node n2 i2
- asadmin list-instances
- asadmin start-instance i1
- asadmin list-instances
- asadmin stop-instance i1
- asadmin start-cluster --verbose c1
- asadmin list-instances
- Go to browser and show instances are up:
- http://nwc.red.iplanet.com:28080
- http://sidewinder.red.iplanet.com:28080
- asadmin stop-cluster c1
- asadmin list-instances
Setting up SSH Daemon on some platforms If you are using linux - then use the package manager on the system to install the openssh-server and openssh-client. For example on Ubuntu you would do the following
sudo apt-get install openssh-server openssh-client
On the mac you need to do the following Go to 'System Preferences'. Under 'Internet & Networking' there is a 'Sharing' icon. Click on it. In the list that appears, check the 'Remote Login' option. For windows you will need to install cygwin ssh daemon for example. Note as of milestone 2 we have not tested with windows as yet. For other operating systems make sure that you have client and server installed (client only needed to verify that the ssh setup is in fact working). Once you have ssh installed create keys for your use. The key file is for the user under which the DAS will be running and is the key that will be used by default unless a different one is specified.
To generate the key again you will need to use platform specific tools. On most unix and mac you should be able to generate a key by running
Make sure that you specify no passphrase for the key to use with milestone 2. Once the key is generated you will have an id_rsa, id_rsa.pub or id_dsa, id_dsa.pub in the default location which for most unix systems is ~/.ssh/ Copy the .pub key (id_rsa.pub or id_dsa.pub) to the remote system that you want to setup as an instance and put it in the authorized_keys file. This file should be in ~/.ssh/ on most unix systems. Create one if it does not exist. Once you have copied the key to the authorized_keys file the simple test is to use the ssh client to connect to the remote system. If everything is setup correct you should be able to connect to the system without being prompted for a password. For example Using the systems above macbook and nwc. The authorized_keys on nwc is setup with public key (id_dsa.pub) from the macbook. Doing the following logs me in to nwc from macbook without any password prompt.
If you are not prompted for a password, you are setup correctly. If not try the following to get verbose output of what is going on and where it fails.
|
