我刚刚开始使用布鲁克林,并且尝试通过我的AWS帐户完全从deploying blueprints页面获取示例。
Maven构建成功完成,并且可以使用running Brooklyn页面上的步骤从~/apache-brooklyn-0.7.0-M2-incubating/usage/dist/target/brooklyn-dist成功启动Brooklyn Web UI。
启动蓝图时,我可以在我的AWS Console UI中看到所有正在启动的VM。我还可以看到创建的密钥对和安全组。但是该蓝图最终失败了,因为(我认为)布鲁克林无法将ssh插入虚拟机,请参阅下面的第一个日志输出。我假设布鲁克林试图以某种方式使用创建的密钥对登录虚拟机?
根据locations页中的信息,我创建了~/.brooklyn/brooklyn.properties file并添加了以下配置:
brooklyn.location.jclouds.aws-ec2.identity = MyAwsAccessKeyID
brooklyn.location.jclouds.aws-ec2.credential = MyAwsSecretAccessKey
brooklyn.location.jclouds.aws-ec2.privateKeyFile = /home/username/key4brooklyn.pem
我从AWS控制台UI创建了
key4brooklyn.pem文件,然后重新启动了Brooklyn,但是该蓝图仍然无法正常工作,它创建了VM,但是无法访问VM,请参阅下面的日志输出。2015-03-02 23:31:27,295 INFO Starting MySqlNodeImpl{id=lzJhHxwD}, obtaining a new location instance in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2] with ports [22, 3306]
2015-03-02 23:31:27,369 INFO Starting NginxControllerImpl{id=QYRLgQPh}, obtaining a new location instance in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2] with ports [22, 8000]
2015-03-02 23:31:27,612 INFO Resize DynamicWebAppClusterImpl{id=iJNs2ltC} from 0 to 1
2015-03-02 23:31:28,830 INFO Starting JBoss7ServerImpl{id=MWMGwHXx}, obtaining a new location instance in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2] with ports [22, 9443, 10999, 8443, 8080, 9990]
2015-03-02 23:31:37,870 INFO Creating VM aws-ec2@MySqlNodeImpl{id=lzJhHxwD} in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2]
2015-03-02 23:31:38,508 INFO Creating VM aws-ec2@JBoss7ServerImpl{id=MWMGwHXx} in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2]
2015-03-02 23:31:38,983 INFO Creating VM aws-ec2@NginxControllerImpl{id=QYRLgQPh} in JcloudsLocation[aws-ec2:MyAwsAccessKeyID/aws-ec2]
2015-03-02 23:34:55,349 INFO Not able to load publicKeyData from inferred files, based on privateKeyFile: tried [/home/username/key4brooklyn.pem.pub] for aws-ec2@MySqlNodeImpl {id=lzJhHxwD}
2015-03-02 23:34:55,353 INFO Not able to load publicKeyData from inferred files, based on privateKeyFile: tried [/home/username/key4brooklyn.pem.pub] for aws-ec2@JBoss7ServerImpl {id=MWMGwHXx}
2015-03-02 23:34:55,351 INFO Not able to load publicKeyData from inferred files, based on privateKeyFile: tried [/home/username/key4brooklyn.pem.pub] for aws-ec2@NginxControllerImpl {id=QYRLgQPh}
我正在使用安装了Oracle Java 7的Ubuntu 14.04,它是VirtualBox VM。
最佳答案
查看日志输出,问题出在这里:
2015-03-02 23:34:55,349 INFO Not able to load publicKeyData from inferred files, based on privateKeyFile: tried [/home/username/key4brooklyn.pem.pub] for aws-ec2@MySqlNodeImpl {id=lzJhHxwD}
privateKeyFile配置密钥需要在两个文件中指定一个
id_rsa或id_dsa样式密钥对。如果未配置publicKeyFile,将自动检测到相应的*.pub文件。有creating an ssh key更好的说明。它令人困惑,最新的SNAPSHOT版本中包含了有关密钥(包括快速故障)的更好的错误报告,并将包含在M3里程碑版本中。另请注意,id_rsa文件必须具有一个且只有一个私钥,并且不得包含公钥。繁琐的格式有那么多!设置
~/.ssh/id_rsa或其他已配置的密钥对后,布鲁克林将使用它来设置对VM的ssh访问。默认情况下,jclouds(我们在幕后使用)将创建一个临时的AWS密钥对,以获得对VM的初始访问权限。然后,我们将~/.ssh/id_rsa.pub自动添加到VM的~/.ssh/authorized_keys(在VM上创建一个默认情况下与运行Brooklyn进程的用户名称相同的用户)。您下载的
key4brooklyn.pem文件是AWS密钥对的私有部分。默认情况下,将不会使用此选项,因为jclouds将创建自己的密钥对。如果您希望jclouds使用预先存在的密钥对,则必须使用以下配置设置:
brooklyn.location.jclouds.aws-ec2.keyPair = MyKeypairName
其中MyKeypairName是根据AWS的密钥对的名称。