Skip links

Don’t forget to setup passwordless ssh to existing nodes – especially for Docker

We’ve recently provided support for a Nuage Networks VSP upgrade scenario in which the existing Nuage components had been installed months back. The customer had a 3-VSD cluster, a pair of VSCs, and a 3-ES cluster. Metro is designed to support exactly this scenario.

One item that caused premature failures during the upgrade was the fact that passwordless ssh hadn’t been configured to the hypervisors (KVM based) and the existing VSD and ES nodes. When running metro, they saw ‘permission denied’ errors connecting to these components.

To avoid these errors, the following steps must be taken:

  • Copy the Metro user’s id_rsa.pub key to the authorized_keys file on each KVM hypervisor
  • Copy the Metro user’s id_rsa.pub key to the authorized_keys file on each VSD and ES node

If you are using the Metro Docker container, you will need to use the id_rsa.pub file for the container, not for the Metro user. We provide a utility to do this for you. If you are using the container, execute:

metroae copy-ssh-id [email protected]

for each host where passwordless ssh connectivity is required.

Bitnami