Project

General

Profile

Bug #9517

EC2 SSH Keypair name collisions

Added by Anthony Tiradani over 4 years ago. Updated over 4 years ago.

Status:
Rejected
Priority:
High
Assignee:
-
Category:
Factory
Target version:
-
Start date:
07/09/2015
Due date:
% Done:

0%

Estimated time:
First Occurred:
Occurs In:
Stakeholders:

CMS OSG Fermilab

Duration:

Description

We specify the ssh key pair name in the job submit file for the vm request:

ec2_keypair_file = $ENV/ssh_key_pair.$(Cluster).$(Process).pem

The only "unique" aspects to this are the Cluster and ProcId. However, this is only unique within the specific SCHEDD. It isn't even unique across the factory. This impacts any Cloud account with multiple factories submitting to it.

I suggest we change the submit file to the following:

ec2_keypair_file = $ENV/$(Name).ssh_key_pair.$(Cluster).$(Process).pem

Note the inclusion of the $(Name) macro to the beginning of the file name. This will identify the schedd and the factory that the request is coming from.

History

#1 Updated by Anthony Tiradani over 4 years ago

  • Status changed from New to Rejected

It turns out my diagnosis was incorrect. The SSH Keypair names that the cloud controllers see is auto-generated by HTCondor and should be globally unique enough.



Also available in: Atom PDF