[SAC] [OSGeo] #2534: Setup new osgeo8 server with LXD

OSGeo trac_osgeo at osgeo.org
Mon Apr 4 18:58:48 PDT 2022 

#2534: Setup new osgeo8 server with LXD
---------------------------+----------------------------------------
 Reporter:  robe           |       Owner:  sac@…
     Type:  task           |      Status:  closed
 Priority:  major          |   Milestone:  Sysadmin Contract 2022-II
Component:  Systems Admin  |  Resolution:  fixed
 Keywords:                 |
---------------------------+----------------------------------------
Changes (by robe):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Done with setup and all done using ansible including the lvm slice for lxd
 -
 https://git.osgeo.org/gitea/sac/ansible-
 deployment/src/branch/master/deployment/roles/osgeo8



 One frustration I had is the lxc remote add doesn't work with --password.
 I think that might be a bug as all I have read suggests it should work.
 But only way I could get it to work was manually add it, and when prompted
 for password type it in.  Then delete it.  At that point the client key of
 the server is registered on the remote server.

 You can see that with:


 {{{
 lxc remote switch osgeo9 #gets me into osgeo9
 lxc config trust list
 }}}

 Ideally we should be using client tokens detailed here:
 https://linuxcontainers.org/lxd/docs/master/authentication
 /#authentication-token

 but not sure we can automate that with ansible.  If we do the prompt
 thing, not sure how to get ansible to answer the prompt.  Anyway I have a
 TODO there saying it doesn't work -

 https://git.osgeo.org/gitea/sac/ansible-
 deployment/src/branch/master/deployment/roles/lxd-
 host/tasks/prod_lxd_remote.yml#L15

 I also have a hop setup using a new osgeo-debian-11 image I built using
 ansible and stored on osgeo9.  I'm sure strk will be horrified with my
 ansible code (like the fact I just copied and pasted stuff from his ssh-
 server role instead of defining a playbook to build hop that had an ssh-
 server role), but oh well.  Which is defined in this script -
 https://git.osgeo.org/gitea/sac/ansible-
 deployment/src/branch/master/deployment/roles/images/tasks/build-osgeo-
 debian-11.yml

-- 
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2534#comment:7>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

More information about the Sac mailing list