Xscontainer
-
@stormi OK, thanks. I will try your solution on a small lab.
-
@stormi I tried to do it but I don't think I succeeded. Could you send me a more specific doc of what you are doing?
thanks
-
UPDATE 2024-03-19: DON'T DO THIS. We won't support any XCP-ng hosts where system packages have been overriden with pip.
I think these are the steps that worked for me:
yum install xscontainer yum install python2-pip --enablerepo=epel pip2 install --upgrade "pip < 21" pip2 install --upgrade "cryptography == 2.5" pip2 install --upgrade "paramiko < 3"As this is done outside a virtualenv (I've tried inside a virtualenv, but I think xscontainer runs stuff outside of it, so it didn't work), this will overwrite the contents of RPMs you installed, so, again, only for testing.
I also had to remove the former host key from the VM metadata:
xe vm-param-remove uuid=... param-name=other-config param-key=xscontainer-sshhostkey -
@stormi Thanks, I just tried that and it still doesn't work
-
Well, I tried it myself on a freshly installed pool, and this worked. Can you elaborate on what doesn't work?
-
@stormi I still have the same problem, the key does not want to install and asks me if I want to try again.
-
What's the exact error message?
-
Would you like to push a pool-specific public SSH key into the ~/.ssh/authorized_keys file of the specified VM and therefore authorize hosts in the pool to interact with the containers inside the VM? Answer y/n: y Attempting to push the public xscontainer key to USER@IP. ID@IP's password: Success. Attempting to refresh the state of the VM Failure diagnosis: Unable to find ncat inside the VM. Please install ncat. Do you wish to retry? Answer y/n: -
My server is up to date
-
It's not the same error. Your VM is missing a required package : ncat, as the error message says.
-
@stormi My bad. Ok I installed the nmap-ncat package under rockylinux and works perfectly now
Thank you -
F foxy82 referenced this topic on
-
@olivierlambert @stormi
Is there any solution for this, I'm researching how to use xcp-ng + XO to build and manage docker.
When I read about Xscontainer I was excited because it seemed like the best option.
I have a small server and would like to know what would be a clean and transparent solution to achieve this.I've read a lot and I'm still confused.
Below is everything I researched and read on the subject:
https://xcp-ng.org/forum/topic/3232/docker-on-xcp-ng?page=1
https://xcp-ng.org/blog/2021/09/14/runx-next-generation-secured-containers/
https://www.youtube.com/watch?v=qOZk8xpIRpQ
http://oinformata.eti.br/wp/xcp-ng-8-0-debian10-docker/
https://doc.rmbinformatica.com.br/ajuda/redes-e-infraestrutura/xen-server/configurando-o-xenserver-para-monitoramento-de-containers-docker -
I found another workaround (one-step solution) for the "Unable to verify key-based authentication error" without having to mess with any of the python packaging.
Adding
PubkeyAcceptedKeyTypes +ssh-rsaTo your /etc/ssh/sshd_config file will make the VM accept the older authentication
-
@codycrypto this worked! thank you so much!
-
@johnnyorange Glad I could help! Took me weeks to figure that out lol....I would caution using that in production though, not sure the security implications for accepting the older key type.
-
O olivierlambert moved this topic from Xen Orchestra on
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login