RE: DevOps Megathread: what you need and how we can help!

Hi, there,
You would need an ansible XOA provider to be able to create virtual machines with a template like vmware does:

- name: clone VM
     vmware_guest:
       hostname: "{{ vcenter_hostname }}"
       username: "{{ vcenter_username }}"
       password: "{{ vcenter_password }}"
       validate_certs: "{{ vcenter_validate_certs }}"
       datacenter: "{{ vcenter_datacenter }}"
       cluster: "{{ vcenter_cluster }}"
       name: SRV-NAMEVM
       folder: FOLDERTEST
       template: "{{ vm_template }}"
       networks:
         - name: LAN NETWORK
           ip: "{{ new_ip }}"
           netmask: "{{ netmask }}"
           gateway: "{{ gateway }}"
           domain: "{{ domain }}"
       wait_for_ip_address: True
       customization:
         hostname: "{{ hostname }}"
         domain: "{{ domain }}"
         dns_servers:
         - "{{ dns1 }}"
         - "{{ dns2 }}"
         dns_suffix:
         - "{{ domain }}"
       state: poweredon

Same for recovering and deleting the VM from ansible :

- name: INFO VM
      vmware_guest_info:
        hostname: "{{ vcenter_hostname }}"
        username: "{{ vcenter_username }}"
        password: "{{ vcenter_password }}"
        validate_certs: "{{ vcenter_validate_certs }}"
        datacenter: "{{ vcenter_datacenter }}"
        name: SRV-NAMEVM
      delegate_to: localhost
      register: vm_info

- name: Shutdown VM...
      vmware_guest:
        hostname: "{{ vcenter_hostname }}"
        username: "{{ vcenter_username }}"
        password: "{{ vcenter_password }}"
        validate_certs: "{{ vcenter_validate_certs }}"
        datacenter: "{{ vcenter_datacenter }}"
        name: SRV-NAMEVM
        state: poweredoff

    - name: delete VM...
      vmware_guest:
        hostname: "{{ vcenter_hostname }}"
        username: "{{ vcenter_username }}"
        password: "{{ vcenter_password }}"
        validate_certs: "{{ vcenter_validate_certs }}"
        datacenter: "{{ vcenter_datacenter }}"
        name: SRV-NAMEVM
        state: absent

@stormi My bad. Ok I installed the nmap-ncat package under rockylinux and works perfectly now Thank you

My server is up to date

@stormi

Would you like to push a pool-specific public SSH key into the ~/.ssh/authorized_keys file of the specified VM and therefore authorize hosts in the pool to interact with the containers inside the VM?
Answer y/n: 
y
Attempting to push the public xscontainer key to USER@IP.
ID@IP's password: 
Success.
Attempting to refresh the state of the VM
Failure diagnosis: Unable to find ncat inside the VM. Please install ncat. 
Do you wish to retry?
Answer y/n:

@stormi I still have the same problem, the key does not want to install and asks me if I want to try again.

@stormi Thanks, I just tried that and it still doesn't work

@stormi I tried to do it but I don't think I succeeded. Could you send me a more specific doc of what you are doing?

thanks

@stormi OK, thanks. I will try your solution on a small lab.

@olivierlambert yes

Output to docker machine :

[XXXX@docker ~]$ cat .ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDkaRRvfWs0qPggPY2VW8/4n3DcjDbZPKM8w7FS418CCZn+8JvB1LNmR1vJXHr7F4k73bo/aIDQ3Lh09iWZOhYwA1nkeDwNyBexVDYiPCuA1DEbiaFuFvo+fMB5rkb9n5WucWuGCkGgwJCB/iEbQni3k0neJe6m3SzHPUJ7DYDu5agzaBjfe0eGn9NyMindLwA/0aNl5TbwYJoxvU1HSCuDXSlcPwg5xEAqs+Rx/0LBdGlu4LiAR/K/187vPRLL3mNFzlGS1peVirqAOOJjSAg0FkQFcqGW5QRNaaAuh9eYy31FCwWC+o4+qpiy/EM0yaBn9gMlBxYxxbaJW8nzJR6zZ1w7xp7fvpdPyxzFxSAYoKIgqrGGKalbTgj25yj5odrTuhvbrzv3Jlfys6RI6SGITeVWNTHT4UtODu5+EKlCQT5UG4jEAwg9Dib68zZjxmJeTBV+Kwk7hd1i2CPkAuWT6oA477qou+ezFMkvBvlphQzGfF4h2cvU81KDvmCoCl5uySGwaQytWXHocnAUusQTUXvz1poPljPXngP3TKuJuaq0QuKKddhZvm4gRe00MzQSifrqfog6bBnDyGk5nhDjEtfd8kuusmjEp+n5+0p4l2+yZxud2eia3CEIHxCusJcKRivqccPp5uOw0kOVyeTd0KOrFRhDFljckowacGF2wQ== root@xcp-ng-XXX
[XXXX@docker ~]$ 

Output to XCP machine :

[07:53 xcp-ng-XXXX ~]# cat .ssh/known_hosts 
192.XXX.XXX.XXX ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNJxGOt3RvDXvelRUPTYyIHmykXhfRWSEN6PXSKYUVxct8qjENHqqqAEJOrl6E5cF9orOGQfbAPjSlLwNqGUGlo=
[07:55 xcp-ng-XXX ~]#

@olivierlambert @stormi up

@olivierlambert I have this output :

[13:24 xcp-ng-XXXX ~]# ssh -v XXX@XXXXXXXXX
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug1: Connecting to XXXXXXXX [XXXXXXXX] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.7
debug1: match: OpenSSH_8.7 pat OpenSSH* compat 0x04000000
debug1: Authenticating to XXXXXXXXX:22 as 'XXXXXXXX'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: curve25519-sha256 need=32 dh_need=32
debug1: kex: curve25519-sha256 need=32 dh_need=32
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:bmXWosoos6FqfYJXXYPv1H5lU4fRKIucvEv1QE/chN0
debug1: Host 'XXXXXXXXXXXX' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)

debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)

debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: password
XXXXX@XXXXXXXXX's password: 
debug1: Authentication succeeded (password).
Authenticated to XXXXXXXXXXXX ([XXXXXXXXXX]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = fr_FR.UTF-8
Last login: Mon Jan 23 13:23:33 2023
[XXXXX@docker ~]$ 

@olivierlambert I still have the same problem, even adding the ssh keys before running xscontainer.

@stormi Hi, I just tested and it still doesn't work

@stormi Hello, I don't really see how to solve the ssh problem or even solve the problem with python.

Hello, I tried to install xscontainer but when I run the command to set up my vm I get this response.

Can you help me?
xcp-ng 8.2.1
thanks you

How do I do this?

Hello;
I don't necessarily speak English well.
I tested the slack transport option for the Backups and these work really well.
Only what I would like is that when VMs are created, migrated, stopped and started I can be informed through Mattermost. And having seen the options that web-hook offers (and which would be fine for me to do what I have to do) I was super excited by the plugin.
If you can help me set it up that would be great.
Thank you for your time.

Bonjour,
j'aimerais faire fonctionner le plugin Web-Hooks avec Mattermost mais quand je met test j'obtiens :

Code: -32000
Message: unknown error from the peer

Voici mon fichier log

plugin.test
{
  "id": "web-hooks",
  "data": {
    "url": "https://XXXXXXXX"
  }
}
{
  "code": 400,
  "url": "https://XXXXXXXXX",
  "message": "Bad Request",
  "name": "Error",
  "stack": "Error: Bad Request
    at onResponse (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/http-request-plus/index.js:255:21)
    at AsyncResource.runInAsyncScope (async_hooks.js:197:9)
    at cb (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/bluebird/js/release/util.js:355:42)
    at tryCatcher (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/bluebird/js/release/util.js:16:23)
    at Promise._settlePromiseFromHandler (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/bluebird/js/release/promise.js:547:31)
    at Promise._settlePromise (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/bluebird/js/release/promise.js:604:18)
    at Promise._settlePromise0 (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/bluebird/js/release/promise.js:649:10)
    at Promise._settlePromises (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/bluebird/js/release/promise.js:729:18)
    at _drainQueueStep (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/bluebird/js/release/async.js:93:12)
    at _drainQueue (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/bluebird/js/release/async.js:86:9)
    at Async._drainQueues (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/bluebird/js/release/async.js:102:5)
    at Immediate.Async.drainQueues [as _onImmediate] (/opt/xo/xo-builds/xen-orchestra-202204160737/node_modules/bluebird/js/release/async.js:15:14)
    at processImmediate (internal/timers.js:464:21)
    at process.callbackTrampoline (internal/async_hooks.js:130:17)"
}

Merci de votre aide