Uploaded image for project: 'CloudStack'
  1. CloudStack
  2. CLOUDSTACK-6869

Public key content is overridden by template's meta data when you create a instance

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Critical
    • Resolution: Fixed
    • 4.3.0, 4.4.0, 4.5.0, Future
    • 4.4.0, 4.5.0
    • API, Management Server, Template
    • Security Level: Public (Anyone can view this level - this is the default.)
    • None

    Description

      A public key content is overridden by detail value of 'SSH.PublicKey' from a template created by an instance ROOT volume with public key specification.
      This results in delivery of the template owner's ssh key for a instance created from the template to virtual router inspite of specification of instance owner's ssh key.

      It is caused by import of resource detail values at commitUserVm method like below.

                      Map<String, String> details = template.getDetails();
                      if (details != null && !details.isEmpty()) {
                          vm.details.putAll(details);
                      }
      

      Reproduction procedure:

      1. Deploy an instance with a ssh key A by specifying 'keypair' value.
      2. Create a template from this instance.
      3. Deploy an instance with another ssh key B by specifying 'keypair' value.

      Database example:

      mysql> select * from cloud.template_view where id=207 \G;
      *************************** 1. row ***************************
                        id: 207
                      uuid: c96f0d9a-0a56-4d30-af73-fe8b31ae37c3
               unique_name: 2219faa5a-4e7b-3425-b6e6-135ab210422b
                      name: cluster_frontend-20140520.2
                    public: 1
                  featured: 0
                      type: USER
                       hvm: 1
                      bits: 64
                       url: NULL
                    format: QCOW2
                   created: 2014-05-20 09:33:47
                  checksum: NULL
              display_text: Cluster Frontend VM CentOS 6.5 ver.20140520.2
           enable_password: 1
      dynamically_scalable: 0
            template_state: Active
               guest_os_id: 182
             guest_os_uuid: 9d3c42d8-caab-11e3-9125-001e679910a0
             guest_os_name: CentOS 6.4 (64-bit)
                  bootable: 1
               prepopulate: 0
               cross_zones: 0
           hypervisor_type: KVM
               extractable: 0
              template_tag: NULL
                  sort_key: 0
                   removed: NULL
             enable_sshkey: 0
        source_template_id: 205
      source_template_uuid: c131680c-3e0e-4d7c-b554-02dabc10ade1
                account_id: 3
              account_uuid: f9e4e1ca-69fd-4ae3-b70c-15bbcc13406e
              account_name: sgcadm
              account_type: 0
                 domain_id: 2
               domain_uuid: 84dd635d-fb99-4895-b199-7d777aa144d5
               domain_name: default
               domain_path: /default/
                project_id: NULL
              project_uuid: NULL
              project_name: NULL
            data_center_id: NULL
          data_center_uuid: NULL
          data_center_name: NULL
             lp_account_id: NULL
                  store_id: 3
               store_scope: REGION
                     state: Ready
            download_state: DOWNLOADED
              download_pct: 100
                 error_str: NULL
                      size: 18465816576
                 destroyed: 0
          created_on_store: 2014-05-20 09:33:47
               detail_name: Message.ReservedCapacityFreed.Flag
              detail_value: false
                    tag_id: NULL
                  tag_uuid: NULL
                   tag_key: NULL
                 tag_value: NULL
             tag_domain_id: NULL
            tag_account_id: NULL
           tag_resource_id: NULL
         tag_resource_uuid: NULL
         tag_resource_type: NULL
              tag_customer: NULL
            temp_zone_pair: 207_0
      *************************** 2. row ***************************
                        id: 207
                      uuid: c96f0d9a-0a56-4d30-af73-fe8b31ae37c3
               unique_name: 2219faa5a-4e7b-3425-b6e6-135ab210422b
                      name: cluster_frontend-20140520.2
                    public: 1
                  featured: 0
                      type: USER
                       hvm: 1
                      bits: 64
                       url: NULL
                    format: QCOW2
                   created: 2014-05-20 09:33:47
                  checksum: NULL
              display_text: Cluster Frontend VM CentOS 6.5 ver.20140520.2
           enable_password: 1
      dynamically_scalable: 0
            template_state: Active
               guest_os_id: 182
             guest_os_uuid: 9d3c42d8-caab-11e3-9125-001e679910a0
             guest_os_name: CentOS 6.4 (64-bit)
                  bootable: 1
               prepopulate: 0
               cross_zones: 0
           hypervisor_type: KVM
               extractable: 0
              template_tag: NULL
                  sort_key: 0
                   removed: NULL
             enable_sshkey: 0
        source_template_id: 205
      source_template_uuid: c131680c-3e0e-4d7c-b554-02dabc10ade1
                account_id: 3
              account_uuid: f9e4e1ca-69fd-4ae3-b70c-15bbcc13406e
              account_name: sgcadm
              account_type: 0
                 domain_id: 2
               domain_uuid: 84dd635d-fb99-4895-b199-7d777aa144d5
               domain_name: default
               domain_path: /default/
                project_id: NULL
              project_uuid: NULL
              project_name: NULL
            data_center_id: NULL
          data_center_uuid: NULL
          data_center_name: NULL
             lp_account_id: NULL
                  store_id: 3
               store_scope: REGION
                     state: Ready
            download_state: DOWNLOADED
              download_pct: 100
                 error_str: NULL
                      size: 18465816576
                 destroyed: 0
          created_on_store: 2014-05-20 09:33:47
               detail_name: SSH.PublicKey
              detail_value: ssh-rsa ...(snip)
                    tag_id: NULL
                  tag_uuid: NULL
                   tag_key: NULL
                 tag_value: NULL
             tag_domain_id: NULL
            tag_account_id: NULL
           tag_resource_id: NULL
         tag_resource_uuid: NULL
         tag_resource_type: NULL
              tag_customer: NULL
            temp_zone_pair: 207_0
      *************************** 3. row ***************************
                        id: 207
                      uuid: c96f0d9a-0a56-4d30-af73-fe8b31ae37c3
               unique_name: 2219faa5a-4e7b-3425-b6e6-135ab210422b
                      name: cluster_frontend-20140520.2
                    public: 1
                  featured: 0
                      type: USER
                       hvm: 1
                      bits: 64
                       url: NULL
                    format: QCOW2
                   created: 2014-05-20 09:33:47
                  checksum: NULL
              display_text: Cluster Frontend VM CentOS 6.5 ver.20140520.2
           enable_password: 1
      dynamically_scalable: 0
            template_state: Active
               guest_os_id: 182
             guest_os_uuid: 9d3c42d8-caab-11e3-9125-001e679910a0
             guest_os_name: CentOS 6.4 (64-bit)
                  bootable: 1
               prepopulate: 0
               cross_zones: 0
           hypervisor_type: KVM
               extractable: 0
              template_tag: NULL
                  sort_key: 0
                   removed: NULL
             enable_sshkey: 0
        source_template_id: 205
      source_template_uuid: c131680c-3e0e-4d7c-b554-02dabc10ade1
                account_id: 3
              account_uuid: f9e4e1ca-69fd-4ae3-b70c-15bbcc13406e
              account_name: sgcadm
              account_type: 0
                 domain_id: 2
               domain_uuid: 84dd635d-fb99-4895-b199-7d777aa144d5
               domain_name: default
               domain_path: /default/
                project_id: NULL
              project_uuid: NULL
              project_name: NULL
            data_center_id: NULL
          data_center_uuid: NULL
          data_center_name: NULL
             lp_account_id: NULL
                  store_id: 3
               store_scope: REGION
                     state: Ready
            download_state: DOWNLOADED
              download_pct: 100
                 error_str: NULL
                      size: 18465816576
                 destroyed: 0
          created_on_store: 2014-05-20 09:33:47
               detail_name: Encrypted.Password
              detail_value: ...(snip)
                    tag_id: NULL
                  tag_uuid: NULL
                   tag_key: NULL
                 tag_value: NULL
             tag_domain_id: NULL
            tag_account_id: NULL
           tag_resource_id: NULL
         tag_resource_uuid: NULL
         tag_resource_type: NULL
              tag_customer: NULL
            temp_zone_pair: 207_0
      3 rows in set (0.00 sec)
      
      ERROR:
      No query specified
      
      mysql>
      
      

      Attachments

        Activity

          People

            harikrishna.patnala Harikrishna Patnala
            hiroki-o Hiroki Ohashi
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: