#8876 Fedora Kernel services VM
Closed: Fixed 4 years ago by kevin. Opened 4 years ago by jcline.

Describe what you would like us to do:

There are currently a couple services run under my desk that need a new home. After a discussion with @kevin we decided a small VM in AWS would suffice.

If there's an official CentOS 8 AMI that would be good, or Fedora. It runs a web server with a message broker and some workers (Django+RabbitMQ+Celery).

It needs ~5GB of storage as it keeps a clone of the kernel and a bit for the database, 10GB would be more than enough. Its current home has 4GB of RAM, but 2 or even 1 would be enough based on current usage.

When do you need this to be done by? (YYYY/MM/DD)

Sooner is better, before 2020/05/06 would be ideal.

I can get this setup. Likely tomorrow? or later today...

Note that we will just provide the vm, and the kernel folks will manage everything else inside it. We won't monitor it, run updates for it, etc. It will be all up to you all. :)

Metadata Update from @kevin:
- Issue assigned to kevin
- Issue priority set to: Waiting on Assignee (was: Needs Review)
- Issue tagged with: aws

4 years ago

I can get this setup. Likely tomorrow? or later today...

Great, thanks!

Note that we will just provide the vm, and the kernel folks will manage everything else inside it. We won't monitor it, run updates for it, etc. It will be all up to you all. :)

Yup, understood. I've got years of enabling dnf-automatic under my belt.

This VM is set up now. It has the following specs

VCpu: 2
Disk: 10GB
OS: Fedora Cloud 32.1.6

I have opened ports 443 and 22, let me know if you need more opened.

Are the keys I've configured in FAS supposed to be there? If I recall correctly the user is fedora, but I'm not able to authenticate with that or any other common names and my ssh keys.

It's 2/3rds of your keys. ;) It wouldn't let me put all 3 of the fedora ones in, but I was able to put 2 of them in... and yes, it should be fedora user.

Hmm. I'm offering all three keys for the fedora user and it's not accepting any of them:

debug1: Next authentication method: publickey
debug1: Offering public key: /home/jcline/.ssh/yubikey5_keyring RSA SHA256:L2dEqnZliUz+KIoBjKkvnemrbORaZUglMIPOP1Ocgcs explicit agent
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Offering public key: /home/jcline/.ssh/yubikey5_backup RSA SHA256:25tzW/d3sk8mX2hahGuUfNdMO7WuTwBvBClVjfDtgAA explicit
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Offering public key: /home/jcline/.ssh/nitrokey_pro RSA SHA256:V3KuqTTu+5bYNFmCdL+uyBIJsbVGhTuUJxWOoC07ScI explicit
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: password
fedora@'s password:

Let me check in case I messed up the keys somehow...

So, amazon doesn't let you see the public key after you make a keypair... thanks amazon. ;(

I guess I will delete it, re-add it with one key and then destroy/create the instance.

Sorry for the hassle.


Great. Let us know if you need anything further on it.

Metadata Update from @kevin:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

4 years ago

Log in to comment on this ticket.
