I have a instance in openstack, Instance A, In instance A we have installed some tools, the same set of tools/OS we need it to the instance B, basically we have to replicate the same to instance B.
How we can do through gui or cmd line
I need configuration should be Instance A=Instance B
We already tried, we have created snapshot and launched the same, but not able to ssh the floating IP
WE have created volume (copy) and launched, not able login.
Related
I turned off (set 0 value in "Enabled") AES 128\128 cipher, and SHA, SHA256, SHA384, MD5 hashes in windows server 2012 R2 registry (hosted on aws).
Then I used command "Restart-Computer" and cannot to login via RDP to my server. How can I restore RDP connection ? and connection at all ?
Thanks in advance.
There is the answer from aws support:
There are 3 methods using which you can revert the registry changes. Request you to follow the Methods in a sequential manner if the current Method fails.
Method 1 - Connecting to the registry of the problematic instance from another instance in the same VPC and revert the changes. (You can launch a test instance temporarily in the same VPC if you don't have any existing instance (s) in the same VPC.)
1. Open Registry Editor from the working instance which is in the same VPC as problematic instance.
2. Click on File->Connect Network Registry.
3. Enter the FQDN of the server and Click on Ok.
4. Enter the credentials and Click Ok.
5. Now Expand the Remote computer (Problematic instance) hive and revert the changes.
Method 2 - Access the problematic instance using TightVNC.
1. Ensure that the non-working instance has IAM role assigned to it with Policy named "AmazonEC2RoleforSSM" attached to the IAM role. To create and Attach an IAM role See Link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html & https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#attach-iam-role
2. Now Install TightVNC on a working instance which is in the same VPC and subnet. Link to download TightVNC MSI: https://tightvnc.com/download.php 3. Right click on the MSI > Properties > Under the General Tab > Ensure the file has been Unblocked by Ticking the Unblocked check box.
4. Now copy the msi file on the problematic instance as well. Copy the MSI to C$ on the problematic instance (\\c$). For simplicity sake rename the MSI to TightVNC64.msi 5. Now go to https://console.aws.amazon.com/systems-manager
6. On a Left Pane, Under Actions, Click on Run Command.
7. Click on Run Command and Search for Command Document named "AWS-RunPowerShellScript".
8. Select AWS-RunPowerShellScript and under Command Parameters paste the below command:
Start-Process -FilePath "C:\TightVNC64.msi" -ArgumentList ("/q SET_PASSWORD=1 VALUE_OF_PASSWORD=YouSecurePasswordGoesHere SERVER_ADD_FIREWALL_EXCEPTION=1") -Wait -PassThru
9. Scroll down and Under Targets, Select the Problematic Instance.
10. On the bottom of the page Click Run.
11. Wait for command status to get successful.
12. Launch the TightVNC Viewer on your working instance and provide the IP/FQDN of the problematic instance followed by the credentials that you have provided under command in Step 8.
13. You will be connected to the Instance and can make changes in the registry.
Method 3 (Method will require Stop and Starting of the instance.)
1. For Detaching the Root Volume from the problematic instance and Attach it to the working instance request you to please watch video from 1:47 to 3:40 in following article:
https://aws.amazon.com/premiumsupport/knowledge-center/ec2rescue-windows-troubleshoot/
2. Open Disk Management Console (diskmgmt.msc) and Right Click on the Disk showing Offline status and Click Online.
3. Once the Disk is Online, Go to My computer and make a note of the Drive letter of the disk which you have attached.
4. Open Registry Editor and Select HKLM.
5. Click on File and Load Hive. Provide any name for eg. "Recovery".
6. Expand the "Recovery" key and revert the changes i.e. Enable the value for AES 128\128 cipher, and SHA, SHA256, SHA384, MD5 hashes.
7. Once all the changes are made, Select the "Recovery" Key and Click on File and Unload Hive.
8. Open the Disk Management console and take the disk offline.
9. Now for re-attaching the root volume to your problematic instance, request you to please watch video from 08:02 to 9:28 using the same link: https://aws.amazon.com/premiumsupport/knowledge-center/ec2rescue-windows-troubleshoot/
Additionally, first of all you should ensure that yuor IP-address in range of inbounds-rules of the failured instance.
in my case I, first of all tried to use amazon app "app2rescue" for diagnostic failured instance, bit it didn't show any helpful (did show only few possible issues with firewall, but it's not related to my issue).
Then I tried the first method - but I could not get access to remote registry (I assume that on the target machine was disabled "Remote registry" service).
And finally, I used the third method and it fixed my problem. During this operations I faced only one issue - before failure I was changing the currentControlSet, and when I attached volume to temp server, I was trying to find exactly it, but found out that currentControlSet is enabled only when this registry is used for current OS (when this registry works), so I found my problem-parameters (sha, md5 etc) in the controlSet001 instead of currentControlSet.
I'm having troubles connecting to an instance on Compute Engine via SSH.
If I try via command line I get the following error:
Permission denied (publickey)
The same happens if I connect via browser interactive console.
In the serial port output I see:
Mar 22 14:17:04 metadata sshd[9260]: Invalid user name_lastname from xx.xx.xx.xx
Mar 22 14:17:04 metadata sshd[9260]: input_userauth_request: invalid user name_lastname [preauth]
The strange fact is that some minutes ago I didn't have any problem connecting to it and it started occurring after I have resized the instance (changed machine type from small to n1-standard-2).
The boot disk is not full and I haven't modified any user.
I've also tried to add the firewall rule but it doesn't work. I have several other machines on the same project and I can connect to them properly.
I can connect to the interactive serial console using another user previously created on the machine (manually), but I cannot become root from that.
Thanks a lot.
You should be able to login to your instance from the serial console as root user. If you can login as root user, then you can modify the users.
If you cannot login to your instance as root user, then you should create a new instance and copy the data from the old instance to the new instance. You can do this by attaching the disk from the old instance to the new instance
Here is the problem statement:
Suppose I am on an EC2 instance A, and run an Ansible script which does the following tasks:
1. Create an EC2 instance B
2. SSH into it
3. Trigger an Ansible script which is on B, with the simple `ansible-playbook <pb_on_B>.yml` [B is being provisioned from an AMI]
So, what will happen if the instance A gets terminated after task 3 gets started?
Will the Ansible script which is triggered in B, finish to completion?
[W]hat will happen if the instance A gets terminated after task 3 gets started?
Will the Ansible script which is triggered in B, finish to completion?
You can't tell what would happen with 100% certainty.
It depends on the shell configuration (for example TMOUT in bash), SSH daemon configuration (TCPKeepAlive, ClientAliveInterval parameters), timing, network conditions and whether A will close the session with (FIN) or drop without notifying A.
Most likely the playbook execution would get interrupted.
If SSH daemon on B cannot contact the SSH client on A (for example to print out Ansible execution log) and it gets the TCP RST packet, it will drop the session killing the SSH session's child processes, including the shell and ansible-playbook. However the session might also remain active until timeout and the playbook might finish before it occurs.
If ansible-playbook executable was be called through the nohup command (or in a screen or tmux session), it won't be interrupted upon SSH session disconnect (and shell session closure).
Note: when you use nohup the standard output will be redirected to a file nohup.out. Refer to the answers under this question to learn the options.
Also check this answer on Unix.SE which describes the technicalities behind the command.
Can Ansible task provisioned from Ansible run on a remote host without SSH?
Yes, with ansible-pull:
Should you want to invert the architecture of Ansible, so that nodes check in to a central location, instead of pushing configuration out to them, you can.
The ansible-pull is a small script that will checkout a repo of configuration instructions from git, and then run ansible-playbook against that content.
If the idea is to preserve an SSH session in instance B, without worrying about the life/death of instance A, you could try and run your ansible plays in tmux on instance B. Your workflow will be modified like this
Create an EC2 instance B
SSH into it
Instal tmux - apt-get install tmux
Start a tmux session tmux new -s ansible
Trigger an Ansible script which is on B, with the simple ansible-playbook <pb_on_B>.yml
After creating an instance from CloudStack UI, I can see the VMs:
# virsh list --all
Id Name State
----------------------------------------------------
1 v-2-VM running
4 s-1-VM running
5 r-4-VM running
8 i-2-5-VM running
10 i-2-3-VM running
But when I try to start a console for an instance say i-2-5-VM, i get the following:
# virsh console i-2-5-VM
Connected to domain i-2-5-VM
Escape character is ^]
Hereafter the console hangs, not even the command prompt comes. Then i have to press Ctrl+] to come back to the shell. Additional information:
# virsh ttyconsole i-2-5-VM
/dev/pts/4
I can ping to it, but cannot ssh.
Please let me know, how can I login to my instance ?
Start the console from the CloudStack GUI rather than the command line.
Also if you want to see the details of the VM, you can install GUI tool virt-manager which will show you all the instances running on the KVM hypervisor and their all the details (nics, volumes, memory, state etc)
Please advise me on this issue:
I have one default SQL instance in SQL Server 2005(sp 3 x64 bits) called instanceA
Then I installed another 2 instances call instanceB and C.
After that I restore master.bak from production server to this instanceB. The SQL services for this instance could not be started at all since then. If I turned off the default instance services, instanceB can be started. This is because both of the instances are pointing to the same 'model.mdf' file in 'MSSQL.1' folder. Hence both instances could not be started simultaneously.
I believe that in production server, the model path is configured to the default folder 'MSSQL.1' .Is there anyway to change the path to 'MSSQL.8' that belongs to instanceB upon installation so that both instances A and B could be started together?
Thank you.