Following LP: #2013403, cloud-init now prevent login until the system
is fully provisioned, which create a situation where we can connect to
ssh but not login.
This fix it by capturing exit code and retrying if a specific exit code
occurs.
We don't enable ssh retries for other kind of errors.
When uvtool creates a VM, it uses the qemu system daemon connection.
This commit forces the list command to use the same connection no matter
the local configuration. This makes create/list command consistent.
Using the virsh wrapper has the disadvantage of not taking into
consideration libvirt configuration we assume (for example using the
system daemon for the libvirt qemu driver/hypervisor.
Also, given that uvtool tends to be used as a shim over libvirt,
filtering the list output wouldn't be very helpful.
This commit clarifies the above and marks a todo to turn this into a
better native implementation.
tolerate if some key types can't be created (LP: #1936473)
For example in FIPS mode we otherwise abort with
DSA keys are not allowed in FIPS mode^M
Traceback (most recent call last):
File "/usr/bin/uvt-kvm", line 35, in <module>
uvtool.libvirt.kvm.main_cli_wrapper(sys.argv[1:])
File "/usr/lib/python2.7/dist-packages/uvtool/libvirt/kvm.py", line 861, in main_cli_wrapper
main(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/uvtool/libvirt/kvm.py", line 856, in main
args.func(parser, args)
File "/usr/lib/python2.7/dist-packages/uvtool/libvirt/kvm.py", line 643, in main_create
ssh_host_keys, ssh_known_hosts = uvtool.ssh.generate_ssh_host_keys()
File "/usr/lib/python2.7/dist-packages/uvtool/ssh.py", line 50, in generate_ssh_host_keys
_keygen(key_type, private_path)
File "/usr/lib/python2.7/dist-packages/uvtool/ssh.py", line 34, in _keygen
'-C', 'root@localhost'
File "/usr/lib/python2.7/subprocess.py", line 190, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['ssh-keygen', '-q', '-f', '/tmp/uvt-kvm.sshtmpVhmPlF/dsa', '-N', '', '-t', 'dsa', '-C', 'root@localhost']' returned non-zero exit status 255
Signed-off-by: Christian Ehrhardt <email address hidden>