Ask Your Question
0

Copy a war file from my build server to the agent <<Build server does not have puppet installed>>

asked 2017-04-30 18:52:00 -0500

Sourav gravatar image

I am trying to copy a war file from my build server to the agent.

The manifest looks like -

node "car-dev-003.abc.com" { include scp

scp { "/home/sourav/myfile.war": ensure => 'present', source => "sourav@car-build-001:/data/builder/dist/study-307-SNAPSHOT.war", }

It compiles fine on the master.

Now on my agent I am running

sudo /opt/puppetlabs/bin/puppet agent -t --debug (I can't run without sudo)

It gives me the error -

Debug: Executing: '/usr/bin/scp souravb@car-build-001:/data/builder/dist/study-307-SNAPSHOT.war /home/sourav/myfile.war' Error: Execution of '/usr/bin/scp sourav@car-build-001:/data/builder/dist/study-307-SNAPSHOT.war /home/sourav/myfile.war' returned 1: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). Error: /Stage[main]/Main/Node[car-dev-003.abc.com]/Scp[/home/sourav/myfile1.war]/ensure: change from absent to present failed: Execution of '/usr/bin/scp sourav@car-build-001:/data/builder/dist/study-307-SNAPSHOT.war /home/sourav/myfile.war' returned 1: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).

I can do 'ssh car-build-001' from dev to build server without inputting the password. So, the ssh keys have been generated properly.

Any help would be greatly appreciated.

edit retag flag offensive close merge delete

Comments

Does `sudo ssh car-build-001` work as expected? And does root have permission to create files in the `car-build-001:/data/builder/dist` directory?

Red Cricket gravatar imageRed Cricket ( 2017-04-30 21:22:06 -0500 )edit

Okay. Thanks for your comment. I think you mean to say that puppet runs the SCP command as a sudo. I tried to do - sudo ssh car-build-001 but it asked for the password. Normal - ssh car-build-001 works fine i.e. it did not prompt for a password. On /data/builder... permission is - -rw-rw-r--.

Sourav gravatar imageSourav ( 2017-04-30 21:27:55 -0500 )edit

How do I ensure that sudo ssh car-build-001 works passwordless?

Sourav gravatar imageSourav ( 2017-04-30 21:28:19 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
1

answered 2017-04-30 23:36:07 -0500

Sourav gravatar image

Thanks for the hint.

I got it to work.

The main thing is to ensure that the scp command runs as a root (or sudo). So, it is important that passwordless root to root communication between the servers is setup.

I followed the steps -

  1. Generated te public keys for the root using ssh-keygen -t rsa on my client server (Client server is the server which will call the source server)

  2. On the source server, append the public key into the autorized_keys file of the source server.

The restart the /etc/.init.d/sshd services and it should work.

For key generation and copying in the autorized_keys file please refer to - http://www.tecmint.com/ssh-passwordle...

edit flag offensive delete link more

Comments

Glad to hear you got it working. Just a minor note that you shouldn't need to restart sshd.

Red Cricket gravatar imageRed Cricket ( 2017-05-01 02:25:14 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2017-04-30 18:52:00 -0500

Seen: 28 times

Last updated: Apr 30