f5-azure-arm-templates icon indicating copy to clipboard operation
f5-azure-arm-templates copied to clipboard

Published 20 hours ago verified publisher icon F5Networks

F5 Azure Deployment getting failed Intermittently with error "ssh host key: ret=255, out= /config/ssh/ssh_host_rsa_key.pub".

Open Sri-9339 opened this issue 4 years ago • 5 comments

Do you already have an issue opened with F5 support?

NO

Description

F5 Azure Deployment getting failed Intermittently with below Error.

ErrorCode: The resource operation completed with terminal provisioning state 'Failed'

Message: SSH host key generation failed. Error details: Failed to generate ssh host key: ret=255, out= /config/ssh/ssh_host_rsa_key.pub is not a public key file.\n. To resolve this issue verify if Linux agent is set up properly new-error1

Template

Deploying the BIG-IP VE in Azure - 3 NIC f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/

Severity Level

Severity: 3

Sri-9339 avatar Jun 14 '20 15:06 Sri-9339

I've never seen anyone come across this issue before from using our templates.

It could be an OpenSSL issue. There are people discussing OpenSSL issues on StackOverflow. Maybe try taking a look there and recreating a key?

shyawnkarim avatar Jun 17 '20 20:06 shyawnkarim

I am also seeing this issue with the HA via-api template using version 15.1.002000 with imageName Best1Gbps and instanceType Standard_DS3_v2. There is an F5 bugtracker for this issue relating to version 14.1.003000 suggesting using specific instance types as a workaround. As I am already using one of the suggested instance types this must not be applicable to version 15.1.002000? If I ssh onto the VM I am able to verify the host key without error:

ssh-keygen -l -E md5 -f /var/ssh/ssh_host_rsa_key.pub

53d117460ec63d70 avatar Jul 23 '20 12:07 53d117460ec63d70

Internal issue #2152.

mikeshimkus avatar Jul 23 '20 15:07 mikeshimkus

The problem is that the Azure waagent tries to access the keys before they are generated. We are tracking this bug internally with VECLOUD-971.

shyawnkarim avatar Oct 15 '20 14:10 shyawnkarim

I have observed the same issue using Standalone 2nic PAYG template with imageName Best25Mbps, BIG-IP version 15.1.0 and InstanceType Standard_DS2_v2.

Importantly, changing the InstanceType to Standard_D2_v2 fixed the problem. This somewhat contradicts the Bug ID 807401 article which recommends using DS-type images as a workaround. Perhaps, Standard_D3_v2 will also work instead of the failing Standard_DS3_v2 implementation described above.

vvt137 avatar Nov 03 '20 02:11 vvt137

Closing due to age. These legacy templates are now in maintenance mode and are being replaced by our next-generation templates available in the Cloud Templates 2.0 GitHub repo.

shyawnkarim avatar Nov 15 '22 21:11 shyawnkarim