How to Inject SSH Public key during instance creation using Morpheus APIs

Provisioning & Self Service
, ,
1

Hi,

I’m using this API Documentation to create a Instance https://apidocs.morpheusdata.com/#create-an-instance

I have already created a Key Pair for SSH Public Key.
In the CreateInstance POST method body, under config field there is a provision to add publicKeyId, So i have added the Key pair ID which I have created.

but once the Instance is provisioned, i am unable to do password less login.
the ~/.ssh/authorized_keys file is empty only.

How do I inject or map my ssh public key while creating Instance.

2

Are you passing the create user flag? I’ll have to test this to confirm things on my end.

Also, which cloud type are you deploying to?

3

I haven’t passed Create user flag. i’m trying to create VM on ESXi

4

I have now tried by passing username and pass in config section but it didn’t work for me.

{
    "zoneId": 15,
    "instance": {
        "name": "TEST",
        "cloud": "myCloud",
        "site": {
            "id": 14
        },
        "instanceType": {
            "code": "vmware"
        },
        "layout": {
            "id": 1
        },
        "plan": {
            "id": 2
        }
    },
    "copies": 1,
    "layoutSize": 1,
    "volumes": [
        {
            "id": -1,
            "rootVolume": true,
            "name": "somevol",
            "size": 40,
            "storageType": 0,
            "datastoreId": "auto"
        }
    ],
    "networkInterfaces": [
        {
            "network": {
                "id": 1347
            },
            "networkInterfaceTypeId": 423
        }
    ],
    "config": {
        "publicKeyId": 5,
        "template": 5363,
        "resourcePoolId": 787, 
        "noAgent": false,
        "vmwareFolderId": "g42",
        "vmwareUsr": "demo",
        "vmwarePwd": "demo123"
    }
}

Without user and pass

{
    "zoneId": 15,
    "instance": {
        "name": "TEST",
        "cloud": "myCloud",
        "site": {
            "id": 14
        },
        "instanceType": {
            "code": "vmware"
        },
        "layout": {
            "id": 1
        },
        "plan": {
            "id": 2
        }
    },
    "copies": 1,
    "layoutSize": 1,
    "volumes": [
        {
            "id": -1,
            "rootVolume": true,
            "name": "somevol",
            "size": 40,
            "storageType": 0,
            "datastoreId": "auto"
        }
    ],
    "networkInterfaces": [
        {
            "network": {
                "id": 1347
            },
            "networkInterfaceTypeId": 423
        }
    ],
    "config": {
        "publicKeyId": 5,
        "template": 5363,
        "resourcePoolId": 787, 
        "noAgent": false,
        "vmwareFolderId": "g42"
    }
}

Let me if i am missing anything when you test.

5

The first example you posted isn’t proper create local user payload. That would simply be the “createUser” flag under the config block as shown below. Note this adds the configure (user/pass/cert) under the provisioning user’s profile for Linux creds.

    "config": {
      "resourcePoolId": 1066,
      "publicKeyId": 7,
      "hostId": "",
      "vmwareFolderId": "group-v1038",
      "nestedVirtualization": "off",
      "createUser": true
    }

Additionally, it appears you are possibly looking at the wrong location for the keys.
You must look under the user deploying the system’s home at $home/.ssh/authorized_keys for the user added (and possibly the cloud-init user home configured under Administration > Provisioning)

6

I have added Linux user under user settings and updated the SSH Key pair.
When i provision Instance with “createUser”: true, it has created the user and i’m able to do passwordless login to that VM.
This concludes that publicKeyId option is not working because even though i have specified a different publicKeyId than the one which i updated in the linux user settings. it is still not picking it. It is only picking the key pair which is in the Linux user settings.

What is the right usage of using publicKeyId then ?

7

Hello,

The publicKeyId option should tell Morpheus to copy the specified Morpheus AccountKeyPair public key to the authorized_keys file for the username configured on the Host settings for the virtual machine. This could be the cloud-init user as configured in Administration > Provisioning as mentioned by @cbunge.

Have you tried looking in authorized_keys for the cloud-init user?

Hope this helps,

Thanks

8

@cbunge @ctaylor
I have observed that, Adding the publicKeyId in config section won’t make any difference as it always pick the ssh key pair which is added in the Cloud Init settings for the mentioned user.

My use-case is different.
I want to create a user which is mentioned in the payload under config section and pick the publickeyId which is again mentioned in the payload for the same user. passwordless login should happen for the user.

"config": {
    "publicKeyId": 12,
    "template": 34,
    "resourcePoolId": 34, 
    "noAgent": false,
    "vmwareFolderId": "group-v421"
    "createUser": true,
    "vmwareUsr": "mark",
    "vmwarePwd": "Password!234"
}

As per this, i expect that user mark should be created and passwordless login should happen for the publicKeyId 12

Hope i am clear on my requirement.

9

If your user profile has a password and key assigned, you can set the “createUser”: true flag and it’ll automatically set your user and key under that user’s home dir. No need to specifically call a key id.

If this is a 3rd party user you are trying to add, create a “user group” in Morpheus. Add the user(s) to that group, then in the payload define the usergroup you are adding. Again, any user added this way must have their username/pass/key defined in their Morpheus User profile. At which time, Morpheus will create all of those users and define their keys.