Problem Description
When deploying a blueprint which contains a virtual machine node with associated script task(s), the script task shows a failed state and the following error is seen in the script output log.
Error: Needed to prompt for a connection or sudo password (host: x.x.x.x), but abort-on-prompts was set to True
The deployment run book shows that the script tasks have retried 31 times before failing.
This behaviour may be seen for any type of script including script artifacts, user scripts entered directly into the blueprint composer, implicit scripts such as agent installation, or disk mounting scripts.
Cause
The Broker appliance utilises SSH to connect to deployed workloads when performing orchestration tasks, which requires authentication to the deployed workload.
The error indicates an authentication misconfiguration which may be caused by one of the following:
- The username specified in an image mapping does not match the username in the image - each service provider has their own requirements around the administrative username which is baked into the virtual machine image
- A credential supplied in an image mapping does not match the the credentials required for the image
- A credential supplied in an SSH Proxy configuration does not work with the SSH gateway host - it is important to note that the error message will include the hostname/IP address of the deployed workload, not the SSH gateway host, even though the authentication attempt will be against the SSH gateway host
Resolution
The configured credentials should be validated via the following methods:
- Check the default ssh usernames for the service provider, and validate the username specified in the Operating System mapping for the service provider and region in which the blueprint is being deployed
- Validate the username and password or ssh key specified in the credentials which are used in the blueprint
- Check that the SSH Proxy is correctly configured and validate the username and password or ssh key specified in the credentials which is used in the SSH Proxy