[FIXED] Docker Machine SSH --native-ssh Failing

Rancher 2.x
1

EDIT: This is probably a docker machine issue I think and not Rancher.

Running Rancher master on my mac, trying to create a cluster in a private OpenStack instance.

Docker machine create finishes, seemingly successfully, and the next command is an attempt to ssh into the host and fire up the Rancher Agent.

I debugged to see what command was being executed by rancher, and this is what was executed below, which I ran manually.

root@1185eeddb100:/tmp# docker-machine --debug --native-ssh ssh dev79a-cg-kube1 sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run my-docker-hub/rancher/rancher-agent:master --server https://localhost --token <redacted> --ca-checksum <redacted> -r -n m-q4mgl
Docker Machine Version:  0.14.0, build 16b5eb0
Found binary path at /usr/bin/docker-machine
Launching plugin server for driver openstack
Plugin server listening at address 127.0.0.1:44393
() Calling .GetVersion
Using API Version  1
() Calling .SetConfigRaw
() Calling .GetMachineName
(dev79a-cg-kube1) Calling .GetState
(dev79a-cg-kube1) DBG | Get status for OpenStack instance... map[MachineId:14c1bc26-7326-4aea-91c7-d9b9bf1bf120]
(dev79a-cg-kube1) DBG | Authenticating... map[AuthUrl:https://dev.keystone.cloud.net:5000/v3 Insecure:true TenantName: CaCert: DomainID: DomainName:development Username:jkierpiec TenantID:6cf88bc0dcb14f5a873c9e5b90d53c81]
(dev79a-cg-kube1) Calling .GetSSHHostname
(dev79a-cg-kube1) DBG | State for OpenStack instance map[State:ACTIVE MachineId:14c1bc26-7326-4aea-91c7-d9b9bf1bf120]
(dev79a-cg-kube1) Calling .GetSSHPort
(dev79a-cg-kube1) Calling .GetSSHKeyPath
(dev79a-cg-kube1) Calling .GetSSHKeyPath
(dev79a-cg-kube1) Calling .GetSSHUsername
Using SSH client type: native
<nil>
Error getting config for native Go SSH: asn1: structure error: superfluous leading zeros in length
  1. Not sure why docker machine is choosing native. Trying to dig into the code, but expected NewExternalClient to be called vs NewNativeClient.
  2. Isnt the superflous leading zeros a malformed key error? Not sure which key its even referring to.
  3. Running WITHOUT --native-host works, although the agent container ends up in an endless restart loop, I assume that is primarily because I created the machine outside of rancher for debugging purposes.

Hopefully this can be debugged! Let me know what other context I can provide.

2

And --native-ssh is hardcoded into Rancher - another data point.

func buildAgentCommand(node *v3.Node, dockerRun string) []string {
	drun := strings.Fields(dockerRun)
	cmd := []string{"--native-ssh", "ssh", node.Spec.RequestedHostname}
	cmd = append(cmd, drun...)
	cmd = append(cmd, "-r", "-n", node.Name)
	return cmd
}
3

Looks like there was an issue with how OpenStack created my KeyPair. Removed the OpenStack generated KeyPair and allowed Rancher to make it and it worked just fine. Not sure what was malformed, but it was. This was an issue in ParsePrivateKey call in the GoLang SSH module.

4

I got same problem,

created k8s use OpenStack cloud provider,

rancher created vm and ssh it to install docker,

when docker installed complete, got error message:

"Error getting config for native Go SSH: asn1: structure error: superfluous leading zeros in length
: exit status 1 "

It’s rancher log:

[INFO] stdout: Detecting the provisioner…
[INFO] stdout: Provisioning with ubuntu(systemd)…
[INFO] stdout: Installing Docker…
[INFO] stdout: Copying certs to the local machine directory…
[INFO] stdout: Copying certs to the remote machine…
[INFO] stdout: Setting Docker configuration on the remote daemon…
[INFO] stdout: Checking connection to Docker…
[INFO] stdout: Docker is up and running!
[INFO] Generating and uploading node config master1
[ERROR] NodeController c-cg5hz/m-p8cjx [node-controller] failed with : Error getting config for native Go SSH: asn1: structure error: superfluous leading zeros in length
: exit status 1