Xen users - Feb 2008 - virtual machines, DHCP, and ssh?

On Fri, Feb 08, 2008 at 05:36:15PM -0500, Tom Horsley
wrote:
> I''d love to setup DHCP on the Xen host and just allocate
> whatever IP is available to whatever new VM was just booted,
> but with different VMs reusing the same IP addrs, everyone''s
> ssh clients will constantly be honking at them about the
> host keys changing.
you should access your servers by name, not by IP, and your servers, when they 
come up, should dynamically setup A and PTR records.  You can do this with 
rc scripts within your DomU and nsupdate, but the DHCP folks have 
alrealdy set you up, I believe you want to look up the ddns-update* 
directives in dhcpd.conf.  It''s been a while since I''ve messed
with it, but
here is a guide that looks pretty good:

http://www.cameratim.com/computing/linux/using-bind-as-a-local-dns-server

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Just curious if anyone knows if there is a way to get
ssh host keys set by DHCP?

We''ve got a limited number of IP addrs for VMs (because
there are a limited number of VMs that can boot at the
same time before we run out of memory on the host :-).

But we have a gazillion or so VMs for testing different
linux distributions and wot-not.

I''d love to setup DHCP on the Xen host and just allocate
whatever IP is available to whatever new VM was just booted,
but with different VMs reusing the same IP addrs, everyone''s
ssh clients will constantly be honking at them about the
host keys changing.

Anyone encountered this and have a nifty work-around?

Is my best bet to invent a new init script that runs before
sshd is started to check what IP I have and copy the appropriate
ssh host keys into /etc/ssh? (Then try and remember to get that
init script installed on all the VMs :-).

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Fri, 8 Feb 2008 09:59:26 -0500
lsc@luke.xen.prgmr.com wrote:
> you should access your servers by name, not by IP
Hmmm... I thought the fact that I see both name and IP stored
in the ~/.ssh/known_hosts file meant that ssh was keeping
track of both and would honk if either results in a conflict.
Maybe that isn''t the way it works?

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users