4.2. Password Prompt
When you create a new application on OpenShift Enterprise, the client host attempts to clone the remote Git repository, which is located in the application's gear on a node host. The SSH authentication process is invoked to log in to the hostname of the application's gear, which is a newly created CNAME (alias) for the public hostname of the node host.
To successfully clone the remote Git repository of the new application,
PUBLIC_HOSTNAME must be configured correctly in the /etc/openshift/node.conf file on the node host.
Sometimes when creating an application, the process halts and you are prompted for a password, as shown in the following sample screen output:
The authenticity of host 'myapp-domain.example.com (::1)' can't be established. RSA key fingerprint is 88:49:43:d2:e9:b4:4d:84:a1:d6:8a:30:85:73:d7:7f. Are you sure you want to continue connecting (yes/no)? yes e9bdfc309bef4c13889a21ddbea45f@myapp-domain.example.com's password:
This can occur when
PUBLIC_HOSTNAME resolves to the wrong IP address. In this case, PUBLIC_HOSTNAME is set to localhost.localdomain, as shown in the sample screen output below.
PUBLIC_HOSTNAME=localhost.localdomainIn this example the application's gear CNAME is created using
localhost.localdomain as the hostname for the node host. When Git attempts to authenticate using the gear user ID and SSH key, the SSH authentication fails because the application gear does not exist on localhost.localdomain, and you are prompted for a password.
The first line of the sample screen output states that the IP address for the application's gear is
(::1), which is pointing to localhost, and is not a valid IP for an application's gear. Verify that the IP address of an application's gear is a valid IP address of the node host.
In cases where
PUBLIC_HOSTNAME fails to resolve at all as a FQDN, DNS resolution times out and the Git clone process fails.
Note
The
oo-admin-chk script on the broker host can help detect this problem.
