Add ssh public key to Fuel master node

This commit adds an ability to use ssh public key authentication for the Fuel master node by uploading your ssh public key to it. The path to the public key file can be provided in the 'config.sh' file. Closes-Bug: #1579123 Change-Id: I93560126940457518fc4385c0518ab00c0cac01a
2016-05-06 18:35:52 +03:00 · 2016-05-06 18:35:52 +03:00 · 904eec20f8
parent 7dd1a24416
commit 904eec20f8
3 changed files with 37 additions and 0 deletions
--- a/actions/master-node-create-and-install.sh
+++ b/actions/master-node-create-and-install.sh
@ -69,6 +69,12 @@ enable_outbound_network_for_product_vm $vm_master_ip $vm_master_username $vm_mas
 # Wait until the machine gets installed and Puppet completes its run
 wait_for_product_vm_to_install $vm_master_ip $vm_master_username $vm_master_password "$vm_master_prompt"

+#Add public key to authorized_keys
+if [ -e "${public_key_file}" ]; then
+  public_key=$(cat "${public_key_file}")
+  update_authorized_key $vm_master_ip $vm_master_username $vm_master_password "$vm_master_prompt" "$public_key"
+fi
+
 # Report success
 echo
 echo "Master node has been installed."
--- a/config.sh
+++ b/config.sh
@ -190,3 +190,6 @@ skipfuelmenu="yes"

 # default cmdline parameters passed to the kernel when boot the Fuel Master node
 cmdline="initrd=initrd.img net.ifnames=0 biosdevname=0 ks=hd:sr0:/ks.cfg ip=10.20.0.2::10.20.0.1:255.255.255.0:fuel.domain.tld:eth0:off::: dns1=10.20.0.1"
+
+# If necessary uncomment and edit line below to add your public ssh key to the master node
+#public_key_file="${HOME}/.ssh/id_rsa.pub"
--- a/functions/product.sh
+++ b/functions/product.sh
@ -300,3 +300,31 @@ print_no_internet_connectivity_banner() {
    echo "#          because there is no Internet connectivity       #"
    echo "############################################################"
 }
+
+update_authorized_key() {
+    local ip=$1
+    local username=$2
+    local password=$3
+    local prompt=$4
+    local key=$5
+
+    echo -n "Adding public ssh key for '${username}' on '${ip}' node... "
+
+    result=$(
+        execute expect << ENDOFEXPECT
+        spawn ssh $ssh_options $username@$ip
+        expect "connect to host" exit
+        expect "*?assword:*"
+        send "$password\r"
+        expect "$prompt"
+        send "mkdir -p -m 0700 ~/.ssh\r"
+        expect "$prompt"
+        send "echo \"$key\" >>~/.ssh/authorized_keys\r"
+        expect "$prompt"
+        send "logout\r"
+        expect "$prompt"
+ENDOFEXPECT
+    )
+    echo "OK"
+    return 0
+}