Merge "neutron: add ssh key"
This commit is contained in:
Zuul
Gerrit Code Review
commit
087d0e1d60
@ -142,6 +142,18 @@
|
|||||||
notify:
|
notify:
|
||||||
- "Restart {{ item.key }} container"
|
- "Restart {{ item.key }} container"
|
||||||
|
|
||||||
|
- name: Copying over ssh key
|
||||||
|
become: true
|
||||||
|
vars:
|
||||||
|
neutron_server: "{{ neutron_services['neutron-server'] }}"
|
||||||
|
template:
|
||||||
|
src: "id_rsa"
|
||||||
|
dest: "{{ node_config_directory }}/neutron-server/id_rsa"
|
||||||
|
mode: 0600
|
||||||
|
when:
|
||||||
|
- neutron_server.enabled | bool
|
||||||
|
- neutron_server.host_in_groups | bool
|
||||||
|
|
||||||
- name: Copying over ml2_conf.ini
|
- name: Copying over ml2_conf.ini
|
||||||
become: true
|
become: true
|
||||||
vars:
|
vars:
|
||||||
|
|||||||
1
ansible/roles/neutron/templates/id_rsa
Normal file
1
ansible/roles/neutron/templates/id_rsa
Normal file
@ -0,0 +1 @@
|
|||||||
|
{{ neutron_ssh_key.private_key }}
|
||||||
@ -38,6 +38,12 @@
|
|||||||
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
|
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/id_rsa",
|
||||||
|
"dest": "/var/lib/neutron/.ssh/id_rsa",
|
||||||
|
"owner": "neutron",
|
||||||
|
"perm": "0600"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
|
|||||||
@ -164,3 +164,14 @@ via ``neutron_mlnx_physnet_mappings`` which is presented to
|
|||||||
|
|
||||||
neutron_mlnx_physnet_mappings:
|
neutron_mlnx_physnet_mappings:
|
||||||
ibphysnet: "ib0"
|
ibphysnet: "ib0"
|
||||||
|
|
||||||
|
SSH authentication in external systems (switches)
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
Kolla, by default, generates and copies an ssh key to the ``neutron_server``
|
||||||
|
container (under ``/var/lib/neutron/.ssh/id_rsa``) which can be used for
|
||||||
|
authentication in external systems (e.g. in ``networking-generic-switch`` or
|
||||||
|
``networking-ansible`` managed switches).
|
||||||
|
|
||||||
|
You can set ``neutron_ssh_key`` variable in ``passwords.yml`` to control the
|
||||||
|
used key.
|
||||||
|
|||||||
@ -199,6 +199,10 @@ octavia_amp_ssh_key:
|
|||||||
private_key:
|
private_key:
|
||||||
public_key:
|
public_key:
|
||||||
|
|
||||||
|
neutron_ssh_key:
|
||||||
|
private_key:
|
||||||
|
public_key:
|
||||||
|
|
||||||
####################
|
####################
|
||||||
# Gnocchi options
|
# Gnocchi options
|
||||||
####################
|
####################
|
||||||
|
|||||||
@ -116,7 +116,8 @@ def main():
|
|||||||
|
|
||||||
# SSH key pair
|
# SSH key pair
|
||||||
ssh_keys = ['kolla_ssh_key', 'nova_ssh_key',
|
ssh_keys = ['kolla_ssh_key', 'nova_ssh_key',
|
||||||
'keystone_ssh_key', 'bifrost_ssh_key', 'octavia_amp_ssh_key']
|
'keystone_ssh_key', 'bifrost_ssh_key', 'octavia_amp_ssh_key',
|
||||||
|
'neutron_ssh_key']
|
||||||
|
|
||||||
# If these keys are None, leave them as None
|
# If these keys are None, leave them as None
|
||||||
blank_keys = ['docker_registry_password']
|
blank_keys = ['docker_registry_password']
|
||||||
|
|||||||
6
releasenotes/notes/neutron-ssh-key-736d2456b56176d8.yaml
Normal file
6
releasenotes/notes/neutron-ssh-key-736d2456b56176d8.yaml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Adds an SSH key for Neutron server which can be used for passwordless
|
||||||
|
public key authentication in external systems (e.g. for
|
||||||
|
``networking-generic-switch`` managed switches).
|
||||||
Loading…
Reference in New Issue
Block a user