adds bifrost ssh key generation
- This change extend the genpwd.py command to generate an ssh key pair bifrost. - This change bifrost config and bootstrap task to install the generated keys. - This change updates the bifrost guide to discribe how to provide your own key. Change-Id: I05243f58843d9195cace253dff5628fae89c78e8 Implements: blueprint bifrost-support
This commit is contained in:
parent
96b3f0ae3e
commit
538dbac24a
@ -7,3 +7,22 @@
|
||||
ansible-playbook -vvvv -i /bifrost/playbooks/inventory/localhost
|
||||
/bifrost/playbooks/install.yaml -e @/etc/bifrost/bifrost.yml
|
||||
-e @/etc/bifrost/dib.yml -e skip_package_install=true'
|
||||
- name: installing ssh keys
|
||||
command: >
|
||||
docker exec bifrost_deploy
|
||||
bash -c 'mkdir /root/.ssh ; mkdir /home/ironic/.ssh;
|
||||
cp -f /etc/bifrost/id_rsa /root/.ssh/id_rsa &&
|
||||
cp -f /etc/bifrost/id_rsa.pub /root/.ssh/id_rsa.pub &&
|
||||
cp -f /etc/bifrost/ssh_config /root/.ssh/config &&
|
||||
cp -f /etc/bifrost/id_rsa /home/ironic/.ssh/id_rsa &&
|
||||
cp -f /etc/bifrost/id_rsa.pub /home/ironic/.ssh/id_rsa.pub &&
|
||||
cp -f /etc/bifrost/ssh_config /home/ironic/.ssh/config &&
|
||||
chmod 600 /root/.ssh/id_rsa &&
|
||||
chmod 600 /root/.ssh/id_rsa.pub &&
|
||||
chmod 600 /root/.ssh/config &&
|
||||
chmod 600 /home/ironic/.ssh/id_rsa &&
|
||||
chmod 600 /home/ironic/.ssh/id_rsa.pub &&
|
||||
chmod 600 /home/ironic/.ssh/config &&
|
||||
chown ironic:ironic /home/ironic/.ssh/id_rsa &&
|
||||
chown ironic:ironic /home/ironic/.ssh/id_rsa.pub &&
|
||||
chown ironic:ironic /home/ironic/.ssh/config'
|
||||
|
@ -19,3 +19,12 @@
|
||||
- "dib"
|
||||
- "servers"
|
||||
|
||||
- name: template ssh keys
|
||||
template:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ node_config_directory }}/bifrost/{{ item.dest }}"
|
||||
with_items:
|
||||
- { src: "id_rsa", dest: "id_rsa" }
|
||||
- { src: "id_rsa.pub", dest: "id_rsa.pub" }
|
||||
- { src: "ssh_config", dest: "ssh_config" }
|
||||
|
||||
|
1
ansible/roles/bifrost/templates/id_rsa
Normal file
1
ansible/roles/bifrost/templates/id_rsa
Normal file
@ -0,0 +1 @@
|
||||
{{ bifrost_ssh_key.private_key }}
|
1
ansible/roles/bifrost/templates/id_rsa.pub
Normal file
1
ansible/roles/bifrost/templates/id_rsa.pub
Normal file
@ -0,0 +1 @@
|
||||
{{ bifrost_ssh_key.public_key }}
|
3
ansible/roles/bifrost/templates/ssh_config
Normal file
3
ansible/roles/bifrost/templates/ssh_config
Normal file
@ -0,0 +1,3 @@
|
||||
Host *
|
||||
StrictHostKeyChecking no
|
||||
UserKnownHostsFile /dev/null
|
@ -240,7 +240,8 @@ TODO
|
||||
|
||||
Bring your own ssh key
|
||||
----------------------
|
||||
TODO
|
||||
To use your own ssh key after you have generated the passwords.yml file
|
||||
update the private and public keys under bifrost_ssh_key.
|
||||
|
||||
Known issues
|
||||
============
|
||||
|
@ -88,6 +88,10 @@ keystone_ssh_key:
|
||||
private_key:
|
||||
public_key:
|
||||
|
||||
bifrost_ssh_key:
|
||||
private_key:
|
||||
public_key:
|
||||
|
||||
####################
|
||||
# RabbitMQ options
|
||||
####################
|
||||
|
@ -43,7 +43,8 @@ def main():
|
||||
uuid_keys = ['ceph_cluster_fsid', 'rbd_secret_uuid']
|
||||
|
||||
# SSH key pair
|
||||
ssh_keys = ['kolla_ssh_key', 'nova_ssh_key', 'keystone_ssh_key']
|
||||
ssh_keys = ['kolla_ssh_key', 'nova_ssh_key',
|
||||
'keystone_ssh_key', 'bifrost_ssh_key']
|
||||
|
||||
# If these keys are None, leave them as None
|
||||
blank_keys = ['docker_registry_password']
|
||||
|
Loading…
Reference in New Issue
Block a user