Pass ssh public key as string

* Fedora CoreOS need the key to be passed as
  a string.
* We can adopt in all drivers so that users in
  the same project can do cluster resize.

story: 2005201
task: 36934

Change-Id: I9a18ce4dcbd74f0dcd23274baed7c8c3d2029d50
Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>

contrib/drivers/dcos_centos_v1/templates/dcoscluster.yaml

@@ -46,6 +46,11 @@ parameters:
     type: string
     description: name of ssh key to be provisioned on our server
 
+  ssh_public_key:
+    type: string
+    description: The public ssh key to add in all nodes
+    default: ""
+
   external_network:
     type: string
     description: uuid/name of a network to use for floating ip addresses

magnum/common/nova.py

@@ -0,0 +1,34 @@
+# Copyright 2019 Catalyst Cloud Ltd.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License");
+#    you may not use this file except in compliance with the License.
+#    You may obtain a copy of the License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+
+from oslo_config import cfg
+from oslo_log import log as logging
+
+from magnum.common import clients
+from novaclient import exceptions as nova_exception
+
+LOG = logging.getLogger(__name__)
+CONF = cfg.CONF
+
+
+def get_ssh_key(context, keypair_ident):
+    try:
+        n_client = clients.OpenStackClients(context).nova()
+        keypair = n_client.keypairs.get(keypair_ident)
+        # no spaces or break lines at the end, single line string
+        return keypair.public_key.strip()
+    except nova_exception.NotFound:
+        # we don't have a way to tell if the keypair doesn't
+        # exist or the cluster is already creted
+        return ""

magnum/drivers/heat/template_def.py

@@ -23,6 +23,7 @@ import six
 from magnum.common import clients
 from magnum.common import exception
 from magnum.common import keystone
+from magnum.common import nova
 from magnum.common import utils
 import magnum.conf
 
@@ -370,6 +371,9 @@ class BaseTemplateDefinition(TemplateDefinition):
         extra_params['trustee_password'] = cluster.trustee_password
         extra_params['verify_ca'] = CONF.drivers.verify_ca
         extra_params['openstack_ca'] = utils.get_openstack_ca()
+        ssh_public_key = nova.get_ssh_key(context, cluster.keypair)
+        if ssh_public_key != "":
+            extra_params['ssh_public_key'] = ssh_public_key
 
         # Only pass trust ID into the template if allowed by the config file
         if CONF.trust.cluster_user_trust:

magnum/drivers/k8s_coreos_v1/templates/kubecluster.yaml

@@ -16,6 +16,11 @@ parameters:
     description: name of ssh key to be provisioned on our server
     default: ""
 
+  ssh_public_key:
+    type: string
+    description: The public ssh key to add in all nodes
+    default: ""
+
   external_network:
     type: string
     description: uuid/name of a network to use for floating ip addresses

magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml

@@ -53,6 +53,11 @@ parameters:
     description: name of ssh key to be provisioned on our server
     default: ""
 
+  ssh_public_key:
+    type: string
+    description: The public ssh key to add in all nodes
+    default: ""
+
   external_network:
     type: string
     description: uuid of a network to use for floating ip addresses

magnum/drivers/k8s_fedora_ironic_v1/templates/kubecluster.yaml

@@ -12,6 +12,11 @@ parameters:
     description: name of ssh key to be provisioned on our server
     default: ""
 
+  ssh_public_key:
+    type: string
+    description: The public ssh key to add in all nodes
+    default: ""
+
   external_network:
     type: string
     description: uuid/name of a network to use for floating ip addresses

magnum/drivers/mesos_ubuntu_v1/templates/mesoscluster.yaml

@@ -13,6 +13,11 @@ parameters:
     description: name of ssh key to be provisioned on our server
     default: ""
 
+  ssh_public_key:
+    type: string
+    description: The public ssh key to add in all nodes
+    default: ""
+
   external_network:
     type: string
     description: uuid/name of a network to use for floating ip addresses

magnum/drivers/swarm_fedora_atomic_v1/templates/cluster.yaml

@@ -18,6 +18,11 @@ parameters:
     description: name of ssh key to be provisioned on our server
     default: ""
 
+  ssh_public_key:
+    type: string
+    description: The public ssh key to add in all nodes
+    default: ""
+
   external_network:
     type: string
     description: uuid/name of a network to use for floating ip addresses

magnum/drivers/swarm_fedora_atomic_v2/templates/swarmcluster.yaml

@@ -18,6 +18,11 @@ parameters:
     description: name of ssh key to be provisioned on our server
     default: ""
 
+  ssh_public_key:
+    type: string
+    description: The public ssh key to add in all nodes
+    default: ""
+
   external_network:
     type: string
     description: uuid/name of a network to use for floating ip addresses

magnum/tests/unit/conductor/handlers/test_k8s_cluster_conductor.py

@@ -162,6 +162,13 @@ class TestClusterConductorWithK8s(base.TestCase):
         self.mock_osc_class = osc_patcher.start()
         self.addCleanup(osc_patcher.stop)
         self.mock_osc = mock.MagicMock()
+
+        mock_keypair = mock.MagicMock()
+        mock_keypair.public_key = 'ssh-rsa AAAAB3Nz'
+        self.mock_nova = mock.MagicMock()
+        self.mock_nova.keypairs.get.return_value = mock_keypair
+        self.mock_osc.nova.return_value = self.mock_nova
+
         self.mock_osc.url_for.return_value = 'http://192.168.10.10:5000/v3'
         self.mock_osc.magnum_url.return_value = 'http://127.0.0.1:9511/v1'
         self.mock_osc.cinder_region_name.return_value = 'RegionOne'
@@ -338,6 +345,7 @@ class TestClusterConductorWithK8s(base.TestCase):
             'kube_version': 'fake-version',
             'verify_ca': True,
             'openstack_ca': '',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             "nodes_affinity_policy": "soft-anti-affinity",
             'availability_zone': 'az_1',
             'cert_manager_api': 'False',
@@ -485,6 +493,7 @@ class TestClusterConductorWithK8s(base.TestCase):
             'kube_version': 'fake-version',
             'verify_ca': True,
             'openstack_ca': '',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             "nodes_affinity_policy": "soft-anti-affinity",
             'availability_zone': 'az_1',
             'cert_manager_api': 'False',
@@ -615,6 +624,7 @@ class TestClusterConductorWithK8s(base.TestCase):
             'username': 'fake_user',
             'verify_ca': True,
             'openstack_ca': '',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             "nodes_affinity_policy": "soft-anti-affinity",
             'availability_zone': 'az_1',
             'cert_manager_api': 'False',
@@ -733,6 +743,7 @@ class TestClusterConductorWithK8s(base.TestCase):
             'kube_version': 'fake-version',
             'verify_ca': True,
             'openstack_ca': '',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'openstack_ca_coreos': '',
             'cert_manager_api': 'False',
             'ingress_controller': 'i-controller',
@@ -839,6 +850,7 @@ class TestClusterConductorWithK8s(base.TestCase):
             'kube_version': 'fake-version',
             'verify_ca': True,
             'openstack_ca': '',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'openstack_ca_coreos': '',
             'cert_manager_api': 'False',
             'ingress_controller': 'i-controller',
@@ -1057,6 +1069,7 @@ class TestClusterConductorWithK8s(base.TestCase):
             'kube_version': 'fake-version',
             'verify_ca': True,
             'openstack_ca': '',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             "nodes_affinity_policy": "soft-anti-affinity",
             'availability_zone': 'az_1',
             'cert_manager_api': 'False',

magnum/tests/unit/conductor/handlers/test_mesos_cluster_conductor.py

@@ -116,6 +116,13 @@ class TestClusterConductorWithMesos(base.TestCase):
         self.addCleanup(osc_patcher.stop)
         self.mock_osc = mock.MagicMock()
         self.mock_osc.cinder_region_name.return_value = 'RegionOne'
+
+        mock_keypair = mock.MagicMock()
+        mock_keypair.public_key = 'ssh-rsa AAAAB3Nz'
+        self.mock_nova = mock.MagicMock()
+        self.mock_nova.keypairs.get.return_value = mock_keypair
+        self.mock_osc.nova.return_value = self.mock_nova
+
         self.mock_keystone = mock.MagicMock()
         self.mock_keystone.trustee_domain_id = 'trustee_domain_id'
         self.mock_osc.keystone.return_value = self.mock_keystone
@@ -147,6 +154,7 @@ class TestClusterConductorWithMesos(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'fixed_network': 'fixed_network',
             'fixed_subnet': 'fixed_subnet',
@@ -222,6 +230,7 @@ class TestClusterConductorWithMesos(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'number_of_slaves': 1,
             'number_of_masters': 1,
@@ -284,6 +293,7 @@ class TestClusterConductorWithMesos(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'fixed_network': 'fixed_network',
             'fixed_subnet': 'fixed_subnet',
@@ -359,6 +369,7 @@ class TestClusterConductorWithMesos(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'fixed_network': 'fixed_network',
             'fixed_subnet': 'fixed_subnet',
@@ -432,6 +443,7 @@ class TestClusterConductorWithMesos(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'fixed_network': 'fixed_network',
             'fixed_subnet': 'fixed_subnet',

magnum/tests/unit/conductor/handlers/test_swarm_cluster_conductor.py

@@ -130,6 +130,13 @@ class TestClusterConductorWithSwarm(base.TestCase):
         self.mock_osc = mock.MagicMock()
         self.mock_osc.magnum_url.return_value = 'http://127.0.0.1:9511/v1'
         self.mock_osc.url_for.return_value = 'http://192.168.10.10:5000/v3'
+
+        mock_keypair = mock.MagicMock()
+        mock_keypair.public_key = 'ssh-rsa AAAAB3Nz'
+        self.mock_nova = mock.MagicMock()
+        self.mock_nova.keypairs.get.return_value = mock_keypair
+        self.mock_osc.nova.return_value = self.mock_nova
+
         self.mock_keystone = mock.MagicMock()
         self.mock_keystone.trustee_domain_id = 'trustee_domain_id'
         self.mock_osc.keystone.return_value = self.mock_keystone
@@ -167,6 +174,7 @@ class TestClusterConductorWithSwarm(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'fixed_network': 'fixed_network',
             'fixed_subnet': 'fixed_subnet',
@@ -251,6 +259,7 @@ class TestClusterConductorWithSwarm(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'fixed_network': 'fixed_network',
             'fixed_subnet': 'fixed_subnet',
@@ -345,6 +354,7 @@ class TestClusterConductorWithSwarm(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'number_of_masters': 1,
             'number_of_nodes': 1,
@@ -418,6 +428,7 @@ class TestClusterConductorWithSwarm(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'fixed_network': 'fixed_network',
             'fixed_subnet': 'fixed_subnet',
@@ -506,6 +517,7 @@ class TestClusterConductorWithSwarm(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'fixed_network': 'fixed_network',
             'fixed_subnet': 'fixed_subnet',
@@ -592,6 +604,7 @@ class TestClusterConductorWithSwarm(base.TestCase):
 
         expected = {
             'ssh_key_name': 'keypair_id',
+            'ssh_public_key': 'ssh-rsa AAAAB3Nz',
             'external_network': 'external_network_id',
             'fixed_network': 'fixed_network',
             'fixed_subnet': 'fixed_subnet',