From dee7043f2f1b68e7f755db2bb1051ed322e840bb Mon Sep 17 00:00:00 2001 From: Miguel Angel Ajo Date: Wed, 25 May 2016 09:48:23 -0400 Subject: [PATCH] Allow deployment with pre-generated ssh keys and certificates This patch is part of a series that will allow the deployment of a simple multinode octavia devstack, where the certs and ssh keys are uniform over all the controllers. Orchestrating the deployment of the same ssh keys or certificates becomes difficult without making use of tools like ansible otherwise. The provided certificate is valid for 10 years. Change-Id: I45e8e54d58a725281636a61fdb769265de50d9ba --- devstack/plugin.sh | 16 ++- devstack/pregenerated/certs/ca_01.pem | 21 ++++ devstack/pregenerated/certs/client.key | 28 +++++ devstack/pregenerated/certs/client.pem | 109 ++++++++++++++++++ devstack/pregenerated/certs/private/cakey.pem | 30 +++++ .../pregenerated/ssh-keys/octavia_ssh_key | 28 +++++ .../pregenerated/ssh-keys/octavia_ssh_key.pub | 1 + devstack/settings | 6 + 8 files changed, 237 insertions(+), 2 deletions(-) create mode 100644 devstack/pregenerated/certs/ca_01.pem create mode 100644 devstack/pregenerated/certs/client.key create mode 100644 devstack/pregenerated/certs/client.pem create mode 100644 devstack/pregenerated/certs/private/cakey.pem create mode 100644 devstack/pregenerated/ssh-keys/octavia_ssh_key create mode 100644 devstack/pregenerated/ssh-keys/octavia_ssh_key.pub diff --git a/devstack/plugin.sh b/devstack/plugin.sh index 38333e339d..9c8545853c 100644 --- a/devstack/plugin.sh +++ b/devstack/plugin.sh @@ -102,7 +102,13 @@ function octavia_configure { fi mkdir -m755 $OCTAVIA_SSH_DIR - ssh-keygen -b $OCTAVIA_AMP_SSH_KEY_BITS -t $OCTAVIA_AMP_SSH_KEY_TYPE -N "" -f ${OCTAVIA_AMP_SSH_KEY_PATH} + + if [[ "$(trueorfalse False OCTAVIA_USE_PREGENERATED_SSH_KEY)" == "True" ]]; then + cp -fp ${OCTAVIA_PREGENERATED_SSH_KEY_PATH} ${OCTAVIA_AMP_SSH_KEY_PATH} + cp -fp ${OCTAVIA_PREGENERATED_SSH_KEY_PATH}.pub ${OCTAVIA_AMP_SSH_KEY_PATH}.pub + else + ssh-keygen -b $OCTAVIA_AMP_SSH_KEY_BITS -t $OCTAVIA_AMP_SSH_KEY_TYPE -N "" -f ${OCTAVIA_AMP_SSH_KEY_PATH} + fi iniset $OCTAVIA_CONF controller_worker amp_ssh_key_name ${OCTAVIA_AMP_SSH_KEY_NAME} # Used to communicate with the amphora over the mgmt network, may differ from amp_ssh_key in a real deployment. @@ -114,7 +120,13 @@ function octavia_configure { if [[ -a $OCTAVIA_CERTS_DIR ]] ; then rm -rf $OCTAVIA_CERTS_DIR fi - source $OCTAVIA_DIR/bin/create_certificates.sh $OCTAVIA_CERTS_DIR $OCTAVIA_DIR/etc/certificates/openssl.cnf + + if [[ "$(trueorfalse False OCTAVIA_USE_PREGENERATED_CERTS)" == "True" ]]; then + cp -rfp ${OCTAVIA_PREGENERATED_CERTS_DIR} ${OCTAVIA_CERTS_DIR} + else + source $OCTAVIA_DIR/bin/create_certificates.sh $OCTAVIA_CERTS_DIR $OCTAVIA_DIR/etc/certificates/openssl.cnf + fi + iniset $OCTAVIA_CONF haproxy_amphora client_cert ${OCTAVIA_CERTS_DIR}/client.pem iniset $OCTAVIA_CONF haproxy_amphora server_ca ${OCTAVIA_CERTS_DIR}/ca_01.pem iniset $OCTAVIA_CONF certificates ca_certificate ${OCTAVIA_CERTS_DIR}/ca_01.pem diff --git a/devstack/pregenerated/certs/ca_01.pem b/devstack/pregenerated/certs/ca_01.pem new file mode 100644 index 0000000000..35db01dff7 --- /dev/null +++ b/devstack/pregenerated/certs/ca_01.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDizCCAnOgAwIBAgIJAMtqzvqga9IyMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV +BAYTAlVTMQ8wDQYDVQQIDAZEZW5pYWwxFDASBgNVBAcMC1NwcmluZ2ZpZWxkMQww +CgYDVQQKDANEaXMxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTAeFw0xNjA1MjUx +MzM0MjdaFw0xNjA2MjQxMzM0MjdaMFwxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZE +ZW5pYWwxFDASBgNVBAcMC1NwcmluZ2ZpZWxkMQwwCgYDVQQKDANEaXMxGDAWBgNV +BAMMD3d3dy5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBALlFd2FrPrYAAFjCvlfYPVuqdY4j+CngnvE7coWWGwjdbXfBrKDCN/XdhRYn +RD1Ozn1pgvYSDVFB/8LBR3B165nTvOWWP22E9xgKNHZU2obqI+5fqB7Klffq5u7w +01cUug7QY+j5qvFWUFpsHlgZ+UNaGSAqwOvg32s6V80uFz2TzHusK4mTMHYa/UV3 +/UUa3x09h1W26LRrrjF/u/ExEg+ucHYG4/1NXzN8sCLAsMg5obICC4v1J4kBinQX +M61xI/Ot1Bl3AJg+Vji/i9ZeTHOx7+eRFW+9mUDkhg8nIHFqwOc1sluzb7Ikzc7o +nWD2w3935psJEFxd50EbKjeHix8CAwEAAaNQME4wHQYDVR0OBBYEFKT3l2MZCElP +XzX/LYEYQNKRR2PiMB8GA1UdIwQYMBaAFKT3l2MZCElPXzX/LYEYQNKRR2PiMAwG +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAH/HZ87QIHCzCB2W6hibJtP9 +SzRun0p+1au/lJFoecOzYnpO6TZxdg/Ng7JCtpQCn53oPRDbNIjHGlDZSsguJDwc +WhGnlyoJmtBfIUlwxAfx7WJF6odQCYF7fJdH61i/v8S3EXsay7JT1zGTUp44MNsO +9AuZRTHqwTtKa3MmnyEOIThZ1JDrodAbp6tXZ9P9OIHh1j8KOXUDw4k64YgAbmxK +iW9sFd8MNPAhy/7rRpYEBjO2Y/LcJGuzUZ/7S6o6whvuzzxLylqeFT5QvS8xs5Ic +gWQRftlg8F7snKNxheM5uGFAED3Zxaep9EBftif8NCi9Hsiv33pBYE3nozjZnwA= +-----END CERTIFICATE----- diff --git a/devstack/pregenerated/certs/client.key b/devstack/pregenerated/certs/client.key new file mode 100644 index 0000000000..b83e55aa3e --- /dev/null +++ b/devstack/pregenerated/certs/client.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDemtEammVhI/N6 +kclRrnzxSF7TQdbf6bbpwsKxhEcwgo4Wda9mPab52rz54LabNTQEmT1KoJyeKIOP +9+JTyikOMItfPSc5d16UouVRzXi9OdPDHGvOk30PntIZ6F6bYS4cD8YI4aSN7EUy ++Jw6Bjwkj1rOVXhdgEwFPLGdzpBp8Dvmax7jSGEkZWXTNr+DGMSJ1xiq5Ba7b3V0 +jyYG3d6x3B1FENoDN5BDEtBvepXjdcMPwFK7WkkDbRSuLhFDIBNaB+/qc54f7Bm8 +NIrntfBhmyQ/YaNFr1KtGMl3vj4gRd4pd5BKr7KxLi3HCXKyykzeTcY1ZFyA4DjM +DTUR0lK/AgMBAAECggEBANc77CkD1jhZsYb2xSg0RVxqtD0hsOipqxFVHjjUBJ1T +7pyqx6BcxkFZjVUyQH3LsHMt08R/jU+jLqoabPzFQHMW3vuEPpPi5lFjO8WfnTmh +Wy6RIXAIzWg4ET+5nRgxm4rIeZuGyTvsknAZT70O4EIdVhihLZOChH6f08EYxCuY +rj3AlgrCu/YDZBe2eZlqqTWP/nEdB3ZfXjFXaS9EUuLAdQRqK1zapa++FE6pvuLZ +8apSrCWnP/q5d7vxg41E5Gv15Yv313W5b3kXiFpFL+WsLez8sQgkL+8rd6adyqE7 +hDHQV1IXck3D9ZTYCOZFn7YuLsd1seBtB+Dlxld3NGECgYEA7+gX3/8bQloo7xCn +bGK0dq1c9+L5CZ9hVoYZdFJWyUYxpWN8+G8tznE718nvbvLTj6v8UOQMRTo6L9Ib +nH22LccWSwaLWh43bQZC14s9QKrvSfDZJCkPKkym/Xq4FqUXJCggNewf3QLBuTZq +6Yd80sIie1JMCEgmdtfYinU1I+8CgYEA7YmZcNX+LEz1r/1Xzm0toP2UZEzhHVg0 +7ziDhlyduybFZ1NwZzU2Ude06gsST4sNt9Sf4k/X5mhPjCw/gwRUhcmFwD3HU35a +48wl0X302pL0J0mZEHdUcc9CSaOIfH5xMsU2Xb/DoR/qyI1pwTr70Dfun+jRV27Q +HRA3Vf1mrjECgYEAryz78fWnA+YtqZKxjbTtLRMdpWu4iMw2GSXGBGfzMvjsW2Wv +5P/ZpLqOBd1P1eW9kVT14mMCirIftrdmrfglRHvwzUu0CVOzCQrfV+A2E7g9DfKt +u3e3uR1Leh9XuEFICoC6NGV8RrcymXkgy/DAtmxHHWFUX1+/pluppEA9U0UCgYEA +qzs0xDVOq4qy1THQeTsU2GfT79XHtYqfZg8cKOBcx8u0I77vWUbvqGHRxaFDitmX +gvwgYVjjLvHk3gwLoJuffm3+H82pAZQlWu8QGAsvVdz3adbRIyCSXBRnGYRsYCoZ +2dp2TXBuSpkie34NTUECw19+ggGn3to/5aOJ8E/iFBECgYAD9uaFgW6YNdTHB9k2 +3Rm09i23gw1H0AkFmBbR4iu8X1oCeptZRaodgQue6JuY0rN/RMe7HZWHG6SD+7Sk +oN2lS/ASqvF3Ams3pkGveU/i9OGMpXjWv2Vrd/FOl+BKaKU1kwNp32vuIvvoycuH ++B8mcRkAmzXpfTFeA6+jslAN/g== +-----END PRIVATE KEY----- diff --git a/devstack/pregenerated/certs/client.pem b/devstack/pregenerated/certs/client.pem new file mode 100644 index 0000000000..a7203c4d40 --- /dev/null +++ b/devstack/pregenerated/certs/client.pem @@ -0,0 +1,109 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=Denial, L=Springfield, O=Dis, CN=www.example.com + Validity + Not Before: May 25 13:34:27 2016 GMT + Not After : May 23 13:34:27 2026 GMT + Subject: C=US, ST=Denial, O=Dis, CN=www.example.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:de:9a:d1:1a:9a:65:61:23:f3:7a:91:c9:51:ae: + 7c:f1:48:5e:d3:41:d6:df:e9:b6:e9:c2:c2:b1:84: + 47:30:82:8e:16:75:af:66:3d:a6:f9:da:bc:f9:e0: + b6:9b:35:34:04:99:3d:4a:a0:9c:9e:28:83:8f:f7: + e2:53:ca:29:0e:30:8b:5f:3d:27:39:77:5e:94:a2: + e5:51:cd:78:bd:39:d3:c3:1c:6b:ce:93:7d:0f:9e: + d2:19:e8:5e:9b:61:2e:1c:0f:c6:08:e1:a4:8d:ec: + 45:32:f8:9c:3a:06:3c:24:8f:5a:ce:55:78:5d:80: + 4c:05:3c:b1:9d:ce:90:69:f0:3b:e6:6b:1e:e3:48: + 61:24:65:65:d3:36:bf:83:18:c4:89:d7:18:aa:e4: + 16:bb:6f:75:74:8f:26:06:dd:de:b1:dc:1d:45:10: + da:03:37:90:43:12:d0:6f:7a:95:e3:75:c3:0f:c0: + 52:bb:5a:49:03:6d:14:ae:2e:11:43:20:13:5a:07: + ef:ea:73:9e:1f:ec:19:bc:34:8a:e7:b5:f0:61:9b: + 24:3f:61:a3:45:af:52:ad:18:c9:77:be:3e:20:45: + de:29:77:90:4a:af:b2:b1:2e:2d:c7:09:72:b2:ca: + 4c:de:4d:c6:35:64:5c:80:e0:38:cc:0d:35:11:d2: + 52:bf + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: + B8:68:01:F4:21:7E:27:2F:9A:E6:5F:9E:1F:C4:F5:1E:FF:4D:39:86 + X509v3 Authority Key Identifier: + keyid:A4:F7:97:63:19:08:49:4F:5F:35:FF:2D:81:18:40:D2:91:47:63:E2 + + Signature Algorithm: sha256WithRSAEncryption + 5b:46:32:11:5e:b6:68:bf:2b:50:8b:60:0f:70:27:08:21:cd: + 6b:ce:ec:a2:17:b2:e0:2d:43:1a:ee:b2:c9:e9:ea:87:a4:7a: + a3:4b:89:0c:63:9c:02:3c:9a:a4:96:28:b0:ba:72:34:17:5c: + 2f:e2:1a:83:a0:de:c5:da:14:5e:5c:db:7d:ef:24:0c:dd:1b: + 7c:26:6f:a7:b1:fb:22:1b:4e:2f:d6:0e:bd:15:73:6d:12:23: + 2e:9d:d6:78:4d:8d:21:9f:b2:c9:d0:42:92:5d:5c:09:bf:ca: + 63:e8:eb:58:d4:fe:f7:4a:05:69:ab:8d:34:aa:cf:dc:e9:89: + 80:9c:43:35:51:81:76:a3:f4:c6:db:99:71:d6:21:d1:ce:a7: + f2:2f:f6:38:40:84:0c:de:04:bc:43:9d:37:32:2b:12:c5:9e: + 33:1b:da:d5:db:f5:00:19:fa:66:6a:2f:7c:3e:33:33:dc:9d: + 6d:33:e3:51:e1:14:6d:f7:dd:a7:3f:cd:80:4f:6e:2f:a9:70: + 48:99:76:58:2a:a6:2d:66:ee:98:08:f4:b8:14:e8:f4:a9:66: + 5c:e6:c4:d5:c6:48:05:16:30:54:51:ca:7e:ce:3e:f2:d0:06: + 90:43:1f:4f:99:c2:07:79:50:01:81:7c:2b:09:8a:55:ef:4c: + a4:25:ba:2a +-----BEGIN CERTIFICATE----- +MIIDmDCCAoCgAwIBAgIBATANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJVUzEP +MA0GA1UECAwGRGVuaWFsMRQwEgYDVQQHDAtTcHJpbmdmaWVsZDEMMAoGA1UECgwD +RGlzMRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20wHhcNMTYwNTI1MTMzNDI3WhcN +MjYwNTIzMTMzNDI3WjBGMQswCQYDVQQGEwJVUzEPMA0GA1UECAwGRGVuaWFsMQww +CgYDVQQKDANEaXMxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAN6a0RqaZWEj83qRyVGufPFIXtNB1t/ptunC +wrGERzCCjhZ1r2Y9pvnavPngtps1NASZPUqgnJ4og4/34lPKKQ4wi189Jzl3XpSi +5VHNeL0508Mca86TfQ+e0hnoXpthLhwPxgjhpI3sRTL4nDoGPCSPWs5VeF2ATAU8 +sZ3OkGnwO+ZrHuNIYSRlZdM2v4MYxInXGKrkFrtvdXSPJgbd3rHcHUUQ2gM3kEMS +0G96leN1ww/AUrtaSQNtFK4uEUMgE1oH7+pznh/sGbw0iue18GGbJD9ho0WvUq0Y +yXe+PiBF3il3kEqvsrEuLccJcrLKTN5NxjVkXIDgOMwNNRHSUr8CAwEAAaN7MHkw +CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy +dGlmaWNhdGUwHQYDVR0OBBYEFLhoAfQhficvmuZfnh/E9R7/TTmGMB8GA1UdIwQY +MBaAFKT3l2MZCElPXzX/LYEYQNKRR2PiMA0GCSqGSIb3DQEBCwUAA4IBAQBbRjIR +XrZovytQi2APcCcIIc1rzuyiF7LgLUMa7rLJ6eqHpHqjS4kMY5wCPJqkliiwunI0 +F1wv4hqDoN7F2hReXNt97yQM3Rt8Jm+nsfsiG04v1g69FXNtEiMundZ4TY0hn7LJ +0EKSXVwJv8pj6OtY1P73SgVpq400qs/c6YmAnEM1UYF2o/TG25lx1iHRzqfyL/Y4 +QIQM3gS8Q503MisSxZ4zG9rV2/UAGfpmai98PjMz3J1tM+NR4RRt992nP82AT24v +qXBImXZYKqYtZu6YCPS4FOj0qWZc5sTVxkgFFjBUUcp+zj7y0AaQQx9PmcIHeVAB +gXwrCYpV70ykJboq +-----END CERTIFICATE----- +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDemtEammVhI/N6 +kclRrnzxSF7TQdbf6bbpwsKxhEcwgo4Wda9mPab52rz54LabNTQEmT1KoJyeKIOP +9+JTyikOMItfPSc5d16UouVRzXi9OdPDHGvOk30PntIZ6F6bYS4cD8YI4aSN7EUy ++Jw6Bjwkj1rOVXhdgEwFPLGdzpBp8Dvmax7jSGEkZWXTNr+DGMSJ1xiq5Ba7b3V0 +jyYG3d6x3B1FENoDN5BDEtBvepXjdcMPwFK7WkkDbRSuLhFDIBNaB+/qc54f7Bm8 +NIrntfBhmyQ/YaNFr1KtGMl3vj4gRd4pd5BKr7KxLi3HCXKyykzeTcY1ZFyA4DjM +DTUR0lK/AgMBAAECggEBANc77CkD1jhZsYb2xSg0RVxqtD0hsOipqxFVHjjUBJ1T +7pyqx6BcxkFZjVUyQH3LsHMt08R/jU+jLqoabPzFQHMW3vuEPpPi5lFjO8WfnTmh +Wy6RIXAIzWg4ET+5nRgxm4rIeZuGyTvsknAZT70O4EIdVhihLZOChH6f08EYxCuY +rj3AlgrCu/YDZBe2eZlqqTWP/nEdB3ZfXjFXaS9EUuLAdQRqK1zapa++FE6pvuLZ +8apSrCWnP/q5d7vxg41E5Gv15Yv313W5b3kXiFpFL+WsLez8sQgkL+8rd6adyqE7 +hDHQV1IXck3D9ZTYCOZFn7YuLsd1seBtB+Dlxld3NGECgYEA7+gX3/8bQloo7xCn +bGK0dq1c9+L5CZ9hVoYZdFJWyUYxpWN8+G8tznE718nvbvLTj6v8UOQMRTo6L9Ib +nH22LccWSwaLWh43bQZC14s9QKrvSfDZJCkPKkym/Xq4FqUXJCggNewf3QLBuTZq +6Yd80sIie1JMCEgmdtfYinU1I+8CgYEA7YmZcNX+LEz1r/1Xzm0toP2UZEzhHVg0 +7ziDhlyduybFZ1NwZzU2Ude06gsST4sNt9Sf4k/X5mhPjCw/gwRUhcmFwD3HU35a +48wl0X302pL0J0mZEHdUcc9CSaOIfH5xMsU2Xb/DoR/qyI1pwTr70Dfun+jRV27Q +HRA3Vf1mrjECgYEAryz78fWnA+YtqZKxjbTtLRMdpWu4iMw2GSXGBGfzMvjsW2Wv +5P/ZpLqOBd1P1eW9kVT14mMCirIftrdmrfglRHvwzUu0CVOzCQrfV+A2E7g9DfKt +u3e3uR1Leh9XuEFICoC6NGV8RrcymXkgy/DAtmxHHWFUX1+/pluppEA9U0UCgYEA +qzs0xDVOq4qy1THQeTsU2GfT79XHtYqfZg8cKOBcx8u0I77vWUbvqGHRxaFDitmX +gvwgYVjjLvHk3gwLoJuffm3+H82pAZQlWu8QGAsvVdz3adbRIyCSXBRnGYRsYCoZ +2dp2TXBuSpkie34NTUECw19+ggGn3to/5aOJ8E/iFBECgYAD9uaFgW6YNdTHB9k2 +3Rm09i23gw1H0AkFmBbR4iu8X1oCeptZRaodgQue6JuY0rN/RMe7HZWHG6SD+7Sk +oN2lS/ASqvF3Ams3pkGveU/i9OGMpXjWv2Vrd/FOl+BKaKU1kwNp32vuIvvoycuH ++B8mcRkAmzXpfTFeA6+jslAN/g== +-----END PRIVATE KEY----- diff --git a/devstack/pregenerated/certs/private/cakey.pem b/devstack/pregenerated/certs/private/cakey.pem new file mode 100644 index 0000000000..b71a6a517e --- /dev/null +++ b/devstack/pregenerated/certs/private/cakey.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,9DFA118A6C7A4164 + +/rcV/AKPY5LYMSykAGG5gKo6f+AMoClHc0Kr0CwAmRRDQBh80jR5oDkKHN53MCk7 +AzNeS4tMhz4CioaB8Ful5anMY7yhT51ly31w55z2abrxOUe/btHIVhm3ENf/6bNB +wRwey+NGCcMxeMal4NM2HFmsHUyLB/6XX3I1NTnmeMBOhYLKrELrtpX4WC0zWhu4 +LJbKqADgM1J2cdbMwV6aEjAbPJns8fBGY7MOuMzCgoHi/TIb0IGJtuWW0AjyT6Yu +WwuEdKsjYAGuG8LymB8DeGAnNMMCbJo3LpduwguS1rS79cTWlV2X913Np1m7dwco +HFWOFRk1A0hgjyGiy16Cu09w9fl/NigDhsCIUz7sDucuSnK3iTg/mMsdSuslFsNG +TF8KkAtyrXsHA+AAoOmatjsuoNyXLCZJgvtcAUYs2mUP7MwPVCaalWYazvks+p0j +3BfgOB6aS92dp/XHOvbOntbxq5v2AG7di0UYMvvQ/otXzBnGHPAx/N5Pd92z/keJ +PkXVdrwJWDLbTpKME9h2aXM1Tl1Ihg3J8hRSy1E3tGox6LGvlbGyBJVbURkvj+dX +no0akTOF19Gk1Y2YGY2eVQKi1FtzXYl9o3uRFoiLrJSoNy7pEd/VOD/pcN5zFe+e +ai2Yb/ujze0ddC2me6MHaqvjZuCF+dZJq2pAgjeBv+e4Jy7SsTMlmJETdVfH0jOW +0/Wz/hZdXmLhHC0zB6meW17J5lnZBSFd5wKIVlivt6RJQahbCEra6EOCuzDdcq0P +XJgzLXlA2EJcL7rEQGRL3zQvWIXyxxU4XZjR0+7PMjx9lJO0bBwjHTUBmpLwFNnG +ICTv7w1mZVfI7izcleIwdxINWoLXCiR+k22rxgW/T3O0pS85WX2h385QTJ6ib9EI +ptjMSwv0jyJZpP6wQGmBu3TLqtbhXsvITYrp9gL5HRswDonR4y0TUV+criJKUTL1 +OozTWJweSLc1/kl6kAp9XkqWUpgxim4HryjInXRmcmGWX0b8Y9dsH4oKxg7b3BlT +39xpAYbPXfpX8GFC2E6Ct2G8ZHt0AzauS6HbuEkj7HW4+MBGNenrU4up5r1Cpv5D +pT0Z4E5Py+T5Z+4qcAK7gWSmD16FG+pfwxnuHmsx7voiIIwMwTl462bbNnHeniPW +0taJcfdahZMbRHx+OkoV4e6yms0ZunXJffh6icq8jC42lZ0RRVN6usKKA238t6po +zV0I02jL/u3YMp9LmEQa32vQ6aWWIIrvTAwuZbLircgxzREtuLdqoULEUzFbzj7Y +xVOAnd4kGuWKNPSYsmaY3G9RJN3FzhKfCQBDzmoHl3HImA8BmLDKPPz4mP4P/Kub +48Hrmb2P6Khdwbf8BvA+GApd2YDLbkhwCNGXxLHWp++DfRMfgSjaH0O+RYPSil+h +ZaRAuCKvg8uAubNyM6LqQOEBmfX8FE56VCEziV1w+IMYblkyZ6fIwYJlUNwATEVi +2Dz/a0x1L9/ZTv3OZXEx3sHjmW4K78ubVDMxTr+qe97y02jINw2lJQinfDNUqDub +Q/EJzLTHcPw2lO4RXL0nIMjZ/P4WjQR3Xe/rhq23i4UIT1q8NYyp83WRGV2bgUOe +-----END RSA PRIVATE KEY----- diff --git a/devstack/pregenerated/ssh-keys/octavia_ssh_key b/devstack/pregenerated/ssh-keys/octavia_ssh_key new file mode 100644 index 0000000000..52c66a8b7e --- /dev/null +++ b/devstack/pregenerated/ssh-keys/octavia_ssh_key @@ -0,0 +1,28 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA/V449K2GRGBMypMBVkIBZRfDFVDUeJvEebVlCuNW33bmcblS +x8LB3+oCclhhfToCrtHO5Hndk2oMCJyQRojCcuox4Uauq5I+0cIo1mowmdlqFIDP +7YQEJVnJZQah96F468LY3dc9fyp+2Y3XVeeOjY3ChuBSUaQUb58aNH7lSgS/QwHv +/6sYRmej16CBmYK+NQlxgBFShA9M1F+DNVBnk229iP2+uwfmQyCAv188Ts/tDb3e +974QOmv+vJqJo0nnJIYQd0jOlLIiDfHC3+JsWslYGk8YbBeLsxkdljnLHpIY47pb +i6L4Sy993tlb/2XfbCyw+L+dFoZhynNxyt/c4QIDAQABAoIBAFDaqq5aWcikOp1C +wGB4e9148cZxnvxGKTL10iLhXa2+Udfk3iflXN1J3jIDRkkiJA0J405CHZWXd/Of +kuMPbY4icnyDg+Y4q1dg8ItMI+pU2Wdlm/Ud9fy9ZGma7kEKBH6oFXDl6TgVpZlj +jF5boMBHhtZn650mEWd1jHVIMX+m1Z3lA9dA3qsDTLDmh5IPeH4InWumCn59qw3Z +lMu8cKZLpiAJNEx428P0DbOMpTMgmgFIrRFMQeMRHukxf1X6UeHS3UgHUmTnA2jG +IbGJShNQywxI1pAJKR6BgUJqxZZ1ukcWl8gO4bedkaTejJWIp65KwI7xMNPgYQEO +V+8PfGECgYEA/v9r/ypQzkUEsxyNUqKhJ/02rgSSGdzQT52Fi82O1e2j63PbRPBL +izkA9LkDoxz2RDnG6H3BFfj0QrCbDiV2DqtxBp+xu+mua60JysnjoTRQo1rXS/kr +cDLsNL0q3s/dBNwUCwyoveHdX5V72E5ueqY/vhRbjHV66hzNno7ryqUCgYEA/l0p +LIovymkpqG9wAquvyQXLbQk5qx71CXX0yjip5BEcPmQrEIbV0CwUtL3wKmuHx8xR +dyyvTwSYWANHFVzB85itpAnRdJcRz02SU/4Qq2pMXbp/6oBK3CwAW0xp0l3k4Yol ++SnfZkaQ8jcNDSb5oYxjsl0Jj40T7V3MTCd4QI0CgYEAoUYYHqy7qIl8PG+9bdsP +g8QhFhQr9xFx6jidIttiECkZOCvxLPuxO59U3HI7O6lwk5vbEmWeffATRC6AEoVc +0lBZzq+ncEqOFum8vLXNMsJskbQ9YH55m5+JRp2xhHQAvDcYshhSjK1SHkbjqd2J +ACcvP1+Ouxn+IB0RasvHk0UCgYEAgDhd5QHTjWjtguaJxA7fkanGHbSkyUnVo2s+ +diGSIlEtt5Wuz6noZgOSfHmycu+5hlHMTxLLXD2ovdUJJA+aBT1Vanc4ilkMtT8Z +IBXWOVJgJG86w+7fzZSwqVUfkteZ5MdK1Qryfg/cSPzPK24WMAUgzGxxwVcQUHsT +3N+YkpECgYB4fzJ10b4ZuYYQRSUAxcfQXTqAR1LH9WS0axGQhJrpxtUe9Jur1eJV +NF+o9kcAhFqVCuoJXFn/puDqsYNz4MBYHMXd8S7DVbdOyZs0h/F3lLyTmWS99tjt +cG7xtFl7/75WcbgITcJSbeACKGpC6g6U2vFF5IeM4wA0gOwY1G24fw== +-----END RSA PRIVATE KEY----- + diff --git a/devstack/pregenerated/ssh-keys/octavia_ssh_key.pub b/devstack/pregenerated/ssh-keys/octavia_ssh_key.pub new file mode 100644 index 0000000000..2334218725 --- /dev/null +++ b/devstack/pregenerated/ssh-keys/octavia_ssh_key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD9Xjj0rYZEYEzKkwFWQgFlF8MVUNR4m8R5tWUK41bfduZxuVLHwsHf6gJyWGF9OgKu0c7ked2TagwInJBGiMJy6jHhRq6rkj7RwijWajCZ2WoUgM/thAQlWcllBqH3oXjrwtjd1z1/Kn7ZjddV546NjcKG4FJRpBRvnxo0fuVKBL9DAe//qxhGZ6PXoIGZgr41CXGAEVKED0zUX4M1UGeTbb2I/b67B+ZDIIC/XzxOz+0Nvd73vhA6a/68momjSeckhhB3SM6UsiIN8cLf4mxayVgaTxhsF4uzGR2WOcsekhjjuluLovhLL33e2Vv/Zd9sLLD4v50WhmHKc3HK39zh vagrant@main diff --git a/devstack/settings b/devstack/settings index f371fee761..b5eab4bd10 100644 --- a/devstack/settings +++ b/devstack/settings @@ -40,6 +40,12 @@ OCTAVIA_AMP_SSH_KEY_TYPE=${OCTAVIA_SSH_KEY_TYPE:-"rsa"} OCTAVIA_AMP_SSH_KEY_PATH=${OCTAVIA_SSH_KEY_PATH:-${OCTAVIA_SSH_DIR}/octavia_ssh_key} OCTAVIA_AMP_SSH_KEY_NAME=${OCTAVIA_AMP_SSH_KEY_NAME:-"octavia_ssh_key"} +OCTAVIA_USE_PREGENERATED_SSH_KEY=${OCTAVIA_USE_PREGENERATED_SSH_KEY:-"False"} +OCTAVIA_PREGENERATED_SSH_KEY_PATH=${OCTAVIA_PREGENERATED_SSH_KEY_PATH:-"${OCTAVIA_DIR}/devstack/pregenerated/ssh-keys/octavia_ssh_key"} + +OCTAVIA_USE_PREGENERATED_CERTS=${OCTAVIA_USE_PREGENERATED_CERTS:-"False"} +OCTAVIA_PREGENERATED_CERTS_DIR=${OCTAVIA_PREGENERATED_CERTS_DIR:-"${OCTAVIA_DIR}/devstack/pregenerated/certs"} + OCTAVIA_AMP_FLAVOR_ID=${OCTAVIA_AMP_FLAVOR_ID:-"10"} OCTAVIA_AMP_IMAGE_NAME=${OCTAVIA_AMP_IMAGE_NAME:-"amphora-x64-haproxy"} OCTAVIA_AMP_IMAGE_FILE=${OCTAVIA_AMP_IMAGE_FILE:-${OCTAVIA_DIR}/diskimage-create/${OCTAVIA_AMP_IMAGE_NAME}.qcow2}