Add template mode to tripleo-ssh-known-hosts
Adds the ability to generate the ssh known hosts configuration using a jinja2 template. The previous behavior is maintained before tripleo-heat-templates is migrated over to use the new template mode. Once tripleo-heat-templates is migrated, the old mode that relied on the tripleo_ssh_known_hosts variable can be removed. Change-Id: Ie6546c74b452be322e7a4d046d2d58b42c6ccee8
This commit is contained in:
parent
1255faa87d
commit
cb7ab955c0
|
@ -31,4 +31,7 @@
|
||||||
# overcloud-novacompute-1: '[172.17.25.248]*,[overcloud-novacompute-1.localdomain]*,[overcloud-novacompute-1]*,...'
|
# overcloud-novacompute-1: '[172.17.25.248]*,[overcloud-novacompute-1.localdomain]*,[overcloud-novacompute-1]*,...'
|
||||||
# overcloud-novacompute-2: '[172.17.25.249]*,[overcloud-novacompute-2.localdomain]*,[overcloud-novacompute-2]*,...'
|
# overcloud-novacompute-2: '[172.17.25.249]*,[overcloud-novacompute-2.localdomain]*,[overcloud-novacompute-2]*,...'
|
||||||
#
|
#
|
||||||
|
# tripleo_ssh_known_hosts_use_template: false
|
||||||
|
|
||||||
tripleo_ssh_known_hosts: "{{ ssh_known_hosts | default({}) }}"
|
tripleo_ssh_known_hosts: "{{ ssh_known_hosts | default({}) }}"
|
||||||
|
tripleo_ssh_known_hosts_use_template: false
|
||||||
|
|
|
@ -43,12 +43,40 @@
|
||||||
when:
|
when:
|
||||||
- _ssh_known_hosts.stat.exists | bool
|
- _ssh_known_hosts.stat.exists | bool
|
||||||
|
|
||||||
|
- name: Set ssh_known_hosts fact
|
||||||
|
run_once: true
|
||||||
|
set_fact:
|
||||||
|
ssh_known_hosts_lines: |-
|
||||||
|
{%- for host in groups['overcloud'] | intersect(play_hosts) %}
|
||||||
|
[{{ ctlplane_ip }}]*,[{{ host }}.{{ cloud_domain }}]*,[{{ host }}]*{%- if enabled_networks | length > 0 %},{% endif %}
|
||||||
|
{%- for network in enabled_networks %}
|
||||||
|
{%- if network in role_networks %}
|
||||||
|
[{{ hostvars[host][networks[network]['name'] ~ '_ip'] }}]*,[{{ host }}.{{ networks[network]['name'] }}]*,{% if 1 %}{% endif %}
|
||||||
|
[{{ host }}.{{ networks[network]['name'] }}.{{ cloud_domain }}]*{% if not loop.last %},{% endif %}
|
||||||
|
{%- endif -%}
|
||||||
|
{%- endfor -%}
|
||||||
|
{{ ' ssh-rsa ' ~ hostvars[host]['ansible_ssh_host_key_rsa_public'] }}
|
||||||
|
{% endfor %}
|
||||||
|
when:
|
||||||
|
- tripleo_ssh_known_hosts_use_template | bool
|
||||||
|
|
||||||
|
- name: Add host keys to temporary ssh_known_hosts from rendered template
|
||||||
|
lineinfile:
|
||||||
|
path: "{{ ssh_known_hosts_tmp.path }}"
|
||||||
|
line: "{{ item }}"
|
||||||
|
create: true
|
||||||
|
with_items: "{{ ssh_known_hosts_lines.splitlines() }}"
|
||||||
|
when:
|
||||||
|
- tripleo_ssh_known_hosts_use_template | bool
|
||||||
|
|
||||||
- name: Add host keys to temporary ssh_known_hosts
|
- name: Add host keys to temporary ssh_known_hosts
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: "{{ ssh_known_hosts_tmp.path }}"
|
path: "{{ ssh_known_hosts_tmp.path }}"
|
||||||
line: "{{ tripleo_ssh_known_hosts[(hostvars[item]['ansible_hostname'] | lower)] ~ ' ssh-rsa ' ~ hostvars[item]['ansible_ssh_host_key_rsa_public'] }}"
|
line: "{{ tripleo_ssh_known_hosts[(hostvars[item]['ansible_hostname'] | lower)] ~ ' ssh-rsa ' ~ hostvars[item]['ansible_ssh_host_key_rsa_public'] }}"
|
||||||
create: true
|
create: true
|
||||||
with_items: "{{ groups['overcloud'] | intersect(play_hosts) }}"
|
with_items: "{{ groups['overcloud'] | intersect(play_hosts) }}"
|
||||||
|
when:
|
||||||
|
- not (tripleo_ssh_known_hosts_use_template | bool)
|
||||||
|
|
||||||
# Workaround https://bugs.launchpad.net/tripleo/+bug/1810932
|
# Workaround https://bugs.launchpad.net/tripleo/+bug/1810932
|
||||||
# Ansible modules perform a replace instead of in-place modification.
|
# Ansible modules perform a replace instead of in-place modification.
|
||||||
|
|
Loading…
Reference in New Issue