Add tripleo-ssh-known-hosts role

Support the SshKnownHostsDeployment resources from Heat with a new
Ansible role in tripleo-common for use by config-download. The new role
will configure /etc/ssh/ssh_known_hosts in the same manner that the Heat
deployments did.

Change-Id: I9314596f9ab48e95ba34d08dba9abfee2f8d2e0c
Partial-Bug: #1746336

releasenotes/notes/tripleo-ssh-known-hosts-d27c54b0a6f9a028.yaml

@@ -0,0 +1,5 @@
+---
+fixes:
+  - Support for the SshKnownHostsDeployment resources has been fixed by adding
+    a new role that can be used to configure /etc/ssh/ssh_known_hosts
+    on each host.

roles/tripleo-ssh-known-hosts/README.md

@@ -0,0 +1,41 @@
+tripleo-ssh-known-hosts
+=======================
+
+An Ansible role to add all SSH host keys to the host level known hosts file on
+all hosts.
+
+Requirements
+------------
+
+This section needs to be documented.
+
+Role variables
+--------------
+
+- ssh_known_hosts: -- Dict of hostname to ssh_known_hosts entries for a given
+  host
+
+Dependencies
+------------
+
+None.
+
+Example Playbook
+----------------
+
+Sample playbook to call the role:
+
+  - name: Configure SSH known hosts
+    hosts: all
+    roles:
+      - tripleo-ssh-known-hosts
+
+License
+-------
+
+Free software: Apache License (2.0)
+
+Author Information
+------------------
+
+OpenStack TripleO team

roles/tripleo-ssh-known-hosts/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+
+ssh_known_hosts: {}

roles/tripleo-ssh-known-hosts/handlers/main.yml

@@ -0,0 +1 @@
+---

roles/tripleo-ssh-known-hosts/meta/main.yml

@@ -0,0 +1 @@
+---

roles/tripleo-ssh-known-hosts/tasks/main.yml

@@ -0,0 +1,8 @@
+---
+
+- name: Template /etc/ssh/ssh_known_hosts
+  template:
+    src: ssh_known_hosts.j2
+    dest: /etc/ssh/ssh_known_hosts
+  tags:
+    - tripleo_ssh_known_hosts

roles/tripleo-ssh-known-hosts/templates/ssh_known_hosts.j2

@@ -0,0 +1,3 @@
+{% for host in groups['overcloud'] %}
+{{ ssh_known_hosts[hostvars[host]['ansible_nodename']] + ' ' + hostvars[host]['ansible_ssh_host_key_ecdsa_public'] }}
+{% endfor %}