Merge "adds bifrost ssh key generation"

014d0550 · Jenkins · Gerrit Code Review · 7b8e851e · 538dbac2 · 014d0550
Commit 014d0550 authored 8 years ago by Jenkins Committed by Gerrit Code Review 8 years ago
--- a/ansible/roles/bifrost/tasks/bootstrap.yml
+++ b/ansible/roles/bifrost/tasks/bootstrap.yml
@@ -7,3 +7,22 @@
     ansible-playbook -vvvv -i /bifrost/playbooks/inventory/localhost
     /bifrost/playbooks/install.yaml -e @/etc/bifrost/bifrost.yml
     -e @/etc/bifrost/dib.yml -e  skip_package_install=true'
+- name: installing ssh keys
+  command: >
+     docker exec bifrost_deploy
+     bash -c 'mkdir /root/.ssh ; mkdir /home/ironic/.ssh;
+     cp -f /etc/bifrost/id_rsa /root/.ssh/id_rsa &&
+     cp -f /etc/bifrost/id_rsa.pub /root/.ssh/id_rsa.pub &&
+     cp -f /etc/bifrost/ssh_config /root/.ssh/config &&
+     cp -f /etc/bifrost/id_rsa /home/ironic/.ssh/id_rsa &&
+     cp -f /etc/bifrost/id_rsa.pub /home/ironic/.ssh/id_rsa.pub &&
+     cp -f /etc/bifrost/ssh_config /home/ironic/.ssh/config &&
+     chmod 600 /root/.ssh/id_rsa &&
+     chmod 600 /root/.ssh/id_rsa.pub &&
+     chmod 600 /root/.ssh/config &&
+     chmod 600 /home/ironic/.ssh/id_rsa &&
+     chmod 600 /home/ironic/.ssh/id_rsa.pub &&
+     chmod 600 /home/ironic/.ssh/config &&
+     chown ironic:ironic /home/ironic/.ssh/id_rsa &&
+     chown ironic:ironic /home/ironic/.ssh/id_rsa.pub &&
+     chown ironic:ironic /home/ironic/.ssh/config'
--- a/ansible/roles/bifrost/tasks/config.yml
+++ b/ansible/roles/bifrost/tasks/config.yml
@@ -19,3 +19,12 @@
    - "dib"
    - "servers"

+- name: template ssh keys
+  template:
+    src: "{{ item.src }}"
+    dest: "{{ node_config_directory }}/bifrost/{{ item.dest }}"
+  with_items:
+    - { src: "id_rsa", dest: "id_rsa" }
+    - { src: "id_rsa.pub", dest: "id_rsa.pub" }
+    - { src: "ssh_config", dest: "ssh_config" }
+
--- a/ansible/roles/bifrost/templates/id_rsa
+++ b/ansible/roles/bifrost/templates/id_rsa
+{{ bifrost_ssh_key.private_key }}
--- a/ansible/roles/bifrost/templates/id_rsa.pub
+++ b/ansible/roles/bifrost/templates/id_rsa.pub
+{{ bifrost_ssh_key.public_key }}
--- a/ansible/roles/bifrost/templates/ssh_config
+++ b/ansible/roles/bifrost/templates/ssh_config
+Host *
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
--- a/doc/bifrost.rst
+++ b/doc/bifrost.rst
@@ -240,7 +240,8 @@ TODO

 Bring your own ssh key
 ----------------------
-TODO
+To use your own ssh key after you have generated the passwords.yml file
+update the private and public keys under bifrost_ssh_key.

 Known issues
 ============

--- a/etc/kolla/passwords.yml
+++ b/etc/kolla/passwords.yml
@@ -88,6 +88,10 @@ keystone_ssh_key:
  private_key:
  public_key:

+bifrost_ssh_key:
+  private_key:
+  public_key:
+
 ####################
 # RabbitMQ options
 ####################

--- a/kolla/cmd/genpwd.py
+++ b/kolla/cmd/genpwd.py
@@ -43,7 +43,8 @@ def main():
    uuid_keys = ['ceph_cluster_fsid', 'rbd_secret_uuid']

    # SSH key pair
-    ssh_keys = ['kolla_ssh_key', 'nova_ssh_key', 'keystone_ssh_key']
+    ssh_keys = ['kolla_ssh_key', 'nova_ssh_key',
+                'keystone_ssh_key', 'bifrost_ssh_key']

    # If these keys are None, leave them as None
    blank_keys = ['docker_registry_password']