Allow user to specify private SSH key
This change allows insert user specified private ssh key for ironic. This is required for ansible deploy driver, and can be useful for another ssh based drivers. Change-Id: I203963c9aefa55e9c88f2a37e43b3ef440d02e23
This commit is contained in:
parent
c7adb13973
commit
5be9b6fa7a
@ -0,0 +1,6 @@
|
||||
---
|
||||
features:
|
||||
- Allow user to insert private SSH key for ironic user.
|
||||
This is useful for ansible deploy driver and another ssh based drivers.
|
||||
The private key can be specified as path to local file in
|
||||
``ssh_private_key_path`` variable, or as string in ``ssh_private_key``.
|
@ -231,6 +231,14 @@ bifrost_venv_env: An environment dictionary that includes the environment
|
||||
It is best not to reset this value unless you know you
|
||||
need to.
|
||||
|
||||
ssh_private_key_path: Defines the path to the SSH private key file to be
|
||||
placed as default ssh key for ironic user. Can be useful
|
||||
when ironic requires ssh access to another server.
|
||||
|
||||
ssh_private_key: If a user wishes to define an SSH private key as a string,
|
||||
this variable can be utilized which overrides the
|
||||
ssh_private_key_path setting.
|
||||
|
||||
Notes
|
||||
-----
|
||||
|
||||
|
@ -163,6 +163,12 @@
|
||||
- name: "Add ironic user to virtualization group"
|
||||
user: name=ironic group="{{ virt_group }}" append=yes
|
||||
when: testing | bool == true
|
||||
- name: "Identify ssh_private_key from ssh_private_key_path"
|
||||
include: set_ssh_private_key.yml
|
||||
when: >
|
||||
testing | bool == false and
|
||||
ssh_private_key is undefined and
|
||||
ssh_private_key_path is defined
|
||||
- name: "Create SSH directory for ironic user"
|
||||
local_action: >
|
||||
file
|
||||
@ -171,7 +177,20 @@
|
||||
group=ironic
|
||||
mode=0700
|
||||
state=directory
|
||||
when: testing | bool == true
|
||||
when: >
|
||||
testing | bool == true or
|
||||
ssh_private_key is defined
|
||||
- name: "Set private key file"
|
||||
copy:
|
||||
content: "{{ ssh_private_key }}"
|
||||
dest: /home/ironic/.ssh/id_rsa
|
||||
owner: ironic
|
||||
group: ironic
|
||||
mode: 0600
|
||||
no_log: true
|
||||
when: >
|
||||
testing | bool == false and
|
||||
ssh_private_key is defined
|
||||
- name: "Check for ironic user SSH key"
|
||||
local_action: stat path=/home/ironic/.ssh/id_rsa
|
||||
register: test_ironic_pvt_key
|
||||
|
@ -0,0 +1,12 @@
|
||||
---
|
||||
- name: "Defined ssh_private_key_path - Check to see if there is a file where the ssh_private_key_path is defined"
|
||||
local_action: stat path={{ ssh_private_key_path }}
|
||||
register: test_ssh_private_key_path
|
||||
|
||||
- name: "Defined ssh_private_key_path - Error if ssh_private_key_path is not valid"
|
||||
local_action: fail msg="ssh_private_key_path is not valid."
|
||||
when: test_ssh_private_key_path.stat.exists == false
|
||||
|
||||
- name: "Defined ssh_private_key_path - Read SSH private key in"
|
||||
set_fact: ssh_private_key="{{ lookup('file', ssh_private_key_path ) }}"
|
||||
no_log: true
|
Loading…
x
Reference in New Issue
Block a user