aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-02-19 12:22:19 +0000
committerGerrit Code Review <gerrit@opnfv.org>2018-02-19 12:22:19 +0000
commit00839253ec6cc31fdabe7cacdc23b9ffadfb2bba (patch)
tree2507df769d44a37f4b98d95ee78de0cfca48fc3a
parent30993030ea4b5a35ab4ae9d0aeb6be85c1e259c3 (diff)
parentaf65ce60c5ab69816cbe8b4c1c7b4c5922304205 (diff)
Merge "[patch] MaaS: mcp.rsa.pub to auth keys via pillar"
-rwxr-xr-xci/deploy.sh5
-rw-r--r--mcp/patches/0004-maas-region-use-authorized_keys-1st-entry.patch45
-rw-r--r--mcp/patches/patches.list1
-rw-r--r--mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas_pdf.yml.j22
4 files changed, 6 insertions, 47 deletions
diff --git a/ci/deploy.sh b/ci/deploy.sh
index ed438324b..c883616f1 100755
--- a/ci/deploy.sh
+++ b/ci/deploy.sh
@@ -280,6 +280,10 @@ eval "$(parse_yaml "${SCENARIO_DIR}/defaults-$(uname -i).yaml")"
eval "$(parse_yaml "${SCENARIO_DIR}/${DEPLOY_SCENARIO}.yaml")"
export CLUSTER_DOMAIN=${cluster_domain}
+# key might not exist yet ...
+generate_ssh_key
+export MAAS_SSH_KEY="$(cat "$(basename "${SSH_KEY}").pub")"
+
# Expand jinja2 templates based on PDF data and env vars
do_templates "${REPO_ROOT_PATH}" "${STORAGE_DIR}" "${TARGET_LAB}" \
"${TARGET_POD}" "${BASE_CONFIG_URI}"
@@ -336,7 +340,6 @@ elif [ ${USE_EXISTING_INFRA} -gt 0 ]; then
notify "[NOTE] Use existing infra" 2
check_connection
else
- generate_ssh_key
prepare_vms "${base_image}" "${STORAGE_DIR}" "${virtual_repos_pkgs}" \
"${virtual_nodes[@]}"
create_networks "${OPNFV_BRIDGES[@]}"
diff --git a/mcp/patches/0004-maas-region-use-authorized_keys-1st-entry.patch b/mcp/patches/0004-maas-region-use-authorized_keys-1st-entry.patch
deleted file mode 100644
index a4fb44b05..000000000
--- a/mcp/patches/0004-maas-region-use-authorized_keys-1st-entry.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
-: Copyright (c) 2017 Mirantis Inc., Enea AB and others.
-:
-: All rights reserved. This program and the accompanying materials
-: are made available under the terms of the Apache License, Version 2.0
-: which accompanies this distribution, and is available at
-: http://www.apache.org/licenses/LICENSE-2.0
-::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
-From: Charalampos Kominos <Charalampos.Kominos@enea.com>
-Date: Sat, 5 Aug 2017 02:03:01 +0200
-Subject: [PATCH] maas: region: use authorized_keys 1st entry
-
-MaaS custom py modules accepts the "sshprefs" variable via pillar,
-however we want to read it from ~ubuntu/.ssh/authorized_keys.
-
-Bypass the py module and call MaaS CLI directly, passing the first
-authorized key, which should be mcp.rsa.pub.
-
-Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com>
----
-
-diff --git a/maas/region.sls b/maas/region.sls
---- a/maas/region.sls
-+++ b/maas/region.sls
-@@ -242,12 +242,16 @@
- - require:
- - module: maas_config
-
--{%- if region.get('sshprefs', False) %}
- maas_sshprefs:
-- module.run:
-- - name: maas.process_sshprefs
-+# NOTE(armband): maas.process_sshprefs also works, but we need to read the key
-+# from authorized_keys. Should be reworked at some point.
-+# module.run:
-+# - name: maas.process_sshprefs
-+# - require:
-+ cmd.run:
-+ - name: "maas login {{ region.admin.username }} http://{{ region.bind.host }}:5240/MAAS/api/2.0 - < /var/lib/maas/.maas_credentials && SSH_KEY=$(cat authorized_keys | head -1) && (maas opnfv sshkeys read | grep -q \"$SSH_KEY\" || maas opnfv sshkeys create \"key=$SSH_KEY\")"
-+ - cwd: "/home/ubuntu/.ssh"
- - require:
- - module: maas_config
--{%- endif %}
-
- {%- endif %}
diff --git a/mcp/patches/patches.list b/mcp/patches/patches.list
index 703bd0587..1b500254d 100644
--- a/mcp/patches/patches.list
+++ b/mcp/patches/patches.list
@@ -8,7 +8,6 @@
/usr/share/salt-formulas/env: 0001-opendaylight-formula-neutron.patch
/usr/share/salt-formulas/env: 0002-maas-region-skip-credentials-update.patch
/usr/share/salt-formulas/env: 0003-maas-region-force-artifact-download.patch
-/usr/share/salt-formulas/env: 0004-maas-region-use-authorized_keys-1st-entry.patch
/usr/share/salt-formulas/env: 0005-maas-module-Obtain-fabric-ID-from-CIDR.patch
/usr/share/salt-formulas/env: 0006-maas-module-Add-VLAN-DHCP-enable-support.patch
/usr/share/salt-formulas/env: 0007-network.interface-Fix-ifup-OVS-port-with-route.patch
diff --git a/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas_pdf.yml.j2
index a875993e3..cff6d9b30 100644
--- a/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas_pdf.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas_pdf.yml.j2
@@ -9,6 +9,8 @@
parameters:
maas:
region:
+ sshprefs:
+ - '{{ conf.MAAS_SSH_KEY }}'
machines:
{%- set pxe_interface = conf.idf.net_config.admin.interface %}
{#- We only support exactly 5 nodes for now, hardcoded order #}