summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKonrad Bańka <k.banka@samsung.com>2019-06-10 14:03:45 +0200
committerKonrad Bańka <k.banka@samsung.com>2019-06-21 11:22:37 +0200
commit46c5d310b24563ba9de00d0583e76742efc2cc0d (patch)
treecea795d804688497fd18befef4aef55cdeeda157
parent2860cd0ee42a205ea3c565c9953ff15bd79fcc25 (diff)
Make aio.sh preserve host's ssh keys if possible
aio.sh script creates rsa key that is also added to host's authorized_keys. Currently, existing id_rsa keys are removed in order to generate fresh key each time. This change makes setup script reuse existing key when possible. Issue-ID: MULTICLOUD-676 Change-Id: I3b6b837f64dabd3cb6a14aa5ea65e67c6b8db6a8 Signed-off-by: Konrad Bańka <k.banka@samsung.com>
-rwxr-xr-xkud/hosting_providers/baremetal/aio.sh13
1 files changed, 9 insertions, 4 deletions
diff --git a/kud/hosting_providers/baremetal/aio.sh b/kud/hosting_providers/baremetal/aio.sh
index c1aac6ac..c9fac098 100755
--- a/kud/hosting_providers/baremetal/aio.sh
+++ b/kud/hosting_providers/baremetal/aio.sh
@@ -18,7 +18,7 @@ cd ${aio_dir}/../vagrant
# For aio inventory by default get ovn central ip from local host default interface.
# This variable used only in this file, but env variable defined to enable user to override it prior calling aio.sh.
OVN_CENTRAL_IP_ADDRESS=${OVN_CENTRAL_IP_ADDRESS:-$(hostname -I | cut -d ' ' -f 1)}
-
+echo "Preparing inventory for ansible"
cat <<EOL > inventory/hosts.ini
[all]
localhost ansible_ssh_host=${OVN_CENTRAL_IP_ADDRESS} ansible_ssh_port=22
@@ -46,9 +46,14 @@ kube-node
kube-master
EOL
-rm -f ~/.ssh/id_rsa
-echo -e "\n\n\n" | ssh-keygen -t rsa -N ""
-cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
+if ! [ -f ~/.ssh/id_rsa ]; then
+ echo "Generating rsa key for this host"
+ ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa <&-
+fi
+if ! grep -qF "$(ssh-keygen -y -f ~/.ssh/id_rsa)" ~/.ssh/authorized_keys; then
+ echo "Allowing present ~/.ssh/id_rsa key to be used for login to this host"
+ ssh-keygen -y -f ~/.ssh/id_rsa >> ~/.ssh/authorized_keys
+fi
chmod og-wx ~/.ssh/authorized_keys
echo "Enabling nested-virtualization"