Merge "SSH known_hosts config" into stable/newton
This commit is contained in:
commit
f178f5ae28
|
@ -0,0 +1,42 @@
|
|||
heat_template_version: 2016-10-14
|
||||
|
||||
description: >
|
||||
This is a template which will fetch the ssh host public key.
|
||||
|
||||
parameters:
|
||||
server:
|
||||
description: ID of the node to apply this config to
|
||||
type: string
|
||||
|
||||
resources:
|
||||
SshHostPubKeyConfig:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: script
|
||||
outputs:
|
||||
- name: rsa
|
||||
- name: ecdsa
|
||||
- name: ed25519
|
||||
config: |
|
||||
#!/bin/sh -x
|
||||
test -e '/etc/ssh/ssh_host_rsa_key.pub' && cat /etc/ssh/ssh_host_rsa_key.pub > $heat_outputs_path.rsa
|
||||
test -e '/etc/ssh/ssh_host_ecdsa_key.pub' && cat /etc/ssh/ssh_host_ecdsa_key.pub > $heat_outputs_path.ecdsa
|
||||
test -e '/etc/ssh/ssh_host_ed25519_key.pub' && cat /etc/ssh/ssh_host_ed25519_key.pub > $heat_outputs_path.ed25519
|
||||
|
||||
SshHostPubKeyDeployment:
|
||||
type: OS::Heat::SoftwareDeployment
|
||||
properties:
|
||||
config: {get_resource: SshHostPubKeyConfig}
|
||||
server: {get_param: server}
|
||||
|
||||
|
||||
outputs:
|
||||
ecdsa:
|
||||
description: Host ssh public key (ecdsa)
|
||||
value: {get_attr: [SshHostPubKeyDeployment, ecdsa]}
|
||||
rsa:
|
||||
description: Host ssh public key (rsa)
|
||||
value: {get_attr: [SshHostPubKeyDeployment, rsa]}
|
||||
ed25519:
|
||||
description: Host ssh public key (ed25519)
|
||||
value: {get_attr: [SshHostPubKeyDeployment, ed25519]}
|
|
@ -0,0 +1,36 @@
|
|||
heat_template_version: 2016-10-14
|
||||
description: 'SSH Known Hosts Config'
|
||||
|
||||
parameters:
|
||||
known_hosts:
|
||||
type: string
|
||||
|
||||
resources:
|
||||
|
||||
SSHKnownHostsConfig:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: script
|
||||
inputs:
|
||||
- name: known_hosts
|
||||
default: {get_param: known_hosts}
|
||||
config: |
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
echo "Creating ssh known hosts file"
|
||||
|
||||
if [ ! -z "${known_hosts}" ]; then
|
||||
echo "${known_hosts}"
|
||||
echo -ne "${known_hosts}" > /etc/ssh/ssh_known_hosts
|
||||
chmod 0644 /etc/ssh/ssh_known_hosts
|
||||
else
|
||||
rm -f /etc/ssh/ssh_known_hosts
|
||||
echo "No ssh known hosts"
|
||||
fi
|
||||
|
||||
outputs:
|
||||
OS::stack_id:
|
||||
description: The SSHKnownHostsConfig resource.
|
||||
value: {get_resource: SSHKnownHostsConfig}
|
|
@ -4,6 +4,8 @@ resource_registry:
|
|||
OS::TripleO::PostDeploySteps: puppet/post.yaml
|
||||
OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml
|
||||
OS::TripleO::Hosts::SoftwareConfig: hosts-config.yaml
|
||||
OS::TripleO::Ssh::HostPubKey: extraconfig/tasks/ssh/host_public_key.yaml
|
||||
OS::TripleO::Ssh::KnownHostsConfig: extraconfig/tasks/ssh/known_hosts_config.yaml
|
||||
OS::TripleO::DefaultPasswords: default_passwords.yaml
|
||||
|
||||
# Tasks (for internal TripleO usage)
|
||||
|
|
|
@ -201,6 +201,16 @@ resources:
|
|||
NetIpMap: {get_attr: [VipMap, net_ip_map]}
|
||||
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
|
||||
|
||||
SshKnownHostsConfig:
|
||||
type: OS::TripleO::Ssh::KnownHostsConfig
|
||||
properties:
|
||||
known_hosts:
|
||||
list_join:
|
||||
- ''
|
||||
{% for role in roles %}
|
||||
- {get_attr: [{{role.name}}, known_hosts_entry]}
|
||||
{% endfor %}
|
||||
|
||||
# Jinja loop for Role in roles_data.yaml
|
||||
{% for role in roles %}
|
||||
# Resources generated for {{role.name}} Role
|
||||
|
@ -220,6 +230,13 @@ resources:
|
|||
config: {get_attr: [hostsConfig, config_id]}
|
||||
servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
|
||||
|
||||
{{role.name}}SshKnownHostsDeployment:
|
||||
type: OS::Heat::StructuredDeployments
|
||||
properties:
|
||||
name: {{role.name}}SshKnownHostsDeployment
|
||||
config: {get_resource: SshKnownHostsConfig}
|
||||
servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
|
||||
|
||||
{{role.name}}AllNodesDeployment:
|
||||
type: OS::Heat::StructuredDeployments
|
||||
depends_on:
|
||||
|
|
|
@ -301,6 +301,12 @@ resources:
|
|||
update_identifier:
|
||||
get_param: UpdateIdentifier
|
||||
|
||||
SshHostPubKey:
|
||||
type: OS::TripleO::Ssh::HostPubKey
|
||||
depends_on: BlockStorageDeployment
|
||||
properties:
|
||||
server: {get_resource: BlockStorage}
|
||||
|
||||
outputs:
|
||||
ip_address:
|
||||
description: IP address of the server in the ctlplane network
|
||||
|
@ -411,6 +417,65 @@ outputs:
|
|||
- '.'
|
||||
- - {get_attr: [BlockStorage, name]}
|
||||
- ctlplane
|
||||
known_hosts_entry:
|
||||
description: Entry for ssh known hosts
|
||||
value:
|
||||
str_replace:
|
||||
template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
|
||||
EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
|
||||
INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
|
||||
STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
|
||||
STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
|
||||
TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
|
||||
MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
|
||||
CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
|
||||
params:
|
||||
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, BlockStorageHostnameResolveNetwork]}]}
|
||||
DOMAIN: {get_param: CloudDomain}
|
||||
PRIMARYHOST: {get_attr: [BlockStorage, name]}
|
||||
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
|
||||
EXTERNALHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [BlockStorage, name]}
|
||||
- external
|
||||
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
|
||||
INTERNAL_APIHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [BlockStorage, name]}
|
||||
- internalapi
|
||||
STORAGEIP: {get_attr: [StoragePort, ip_address]}
|
||||
STORAGEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [BlockStorage, name]}
|
||||
- storage
|
||||
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
|
||||
STORAGE_MGMTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [BlockStorage, name]}
|
||||
- storagemgmt
|
||||
TENANTIP: {get_attr: [TenantPort, ip_address]}
|
||||
TENANTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [BlockStorage, name]}
|
||||
- tenant
|
||||
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
|
||||
MANAGEMENTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [BlockStorage, name]}
|
||||
- management
|
||||
CTLPLANEIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
|
||||
CTLPLANEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [BlockStorage, name]}
|
||||
- ctlplane
|
||||
HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
|
||||
nova_server_resource:
|
||||
description: Heat resource handle for the block storage server
|
||||
value:
|
||||
|
|
|
@ -312,6 +312,12 @@ resources:
|
|||
update_identifier:
|
||||
get_param: UpdateIdentifier
|
||||
|
||||
SshHostPubKey:
|
||||
type: OS::TripleO::Ssh::HostPubKey
|
||||
depends_on: CephStorageDeployment
|
||||
properties:
|
||||
server: {get_resource: CephStorage}
|
||||
|
||||
outputs:
|
||||
ip_address:
|
||||
description: IP address of the server in the ctlplane network
|
||||
|
@ -422,6 +428,65 @@ outputs:
|
|||
- '.'
|
||||
- - {get_attr: [CephStorage, name]}
|
||||
- ctlplane
|
||||
known_hosts_entry:
|
||||
description: Entry for ssh known hosts
|
||||
value:
|
||||
str_replace:
|
||||
template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
|
||||
EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
|
||||
INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
|
||||
STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
|
||||
STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
|
||||
TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
|
||||
MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
|
||||
CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
|
||||
params:
|
||||
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephStorageHostnameResolveNetwork]}]}
|
||||
DOMAIN: {get_param: CloudDomain}
|
||||
PRIMARYHOST: {get_attr: [CephStorage, name]}
|
||||
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
|
||||
EXTERNALHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [CephStorage, name]}
|
||||
- external
|
||||
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
|
||||
INTERNAL_APIHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [CephStorage, name]}
|
||||
- internalapi
|
||||
STORAGEIP: {get_attr: [StoragePort, ip_address]}
|
||||
STORAGEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [CephStorage, name]}
|
||||
- storage
|
||||
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
|
||||
STORAGE_MGMTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [CephStorage, name]}
|
||||
- storagemgmt
|
||||
TENANTIP: {get_attr: [TenantPort, ip_address]}
|
||||
TENANTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [CephStorage, name]}
|
||||
- tenant
|
||||
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
|
||||
MANAGEMENTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [CephStorage, name]}
|
||||
- management
|
||||
CTLPLANEIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
|
||||
CTLPLANEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [CephStorage, name]}
|
||||
- ctlplane
|
||||
HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
|
||||
nova_server_resource:
|
||||
description: Heat resource handle for the ceph storage server
|
||||
value:
|
||||
|
|
|
@ -336,6 +336,12 @@ resources:
|
|||
update_identifier:
|
||||
get_param: UpdateIdentifier
|
||||
|
||||
SshHostPubKey:
|
||||
type: OS::TripleO::Ssh::HostPubKey
|
||||
depends_on: NovaComputeDeployment
|
||||
properties:
|
||||
server: {get_resource: NovaCompute}
|
||||
|
||||
outputs:
|
||||
ip_address:
|
||||
description: IP address of the server in the ctlplane network
|
||||
|
@ -466,6 +472,65 @@ outputs:
|
|||
- '.'
|
||||
- - {get_attr: [NovaCompute, name]}
|
||||
- ctlplane
|
||||
known_hosts_entry:
|
||||
description: Entry for ssh known hosts
|
||||
value:
|
||||
str_replace:
|
||||
template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
|
||||
EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
|
||||
INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
|
||||
STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
|
||||
STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
|
||||
TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
|
||||
MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
|
||||
CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
|
||||
params:
|
||||
HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
|
||||
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
|
||||
DOMAIN: {get_param: CloudDomain}
|
||||
PRIMARYHOST: {get_attr: [NovaCompute, name]}
|
||||
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
|
||||
EXTERNALHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [NovaCompute, name]}
|
||||
- external
|
||||
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
|
||||
INTERNAL_APIHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [NovaCompute, name]}
|
||||
- internalapi
|
||||
STORAGEIP: {get_attr: [StoragePort, ip_address]}
|
||||
STORAGEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [NovaCompute, name]}
|
||||
- storage
|
||||
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
|
||||
STORAGE_MGMTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [NovaCompute, name]}
|
||||
- storagemgmt
|
||||
TENANTIP: {get_attr: [TenantPort, ip_address]}
|
||||
TENANTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [NovaCompute, name]}
|
||||
- tenant
|
||||
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
|
||||
MANAGEMENTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [NovaCompute, name]}
|
||||
- management
|
||||
CTLPLANEIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
|
||||
CTLPLANEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [NovaCompute, name]}
|
||||
- ctlplane
|
||||
nova_server_resource:
|
||||
description: Heat resource handle for the Nova compute server
|
||||
value:
|
||||
|
|
|
@ -379,6 +379,12 @@ resources:
|
|||
update_identifier:
|
||||
get_param: UpdateIdentifier
|
||||
|
||||
SshHostPubKey:
|
||||
type: OS::TripleO::Ssh::HostPubKey
|
||||
depends_on: ControllerDeployment
|
||||
properties:
|
||||
server: {get_resource: Controller}
|
||||
|
||||
outputs:
|
||||
ip_address:
|
||||
description: IP address of the server in the ctlplane network
|
||||
|
@ -509,6 +515,65 @@ outputs:
|
|||
- '.'
|
||||
- - {get_attr: [Controller, name]}
|
||||
- ctlplane
|
||||
known_hosts_entry:
|
||||
description: Entry for ssh known hosts
|
||||
value:
|
||||
str_replace:
|
||||
template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
|
||||
EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
|
||||
INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
|
||||
STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
|
||||
STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
|
||||
TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
|
||||
MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
|
||||
CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
|
||||
params:
|
||||
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
|
||||
DOMAIN: {get_param: CloudDomain}
|
||||
PRIMARYHOST: {get_attr: [Controller, name]}
|
||||
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
|
||||
EXTERNALHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [Controller, name]}
|
||||
- external
|
||||
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
|
||||
INTERNAL_APIHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [Controller, name]}
|
||||
- internalapi
|
||||
STORAGEIP: {get_attr: [StoragePort, ip_address]}
|
||||
STORAGEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [Controller, name]}
|
||||
- storage
|
||||
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
|
||||
STORAGE_MGMTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [Controller, name]}
|
||||
- storagemgmt
|
||||
TENANTIP: {get_attr: [TenantPort, ip_address]}
|
||||
TENANTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [Controller, name]}
|
||||
- tenant
|
||||
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
|
||||
MANAGEMENTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [Controller, name]}
|
||||
- management
|
||||
CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
|
||||
CTLPLANEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [Controller, name]}
|
||||
- ctlplane
|
||||
HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
|
||||
nova_server_resource:
|
||||
description: Heat resource handle for the Nova compute server
|
||||
value:
|
||||
|
|
|
@ -300,6 +300,12 @@ resources:
|
|||
update_identifier:
|
||||
get_param: UpdateIdentifier
|
||||
|
||||
SshHostPubKey:
|
||||
type: OS::TripleO::Ssh::HostPubKey
|
||||
depends_on: SwiftStorageHieraDeploy
|
||||
properties:
|
||||
server: {get_resource: SwiftStorage}
|
||||
|
||||
outputs:
|
||||
ip_address:
|
||||
description: IP address of the server in the ctlplane network
|
||||
|
@ -410,6 +416,65 @@ outputs:
|
|||
- '.'
|
||||
- - {get_attr: [SwiftStorage, name]}
|
||||
- ctlplane
|
||||
known_hosts_entry:
|
||||
description: Entry for ssh known hosts
|
||||
value:
|
||||
str_replace:
|
||||
template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
|
||||
EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
|
||||
INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
|
||||
STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
|
||||
STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
|
||||
TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
|
||||
MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
|
||||
CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
|
||||
params:
|
||||
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ObjectStorageHostnameResolveNetwork]}]}
|
||||
DOMAIN: {get_param: CloudDomain}
|
||||
PRIMARYHOST: {get_attr: [SwiftStorage, name]}
|
||||
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
|
||||
EXTERNALHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [SwiftStorage, name]}
|
||||
- external
|
||||
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
|
||||
INTERNAL_APIHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [SwiftStorage, name]}
|
||||
- internalapi
|
||||
STORAGEIP: {get_attr: [StoragePort, ip_address]}
|
||||
STORAGEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [SwiftStorage, name]}
|
||||
- storage
|
||||
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
|
||||
STORAGE_MGMTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [SwiftStorage, name]}
|
||||
- storagemgmt
|
||||
TENANTIP: {get_attr: [TenantPort, ip_address]}
|
||||
TENANTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [SwiftStorage, name]}
|
||||
- tenant
|
||||
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
|
||||
MANAGEMENTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [SwiftStorage, name]}
|
||||
- management
|
||||
CTLPLANEIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
|
||||
CTLPLANEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [SwiftStorage, name]}
|
||||
- ctlplane
|
||||
HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
|
||||
nova_server_resource:
|
||||
description: Heat resource handle for the swift storage server
|
||||
value:
|
||||
|
|
|
@ -327,6 +327,12 @@ resources:
|
|||
update_identifier:
|
||||
get_param: UpdateIdentifier
|
||||
|
||||
SshHostPubKey:
|
||||
type: OS::TripleO::Ssh::HostPubKey
|
||||
depends_on: {{role}}Deployment
|
||||
properties:
|
||||
server: {get_resource: {{role}}}
|
||||
|
||||
outputs:
|
||||
ip_address:
|
||||
description: IP address of the server in the ctlplane network
|
||||
|
@ -437,6 +443,65 @@ outputs:
|
|||
- '.'
|
||||
- - {get_attr: [{{role}}, name]}
|
||||
- ctlplane
|
||||
known_hosts_entry:
|
||||
description: Entry for ssh known hosts
|
||||
value:
|
||||
str_replace:
|
||||
template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
|
||||
EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
|
||||
INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
|
||||
STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
|
||||
STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
|
||||
TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
|
||||
MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
|
||||
CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
|
||||
params:
|
||||
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
|
||||
DOMAIN: {get_param: CloudDomain}
|
||||
PRIMARYHOST: {get_attr: [{{role}}, name]}
|
||||
EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
|
||||
EXTERNALHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [{{role}}, name]}
|
||||
- external
|
||||
INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
|
||||
INTERNAL_APIHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [{{role}}, name]}
|
||||
- internalapi
|
||||
STORAGEIP: {get_attr: [StoragePort, ip_address]}
|
||||
STORAGEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [{{role}}, name]}
|
||||
- storage
|
||||
STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
|
||||
STORAGE_MGMTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [{{role}}, name]}
|
||||
- storagemgmt
|
||||
TENANTIP: {get_attr: [TenantPort, ip_address]}
|
||||
TENANTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [{{role}}, name]}
|
||||
- tenant
|
||||
MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
|
||||
MANAGEMENTHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [{{role}}, name]}
|
||||
- management
|
||||
CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
|
||||
CTLPLANEHOST:
|
||||
list_join:
|
||||
- '.'
|
||||
- - {get_attr: [{{role}}, name]}
|
||||
- ctlplane
|
||||
HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
|
||||
nova_server_resource:
|
||||
description: Heat resource handle for {{role}} server
|
||||
value:
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
features:
|
||||
- SSH host key exchange. The ssh host keys are collected from each host,
|
||||
combined, and written to /etc/ssh/ssh_known_hosts.
|
Loading…
Reference in New Issue