Merge "Use the dynamically generated ssh key in Ubuntu based bootstrap image"
This commit is contained in:
commit
c0e6a17f01
|
@ -15,7 +15,6 @@ global_conf="/etc/fuel-bootstrap-image.conf"
|
|||
[ -z "$KERNEL_FLAVOR" ] && KERNEL_FLAVOR="-generic-lts-trusty"
|
||||
[ -z "$ARCH" ] && ARCH="amd64"
|
||||
[ -z "$DESTDIR" ] && DESTDIR="/var/www/nailgun/bootstrap/ubuntu"
|
||||
[ -z "$BOOTSTRAP_SSH_KEYS" ] && BOOTSTRAP_SSH_KEYS="$datadir/ubuntu/files/root/.ssh/authorized_keys"
|
||||
|
||||
# Packages required for the master node to discover a bootstrap node
|
||||
BOOTSTRAP_FUEL_PKGS_DFLT="openssh-client openssh-server ntp mcollective nailgun-agent nailgun-mcagents nailgun-net-check fuel-agent"
|
||||
|
@ -343,7 +342,14 @@ build_image ()
|
|||
install_packages "$root" $BOOTSTRAP_PKGS $BOOTSTRAP_FUEL_PKGS
|
||||
recompress_initramfs "$root"
|
||||
copy_conf_files "$root"
|
||||
install_ssh_keys "$root" $BOOTSTRAP_SSH_KEYS
|
||||
if [ -n "$BOOTSTRAP_SSH_KEYS" ]; then
|
||||
install_ssh_keys "$root" $BOOTSTRAP_SSH_KEYS
|
||||
else
|
||||
cat >&2 <<-EOF
|
||||
$MYSELF: Warning: no ssh keys specified
|
||||
$MYSELF: bootstrap nodes won't be available via ssh
|
||||
EOF
|
||||
fi
|
||||
restore_resolv_conf "$root"
|
||||
cleanup_chroot "$root"
|
||||
mk_squashfs_image "$root"
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDtrVTSM8tGd4E8khJn2gfN/2fymnX/0YKAGSVZTWDNIcYL5zXTlSwrccn/8EgmnNsJNxucJRT+oWqrDGaFaehuwlY/IBqm50KJVaUr5QYzOUpqVpFIpoX3UwETCxcSB1LiQYbCvrJcqOPQ4Zu9fMhMGKaAX1ohzOumn4czuLDYIvCnPnoU5RDWt7g1GaFFlzGU3JFooj7/aWFJMqJLinvay3vr2vFpBvO1y29nKu+zgpZkzzJCc0ndoVqvB+W9DY6QtgTSWfd3ZE/8vg4h8QV8H+xxqL/uWCxDkv2Y3rviAHivR/V+1YCSQH0NBJrNSkRjd+1roLhcEGT7/YEnbgVV nailgun@bootstrap
|
|
@ -57,18 +57,43 @@ fi
|
|||
. /etc/sysconfig/network
|
||||
hostname "$HOSTNAME"
|
||||
|
||||
# Need to build bootstrap image early enough so cobbler can create
|
||||
# the `bootstrap' profile
|
||||
bootstrap_img_failed='yes'
|
||||
bootstrap_img_max_attempts=3
|
||||
# XXX: ssh keys which should be included into the bootstrap image are
|
||||
# generated during containers deployment. However cobbler checkfs for
|
||||
# a kernel and initramfs when creating a profile, which poses chicken
|
||||
# and egg problem. Fortunately cobbler is pretty happy with empty files
|
||||
# so it's easy to break the loop.
|
||||
make_ubuntu_bootstrap_stub () {
|
||||
local bootstrap_dir='/var/www/nailgun/bootstrap/ubuntu'
|
||||
mkdir -p $bootstrap_dir
|
||||
for item in linux initramfs.img; do
|
||||
touch "$bootstrap_dir/$item"
|
||||
done
|
||||
}
|
||||
|
||||
for n in `seq 1 $bootstrap_img_max_attempts`; do
|
||||
echo "Bulding bootstrap image, attempt $n" >&2
|
||||
if fuel-bootstrap-image 2>>/var/log/fuel-bootstrap-image-build.log; then
|
||||
bootstrap_img_failed=''
|
||||
break
|
||||
# Actually build the bootstrap image
|
||||
build_ubuntu_bootstrap () {
|
||||
local ret=1
|
||||
local max_attempts=3
|
||||
local config='/etc/fuel-bootstrap-image.conf'
|
||||
local log='/var/log/fuel-bootstrap-image-build.log'
|
||||
if ! grep -qE '^BOOTSTRAP_SSH_KEYS' "$config"; then
|
||||
# FIXME: config file generated by fuelmenu has no trailing newline
|
||||
echo >> "$config"
|
||||
cat >> "$config" <<-EOF
|
||||
BOOTSTRAP_SSH_KEYS=/root/.ssh/id_rsa.pub
|
||||
EOF
|
||||
fi
|
||||
done
|
||||
for n in `seq 1 $max_attempts`; do
|
||||
echo "Bulding bootstrap image, attempt $n" >&2
|
||||
if fuel-bootstrap-image >>"$log" 2>&1; then
|
||||
ret=0
|
||||
break
|
||||
fi
|
||||
done
|
||||
return $ret
|
||||
}
|
||||
|
||||
make_ubuntu_bootstrap_stub
|
||||
|
||||
service docker start
|
||||
|
||||
|
@ -115,11 +140,23 @@ puppet apply --detailed-exitcodes -d -v /etc/puppet/modules/nailgun/examples/hos
|
|||
if [ $? -ge 4 ];then
|
||||
fail
|
||||
fi
|
||||
|
||||
rmdir /var/log/remote && ln -s /var/log/docker-logs/remote /var/log/remote
|
||||
|
||||
dockerctl check || fail
|
||||
bash /etc/rc.local
|
||||
|
||||
bootstrap_img_failed=''
|
||||
if build_ubuntu_bootstrap; then
|
||||
dockerctl shell cobbler cobbler sync
|
||||
# XXX: sometimes dnsmasq fails to restart after cobbler sync
|
||||
if ! dockerctl shell cobbler service dnsmasq status 2>/dev/null; then
|
||||
dockerctl shell cobbler service dnsmasq restart
|
||||
fi
|
||||
else
|
||||
bootstrap_img_failed='yes'
|
||||
fi
|
||||
|
||||
# Enable updates repository
|
||||
cat > /etc/yum.repos.d/mos${FUEL_RELEASE}-updates.repo << EOF
|
||||
[mos${FUEL_RELEASE}-updates]
|
||||
|
|
Loading…
Reference in New Issue