vos release with localauth
Install a user and script to do remote vos release with
localauth authentication. This can avoid kerberos or AFS
timeouts.
This relies on vos_release_keypair which is expected to
be a single keypair from the mirror-update host. It will allow that
keypair to run /usr/local/bin/vos_release.sh, which filters
the incoming command. Releases are expected to be triggered on the
update host with:
ssh -i /root/.ssh/id_vos_release afs01.dfw.openstack.org vos release <mirror>.<volume>Future work, if required
- Allow multiple hosts to call the release script (i.e. handle multiple keys).
- Implement locking within
vos_release.shscript to prevent too many simulatenous releases.
Role Variables
The authorized key to allow to run the
/usr/local/bin/vos_release.shscript