Modifies osbash files to use osbash ssh keys

This patch makes use of the osbash public and private keys to ssh to VM
rather than the vagrant keys.

This also removes the vagrant keys directory from the repository.

Change-Id: I939274f188a02469c7e2cf9f9502510ea00d514e

labs/config/credentials

@@ -2,10 +2,9 @@
 # by OpenStack applications and related software running in the VMs.
 
 # Note that the VM shell user and its password are not set here. By default,
-# those are hard-coded in the preseed/kickstart files or in the Vagrant base
-# box. The scripts get the shell user name from deploy.{osbash,vagrant} and
-# don't need a password (they use password-less sudo and -- if configured --
-# ssh keys).
+# those are hard-coded in the preseed/kickstart files. The scripts get the
+# shell user name from deploy.{osbash} and don't need a password
+# (they use password-less sudo and -- if configured -- ssh keys).
 
 # Used for MySQL or whatever other DBMS is configured
 : ${DATABASE_PASSWORD:=secrete}

labs/config/scripts.ubuntu_base

@@ -2,4 +2,4 @@
 cmd queue ubuntu/apt_init.sh
 cmd queue ubuntu/apt_upgrade.sh
 cmd queue ubuntu/apt_pre-download.sh
-cmd queue osbash/enable_vagrant_ssh_keys.sh
+cmd queue osbash/enable_osbash_ssh_keys.sh

labs/config/scripts.ubuntu_cluster

@@ -3,7 +3,7 @@
 cmd init_node -n controller
 
 cmd queue etc_hosts.sh
-cmd queue osbash/enable_vagrant_ssh_keys.sh
+cmd queue osbash/enable_osbash_ssh_keys.sh
 cmd snapshot_cycle -n controller controller_node_init
 
 cmd queue ubuntu/apt_install_mysql.sh
@@ -41,7 +41,7 @@ cmd boot -n controller
 cmd init_node -n compute
 
 cmd queue etc_hosts.sh
-cmd queue osbash/enable_vagrant_ssh_keys.sh
+cmd queue osbash/enable_osbash_ssh_keys.sh
 cmd snapshot_cycle -n compute compute_node_init
 
 cmd queue ubuntu/setup_nova_compute.sh
@@ -63,7 +63,7 @@ cmd boot -n controller
 cmd init_node -n network
 
 cmd queue etc_hosts.sh
-cmd queue osbash/enable_vagrant_ssh_keys.sh
+cmd queue osbash/enable_osbash_ssh_keys.sh
 cmd snapshot_cycle -n network network_node_init
 
 cmd queue ubuntu/setup_neutron_network.sh

labs/lib/README.rst

@@ -3,8 +3,7 @@ This directory contains bash libraries used by scripts.
 Configuration files for kickstart (Fedora) and preseed (Ubuntu) are in
 osbash/netboot.
 
-The vagrant-ssh-keys from the Vagrant project can be automatically installed
-into osbash VMs to make them accessible like Vagrant VMs without having
-to install yet another set of ssh keys.
+The osbash-ssh-keys can be automatically installed into osbash
+VMs to make them accessible.
 
 The templates used to build Windows batch files are in the wbatch subdirectory.

labs/lib/functions.guest

@@ -377,7 +377,7 @@ function no_chk_ssh {
 
 # ssh from one node VM to another node in the cluster
 function node_ssh {
-    no_chk_ssh -i "$HOME/.ssh/vagrant" "$@"
+    no_chk_ssh -i "$HOME/.ssh/osbash_key" "$@"
 }
 
 #-------------------------------------------------------------------------------

labs/lib/osbash/functions.host

@@ -52,20 +52,15 @@ function get_distro_name {
 # ssh
 #-------------------------------------------------------------------------------
 
-# Download Vagrant insecure private key if necessary
-function check_vagrant_private_key {
-    local key_name="vagrant"
-    local key_url=https://raw.githubusercontent.com/mitchellh/vagrant/master/keys/$key_name
-    local vagrant_key_dir=$LIB_DIR/vagrant-ssh-keys
-    local vagrant_key_path=$vagrant_key_dir/$key_name
+# Check permission for osbash insecure private key
+function check_osbash_private_key {
+    local key_name="osbash_key"
+    local osbash_key_dir=$LIB_DIR/osbash-ssh-keys
+    local osbash_key_path=$osbash_key_dir/$key_name
 
-    if [ ! -f "$vagrant_key_path" ]; then
-        download "$key_url" "$vagrant_key_dir" $key_name
-    fi
-
-    if ! ls -l "$vagrant_key_path"|grep -q "^-r--------"; then
-        echo "Adjusting permissions for $vagrant_key_path"
-        chmod 400 "$vagrant_key_path"
+    if ! ls -l "$osbash_key_path"|grep -q "^-r--------"; then
+        echo "Adjusting permissions for $osbash_key_path"
+        chmod 400 "$osbash_key_path"
     fi
 }
 
@@ -79,7 +74,7 @@ function vm_scp_to_vm {
     local ssh_port=$1
     shift
 
-    check_vagrant_private_key
+    check_osbash_private_key
 
     while (($#)); do
         local src_path=$1
@@ -88,7 +83,7 @@ function vm_scp_to_vm {
         local target_dir=$(dirname "$target_path")
         vm_ssh "$ssh_port" "mkdir -p $target_dir"
         scp -q -r \
-            -i "$LIB_DIR/vagrant-ssh-keys/vagrant" \
+            -i "$LIB_DIR/osbash-ssh-keys/osbash_key" \
             -o "UserKnownHostsFile /dev/null" \
             -o "StrictHostKeyChecking no" \
             -P "$ssh_port" \
@@ -101,13 +96,13 @@ function vm_ssh {
     local ssh_port=$1
     shift
 
-    check_vagrant_private_key
+    check_osbash_private_key
 
     # Some operating systems (e.g., Mac OS X) export locale settings to the
     # target that cause some Python clients to fail. Override with a standard
     # setting (LC_ALL=C).
     LC_ALL=C ssh -q \
-        -i "$LIB_DIR/vagrant-ssh-keys/vagrant" \
+        -i "$LIB_DIR/osbash-ssh-keys/osbash_key" \
         -o "UserKnownHostsFile /dev/null" \
         -o "StrictHostKeyChecking no" \
         -p "$ssh_port" \

labs/lib/vagrant-ssh-keys/README.rst

@@ -1,4 +0,0 @@
-This directory may contain cached copies of the insecure Vagrant keys from
-https://github.com/mitchellh/vagrant/tree/master/keys.
-
-They allow ssh access to Vagrant VMs or (if enabled) osbash VMs.

labs/scripts/README.rst

@@ -3,6 +3,5 @@ All scripts in this directory run within the VMs.
 They install and configure OpenStack components and any other required
 software (such as databases).
 
-Before these generic scripts run, scripts from the osbash (or vagrant,
-depending on the installation method) subdirectory set up the VM and
-configure basic networking.
+Before these generic scripts run, scripts from the osbash subdirectory
+set up the VM and configure basic networking.

labs/scripts/osbash/enable_osbash_ssh_keys.sh

@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+set -o errexit -o nounset
+
+# This script installs the insecure osbash ssh keys. This allows users to
+# log into the VMs using these keys instead of a password.
+
+TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
+source "$TOP_DIR/config/paths"
+source "$LIB_DIR/functions.guest"
+
+indicate_current_auto
+
+exec_logfile
+
+mkdir -p "$HOME/.ssh"
+chmod 700 "$HOME/.ssh"
+
+# Install the requested osbash insecure key to $HOME/.ssh.
+function get_osbash_key {
+    local key_name=$1
+    local osbash_key_dir=$LIB_DIR/osbash-ssh-keys
+
+    if [ -f "$HOME/.ssh/$key_name" ]; then
+        echo "osbash insecure key already installed: $HOME/.ssh/$key_name."
+    else
+        echo "Installing osbash insecure key $key_name."
+        cp -v "$osbash_key_dir/$key_name" "$HOME/.ssh"
+    fi
+}
+
+# Authorize named key for ssh logins into this VM.
+function authorize_osbash_key {
+    local pub_key_path=$1
+    local auth_key_path=$HOME/.ssh/authorized_keys
+    if grep -qs "osbash insecure public key" "$auth_key_path"; then
+        echo "Already authorized."
+    else
+        cat "$pub_key_path" >> "$auth_key_path"
+    fi
+}
+
+echo "Installing osbash insecure private key (connections to other VMs)."
+get_osbash_key "osbash_key"
+chmod 400 "$HOME/.ssh/osbash_key"
+
+get_osbash_key "osbash_key.pub"
+chmod 444 "$HOME/.ssh/osbash_key.pub"
+
+echo "Authorizing osbash public key (connections from host and other VMs)."
+authorize_osbash_key "$HOME/.ssh/osbash_key.pub"

labs/scripts/osbash/enable_vagrant_ssh_keys.sh

@@ -1,60 +0,0 @@
-#!/usr/bin/env bash
-set -o errexit -o nounset
-
-# This script installs the insecure Vagrant ssh keys. This allows users to
-# log into the VMs using these keys instead of a password.
-
-TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
-source "$TOP_DIR/config/paths"
-source "$LIB_DIR/functions.guest"
-
-indicate_current_auto
-
-exec_logfile
-
-mkdir -p "$HOME/.ssh"
-chmod 700 "$HOME/.ssh"
-
-# Install the requested Vagrant insecure key to $HOME/.ssh. Keep a copy in
-# $LIB_DIR/vagrant-ssh-keys (cache if the directory is shared with the host).
-function get_vagrant_key {
-    local key_name=$1
-    local key_url=https://raw.githubusercontent.com/mitchellh/vagrant/master/keys/$key_name
-    local vagrant_key_dir=$LIB_DIR/vagrant-ssh-keys
-
-    if [ -f "$HOME/.ssh/$key_name" ]; then
-        echo "Vagrant insecure key already installed: $HOME/.ssh/$key_name."
-    else
-        if [ ! -f "$vagrant_key_dir/$key_name" ]; then
-            echo "Downloading Vagrant insecure key $key_name."
-            wget --output-document "$vagrant_key_dir/$key_name" "$key_url"
-            if [ $? -ne 0 ]; then
-                echo >&2 "Error when downloading $key_url"
-                return 1
-            fi
-        fi
-        echo "Installing Vagrant insecure key $key_name."
-        cp -v "$vagrant_key_dir/$key_name" "$HOME/.ssh"
-    fi
-}
-
-# Authorize named key for ssh logins into this VM.
-function authorize_vagrant_key {
-    local pub_key_path=$1
-    local auth_key_path=$HOME/.ssh/authorized_keys
-    if grep -qs "vagrant insecure public key" "$auth_key_path"; then
-        echo "Already authorized."
-    else
-        cat "$pub_key_path" >> "$auth_key_path"
-    fi
-}
-
-echo "Installing Vagrant insecure private key (connections to other VMs)."
-get_vagrant_key "vagrant"
-chmod 400 "$HOME/.ssh/vagrant"
-
-get_vagrant_key "vagrant.pub"
-chmod 444 "$HOME/.ssh/vagrant.pub"
-
-echo "Authorizing Vagrant public key (connections from host and other VMs)."
-authorize_vagrant_key "$HOME/.ssh/vagrant.pub"

labs/scripts/shutdown_controller.sh

@@ -27,6 +27,6 @@ echo "Shutting down the controller node."
 ssh \
     -o "UserKnownHostsFile /dev/null" \
     -o "StrictHostKeyChecking no" \
-    -i "$HOME/.ssh/vagrant" \
+    -i "$HOME/.ssh/osbash_key" \
     controller-mgmt \
     sudo /sbin/shutdown -P now