Merge "Modifies osbash files to use osbash ssh keys"

labs/config/credentials

@@ -2,10 +2,9 @@
 # by OpenStack applications and related software running in the VMs.
 
 # Note that the VM shell user and its password are not set here. By default,
-# those are hard-coded in the preseed/kickstart files or in the Vagrant base
-# box. The scripts get the shell user name from deploy.{osbash,vagrant} and
-# don't need a password (they use password-less sudo and -- if configured --
-# ssh keys).
+# those are hard-coded in the preseed/kickstart files. The scripts get the
+# shell user name from deploy.{osbash} and don't need a password
+# (they use password-less sudo and -- if configured -- ssh keys).
 
 # Used for MySQL or whatever other DBMS is configured
 : ${DATABASE_PASSWORD:=secrete}

labs/config/scripts.ubuntu_base

@@ -2,4 +2,4 @@
 cmd queue ubuntu/apt_init.sh
 cmd queue ubuntu/apt_upgrade.sh
 cmd queue ubuntu/apt_pre-download.sh
-cmd queue osbash/enable_vagrant_ssh_keys.sh
+cmd queue osbash/enable_osbash_ssh_keys.sh

labs/config/scripts.ubuntu_cluster

@@ -3,7 +3,7 @@
 cmd init_node -n controller
 
 cmd queue etc_hosts.sh
-cmd queue osbash/enable_vagrant_ssh_keys.sh
+cmd queue osbash/enable_osbash_ssh_keys.sh
 cmd snapshot_cycle -n controller controller_node_init
 
 cmd queue ubuntu/apt_install_mysql.sh
@@ -41,7 +41,7 @@ cmd boot -n controller
 cmd init_node -n compute
 
 cmd queue etc_hosts.sh
-cmd queue osbash/enable_vagrant_ssh_keys.sh
+cmd queue osbash/enable_osbash_ssh_keys.sh
 cmd snapshot_cycle -n compute compute_node_init
 
 cmd queue ubuntu/setup_nova_compute.sh
@@ -63,7 +63,7 @@ cmd boot -n controller
 cmd init_node -n network
 
 cmd queue etc_hosts.sh
-cmd queue osbash/enable_vagrant_ssh_keys.sh
+cmd queue osbash/enable_osbash_ssh_keys.sh
 cmd snapshot_cycle -n network network_node_init
 
 cmd queue ubuntu/setup_neutron_network.sh

labs/lib/README.rst

@@ -3,8 +3,7 @@ This directory contains bash libraries used by scripts.
 Configuration files for kickstart (Fedora) and preseed (Ubuntu) are in
 osbash/netboot.
 
-The vagrant-ssh-keys from the Vagrant project can be automatically installed
-into osbash VMs to make them accessible like Vagrant VMs without having
-to install yet another set of ssh keys.
+The osbash-ssh-keys can be automatically installed into osbash
+VMs to make them accessible.
 
 The templates used to build Windows batch files are in the wbatch subdirectory.

labs/lib/functions.guest

@@ -377,7 +377,7 @@ function no_chk_ssh {
 
 # ssh from one node VM to another node in the cluster
 function node_ssh {
-    no_chk_ssh -i "$HOME/.ssh/vagrant" "$@"
+    no_chk_ssh -i "$HOME/.ssh/osbash_key" "$@"
 }
 
 #-------------------------------------------------------------------------------

labs/lib/osbash/functions.host

@@ -52,20 +52,15 @@ function get_distro_name {
 # ssh
 #-------------------------------------------------------------------------------
 
-# Download Vagrant insecure private key if necessary
-function check_vagrant_private_key {
-    local key_name="vagrant"
-    local key_url=https://raw.githubusercontent.com/mitchellh/vagrant/master/keys/$key_name
-    local vagrant_key_dir=$LIB_DIR/vagrant-ssh-keys
-    local vagrant_key_path=$vagrant_key_dir/$key_name
+# Check permission for osbash insecure private key
+function check_osbash_private_key {
+    local key_name="osbash_key"
+    local osbash_key_dir=$LIB_DIR/osbash-ssh-keys
+    local osbash_key_path=$osbash_key_dir/$key_name
 
-    if [ ! -f "$vagrant_key_path" ]; then
-        download "$key_url" "$vagrant_key_dir" $key_name
-    fi
-
-    if ! ls -l "$vagrant_key_path"|grep -q "^-r--------"; then
-        echo "Adjusting permissions for $vagrant_key_path"
-        chmod 400 "$vagrant_key_path"
+    if ! ls -l "$osbash_key_path"|grep -q "^-r--------"; then
+        echo "Adjusting permissions for $osbash_key_path"
+        chmod 400 "$osbash_key_path"
     fi
 }
 
@@ -79,7 +74,7 @@ function vm_scp_to_vm {
     local ssh_port=$1
     shift
 
-    check_vagrant_private_key
+    check_osbash_private_key
 
     while (($#)); do
         local src_path=$1
@@ -88,7 +83,7 @@ function vm_scp_to_vm {
         local target_dir=$(dirname "$target_path")
         vm_ssh "$ssh_port" "mkdir -p $target_dir"
         scp -q -r \
-            -i "$LIB_DIR/vagrant-ssh-keys/vagrant" \
+            -i "$LIB_DIR/osbash-ssh-keys/osbash_key" \
             -o "UserKnownHostsFile /dev/null" \
             -o "StrictHostKeyChecking no" \
             -P "$ssh_port" \
@@ -101,13 +96,13 @@ function vm_ssh {
     local ssh_port=$1
     shift
 
-    check_vagrant_private_key
+    check_osbash_private_key
 
     # Some operating systems (e.g., Mac OS X) export locale settings to the
     # target that cause some Python clients to fail. Override with a standard
     # setting (LC_ALL=C).
     LC_ALL=C ssh -q \
-        -i "$LIB_DIR/vagrant-ssh-keys/vagrant" \
+        -i "$LIB_DIR/osbash-ssh-keys/osbash_key" \
         -o "UserKnownHostsFile /dev/null" \
         -o "StrictHostKeyChecking no" \
         -p "$ssh_port" \

labs/lib/vagrant-ssh-keys/README.rst

@@ -1,4 +0,0 @@
-This directory may contain cached copies of the insecure Vagrant keys from
-https://github.com/mitchellh/vagrant/tree/master/keys.
-
-They allow ssh access to Vagrant VMs or (if enabled) osbash VMs.

labs/scripts/README.rst

@@ -3,6 +3,5 @@ All scripts in this directory run within the VMs.
 They install and configure OpenStack components and any other required
 software (such as databases).
 
-Before these generic scripts run, scripts from the osbash (or vagrant,
-depending on the installation method) subdirectory set up the VM and
-configure basic networking.
+Before these generic scripts run, scripts from the osbash subdirectory
+set up the VM and configure basic networking.

labs/scripts/osbash/enable_osbash_ssh_keys.sh

@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+set -o errexit -o nounset
+
+# This script installs the insecure osbash ssh keys. This allows users to
+# log into the VMs using these keys instead of a password.
+
+TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
+source "$TOP_DIR/config/paths"
+source "$LIB_DIR/functions.guest"
+
+indicate_current_auto
+
+exec_logfile
+
+mkdir -p "$HOME/.ssh"
+chmod 700 "$HOME/.ssh"
+
+# Install the requested osbash insecure key to $HOME/.ssh.
+function get_osbash_key {
+    local key_name=$1
+    local osbash_key_dir=$LIB_DIR/osbash-ssh-keys
+
+    if [ -f "$HOME/.ssh/$key_name" ]; then
+        echo "osbash insecure key already installed: $HOME/.ssh/$key_name."
+    else
+        echo "Installing osbash insecure key $key_name."
+        cp -v "$osbash_key_dir/$key_name" "$HOME/.ssh"
+    fi
+}
+
+# Authorize named key for ssh logins into this VM.
+function authorize_osbash_key {
+    local pub_key_path=$1
+    local auth_key_path=$HOME/.ssh/authorized_keys
+    if grep -qs "osbash insecure public key" "$auth_key_path"; then
+        echo "Already authorized."
+    else
+        cat "$pub_key_path" >> "$auth_key_path"
+    fi
+}
+
+echo "Installing osbash insecure private key (connections to other VMs)."
+get_osbash_key "osbash_key"
+chmod 400 "$HOME/.ssh/osbash_key"
+
+get_osbash_key "osbash_key.pub"
+chmod 444 "$HOME/.ssh/osbash_key.pub"
+
+echo "Authorizing osbash public key (connections from host and other VMs)."
+authorize_osbash_key "$HOME/.ssh/osbash_key.pub"

labs/scripts/osbash/enable_vagrant_ssh_keys.sh

@@ -1,60 +0,0 @@
-#!/usr/bin/env bash
-set -o errexit -o nounset
-
-# This script installs the insecure Vagrant ssh keys. This allows users to
-# log into the VMs using these keys instead of a password.
-
-TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
-source "$TOP_DIR/config/paths"
-source "$LIB_DIR/functions.guest"
-
-indicate_current_auto
-
-exec_logfile
-
-mkdir -p "$HOME/.ssh"
-chmod 700 "$HOME/.ssh"
-
-# Install the requested Vagrant insecure key to $HOME/.ssh. Keep a copy in
-# $LIB_DIR/vagrant-ssh-keys (cache if the directory is shared with the host).
-function get_vagrant_key {
-    local key_name=$1
-    local key_url=https://raw.githubusercontent.com/mitchellh/vagrant/master/keys/$key_name
-    local vagrant_key_dir=$LIB_DIR/vagrant-ssh-keys
-
-    if [ -f "$HOME/.ssh/$key_name" ]; then
-        echo "Vagrant insecure key already installed: $HOME/.ssh/$key_name."
-    else
-        if [ ! -f "$vagrant_key_dir/$key_name" ]; then
-            echo "Downloading Vagrant insecure key $key_name."
-            wget --output-document "$vagrant_key_dir/$key_name" "$key_url"
-            if [ $? -ne 0 ]; then
-                echo >&2 "Error when downloading $key_url"
-                return 1
-            fi
-        fi
-        echo "Installing Vagrant insecure key $key_name."
-        cp -v "$vagrant_key_dir/$key_name" "$HOME/.ssh"
-    fi
-}
-
-# Authorize named key for ssh logins into this VM.
-function authorize_vagrant_key {
-    local pub_key_path=$1
-    local auth_key_path=$HOME/.ssh/authorized_keys
-    if grep -qs "vagrant insecure public key" "$auth_key_path"; then
-        echo "Already authorized."
-    else
-        cat "$pub_key_path" >> "$auth_key_path"
-    fi
-}
-
-echo "Installing Vagrant insecure private key (connections to other VMs)."
-get_vagrant_key "vagrant"
-chmod 400 "$HOME/.ssh/vagrant"
-
-get_vagrant_key "vagrant.pub"
-chmod 444 "$HOME/.ssh/vagrant.pub"
-
-echo "Authorizing Vagrant public key (connections from host and other VMs)."
-authorize_vagrant_key "$HOME/.ssh/vagrant.pub"

labs/scripts/shutdown_controller.sh

@@ -27,6 +27,6 @@ echo "Shutting down the controller node."
 ssh \
     -o "UserKnownHostsFile /dev/null" \
     -o "StrictHostKeyChecking no" \
-    -i "$HOME/.ssh/vagrant" \
+    -i "$HOME/.ssh/osbash_key" \
     controller-mgmt \
     sudo /sbin/shutdown -P now