This patch uses the previously added CLI options to allow the key parameters to be specified at initialization time and saved in the configuration.
Signed-off-by: Hrvoje Ribicic <[email protected]> --- lib/bootstrap.py | 23 +++++++++++++---------- lib/client/gnt_cluster.py | 12 ++++++++++++ lib/ht.py | 1 + lib/objects.py | 8 ++++++++ src/Ganeti/Constants.hs | 8 ++++++++ src/Ganeti/Objects.hs | 2 ++ test/hs/Test/Ganeti/Objects.hs | 7 +++++++ 7 files changed, 51 insertions(+), 10 deletions(-) diff --git a/lib/bootstrap.py b/lib/bootstrap.py index d649b8e..69f75dd 100644 --- a/lib/bootstrap.py +++ b/lib/bootstrap.py @@ -485,16 +485,17 @@ def _InitCheckDrbdHelper(drbd_helper, drbd_enabled): def InitCluster(cluster_name, mac_prefix, # pylint: disable=R0913, R0914 master_netmask, master_netdev, file_storage_dir, shared_file_storage_dir, gluster_storage_dir, - candidate_pool_size, secondary_ip=None, - vg_name=None, beparams=None, nicparams=None, ndparams=None, - hvparams=None, diskparams=None, enabled_hypervisors=None, - modify_etc_hosts=True, modify_ssh_setup=True, - maintain_node_health=False, drbd_helper=None, uid_pool=None, - default_iallocator=None, default_iallocator_params=None, - primary_ip_version=None, ipolicy=None, - prealloc_wipe_disks=False, use_external_mip_script=False, - hv_state=None, disk_state=None, enabled_disk_templates=None, - install_image=None, zeroing_image=None, compression_tools=None, + candidate_pool_size, ssh_key_type, ssh_key_bits, + secondary_ip=None, vg_name=None, beparams=None, nicparams=None, + ndparams=None, hvparams=None, diskparams=None, + enabled_hypervisors=None, modify_etc_hosts=True, + modify_ssh_setup=True, maintain_node_health=False, + drbd_helper=None, uid_pool=None, default_iallocator=None, + default_iallocator_params=None, primary_ip_version=None, + ipolicy=None, prealloc_wipe_disks=False, + use_external_mip_script=False, hv_state=None, disk_state=None, + enabled_disk_templates=None, install_image=None, + zeroing_image=None, compression_tools=None, enabled_user_shutdown=False): """Initialise the cluster. @@ -797,6 +798,8 @@ def InitCluster(cluster_name, mac_prefix, # pylint: disable=R0913, R0914 zeroing_image=zeroing_image, compression_tools=compression_tools, enabled_user_shutdown=enabled_user_shutdown, + ssh_key_type=ssh_key_type, + ssh_key_bits=ssh_key_bits, ) master_node_config = objects.Node(name=hostname.name, primary_ip=hostname.ip, diff --git a/lib/client/gnt_cluster.py b/lib/client/gnt_cluster.py index dd31092..717da44 100644 --- a/lib/client/gnt_cluster.py +++ b/lib/client/gnt_cluster.py @@ -299,6 +299,16 @@ def InitCluster(opts, args): else: enabled_user_shutdown = False + if opts.ssh_key_type: + ssh_key_type = opts.ssh_key_type + else: + ssh_key_type = constants.SSH_DEFAULT_KEY_TYPE + + if opts.ssh_key_bits: + ssh_key_bits = opts.ssh_key_bits + else: + ssh_key_bits = constants.SSH_DEFAULT_KEY_BITS + bootstrap.InitCluster(cluster_name=args[0], secondary_ip=opts.secondary_ip, vg_name=vg_name, @@ -333,6 +343,8 @@ def InitCluster(opts, args): zeroing_image=zeroing_image, compression_tools=compression_tools, enabled_user_shutdown=enabled_user_shutdown, + ssh_key_type=ssh_key_type, + ssh_key_bits=ssh_key_bits, ) op = opcodes.OpClusterPostInit() SubmitOpCode(op, opts=opts) diff --git a/lib/ht.py b/lib/ht.py index 1fd5660..edadc3b 100644 --- a/lib/ht.py +++ b/lib/ht.py @@ -651,6 +651,7 @@ def TStorageType(val): TTagKind = TElemOf(constants.VALID_TAG_TYPES) TDdmSimple = TElemOf(constants.DDMS_VALUES) TVerifyOptionalChecks = TElemOf(constants.VERIFY_OPTIONAL_CHECKS) +TSshKeyType = TElemOf(constants.SSHK_ALL) @WithDesc("IPv4 network") diff --git a/lib/objects.py b/lib/objects.py index 8b5a926..4ea958a 100644 --- a/lib/objects.py +++ b/lib/objects.py @@ -1653,6 +1653,8 @@ class Cluster(TaggableObject): "compression_tools", "enabled_user_shutdown", "data_collectors", + "ssh_key_type", + "ssh_key_bits", ] + _TIMESTAMPS + _UUID def UpgradeConfig(self): @@ -1808,6 +1810,12 @@ class Cluster(TaggableObject): if self.enabled_user_shutdown is None: self.enabled_user_shutdown = False + if self.ssh_key_type is None: + self.ssh_key_type = constants.SSH_DEFAULT_KEY_TYPE + + if self.ssh_key_bits is None: + self.ssh_key_bits = constants.SSH_DEFAULT_KEY_BITS + @property def primary_hypervisor(self): """The first hypervisor is the primary. diff --git a/src/Ganeti/Constants.hs b/src/Ganeti/Constants.hs index eedd493..1a6ceca 100644 --- a/src/Ganeti/Constants.hs +++ b/src/Ganeti/Constants.hs @@ -4702,6 +4702,14 @@ sshakRsa = "ssh-rsa" sshakAll :: FrozenSet String sshakAll = ConstantUtils.mkSet [sshakDss, sshakRsa] +-- * SSH key default values + +sshDefaultKeyType :: String +sshDefaultKeyType = sshkRsa + +sshDefaultKeyBits :: Int +sshDefaultKeyBits = 2048 + -- * SSH setup sshsClusterName :: String diff --git a/src/Ganeti/Objects.hs b/src/Ganeti/Objects.hs index 2bf734f..28bbe57 100644 --- a/src/Ganeti/Objects.hs +++ b/src/Ganeti/Objects.hs @@ -670,6 +670,8 @@ $(buildObject "Cluster" "cluster" $ , simpleField "compression_tools" [t| [String] |] , simpleField "enabled_user_shutdown" [t| Bool |] , simpleField "data_collectors" [t| Container DataCollectorConfig |] + , simpleField "ssh_key_type" [t| SshKeyType |] + , simpleField "ssh_key_bits" [t| Int |] ] ++ timeStampFields ++ uuidFields diff --git a/test/hs/Test/Ganeti/Objects.hs b/test/hs/Test/Ganeti/Objects.hs index 319e7ee..aec06d8 100644 --- a/test/hs/Test/Ganeti/Objects.hs +++ b/test/hs/Test/Ganeti/Objects.hs @@ -375,6 +375,13 @@ instance Arbitrary FilterRule where <*> arbitrary <*> genUUID +instance Arbitrary SshKeyType where + arbitrary = oneof + [ pure RSA + , pure DSA + , pure ECDSA + ] + -- | Generates a network instance with minimum netmasks of /24. Generating -- bigger networks slows down the tests, because long bit strings are generated -- for the reservations. -- 2.6.0.rc2.230.g3dd15c0
