From fff0f422f647b689bb9a62b1eff2203354a9f885 Mon Sep 17 00:00:00 2001 From: Chris Behrens Date: Fri, 8 Mar 2013 10:47:39 -0800 Subject: Make ssh key injection work with xenapi agent If there's 'key_data' on an instance, and instance is not Windows, use file injection to inject /root/.ssh/authorized_keys. If a user specifies their own /root/.ssh/authorized_keys via 'injected files', that will take precedence. Fixes bug 1152713 Note: Images for Xen that use nova-agent will need to have /root/.ssh pre-created with modes 0700 on those directories. DocImpact Change-Id: I190c6b3f67099061b5316baa45b8bfcd1a5e53f6 --- nova/virt/xenapi/agent.py | 19 +++++++++++++++++++ nova/virt/xenapi/vmops.py | 3 +++ 2 files changed, 22 insertions(+) (limited to 'nova/virt') diff --git a/nova/virt/xenapi/agent.py b/nova/virt/xenapi/agent.py index 1fe6dff7e..a8074e8d0 100644 --- a/nova/virt/xenapi/agent.py +++ b/nova/virt/xenapi/agent.py @@ -224,6 +224,25 @@ class XenAPIBasedAgent(object): return resp['message'] + def inject_ssh_key(self): + sshkey = self.instance.get('key_data') + if not sshkey: + return + if self.instance['os_type'] == 'windows': + LOG.warning(_("Skipping setting of ssh key for Windows."), + instance=self.instance) + return + sshkey = str(sshkey) + keyfile = '/root/.ssh/authorized_keys' + key_data = ''.join([ + '\n', + '# The following ssh key was injected by Nova', + '\n', + sshkey.strip(), + '\n', + ]) + return self.inject_file(keyfile, key_data) + def inject_file(self, path, contents): LOG.debug(_('Injecting file path: %r'), path, instance=self.instance) diff --git a/nova/virt/xenapi/vmops.py b/nova/virt/xenapi/vmops.py index 56dd5bd3d..983faa673 100644 --- a/nova/virt/xenapi/vmops.py +++ b/nova/virt/xenapi/vmops.py @@ -635,6 +635,9 @@ class VMOps(object): # instance, but skip the admin password configuration no_agent = version is None + # Inject ssh key. + agent.inject_ssh_key() + # Inject files, if necessary if injected_files: # Inject any files, if specified -- cgit