History | View | Annotate | Download (6.9 kB)
Factorize code for checking node daemon certificate
This code is going to be used by a new utility for setting up the nodedaemon. Unit tests are updated/added.
Additionally, the certificate and key stored in “server.pem” areverified, too.
Signed-off-by: Michael Hanselmann <hansmi@google.com>...
Factorize SSL context setup for certificate check
This code will also be used by the node daemon setup utility.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Helga Velroyen <helgav@google.com>
Move cluster verification out of prepare-node-join
A new tool for configuring the node daemon will also have to verify thecluster name, so it's better to have this function in a central place.In the process of moving it to ssconf it is also changed to use...
Factorize logging setup in tools
Most tools had their own “SetupLogging” function, but they were allessentially the same. This patch adds a generic version to “utils.log”and provides unit tests.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Guido Trotter <ultrotter@google.com>
Factorize code to load and verify JSON
A new tool to configure the node daemon will also have to load andverify JSON data.
prepare-node-join: Use ssh.GetAllUserFiles
Instead of building the dictionary locally, the global version in“ssh.py” can be used.
Signed-off-by: Michael Hanselmann <hansmi@google.com>Reviewed-by: Iustin Pop <iustin@google.com>
prepare_node_join: Move daemon SSH files to constants
This dictionary will also be useful in “gnt-node add”.
prepare-node-join: Swap private and public keys
Other places, such as “ssh.GetUserFiles”, use a structure where theprivate key comes before the private key. Until now prepare-node-joindid the opposite, that is the public key came first. To avoid confusion...
prepare-node-join: Use public key directly for auth…_keys
A public key already includes the necessary prefix (“ssh-rsa” or“ssh-dss”), so there is no need to add it again.
Drop SSHS_FORCE constant
It is not actually used.
tools.prepare_node_join: Fix pep8 errors
Pep8 didn't agree with the indentation.
Add initial implementation of prepare-node-join
This is a new tool as per the design document “design-ssh-setup”. Itreceives a JSON data structure on its standard input and configures theSSH daemon and root's SSH keys accordingly. Unit tests are included....