Add SSH key to user "debug" during disk-install phase

* Avoid adding SSH authorized key for user "core" during the disk
install, so that terraform apply cannot SSH until post-install
This commit is contained in:
Dalton Hubble 2017-10-14 20:35:41 -07:00
parent e765fb310d
commit 5c1ed37ff5
3 changed files with 7 additions and 5 deletions

View File

@ -32,6 +32,11 @@ storage:
systemctl reboot systemctl reboot
passwd: passwd:
users: users:
- name: core # Avoid using standard name "core" so terraform apply cannot SSH until post-install.
- name: debug
create:
groups:
- sudo
- docker
ssh_authorized_keys: ssh_authorized_keys:
- {{.ssh_authorized_key}} - {{.ssh_authorized_key}}

View File

@ -1,5 +1,5 @@
# Secure copy kubeconfig to all nodes to activate kubelet.service # Secure copy kubeconfig to all nodes to activate kubelet.service
resource "null_resource" "copy-kubeconfig" { resource "null_resource" "copy-secrets" {
count = "${length(var.worker_names)}" count = "${length(var.worker_names)}"
connection { connection {

View File

@ -243,9 +243,6 @@ module.bare-metal-mercury.null_resource.copy-secrets.1: Still creating... (10s e
Apply will then loop until it can successfully copy credentials to each machine and start the one-time Kubernetes bootstrap service. Proceed to the next step while this loops. Apply will then loop until it can successfully copy credentials to each machine and start the one-time Kubernetes bootstrap service. Proceed to the next step while this loops.
!!! note ""
You may see `terraform apply` fail to `copy-secrets` if it connects before the disk install has completed. Run terraform apply until it reconciles successfully.
### Power ### Power
Power on each machine with the boot device set to `pxe` for the next boot only. Power on each machine with the boot device set to `pxe` for the next boot only.