You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@openwhisk.apache.org by GitBox <gi...@apache.org> on 2019/03/14 11:23:16 UTC

[GitHub] [incubator-openwhisk] neerajmangal edited a comment on issue #4335: How to configure the ssh access among different openwhisk nodes

neerajmangal edited a comment on issue #4335: How to configure the ssh access among different openwhisk nodes
URL: https://github.com/apache/incubator-openwhisk/issues/4335#issuecomment-472809496
 
 
   > Hmm, apache vm automatically reverts the content of /etc/ssh/ssh_keys/jenkins.pub. The change I made did not last. Have to figure out why.
   > 
   > I opened an issue for apache infra team to look at: https://issues.apache.org/jira/browse/INFRA-18003. I offered two ways to resolve this issue.
   > @neerajmangal @shichawl @rabbah @mrutkows
   
   I think you should have the pub file in /home/jenkins/.ssh, Infra team might be monitoring the directory /etc/ssh/ where you have placed the public keys. Also, I don't think you need three SSH keys to be generated on each machine as that will be difficult to maintain during deployment. 
   
   Assuming you have permission to create a user on all of the VMs. 
   
   - Create a user on all VMs and password -  owdeployer. For simplicity, you can have the same password for now, which can be disabled later to have only Key based access.  
   - Generate SSH keys - you can generate them anywhere. 
   - Copy SSH Key to all VMs, this will automatically save the keys to /home/owdeployer/.ssh with proper permissions. 
   
   ```bash 
   ssh-copy-id -i <path-to-public-key> owdeployer@<target-machine>
   ```  
   
   - Check if you able to access VMs with private key remotely. 
   - You can store Private Key in the Jenkins Credential and Credential Binding plugin and use it in job to deploy openwhisk components on all distributed VMs with user as owdeployer in ansible.cfg. 
   
    
   
   
   
   
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services