Sahara

Hadoop cluster security: user keys

Bug #1179815 reported by Sergey Lukjanov on 2013-05-14

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Sahara	Fix Released	Medium	Alexander Kuznetsov	Sahara 0.2a1

Bug Description

Savanna should provide an ability to specify user key (name of the key registered in OpenStack) that will be automatically provisioned to the vm (using cloud-init) and than user can access vm using this key.

Tags:

Sergey Lukjanov (slukjanov) on 2013-05-14

Changed in savanna:
assignee:	Dmitry Melnikov (dmitryme) → nobody
assignee:	nobody → Dmitry Mescheryakov (dmitrymex)
tags:	added: 0.1-backport

Revision history for this message

Nirmal Ranganathan (rnirmal) wrote on 2013-05-16:

This is good, but involves the user having to interact with the nova as well. Would be nice if another component provides these services.

Revision history for this message

Sergey Lukjanov (slukjanov) wrote on 2013-05-16:

Savanna is targeted to use OpenStack components and it's right way to use keypairs stored in nova.

In Horizon UI we'll design it like instance creation (keypairs dropdown and inlined "create keypair" button).
In Savanna API you need take auth token from Keystone, flavors and image ids from Glance, so it's not a problem to take keypair from Nova.

Revision history for this message

Matthew Farrellee (mattf) wrote on 2013-05-17:

Good idea.

Related - Savanna could crib its own keypair (install user's plus savanna's) to eliminate the need for a root password

Revision history for this message

Sergey Lukjanov (slukjanov) wrote on 2013-05-18:

Here is the separated issue for savanna's keypair - https://bugs.launchpad.net/savanna/+bug/1179821

Sergey Lukjanov (slukjanov) on 2013-05-24

Changed in savanna:
assignee:	Dmitry Mescheryakov (dmitrymex) → Alexander Kuznetsov (akuznetsov)

Sergey Lukjanov (slukjanov) on 2013-05-30

tags:

added: 0.2
removed: 0.1-backport

OpenStack Infra (hudson-openstack) on 2013-06-04

Changed in savanna:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-06-04: Fix merged to savanna (master)

Reviewed: https://review.openstack.org/31490
Committed: http://github.com/stackforge/savanna/commit/01c3e9943a2de691455783f6af663216fb6915f9
Submitter: Jenkins
Branch: master

commit 01c3e9943a2de691455783f6af663216fb6915f9
Author: Alexander Kuznetsov <email address hidden>
Date: Mon Jun 3 16:26:52 2013 +0400

Cluster security and node placement control

Adding user key to the cluster

Each cluster will have a it own private key for passwordless login

It is possible to schedule a data nodes on diffirent hosts

implements: blueprint node-placement-control and blueprint cluster-security

fixed: bug #1179815 and bug #1179821

Change-Id: I27183b9fcf1652b8f65a7018fe9cb880d5bed3b3

Changed in savanna:
status:	In Progress → Fix Committed

Sergey Lukjanov (slukjanov) on 2013-07-05

Changed in savanna:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Related blueprints

Cluster security improvements

Remote bug watches

Bug watches keep track of this bug in other bug trackers.