Comment 14 for bug 1536198

Reviewed: https://review.openstack.org/275949
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=c3fc592bbf235985e17eca20b92ae0c1185aa7c8
Submitter: Jenkins
Branch: master

commit c3fc592bbf235985e17eca20b92ae0c1185aa7c8
Author: Dmitry Bilunov <email address hidden>
Date: Thu Feb 4 01:16:50 2016 +0300

    dockerctl: Update authorized_keys in bootstrap images during restore

    After backup-reinstall-restore Fuel uses bootstrap with wrong ssh keys.

    dockerctl backup procedure does not save the bootstrap's root
    filesystem, which holds the list of authorized keys that should be
    matching the private key located in /root/.ssh on the master.
    It would result in inaccessible nodes from a new master installation
    (which has bootstrap images regenerated with a new key, not matching
    the original one, restored from the backup).

    This patch updates authorized_keys inside squashfsed bootstrap images,
    so it will be retained during backup-reinstall-restore procedure, if
    user has not requested a full backup. Full backups already contain a
    full copy of /var/www/nailgun, so no changes are needed.

    User should carefully restore from non-full backups - only active
    bootstrap will have its ssh keys updated. To propagate ssh keys to
    already running nodes, you can use something like:
      mco rpc --agent execute_shell_command --action execute --arg cmd="echo '$(cat /root/.ssh/id_rsa.pub)' >> /root/.ssh/authorized_keys" -v

    Closes-Bug: #1536198
    DocImpact
    Change-Id: I06d8720b05096a2a7955f164d9404ecb28dc9a3a