This commit restores the ssh configurations and keys in /etc/ssh from
the backup tarball. After this commit, host keys from the backed-up
host will be restored to the newly installed host, so the other hosts
can ssh to the new host as a known host with the existing keys stored
in there ~/.ssh/known_hosts.
Test for backup/restore:
1. Build a fresh ISO with these two commits.
2. Install a DC system with two system controllers and one aiosx
subcloud controller.
3. SSH this subcloud as sysadmin and su with its oam address, mgmt
address and subcloud name to add its key to ~/.ssh/known_hosts. Repeat
this step(except the subcloud name) from an external host for the same
purpose.
4. Backup the subcloud data and reinstall the subcloud afterwards.
5. Restore the subcloud successfully, and unlock the subcloud
afterwards.
6. After the restore, ssh to the subcloud with its oam address, mgmt
address and subcloud name will be accepted from the system controllers
or the external host.
Test for upgrade orchestration:
1. Install a N load in DC system
2. Ssh to a subcloud with its name from a central cloud as the
sysadmin user.
3. Build a N+1 ISO with these two commits
4. Upgrade the system controllers as well as the subcloud
5. After the upgrading the subcloud, the sysadmin and still ssh to the
subcloud with its name without deleting the previous host key in
/home/sysadmin/.ssh/known_hosts
Reviewed: https:/ /review. opendev. org/c/starlingx /ansible- playbooks/ +/798918 /opendev. org/starlingx/ ansible- playbooks/ commit/ cfe9421fc4001e9 a8c54d5e47ce2cd 97d3e4f428
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit cfe9421fc4001e9 a8c54d5e47ce2cd 97d3e4f428
Author: Yuxing Jiang <email address hidden>
Date: Wed Jun 30 09:58:24 2021 -0500
Restore ssh data from the backup data
This commit restores the ssh configurations and keys in /etc/ssh from
the backup tarball. After this commit, host keys from the backed-up
host will be restored to the newly installed host, so the other hosts
can ssh to the new host as a known host with the existing keys stored
in there ~/.ssh/known_hosts.
This commit is based on: /review. opendev. org/c/starlingx /ansible- playbooks/ +/798909.
https:/
With that commit, the ansible ssh connection will not be rejected due
to the remote host key change.
Test steps:
Test for backup/restore:
1. Build a fresh ISO with these two commits.
2. Install a DC system with two system controllers and one aiosx
subcloud controller.
3. SSH this subcloud as sysadmin and su with its oam address, mgmt
address and subcloud name to add its key to ~/.ssh/known_hosts. Repeat
this step(except the subcloud name) from an external host for the same
purpose.
4. Backup the subcloud data and reinstall the subcloud afterwards.
5. Restore the subcloud successfully, and unlock the subcloud
afterwards.
6. After the restore, ssh to the subcloud with its oam address, mgmt
address and subcloud name will be accepted from the system controllers
or the external host.
Test for upgrade orchestration: sysadmin/ .ssh/known_ hosts
1. Install a N load in DC system
2. Ssh to a subcloud with its name from a central cloud as the
sysadmin user.
3. Build a N+1 ISO with these two commits
4. Upgrade the system controllers as well as the subcloud
5. After the upgrading the subcloud, the sysadmin and still ssh to the
subcloud with its name without deleting the previous host key in
/home/
Depends-On: opendev. org/c/starlingx /ansible- playbooks/ +/798909 e0903bc8784a084 1ac5cca8a30
https: //review.
Closes-Bug: 1934154
Signed-off-by: Yuxing Jiang <email address hidden>
Change-Id: I3dd2820645fada