Comments (7)
@dsboulder, Personally I'm a fan of how GCP transparently integrates the Google identity which accesses the web console and a SSH key associated with that identity via gcloud compute ssh
Seems that passing in a set of public keys at VM creation time would be unnecessary given the above functionality.
Or am I misunderstanding the use case?
from bosh-google-cpi-release.
@mrdavidlaing
bosh-init
needs an SSH keypair for it's tunnel when the director VM is being created. It's an ephemeral keypair, in that it's only used to bootstrap the VM, but we'd have to set it on the BOSH director. That's why OpsManager requires you to paste in the SSH private key when you setup BOSH.
I also think the CPI should provide as many of the options as make sense from the "Create VM" google console page. This is one set of options we haven't added yet, and I've got a good use for it when bootstrapping BOSH.
from bosh-google-cpi-release.
@dsboulder hold on doing this in the CPI. i think we can cover this generically through env
key (last param to create_vm).
from bosh-google-cpi-release.
@cppforlife Doesn't the CPI have to be modified in order to setup SSH keys when a VM is being created? Or does the bosh-agent install the keys out the VM metadata? If so, that works for bosh-init VMs and SSH tunnels as well?
from bosh-google-cpi-release.
@dsboulder the bosh-agent downloads keys from metadata/config-drive just as e.g. cloud-init would do. The CPI writes that data when creating a VM (since on most IaaS layers you can write that data only once, at VM boot)
from bosh-google-cpi-release.
@dsboulder im pretty sure we can make it all through the director/bosh-init/agent.
from bosh-google-cpi-release.
@evandbrown @cppforlife I agree with Dmitriy then, BOSH agent should install SSH keys in an IaaS agnostic way. Let's wait for that and not put the feature in any of the CPIs.
from bosh-google-cpi-release.
Related Issues (20)
- create-env: fails to find and delete VM HOT 1
- Redact logs
- deploy cloudfoundry fail:Error: 'tcp_emitter' is not running after update. HOT 1
- Be able to BOSH deploy something when a GCP zone is out of resources HOT 3
- Instance service delete issue HOT 3
- CPI Quota Error doesn't specify the resource HOT 2
- Support BOSH stemcells upload to a none default region HOT 2
- Flaky communication via CPI HOT 3
- Loss of network when using `migrated_from` HOT 4
- Failed to remove instance from target pool HOT 2
- Minimum CPU platform issue HOT 2
- Add support for Nested Virtualization HOT 3
- Creating vm: Machine Type 'n1-standard-1' does not exists HOT 2
- New bosh google cpi release HOT 3
- Bosh director self snapshots are not being triggered HOT 5
- [read: connection reset by peer] Network issue between bosh CPI and google API HOT 2
- Block project-wide SSH keys for bosh-deployed vms HOT 3
- Impossible to create labels with a number as value HOT 1
- add the ability to use spot instances in gcp
- Unable to run create-env from darwin HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bosh-google-cpi-release.