From eecbe76b6b2e73c5939bb0b9799c3b44f80ac5d7 Mon Sep 17 00:00:00 2001 From: Aleks Saul Date: Tue, 6 Jun 2017 10:05:08 -0400 Subject: [PATCH] vmware: add tectonic_ssh_private_key variable Follow up on https://github.com/coreos/tectonic-installer/pull/625 for VMware platform --- Documentation/variables/vmware.md | 1 + examples/terraform.tfvars.vmware | 3 +++ modules/vmware/node/nodes.tf | 5 +++-- platforms/vmware/remote.tf | 9 +++++---- platforms/vmware/variables.tf | 6 ++++++ 5 files changed, 18 insertions(+), 6 deletions(-) diff --git a/Documentation/variables/vmware.md b/Documentation/variables/vmware.md index 974021cfde..2cb5dcd81f 100644 --- a/Documentation/variables/vmware.md +++ b/Documentation/variables/vmware.md @@ -26,6 +26,7 @@ This document gives an overview of variables used in the VMware platform of the | tectonic_vmware_node_dns | DNS Server to be useddd by Virtual Machine(s) | string | - | | tectonic_vmware_server | vCenter Server IP/FQDN | string | - | | tectonic_vmware_ssh_authorized_key | SSH public key to use as an authorized key. Example: `"ssh-rsa AAAB3N..."` | string | - | +| tectonic_vmware_ssh_private_key_path | SSH private key file corresponding to tectonic_vmware_ssh_authorized_key. If not provided, SSH agent will be used. | string | `` | | tectonic_vmware_sslselfsigned | Is the vCenter certificate Self-Signed? Example: `tectonic_vmware_sslselfsigned = "true"` | string | - | | tectonic_vmware_vm_template | Virtual Machine template of CoreOS Container Linux. | string | - | | tectonic_vmware_vm_template_folder | Folder for VM template of CoreOS Container Linux. | string | - | diff --git a/examples/terraform.tfvars.vmware b/examples/terraform.tfvars.vmware index df7104b072..16c67f8809 100644 --- a/examples/terraform.tfvars.vmware +++ b/examples/terraform.tfvars.vmware @@ -177,6 +177,9 @@ tectonic_vmware_server = "" // SSH public key to use as an authorized key. Example: `"ssh-rsa AAAB3N..."` tectonic_vmware_ssh_authorized_key = "" +// SSH private key file corresponding to tectonic_vmware_ssh_authorized_key. If not provided, SSH agent will be used. +tectonic_vmware_ssh_private_key_path = "" + // Is the vCenter certificate Self-Signed? Example: `tectonic_vmware_sslselfsigned = "true"` tectonic_vmware_sslselfsigned = "" diff --git a/modules/vmware/node/nodes.tf b/modules/vmware/node/nodes.tf index ba9f9ff7f6..d8ee977677 100644 --- a/modules/vmware/node/nodes.tf +++ b/modules/vmware/node/nodes.tf @@ -24,8 +24,9 @@ resource "vsphere_virtual_machine" "node" { } connection { - type = "ssh" - user = "core" + type = "ssh" + user = "core" + private_key = "${file(var.tectonic_vmware_ssh_private_key_path != "" ? pathexpand(var.tectonic_vmware_ssh_private_key_path) : "/dev/null")}" } provisioner "file" { diff --git a/platforms/vmware/remote.tf b/platforms/vmware/remote.tf index d27b880741..487b9eaefa 100644 --- a/platforms/vmware/remote.tf +++ b/platforms/vmware/remote.tf @@ -2,10 +2,11 @@ resource "null_resource" "bootstrap" { # Without depends_on, this remote-exec may start before the kubeconfig copy. # Terraform only does one task at a time, so it would try to bootstrap # Kubernetes and Tectonic while no Kubelets are running. Ensure all nodes # receive a kubeconfig before proceeding with bootkube and tectonic. #depends_on = ["null_resource.kubeconfig-masters"] connection { - type = "ssh" - host = "${module.masters.ip_address[0]}" - user = "core" - timeout = "60m" + type = "ssh" + host = "${module.masters.ip_address[0]}" + user = "core" + timeout = "60m" + private_key = "${file(var.tectonic_vmware_ssh_private_key_path != "" ? pathexpand(var.tectonic_vmware_ssh_private_key_path) : "/dev/null")}" } provisioner "file" { diff --git a/platforms/vmware/variables.tf b/platforms/vmware/variables.tf index 21e1952dc6..409dfb3350 100644 --- a/platforms/vmware/variables.tf +++ b/platforms/vmware/variables.tf @@ -52,6 +52,12 @@ variable "tectonic_vmware_ssh_authorized_key" { description = "SSH public key to use as an authorized key. Example: `\"ssh-rsa AAAB3N...\"`" } +variable "tectonic_vmware_ssh_private_key_path" { + type = "string" + description = "SSH private key file corresponding to tectonic_vmware_ssh_authorized_key. If not provided, SSH agent will be used." + default = "" +} + variable "tectonic_vmware_node_dns" { type = "string" description = "DNS Server to be useddd by Virtual Machine(s)"