diff --git a/cluster/vsphere/config-common.sh b/cluster/vsphere/config-common.sh index a2169b9287..6adadef80a 100644 --- a/cluster/vsphere/config-common.sh +++ b/cluster/vsphere/config-common.sh @@ -14,22 +14,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -function public-key { - local dir=${HOME}/.ssh - - for f in $HOME/.ssh/{id_{rsa,dsa},*}.pub; do - if [ -r $f ]; then - echo $f - return - fi - done - - echo "Can't find public key file..." 1>&2 - exit 1 -} - -PUBLIC_KEY_FILE=${PUBLIC_KEY_FILE-$(public-key)} -SSH_OPTS="-oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null" +SSH_OPTS="-oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -oLogLevel=ERROR" # These need to be set #export GOVC_URL= diff --git a/cluster/vsphere/util.sh b/cluster/vsphere/util.sh index 0c9163b588..7ea096c7ad 100755 --- a/cluster/vsphere/util.sh +++ b/cluster/vsphere/util.sh @@ -64,8 +64,19 @@ function detect-minions { fi } +function trap-add { + local handler="$1" + local signal="${2-EXIT}" + local cur + + cur="$(eval "sh -c 'echo \$3' -- $(trap -p ${signal})")" + if [[ -n "${cur}" ]]; then + handler="${cur}; ${handler}" + fi + + trap "${handler}" ${signal} +} -# Verify prereqs function verify-prereqs { which "govc" >/dev/null || { echo "Can't find govc in PATH, please install and retry." @@ -76,6 +87,33 @@ function verify-prereqs { } } +function verify-ssh-prereqs { + local rc + + rc=0 + ssh-add -L 1> /dev/null 2> /dev/null || rc="$?" + # "Could not open a connection to your authentication agent." + if [[ "${rc}" -eq 2 ]]; then + eval "$(ssh-agent)" > /dev/null + trap-add "kill ${SSH_AGENT_PID}" EXIT + fi + + rc=0 + ssh-add -L 1> /dev/null 2> /dev/null || rc="$?" + # "The agent has no identities." + if [[ "${rc}" -eq 1 ]]; then + # Try adding one of the default identities, with or without passphrase. + ssh-add || true + fi + + # Expect at least one identity to be available. + if ! ssh-add -L 1> /dev/null 2> /dev/null; then + echo "Could not find or add an SSH identity." + echo "Please start ssh-agent, add your identity, and retry." + exit 1 + fi +} + # Create a temp dir that'll be deleted at the end of this bash session. # # Vars set: @@ -83,7 +121,7 @@ function verify-prereqs { function ensure-temp-dir { if [[ -z ${KUBE_TEMP-} ]]; then KUBE_TEMP=$(mktemp -d -t kubernetes.XXXXXX) - trap 'rm -rf "${KUBE_TEMP}"' EXIT + trap-add 'rm -rf "${KUBE_TEMP}"' EXIT fi } @@ -173,7 +211,6 @@ function kube-ssh { # Assumed vars: # DISK # GUEST_ID -# PUBLIC_KEY_FILE function kube-up-vm { local vm_name="$1" shift @@ -194,10 +231,12 @@ function kube-up-vm { -p \ /home/kube/.ssh + ssh-add -L > "${KUBE_TEMP}/${vm_name}-authorized_keys" + govc guest.upload \ -vm="${vm_name}" \ -f \ - "${PUBLIC_KEY_FILE}" \ + "${KUBE_TEMP}/${vm_name}-authorized_keys" \ /home/kube/.ssh/authorized_keys } @@ -222,6 +261,7 @@ function kube-run { # KUBE_ROOT # function kube-up { + verify-ssh-prereqs find-release-tars ensure-temp-dir @@ -378,6 +418,7 @@ function kube-down { # Update a kubernetes cluster with latest source function kube-push { + verify-ssh-prereqs find-release-tars detect-master