Hi all,

I'm writing a blueprint in which a "leader" entity must be able to SSH to a group of followers. I'm canvassing for opinions on a clean way to express this.


At the moment I have:

services:

- id: leader
  type: org.apache.brooklyn.entity.software.base.EmptySoftwareProcess
  brooklyn.config:
    preInstallCommand: |
test -f ~/.ssh/id_rsa.pub || (mkdir -p ~/.ssh ; ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa -N '')
  brooklyn.initializers:
  - type: org.apache.brooklyn.core.sensor.ssh.SshCommandSensor
    brooklyn.config:
      name: ssh.publicKey
      command: cat ~/.ssh/id_rsa.pub 2>/dev/null
      period: 1m

- id: group
  type: org.apache.brooklyn.entity.group.DynamicCluster
  brooklyn.config:
    initialSize: 1
    memberSpec:
      $brooklyn:entitySpec:
        type: org.apache.brooklyn.entity.software.base.EmptySoftwareProcess
        brooklyn.config:
          # Allow SSH from leader.
          preInstallCommand:
            $brooklyn:formatString:
            - "mkdir -p ~/.ssh && echo '%s' >> ~/.ssh/authorized_keys"
- $brooklyn:component("leader").attributeWhenReady("ssh.publicKey")

This is more or less satisfactory but I don't like the repeated polling for id_rsa.pub. Is there a case for a sensor that stops executing once some condition is met? In the case above it would either be a zero exit code or a non-empty stdout.

Sam

Reply via email to