(resending, because some mails got lost last time)
On Tue, Sep 2, 2014 at 4:19 PM, Helga Velroyen <[email protected]> wrote: > > (Update: This is an updated and rebased version of the > patch series after the first round of comments.) > > This is approximately the first half of the implemenation > of the SSH related part of 'design-node-security.rst'. > The goal of this patch series was to switch from one > SSH key for all nodes to the following situation: > - Every node now gets an individual SSH key. > - SSH key distribution is only done via SSH itself, > relying as little as possible on RPC security. > - 'authorized_keys' files of all nodes contain only > their own public key and the public keys of > the master candidates. This way, SSH (and therefore > root) access is limited to master candidates only. > - SSH key distribution and removal is done properly > for adding/removing/promotion/demotion of nodes. > - Additional verification steps are added to check > the SSH key setup. > > Note a few things: > - This patch series as a whole complies our QA. However, > it was impossible to ensure that after every single > patch. > - This does not cover the complete SSH part of the > design doc yet. The biggest part yet to come is > the implemenation of RAPI security wrt to the SSH > keys. > > Whoever will review this might wonder what > 'potential master candidates' are. Those are nodes that > are not master candidates yet, but which could be > made master candidates using the respective RAPI > command. As this patch series does not fully implement > the RAPI part yet, the potential master candidates > in this patch series are all normal nodes. > > Helga Velroyen (25): > Removing unused imports from watcher > Move InitSSH from bootstrap.py to ssh.py > Move Ssh related code to ssh.py > Infrastructure to manage public key file > Init public key file and transfer authorized keys on node join > Retrieve public SSH key from new node > ssh.py: clear + overide pubkey + query all > Introducing the 'ssh_update' tool > Config: retrieve SSH ports and potential master candidates > Key handling when adding a node > Key removal in ssh.py and ssh_update.py > Handling SSH keys on node removal > Removing old SSH key when readding a node > Generate individual SSH keys > Verify SSH setup > Handle SSH keys on node promotion and demotion > Reduce number of statements in ClusterVerifyGroup > Add key parameter to renew crypto opcode > Unit test for InitSSHSetup > Add option to "InitSSHSetup" to create additional keys > Move function to fetch public keys to ssh > Move GenerateRootSshKeys to tools/common > Renew SSH keys and upgrade > Mention SSH changes in NEWS file > Use WriteFile when possible in ssh.py > > .gitignore | 1 + > Makefile.am | 13 +- > NEWS | 17 + > UPGRADE | 21 + > lib/backend.py | 464 ++++++++++++- > lib/bootstrap.py | 130 +--- > lib/cli.py | 24 + > lib/client/gnt_cluster.py | 72 +- > lib/client/gnt_node.py | 32 +- > lib/cmdlib/cluster.py | 161 ++++- > lib/cmdlib/node.py | 95 ++- > lib/config.py | 62 +- > lib/errors.py | 6 + > lib/pathutils.py | 2 + > lib/rpc_defs.py | 32 + > lib/server/noded.py | 38 ++ > lib/ssh.py | 731 > ++++++++++++++++++++- > lib/tools/common.py | 108 +++ > lib/tools/prepare_node_join.py | 101 +-- > lib/tools/ssh_update.py | 219 ++++++ > lib/utils/io.py | 89 --- > lib/watcher/__init__.py | 2 - > qa/qa_cluster.py | 7 +- > src/Ganeti/Constants.hs | 34 + > src/Ganeti/OpCodes.hs | 4 +- > src/Ganeti/OpParams.hs | 14 + > test/hs/Test/Ganeti/OpCodes.hs | 3 +- > test/py/cmdlib/cluster_unittest.py | 67 +- > test/py/ganeti.backend_unittest.py | 447 +++++++++++++ > test/py/ganeti.client.gnt_cluster_unittest.py | 108 +++ > test/py/ganeti.mcpu_unittest.py | 1 - > test/py/ganeti.ssh_unittest.py | 308 +++++++++ > test/py/ganeti.tools.prepare_node_join_unittest.py | 75 ++- > test/py/ganeti.tools.ssh_update_unittest.py | 163 +++++ > test/py/ganeti.utils.io_unittest.py | 68 -- > test/py/testutils.py | 15 + > tools/post-upgrade | 8 + > 37 files changed, 3268 insertions(+), 474 deletions(-) > create mode 100644 lib/tools/common.py > create mode 100644 lib/tools/ssh_update.py > create mode 100755 test/py/ganeti.tools.ssh_update_unittest.py > > -- > 2.1.0.rc2.206.gedb03e5 > > -- Helga Velroyen | Software Engineer | [email protected] | Google Germany GmbH Dienerstr. 12 80331 München Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg Geschäftsführer: Graham Law, Christine Elizabeth Flores
