mirror of
https://github.com/xcat2/confluent.git
synced 2024-11-25 19:10:10 +00:00
Finalize the ssh.trustnodes facility
This is the confluent approach to handling the same problem that xCAT SSH Zones do.
This commit is contained in:
parent
efdbeeae0d
commit
2d6bdffebe
@ -534,6 +534,13 @@ node = {
|
||||
'description': ('Password to use when connecting to the hardware '
|
||||
'manager'),
|
||||
},
|
||||
'ssh.trustnodes': {
|
||||
'description': ('Nodes that are allowed to ssh into the node, '
|
||||
'expressed in noderange syntax. This is used during '
|
||||
'deployment if the confluent SSH certificate '
|
||||
'authority is configured. Default behavior is for '
|
||||
'all nodes to trust each other.'),
|
||||
},
|
||||
'pubkeys.addpolicy': {
|
||||
'description': ('Policy to use when encountering unknown public '
|
||||
'keys. Choices are "automatic" to accept and '
|
||||
|
@ -301,8 +301,8 @@ def get_cluster_list(nodename=None, cfg=None):
|
||||
cfg = configmanager.ConfigManager(None)
|
||||
nodes = None
|
||||
if nodename is not None:
|
||||
sshpeers = cfg.get_node_attributes(nodename, 'ssh.peers')
|
||||
sshpeers = sshpeers.get(nodename, {}).get('ssh.peers', {}).get(
|
||||
sshpeers = cfg.get_node_attributes(nodename, 'ssh.trustnodes')
|
||||
sshpeers = sshpeers.get(nodename, {}).get('ssh.trustnodes', {}).get(
|
||||
'value', None)
|
||||
if sshpeers:
|
||||
nodes = noderange.NodeRange(sshpeers, cfg).nodes
|
||||
|
Loading…
Reference in New Issue
Block a user