Bug 1049044: Creating a single sshkey for each scalable application

openshift · Jan 23, 2014 · d18f26a · d18f26a
1 parent 1f80cf5
commit d18f26a
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 6 deletions.
diff --git a/controller/app/models/application.rb b/controller/app/models/application.rb
@@ -1657,6 +1657,10 @@ def calculate_gear_create_ops(ginst_id, gear_ids, deploy_gear_id, comp_specs, co
       reserve_uid_op = ReserveGearUidOp.new(gear_id: gear_id, prereq: maybe_notify_app_create_op + [init_gear_op._id.to_s])
 
       create_gear_op = CreateGearOp.new(gear_id: gear_id, prereq: [reserve_uid_op._id.to_s], retry_rollback_op: reserve_uid_op._id.to_s)
+      # this flag is passed to the node to indicate that an sshkey is required to be generated for this gear
+      # currently the sshkey is being generated on the app dns gear if the application is scalable
+      # we are assuming that haproxy will also be added to this gear
+      create_gear_op.sshkey_required = app_dns && self.scalable
 
       track_usage_op = TrackUsageOp.new(user_id: self.domain.owner._id, parent_user_id:
                            self.domain.owner.parent_user_id, app_name: self.name, gear_id: gear_id,

diff --git a/controller/app/models/gear.rb b/controller/app/models/gear.rb
@@ -108,8 +108,8 @@ def unreserve_uid
     self.uid = nil
   end
 
-  def create_gear
-    result_io = get_proxy.create(self)
+  def create_gear(sshkey_required=false)
+    result_io = get_proxy.create(self, nil, nil, sshkey_required)
     application.process_commands(result_io, nil, self)
     result_io
   end

diff --git a/controller/app/pending_ops_models/create_gear_op.rb b/controller/app/pending_ops_models/create_gear_op.rb
@@ -1,11 +1,12 @@
 class CreateGearOp < PendingAppOp
 
   field :gear_id, type: String
+  field :sshkey_required, type: Boolean, default: false
 
   def execute
     result_io = ResultIO.new
     gear = get_gear()
-    result_io = gear.create_gear unless gear.removed
+    result_io = gear.create_gear(sshkey_required) unless gear.removed
     raise OpenShift::NodeException.new("Unable to create gear", result_io.exitcode, result_io) if result_io.exitcode != 0
     pending_app_op_group.inc(:num_gears_created, 1)
     result_io

diff --git a/plugins/msg-broker/mcollective/lib/openshift/mcollective_application_container_proxy.rb b/plugins/msg-broker/mcollective/lib/openshift/mcollective_application_container_proxy.rb
@@ -329,7 +329,7 @@ def unreserve_uid(uid, district_uuid=nil)
         end
       end
 
-      def build_base_gear_args(gear, quota_blocks=nil, quota_files=nil)
+      def build_base_gear_args(gear, quota_blocks=nil, quota_files=nil, sshkey_required=false)
         app = gear.application
         args = Hash.new
         args['--with-app-uuid'] = app.uuid
@@ -338,6 +338,7 @@ def build_base_gear_args(gear, quota_blocks=nil, quota_files=nil)
         args['--with-container-name'] = gear.name
         args['--with-quota-blocks'] = quota_blocks if quota_blocks
         args['--with-quota-files'] = quota_files if quota_files
+        args['--with-generate-app-key'] = sshkey_required if sshkey_required
         args['--with-namespace'] = app.domain_namespace
         args['--with-uid'] = gear.uid if gear.uid
         args['--with-request-id'] = Thread.current[:user_action_log_uuid]
@@ -380,11 +381,11 @@ def build_base_component_args(component, existing_args={})
       # Constructs a shell command line to be executed by the MCollective agent
       # on the node.
       #
-      def create(gear, quota_blocks=nil, quota_files=nil)
+      def create(gear, quota_blocks=nil, quota_files=nil, sshkey_required=false)
         app = gear.application
         result = nil
         (1..10).each do |i|
-          args = build_base_gear_args(gear, quota_blocks, quota_files)
+          args = build_base_gear_args(gear, quota_blocks, quota_files, sshkey_required)
 
           # set the secret token for new gear creations
           # log an error if the application does not have its secret_token set