Question -- should the ssh key pairs be the same for all deployments?

[johnnynuuma]

Seems to be an assumption deployments use the same ssh key/pairs, i.e. generate once and used in all deployment scenerios.

This may be fine for a test environment but not sure it is desirable in production.

I think some policy around ssh key management needs to be specified for deployments and then implemented in deployment scripts, or at least any assumptions about ssh keys need to be explicitly stated.

In this way the documentation can be constructed to help our user base, who have a varying degree of technical acumen.

[phahulin]

Let me understand this a bit clearer...

There is a particular ssh keypair to access any one server (unless user adds/changes keys later). Same keypair can be used to access multiple servers. The choice of a keypair for a deployment of a new server is up to user.

So the issue is (correct me if I'm wrong here):

1. There must be guidelines for a user on which keypair to use/generate new for a new server if user hosts multiple nodes, probably nodes on different networks.
2. Add to docs: if a user has multiple keypairs, how to tell ansible which one to use.