Project

General

Profile

Actions

Feature #20485

closed

Option to skip automatic SSH key deployment on cloud VMs

Added by Tom Clegg 11 months ago. Updated 10 months ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
Crunch
Target version:
Story points:
0.5
Release relationship:
Auto

Description

When creating a new cloud instance, arvados-dispatch-cloud generates the public key counterpart of Containers.DispatchPrivateKey and installs it as an authorized SSH key for the relevant login account (LinuxConfiguration.SSH.PublicKeys on Azure, ImportKeyPair/KeyName on AWS).

Some sites may prefer to use a different approach (e.g., pre-install the public key on the worker image or retrieve it from some other source during instance boot). In that case the automatic deployment would be superfluous at best, and could prevent instance creation from working at all if the relevant cloud APIs are disabled by policy.

Proposed option

    CloudVMs:
      # Install the dispatcher's SSH public key (derived from                                                                                                                                                    
      # DispatchPrivateKey) when creating new cloud instances. Change                                                                                                                                            
      # this to false if you are using a different mechanism to                                                                                                                                                  
      # pre-install the public key on new instances.                                                                                                                                                                 
      DeployPublicKey: true

Subtasks 1 (0 open1 closed)

Task #20597: Review 20485-optional-deploy-ssh-keyResolvedTom Clegg06/01/2023Actions
Actions

Also available in: Atom PDF