Merge pull request #143 from pradipd/user/pradipd/sshkeys

Adding support for multiple ssh keys

Author: pradipd

api/v1alpha3/azurestackhcimachine_types.go

@@ -51,6 +51,8 @@ type AzureStackHCIMachineSpec struct {
 	// AllocatePublicIP allows the ability to create dynamic public ips for machines where this value is true.
 	// +optional
 	AllocatePublicIP bool `json:"allocatePublicIP,omitempty"`
+
+	AdditionalSSHKeys []string `json:"additionalSSHKeys,omitempty"`
 }
 
 // AzureStackHCIMachineStatus defines the observed state of AzureStackHCIMachine

api/v1alpha3/azurestackhcivirtualmachine_types.go

@@ -47,6 +47,8 @@ type AzureStackHCIVirtualMachineSpec struct {
 	ClusterName      string   `json:"clusterName"`
 	SubnetName       string   `json:"subnetName"`
 	BackendPoolNames []string `json:"backendPoolNames,omitempty"`
+
+	AdditionalSSHKeys []string `json:"additionalSSHKeys,omitempty"`
 }
 
 // AzureStackHCIVirtualMachineStatus defines the observed state of AzureStackHCIVirtualMachine

api/v1alpha3/zz_generated.deepcopy.go

@@ -46,7 +46,7 @@ const (
 type Spec struct {
 	Name       string
 	NICName    string
-	SSHKeyData string
+	SSHKeyData []string
 	Size       string
 	Zone       string
 	Image      infrav1.Image
@@ -99,7 +99,7 @@ func (s *Service) Reconcile(ctx context.Context, spec interface{}) error {
 	klog.V(2).Infof("creating vm %s : %v", vmSpec.Name, vmSpec)
 
 	sshKeyData := vmSpec.SSHKeyData
-	if sshKeyData == "" {
+	if len(sshKeyData) == 0 {
 		privateKey, perr := rsa.GenerateKey(rand.Reader, 2048)
 		if perr != nil {
 			return errors.Wrap(perr, "Failed to generate private key")
@@ -109,7 +109,16 @@ func (s *Service) Reconcile(ctx context.Context, spec interface{}) error {
 		if perr != nil {
 			return errors.Wrap(perr, "Failed to generate public key")
 		}
-		sshKeyData = string(ssh.MarshalAuthorizedKey(publicRsaKey))
+		sshKeyData = []string{string(ssh.MarshalAuthorizedKey(publicRsaKey))}
+	}
+
+	sshPublicKeys := []compute.SSHPublicKey{}
+	sshKeyPath := fmt.Sprintf("/home/%s/.ssh/authorized_keys", azurestackhci.DefaultUserName)
+	for i := 0; i < len(sshKeyData); i++ {
+		sshPublicKeys = append(sshPublicKeys, compute.SSHPublicKey{
+			Path:    &sshKeyPath,
+			KeyData: &sshKeyData[i],
+		})
 	}
 
 	randomPassword, err := GenerateRandomString(32)
@@ -131,12 +140,7 @@ func (s *Service) Reconcile(ctx context.Context, spec interface{}) error {
 				OsType:        compute.OperatingSystemTypes(vmSpec.OSDisk.OSType),
 				LinuxConfiguration: &compute.LinuxConfiguration{
 					SSH: &compute.SSHConfiguration{
-						PublicKeys: &[]compute.SSHPublicKey{
-							{
-								Path:    to.StringPtr(fmt.Sprintf("/home/%s/.ssh/authorized_keys", azurestackhci.DefaultUserName)),
-								KeyData: to.StringPtr(sshKeyData),
-							},
-						},
+						PublicKeys: &sshPublicKeys,
 					},
 					DisablePasswordAuthentication: to.BoolPtr(false),
 				},
@@ -164,12 +168,7 @@ func (s *Service) Reconcile(ctx context.Context, spec interface{}) error {
 
 		virtualMachine.OsProfile.WindowsConfiguration = &compute.WindowsConfiguration{
 			SSH: &compute.SSHConfiguration{
-				PublicKeys: &[]compute.SSHPublicKey{
-					{
-						Path:    to.StringPtr(fmt.Sprintf("/users/%s/.ssh/authorized_keys", azurestackhci.DefaultUserName)),
-						KeyData: to.StringPtr(sshKeyData),
-					},
-				},
+				PublicKeys: &sshPublicKeys,
 			},
 		}
 	}

cloud/services/virtualmachines/virtualmachines.go

@@ -39,6 +39,10 @@ spec:
           spec:
             description: AzureStackHCIMachineSpec defines the desired state of AzureStackHCIMachine
             properties:
+              additionalSSHKeys:
+                items:
+                  type: string
+                type: array
               allocatePublicIP:
                 description: AllocatePublicIP allows the ability to create dynamic
                   public ips for machines where this value is true.

config/crd/bases/infrastructure.cluster.x-k8s.io_azurestackhcimachines.yaml

@@ -48,6 +48,10 @@ spec:
                     description: Spec is the specification of the desired behavior
                       of the machine.
                     properties:
+                      additionalSSHKeys:
+                        items:
+                          type: string
+                        type: array
                       allocatePublicIP:
                         description: AllocatePublicIP allows the ability to create
                           dynamic public ips for machines where this value is true.

config/crd/bases/infrastructure.cluster.x-k8s.io_azurestackhcimachinetemplates.yaml

@@ -40,6 +40,10 @@ spec:
             description: AzureStackHCIVirtualMachineSpec defines the desired state
               of AzureStackHCIVirtualMachine
             properties:
+              additionalSSHKeys:
+                items:
+                  type: string
+                type: array
               availabilityZone:
                 properties:
                   enabled:

config/crd/bases/infrastructure.cluster.x-k8s.io_azurestackhcivirtualmachines.yaml

@@ -305,6 +305,7 @@ func (r *AzureStackHCIMachineReconciler) reconcileVirtualMachineNormal(machineSc
 		vm.Spec.Location = machineScope.AzureStackHCIMachine.Spec.Location
 		vm.Spec.SSHPublicKey = machineScope.AzureStackHCIMachine.Spec.SSHPublicKey
 		vm.Spec.BootstrapData = &bootstrapData
+		vm.Spec.AdditionalSSHKeys = machineScope.AzureStackHCIMachine.Spec.AdditionalSSHKeys
 
 		return nil
 	}

controllers/azurestackhcimachine_controller.go

@@ -164,10 +164,20 @@ func (s *azureStackHCIVirtualMachineService) reconcileNetworkInterface(nicName s
 
 func (s *azureStackHCIVirtualMachineService) createVirtualMachine(nicName string) (*infrav1.VM, error) {
 	var vm *infrav1.VM
+	decodedKeys := []string{}
 	decoded, err := base64.StdEncoding.DecodeString(s.vmScope.AzureStackHCIVirtualMachine.Spec.SSHPublicKey)
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to decode ssh public key")
 	}
+	decodedKeys = append(decodedKeys, string(decoded))
+
+	for _, key := range s.vmScope.AzureStackHCIVirtualMachine.Spec.AdditionalSSHKeys {
+		decoded, err = base64.StdEncoding.DecodeString(key)
+		if err != nil {
+			return nil, errors.Wrapf(err, "failed to decode an additional ssh public key")
+		}
+		decodedKeys = append(decodedKeys, string(decoded))
+	}
 
 	vmSpec := &virtualmachines.Spec{
 		Name: s.vmScope.Name(),
@@ -205,7 +215,7 @@ func (s *azureStackHCIVirtualMachineService) createVirtualMachine(nicName string
 		vmSpec = &virtualmachines.Spec{
 			Name:       s.vmScope.Name(),
 			NICName:    nicName,
-			SSHKeyData: string(decoded),
+			SSHKeyData: decodedKeys,
 			Size:       s.vmScope.AzureStackHCIVirtualMachine.Spec.VMSize,
 			OSDisk:     s.vmScope.AzureStackHCIVirtualMachine.Spec.OSDisk,
 			Image:      s.vmScope.AzureStackHCIVirtualMachine.Spec.Image,