5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 - name: Synchronize controller ssh keys
18 hosts: management:!vnf-nodes
20 - name: set master_key_holder to installation_controller
22 master_key_holder: "{{ installation_controller }}"
25 - name: Copy temporary key to slaves
27 sudo -u "{{ users.admin_user_name }}" \
28 scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
29 "/home/{{ users.admin_user_name }}/.ssh/id_rsa" "{{ hostvars[item]['ansible_host'] }}":/tmp/tmp_rsa
30 when: hostname == master_key_holder
31 with_items: "{{ groups['management'] }}"
33 - name: Copy ssh keys from active haproxyvip or installation controller
35 sudo -u "{{ users.admin_user_name }}" \
36 ssh -i /tmp/tmp_rsa -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
37 "{{ hostvars[master_key_holder]['ansible_host'] }}" \
38 sudo tar -cf - "{{ item }}" |sudo tar -C / -xf -
41 - '/etc/ssh/ssh_host_ecdsa_key'
42 - '/etc/ssh/ssh_host_ecdsa_key.pub'
43 - '/etc/ssh/ssh_host_ed25519_key'
44 - '/etc/ssh/ssh_host_ed25519_key.pub'
45 - '/etc/ssh/ssh_host_rsa_key'
46 - '/etc/ssh/ssh_host_rsa_key.pub'
47 when: master_key_holder != inventory_hostname
49 - name: Clean temporary key
Code Review / ta / infra-ansible.git / blob