2019-05-08 16:49:12 -04:00
// Module included in the following assemblies:
//
2019-12-10 14:21:26 -05:00
// * installing/installing_aws/installing-aws-user-infra.adoc
2019-05-08 16:49:12 -04:00
// * installing/installing_aws/installing-aws-customizations.adoc
2019-10-03 13:05:34 -04:00
// * installing/installing_aws/installing-aws-default.adoc
2019-05-08 16:49:12 -04:00
// * installing/installing_aws/installing-aws-network-customizations.adoc
2019-11-07 13:56:52 -05:00
// * installing/installing_aws/installing-aws-private.adoc
2019-11-08 15:26:26 -05:00
// * installing/installing_aws/installing-aws-vpc.adoc
2019-08-23 12:42:34 -04:00
// * installing/installing_azure/installing-azure-customizations.adoc
2019-10-03 13:05:34 -04:00
// * installing/installing_azure/installing-azure-default.adoc
2019-11-22 08:24:58 -05:00
// * installing/installing_azure/installing-azure-private.adoc
2019-11-15 08:50:08 -05:00
// * installing/installing_azure/installing-azure-vnet.adoc
2020-01-30 14:13:19 -05:00
// * installing/installing_azure/installing-azure-user-infra.adoc
2019-05-08 16:49:12 -04:00
// * installing/installing_bare_metal/installing-bare-metal.adoc
2019-08-09 16:00:54 -04:00
// * installing/installing_gcp/installing-gcp-customizations.adoc
2019-11-07 13:56:52 -05:00
// * installing/installing_gcp/installing-gcp-private.adoc
2019-10-03 13:05:34 -04:00
// * installing/installing_gcp/installing-gcp-default.adoc
2019-11-18 12:35:43 -05:00
// * installing/installing_gcp/installing-gcp-vpc.adoc
2019-08-19 18:45:05 -04:00
// * installing/installing_openstack/installing-openstack-installer-custom.adoc
// * installing/installing_openstack/installing-openstack-installer-kuryr.adoc
2019-10-03 13:05:34 -04:00
// * installing/installing_openstack/installing-openstack-installer.adoc
2019-12-10 14:21:26 -05:00
// * installing/installing_aws/installing-restricted-networks-aws.adoc
// * installing/installing_bare_metal/installing-restricted-networks-bare-metal.adoc
// * installing/installing_vsphere/installing-restricted-networks-vsphere.adoc
2019-05-08 16:49:12 -04:00
// * installing/installing_vsphere/installing-vsphere.adoc
2020-05-29 09:31:13 -04:00
// * installing/installing_vsphere/installing-vsphere-installer-provisioned.adoc
// * installing/installing_vsphere/installing-vsphere-installer-provisioned-customizations.adoc
2020-07-09 10:43:50 -04:00
// * installing/installing_vsphere/installing-vsphere-installer-provisioned-network-customizations.adoc
2019-11-28 12:41:35 +01:00
// * installing/installing_ibm_z/installing-ibm-z.adoc
2019-05-08 16:49:12 -04:00
2019-10-01 14:34:47 -04:00
ifeval::["{context}" == "installing-restricted-networks-vsphere"]
:user-infra:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-bare-metal"]
:user-infra:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-aws"]
:user-infra:
endif::[]
ifeval::["{context}" == "installing-bare-metal"]
:user-infra:
endif::[]
ifeval::["{context}" == "installing-vsphere"]
:user-infra:
endif::[]
ifeval::["{context}" == "installing-aws-user-infra"]
:user-infra:
endif::[]
2020-01-30 14:13:19 -05:00
ifeval::["{context}" == "installing-azure-user-infra"]
:user-infra:
endif::[]
2019-11-15 12:14:03 -05:00
ifeval::["{context}" == "installing-openstack-installer-custom"]
:osp:
endif::[]
ifeval::["{context}" == "installing-openstack-installer-kuryr"]
:osp:
endif::[]
ifeval::["{context}" == "installing-openstack-installer"]
:osp:
endif::[]
2019-11-28 12:41:35 +01:00
ifeval::["{context}" == "installing-ibm-z"]
:ibm-z:
endif::[]
2020-03-29 10:11:00 -04:00
ifeval::["{context}" == "installing-rhv-default"]
:rhv:
endif::[]
ifeval::["{context}" == "installing-rhv-customizations"]
:rhv:
endif::[]
2019-10-01 14:34:47 -04:00
2019-05-08 16:49:12 -04:00
[id="ssh-agent-using_{context}"]
= Generating an SSH private key and adding it to the agent
2019-10-01 14:34:47 -04:00
If you want to perform installation debugging or disaster recovery on your cluster, you must provide an SSH key to both your `ssh-agent` and to the installation program.
2019-11-28 12:41:35 +01:00
[NOTE]
====
In a production environment, you require disaster recovery and debugging.
====
2019-05-08 16:49:12 -04:00
2019-11-28 12:41:35 +01:00
ifdef::ibm-z[]
[IMPORTANT]
====
Do not skip this procedure in production environments where disaster recovery and debugging is required.
====
endif::[]
2019-05-08 16:49:12 -04:00
You can use this key to SSH into the master nodes as the user `core`. When you
deploy the cluster, the key is added to the `core` user's
`~/.ssh/authorized_keys` list.
2020-03-29 10:11:00 -04:00
ifndef::osp,ibm-z,rhv[]
2019-05-08 16:49:12 -04:00
[NOTE]
====
You must use a local key, not one that you configured with platform-specific
approaches such as
link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html[AWS key pairs].
====
2019-11-28 12:41:35 +01:00
endif::[]
2019-05-08 16:49:12 -04:00
.Procedure
. If you do not have an SSH key that is configured for password-less authentication
on your computer, create one.
For example, on a computer that uses a Linux operating system, run the
following command:
+
2020-08-05 10:46:55 -04:00
[source,terminal]
2019-05-08 16:49:12 -04:00
----
2019-06-12 14:00:49 -04:00
$ ssh-keygen -t rsa -b 4096 -N '' \
-f <path>/<file_name> <1>
2019-05-08 16:49:12 -04:00
----
<1> Specify the path and file name, such as `~/.ssh/id_rsa`, of the SSH key.
+
Running this command generates an SSH key that does not require a password in
the location that you specified.
2020-06-16 16:56:18 -04:00
+
2020-03-29 10:11:00 -04:00
[IMPORTANT]
====
If you create a new SSH key pair, avoid overwriting existing SSH keys.
====
2020-06-16 16:56:18 -04:00
+
2019-05-08 16:49:12 -04:00
. Start the `ssh-agent` process as a background task:
+
2020-08-05 10:46:55 -04:00
[source,terminal]
2019-05-08 16:49:12 -04:00
----
$ eval "$(ssh-agent -s)"
2020-08-05 10:46:55 -04:00
----
+
.Example output
[source,terminal]
----
2019-05-08 16:49:12 -04:00
Agent pid 31874
----
. Add your SSH private key to the `ssh-agent`:
+
2020-08-05 10:46:55 -04:00
[source,terminal]
2019-05-08 16:49:12 -04:00
----
$ ssh-add <path>/<file_name> <1>
2020-08-05 10:46:55 -04:00
----
+
.Example output
[source,terminal]
----
2019-06-12 14:00:49 -04:00
Identity added: /home/<you>/<path>/<file_name> (<computer_name>)
2019-05-08 16:49:12 -04:00
----
<1> Specify the path and file name for your SSH private key, such as `~/.ssh/id_rsa`
.Next steps
2019-10-01 14:34:47 -04:00
* When you install {product-title}, provide the SSH public key to the installation program.
ifdef::user-infra[]
If you install a cluster on infrastructure that you provision, you must provide this key to your cluster's machines.
endif::user-infra[]
2019-10-16 10:44:56 -04:00
ifeval::["{context}" == "installing-restricted-networks-vsphere"]
:!user-infra:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-bare-metal"]
:!user-infra:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-aws"]
:!user-infra:
endif::[]
ifeval::["{context}" == "installing-bare-metal"]
:!user-infra:
endif::[]
ifeval::["{context}" == "installing-vsphere"]
:!user-infra:
endif::[]
ifeval::["{context}" == "installing-aws-user-infra"]
:!user-infra:
endif::[]
2020-01-30 14:13:19 -05:00
ifeval::["{context}" == "installing-azure-user-infra"]
:!user-infra:
endif::[]
2019-11-15 12:14:03 -05:00
ifeval::["{context}" == "installing-openstack-installer-custom"]
:!osp:
endif::[]
ifeval::["{context}" == "installing-openstack-installer-kuryr"]
:!osp:
endif::[]
ifeval::["{context}" == "installing-openstack-installer"]
:!osp:
endif::[]
2019-11-28 12:41:35 +01:00
ifeval::["{context}" == "installing-ibm-z"]
:!ibm-z:
endif::[]
2020-03-29 10:11:00 -04:00
ifeval::["{context}" == "installing-rhv-default"]
:!rhv:
endif::[]
ifeval::["{context}" == "installing-rhv-customizations"]
:!rhv:
endif::[]
