openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/modules/bmo-configuring-users-for-bmaas-hosts.adoc

76 lines
2.0 KiB
Plaintext
Raw Permalink Blame History

// This module is included in the following assemblies:
//
// * installing/installing_bare_metal/bare-metal-using-bare-metal-as-a-service.adoc
:_mod-docs-content-type: PROCEDURE
[id="bmo-configuring-users-for-bmaas-hosts_{context}"]
= Configuring users for BMaaS hosts
Configure bare-metal host users and add them to a Kubernetes secret. Then, create and apply the secret to customize the host.
.Procedure
. Create a file named `<hostname>-user-data.yaml` with the following content:
+
[source,yaml]
----
users:
- name: <name>
sudo: [<sudo_config>]
ssh_authorized_keys:
- <key_type>
<key>
shell: <shell_path>
groups: [<groups>]
lock_passwd: true|false
----
`<hostname>`::
The name of the bare-metal host.
`<name>`::
The user name.
`<sudo_config>`::
The sudo configuration for the user.
`<key_type>`::
The SSH key type.
`<key>`::
The public SSH key to use when accessing this host as the `<name>` user.
`<shell_path>`::
The shell to use when accessing the host.
`<groups>`::
The groups the user belongs to.
`lock_passwd`::
Whether the user password is locked. If `true`, the user cannot log in by using the password, but can still use SSH.
+
.Example user
+
[source,yaml]
----
users:
- name: sysadmin
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2E... sysadmin@workstation.example.com
shell: /bin/bash
groups: [adm, sudo]
lock_passwd: true
----
. Create a secret from the `<hostname>-user-data.yaml` file by running the following command:
+
[source,terminal]
----
$ oc create secret generic <hostname>-user-data \
--from-file=userData=<hostname>-user-data.yaml -n bmaas
----
`<hostname>`::
The name of the bare-metal host.
. Configure the `BareMetalHost` to use the `<hostname>-user-data.yaml` file by running the following command:
+
[source,terminal]
----
$ oc patch baremetalhost <hostname> -n bmaas \
--type merge -p '{"spec":{"userData":{"name":"<hostname>-user-data"}}}'
----
`<hostname>`::
The name of the bare-metal host.
View Git Blame Copy Permalink