juju system ssh keys - revisiting
John Arbash Meinel
john at arbash-meinel.com
Tue Dec 17 05:59:31 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
...
> 5) Juju run. In order to make this available to the GUI, it needs
> to be executed from the API server. This means that the API server
> machine needs to be able to SSH to all the other machines. No one
> is going to want to upload their own private key, nor should they.
This hints to me that Juju run is improperly design. We already have a
way to inform all machines that we have work for them to do. Which
*doesn't* require us to ssh into them (the hook triggers).
Just create a "run" hook that fires a custom script when there is data
to be run. Why would be SSH into those machines directly?
John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (Cygwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlKv6EMACgkQJdeBCYSNAAPWbQCfW9NzjEfrPjIYg6XjX0jdA+Op
zsEAn2WztdUWqij0Iup5mvJncTfEzWN1
=2Z8z
-----END PGP SIGNATURE-----
More information about the Juju-dev
mailing list