refactor: Refactor Vagrant configuration and SSH setup

Made several changes to the Vagrant setup and SSH configuration: - Updated the .gitignore file to include specific files and directories - Commented out the setup_dns function call in the Vagrantfile - Added group_vars for Vagrant inventory in ansible - Added SSH configurations for each Vagrant node in ssh.cfg - Updated ssh.sh script to create SSH keys only if not existing and copy keys to shared folder
GeekOpsUA · Apr 7, 2024 · 6145f6a · 6145f6a
1 parent 20e1f40
commit 6145f6a
Show file tree

Hide file tree

Showing 6 changed files with 76 additions and 14 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,9 @@
 .idea
 .vagrant
+.venv
 __pycache__
+*.pyc
+known_hosts
 temp
 *.crt
 *.key
@@ -9,4 +12,3 @@ temp
 *csr.json
 *.kubeconfig
 quick-steps
-.venv
diff --git a/Vagrantfile b/Vagrantfile
@@ -55,7 +55,7 @@ def provision_kubernetes_node(node)
   # Set up ssh
   node.vm.provision "setup-ssh", :type => "shell", :path => "vm/utils/ssh.sh"
   # Set up DNS
-  setup_dns node
+  # setup_dns node
   # Set up with Ansible
   node.vm.provision "ansible" do |ansible|
     ansible.compatibility_mode = "2.0"
@@ -151,12 +151,4 @@ Vagrant.configure("2") do |config|
       provision_kubernetes_node node
     end
   end
-
-  # Modify all nodes to not use GUI and audio
-  config.vm.define "all" do |node|
-    node.vm.provider "virtualbox" do |vb|
-      vb.gui = false
-      vb.customize ["modifyvm", :id, "--audio", "none"]
-    end
-  end
 end
diff --git a/ansible/inventory/group_vars/vagrant.yml b/ansible/inventory/group_vars/vagrant.yml
@@ -0,0 +1,2 @@
+---
+ansible_user:               vagrant
diff --git a/ansible/inventory/vagrant.yml b/ansible/inventory/vagrant.yml
@@ -3,12 +3,15 @@ vagrant:
   children:
     vagrant_control:
       hosts:
-        vagrant-plane01.local:
-        vagrant-plane02.local:
+        controlplane01:
+        controlplane02:
+    vagrant_lb:
+      hosts:
+        loadbalancer:
     vagrant_nodes:
       hosts:
-        vagrant-w01.local:
-        vagrant-w02.local:
+        node01:
+        node02:
 
 kube_control_plane:
   children:

diff --git a/ssh.cfg b/ssh.cfg
@@ -5,8 +5,40 @@ Host *
   KeepAlive yes
   ForwardAgent yes
   AddKeysToAgent yes
+  IdentitiesOnly yes
   StrictHostKeyChecking no
+  UserKnownHostsFile ./known_hosts
   ControlPath   /dev/shm/%r@%h
   ControlMaster auto
   ControlPersist 5m
   ServerAliveInterval 60
+
+# ======================================================================
+# Vagrant configuration
+# ======================================================================
+Host controlplane01
+  Hostname 127.0.0.1
+  User vagrant
+  IdentityFile .vagrant/ssh/id_ed25519
+  Port 2222
+Host controlplane02
+  Hostname 127.0.0.1
+  User vagrant
+  IdentityFile .vagrant/ssh/id_ed25519
+  Port 2200
+Host loadbalancer
+  Hostname 127.0.0.1
+  User vagrant
+  IdentityFile .vagrant/ssh/id_ed25519
+  Port 2201
+Host node01
+  Hostname 127.0.0.1
+  User vagrant
+  IdentityFile .vagrant/ssh/id_ed25519
+  Port 2202
+Host node02
+  Hostname 127.0.0.1
+  User vagrant
+  IdentityFile .vagrant/ssh/id_ed25519
+  Port 2203
+
diff --git a/vm/utils/ssh.sh b/vm/utils/ssh.sh
@@ -4,16 +4,47 @@
 sed -i --regexp-extended 's/#?PasswordAuthentication (yes|no)/PasswordAuthentication yes/' /etc/ssh/sshd_config
 sed -i --regexp-extended 's/#?Include \/etc\/ssh\/sshd_config.d\/\*.conf/#Include \/etc\/ssh\/sshd_config.d\/\*.conf/' /etc/ssh/sshd_config
 sed -i 's/KbdInteractiveAuthentication no/KbdInteractiveAuthentication yes/' /etc/ssh/sshd_config
+sed -i 's/#MaxAuthTries 6/MaxAuthTries 30/' /etc/ssh/sshd_config
 systemctl restart sshd
 
+# Create the .ssh directory if it doesn't exist
 if [ ! -d /home/vagrant/.ssh ]
 then
     mkdir /home/vagrant/.ssh
     chmod 700 /home/vagrant/.ssh
     chown vagrant:vagrant /home/vagrant/.ssh
 fi
 
+# If hostname is controlplane01, check if ssh is created, if not create it
+if [ "$(hostname)" = "controlplane01" ]
+then
+    if [ ! -f /vagrant/.vagrant/ssh/id_ed25519 ]
+    then
+        ssh-keygen -q -t ed25519 -C "vagrant@k8s" -N "" -f /home/vagrant/.ssh/id_ed25519 <<<y >/dev/null 2>&1
+        chown vagrant:vagrant /home/vagrant/.ssh/id_ed25519
+        chown vagrant:vagrant /home/vagrant/.ssh/id_ed25519.pub
+    fi
+
+    # Copy the keys to the shared folder `/vagrant/.vagrant/ssh/`
+    if [ ! -d /vagrant/.vagrant/ssh ]
+    then
+        mkdir -p /vagrant/.vagrant/ssh
+    fi
+
+    # Copy the keys to the shared folder `/vagrant/.vagrant/ssh/`
+    if [-f /home/vagrant/.ssh/id_ed25519 ]
+    then
+        cp /home/vagrant/.ssh/id_* /vagrant/.vagrant/ssh/
+    fi
+fi
+
+# Add the public key to the authorized_keys file on all nodes
+cat /vagrant/.vagrant/ssh/id_ed25519.pub >> /home/vagrant/.ssh/authorized_keys
+
+echo "SSH keys were added to the authorized_keys file at $(hostname)"
+cat /home/vagrant/.ssh/authorized_keys
 
+# Install sshpass on controlplane01
 if [ "$(hostname)" = "controlplane01" ]
 then
     sh -c 'sudo apt update' &> /dev/null