1
The idea of having a system SSH key is to support a number of real and
3
* The system ssh key could be used to monitor the bootstrap process, and this
4
would benefit the new users that don't have an existing SSH key
5
* Allows the api server machines to ssh to other machines in the environment
6
* could be used to set up ssh tunnels through a single public facing IP
8
* allows juju-run commands to be run on remote machiens
10
Juju already creates a private key for serving the mongo database. It was an
11
option to also use this key, but in the end, having different keys for
12
different purposes just seems like a more robust idea.
14
A system key is generated when the environment is bootstrapped, and uploaded
15
as part of the cloud-init machine creation process. The public key part is
16
added to the authorized keys list.
18
This means that we need to generate an identity file and the authorized key
19
line prior to creating the new machine.
21
If subsequent state server machines are created, they also need to have the
22
system identity file on them. Actually, it is most likely the API server jobs
23
that we really care about.