6 Replies Latest reply on Jan 25, 2013 8:00 PM by Bill Robinson

    How to set a binary custom property, or assign a file as a property

      I'd like to pull off the SSH key on a machine and set it to a device property.  This lets us when rebuilding machines through bladelogic to set the SSH keys back to what they used to be.  However, the ssh_host_key is a binary file, not a string, and as such isn't so easy to set.  Any advice on how to set this on a device?  We're using Bladelogic 8.2 if that helps.

        • 1. Re: How to set a binary custom property, or assign a file as a property
          Joe Piotrowski

          Just so I understand your requirements; you have an SSH key file on a server. You want to be able to store that file, rebuild the machine, and replace that file? And if so, you want to be able to store that file, or the file's contents, into a device property? So when you re-provision the machine, the key will be restored?

           

          If so, why not just store the file in BSA and replace the file with a post deploy job?

          1 of 1 people found this helpful
          • 2. Re: How to set a binary custom property, or assign a file as a property

            I considered that, but that then means I have a Device that has settings, now I have Depot objects that also have the settings, so in order to reprovision a Server, I have multiple multiple places to go to to.  Further, that clutters up the Depot structure.  I can try and hide them buried under there, but at some point, that tree is going to get massive in size.

             

            Long story short yeah I CAN do it, just not sure I SHOULD store the file there.  So what I'd need to do would be something like (not real real commands, just pseudo logic):

             

            MAC_ADDRESS = blci getProperty ??DEVICE.MAC_ADDRESS??

            if [ blci fileExists /Depot/ServerFiles/LinuxServers/SSH/${MAC_ADDRESS}]

            blci getFileFromDepo /Depot/ServerFiles/LinuxServers/SSH/${MAC_ADDRESS} /etc/ssh/ssh_host_key

            else

            blci putFileIntoDepo /Depot/ServerFiles/LinuxServers/SSH/${MAC_ADDRESS} /etc/ssh/ssh_host_key

            fi

             

            That means that the /Depot stuff is going to get huge and to build a server I really am going to need to multiple locations.  And if I add more and more files, it's going to be increasingly challenging to maintain.  But perhaps that's a lot cleaner than trying to create this stuff in the Device system...

             

            If this is the right way, I'll go down that route I'm just sure what I think of how this works...

            • 3. Re: How to set a binary custom property, or assign a file as a property
              Joe Piotrowski

              Regardless, the SSH key file would have to exist somewhere outside that server, correct? So the question is, if I understand correctly, can a Property (Device, Server, or otherwise) contain an actual file rather than just a value? Because it's a binary, I don't think we can store the contents of the file within a Property value.

              • 4. Re: How to set a binary custom property, or assign a file as a property
                Joe Piotrowski

                Can you attach an example of an SSH Key file you're using? Any files I'm use to seeing are just text.

                • 5. Re: How to set a binary custom property, or assign a file as a property

                  I'm having a hard time finding a way to insert a file... off hand though, if you do:

                   

                  ssh-keygen -t rsa1 -f temp_ssh_host_key -f randomhost

                   

                  That should give you two files for example.  This is more a generic concept of how to associate configuration data to a Device object, and have that configuration data passed through to a Server object for later reference.

                   

                  A note, public ssh keys are easy - those are straight text.  Even the newer SSH keys for version 2 are hex-encoded so they are easier to parse. 

                   

                  So the way I'm planning on doing this is adding properties of type LongString on the device class.  I can just as easily store a depot file location and isolate those configuration files pretty deep.  Or heck at that point store them on an HTTP server that's secured someplace.  Then for provisioning, I'll add a script that sets that property on the Device object if not set, if it is set, override the file with it.  This will work for getting SSH keys since they're set at provisioning time.  Where logic will get more interesting is when you want to use say Mac addresses from the Device to dynamically add/remove firewall or proxy rules, or say be able to add ILO configuration for a hardware device to the Server so Depot scripts can automatically restart a server as needed after a software install.

                   

                  At this point, I'm looking at creating a temporary file as part of the provisioning which captures the Device in use, then as a post install task read that file, and assign a property on the Server for the Device information.

                  • 6. Re: How to set a binary custom property, or assign a file as a property
                    Bill Robinson

                    so i think you could just run a

                     

                    echo ??SSH_KEY?? > /etc/ssh/whatever

                     

                    and make the SSH_KEY in the device class - probably needs to be a long string type like you said.