Terraform templates & SSH keys

Hi all,

Our research team is using Terraform to deploy more nodes and resources than are currently available in the standard Cloudformation template that is provided by Openflight HPC, has anyone here used Terraform to launch more resources? We’re looking to automate the installation of the Openflight environment as shown here: https://build.openflighthpc.org/en/latest/environment/workflow-ansible.html but we can’t get the instances that are launched to ssh between each other without a password without logging in to each instance and putting a key on each?

Can we get this to happen so that we can get a key on each instance or would we need to change the AMI being used to have a different key in?

Thanks for any help in advance,
Tony

Hi Tony,

I’m afraid I don’t have any experience using Terraform for deploying resources, however, you can use cloud-init to do things like putting SSH public keys into place.

From a search it looks like Terraform supports cloud-init, some information is available in their documentation and an example of a cloud-init template that I usually use can be found in the OpenFlight documentation.

As far as running the Ansible playbook, only one system (the one where the playbook is being run from) will need a private key to be able to access all the others granted that the other nodes in the system have the corresponding public key in ~/.ssh/authorized_keys for the root user.

Hope this helps.

Cheers,

Stu

Hi Stu,

Thanks very much for your help - we’ve now used cloud-init to be able to put our keys in place, create users for the clusters and we can now run the Ansible Playbook that is provided by Openflight HPC.

Many Thanks,
Tony