Details
-
Type:
extRequest
-
Status: Closed
-
Priority:
Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
HD-Chapter:Cloud
-
HD-Enabler:Cloud Portal
-
HD-Node:Britanny
Description
The region staff team are responsible of the virtual machines instantiated on their servers. Therefore each region staff should have the control of who access the virtual machines for support purposes and set and enforce the corresponding policy. It is not possible if the public keys are shared among all the regions. Additionally, it is also extremely insecure and a problem when a region leaves the federation.
A new service, called aiakos and deployed aiakos.lab.fiware.org, has been deployed in FIWARE Lab to manage support region ssh and gpg keys, in the endpoint http://aiakos.lab.fiware.org:3000
As region administrator, you should create your ssh, and gpg keys and upload it into the aikos service (you can obtain information about how create your keys in https://github.com/telefonicaid/fiware-aiakos/blob/develop/doc/README.rst#generating-a-ssh-key).
To upload your keys into the aiakos service, you should use just a POST operation. You can have documentation about this operation in https://jsapi.apiary.io/apis/fiwareaiakos/reference/aiakos-v1/add-key/post-key.html
You can find information about why ssh and gpg keys are needed in https://github.com/telefonicaid/fiware-aiakos/blob/develop/doc/README.rst#why-a-ssh-key-and-a-gpg-key-are-needed
Issue Links
Activity
New feature for new Cloud Portal release: CLD-1656
We successfully uploaded ssh and gpg keys in aiakos service.
When I launch an instance I don't see these keys in 5.Summary, the fields are empty (and they are not uploaded in any instance).
FIWARE Support
fiware-support:
sshkey:
gpgkey: |
Can you put these keys in Cloud Portal as you did for Lannion3 Node?
BR,
Cristian