diff options
author | Thomas Wiest <twiest@gmail.com> | 2014-10-29 16:41:36 -0400 |
---|---|---|
committer | Thomas Wiest <twiest@gmail.com> | 2014-10-29 16:41:36 -0400 |
commit | 7c8e904fad4567f2b96dcf9b5efaf690ba99ab3e (patch) | |
tree | b6ce2a7743c90217949a315c4b9500b809240308 /README_GCE.md | |
parent | e1f362d24763a28c383468248517e4dbb5036de4 (diff) | |
parent | 4d828882e623c36d498a88b8f632c0de2db553a3 (diff) | |
download | openshift-7c8e904fad4567f2b96dcf9b5efaf690ba99ab3e.tar.gz openshift-7c8e904fad4567f2b96dcf9b5efaf690ba99ab3e.tar.bz2 openshift-7c8e904fad4567f2b96dcf9b5efaf690ba99ab3e.tar.xz openshift-7c8e904fad4567f2b96dcf9b5efaf690ba99ab3e.zip |
Merge pull request #19 from twiest/remove_project_info
removed gce.ini and instead added instructions for setting up secrets.py
Diffstat (limited to 'README_GCE.md')
-rw-r--r-- | README_GCE.md | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/README_GCE.md b/README_GCE.md index 343d3aedd..bac3f58b5 100644 --- a/README_GCE.md +++ b/README_GCE.md @@ -11,7 +11,8 @@ Note: If your GCE project does not show a Service Account under <Project>/APIs & Convert a GCE service key into a pem (for ansible) -------------------------------------------------- -1. The gce service key looks something like this: os302gce-ef83bd90f261.p12 +1. mkdir -p ~/.gce +1. The gce service key looks something like this: projectname-ef83bd90f261.p12 .. the ef83bd90f261 part is the public hash 1. Be in the same directory as the p12 key file. 1. The commands below should be copy / paste-able @@ -21,18 +22,32 @@ Convert a GCE service key into a pem (for ansible) export GCE_KEY_HASH=ef83bd90f261 # Convert the service key (note: 'notasecret' is literally what we want here) - openssl pkcs12 -in os302gce-${GCE_KEY_HASH}.p12 -passin pass:notasecret -nodes -nocerts | openssl rsa -out os302gce-${GCE_KEY_HASH}.pem + openssl pkcs12 -in projectname-${GCE_KEY_HASH}.p12 -passin pass:notasecret -nodes -nocerts | openssl rsa -out projectname-${GCE_KEY_HASH}.pem - # Move the converted service key to the .ssh dir - mv os302gce-${GCE_KEY_HASH}.pem ~/.ssh + # Move the converted service key to the .gce dir + mv projectname-${GCE_KEY_HASH}.pem ~/.gce # Set a sym link so it is easy to reference - ln -s ~/.ssh/os302gce-${GCE_KEY_HASH}.pem ~/.ssh/os302gce_priv_key.pem + ln -s ~/.gce/projectname-${GCE_KEY_HASH}.pem ~/.gce/projectname_priv_key.pem ``` -1. Once this is done, put the original service key file (os302gce-ef83bd90f261.p12) somewhere safe, or delete it (your call, I don not know what else we will use it for, and we can always regen it if needed). +1. Once this is done, put the original service key file (projectname-ef83bd90f261.p12) somewhere safe, or delete it (your call, I don not know what else we will use it for, and we can always regen it if needed). +Create a secrets.py file for GCE +-------------------------------- +1. vi ~/.gce/secrets.py +1. make the contents look like this: +``` + GCE_PARAMS = ('long...@developer.gserviceaccount.com', '/full/path/to/projectname_priv_key.pem') + GCE_KEYWORD_PARAMS = {'project': 'my_project_id'} +``` +1. Setup a sym link so that gce.py will pick it up (must be in same dir as gce.py) +``` + cd openshift-online-ansible/inventory/gce + ln -s ~/.gce/secrets.py secrets.py +``` + Install Dependencies -------------------- |