user creation on GCP

[timoei]

Hi,

after setting up the cluster on Google Cloud Platform we wanted to run some of the examples provided in the repository.
To do so we have to create some user account. The user is defined by a config file. I added some questions in brackets to create such a config file:

gateway_users:[username?]
nautaoperator: [role? Which exist?]
groups:
- docker [Which exist and are necessary for a user?]
# yamllint disable-line rule:line-length
authorized_key: "ssh-rsa dummykey myaccount@mycompany.com"

I would appreciate if you can give me some hints.

Thanks & BR
Timo

[timoei]

I just gave it a try today with the following config:

test1:
  nautaoperator:
    groups:
      - docker
    # yamllint disable-line rule:line-length
    authorized_key: "ssh-rsa key email@adress.com"

Executed on the installation node with the following command:

./gcp-users.sh --k8s-cluster nauta --gateway-users user.yaml

Ended up in this error message:

Successfully installed MarkupSafe-1.1.1 PyJWT-1.7.1 PyYAML-5.1 adal-1.2.1 ansible-2.7.9 asn1crypto-0.24.0 awscli-1.14.24 bcrypt-3.1.6 boto-2.48.0 boto3-1.5.29 botocore-1.8.28 cachetools-3.1.0 certifi-2019.3.9 cffi-1.12.2 chardet-3.0.4 colorama-0.3.7 cryptography-2.6.1 dictdiffer-0.8.0 docker-py-1.10.6 docker-pycreds-0.4.0 docutils-0.14 google-auth-1.6.3 idna-2.8 jinja2-2.10.1 jmespath-0.9.4 kubernetes-8.0.1 netaddr-0.7.19 oauthlib-3.0.1 openshift-0.8.7 paramiko-2.4.2 pathspec-0.5.9 pyOpenSSL-17.5.0 pyasn1-0.4.5 pyasn1-modules-0.2.4 pycparser-2.19 pynacl-1.3.0 python-dateutil-2.8.0 python-string-utils-0.6.0 requests-2.21.0 requests-oauthlib-1.2.0 rsa-3.4.2 ruamel.yaml-0.15.91 s3transfer-0.1.13 six-1.12.0 urllib3-1.24.1 websocket-client-0.56.0 yamllint-1.8.0
ERROR! 'warn' is not a valid attribute for a Task

The error appears to have been in '/home/nauta/users/nauta/toolbox/support/gateway-users/roles/nctl-client/tasks/main.yml': line 38, column 3, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:


- name: "Unpack and install nctl package"
  ^ here

This error can be suppressed as a warning using the "invalid_task_attribute_failed" configuration
toolbox/support/gateway-users/gateway-users.mk:3: recipe for target 'create-gateway-users' failed

Any suggestions how to get it work?

BR
Timo

[waldekpi]

1. 'warn' error occured due to ansible upgrade was fixed
2. users' config file:

  nautaoperator:
    groups:
      - docker
    # yamllint disable-line rule:line-length
    authorized_key: "ssh-rsa dummykey myaccount@mycompany.com"
    state: "present"

You cannot change gateway_users key. It is map identifier expected by script. In this case nautaoperator is an user name. You can add to groups key any group existing on in system. Due to nauta platform requirements docker is required.

authorized_key is just a content of ~/.ssh/id_rsa.pub file provided by users. They will be able to login without password using user name.

Hope it helps.

[waldekpi]

Hi Timo,
have you a chance to check installation using my hints?

[timoei]

Hi,

unfortunately, I haven't got the time to test it.
BR
Timo

[pmilewsk]

Hello Timo,

Did you had a chance to test @waldekpi solution?

Best Regards,
Piotr Milewski

[timoei]

Hi Piotr,

Currently, I am not working on the project anymore. So I can not test it.

BR,
Timo