diff --git a/nixos/kubeadm/scripts/rebuild-and-bootstrap.sh b/nixos/kubeadm/scripts/rebuild-and-bootstrap.sh index 944ffc0..2caef79 100755 --- a/nixos/kubeadm/scripts/rebuild-and-bootstrap.sh +++ b/nixos/kubeadm/scripts/rebuild-and-bootstrap.sh @@ -15,7 +15,7 @@ fi source "$INVENTORY_FILE" SSH_USER="${SSH_USER:-micqdf}" -SSH_OPTS="${SSH_OPTS:- -o BatchMode=yes -o StrictHostKeyChecking=accept-new }" +SSH_OPTS="${SSH_OPTS:--o BatchMode=yes -o StrictHostKeyChecking=accept-new}" declare -A NODE_IPS=() declare -a CP_NAMES=() @@ -80,6 +80,18 @@ remote() { ssh $SSH_OPTS "$SSH_USER@$host_ip" "$cmd" } +prepare_known_hosts() { + mkdir -p "$HOME/.ssh" + chmod 700 "$HOME/.ssh" + touch "$HOME/.ssh/known_hosts" + chmod 600 "$HOME/.ssh/known_hosts" + + for node in "${!NODE_IPS[@]}"; do + ssh-keygen -R "${NODE_IPS[$node]}" >/dev/null 2>&1 || true + ssh-keyscan -H "${NODE_IPS[$node]}" >> "$HOME/.ssh/known_hosts" 2>/dev/null || true + done +} + cluster_has_node() { local node_name="$1" remote "$PRIMARY_CP_IP" "sudo kubectl --kubeconfig /etc/kubernetes/admin.conf get node $node_name >/dev/null 2>&1" @@ -101,6 +113,8 @@ rebuild_node() { } populate_nodes +prepare_known_hosts +export NIX_SSHOPTS="$SSH_OPTS" PRIMARY_CONTROL_PLANE="${PRIMARY_CONTROL_PLANE:-cp-1}" if [ -z "${NODE_IPS[$PRIMARY_CONTROL_PLANE]:-}" ]; then diff --git a/nixos/kubeadm/scripts/reset-cluster-nodes.sh b/nixos/kubeadm/scripts/reset-cluster-nodes.sh index 44d5b61..e3b030b 100755 --- a/nixos/kubeadm/scripts/reset-cluster-nodes.sh +++ b/nixos/kubeadm/scripts/reset-cluster-nodes.sh @@ -14,7 +14,7 @@ fi source "$INVENTORY_FILE" SSH_USER="${SSH_USER:-micqdf}" -SSH_OPTS="${SSH_OPTS:- -o BatchMode=yes -o StrictHostKeyChecking=accept-new }" +SSH_OPTS="${SSH_OPTS:--o BatchMode=yes -o StrictHostKeyChecking=accept-new}" declare -A NODE_IPS=() @@ -58,6 +58,15 @@ if [ "${#NODE_IPS[@]}" -eq 0 ]; then exit 1 fi +mkdir -p "$HOME/.ssh" +chmod 700 "$HOME/.ssh" +touch "$HOME/.ssh/known_hosts" +chmod 600 "$HOME/.ssh/known_hosts" +for node_name in "${!NODE_IPS[@]}"; do + ssh-keygen -R "${NODE_IPS[$node_name]}" >/dev/null 2>&1 || true + ssh-keyscan -H "${NODE_IPS[$node_name]}" >> "$HOME/.ssh/known_hosts" 2>/dev/null || true +done + reset_node() { local node_name="$1" local node_ip="$2"