Fleet Manager for SSH Keys Gen

TheMLEngineer
Level 2
Fleet Manager for SSH Keys Gen

I'm want to generate SSH public keys to integrate Bitbucket with dataiku. I would prefer to generate the key using fleet manager. This will allow users to be able to still access bitbucket whenever fleet manager is re-ran. Is there a way to do that?

0 Kudos
6 Replies
Turribeach

Have you seen this documentation page?

https://doc.dataiku.com/dss/latest/collaboration/git.html#setup

 

0 Kudos
TheMLEngineer
Level 2
Author

Hello @Turribeach,

Thank you for quick response.

Yes, we used this documentation in past to generate the keys. The admin want to know if there is a way to generate with fleet manager. The assumption is if the key is generated out of fleet manager, it will have to be regenerated anytime the instance is regenerated with fleet manager.

0 Kudos

I have not used Fleet Manager but I do know how it works. Whether it keeps SSH keys after a rebuild or not I do not know but it will trivial for you to test, just regenerate a new instance and check. I expect that it  does NOT keep them becauses it doesn't know about them. However I think the way your admin wants to go about it is not the best way. When you generate a pair of SSH keys to access a remote Git repo you  need to store the private key in DSS and set the public key in the remote repo to be able to access it using the private key from DSS. Generating the SSH keys from Fleet Manager will require Fleet Manager to have full admin access to the git instance to be able place the public keys as they are generated.  It will also require that every DSS instance to use different SSH keys and that every Fleet Manager rebuild will change SSH keys. That's probably not how you want this to work. Instead generate the SSH keys manually as per the Dataiku documentation, put the the private key in DSS and set the public key in the remote repo as required. Finally add a custom step in Fleet Manager to redeploy the private keys to all DSS instances as they get rebuild so that you don't loose access to your git repos. 

AlexT
Dataiker

If you are Fleet Manager version is > 11.2, you can add setup action instead to add a generated ssh key.

This still requires generating an SSH key either outside of DSS or via SSH on a DSS instance . Once generated add it to the instance template and reprovision/re-run setup actions. note  the known hosts section where you should add e.g github.com etc Screenshot 2024-02-12 at 10.07.06 PM.png
 

 

Thanks Alex, that's exactly how this capability needed to be supported in Fleet Manager. 

0 Kudos
TheMLEngineer
Level 2
Author

Thanks @AlexT and @Turribeach. This is helpful information.

0 Kudos