Feature request: systemd target to synchronize instances of afterburn-sshkeys@.service

[rfairley]

Feature Request

Environment

What hardware/cloud provider/hypervisor is being used to run Afterburn?

libvirt running Fedora CoreOS when this was brought up - applies to all platforms though.

Desired Feature

Add a target afterburn-sshkeys.target, and have the afterburn-sshkeys@.service template specify RequiredBy=afterburn-sshkeys.target in the [Install] section. This would allow other units to synchronize around any instance of afterburn-sshkeys@, not only for a given user (e.g. afterburn-sshkeys@core.service, see coreos/fedora-coreos-config#344 (comment)).

First need to test/investigate manually if this approach works - filing as an initial suggestion, and potentially can investigate other ideas for the synchronization here if this does not work.

[bh7cw]

Manually created afterburn-sshkeys.target, and added RequiredBy=afterburn-sshkeys.target in afterburn-sshkeys@.service template on FCOS 32 created on AWS.
Each time run systemctl start afterburn-sshkeys.target, all the template instances will be updated:

systemctl status 'afterburn-sshkeys@*.service' --all
● afterburn-sshkeys@test.service - Afterburn (SSH Keys)
     Loaded: loaded (/etc/systemd/system/afterburn-sshkeys@.service; enabled; vendor preset: enabled)
     Active: inactive (dead) since Mon 2020-08-17 14:11:57 UTC; 5min ago
    Process: 3951 ExecStart=/usr/bin/afterburn ${AFTERBURN_OPT_PROVIDER} --ssh-keys=test (code=exited, status=0/SUCCESS)
   Main PID: 3951 (code=exited, status=0/SUCCESS)

Aug 17 14:11:56 ip-172-31-8-83 systemd[1]: Starting Afterburn (SSH Keys)...
Aug 17 14:11:56 ip-172-31-8-83 afterburn[3951]: Aug 17 14:11:56.992 INFO Putting http://169.254.169.254/latest/api/token: Attempt #1
Aug 17 14:11:57 ip-172-31-8-83 afterburn[3951]: Aug 17 14:11:57.047 INFO Fetching http://169.254.169.254/2019-10-01/meta-data/public-keys: Attempt #1
Aug 17 14:11:57 ip-172-31-8-83 afterburn[3951]: Aug 17 14:11:57.074 INFO Fetch successful
Aug 17 14:11:57 ip-172-31-8-83 afterburn[3951]: Aug 17 14:11:57.074 INFO Fetching http://169.254.169.254/2019-10-01/meta-data/public-keys/0/openssh-key: Attempt >
Aug 17 14:11:57 ip-172-31-8-83 afterburn[3951]: Aug 17 14:11:57.076 INFO Fetch successful
Aug 17 14:11:57 ip-172-31-8-83 afterburn[3951]: wrote ssh authorized keys file for user: test
Aug 17 14:11:57 ip-172-31-8-83 systemd[1]: afterburn-sshkeys@test.service: Succeeded.
Aug 17 14:11:57 ip-172-31-8-83 systemd[1]: Finished Afterburn (SSH Keys).

● afterburn-sshkeys@core.service - Afterburn (SSH Keys)
     Loaded: loaded (/etc/systemd/system/afterburn-sshkeys@.service; enabled; vendor preset: enabled)
     Active: inactive (dead) since Mon 2020-08-17 14:11:57 UTC; 5min ago
    Process: 3950 ExecStart=/usr/bin/afterburn ${AFTERBURN_OPT_PROVIDER} --ssh-keys=core (code=exited, status=0/SUCCESS)
   Main PID: 3950 (code=exited, status=0/SUCCESS)

Aug 17 14:11:56 ip-172-31-8-83 systemd[1]: Starting Afterburn (SSH Keys)...
Aug 17 14:11:56 ip-172-31-8-83 afterburn[3950]: Aug 17 14:11:56.993 INFO Putting http://169.254.169.254/latest/api/token: Attempt #1
Aug 17 14:11:57 ip-172-31-8-83 afterburn[3950]: Aug 17 14:11:57.047 INFO Fetching http://169.254.169.254/2019-10-01/meta-data/public-keys: Attempt #1
Aug 17 14:11:57 ip-172-31-8-83 afterburn[3950]: Aug 17 14:11:57.074 INFO Fetch successful
Aug 17 14:11:57 ip-172-31-8-83 afterburn[3950]: Aug 17 14:11:57.074 INFO Fetching http://169.254.169.254/2019-10-01/meta-data/public-keys/0/openssh-key: Attempt >
Aug 17 14:11:57 ip-172-31-8-83 afterburn[3950]: Aug 17 14:11:57.076 INFO Fetch successful
Aug 17 14:11:57 ip-172-31-8-83 afterburn[3950]: wrote ssh authorized keys file for user: core
Aug 17 14:11:57 ip-172-31-8-83 systemd[1]: afterburn-sshkeys@core.service: Succeeded.
Aug 17 14:11:57 ip-172-31-8-83 systemd[1]: Finished Afterburn (SSH Keys).