You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/aks/node-access.md
+33-1Lines changed: 33 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -14,7 +14,7 @@ ms.custom: contperf-fy21q4
14
14
15
15
Throughout the lifecycle of your Azure Kubernetes Service (AKS) cluster, you might need to access an AKS node. This access could be for maintenance, log collection, or troubleshooting operations. You can securely authenticate against AKS Linux and Windows nodes using SSH, and you can also [connect to Windows Server nodes using remote desktop protocol (RDP)][aks-windows-rdp]. For security reasons, the AKS nodes aren't exposed to the internet. To connect to the AKS nodes, you use `kubectl debug` or the private IP address.
16
16
17
-
This article shows you how to create a connection to an AKS node.
17
+
This article shows you how to create a connection to an AKS node and update the SSH key on an existing AKS cluster.
18
18
19
19
## Before you begin
20
20
@@ -163,6 +163,38 @@ When done, `exit` the SSH session, stop any port forwarding, and then `exit` the
163
163
kubectl delete pod node-debugger-aks-nodepool1-12345678-vmss000000-bkmmx
164
164
```
165
165
166
+
## Update SSH key on an existing AKS cluster (preview)
167
+
168
+
### Prerequisites
169
+
* Before you start, ensure the Azure CLI is installed and configured. If you need to install or upgrade, see [Install Azure CLI][install-azure-cli].
170
+
* The aks-preview extension version 0.5.111 or later. To learn how to install an Azure extension, see [How to install extensions][how-to-install-azure-extensions].
171
+
172
+
> [!NOTE]
173
+
> Updating of the SSH key is supported on Azure virtual machine scale sets with AKS clusters.
174
+
175
+
Use the [az aks update][az-aks-update] command to update the SSH key on the cluster. This operation will update the key on all node pools. You can either specify the key or a key file using the `--ssh-key-value` argument.
176
+
177
+
```azurecli
178
+
az aks update --name myAKSCluster --resource-group MyResourceGroup --ssh-key-value <new SSH key value or SSH key file>
179
+
```
180
+
181
+
Examples:
182
+
In the following example, you can specify the new SSH key value for the `--ssh-key-value` argument.
183
+
184
+
```azurecli
185
+
az aks update --name myAKSCluster --resource-group MyResourceGroup --ssh-key-value 'ssh-rsa AAAAB3Nza-xxx'
186
+
```
187
+
188
+
In the following example, you specify a SSH key file.
189
+
190
+
```azurecli
191
+
az aks update --name myAKSCluster --resource-group MyResourceGroup --ssh-key-value .ssh/id_rsa.pub
192
+
```
193
+
194
+
> [!IMPORTANT]
195
+
> During this operation, all virtual machine scale set instances are upgraded and re-imaged to use the new SSH key.
196
+
197
+
166
198
## Next steps
167
199
168
200
If you need more troubleshooting data, you can [view the kubelet logs][view-kubelet-logs] or [view the Kubernetes master node logs][view-master-logs].
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments