|
| 1 | +// Module included in the following assemblies: |
| 2 | +// |
| 3 | +// * virt/virtual_machines/virt-accessing-vm-consoles.adoc |
| 4 | + |
| 5 | +[id="virt-accessing-vm-yaml-ssh_{context}"] |
| 6 | += Accessing a virtual machine via SSH with YAML configurations |
| 7 | + |
| 8 | +You can enable an SSH connection to a virtual machine (VM) without the need to run the `virtctl expose` command. When the YAML file for the VM and the YAML file for the service are configured and applied, the service forwards the SSH traffic to the VM. |
| 9 | + |
| 10 | +The following examples show the configurations for the VM's YAML file and the service YAML file. |
| 11 | + |
| 12 | +.Prerequisites |
| 13 | +* Install the OpenShift CLI (`oc`). |
| 14 | +* Create a namespace for the VM's YAML file by using the `oc create namespace` command and specifying a name for the namespace. |
| 15 | + |
| 16 | +.Procedure |
| 17 | +. In the YAML file for the VM, add the label and a value for exposing the service for SSH connections. Enable the `masquerade` feature for the interface: |
| 18 | ++ |
| 19 | +.Example `VirtualMachine` definition |
| 20 | +[source,yaml] |
| 21 | +---- |
| 22 | +... |
| 23 | +apiVersion: kubevirt.io/v1 |
| 24 | +kind: VirtualMachine |
| 25 | +metadata: |
| 26 | + namespace: ssh-ns <1> |
| 27 | + name: vm-ssh |
| 28 | +spec: |
| 29 | + running: false |
| 30 | + template: |
| 31 | + metadata: |
| 32 | + labels: |
| 33 | + kubevirt.io/vm: vm-ssh |
| 34 | + special: vm-ssh <2> |
| 35 | + spec: |
| 36 | + domain: |
| 37 | + devices: |
| 38 | + disks: |
| 39 | + - disk: |
| 40 | + bus: virtio |
| 41 | + name: containerdisk |
| 42 | + - disk: |
| 43 | + bus: virtio |
| 44 | + name: cloudinitdisk |
| 45 | + interfaces: |
| 46 | + - masquerade: {} <3> |
| 47 | + name: testmasquerade <4> |
| 48 | + rng: {} |
| 49 | + machine: |
| 50 | + type: "" |
| 51 | + resources: |
| 52 | + requests: |
| 53 | + memory: 1024M |
| 54 | + networks: |
| 55 | + - name: testmasquerade |
| 56 | + pod: {} |
| 57 | + volumes: |
| 58 | + - name: containerdisk |
| 59 | + containerDisk: |
| 60 | + image: kubevirt/fedora-cloud-container-disk-demo |
| 61 | + - name: cloudinitdisk |
| 62 | + cloudInitNoCloud: |
| 63 | + userData: | |
| 64 | + #!/bin/bash |
| 65 | + echo "fedora" | passwd fedora --stdin |
| 66 | +... |
| 67 | +---- |
| 68 | +<1> Name of the namespace created by the `oc create namespace` command. |
| 69 | +<2> Label used by the service to identify the virtual machine instances that are enabled for SSH traffic connections. The label can be any `key:value` pair that is added as a `label` to this YAML file and as a `selector` in the service YAML file. |
| 70 | +<3> The interface type is `masquerade`. |
| 71 | +<4> The name of this interface is `testmasquerade`. |
| 72 | + |
| 73 | +. Create the VM: |
| 74 | ++ |
| 75 | +[source,terminal,subs="+quotes"] |
| 76 | +---- |
| 77 | +$ oc create -f __<path_for_the_VM_YAML_file>__ |
| 78 | +---- |
| 79 | ++ |
| 80 | +. Start the VM: |
| 81 | ++ |
| 82 | +[source,terminal] |
| 83 | +---- |
| 84 | +$ virtctl start vm-ssh |
| 85 | +---- |
| 86 | ++ |
| 87 | +. In the YAML file for the service, specify the service name, port number, and the target port. |
| 88 | ++ |
| 89 | +.Example `Service` definition |
| 90 | +[source,yaml] |
| 91 | +---- |
| 92 | +... |
| 93 | +apiVersion: v1 |
| 94 | +kind: Service |
| 95 | +metadata: |
| 96 | + name: svc-ssh <1> |
| 97 | + namespace: ssh-ns <2> |
| 98 | +spec: |
| 99 | + ports: |
| 100 | + - targetPort: 22 <3> |
| 101 | + protocol: TCP |
| 102 | + port: 27017 |
| 103 | + selector: |
| 104 | + special: vm-ssh <4> |
| 105 | + type: NodePort |
| 106 | +... |
| 107 | +---- |
| 108 | +<1> Name of the SSH service. |
| 109 | +<2> Name of the namespace created by the `oc create namespace` command. |
| 110 | +<3> The target port number for the SSH connection. |
| 111 | +<4> The selector name and value must match the label specified in the YAML file for the VM. |
| 112 | + |
| 113 | +. Create the service: |
| 114 | ++ |
| 115 | +[source,terminal,subs="+quotes"] |
| 116 | +---- |
| 117 | +$ oc create -f __<path_for_the_service_YAML_file>__ |
| 118 | +---- |
| 119 | + |
| 120 | +. Verify that the VM is running: |
| 121 | ++ |
| 122 | +[source,terminal] |
| 123 | +---- |
| 124 | +$ oc get vmi |
| 125 | +---- |
| 126 | ++ |
| 127 | +.Example output |
| 128 | +[source,terminal] |
| 129 | +---- |
| 130 | +NAME AGE PHASE IP NODENAME |
| 131 | +vm-ssh 6s Running 10.244.196.152 node01 |
| 132 | +---- |
| 133 | + |
| 134 | +. Check the service to find out which port the service acquired: |
| 135 | ++ |
| 136 | +[source,terminal] |
| 137 | +---- |
| 138 | +$ oc get svc |
| 139 | +---- |
| 140 | ++ |
| 141 | +.Example output |
| 142 | +[source,terminal] |
| 143 | +---- |
| 144 | +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE |
| 145 | +svc-ssh NodePort 10.106.236.208 <none> 27017:30093/TCP 22s |
| 146 | +---- |
| 147 | ++ |
| 148 | +In this example, the service acquired the port number 30093. |
| 149 | + |
| 150 | +. Run the following command to obtain the IP address for the node: |
| 151 | ++ |
| 152 | +[source,terminal,subs="+quotes"] |
| 153 | +---- |
| 154 | +$ oc get node __<node_name>__ -o wide |
| 155 | +---- |
| 156 | ++ |
| 157 | +.Example output |
| 158 | +[source,terminal] |
| 159 | +---- |
| 160 | +NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP |
| 161 | +node01 Ready worker 6d22h v1.20.0+5f82cdb 192.168.55.101 <none> |
| 162 | +---- |
| 163 | + |
| 164 | +. Log in to the VM via SSH by specifying the IP address of the node where the VM is running and the port number. Use the port number displayed by the `oc get svc` command and the IP address of the node displayed by the `oc get node` command. The following example shows the `ssh` command with the username, node's IP address, and the port number: |
| 165 | ++ |
| 166 | +[source,terminal] |
| 167 | +---- |
| 168 | + |
| 169 | +---- |
0 commit comments