Tanzu: Kubernetes集群节点SSH登录

SSH登录Tanzu Kubernetes集群节点进行日常运维排错

环境介绍：

NameSpace: tkc-cluster

准备工作
创建名为 NAMESPACE 的环境变量，其值为主管命名空间的名称。

 export NAMESPACE=tkc-cluster

将上下文切换到置备了主管命名空间集群的 Tanzu Kubernetes。

 kubectl config use-context $NAMESPACE

运行以下 kubectl 命令以查看 YOUR-CLUSTER-NAME-ssh 密钥对象。

 $ kubectl get secrets
NAME                                    TYPE                                  DATA   AGE
default-token-qc2f8                     kubernetes.io/service-account-token   3      10d
tkc-cluster-default-image-pull-secret   kubernetes.io/dockerconfigjson        1      9d
tkc-cluster-default-image-push-secret   kubernetes.io/dockerconfigjson        1      9d
tkc-guest-cluster-ca                    Opaque                                2      8d
tkc-guest-cluster-ccm-token-kjw8d       kubernetes.io/service-account-token   3      8d
tkc-guest-cluster-encryption            Opaque                                1      8d
tkc-guest-cluster-etcd                  Opaque                                2      8d
tkc-guest-cluster-kubeconfig            Opaque                                1      8d
tkc-guest-cluster-proxy                 Opaque                                2      8d
tkc-guest-cluster-pvcsi-token-mcd5g     kubernetes.io/service-account-token   3      8d
tkc-guest-cluster-sa                    Opaque                                2      8d
tkc-guest-cluster-ssh                   kubernetes.io/ssh-auth                1      8d
tkc-guest-cluster-ssh-password          Opaque                                1      8d

jumpbox.yaml

 apiVersion: v1
kind: Pod
metadata:
  name: jumpbox
  namespace: tkc-cluster                     #REPLACE YOUR-NAMESPACE
spec:
  containers:
  - image: "photon:3.0"
    name: jumpbox
    command: [ "/bin/bash", "-c", "--" ]
    args: [ "yum install -y openssh-server openssh-clients; mkdir /root/.ssh; cp /root/ssh/ssh-privatekey /root/.ssh/id_rsa; chmod 600 /root/.ssh/id_rsa; while true; do sleep 30; done;" ]
    volumeMounts:
      - mountPath: "/root/ssh"
        name: ssh-key
        readOnly: true
  volumes:
    - name: ssh-key
      secret:
        secretName: tkc-guest-cluster-ssh        #REPLACE YOUR-CLUSTER-NAME

获取节点IP

 $ kubectl get virtualmachine
NAME                                               AGE
tkc-guest-cluster-control-plane-6cfsf              8d
tkc-guest-cluster-control-plane-drlqp              8d
tkc-guest-cluster-control-plane-wmn2s              8d
tkc-guest-cluster-workers-8k9c8-5576b69b67-rcsvd   29h
tkc-guest-cluster-workers-8k9c8-5576b69b67-s7hch   8d
tkc-guest-cluster-workers-8k9c8-5576b69b67-sb6ss   29h
tkc-guest-cluster-workers-8k9c8-5576b69b67-tnxn2   8d
tkc-guest-cluster-workers-8k9c8-5576b69b67-vxgt9   8d
$ VMNAME=tkc-guest-cluster-control-plane-wmn2s
$ export VMIP=$(kubectl -n $NAMESPACE get virtualmachine/$VMNAME -o jsonpath='{.status.vmIp}')

执行SSH

 $ kubectl apply -f jumpbox.yaml 
$ kubectl exec -it jumpbox  /usr/bin/ssh vmware-system-user@$VMIP
... 恭喜SSH登录成功

posted @ 2021-07-09 00:21 一毛丶丶阅读(286) 评论(0) 编辑收藏举报

刷新页面返回顶部

登录后才能查看或发表评论，立即登录或者逛逛博客园首页

阅读排行：
· 无需6万激活码！GitHub神秘组织3小时极速复刻Manus，手把手教你使用OpenManus搭建本
· C#/.NET/.NET Core优秀项目和框架2025年2月简报
· 什么是nginx的强缓存和协商缓存
· 一文读懂知识蒸馏
· Manus爆火，是硬核还是营销？

公告

拂雪 - 不才

00:00 / 00:00

An audio error has occurred, player will skip forward in 2 seconds.

1 往后余生王贰浪
2 拂雪不才
3 大田后生仔王雨萌

昵称：一毛丶丶
园龄： 8年1个月
粉丝： 12
关注： 1

+加关注

2025年3月

日

一

二

三

四

五

六

随笔分类

随笔档案

文章分类

存储(1)

一毛丶丶

Tanzu: Kubernetes集群节点SSH登录

SSH登录Tanzu Kubernetes集群节点进行日常运维排错

环境介绍：

jumpbox.yaml

获取节点IP

公告

搜索

常用链接

我的标签

随笔分类

随笔档案

文章分类

阅读排行榜

评论排行榜

推荐排行榜

最新评论

	$ kubectl get secrets
	NAME TYPE DATA AGE
	default-token-qc2f8 kubernetes.io/service-account-token 3 10d
	tkc-cluster-default-image-pull-secret kubernetes.io/dockerconfigjson 1 9d
	tkc-cluster-default-image-push-secret kubernetes.io/dockerconfigjson 1 9d
	tkc-guest-cluster-ca Opaque 2 8d
	tkc-guest-cluster-ccm-token-kjw8d kubernetes.io/service-account-token 3 8d
	tkc-guest-cluster-encryption Opaque 1 8d
	tkc-guest-cluster-etcd Opaque 2 8d
	tkc-guest-cluster-kubeconfig Opaque 1 8d
	tkc-guest-cluster-proxy Opaque 2 8d
	tkc-guest-cluster-pvcsi-token-mcd5g kubernetes.io/service-account-token 3 8d
	tkc-guest-cluster-sa Opaque 2 8d
	tkc-guest-cluster-ssh kubernetes.io/ssh-auth 1 8d
	tkc-guest-cluster-ssh-password Opaque 1 8d

	apiVersion: v1
	kind: Pod
	metadata:
	name: jumpbox
	namespace: tkc-cluster #REPLACE YOUR-NAMESPACE
	spec:
	containers:
	- image: "photon:3.0"
	name: jumpbox
	command: [ "/bin/bash", "-c", "--" ]
	args: [ "yum install -y openssh-server openssh-clients; mkdir /root/.ssh; cp /root/ssh/ssh-privatekey /root/.ssh/id_rsa; chmod 600 /root/.ssh/id_rsa; while true; do sleep 30; done;" ]
	volumeMounts:
	- mountPath: "/root/ssh"
	name: ssh-key
	readOnly: true
	volumes:
	- name: ssh-key
	secret:
	secretName: tkc-guest-cluster-ssh #REPLACE YOUR-CLUSTER-NAME

	$ kubectl get virtualmachine
	NAME AGE
	tkc-guest-cluster-control-plane-6cfsf 8d
	tkc-guest-cluster-control-plane-drlqp 8d
	tkc-guest-cluster-control-plane-wmn2s 8d
	tkc-guest-cluster-workers-8k9c8-5576b69b67-rcsvd 29h
	tkc-guest-cluster-workers-8k9c8-5576b69b67-s7hch 8d
	tkc-guest-cluster-workers-8k9c8-5576b69b67-sb6ss 29h
	tkc-guest-cluster-workers-8k9c8-5576b69b67-tnxn2 8d
	tkc-guest-cluster-workers-8k9c8-5576b69b67-vxgt9 8d
	$ VMNAME=tkc-guest-cluster-control-plane-wmn2s
	$ export VMIP=$(kubectl -n $NAMESPACE get virtualmachine/$VMNAME -o jsonpath='{.status.vmIp}')

	$ kubectl apply -f jumpbox.yaml
	$ kubectl exec -it jumpbox /usr/bin/ssh vmware-system-user@$VMIP
	... 恭喜SSH登录成功