added ssh config setup

2019-05-30 12:59:09 -07:00 · 2019-05-30 12:59:09 -07:00 · 56adbb106d
parent 4dcac5c197
commit 56adbb106d
7 changed files with 29 additions and 25 deletions
--- a/docs/03-compute-resources.md
+++ b/docs/03-compute-resources.md
@ -53,7 +53,7 @@ az network nsg rule create \
  --protocol Tcp \
  --direction Inbound \
  --priority 100 \
-  --source-address-prefix Any \
+  --source-address-prefix "*" \
  --source-port-range "*" \
  --destination-port-ranges 22 6443
 ```
@ -303,11 +303,25 @@ worker-2      kubernetes-the-hard-way  westus2

 SSH will be used to configure the controller and worker instances. When building the compute instances, if you don't currently have an SSH keypair, one will be generated for you and stored in  your ~/.ssh directory

-Test SSH access to the `controller-0` compute instances using the VMs public IP address (this can be found by list your VMs with the CLI, or by looking at the VM in the Azure portal):
+Let's build an SSH config file to easily be able to SSH to all our controller and worker nodes throughout the lab:

 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+for instance in controller-0 controller-1 controller-2 worker-0 worker-1 worker-2; do
+  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
+  cat <<EOF | tee -a ~/.ssh/config
+  Host ${instance}
+  User azureuser
+  HostName ${EXTERNAL_IP}
+  IdentityFile ~/.ssh/id_rsa
+  ServerAliveInterval 120
+  EOF
+done
+```
+
+Test SSH access to the `controller-0` compute instances:
+
+```
+ssh controller-0
 ```

 ```
--- a/docs/04-certificate-authority.md
+++ b/docs/04-certificate-authority.md
@ -364,8 +364,7 @@ Copy the appropriate certificates and private keys to each worker instance:

 ```
 for instance in worker-0 worker-1 worker-2; do
-  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
-  scp ca.pem ${instance}-key.pem ${instance}.pem azureuser@${EXTERNAL_IP}:~/
+  scp ca.pem ${instance}-key.pem ${instance}.pem ${instance}:~/
 done
 ```

@ -373,8 +372,7 @@ Copy the appropriate certificates and private keys to each controller instance:

 ```
 for instance in controller-0 controller-1 controller-2; do
-  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
-  scp ca.pem ca-key.pem kubernetes-key.pem kubernetes.pem service-account-key.pem service-account.pem azureuser@${EXTERNAL_IP}:~/
+  scp ca.pem ca-key.pem kubernetes-key.pem kubernetes.pem service-account-key.pem service-account.pem ${instance}:~/
 done
 ```

--- a/docs/05-kubernetes-configuration-files.md
+++ b/docs/05-kubernetes-configuration-files.md
@ -187,8 +187,7 @@ Copy the appropriate `kubelet` and `kube-proxy` kubeconfig files to each worker

 ```
 for instance in worker-0 worker-1 worker-2; do
-  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
-  scp ${instance}.kubeconfig kube-proxy.kubeconfig azureuser@${EXTERNAL_IP}:~/
+  scp ${instance}.kubeconfig kube-proxy.kubeconfig ${instance}:~/
 done
 ```

@ -196,8 +195,7 @@ Copy the appropriate `kube-controller-manager` and `kube-scheduler` kubeconfig f

 ```
 for instance in controller-0 controller-1 controller-2; do
-  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
-  scp admin.kubeconfig kube-controller-manager.kubeconfig kube-scheduler.kubeconfig azureuser@${EXTERNAL_IP}:~/
+  scp admin.kubeconfig kube-controller-manager.kubeconfig kube-scheduler.kubeconfig ${instance}:~/
 done
 ```

--- a/docs/06-data-encryption-keys.md
+++ b/docs/06-data-encryption-keys.md
@ -36,8 +36,7 @@ Copy the `encryption-config.yaml` encryption config file to each controller inst

 ```
 for instance in controller-0 controller-1 controller-2; do
-  EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
-  scp encryption-config.yaml azureuser@${EXTERNAL_IP}:~/
+  scp encryption-config.yaml ${instance}:~/
 done
 ```

--- a/docs/07-bootstrapping-etcd.md
+++ b/docs/07-bootstrapping-etcd.md
@ -7,8 +7,7 @@ Kubernetes components are stateless and store cluster state in [etcd](https://gi
 The commands in this lab must be run on each controller instance: `controller-0`, `controller-1`, and `controller-2`. Login to each controller instance using `ssh`. Example:

 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+ssh controller-0
 ```

 ### Running commands in parallel with tmux
--- a/docs/08-bootstrapping-kubernetes-controllers.md
+++ b/docs/08-bootstrapping-kubernetes-controllers.md
@ -7,8 +7,7 @@ In this lab you will bootstrap the Kubernetes control plane across three compute
 The commands in this lab must be run on each controller instance: `controller-0`, `controller-1`, and `controller-2`. Login to each controller instance using `ssh`. Example:

 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+ssh controller-0
 ```

 ### Running commands in parallel with tmux
@ -284,8 +283,7 @@ In this section you will configure RBAC permissions to allow the Kubernetes API
 > This tutorial sets the Kubelet `--authorization-mode` flag to `Webhook`. Webhook mode uses the [SubjectAccessReview](https://kubernetes.io/docs/admin/authorization/#checking-api-access) API to determine authorization.

 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+ssh controller-0
 ```

 Create the `system:kube-apiserver-to-kubelet` [ClusterRole](https://kubernetes.io/docs/admin/authorization/rbac/#role-and-clusterrole) with permissions to access the Kubelet API and perform most common tasks associated with managing pods:
--- a/docs/09-bootstrapping-kubernetes-workers.md
+++ b/docs/09-bootstrapping-kubernetes-workers.md
@ -4,11 +4,10 @@ In this lab you will bootstrap three Kubernetes worker nodes. The following comp

 ## Prerequisites

-The commands in this lab must be run on each worker instance: `worker-0`, `worker-1`, and `worker-2`. Login to each worker instance using the `gcloud` command. Example:
+The commands in this lab must be run on each worker instance: `worker-0`, `worker-1`, and `worker-2`. Login to each worker instance using `ssh`. Example:

 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n worker-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+ssh worker-0
 ```

 ### Running commands in parallel with tmux
@ -288,8 +287,7 @@ EOF
 List the registered Kubernetes nodes:

 ```
-EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
-ssh azureuser@${EXTERNAL_IP}
+ssh controller-0
 ```
 ```
 kubectl get nodes --kubeconfig admin.kubeconfig