總算寫完鐵人賽的最後一篇, 有一種要升天的港覺, 寫完就可以從這個自虐的挑戰賽解脫囉!
今天這篇筆記輕鬆地介紹怎麼連線到 AKS 叢集進行維護. 說真的, 在這 30 天的過程, 還真有不少機會要進入 AKS 主機中 Troubleshooting 呢! 希望寫這篇以後可以有需要可以再來參考參考, 免得忘記了!
(部分資訊將會遮罩)
PS C:\k8s> az aks show --resource-group 15maksrg --name 15makscls --query nodeResourceGroup -o tsv
MC_15maksrg_15makscls_southeastasia
PS C:\k8s> az vm list --resource-group MC_15maksrg_15makscls_southeastasia -o table
Name ResourceGroup Location Zones
------------------------ ----------------------------------- ------------- -------
aks-nodepool1-25432928-0 MC_15maksrg_15makscls_southeastasia southeastasia
aks-nodepool1-25432928-1 MC_15maksrg_15makscls_southeastasia southeastasia
aks-nodepool1-25432928-2 MC_15maksrg_15makscls_southeastasia southeastasia
PS C:\k8s> az vm list-ip-addresses --resource-group MC_15maksrg_15makscls_southeastasia -o table
VirtualMachine PrivateIPAddresses
------------------------ --------------------
aks-nodepool1-25432928-0 10.240.0.4
aks-nodepool1-25432928-1 10.240.0.5
aks-nodepool1-25432928-2 10.240.0.6
PS C:\k8s> kubectl run -it --rm aks-ssh --image=ubuntu
If you don't see a command prompt, try pressing enter.
AZ_REPO=$(lsb_release -cs)
echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $AZ_REPO main" | tee /etc/apt/sources.list.d/azure-cli.list
(2) 取得 package key
curl -L https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
(3) 使用命令 apt-get update && apt-get install azure-cli -y 安裝 Azure cli
7. 使用命令 ssh-keygen -t rsa -b 2048 產生 SSH key pair
root@aks-ssh-6fbc77d848-9zllc:/# ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:3MeijgoIiwu5EqfjjBTdGFmZLrDC8HDEt/wCYjLy918 root@aks-ssh-6fbc77d848-9zllc
The key's randomart image is:
+---[RSA 2048]----+
| o. .o |
|o.o +o |
|o+o=.. |
|*++.*. . . . |
|*= +.o S o o |
|+++ o . . o |
|*=.. o . E |
|Oo . .o . |
|*+ ....o |
+----[SHA256]-----+
https://microsoft.com/devicelogin, 並輸入產生的 Keyroot@aks-ssh-6fbc77d848-9zllc:/# az login
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code HXEJ566KH to authenticate.
[
<略...>
{
"cloudName": "AzureCloud",
"id": "11e5233d-dbe1-4167-ac91-????????????",
"isDefault": true,
"name": "Visual Studio Ultimate with MSDN",
"state": "Enabled",
"tenantId": "293a593f-cc57-451b-b293-????????????",
"user": {
"name": "?????@?????.com",
"type": "user"
}
}
]
az vm user update --resource-group MC_15maksrg_15makscls_southeastasia --name aks-nodepool1-25432928-0 --username azureuser --ssh-key-value /home/sam/.ssh/id_rsa.pub
azureuser@10.240.0.4 連線至 Cluster noderoot@aks-ssh-6fbc77d848-9zllc:/# ssh -i /root/.ssh/id_rsa azureuser@10.240.0.4
The authenticity of host '10.240.0.4 (10.240.0.4)' can't be established.
ECDSA key fingerprint is SHA256:IuVBOUs+QEZOZYvtenklKFFF5bz9LYkQn07tsmopZPI.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.240.0.4' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.15.0-1023-azure x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
30 packages can be updated.
0 updates are security updates.
*** System restart required ***
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
azureuser@aks-nodepool1-25432928-0:~$
大功告成了, 總算完成了 30 天的鐵人賽, 開勳喝一杯!
iThome鐵人賽
看影片追技術