On-Premises: Automatic Installation via SSH with sudo Password

Overview

This page describes how to create cluster via ssh with “sudo” password or with “su” command.

Introduction

By default, kublr creates a cluster over an ssh connection with a certificate and without the password from “sudo” command. But sometimes you need to create a cluster of kubernetes over an ssh connection using a username and password. This article provides knowledge on how to use Kublr to create on-premises kubernetes cluster in the following configuration:

ssh-connection using username and password
- “sudo” command with password
- “su” command using username and password
ssh-connection using certificate
- “sudo” command with password
- “su” command using username and password

Creating Cluster over SSH Connection Using Username and “sudo” Command with Password

Do the following:

On the left menu, click Credentials.
Create new credentials with the “Usrename/Password” type.
On the left menu, click Clusters.
Click ADD CLUSTER.
Enter a basic cluster information.
Click CUSTOMIZE SPECIFICATION.
For “master” and “nodes”, set:
- “sshUserPassSecretRef” - a secret reference that contains username and password credentials for instance group
- “username” - a username to connect via SSH, if you do not enter this field, Kublr will use the username from the “sshUserPassSecretRef” secret

Example:

spec:
  locations:
  - name: bare-metal1
    baremetal: {}
  master:
    locations:
    - baremetal:
        hosts:
        - address: 192.168.8.13
        username: ubuntu
        sshUserPassSecretRef: ssh-user-pass
      locationRef: bare-metal1
    minNodes: 1
    name: master
  nodes:
  - locations:
    - baremetal:
        hosts:
        - address: 192.168.8.14
        - address: 192.168.8.15
        - address: 192.168.8.17
        username: ubuntu
        sshUserPassSecretRef: ssh-user-pass
      locationRef: bare-metal1
    minNodes: 3
    name: default

For the “sudo” command, the same password as for the ssh connection will be used.

Creating Cluster over SSH Connection Using Username and “su” Сommand

Do the following:

On the left menu, click Credentials.
Create new credential for ssh connection with “Usrename/Password” type.
Create new credential for “su” command with “Usrename/Password” type.
On the left menu, click Clusters.
Click ADD CLUSTER.
Enter a basic cluster information.
Click CUSTOMIZE SPECIFICATION.
For “master” and “nodes”, set:
- “sshUserPassSecretRef” - a secret reference that contains username and password credentials for instance group
- “username” - a username to connect via SSH, if you do not enter this field, Kublr will use the username from the “sshUserPassSecretRef” secret

Example:

spec:
  locations:
  - name: bare-metal1
    baremetal: {}
  master:
    locations:
    - baremetal:
        hosts:
        - address: 192.168.8.13
        username: ubuntu
        sshUserPassSecretRef: ssh-user-pass
        suUserPassSecretRef: su-user-pass
      locationRef: bare-metal1
    minNodes: 1
    name: master
  nodes:
  - locations:
    - baremetal:
        hosts:
        - address: 192.168.8.14
        - address: 192.168.8.15
        - address: 192.168.8.17
        username: ubuntu
        sshUserPassSecretRef: ssh-user-pass
        suUserPassSecretRef: su-user-pass
      locationRef: bare-metal1
    minNodes: 3
    name: default

Creating Cluster over SSH Connection Using Certificate and “sudo” Command with Password

Do the following:

On the left menu, click Credentials.
Create new credentials with “Usrename/Password” type for “sudo” command.
On the left menu, click Clusters.
Click ADD CLUSTER.
Enter a basic cluster information.
Click CUSTOMIZE SPECIFICATION.
For “master” and “nodes”, set:
- “sshUserPassSecretRef” - is a secret reference that contains username and password credentials for instance group
- “sshKeySecretRef” - is a secret reference that contains private SSH key for instance group
- “username” - is username to connect via SSH

Example:

spec:
  locations:
  - name: bare-metal1
    baremetal: {}
  master:
    locations:
    - baremetal:
        hosts:
        - address: 192.168.8.13
        username: ubuntu
        sshKeySecretRef: ssh-private-key
        sshUserPassSecretRef: ssh-user-pass
      locationRef: bare-metal1
    minNodes: 1
    name: master
  nodes:
  - locations:
    - baremetal:
        hosts:
        - address: 192.168.8.14
        - address: 192.168.8.15
        - address: 192.168.8.17
        username: ubuntu
        sshKeySecretRef: ssh-private-key
        sshUserPassSecretRef: ssh-user-pass
      locationRef: bare-metal1
    minNodes: 3
    name: default

Creating Cluster over SSH Connection Using Certificate and “su” Command

Do the following:

On the left menu, click Credentials.
Create new credential for SSH connection with “SSH Private Key” type.
Create new credential for “su” command with “Usrename/Password” type.
On the left menu, click Clusters.
Click ADD CLUSTER.
Enter a basic cluster information.
Click CUSTOMIZE SPECIFICATION.
For “master” and “nodes”, set:
- “sshKeySecretRef” - is a secret reference that contains private SSH key for instance group
- “suUserPassSecretRef” - is a secret reference containing credentials for a username and password for installation without sudo via su
- “username” - is username to connect via SSH

Example:

spec:
  locations:
  - name: bare-metal1
    baremetal: {}
  master:
    locations:
    - baremetal:
        hosts:
        - address: 192.168.8.13
        username: ubuntu
        sshKeySecretRef: ssh-private-key
        suUserPassSecretRef: su-user-pass
      locationRef: bare-metal1
    minNodes: 1
    name: master
  nodes:
  - locations:
    - baremetal:
        hosts:
        - address: 192.168.8.14
        - address: 192.168.8.15
        - address: 192.168.8.17
        username: ubuntu
        sshKeySecretRef: ssh-private-key
        suUserPassSecretRef: su-user-pass
      locationRef: bare-metal1
    minNodes: 3
    name: default