Skip to content

Commit

Permalink
Rework VirtualMachine, introduce cloudinit and sshKeys configuration,…
Browse files Browse the repository at this point in the history
… fix externalPorts (#303)

Add `externalPorts`, `sshKeys` and `cloudInit` options with examples.
Remove `service`, `sshPwauth`, `disableRoot`, `password`, `chpasswdExpire` options

---------

Signed-off-by: Andrei Kvapil <[email protected]>
Co-authored-by: Andrei Kvapil <[email protected]>
  • Loading branch information
artemrootman and kvaps authored Aug 30, 2024
1 parent b908400 commit 4282843
Show file tree
Hide file tree
Showing 7 changed files with 146 additions and 103 deletions.
2 changes: 1 addition & 1 deletion packages/apps/virtual-machine/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.3.0
version: 0.4.0

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
89 changes: 55 additions & 34 deletions packages/apps/virtual-machine/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,51 +9,72 @@ The virtual machine is managed and hosted through KubeVirt, allowing you to harn
- Docs: [KubeVirt User Guide](https://kubevirt.io/user-guide/)
- GitHub: [KubeVirt Repository](https://github.com/kubevirt/kubevirt)

## Accessing virtual machine

You can access the virtual machine using the virtctl tool:
- [KubeVirt User Guide - Virtctl Client Tool](https://kubevirt.io/user-guide/user_workloads/virtctl_client_tool/)

To access the serial console:

```
virtctl console <vm>
```

To access the VM using VNC:

```
virtctl vnc <vm>
```

To SSH into the VM:

```
virtctl ssh <user>@<vm>
```

## Parameters

### Common parameters

| Name | Description | Value |
| ------------------ | ------------------------------------------------------------------------------------------------- | ----------------------------------- |
| `external` | Enable external access from outside the cluster | `false` |
| `running` | Determines if the virtual machine should be running | `true` |
| `image` | The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine` and `fedora` | `ubuntu` |
| `storageClass` | StorageClass used to store the data | `replicated` |
| `resources.cpu` | The number of CPU cores allocated to the virtual machine | `1` |
| `resources.memory` | The amount of memory allocated to the virtual machine | `1024M` |
| `resources.disk` | The size of the disk allocated for the virtual machine | `5Gi` |
| `sshPwauth` | Enable password authentication for SSH. If set to `true`, users can log in using a password | `true` |
| `disableRoot` | Disable root login via SSH. If set to `true`, root login will be disabled | `true` |
| `password` | The default password for the virtual machine | `hackme` |
| `chpasswdExpire` | Set whether the password should expire | `false` |
| `sshKeys` | List of SSH public keys for authentication. Can be a single key or a list of keys | `["ssh-rsa ...","ssh-ed25519 ..."]` |
| Name | Description | Value |
| ------------------ | ------------------------------------------------------------------------------------------------- | ---------------- |
| `external` | Enable external access from outside the cluster | `false` |
| `externalPorts` | Specify ports to forward from outside the cluster | `[]` |
| `running` | Determines if the virtual machine should be running | `true` |
| `image` | The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine` and `fedora` | `ubuntu` |
| `storageClass` | StorageClass used to store the data | `replicated` |
| `resources.cpu` | The number of CPU cores allocated to the virtual machine | `1` |
| `resources.memory` | The amount of memory allocated to the virtual machine | `1024M` |
| `resources.disk` | The size of the disk allocated for the virtual machine | `5Gi` |
| `sshKeys` | List of SSH public keys for authentication. Can be a single key or a list of keys. | `[]` |
| `cloudInit` | cloud-init user data config. See cloud-init documentation for more details. | `#cloud-config
` |

You can customize the exposed ports by specifying them under `service.ports` in the `values.yaml` file.

## Example `values.yaml`
## Example virtual machine:

```yaml
external: false
external: true
externalPorts:
- 22
- 80
- 443
running: true
image: ubuntu
image: fedora
storageClass: replicated
resources:
cpu: 1
memory: 1024M
disk: 5Gi
sshPwauth: true
disableRoot: true
password: hackme
chpasswdExpire: false
sshKeys:
- YOUR_SSH_PUB_KEY_HERE
- ANOTHER_SSH_PUB_KEY_HERE

service:
ports:
- name: http
port: 80
targetPort: 80
- name: https
port: 443
targetPort: 443
disk: 10Gi

sshKeys:
- ssh-rsa ...

cloudInit: |
#cloud-config
user: fedora
password: fedora
chpasswd: { expire: False }
ssh_pwauth: True
```
21 changes: 21 additions & 0 deletions packages/apps/virtual-machine/templates/secret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
{{- if .Values.sshKeys }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "virtual-machine.fullname" $ }}-ssh-keys
stringData:
{{- range $k, $v := .Values.sshKeys }}
key{{ $k }}: {{ quote $v }}
{{- end }}
{{- end }}
{{- if .Values.cloudInit }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "virtual-machine.fullname" . }}-cloud-init
stringData:
userdata: |
{{- .Values.cloudInit | nindent 4 }}
{{- end }}
15 changes: 4 additions & 11 deletions packages/apps/virtual-machine/templates/service.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,21 +8,14 @@ metadata:
{{- include "virtual-machine.labels" . | nindent 4 }}
spec:
type: {{ ternary "LoadBalancer" "ClusterIP" .Values.external }}
{{- if .Values.external }}
externalTrafficPolicy: Local
allocateLoadBalancerNodePorts: false
{{- end }}
selector:
{{- include "virtual-machine.labels" . | nindent 4 }}
ports:
- name: ssh
port: 22
targetPort: 22
{{- if .Values.service.ports }}
{{- range .Values.service.ports }}
- name: {{ .name }}
port: {{ .port }}
targetPort: {{ .targetPort }}
{{- end }}
{{- range .Values.externalPorts }}
- name: port-{{ . }}
port: {{ . }}
targetPort: {{ . }}
{{- end }}
{{- end }}
45 changes: 25 additions & 20 deletions packages/apps/virtual-machine/templates/vm.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,34 +45,39 @@ spec:
- disk:
bus: scsi
name: systemdisk
{{- if or .Values.sshKeys .Values.cloudInit }}
- disk:
bus: virtio
name: cloudinitdisk
{{- end }}
interfaces:
- name: default
bridge: {}
machine:
type: ""
resources:
requests:
memory: {{ .Values.resources.memory | quote }}
{{- with .Values.sshKeys }}
accessCredentials:
- sshPublicKey:
source:
secret:
secretName: {{ include "virtual-machine.fullname" $ }}-ssh-keys
propagationMethod:
noCloud: {}
{{- end }}
terminationGracePeriodSeconds: 30
volumes:
- dataVolume:
- name: systemdisk
dataVolume:
name: {{ include "virtual-machine.fullname" . }}
name: systemdisk
- cloudInitNoCloud:
userData: |-
#cloud-config
ssh_pwauth: {{ if .Values.sshPwauth | default false }}True{{ else }}False{{ end }}
disable_root: {{ if .Values.disableRoot | default false }}True{{ else }}False{{ end }}
password: {{ .Values.password }}
chpasswd: { expire: {{ if .Values.chpasswdExpire | default false }}True{{ else }}False{{ end }} }
ssh_authorized_keys:
{{- if .Values.sshKeys }}
{{- $keys := .Values.sshKeys }}
{{- if not (kindIs "slice" $keys) }}
{{- $keys = list $keys }}
{{- end }}
{{- range $keys }}
- {{ . }}
{{- end }}
{{- end }}
name: cloudinitdisk
{{- if or .Values.sshKeys .Values.cloudInit }}
- name: cloudinitdisk
cloudInitNoCloud:
secretRef:
name: {{ include "virtual-machine.fullname" . }}-cloud-init
{{- end }}
networks:
- name: default
pod: {}
40 changes: 15 additions & 25 deletions packages/apps/virtual-machine/values.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
"description": "Enable external access from outside the cluster",
"default": false
},
"externalPorts": {
"type": "array",
"description": "Specify ports to forward from outside the cluster",
"default": "[]",
"items": {
"type": "string"
}
},
"running": {
"type": "boolean",
"description": "Determines if the virtual machine should be running",
Expand Down Expand Up @@ -49,36 +57,18 @@
}
}
},
"sshPwauth": {
"type": "boolean",
"description": "Enable password authentication for SSH. If set to `true`, users can log in using a password",
"default": true
},
"disableRoot": {
"type": "boolean",
"description": "Disable root login via SSH. If set to `true`, root login will be disabled",
"default": true
},
"password": {
"type": "string",
"description": "The default password for the virtual machine",
"default": "hackme"
},
"chpasswdExpire": {
"type": "boolean",
"description": "Set whether the password should expire",
"default": false
},
"sshKeys": {
"type": "array",
"description": "List of SSH public keys for authentication. Can be a single key or a list of keys",
"default": [
"ssh-rsa ...",
"ssh-ed25519 ..."
],
"description": "List of SSH public keys for authentication. Can be a single key or a list of keys.",
"default": "[]",
"items": {
"type": "string"
}
},
"cloudInit": {
"type": "string",
"description": "cloud-init user data config. See cloud-init documentation for more details.",
"default": "#cloud-config\n"
}
}
}
37 changes: 25 additions & 12 deletions packages/apps/virtual-machine/values.yaml
Original file line number Diff line number Diff line change
@@ -1,30 +1,43 @@
## @section Common parameters

## @param external Enable external access from outside the cluster
## @param externalPorts [array] Specify ports to forward from outside the cluster
## @param running Determines if the virtual machine should be running
## @param image The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine` and `fedora`
## @param storageClass StorageClass used to store the data
## @param resources.cpu The number of CPU cores allocated to the virtual machine
## @param resources.memory The amount of memory allocated to the virtual machine
## @param resources.disk The size of the disk allocated for the virtual machine
## @param sshPwauth Enable password authentication for SSH. If set to `true`, users can log in using a password
## @param disableRoot Disable root login via SSH. If set to `true`, root login will be disabled
## @param password The default password for the virtual machine
## @param chpasswdExpire Set whether the password should expire
## @param sshKeys List of SSH public keys for authentication. Can be a single key or a list of keys

external: false
externalPorts:
- 22

running: true
image: ubuntu
storageClass: replicated
resources:
cpu: 1
memory: 1024M
disk: 5Gi
sshPwauth: true
disableRoot: true
password: hackme
chpasswdExpire: false
sshKeys:
- ssh-rsa ...
- ssh-ed25519 ...

## @param sshKeys [array] List of SSH public keys for authentication. Can be a single key or a list of keys.
## Example:
## sshKeys:
## - ssh-rsa ...
## - ssh-ed25519 ...
##
sshKeys: []

## @param cloudInit cloud-init user data config. See cloud-init documentation for more details.
## - https://cloudinit.readthedocs.io/en/latest/explanation/format.html
## - https://cloudinit.readthedocs.io/en/latest/reference/examples.html
## Example:
## cloudInit: |
## #cloud-config
## password: ubuntu
## chpasswd: { expire: False }
##
cloudInit: |
#cloud-config

0 comments on commit 4282843

Please sign in to comment.