-
Notifications
You must be signed in to change notification settings - Fork 0
Kubevirt on datacenter ‐ for users
Allan Roger Reid edited this page Aug 15, 2024
·
2 revisions
wget https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img
./virtctl image-upload dv ubuntu-cloud-base-noble --namespace=vms --size=5Gi --image-path=/Users/allanreid/Downloads/kubevirt/noble-server-cloudimg-amd64.img --uploadproxy-url=https://127.0.0.1:18443 --access-mode=ReadWriteOnce --volume-mode=filesystem --insecure --force-bind
openssl genrsa -out andrea-min-k1.key 2048
openssl req -new -key andrea-min-k1.key -out andrea-min-k1.csr -subj "/CN=andrea@min-k1"
cat <<EOF > andrea-min-k1-csr-template.yaml
apiVersion: certificates.k8s.io/v1
kind: CertificateSigningRequest
metadata:
name: andrea-min-k1-csr
spec:
request: <base64-encoded andrea-min-k1.csr>
signerName: kubernetes.io/kube-apiserver-client
usages:
- client auth
EOF
k delete csr andrea-min-k1-csr
CSR_CONTENT=$(cat andrea-min-k1.csr | base64 | tr -d '\n')
sed "s|<base64-encoded andrea-min-k1.csr>|$CSR_CONTENT|" andrea-min-k1-csr-template.yaml > andrea-min-k1-csr.yaml
kubectl create -f andrea-min-k1-csr.yaml
kubectl get csr
kubectl certificate approve andrea-min-k1-csr
kubectl get csr andrea-min-k1-csr -o jsonpath='{.status.certificate}' | base64 --decode > andrea-min-k1.crt
kubectl get csr
kubectl config delete-cluster min-k1-andrea --kubeconfig=andrea.kubeconfig
kubectl config delete-context min-k1 --kubeconfig=andrea.kubeconfig
kubectl config set-cluster min-k1 --server=https://api.k1.min.dev:6443 --certificate-authority=/Users/allanreid/Downloads/kubevirt/andrea/min-k1.crt --embed-certs=true --kubeconfig=andrea.kubeconfig
kubectl config set-credentials andrea --client-certificate=andrea-min-k1.crt --client-key=andrea-min-k1.key --embed-certs=true --kubeconfig=andrea.kubeconfig
kubectl config set-context min-k1 --cluster=min-k1 --namespace=default --user=andrea --namespace vms --kubeconfig=andrea.kubeconfig
kubectl config use-context min-k1 --kubeconfig=andrea.kubeconfig
kubectl config get-contexts --kubeconfig=andrea.kubeconfig
kubectl config get-clusters --kubeconfig=andrea.kubeconfig
k -n vms get pods --kubeconfig=andrea.kubeconfig
k -n vms delete rolebindings.rbac.authorization.k8s.io vm-edit
cat << EOF > vms-rb-andrea.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: vm-edit
namespace: vms
subjects:
- kind: User
name: andrea@min-k1
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: ClusterRole
name: kubevirt.io:edit
apiGroup: rbac.authorization.k8s.io
EOF
k apply -f vms-rb-andrea.yaml
AUTHORIZED=~/.ssh/id_ecdsa.pub
cat << EOF > andrea-1.yaml
apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
labels:
min.io/vm: andrea-1
name: andrea-1
namespace: vms
spec:
running: false
template:
metadata:
labels:
min.io/vm: andrea-1
spec:
architecture: amd64
domain:
devices:
disks:
- disk:
bus: virtio
name: os
resources:
requests:
cpu: 4
memory: 16384M
terminationGracePeriodSeconds: 0
volumes:
- dataVolume:
name: ubuntu-cloud-base-disk-andrea-1
name: os
- cloudInitNoCloud:
userData: |
#cloud-config
ssh_authorized_keys:
- $(<"$AUTHORIZED")
user: ubuntu
password: ubuntu
chpasswd: { expire: False }
ssh_pwauth: False
name: cloudinitdisk
dataVolumeTemplates:
- metadata:
name: ubuntu-cloud-base-disk-andrea-1
spec:
pvc:
storageClassName: directpv-min-io
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 64Gi
source:
pvc:
name: ubuntu-cloud-base-noble
namespace: vms
EOF
kubectl -n vms delete vm andrea-1 --kubeconfig=andrea.kubeconfig
kubectl create -f andrea-1.yaml --kubeconfig=andrea.kubeconfig
# virtctl
# VERSION=$(kubectl get kubevirt.kubevirt.io/kubevirt -n vms -o=jsonpath="{.status.observedKubeVirtVersion}")
VERSION=v1.3.0
ARCH=$(uname -s | tr A-Z a-z)-$(uname -m | sed 's/x86_64/amd64/') || windows-amd64.exe
echo ${ARCH}
echo https://github.com/kubevirt/kubevirt/releases/download/$VERSION/virtctl-$VERSION-$ARCH
curl -L -o virtctl https://github.com/kubevirt/kubevirt/releases/download/${VERSION}/virtctl-${VERSION}-${ARCH}
chmod +x virtctl
./virtctl -n vms start andrea-1 --kubeconfig=andrea.kubeconfig
kubectl -n vms get vm andrea-1 -w --kubeconfig=andrea.kubeconfig
./virtctl -n vms console andrea-1 --kubeconfig=andrea.kubeconfig
./virtctl -n vms ssh -i ~/.ssh/id_ecdsa ubuntu@andrea-1 -p 22 --local-ssh-opts="-o StrictHostKeyChecking=off" --local-ssh=true