mark sshPublicKey as optional, docs windows ssh

windows instances do not have the capability to set a sshPublicKey. It must be done via cloudbase-init. This change documents this fact and marks the `sshPublicKey` as optional since it's not required and an empty string (default for string type) is sufficient.
kubernetes-sigs · Mar 8, 2023 · 4238b55 · 4238b55
1 parent e796765
commit 4238b55
Show file tree

Hide file tree

Showing 6 changed files with 37 additions and 7 deletions.
diff --git a/api/v1beta1/azuremachine_types.go b/api/v1beta1/azuremachine_types.go
@@ -81,6 +81,9 @@ type AzureMachineSpec struct {
 	// +optional
 	DataDisks []DataDisk `json:"dataDisks,omitempty"`
 
+	// SSHPublicKey is the SSH public key string base64 encoded to add to a Virtual Machine. Linux only.
+	// Refer to documentation on how to set up SSH access on Windows instances.
+	// +optional
 	SSHPublicKey string `json:"sshPublicKey"`
 
 	// AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the

diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinepools.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinepools.yaml
@@ -1889,7 +1889,8 @@ spec:
                     type: object
                   sshPublicKey:
                     description: SSHPublicKey is the SSH public key string base64
-                      encoded to add to a Virtual Machine
+                      encoded to add to a Virtual Machine. Linux only. Refer to documentation
+                      on how to set up SSH access on Windows instances.
                     type: string
                   subnetName:
                     description: 'Deprecated: SubnetName should be set in the networkInterfaces
@@ -1942,7 +1943,6 @@ spec:
                     type: string
                 required:
                 - osDisk
-                - sshPublicKey
                 - vmSize
                 type: object
               userAssignedIdentities:

diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachines.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachines.yaml
@@ -1492,6 +1492,9 @@ spec:
                     x-kubernetes-int-or-string: true
                 type: object
               sshPublicKey:
+                description: SSHPublicKey is the SSH public key string base64 encoded
+                  to add to a Virtual Machine. Linux only. Refer to documentation
+                  on how to set up SSH access on Windows instances.
                 type: string
               subnetName:
                 description: 'Deprecated: SubnetName should be set in the networkInterfaces
@@ -1573,7 +1576,6 @@ spec:
                 type: string
             required:
             - osDisk
-            - sshPublicKey
             - vmSize
             type: object
           status:

diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinetemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremachinetemplates.yaml
@@ -1276,6 +1276,9 @@ spec:
                             x-kubernetes-int-or-string: true
                         type: object
                       sshPublicKey:
+                        description: SSHPublicKey is the SSH public key string base64
+                          encoded to add to a Virtual Machine. Linux only. Refer to
+                          documentation on how to set up SSH access on Windows instances.
                         type: string
                       subnetName:
                         description: 'Deprecated: SubnetName should be set in the
@@ -1363,7 +1366,6 @@ spec:
                         type: string
                     required:
                     - osDisk
-                    - sshPublicKey
                     - vmSize
                     type: object
                 required:

diff --git a/docs/book/src/topics/windows.md b/docs/book/src/topics/windows.md
@@ -101,8 +101,29 @@ When creating a cluster with `Machinepool` if the Machine Pool name is longer th
 
 ### VM password and access
 The VM password is [random generated](https://cloudbase-init.readthedocs.io/en/latest/plugins.html#setting-password-main)
-by Cloudbase-init during provisioning of the VM. For Access to the VM you can use ssh which will be configured with SSH
-public key you provided during deployment.
+by Cloudbase-init during provisioning of the VM. For Access to the VM you can use ssh which can be configured with SSH
+public key you provide during deployment. For example like this:
+```yaml
+apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
+kind: KubeadmConfigTemplate
+metadata:
+  name: test1-md-0
+  namespace: default
+spec:
+  template:
+    spec:
+      ...
+      users:
+      - name: username
+        groups: Administrators
+        sshAuthorizedKeys:
+        - "ssh-rsa AAAA..."
+```
+
+Refer to [SSH Access for nodes](ssh-access.md) for instructions on how to add an SSH public key for windows instances.
+It's required required to specify the ssh key using the `users` property in the Kubeadm config template. Specifying the `sshPublicKey` on `AzureMachine` / `AzureMachinePool` resources does only work with Linux instances.
+
+Ensure you use a different name than `capi` for the user (see [issue #3232](https://github.com/kubernetes-sigs/cluster-api-provider-azure/issues/3232) for details). 
 
 To SSH:
 

diff --git a/exp/api/v1beta1/azuremachinepool_types.go b/exp/api/v1beta1/azuremachinepool_types.go
@@ -62,7 +62,9 @@ type (
 		// +optional
 		DataDisks []infrav1.DataDisk `json:"dataDisks,omitempty"`
 
-		// SSHPublicKey is the SSH public key string base64 encoded to add to a Virtual Machine
+		// SSHPublicKey is the SSH public key string base64 encoded to add to a Virtual Machine. Linux only.
+		// Refer to documentation on how to set up SSH access on Windows instances.
+		// +optional
 		SSHPublicKey string `json:"sshPublicKey"`
 
 		// Deprecated: AcceleratedNetworking should be set in the networkInterfaces field.