зеркало из https://github.com/Azure/aks-engine.git
Ross Gardler
GitHub
Коммит
76d521ce73
|
|
@ -16,7 +16,7 @@ Once your DC/OS cluster has deployed you will have a resource group containing:
|
|||
|
||||
1. a set of 1,3, or 5 masters in a master specific availability set. Each master's SSH can be accessed via the public dns address at ports 2200..2204
|
||||
|
||||
2. a set of public agents in an Virtual Machine Scale Set (VMSS). The agent VMs can be accessed through a master. See [agent forwarding](SSHKeyManagement.md#key-management-and-agent-forwarding-with-windows-pageant) for an example of how to do this.
|
||||
2. a set of public agents in an Virtual Machine Scale Set (VMSS). The agent VMs can be accessed through a master. See [agent forwarding](ssh.md#key-management-and-agent-forwarding-with-windows-pageant) for an example of how to do this.
|
||||
|
||||
3. a set of private agents in an Virtual Machine Scale Set (VMSS).
|
||||
|
||||
|
|
@ -54,7 +54,7 @@ This walk through is inspired by the wonderful digital ocean tutorial: https://w
|
|||
5. now you can copy the output FQDNs and sample SSH commands
|
||||
|
||||
|
||||
2. Create an [SSH tunnel to port 80](SSHKeyManagement.md#create-port-80-tunnel-to-the-master) on the master FQDN.
|
||||
2. Create an [SSH tunnel to port 80](ssh.md#create-port-80-tunnel-to-the-master) on the master FQDN.
|
||||
|
||||
3. browse to the DC/OS UI <http://localhost/>. This displays the main DC/OS dashboard:
|
||||
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ Once your Kubernetes cluster has been created you will have a resource group con
|
|||
|
||||
1. 1 master accessible by SSH on port 22 or kubectl on port 443
|
||||
|
||||
2. a set of nodes in an availability set. The nodes can be accessed through a master. See [agent forwarding](SSHKeyManagement.md#key-management-and-agent-forwarding-with-windows-pageant) for an example of how to do this.
|
||||
2. a set of nodes in an availability set. The nodes can be accessed through a master. See [agent forwarding](ssh.md#key-management-and-agent-forwarding-with-windows-pageant) for an example of how to do this.
|
||||
|
||||
The following image shows the architecture of a container service cluster with 1 master, and 2 agents:
|
||||
|
||||
|
|
@ -88,7 +88,7 @@ After completing this walkthrough you will know how to:
|
|||
* [Linux](https://storage.googleapis.com/kubernetes-release/release/v1.4.5/bin/linux/amd64/kubectl)
|
||||
|
||||
9. The Kubernetes master contains the kube config file for remote access under the home directory ~/.kube/config. Download this file to your machine, set the KUBECONFIG environment variable, and run kubectl to verify you can connect to cluster:
|
||||
* Windows to use pscp from [putty](http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html). Ensure you have your certificate exposed through [pageant](SSHKeyManagement.md#key-management-and-agent-forwarding-with-windows-pageant):
|
||||
* Windows to use pscp from [putty](http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html). Ensure you have your certificate exposed through [pageant](ssh.md#key-management-and-agent-forwarding-with-windows-pageant):
|
||||
```
|
||||
# MASTERFQDN is obtained in step1
|
||||
pscp azureuser@MASTERFQDN:.kube/config .
|
||||
|
|
|
|||
|
|
@ -25,8 +25,14 @@ There are several ways to create a Service Principal in Azure Active Directory:
|
|||
az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/${SUBSCRIPTION_ID}"
|
||||
```
|
||||
|
||||
This will output your `client_id` and `client_secret` (`password`).
|
||||
This will output your `client_id`, `client_secret` (password), `sp_name`, and `tenant`. The `sp_name` or `client_id` may be used for the `servicePrincipalProfile.servicePrincipalClientId` and the `client_secret` is used for `servicePrincipalProfile.servicePrincipalClientSecret`.
|
||||
|
||||
Confirm your service principal by opening a new shell and run the following commands substituting in `sp_name`, `client_secret`, and `tenant`:
|
||||
|
||||
```shell
|
||||
az login --service-principal -u SPNAME -p CLIENTSECRET --tenant TENANT
|
||||
az vm list-sizes --location westus
|
||||
```
|
||||
|
||||
* **With the legacy [Azure XPlat CLI](https://github.com/Azure/azure-xplat-cli)**
|
||||
|
||||
|
|
|
|||
14
docs/ssh.md
14
docs/ssh.md
|
|
@ -16,27 +16,27 @@ Pageant enables agent forwarding. This means that you can SSH from any of the m
|
|||
1. Download and install [Putty Pageant](http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html).
|
||||
2. Double Click on pageant.exe to run, and you will notice it appears in your tray
|
||||
|
||||
|
||||
|
||||
|
||||
3. Right click on Pageant in the tray and click "View Keys"
|
||||
4. Click "Add Key", and add your PPK generated in (#ssh-key-generation).
|
||||
|
||||
|
||||
|
||||
|
||||
5. Now try out the configuration by opening up Putty.exe
|
||||
6. Type in "azureuser@FQDN" and port 2200 where FQDN is the management name returned after deploying a cluster and port:
|
||||
|
||||
|
||||
|
||||
|
||||
7. Browse to Connection->SSH->Auth and click "Allow agent forwarding":
|
||||
|
||||
|
||||
|
||||
|
||||
8. Click "Open" to connect to the master. Now ssh directly to an agent, and you will connect automatically.
|
||||
|
||||
# Create Port 80 tunnel to the Master
|
||||
|
||||
The Mesos admin router requires an SSH tunnel from port 80 to port 80.
|
||||
The DC/OS admin router requires an SSH tunnel from port 80 to port 80.
|
||||
|
||||
1. Verify you have nothing listening on port 80:
|
||||
1. on linux or Mac type `sudo netstat -anpe | grep ":80"` and stop any service or process listening on port 80
|
||||
|
|
@ -50,9 +50,9 @@ The Mesos admin router requires an SSH tunnel from port 80 to port 80.
|
|||
3. then click on "Succeeded" under *last deployment*
|
||||
4. then click on the "Microsoft.Template"
|
||||
5. now you can copy the output of "sshMaster0"
|
||||
|
||||
|
||||
|
||||
2. SSH to the machine
|
||||
1. on linux or Mac, modify the ssh command from "sshMaster0", and add `-L 80:localhost:80`, then use that command to connect
|
||||
2. on Windows, open Putty and in addition to the instructions from [agent forwarding](#key-management-and-agent-forwarding-with-windows-pageant), browse to Connection->SSH->Tunnel and add "80" to Source Port and "localhost:80" to Destination.
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ Once your Swarm cluster has been deployed you will have a resource group contain
|
|||
|
||||
1. a set of 1,3, or 5 masters in a master availability set. Each master's SSH can be accessed via the public dns address at ports 2200..2204
|
||||
|
||||
2. a set of agents in a VM scale set (VMSS). The agent VMs can be accessed through a master. See [agent forwarding](SSHKeyManagement.md#key-management-and-agent-forwarding-with-windows-pageant) for an example of how to do this.
|
||||
2. a set of agents in a VM scale set (VMSS). The agent VMs can be accessed through a master. See [agent forwarding](ssh.md#key-management-and-agent-forwarding-with-windows-pageant) for an example of how to do this.
|
||||
|
||||
The following image shows the architecture of a container service cluster with 3 masters, and 3 agents:
|
||||
|
||||
|
|
@ -43,7 +43,7 @@ After completing this walkthrough you will know how to:
|
|||
|
||||
|
||||
|
||||
3. SSH to port 2200 of the master FQDN. See [agent forwarding](SSHKeyManagement.md#key-management-and-agent-forwarding-with-windows-pageant) for an example of how to do this.
|
||||
3. SSH to port 2200 of the master FQDN. See [agent forwarding](ssh.md#key-management-and-agent-forwarding-with-windows-pageant) for an example of how to do this.
|
||||
|
||||
4. Set the DOCKER_HOST environment variable to `:2375`: e.g. ```export DOCKER_HOST=:2375```
|
||||
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче