I’m on Windows and want to connect to my Kubernetes Linux cluster provisioned with Azure Container Service. I want to connect in the command prompt so I can use Kubectl and I want to connect with PuTTY also. Besides this I also want to know which keys to use when provisioning the ACS Kubernetes cluster in the Azure Portal and also which key to use when provisioning with ARM templates.
It is possible to follow the Microsoft documentation and generate SSH keys to connect to your cluster and execute openssl.exe and also PuttyGen to connect with PuTTY . But I was struggling with the SSH keys a couple of times now. And after some investigation together with Loek Duys, the following method works best for me:
- You should already have installed all necessary tools. See the documentation to read how to do this.
- Download PuTTY
- Download PuTTYgen
Use PuTTYgen to generate *all* necessary SSH keys
- Open PuTTYgen. Click Generate. Move your mouse over the blank area and wait till the key is generated. (all default values, so the type to generate is RSA)
- Fill in a passphrase
- Click on Save public key. Name it: pempublickey
- Click on Save private key. Name it: puttyprivatekey.ppk
- Select the key in the textbox and save it in a new file. Name it: singlelinepublickey
- Click on Conversions in the menu. Then Export OpenSSH key. Name it: opensshrsaprivatekey
You have all keys that are needed.
Connecting with PuTTY:
- Fill in the Host Name: <youruser>@<Master FQDN>
For example: email@example.com
- Fill in the port: 22
- Navigate to Connection–>SSH–>Auth and select the puttyprivatekey.ppk
- Tip: save the settings by typing a name in Saved Settions textbox and click Save. Next time you start PuTTY you only have to load the settings
Use the Command Prompt: az acs kubernetes get-credentials
- Use the opensshrsaprivatekey as parameter for az acs kubernetes get-credentials command:
az acs kubernetes get-credentials –resource-group=myresourcegroup –name=myclustername –ssh-key-file “C:\sshkeys\opensshrsaprivatekey”
You will be asked for the passphrase.
- If you don’t want to pass –ssh-key everytime, put the opensshrsaprivatekey file in the .ssh directory in your user map:
now you can connect just with:
az acs kubernetes get-credentials –resource-group=myresourcegroup –name=myclustername
Provision the ACS cluster with Kubernetes in the Azure Portal
Provision the ACS cluster with an ARM Template
Reset the SSH key
If you made a mistake while provisioning the cluster or you want to reset the SSH key, you don’t have to delete the cluster and provision it again. It’s possible to reset the SSH key.