reworking ssh key yamls

openshift · May 7, 2024 · c4f1576 · c4f1576
1 parent 7f088d0
commit c4f1576
Show file tree

Hide file tree

Showing 3 changed files with 108 additions and 97 deletions.
diff --git a/modules/virt-adding-public-key-cli.adoc b/modules/virt-adding-public-key-cli.adoc
@@ -39,116 +39,29 @@ endif::[]
 
 . Create a manifest file for a `VirtualMachine` object and a `Secret` object:
 +
+.Example manifest
 [source,yaml]
 ----
-apiVersion: kubevirt.io/v1
-kind: VirtualMachine
-metadata:
-  name: example-vm
-  namespace: example-namespace
-spec:
-  dataVolumeTemplates:
-  - apiVersion: cdi.kubevirt.io/v1beta1
-    kind: DataVolume
-    metadata:
-      name: example-vm-disk
-    spec:
-      sourceRef:
-        kind: DataSource
-        name: rhel9
-        namespace: openshift-virtualization-os-images
-      storage:
-        resources:
-          requests:
-            storage: 30Gi
-  running: false
-  template:
-    metadata:
-      labels:
-        kubevirt.io/domain: example-vm
-    spec:
-      domain:
-        cpu:
-          cores: 1
-          sockets: 2
-          threads: 1
-        devices:
-          disks:
-          - disk:
-              bus: virtio
-            name: rootdisk
-          - disk:
-              bus: virtio
-            name: cloudinitdisk
-          interfaces:
-          - masquerade: {}
-            name: default
-          rng: {}
-        features:
-          smm:
-            enabled: true
-        firmware:
-          bootloader:
-            efi: {}
-        resources:
-          requests:
-            memory: 8Gi
-      evictionStrategy: LiveMigrate
-      networks:
-      - name: default
-        pod: {}
-      volumes:
-      - dataVolume:
-          name: example-volume
-        name: example-vm-disk
-        - cloudInitNoCloud: <.>
-            userData: |-
-              #cloud-config
-              user: cloud-user
-              password: <password>
-              chpasswd: { expire: False }
-ifdef::dynamic-key[]
-              runcmd:
-                - [ setsebool, -P, virt_qemu_ga_manage_ssh, on ]
-endif::[]
-          name: cloudinitdisk
-      accessCredentials:
-        - sshPublicKey:
-            propagationMethod:
 ifdef::static-key[]
-              noCloud: {}
+include::snippets/virt-static-key.yaml[]
 endif::[]
+
 ifdef::dynamic-key[]
-              qemuGuestAgent:
-                users: ["user1","user2","fedora"] <.>
+include::snippets/virt-dynamic-key.yaml[]
 endif::[]
-            source:
-              secret:
-                secretName: authorized-keys <.>
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: authorized-keys
-data:
-  key:  |
-      MIIEpQIBAAKCAQEAulqb/Y... <.>
 ----
-<.> Specify the `cloudInitNoCloud` data source.
-ifdef::dynamic-key[]
-<.> Specify the user names.
-endif::[]
-<.> Specify the `Secret` object name.
-<.> Paste the public SSH key.
+<1> Specify the `cloudInitNoCloud` data source.
+<2> Specify the `Secret` object name.
+<3> Paste the public SSH key.
 
-. Create the `VirtualMachine` and `Secret` objects:
+. Create the `VirtualMachine` and `Secret` objects by running the following command:
 +
 [source,terminal]
 ----
 $ oc create -f <manifest_file>.yaml
 ----
 
-. Start the VM:
+. Start the VM by running the following command:
 +
 [source,terminal]
 ----
@@ -182,7 +95,7 @@ ifdef::static-key[]
 endif::[]
 ifdef::dynamic-key[]
               qemuGuestAgent:
-                users: ["user1","user2","fedora"]
+                users: ["cloud-user"]
 endif::[]
             source:
               secret:

diff --git a/snippets/virt-dynamic-key.yaml b/snippets/virt-dynamic-key.yaml
@@ -0,0 +1,50 @@
+apiVersion: kubevirt.io/v1
+kind: VirtualMachine
+metadata:
+  name: example-vm
+  namespace: example-namespace
+spec:
+  dataVolumeTemplates:
+    - metadata:
+        name: example-vm-volume
+      spec:
+        sourceRef:
+          kind: DataSource
+          name: rhel9
+          namespace: openshift-virtualization-os-images
+        storage:
+          resources: {}
+  instancetype:
+    name: u1.medium
+  preference:
+    name: rhel.9
+  running: true
+  template:
+    spec:
+      domain:
+        devices: {}
+      volumes:
+        - dataVolume:
+            name: example-vm-volume
+          name: rootdisk
+        - cloudInitNoCloud: # <1>
+            userData: |-
+              #cloud-config
+              runcmd:
+              - [ setsebool, -P, virt_qemu_ga_manage_ssh, on ]
+          name: cloudinitdisk
+      accessCredentials:
+        - sshPublicKey:
+            propagationMethod:
+              qemuGuestAgent:
+                users: ["cloud-user"]
+            source:
+              secret:
+                secretName: authorized-keys # <2>
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: authorized-keys
+data:
+  key: c3NoLXJzYSB... # <3>
diff --git a/snippets/virt-static-key.yaml b/snippets/virt-static-key.yaml
@@ -0,0 +1,48 @@
+apiVersion: kubevirt.io/v1
+kind: VirtualMachine
+metadata:
+  name: example-vm
+  namespace: example-namespace
+spec:
+  dataVolumeTemplates:
+    - metadata:
+        name: example-vm-volume
+      spec:
+        sourceRef:
+          kind: DataSource
+          name: rhel9
+          namespace: openshift-virtualization-os-images
+        storage:
+          resources: {}
+  instancetype:
+    name: u1.medium
+  preference:
+    name: rhel.9
+  running: true
+  template:
+    spec:
+      domain:
+        devices: {}
+      volumes:
+        - dataVolume:
+            name: example-vm-volume
+          name: rootdisk
+        - cloudInitNoCloud: # <1>
+            userData: |-
+              #cloud-config
+              user: cloud-user
+          name: cloudinitdisk
+      accessCredentials:
+        - sshPublicKey:
+            propagationMethod:
+              noCloud: {}
+            source:
+              secret:
+                secretName: authorized-keys # <2>
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: authorized-keys
+data:
+  key: c3NoLXJzYSB... # <3>