Set up remote management of VMs

About this task

Configure the kubectl, virtctl and virt-viewer clients on a remote workstation, in order to manage KubeVirt VMs remotely. Note that the graphical console of a VM can only be accessed remotely from a workstation with X Windows (e.g. graphical ubuntu desktop), kubectl, virtctl and virt-viewer installed.

Prerequisites

To configure kubectl and helm, you must have configured the oidc-auth-apps OIDC Identity Provider (dex) on the target StarlingX environment to get Kubernetes authentication tokens. See Set up OIDC Auth Applications for more information.

Procedure

Configure kubectl and helm

  1. On the controller, create a rolebinding for the admin-user user. Alternatively, to use group rolebinding and user group membership for authorization, see Configure Users, Groups, and Authorization for more information.

    % MYUSER="admin-user"
    % cat <<EOF > admin-user-rolebinding.yaml
    kind: ClusterRoleBinding
    apiVersion: rbac.authorization.k8s.io/v1
    metadata:
     name: ${MYUSER}-rolebinding
    roleRef:
     apiGroup: rbac.authorization.k8s.io
     kind: ClusterRole
     name: cluster-admin
    subjects:
    - apiGroup: rbac.authorization.k8s.io
      kind: User
      name: ${MYUSER}
    EOF
    % kubectl apply -f admin-user-rolebinding.yaml
    
  2. On the remote workstation, install the kubectl client, set up the Kubernetes configuration and get a token. Follow the steps of section Kubernetes Remote Client Access using the Host Directly at Configure Kubernetes Client Access, then test the kubectl access with the command below.

    % kubectl get nodes -o wide
    NAME           STATUS   ROLES    AGE    VERSION   INTERNAL-IP       EXTERNAL-IP   OS-IMAGE ...
    controller-0   Ready    master   15h    v1.12.3   192.168.204.3     <none>        CentOS L ...
    controller-1   Ready    master   129m   v1.12.3   192.168.204.4     <none>        CentOS L ...
    worker-0       Ready    <none>   99m    v1.12.3   192.168.204.201   <none>        CentOS L ...
    worker-1       Ready    <none>   99m    v1.12.3   192.168.204.202   <none>        CentOS L ...
    %
    
  3. On the workstation, install the helm client on an Ubuntu host by taking the following actions on the remote Ubuntu system.

    1. Install helm. See the following reference: https://helm.sh/docs/intro/install/. Helm accesses the Kubernetes cluster as configured in the previous step, using the default ~/.kube/config.

      % wget https://get.helm.sh/helm-v3.2.1-linux-amd64.tar.gz
      % tar xvf helm-v3.2.1-linux-amd64.tar.gz
      % sudo cp linux-amd64/helm /usr/local/bin
      
    2. Verify that helm installed correctly.

      % helm version
      version.BuildInfo{Version:"v3.2.1", GitCommit:"fe51cd1e31e6a202cba7dead9552a6d418ded79a", GitTreeState:"clean", GoVersion:"go1.13.10"}
      
    3. Run the following commands:

      % helm repo add bitnami https://charts.bitnami.com/bitnami
      % helm repo update
      % helm repo list
      % helm search repo
      % helm install wordpress bitnami/wordpress
      

Configure virtctl

On the remote workstation, install virtctl client tool.

$ export VERSION=v0.53.1
$ wget https://github.com/kubevirt/kubevirt/releases/download/${VERSION}/virtctl-${VERSION}-linux-amd64
$ chmod a+x ./virtctl-${VERSION}-linux-amd64
$ sudo cp ./virtctl-${VERSION}-linux-amd64 /usr/bin/virtctl

Configure virt-viewer

On the remote workstation, install virt-viewer in order to enable use of graphical console.

$ sudo apt -y install virt-viewer