Skip to content

Instantly share code, notes, and snippets.

@tsaarni

tsaarni/README.md

Last active June 9, 2021 18:58
Show Gist options
  • Star 19 You must be signed in to star a gist
  • Fork 6 You must be signed in to fork a gist
  • Save tsaarni/624d5406e442f08fe11083169c059a68 to your computer and use it in GitHub Desktop.
Save tsaarni/624d5406e442f08fe11083169c059a68 to your computer and use it in GitHub Desktop.
Download ZIP
How to connect to Azure AKS Kubernetes node VM by SSH
Raw
README.md

How to connect to Azure AKS Kubernetes worker node by SSH

Nodes are not assigned public IP. If you have accessible VM in the same VNET as worker nodes, then you can use that VM as jump host and connect the worker via private IP.

Alternatively public IP can be assigned to a worker node. This readme shows how to do that.

Steps how to attach public IP to a worker node

find out the resource group that AKS created for the node VMs

az group list -o table

list resources in the group and find the VM you want to access

az resource list -g MC_kubernetes_kubernetes-cluster_ukwest -o table

show parameters of that VM, see for example: "adminUsername": "azureuser"

az vm show -g MC_kubernetes_kubernetes-cluster_ukwest -n aks-agentpool1-18549766-0

create the public IP

az network public-ip create -g MC_kubernetes_kubernetes-cluster_ukwest -n test-ip

find out correct NIC where to add the public IP

az network nic list -g MC_kubernetes_kubernetes-cluster_ukwest -o table

find out the name of the ipconfig within that NIC

az network nic ip-config list --nic-name aks-agentpool1-18549766-nic-0 -g MC_kubernetes_kubernetes-cluster_ukwest

modify the ipconfig by adding the public IP address

az network nic ip-config update -g MC_kubernetes_kubernetes-cluster_ukwest --nic-name aks-agentpool1-18549766-nic-0 --name ipconfig1 --public-ip-address test-ip

find out what the allocated public IP address is

az network public-ip show -g MC_kubernetes_kubernetes-cluster_ukwest -n test-ip

then finally connect with SSH

ssh azureuser@<public ip address>
@dummy-andra
Copy link

You can also access nodes via privileged pods

@amalgjose
Copy link

amalgjose commented May 26, 2021
edited

You can try this approach. This is easy and quick. This creates a daemonset attached to the node. You will be able to login to the AKS nodes without going through the steps of ssh key creation and all.

@MostefaKamalLala
Copy link

Does this work with VMSS created by AKS nodepools? I have no network NIC in the ressource group of my VMSS.

@amalgjose
Copy link

amalgjose commented Jun 9, 2021
edited

Does this work with VMSS created by AKS nodepools? I have no network NIC in the ressource group of my VMSS.

Try this approach. It will work with AKS nodes. You do not need to attach any additional IP Address or ssh key to the worker nodes. This uses daemon-set approach. https://amalgjose.com/2021/05/26/how-to-ssh-into-azure-kubernetes-cluster-aks-worker-node/

@MostefaKamalLala
Copy link

Does this work with VMSS created by AKS nodepools? I have no network NIC in the ressource group of my VMSS.

Try this approach. It will work with AKS nodes. You do not need to attach any additional IP Address or ssh key to the worker nodes. This uses daemon-set approach. https://amalgjose.com/2021/05/26/how-to-ssh-into-azure-kubernetes-cluster-aks-worker-node/

Ah sorry I haven't noticed your latest message! I'll try it out asap and let you know how it went thank you

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment