From df47b9a3d22b742b0869dc917dda1850534a5bed Mon Sep 17 00:00:00 2001 From: Piotr Skamruk Date: Tue, 16 Jan 2018 15:49:10 +0100 Subject: [PATCH 1/3] Cleanup in examples --- ...cirros-vm-with-additional-annotations.yaml | 59 +++++++++++++++++++ examples/cirros-vm.yaml | 9 --- examples/ubuntu-vm-with-testuser.yaml | 42 +++++++++++++ examples/ubuntu-vm-with-volume.yaml | 41 +++++++++++++ examples/ubuntu-vm.yaml | 20 ------- 5 files changed, 142 insertions(+), 29 deletions(-) create mode 100644 examples/cirros-vm-with-additional-annotations.yaml create mode 100644 examples/ubuntu-vm-with-testuser.yaml create mode 100644 examples/ubuntu-vm-with-volume.yaml diff --git a/examples/cirros-vm-with-additional-annotations.yaml b/examples/cirros-vm-with-additional-annotations.yaml new file mode 100644 index 000000000..6e1ad3b1b --- /dev/null +++ b/examples/cirros-vm-with-additional-annotations.yaml @@ -0,0 +1,59 @@ +# This example is the same as a basic one but it's extended with +# example values for VirtletCloudInitUserData and VirtletVCPUCount annotations +apiVersion: v1 +kind: Pod +metadata: + name: cirros-vm-with-additional-annotations + annotations: + # This tells CRI Proxy that this pod belongs to Virtlet runtime + kubernetes.io/target-runtime: virtlet.cloud + # An optional annotation specifying the count of virtual CPUs. + # Note that annotation values must always be strings, + # thus numeric values need to be quoted. + # Defaults to "1". + VirtletVCPUCount: "1" + # CirrOS doesn't load nocloud data from SCSI CD-ROM for some reason + VirtletDiskDriver: virtio + # inject ssh keys via cloud-init + VirtletSSHKeys: | + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost + # cloud-init user data + VirtletCloudInitUserDataScript: | + #!/bin/sh + echo "Hi there" +spec: + # This nodeAffinity specification tells Kubernetes to run this + # pod only on the nodes that have extraRuntime=virtlet label. + # This label is used by Virtlet DaemonSet to select nodes + # that must have Virtlet runtime + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: extraRuntime + operator: In + values: + - virtlet + containers: + - name: cirros-vm + # This specifies the image to use. + # virtlet.cloud/ prefix is used by CRI proxy, the remaining part + # of the image name is prepended with https:// and used to download the image + image: virtlet.cloud/cirros + # Virtlet currently ignores image tags, but their meaning may change + # in future, so it’s better not to set them for VM pods. If there’s no tag + # provided in the image specification kubelet defaults to + # imagePullPolicy: Always, which means that the image is always + # redownloaded when the pod is created. In order to make pod creation + # faster and more reliable, we set imagePullPolicy to IfNotPresent here + # so a previously downloaded image is reused if there is one + # in Virtlet’s image store + imagePullPolicy: IfNotPresent + # tty and stdin required for `kubectl attach -t` to work + tty: true + stdin: true + resources: + limits: + # This memory limit is applied to the libvirt domain definition + memory: 160Mi diff --git a/examples/cirros-vm.yaml b/examples/cirros-vm.yaml index 89816789d..fda37314d 100644 --- a/examples/cirros-vm.yaml +++ b/examples/cirros-vm.yaml @@ -5,20 +5,11 @@ metadata: annotations: # This tells CRI Proxy that this pod belongs to Virtlet runtime kubernetes.io/target-runtime: virtlet.cloud - # An optional annotation specifying the count of virtual CPUs. - # Note that annotation values must always be strings, - # thus numeric values need to be quoted. - # Defaults to "1". - VirtletVCPUCount: "1" # CirrOS doesn't load nocloud data from SCSI CD-ROM for some reason VirtletDiskDriver: virtio # inject ssh keys via cloud-init VirtletSSHKeys: | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost - # cloud-init user data - VirtletCloudInitUserDataScript: | - #!/bin/sh - echo "Hi there" spec: # This nodeAffinity specification tells Kubernetes to run this # pod only on the nodes that have extraRuntime=virtlet label. diff --git a/examples/ubuntu-vm-with-testuser.yaml b/examples/ubuntu-vm-with-testuser.yaml new file mode 100644 index 000000000..be23c0192 --- /dev/null +++ b/examples/ubuntu-vm-with-testuser.yaml @@ -0,0 +1,42 @@ +# This example shows how to add by cloud-init a user with sudo passwordless +# access to root acount. User added that way will have as password "testuser". +apiVersion: v1 +kind: Pod +metadata: + name: ubuntu-vm-with-test-user + annotations: + kubernetes.io/target-runtime: virtlet.cloud + VirtletCloudInitUserData: | + ssh_pwauth: True + users: + - name: testuser + gecos: User + primary-group: testuser + groups: users + lock_passwd: false + # under this hash is encoded "testuser" as password + passwd: "$6$rounds=4096$wPs4Hz4tfs$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1" + sudo: ALL=(ALL) NOPASSWD:ALL + VirtletSSHKeys: | + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost +spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: extraRuntime + operator: In + values: + - virtlet + # This is the number of seconds Virtlet gives the VM to shut down cleanly. + # The default value of 30 seconds is ok for containers but probably too + # low for VM, so overriding it here is strongly advised. + terminationGracePeriodSeconds: 120 + containers: + - name: ubuntu-vm + image: virtlet.cloud/cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img + imagePullPolicy: IfNotPresent + # tty and stdin required for `kubectl attach -t` to work + tty: true + stdin: true diff --git a/examples/ubuntu-vm-with-volume.yaml b/examples/ubuntu-vm-with-volume.yaml new file mode 100644 index 000000000..7ac3429af --- /dev/null +++ b/examples/ubuntu-vm-with-volume.yaml @@ -0,0 +1,41 @@ +# This example is ubuntu-vm.yaml one extended with example volume for docker +# which makes it more usable as a test environment +apiVersion: v1 +kind: Pod +metadata: + name: ubuntu-vm-with-volume + annotations: + kubernetes.io/target-runtime: virtlet.cloud + VirtletSSHKeys: | + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost +spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: extraRuntime + operator: In + values: + - virtlet + # This is the number of seconds Virtlet gives the VM to shut down cleanly. + # The default value of 30 seconds is ok for containers but probably too + # low for VM, so overriding it here is strongly advised. + terminationGracePeriodSeconds: 120 + containers: + - name: ubuntu-vm + image: virtlet.cloud/cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img + imagePullPolicy: IfNotPresent + # tty and stdin required for `kubectl attach -t` to work + tty: true + stdin: true + volumeMounts: + - name: docker + mountPath: /var/lib/docker + volumes: + - name: docker + flexVolume: + driver: "virtlet/flexvolume_driver" + options: + type: qcow2 + capacity: 2048MB diff --git a/examples/ubuntu-vm.yaml b/examples/ubuntu-vm.yaml index d7d489674..4efabdbd9 100644 --- a/examples/ubuntu-vm.yaml +++ b/examples/ubuntu-vm.yaml @@ -4,16 +4,6 @@ metadata: name: ubuntu-vm annotations: kubernetes.io/target-runtime: virtlet.cloud - VirtletCloudInitUserData: | - ssh_pwauth: True - users: - - name: testuser - gecos: User - primary-group: testuser - groups: users - lock_passwd: false - passwd: "$6$rounds=4096$wPs4Hz4tfs$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1" - sudo: ALL=(ALL) NOPASSWD:ALL VirtletSSHKeys: | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost spec: @@ -37,13 +27,3 @@ spec: # tty and stdin required for `kubectl attach -t` to work tty: true stdin: true - volumeMounts: - - name: docker - mountPath: /var/lib/docker - volumes: - - name: docker - flexVolume: - driver: "virtlet/flexvolume_driver" - options: - type: qcow2 - capacity: 2048MB From b4146e086bd5f62c4346f10b43d1e56c0536d053 Mon Sep 17 00:00:00 2001 From: Piotr Skamruk Date: Tue, 16 Jan 2018 15:49:26 +0100 Subject: [PATCH 2/3] Example for fedora It requires a fix in cloud init network data generation which will be included in separate commit. --- deploy/images.yaml | 2 ++ examples/fedora-vm-with-testuser.yaml | 44 +++++++++++++++++++++++++++ examples/fedora-vm.yaml | 33 ++++++++++++++++++++ 3 files changed, 79 insertions(+) create mode 100644 examples/fedora-vm-with-testuser.yaml create mode 100644 examples/fedora-vm.yaml diff --git a/deploy/images.yaml b/deploy/images.yaml index e6a590ac1..596b5e7df 100644 --- a/deploy/images.yaml +++ b/deploy/images.yaml @@ -1,3 +1,5 @@ translations: - name: cirros url: https://github.com/mirantis/virtlet/releases/download/v0.8.2/cirros.img + - name: fedora + url: https://download.fedoraproject.org/pub/fedora/linux/releases/27/CloudImages/x86_64/images/Fedora-Cloud-Base-27-1.6.x86_64.qcow2 diff --git a/examples/fedora-vm-with-testuser.yaml b/examples/fedora-vm-with-testuser.yaml new file mode 100644 index 000000000..001855dbb --- /dev/null +++ b/examples/fedora-vm-with-testuser.yaml @@ -0,0 +1,44 @@ +apiVersion: v1 +kind: Pod +metadata: + name: fedora-vm-with-testuser + annotations: + kubernetes.io/target-runtime: virtlet.cloud + VirtletCloudInitUserData: | + ssh_pwauth: True + users: + - name: testuser + gecos: User + primary-group: testuser + groups: users + lock_passwd: false + # under this hash is encoded "testuser" as password + passwd: "$6$rounds=4096$wPs4Hz4tfs$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1" + sudo: ALL=(ALL) NOPASSWD:ALL + VirtletSSHKeys: | + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost +spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: extraRuntime + operator: In + values: + - virtlet + # This is the number of seconds Virtlet gives the VM to shut down cleanly. + # The default value of 30 seconds is ok for containers but probably too + # low for VM, so overriding it here is strongly advised. + terminationGracePeriodSeconds: 120 + containers: + - name: fedora-vm + image: virtlet.cloud/fedora + imagePullPolicy: IfNotPresent + # tty and stdin required for `kubectl attach -t` to work + tty: true + stdin: true + resources: + limits: + # This memory limit is applied to the libvirt domain definition + memory: 256Mi diff --git a/examples/fedora-vm.yaml b/examples/fedora-vm.yaml new file mode 100644 index 000000000..51aba93a9 --- /dev/null +++ b/examples/fedora-vm.yaml @@ -0,0 +1,33 @@ +apiVersion: v1 +kind: Pod +metadata: + name: fedora-vm + annotations: + kubernetes.io/target-runtime: virtlet.cloud + VirtletSSHKeys: | + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost +spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: extraRuntime + operator: In + values: + - virtlet + # This is the number of seconds Virtlet gives the VM to shut down cleanly. + # The default value of 30 seconds is ok for containers but probably too + # low for VM, so overriding it here is strongly advised. + terminationGracePeriodSeconds: 120 + containers: + - name: fedora-vm + image: virtlet.cloud/fedora + imagePullPolicy: IfNotPresent + # tty and stdin required for `kubectl attach -t` to work + tty: true + stdin: true + resources: + limits: + # This memory limit is applied to the libvirt domain definition + memory: 256Mi From 9d5280c54b30e880a57f454f796ca16df63bca33 Mon Sep 17 00:00:00 2001 From: Piotr Skamruk Date: Tue, 16 Jan 2018 17:02:43 +0100 Subject: [PATCH 3/3] Move info about image pull policy from example to docs --- docs/images.md | 12 +++++++++++- docs/volumes.md | 4 ++-- examples/cirros-vm-with-additional-annotations.yaml | 8 -------- examples/cirros-vm.yaml | 8 -------- examples/fedora-vm-with-testuser.yaml | 5 ++++- examples/ubuntu-vm-with-testuser.yaml | 7 +++++-- 6 files changed, 22 insertions(+), 22 deletions(-) diff --git a/docs/images.md b/docs/images.md index 1ba5cd3a4..070e9e0af 100644 --- a/docs/images.md +++ b/docs/images.md @@ -11,7 +11,7 @@ Virtlet supports QCOW2 format for VM images. ```yaml containers: - name: test-vm - image: download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img + image: download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img ``` **Note:** You need to specify url without `scheme://`. In case you are using [instructions](../deploy/README.md) in `deploy/` directory to deploy Virtlet, you need to add `virtlet.cloud/` prefix to the url. @@ -30,6 +30,16 @@ Clones used as boot images are stored in "**volumes**" libvirt pool under `/var/ during the VM execution time and are automatically garbage collected by Virtlet after stopping VM pod environment (sandbox). +**Note:** +Virtlet currently ignores image tags, but their meaning may change +in future, so it’s better not to set them for VM pods. If there’s no tag +provided in the image specification kubelet defaults to +`imagePullPolicy: Always`, which means that the image is always +redownloaded when the pod is created. In order to make pod creation +faster and more reliable, we set in examples `imagePullPolicy` to `IfNotPresent` +so a previously downloaded image is reused if there is one in Virtlet’s +image store. + ## Restrictions and pitfalls Image name are a subject to the strict validation rules that normally applied to the docker image names. Thus one cannot diff --git a/docs/volumes.md b/docs/volumes.md index a7ee5c546..7de21fcc9 100644 --- a/docs/volumes.md +++ b/docs/volumes.md @@ -124,7 +124,7 @@ spec: - virtlet containers: - name: test-vm - image: download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img + image: download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img volumes: - name: vol1 flexVolume: @@ -307,7 +307,7 @@ spec: - virtlet containers: - name: test-vm - image: download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img + image: download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img volumes: - name: raw flexVolume: diff --git a/examples/cirros-vm-with-additional-annotations.yaml b/examples/cirros-vm-with-additional-annotations.yaml index 6e1ad3b1b..fad41b0c7 100644 --- a/examples/cirros-vm-with-additional-annotations.yaml +++ b/examples/cirros-vm-with-additional-annotations.yaml @@ -41,14 +41,6 @@ spec: # virtlet.cloud/ prefix is used by CRI proxy, the remaining part # of the image name is prepended with https:// and used to download the image image: virtlet.cloud/cirros - # Virtlet currently ignores image tags, but their meaning may change - # in future, so it’s better not to set them for VM pods. If there’s no tag - # provided in the image specification kubelet defaults to - # imagePullPolicy: Always, which means that the image is always - # redownloaded when the pod is created. In order to make pod creation - # faster and more reliable, we set imagePullPolicy to IfNotPresent here - # so a previously downloaded image is reused if there is one - # in Virtlet’s image store imagePullPolicy: IfNotPresent # tty and stdin required for `kubectl attach -t` to work tty: true diff --git a/examples/cirros-vm.yaml b/examples/cirros-vm.yaml index fda37314d..eaf3b45e1 100644 --- a/examples/cirros-vm.yaml +++ b/examples/cirros-vm.yaml @@ -30,14 +30,6 @@ spec: # virtlet.cloud/ prefix is used by CRI proxy, the remaining part # of the image name is prepended with https:// and used to download the image image: virtlet.cloud/cirros - # Virtlet currently ignores image tags, but their meaning may change - # in future, so it’s better not to set them for VM pods. If there’s no tag - # provided in the image specification kubelet defaults to - # imagePullPolicy: Always, which means that the image is always - # redownloaded when the pod is created. In order to make pod creation - # faster and more reliable, we set imagePullPolicy to IfNotPresent here - # so a previously downloaded image is reused if there is one - # in Virtlet’s image store imagePullPolicy: IfNotPresent # tty and stdin required for `kubectl attach -t` to work tty: true diff --git a/examples/fedora-vm-with-testuser.yaml b/examples/fedora-vm-with-testuser.yaml index 001855dbb..0eceaf6c9 100644 --- a/examples/fedora-vm-with-testuser.yaml +++ b/examples/fedora-vm-with-testuser.yaml @@ -12,9 +12,12 @@ metadata: primary-group: testuser groups: users lock_passwd: false - # under this hash is encoded "testuser" as password + shell: /bin/bash + # the password is "testuser" passwd: "$6$rounds=4096$wPs4Hz4tfs$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1" sudo: ALL=(ALL) NOPASSWD:ALL + ssh-authorized-keys: + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost VirtletSSHKeys: | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost spec: diff --git a/examples/ubuntu-vm-with-testuser.yaml b/examples/ubuntu-vm-with-testuser.yaml index be23c0192..2fc60ad77 100644 --- a/examples/ubuntu-vm-with-testuser.yaml +++ b/examples/ubuntu-vm-with-testuser.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Pod metadata: - name: ubuntu-vm-with-test-user + name: ubuntu-vm-with-testuser annotations: kubernetes.io/target-runtime: virtlet.cloud VirtletCloudInitUserData: | @@ -14,9 +14,12 @@ metadata: primary-group: testuser groups: users lock_passwd: false - # under this hash is encoded "testuser" as password + shell: /bin/bash + # the password is "testuser" passwd: "$6$rounds=4096$wPs4Hz4tfs$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1" sudo: ALL=(ALL) NOPASSWD:ALL + ssh-authorized-keys: + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost VirtletSSHKeys: | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost spec: