Deckhouse Virtualization Platform for bare metal

1
Installation information
2
Setting up cluster
3
Platform installation
4
Adding nodes
5
Storage configuration
6
Virtualization configuration
7
Ingress and DNS configuration
8
User creation
9
Creating a project and a virtual machine
10
What can I do next?

Create a project. To create a project, use the command (the example uses the test-project project; change it if necessary):

d8 k create -f - <<EOF
---
apiVersion: deckhouse.io/v1alpha2
kind: Project
metadata:
  name: test-project
spec:
  description: test-project
  projectTemplateName: default
  parameters:
    # Project quotas.
    resourceQuota:
      requests:
        cpu: 20
        memory: 20Gi
      limits:
        cpu: 20
        memory: 20Gi
    # Project administrators.
    administrators:
      - subject: User
        name: test-user
EOF

Wait for the namespace to be created. To verify that it has been created, use the command:

d8 k get ns test-project

Create a project administrator and associate them with the d8:use:role:admin role in the namespace you created earlier. To do this, use the command (the example uses the user test-user@deckhouse.io; change this if necessary):

d8 k create -f - <<EOF
---
apiVersion: deckhouse.io/v1
kind: User
metadata:
  name: test-user
spec:
  # User e-mail.
  email: test-user@deckhouse.io
  # this is a hash of the password <GENERATED_PASSWORD>, generated  now
  # generate your own or use it at your own risk (for testing purposes)
  # echo -n '<GENERATED_PASSWORD>' | htpasswd -BinC 10 "" | cut -d: -f2 | tr -d '\n' | base64 -w0; echo
  # you might consider changing this
  password: <GENERATED_PASSWORD_HASH>
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  namespace: test-project
  name: admin
subjects:
  - kind: User
    name: test-user@deckhouse.io
    apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  # User role.
  name: d8:use:role:admin
  apiGroup: rbac.authorization.k8s.io
EOF

Open the web interface for generating the kubeconfig file for remote access to the API server. The address of the web interface is formed according to the DNS name template specified in the global parameter publicDomainTemplate. For example, if publicDomainTemplate: %s.kube.my, then the web interface will be available at the address kubeconfig.kube.my.

Enter the login (in the example — test-user@deckhouse.io) and the password of the created user to obtain the configuration file for access to the cluster:

On a computer with network access to the deployed cluster, create a file ~/.kube/config (for Linux/MacOS) or %USERPROFILE%\.kube\config (for Windows) and paste the kubectl configuration provided in the Raw Config tab.

You have configured kubectl on this computer to manage the cluster. Execute the further commands on this computer.

Create a password for the user inside the virtual machine and generate its hash:

mkpasswd --method=SHA-512 --rounds=4096

To add a user and ssh key to the virtual machine, create a cloud-config file. In the example, change the fields as desired:

  • name — contains the username test-user, replace it with your own.
  • passwd — contains the password hash test-user in quotation marks, replace it with your own hash.
  • ssh_authorized_keys — contains the public ssh key, generate your own and replace it.
#cloud-config
ssh_pwauth: True
users:
- name: test-user
  passwd: '$6$rounds=4096$.ed4Qtpv1WeKmhH6$3ZCZGvv1QIe2bIsEGT549mAPnmCUVLG5TJAVsBr02bhdyKTGPt3HFC9Bc7x/NiGAwAqibIuUpRQk4SltW4Kd//'
  shell: /bin/bash
  sudo: ALL=(ALL) NOPASSWD:ALL
  lock_passwd: False
  ssh_authorized_keys:
    - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFxcXHmwaGnJ8scJaEN5RzklBPZpVSic4GdaAsKjQoeA your_email@example.com
packages:
  - qemu-guest-agent
runcmd:
  - systemctl enable qemu-guest-agent --now
  - chown -R cloud:cloud /home/cloud

Create a secret file containing cloud-config in base64 format.

d8 k create -f - <<EOF
---
apiVersion: v1
data:
  userData: |
    `cat cloud-config | base64 -w0`
kind: Secret
metadata:
  name: secret-cloud-init
  namespace: test-project
type: provisioning.virtualization.deckhouse.io/cloud-init
EOF

Create a virtual machine:

d8 k create -f - <<EOF
---
apiVersion: virtualization.deckhouse.io/v1alpha2
kind: VirtualImage
metadata:
  name: ubuntu-2204
  namespace: test-project
spec:
  storage: ContainerRegistry
  dataSource:
    type: HTTP
    http:
      url: https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
---
apiVersion: virtualization.deckhouse.io/v1alpha2
kind: VirtualDisk
metadata:
  name: disk
  namespace: test-project
spec:
  dataSource:
    objectRef:
      kind: VirtualImage
      name: ubuntu-2204
    type: ObjectRef
  persistentVolumeClaim:
    size: 4G
---
apiVersion: virtualization.deckhouse.io/v1alpha2
kind: VirtualMachine
metadata:
  name: vm
  namespace: test-project
spec:
  provisioning:
    type: UserDataRef
    userDataRef:
      kind: Secret
      name: secret-cloud-init
  virtualMachineClassName: generic
  runPolicy: AlwaysOn
  blockDeviceRefs:
  - kind: VirtualDisk
    name: disk
  cpu:
    cores: 1
  memory:
    size: 1Gi
EOF

Display the list of virtual machines to get their status:

d8 k get vm -o wide

After a successful start, the virtual machine should change to the Running status.

Example of the output:

NAME   PHASE     CORES   COREFRACTION   MEMORY   NEED RESTART   AGENT   MIGRATABLE   NODE           IPADDRESS     AGE
vm     Running   1       100%           1Gi      False          False   True         virtlab-pt-1   10.66.10.19   6m18s

Connect to the virtual machine, enter the login (in the example — test-user) and the password:

d8 v console -n test-project vm

To exit the console, press Ctrl+].

Congratulations! You have created a virtual machine and connected to it.

Go back Next: What can I do next?