Skip to content
This repository has been archived by the owner on Oct 24, 2023. It is now read-only.

feat: Enabling SSH on windows nodes by default #2759

Merged
merged 7 commits into from
Apr 22, 2020
Merged

feat: Enabling SSH on windows nodes by default #2759

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
719828e
feat: Enablshing SSH on windows nodes by default
marosset Feb 20, 2020
1b16d38
Fixing linting errors
marosset Apr 13, 2020
654c2c6
CR feedback
marosset Apr 13, 2020
5a681ff
fixing docs
marosset Apr 15, 2020
0780c92
fixing merge conflicts
marosset Apr 21, 2020
dc53852
fixing doc merge conflicts 2
marosset Apr 21, 2020
70556cf
fixing another merge conflict
marosset Apr 22, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion cmd/get_logs.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,7 @@ func (glc *getLogsCmd) loadAPIModel() (err error) {
}
glc.linuxSSHConfig = helpers.SSHClientConfig(glc.cs.Properties.LinuxProfile.AdminUsername, lauth)

if glc.cs.Properties.WindowsProfile != nil && glc.cs.Properties.WindowsProfile.SSHEnabled {
if glc.cs.Properties.WindowsProfile != nil && glc.cs.Properties.WindowsProfile.GetSSHEnabled() {
glc.windowsSSHConfig = helpers.SSHClientConfig(
glc.cs.Properties.WindowsProfile.AdminUsername,
ssh.Password(glc.cs.Properties.WindowsProfile.AdminPassword))
Expand Down
36 changes: 18 additions & 18 deletions docs/topics/clusterdefinitions.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -852,24 +852,24 @@ https://{keyvaultname}.vault.azure.net:443/secrets/{secretName}/{version}

`windowsProfile` provides configuration specific to Windows nodes in the cluster

| Name | Required | Description |
| ----------------------------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| adminUsername | yes | Username for the Windows adminstrator account created on each Windows node |
| adminPassword | yes | Password for the Windows adminstrator account created on each Windows node |
| csiProxyURL | no | Path to a package containing csi proxy binaries for Windows. |
| enableAutomaticUpdates | no | If set to `true` Windows Update will be configured to automatically apply updates on Windows nodes. Default: `false` |
| enableCSIProxy | no | If set to `true` the csi-proxy specified by `windowsProfile.csiProxyURL` will get installed during node provisioning. See [Windows Csi Proxy](csi-proxy-windows.md) for more details. |
| windowsPublisher | no | Publisher used to find Windows VM to deploy from marketplace. Default: `microsoft-aks` |
| windowsOffer | no | Offer used to find Windows VM to deploy from marketplace. Default: `aks-windows` |
| windowsSku | no | SKU usedto find Windows VM to deploy from marketplace. Default: `2019-datacenter-core-smalldisk` |
| imageVersion | no | Specific image version to deploy from marketplace. Default: `17763.737.190923`. This default is incremented to include the latest Windows patches after being validated by the AKS Engine team. |
| windowsImageSourceURL | no | Path to an existing Azure storage blob with a sysprepped VHD. This is used to test pre-release or customized VHD files that you have uploaded to Azure. If provided, the above 4 parameters are ignored. |
| imageReference.name | no | Name of an Image. |
| imageReference.resourceGroup | no | Resource group that contains the Image. |
| imageReference.subscriptionId | no | ID of subscription containing a Shared Image Gallery. |
| imageReference.gallery | no | Name of a Shared Image Gallery. |
| imageReference.version | no | Version of an Image from a Shared Image Gallery. |
| sshEnabled | no | If set to `true`, OpenSSH will be installed on windows nodes to allow for ssh remoting. **Only for Windows version 1809/2019 or later** . The same SSH authorized public key(s) will be added from [linuxProfile.ssh.publicKeys](#linuxProfile) |
| Name | Required | Description |
| ----------------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| adminUsername | yes | Username for the Windows adminstrator account created on each Windows node |
| adminPassword | yes | Password for the Windows adminstrator account created on each Windows node |
| csiProxyURL | no | Path to a package containing csi proxy binaries for Windows. |
| enableAutomaticUpdates | no | If set to `true` Windows Update will be configured to automatically apply updates on Windows nodes. Default: `false` |
| enableCSIProxy | no | If set to `true` the csi-proxy specified by `windowsProfile.csiProxyURL` will get installed during node provisioning. See [Windows Csi Proxy](csi-proxy-windows.md) for more details. |
| windowsPublisher | no | Publisher used to find Windows VM to deploy from marketplace. Default: `microsoft-aks` |
| windowsOffer | no | Offer used to find Windows VM to deploy from marketplace. Default: `aks-windows` |
| windowsSku | no | SKU usedto find Windows VM to deploy from marketplace. Default: `2019-datacenter-core-smalldisk` |
| imageVersion | no | Specific image version to deploy from marketplace. Default: `17763.737.190923`. This default is incremented to include the latest Windows patches after being validated by the AKS Engine team. |
| windowsImageSourceURL | no | Path to an existing Azure storage blob with a sysprepped VHD. This is used to test pre-release or customized VHD files that you have uploaded to Azure. If provided, the above 4 parameters are ignored. |
| imageReference.name | no | Name of an Image. |
| imageReference.resourceGroup | no | Resource group that contains the Image. |
| imageReference.subscriptionId | no | ID of subscription containing a Shared Image Gallery. |
| imageReference.gallery | no | Name of a Shared Image Gallery. |
| imageReference.version | no | Version of an Image from a Shared Image Gallery. |
| sshEnabled | no | If set to `true`, OpenSSH will be installed on windows nodes to allow for ssh remoting. **Only for Windows version 1809/2019 or later**. The same SSH authorized public key(s) will be added from [linuxProfile.ssh.publicKeys](#linuxProfile). Default: `true` |

#### Windows Images

Expand Down
2 changes: 2 additions & 0 deletions pkg/api/const.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -483,6 +483,8 @@ const (
DefaultNonMasqueradeCIDR = "0.0.0.0/0"
// DefaultKubeProxyMode is the default KubeProxyMode value
DefaultKubeProxyMode KubeProxyMode = KubeProxyModeIPTables
// DefaultWindowsSSHEnabled is the default windowsProfile.sshEnabled value
DefaultWindowsSSHEnabled = true
)

const (
Expand Down
4 changes: 3 additions & 1 deletion pkg/api/converterfromapi.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,9 @@ func convertWindowsProfileToVLabs(api *WindowsProfile, vlabsProfile *vlabs.Windo
convertKeyVaultSecretsToVlabs(&s, secret)
vlabsProfile.Secrets = append(vlabsProfile.Secrets, *secret)
}
vlabsProfile.SSHEnabled = api.SSHEnabled
if api.SSHEnabled != nil {
vlabsProfile.SSHEnabled = api.SSHEnabled
}
vlabsProfile.EnableAutomaticUpdates = api.EnableAutomaticUpdates
}

Expand Down
4 changes: 2 additions & 2 deletions pkg/api/converterfromapi_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -768,7 +768,7 @@ func TestConvertWindowsProfileToVlabs(t *testing.T) {
AdminPassword: "password",
EnableAutomaticUpdates: &falseVar,
ImageVersion: "17763.615.1907121548",
SSHEnabled: false,
SSHEnabled: &falseVar,
WindowsPublisher: "MicrosoftWindowsServer",
WindowsOffer: "WindowsServer",
WindowsSku: "2019-Datacenter-Core-smalldisk",
Expand All @@ -779,7 +779,7 @@ func TestConvertWindowsProfileToVlabs(t *testing.T) {
AdminPassword: "password",
EnableAutomaticUpdates: &falseVar,
ImageVersion: "17763.615.1907121548",
SSHEnabled: false,
SSHEnabled: &falseVar,
WindowsPublisher: "MicrosoftWindowsServer",
WindowsOffer: "WindowsServer",
WindowsSku: "2019-Datacenter-Core-smalldisk",
Expand Down
4 changes: 3 additions & 1 deletion pkg/api/convertertoapi.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,9 @@ func convertVLabsWindowsProfile(vlabs *vlabs.WindowsProfile, api *WindowsProfile
convertVLabsKeyVaultSecrets(&s, secret)
api.Secrets = append(api.Secrets, *secret)
}
api.SSHEnabled = vlabs.SSHEnabled
if vlabs.SSHEnabled != nil {
api.SSHEnabled = vlabs.SSHEnabled
}
api.EnableAutomaticUpdates = vlabs.EnableAutomaticUpdates
}

Expand Down
4 changes: 2 additions & 2 deletions pkg/api/convertertoapi_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -894,7 +894,7 @@ func TestConvertVLabsWindowsProfile(t *testing.T) {
AdminPassword: "password",
EnableAutomaticUpdates: &falseVar,
ImageVersion: "17763.615.1907121548",
SSHEnabled: false,
SSHEnabled: &falseVar,
WindowsPublisher: "MicrosoftWindowsServer",
WindowsOffer: "WindowsServer",
WindowsSku: "2019-Datacenter-Core-smalldisk",
Expand All @@ -905,7 +905,7 @@ func TestConvertVLabsWindowsProfile(t *testing.T) {
AdminPassword: "password",
EnableAutomaticUpdates: &falseVar,
ImageVersion: "17763.615.1907121548",
SSHEnabled: false,
SSHEnabled: &falseVar,
WindowsPublisher: "MicrosoftWindowsServer",
WindowsOffer: "WindowsServer",
WindowsSku: "2019-Datacenter-Core-smalldisk",
Expand Down
4 changes: 4 additions & 0 deletions pkg/api/defaults.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -762,6 +762,10 @@ func (p *Properties) setAgentProfileDefaults(isUpgrade, isScale bool) {
func (p *Properties) setWindowsProfileDefaults(isUpgrade, isScale bool) {
windowsProfile := p.WindowsProfile
if !isUpgrade && !isScale {
if windowsProfile.SSHEnabled == nil {
windowsProfile.SSHEnabled = to.BoolPtr(DefaultWindowsSSHEnabled)
}

// This allows caller to use the latest ImageVersion and WindowsSku for adding a new Windows pool to an existing cluster.
// We must assure that same WindowsPublisher and WindowsOffer are used in an existing cluster.
if windowsProfile.WindowsPublisher == AKSWindowsServer2019OSImageConfig.ImagePublisher && windowsProfile.WindowsOffer == AKSWindowsServer2019OSImageConfig.ImageOffer {
Expand Down
35 changes: 18 additions & 17 deletions pkg/api/defaults_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2001,6 +2001,7 @@ func TestDistroDefaults(t *testing.T) {
}

func TestWindowsProfileDefaults(t *testing.T) {
trueVar := true

var tests = []struct {
name string // test case name
Expand All @@ -2022,7 +2023,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: &trueVar,
},
false,
false,
Expand All @@ -2043,7 +2044,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: &trueVar,
},
false,
false,
Expand All @@ -2065,7 +2066,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: &trueVar,
},
false,
false,
Expand All @@ -2087,7 +2088,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: &trueVar,
},
false,
false,
Expand All @@ -2108,7 +2109,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: &trueVar,
},
false,
false,
Expand All @@ -2130,7 +2131,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: &trueVar,
},
false,
false,
Expand All @@ -2152,7 +2153,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: &trueVar,
},
false,
false,
Expand All @@ -2175,7 +2176,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: &trueVar,
},
false,
false,
Expand All @@ -2197,7 +2198,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: &trueVar,
},
false,
false,
Expand All @@ -2220,7 +2221,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: &trueVar,
},
false,
false,
Expand All @@ -2243,7 +2244,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: nil,
},
false,
true,
Expand All @@ -2266,7 +2267,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: nil,
},
false,
true,
Expand All @@ -2289,7 +2290,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: nil,
},
false,
true,
Expand All @@ -2312,7 +2313,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: nil,
},
false,
true,
Expand All @@ -2335,7 +2336,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: nil,
},
false,
true,
Expand All @@ -2358,7 +2359,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: nil,
},
false,
true,
Expand All @@ -2381,7 +2382,7 @@ func TestWindowsProfileDefaults(t *testing.T) {
AdminPassword: "",
WindowsImageSourceURL: "",
WindowsDockerVersion: "",
SSHEnabled: false,
SSHEnabled: nil,
},
false,
false,
Expand Down