There is documentation on how to SSH into AKS nodes (Microsoft docs). That process is long and quite manual. This script automates this.
Note: this script is currently in alpha and should not be used in a production environment.
Clone this git repo and use the az-aks-ssh.sh direction (see below for usage).
Dependencies:
./az-aks-ssh.sh --help
Usage:
SSH into an AKS agent node (pass in -c to run a single command
or omit for an interactive session):
./az-aks-ssh.sh \
-g|--resource-group <resource_group> \
-n|--cluster-name <cluster> \
-d|--node-name <node_name|any> \
[-p|--pod-name <pod_name>] \
[-c|--command <command>] \
[-o|--output-file <file>]
Delete all locally generated SSH keys (~/.ssh/az_aks_*):
./az-aks-ssh.sh --clear-local-ssh-keys
Delete the SSH proxy pod:
./az-aks-ssh.sh --delete-ssh-pod
Cleanup SSH (delete SSH proxy pod and remove all keys):
./az-aks-ssh.sh --cleanupNOTE:
--resource-groupis read fromAZURE_DEFAULTS_GROUPif not specified and that group is searched for a singleton AKS cluster to supply default values if possible.
./az-aks-ssh.sh -g rg1 -n aks1 -d any./az-aks-ssh.sh -g rg1 -n aks1 -d cluster_node./az-aks-ssh.sh -p mypod./az-aks-ssh.sh -g rg1 -n aks1 -d any -c "ps -aux"./az-aks-ssh.sh -g rg1 -n aks1 -d any -c "ps -aux" -o ~/aks-ssh.out./az-aks-ssh.sh --cleanup
The SSH keys are generated for individual nodes. This ensures that keys are not being reused for multiple hosts. --cleanup removes all keys that match the prefix: ~/.ssh/az_aks*.
This design uses a proxy pod that sleeps forever so that it can be reused. --cleanup deletes this pod from the Kubernetes cluster. To see this pod you can run kubectl get pod aks-ssh-session-{NodeName}.