To remotely access a machine that Cloud Assembly has deployed, you add properties, before deployment, to the cloud template for that machine.
For remote access, you can configure one of the following authentication options.
Generate a key pair at provisioning time
If you don't have your own public-private key pair for remote access authentication, you can have Cloud Assembly generate a key pair.
Use the following code as a guideline.
- In Cloud Assembly, before provisioning, add
remoteAccess
properties to the cloud template as shown in the example.The username is optional. If you omit it, the system generates a random ID as the username.
Example:
type: Cloud.Machine properties: name: our-vm2 image: Linux18 flavor: small remoteAccess: authentication: generatedPublicPrivatekey username: testuser
- In Cloud Assembly, provision the machine from its cloud template, and bring it to a started-up state.
The provisioning process generates the keys.
- Locate the key name in the properties.
- Use the cloud provider interface, such as the vSphere client, to access the provisioned machine command line.
- Grant read permission to the private key.
chmod 600 key-name
- Go to the Cloud Assembly deployment, select the machine, and click .
- Copy the private key file to your local machine.
A typical local file path is
/home/username/.ssh/key-name
. - Open a remote SSH session, and connect to the provisioned machine.
ssh -i key-name user-name@machine-ip
Supply your own public-private key pair
Many enterprises create and distribute their own public-private key pairs for authentication.
Use the following code as a guideline.
- In your local environment, obtain or generate your public-private key pair.
For now, just generate and save the keys locally.
- In Cloud Assembly, before provisioning, add
remoteAccess
properties to the cloud template as shown in the example.The sshKey includes the long alphanumeric found within the public key file key-name.pub.
The username is optional and gets created for you to log in with. If you omit it, the system generates a random ID as the username.
Example:
type: Cloud.Machine properties: name: our-vm1 image: Linux18 flavor: small remoteAccess: authentication: publicPrivateKey sshKey: ssh-rsa Iq+5aQgBP3ZNT4o1baP5Ii+dstIcowRRkyobbfpA1mj9tslf qGxvU66PX9IeZax5hZvNWFgjw6ag+ZlzndOLhVdVoW49f274/mIRild7UUW... username: testuser
- In Cloud Assembly, provision the machine from its cloud template, and bring it to a started-up state.
- Using the cloud vendor client, access the provisioned machine.
- Add the public key file to the home folder on the machine. Use the key that you specified in remoteAccess.sshKey.
- Verify that the private key file counterpart is present on your local machine.
The key is typically
/home/username/.ssh/key-name
with no .pub extension. - Open a remote SSH session, and connect to the provisioned machine.
ssh -i key-name user-name@machine-ip
Supply an AWS key pair
By adding an AWS key pair name to the cloud template, you can remotely access a machine that Cloud Assembly deploys to AWS.
Be aware that AWS key pairs are region specific. If you provision workloads into us-east-1, the key pair must exist in us-east-1.
Use the following code as a guideline. This option works for AWS cloud zones only.
type: Cloud.Machine properties: image: Ubuntu flavor: small remoteAccess: authentication: keyPairName keyPair: cas-test constraints: - tag: 'cloud:aws'
Supply a username and password
By adding a username and password to the cloud template, you can have simple remote access to a machine that Cloud Assembly deploys.
Although it is less secure, logging in remotely with a username and password might be all that your situation requires. Be aware that some cloud vendors or configurations might not support this less secure option.
- In Cloud Assembly, before provisioning, add
remoteAccess
properties to the cloud template as shown in the example.Set the username and password to the account that you expect to log in with.
Example:
type: Cloud.Machine properties: name: our-vm3 image: Linux18 flavor: small remoteAccess: authentication: usernamePassword username: testuser password: admin123
- In Cloud Assembly, provision the machine from its cloud template, and bring it to a started-up state.
- Go to your cloud vendor's interface, and access the provisioned machine.
- On the provisioned machine, create or enable the account.
- From your local machine, open a remote session to the provisioned machine IP address or FQDN, and log in with the username and password as usual.