Showing results for 
Search instead for 
Did you mean: 

SSH to master node via Bastion node

I've followed the AWS quick installer guide and used the OpenShift installer to create my infrastructure on AWS. I have a bastion installed manually and added it to the VPC that the terraform file from the OpenShift installer creates.

I would like to be able to SSH to a master node on my OpenShift cluster from my Bastion server, but I'm not sure what user and password to give.
The environment and the bastion machine are all created using the same SSH key.

Labels (1)
0 Kudos
1 Reply

Re: SSH to master node via Bastion node

You need to use the private SSH key that corresponds to the public SSH key you provided to openshift-install. There is no user with any password on the master (nor the worker nodes). The only option is key-based authentication.

Be warned that SSH access to any node "taints" it. It will be unschedulable until you untaint it. OpenShift does not want that you SSH into nodes. Most of the times you can use "oc debug node/name-of-the-node" to get a local prompt to perform tasks such as review systemd logs, check installed RPM packages, etc.

The idea is that OpenShift manages the nodes. if you want to open SSH sessions to change local configuration files and install software such as a backup agent, you are not doing it right. All configuration files would be managed by operators, using machineconfig resources and other CRDs. Software that you want to install on nodes need to be containers managed by daemon sets.

Join the discussion
You must log in to join this conversation.