Accessing virtual machine consoles

• About virtual machine console sessions
• Connecting to the virtual machine with the web console
  • Connecting to the terminal
  • Connecting to the serial console
  • Connecting to the VNC console
  • Connecting to the RDP console
• Accessing virtual machine consoles by using CLI commands
  • Accessing a virtual machine instance via SSH
  • Accessing a virtual machine via SSH with YAML configurations
  • Accessing the serial console of a virtual machine instance
  • Accessing the graphical console of a virtual machine instances with VNC
  • Connecting to a Windows virtual machine with an RDP console

OKD Virtualization provides different virtual machine consoles that you can use to accomplish different product tasks. You can access these consoles through the web console and by using CLI commands.

About virtual machine console sessions

You can connect to the VNC and serial consoles of a running virtual machine from the Console tab on the Virtual Machine Details page of the web console.

The VNC Console opens by default when you navigate to the Console tab. You can open a connection to the serial console by clicking the VNC Console drop-down list and selecting Serial Console.

Console sessions remain active in the background unless they are disconnected. To ensure that only one console session is open at a time, click the Disconnect before switching check box before switching consoles.

You can open the active console session in a detached window by clicking Open Console in New Window or by clicking Actions → Open Console.

Options for the VNC Console

• Send key combinations to the virtual machine by clicking Send Key.

Options for the Serial Console

• Manually disconnect the Serial Console session from the virtual machine by clicking Disconnect.

• Manually open a Serial Console session to the virtual machine by clicking Reconnect.

Connecting to the virtual machine with the web console

Connecting to the terminal

You can connect to a virtual machine by using the web console.

Procedure

1. Ensure you are in the correct project. If not, click the Project list and select the appropriate project.

2. Click Workloads → Virtualization from the side menu.

3. Click the Virtual Machines tab.

4. Select a virtual machine to open the Virtual Machine Overview screen.

5. In the Details tab, click the virt-launcher-<vm-name> pod.

6. Click the Terminal tab. If the terminal is blank, select the terminal and press any key to initiate connection.

Connecting to the serial console

Connect to the Serial Console of a running virtual machine from the Console tab in the Virtual Machine Overview screen of the web console.

Procedure

1. In the OKD Virtualization console, click Workloads → Virtualization from the side menu.

2. Click the Virtual Machines tab.

3. Select a virtual machine to open the Virtual Machine Overview page.

4. Click Console. The VNC console opens by default.

5. Click the VNC Console drop-down list and select Serial Console.

6. Optional: Open the serial console in a separate window by clicking Open Console in New Window.

Connecting to the VNC console

Connect to the VNC console of a running virtual machine from the Console tab in the Virtual Machine Overview screen of the web console.

Procedure

1. In the OKD Virtualization console, click Workloads → Virtualization from the side menu.

2. Click the Virtual Machines tab.

3. Select a virtual machine to open the Virtual Machine Overview page.

4. Click the Console tab. The VNC console opens by default.

5. Optional: Open the VNC console in a separate window by clicking Open Console in New Window.

Connecting to the RDP console

The desktop viewer console, which utilizes the Remote Desktop Protocol (RDP), provides a better console experience for connecting to Windows virtual machines.

To connect to a Windows virtual machine with RDP, download the console.rdp file for the virtual machine from the Consoles tab in the Virtual Machine Details screen of the web console and supply it to your preferred RDP client.

Prerequisites

• A running Windows virtual machine with the QEMU guest agent installed. The qemu-guest-agent is included in the VirtIO drivers.

• A layer-2 NIC attached to the virtual machine.

• An RDP client installed on a machine on the same network as the Windows virtual machine.

Procedure

1. In the OKD Virtualization console, click Workloads → Virtualization from the side menu.

2. Click the Virtual Machines tab.

3. Select a Windows virtual machine to open the Virtual Machine Overview screen.

4. Click the Console tab.

5. In the Console list, select Desktop Viewer.

6. In the Network Interface list, select the layer-2 NIC.

7. Click Launch Remote Desktop to download the console.rdp file.

8. Open an RDP client and reference the console.rdp file. For example, using remmina:

   $ remmina --connect /path/to/console.rdp

9. Enter the Administrator user name and password to connect to the Windows virtual machine.

Accessing virtual machine consoles by using CLI commands

Accessing a virtual machine instance via SSH

You can use SSH to access a virtual machine (VM) after you expose port 22 on it.

The virtctl expose command forwards a virtual machine instance (VMI) port to a node port and creates a service for enabled access. The following example creates the fedora-vm-ssh service that forwards traffic from a specific port of cluster nodes to port 22 of the <fedora-vm> virtual machine.

Prerequisites

• You must be in the same project as the VMI.

• The VMI you want to access must be connected to the default pod network by using the masquerade binding method.

• The VMI you want to access must be running.

• Install the OpenShift CLI (oc).

Procedure

1. Run the following command to create the fedora-vm-ssh service:

   $ virtctl expose vm <fedora-vm> --port=22 --name=fedora-vm-ssh --type=NodePort (1)

   1	<fedora-vm> is the name of the VM that you run the fedora-vm-ssh service on.

2. Check the service to find out which port the service acquired:

   $ oc get svc

Example output

NAME            TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)           AGE
fedora-vm-ssh   NodePort   127.0.0.1      <none>        22:32551/TCP   6s

+ In this example, the service acquired the 32551 port.

1. Log in to the VMI via SSH. Use the ipAddress of any of the cluster nodes and the port that you found in the previous step:

   $ ssh username@<node_IP_address> -p 32551

Accessing a virtual machine via SSH with YAML configurations

You can enable an SSH connection to a virtual machine (VM) without the need to run the virtctl expose command. When the YAML file for the VM and the YAML file for the service are configured and applied, the service forwards the SSH traffic to the VM.

The following examples show the configurations for the VM’s YAML file and the service YAML file.

Prerequisites

• Install the OpenShift CLI (oc).

• Create a namespace for the VM’s YAML file by using the oc create namespace command and specifying a name for the namespace.

Procedure

1. In the YAML file for the VM, add the label and a value for exposing the service for SSH connections. Enable the masquerade feature for the interface:

   Example VirtualMachine definition

   ...
   apiVersion: kubevirt.io/v1
   kind: VirtualMachine
   metadata:
     namespace: ssh-ns (1)
     name: vm-ssh
   spec:
     running: false
     template:
       metadata:
         labels:
           kubevirt.io/vm: vm-ssh
           special: vm-ssh (2)
       spec:
         domain:
           devices:
             disks:
             - disk:
                 bus: virtio
               name: containerdisk
             - disk:
                 bus: virtio
               name: cloudinitdisk
             interfaces:
             - masquerade: {} (3)
               name: testmasquerade (4)
             rng: {}
           machine:
             type: ""
           resources:
             requests:
               memory: 1024M
         networks:
         - name: testmasquerade
           pod: {}
         volumes:
         - name: containerdisk
           containerDisk:
             image: kubevirt/fedora-cloud-container-disk-demo
         - name: cloudinitdisk
           cloudInitNoCloud:
             userData: |
               #!/bin/bash
               echo "fedora" | passwd fedora --stdin
   ...

   1	Name of the namespace created by the oc create namespace command.
   2	Label used by the service to identify the virtual machine instances that are enabled for SSH traffic connections. The label can be any key:value pair that is added as a label to this YAML file and as a selector in the service YAML file.
   3	The interface type is masquerade.
   4	The name of this interface is testmasquerade.

2. Create the VM:

   $ oc create -f <path_for_the_VM_YAML_file>

3. Start the VM:

   $ virtctl start vm-ssh

4. In the YAML file for the service, specify the service name, port number, and the target port.

   Example Service definition

   ...
   apiVersion: v1
   kind: Service
   metadata:
     name: svc-ssh (1)
     namespace: ssh-ns (2)
   spec:
     ports:
     - targetPort: 22 (3)
       protocol: TCP
       port: 27017
     selector:
       special: vm-ssh (4)
     type: NodePort
   ...

   1	Name of the SSH service.
   2	Name of the namespace created by the oc create namespace command.
   3	The target port number for the SSH connection.
   4	The selector name and value must match the label specified in the YAML file for the VM.

5. Create the service:

   $ oc create -f <path_for_the_service_YAML_file>

6. Verify that the VM is running:

   $ oc get vmi

   Example output

   NAME    AGE     PHASE       IP              NODENAME
   vm-ssh 6s       Running     10.244.196.152  node01

7. Check the service to find out which port the service acquired:

   $ oc get svc

   Example output

   NAME            TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)           AGE
   svc-ssh     NodePort       10.106.236.208 <none>        27017:30093/TCP   22s

   In this example, the service acquired the port number 30093.

8. Run the following command to obtain the IP address for the node:

   $ oc get node <node_name> -o wide

   Example output

   NAME    STATUS   ROLES   AGE    VERSION  INTERNAL-IP      EXTERNAL-IP
   node01  Ready    worker  6d22h  v1.22.1  192.168.55.101   <none>

9. Log in to the VM via SSH by specifying the IP address of the node where the VM is running and the port number. Use the port number displayed by the oc get svc command and the IP address of the node displayed by the oc get node command. The following example shows the ssh command with the username, node’s IP address, and the port number:

   $ ssh fedora@192.168.55.101 -p 30093

Accessing the serial console of a virtual machine instance

The virtctl console command opens a serial console to the specified virtual machine instance.

Prerequisites

• The virt-viewer package must be installed.

• The virtual machine instance you want to access must be running.

Procedure

• Connect to the serial console with virtctl:

  $ virtctl console <VMI>

Accessing the graphical console of a virtual machine instances with VNC

The virtctl client utility can use the remote-viewer function to open a graphical console to a running virtual machine instance. This capability is included in the virt-viewer package.

Prerequisites

• The virt-viewer package must be installed.

• The virtual machine instance you want to access must be running.

Procedure

1. Connect to the graphical interface with the virtctl utility:

   $ virtctl vnc <VMI>

2. If the command failed, try using the -v flag to collect troubleshooting information:

   $ virtctl vnc <VMI> -v 4

Connecting to a Windows virtual machine with an RDP console

The Remote Desktop Protocol (RDP) provides a better console experience for connecting to Windows virtual machines.

To connect to a Windows virtual machine with RDP, specify the IP address of the attached L2 NIC to your RDP client.

Prerequisites

• A running Windows virtual machine with the QEMU guest agent installed. The qemu-guest-agent is included in the VirtIO drivers.

• A layer 2 NIC attached to the virtual machine.

• An RDP client installed on a machine on the same network as the Windows virtual machine.

Procedure

1. Log in to the OKD Virtualization cluster through the oc CLI tool as a user with an access token.

   $ oc login -u <user> https://<cluster.example.com>:8443

2. Use oc describe vmi to display the configuration of the running Windows virtual machine.

   $ oc describe vmi <windows-vmi-name>

   Example output

   ...
   spec:
     networks:
     - name: default
       pod: {}
     - multus:
         networkName: cnv-bridge
       name: bridge-net
   ...
   status:
     interfaces:
     - interfaceName: eth0
       ipAddress: 198.51.100.0/24
       ipAddresses:
         198.51.100.0/24
       mac: a0:36:9f:0f:b1:70
       name: default
     - interfaceName: eth1
       ipAddress: 192.0.2.0/24
       ipAddresses:
         192.0.2.0/24
         2001:db8::/32
       mac: 00:17:a4:77:77:25
       name: bridge-net
   ...

3. Identify and copy the IP address of the layer 2 network interface. This is 192.0.2.0 in the above example, or 2001:db8:: if you prefer IPv6.

4. Open an RDP client and use the IP address copied in the previous step for the connection.

5. Enter the Administrator user name and password to connect to the Windows virtual machine.