SSHing into Nodes
Setting up an SSH connection into your DC/OS cluster
If you are on the same network as your cluster or connected by a VPN, you can use the dcos node ssh
command to SSH into your cluster. For more information, see the dcos node section of the CLI reference.
Prerequisite:
- An unencrypted SSH key that can be used to authenticate with the cluster nodes over SSH. Encrypted SSH keys are not supported.
SSH to your DC/OS cluster on Unix/Linux (macOS, Ubuntu, etc)
WARNING: Mesosphere does not support Ubuntu as an operating system for DC/OS, even when using Microsoft Azure.
Change the permissions on the
.pem
file to owner read/write using thechmod
command.IMPORTANT: Your .pem file must be located in the
~/.ssh
directory.chmod 600 <private-key>.pem
SSH into the cluster.
From your terminal, add your new configuration to the
.pem
file, where<private-key>
is your.pem
file.ssh-add ~/.ssh/<private-key>.pem
Identity added: /Users/<yourdir>/.ssh/<private-key>.pem (/Users/<yourdir>/.ssh/<private-key>.pem)
To SSH to a master node:
From the DC/OS CLI, enter the following command:
dcos node ssh --master-proxy --leader
The default user is dependent upon your OS. If you are using CentOS, enter:
dcos node ssh --master-proxy --leader --user=centos
To SSH to an agent node:
From the DC/OS CLI, enter the following command, where
<mesos-id>
is your agent ID.dcos node ssh --master-proxy --mesos-id=<mesos-id>
To find the agent ID, select the Nodes tab in the DC/OS UI and click Details.
Figure 1. UI Node ID screen
SSH to your DC/OS cluster on Windows
Requirements:
- PuTTY SSH client or equivalent. (These instructions assume you are using PuTTY, but almost any SSH client will work.)
- PuTTYgen RSA and DSA key generation utility
- Pageant SSH authentication agent
To install these programs, download the Windows installer from the official PuTTY download page.
Convert the
.pem
file type to.ppk
by using PuTTYgen:Open PuTTYgen, select File > Load Private Key, and choose your
.pem
file.Select SSH-2 RSA as the key type, click Save private key, then choose the name and location to save your new .ppk key.
Figure 2. Windows PuTTY key
Close
PuTTYgen
.
SSH into the cluster.
To SSH to a master node:
From the DC/OS web interface, copy the IP address of the master node. It will be the IP address that you used to connect to the GUI.
Open PuTTY and enter the master node IP address in the Host Name (or IP address) field.
Figure 3. PuTTY configuration
In the Category pane on the left side of the PuTTY window, choose Connection > SSH > Auth, click Browse, locate and select your
.ppk
file, then click Open.Figure 4. PuTTY SSH options
Log in as user “core” if you are running CoreOS. The default user on CentOS is “centos”.
Figure 5. Windows login
To SSH to an agent node
WARNING: SSH agent forwarding has security implications. Only add servers that you trust and that you intend to use with agent forwarding. For more information on agent forwarding, see Using SSH agent forwarding.
Prerequisite: You must be logged out of your master node.
Enable agent forwarding in PuTTY.
Open PuTTY. In the Category pane on the left side of the PuTTY window, choose Connection > SSH > Auth and check the Allow agent forwarding box.
Click the Browse button and locate the
.ppk
file that you created previously using PuTTYgen.Figure 6. Windows forwarding
Add the
.ppk
file to Pageant.Open Pageant. If the Pageant window does not appear, look for the Pageant icon in the notification area in the lower right area of the screen next to the clock and double-click it to open Pageant’s main window.
Click the Add Key button.
Locate the
.ppk
file that you created using PuTTYgen and click Open to add your key to Pageant.Figure 7. Windows Pageant
Click the Close button to close the Pageant window.
SSH into the master node.
From the DC/OS web interface, copy the IP address of the master node. The IP address is displayed beneath your cluster name.
In the Category pane on the left side of the PuTTY window, choose Session and enter the master node IP address in the Host Name (or IP address) field.
Log in as user “core” if you are running CoreOS. The default user on CentOS is “centos”.
Figure 8. Windows login
From the master node, SSH into the agent node.
From the Mesos web interface, copy the agent node hostname. You can find hostnames on the Frameworks (
<master-node-IPaddress>/mesos/#/frameworks
) or Slaves page (<master-node-IPaddress>/mesos/#/slaves
).SSH into the agent node as the user
centos
with the agent node hostname specified:ssh centos@<agent-node-hostname>