Accessing virtual machine consoles
- Accessing virtual machine consoles in the OKD web console
- Accessing virtual machine consoles by using CLI commands

Accessing virtual machine consoles

OKD Virtualization provides different virtual machine consoles that you can use to accomplish different product tasks. You can access these consoles through the OKD web console and by using CLI commands.

Accessing virtual machine consoles in the OKD web console

You can connect to virtual machines by using the serial console or the VNC console in the OKD web console.

You can connect to Windows virtual machines by using the desktop viewer console, which uses RDP (remote desktop protocol), in the OKD web console.

Connecting to the serial console

Connect to the serial console of a running virtual machine from the Console tab on the VirtualMachine details page of the web console.

Procedure

In the OKD console, click Virtualization → VirtualMachines from the side menu.
Select a virtual machine to open the VirtualMachine details page.
Click the Console tab. The VNC console opens by default.
Click Disconnect to ensure that only one console session is open at a time. Otherwise, the VNC console session remains active in the background.
Click the VNC Console drop-down list and select Serial Console.
Click Disconnect to end the console session.
Optional: Open the serial console in a separate window by clicking Open Console in New Window.

Connecting to the VNC console

Connect to the VNC console of a running virtual machine from the Console tab on the VirtualMachine details page of the web console.

Procedure

In the OKD console, click Virtualization → VirtualMachines from the side menu.
Select a virtual machine to open the VirtualMachine details page.
Click the Console tab. The VNC console opens by default.
Optional: Open the VNC console in a separate window by clicking Open Console in New Window.
Optional: Send key combinations to the virtual machine by clicking Send Key.
Click outside the console window and then click Disconnect to end the session.

Connecting to a Windows virtual machine with RDP

The Desktop viewer console, which utilizes the Remote Desktop Protocol (RDP), provides a better console experience for connecting to Windows virtual machines.

To connect to a Windows virtual machine with RDP, download the console.rdp file for the virtual machine from the Console tab on the VirtualMachine details page of the web console and supply it to your preferred RDP client.

Prerequisites

A running Windows virtual machine with the QEMU guest agent installed. The qemu-guest-agent is included in the VirtIO drivers.
An RDP client installed on a machine on the same network as the Windows virtual machine.

Procedure

In the OKD console, click Virtualization → VirtualMachines from the side menu.
Click a Windows virtual machine to open the VirtualMachine details page.
Click the Console tab.
From the list of consoles, select Desktop viewer.
Click Launch Remote Desktop to download the console.rdp file.
Reference the console.rdp file in your preferred RDP client to connect to the Windows virtual machine.

Switching between virtual machine displays

If your Windows virtual machine (VM) has a vGPU attached, you can switch between the default display and the vGPU display by using the web console.

Prerequisites

The mediated device is configured in the HyperConverged custom resource and assigned to the VM.
The VM is running.

Procedure

In the OKD console, click Virtualization → VirtualMachines
Select a Windows virtual machine to open the Overview screen.
Click the Console tab.
From the list of consoles, select VNC console.
Choose the appropriate key combination from the Send Key list:
1. To access the default VM display, select Ctl + Alt+ 1.
2. To access the vGPU display, select Ctl + Alt + 2.

Additional resources

Configuring mediated devices

Copying the SSH command using the web console

Copy the command to connect to a virtual machine (VM) terminal via SSH.

Procedure

In the OKD console, click Virtualization → VirtualMachines from the side menu.
Click the Options menu for your virtual machine and select Copy SSH command.
Paste it in the terminal to access the VM.

Accessing virtual machine consoles by using CLI commands

Accessing a virtual machine via SSH by using virtctl

You can use the virtctl ssh command to forward SSH traffic to a virtual machine (VM) by using your local SSH client.

Heavy SSH traffic on the control plane can slow down the API server. If you regularly need a large number of connections, use a dedicated Kubernetes Service object to access the virtual machine.

Prerequisites

You have access to an OKD cluster with cluster-admin permissions.
You have installed the OpenShift CLI (oc).
You have installed the virtctl client.
The virtual machine you want to access is running.
You are in the same project as the VM.

Procedure

Use the ssh-keygen command to generate an SSH public key pair:
```
$ ssh-keygen -f <key_file> (1)
```
1 Specify the file in which to store the keys.
Create an SSH authentication secret which contains the SSH public key to access the VM:
```
$ oc create secret generic my-pub-key --from-file=key1=<key_file>.pub
```

Add a reference to the secret in the VirtualMachine manifest. For example:

apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
  name: testvm
spec:
  running: true
  template:
    spec:
      accessCredentials:
      - sshPublicKey:
          source:
            secret:
              secretName: my-pub-key (1)
          propagationMethod:
            configDrive: {} (2)
# ...

1	Reference to the SSH authentication `Secret` object.
2	The SSH public key is injected into the VM as cloud-init metadata using the `configDrive` provider.

Restart the VM to apply your changes.

Run the following command to access the VM via SSH:

$ virtctl ssh -i <key_file> <vm_username>@<vm_name>

Optional: To securely transfer files to or from the VM, use the following commands:

Copy a file from your machine to the VM
```
$ virtctl scp -i <key_file> <filename> <vm_username>@<vm_name>:
```
Copy a file from the VM to your machine
```
$ virtctl scp -i <key_file> <vm_username@<vm_name>:<filename> .
```

Additional resources

Accessing the serial console of a virtual machine instance

The virtctl console command opens a serial console to the specified virtual machine instance.

Prerequisites

The virt-viewer package must be installed.
The virtual machine instance you want to access must be running.

Procedure

Connect to the serial console with virtctl:
```
$ virtctl console <VMI>
```

Accessing the graphical console of a virtual machine instances with VNC

The virtctl client utility can use the remote-viewer function to open a graphical console to a running virtual machine instance. This capability is included in the virt-viewer package.

Prerequisites

The virt-viewer package must be installed.
The virtual machine instance you want to access must be running.

If you use virtctl via SSH on a remote machine, you must forward the X session to your machine.

Procedure

Connect to the graphical interface with the virtctl utility:
```
$ virtctl vnc <VMI>
```
If the command failed, try using the -v flag to collect troubleshooting information:
```
$ virtctl vnc <VMI> -v 4
```

Connecting to a Windows virtual machine with an RDP console

Create a Kubernetes Service object to connect to a Windows virtual machine (VM) by using your local Remote Desktop Protocol (RDP) client.

Prerequisites

A running Windows virtual machine with the QEMU guest agent installed. The qemu-guest-agent object is included in the VirtIO drivers.
An RDP client installed on your local machine.

Procedure

Edit the VirtualMachine manifest to add the label for service creation:
```
apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
  name: vm-ephemeral
  namespace: example-namespace
spec:
  running: false
  template:
    metadata:
      labels:
        special: key (1)
# ...
```
1 Add the label special: key in the spec.template.metadata.labels section.

Labels on a virtual machine are passed through to the pod. The special: key label must match the label in the spec.selector attribute of the Service manifest.
Save the VirtualMachine manifest file to apply your changes.

Create a Service manifest to expose the VM:

apiVersion: v1
kind: Service
metadata:
  name: rdpservice (1)
  namespace: example-namespace (2)
spec:
  ports:
  - targetPort: 3389 (3)
    protocol: TCP
  selector:
    special: key (4)
  type: NodePort (5)
# ...

1	The name of the `Service` object.
2	The namespace where the `Service` object resides. This must match the `metadata.namespace` field of the `VirtualMachine` manifest.
3	The VM port to be exposed by the service. It must reference an open port if a port list is defined in the VM manifest.
4	The reference to the label that you added in the `spec.template.metadata.labels` stanza of the `VirtualMachine` manifest.
5	The type of service.

Save the Service manifest file.
Create the service by running the following command:
```
$ oc create -f <service_name>.yaml
```
Start the VM. If the VM is already running, restart it.

Query the Service object to verify that it is available:

$ oc get service -n example-namespace

Example output for NodePort service

NAME        TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)            AGE
rdpservice   NodePort    172.30.232.73   <none>       3389:30000/TCP    5m

Run the following command to obtain the IP address for the node:

$ oc get node <node_name> -o wide

Example output

NAME    STATUS   ROLES   AGE    VERSION  INTERNAL-IP      EXTERNAL-IP
node01  Ready    worker  6d22h  v1.24.0  192.168.55.101   <none>

Specify the node IP address and the assigned port in your preferred RDP client.
Enter the user name and password to connect to the Windows virtual machine.