Accessing the Bootnode and Red Hat OpenShift cluster

By using Secure Shell (SSH) public key authentication, you can access the Bootnode, the bastion host, and the Red Hat® OpenShift® cluster nodes.

For operational reasons, you might need command-line access to the Bootnode, the bastion host, or the cluster nodes that are located in the virtual private cloud (VPC) of Maximo® Application Suite.

About this task

In the AWS cloud, when you start the Maximo Application Suite installation, a Bootnode is created. By using the required tools and the installation parameters, the Bootnode completes the installation.

In the Red Hat OpenShift cluster that is created during the installation, in a public subnet, a bastion host is created. By using this host, you can connect to the cluster nodes in the private subnets.

The Bootnode, bastion host, and private cluster nodes are all Amazon EC2 instances. To maintain or troubleshooting an EC2 instance, connect to it by using Secure Shell (SSH) public key authentication

Before you installed Maximo Application Suite, you generated a key pair, which consists of a public key and a private key, and uploaded this pair to the Amazon EC2 service. You stored the private key locally. When you specified the installation parameters, you selected the public key in the SSHKey parameter. 

During the installation, a copy of the public key is stored in the Bootnode, the bastion host, and the private cluster nodes. Because you have the corresponding private key, you can access these instances by using SSH. In addition, you can use the SSH authentication agent to connect to these instances by using single sign-on authentication.

To use SSH access to connect to the Bootnode, the bastion host, and the private cluster nodes, complete the following steps.

Procedure

  1. In your AWS account, connect to the EC2 service console.
  2. In the EC2 console, click Instances.
  3. Retrieve the location of the instance that you want to connect to.
    1. To retrieve the Bootnode details, search for bootnode
    2. To retrieve the bastion host details, search for bastion-host. If you want to connect to the private cluster nodes, you must first connect to the bastion host.
    3. Click the instance and copy its location from either the Public IPV4 address or Public IPV4 DNS fields.
    4. In the Instance state column, if the instance is in a shutdown state, click Start instance.  
  4. In your local machine, change the permissions of the private key that you generated before you installed Maximo Application Suite.
    For example, for Linux servers, if you stored the private key in the /tmp/mas-aws-ssh-key.pem file, run the following command:
    chmod 0400 /tmp/mas-aws-ssh-key.pem
  5. If the SSH authentication agent program is not started, run the following command.
    eval `ssh-agent -s`
  6. Add your private key file into the SSH authentication agent by running the following command:
    ssh-add -k /tmp/mas-aws-ssh-key.pem
    You can now connect to the instance by using single sign-on authentication.
  7. By using the instance location that you retrieved in 3.c, connect to the instance by running the following command:
    ssh -A ec2-user@<instance-location>
    For example, to connect to the instance that is at the IP address 35.161.112.157, run the following command:
    ssh -A ec2-user@35.161.112.157
  8. Optional: If you accessed the bastion host, connect to a private cluster node.
    1. Use the Red Hat OpenShift web console to connect to the cluster as an administrator.
    2. In the OCP console, click Home > Overview.
    3. In the Cluster Inventory card, click the link to the node information.
    4. In the Nodes page, click the cluster node that you want to connect to.
    5. Click Node details and record the name of the node.
    6. In the bastion host command shell, access the node.
      ssh core@<node_name>
      For example, to access the ip-10-0-132-250.ec2.internal node, run the following command:
      ssh core@ip-10-0-132-250.ec2.internal