This project adds a new API extension to Kubernetes, that can be used to generate time limited tokens to access VNC.
Note: This project no longer provides VNC proxy functionality, so the project name should be changed in the future.
The SSP operator can be configured to install the VM Console Proxy together with a Route to expose it to the external network.
To deploy the latest version, use the following command:
kubectl apply -f "https://github.com/kubevirt/vm-console-proxy/releases/latest/download/vm-console-proxy.yaml"
See the API documentation.
The token.kubevirt.io:generate
ClusterRole
can be bound to users or service accounts to give
them permission to call the API.
Here are example commands how to bind it to a user or a service account:
# Bind ClusterRole to a user
kubectl create rolebinding "${ROLE_BINDING_NAME}" --clusterrole="token.kubevirt.io:generate" --user="${USER_NAME}"
# Bind ClusterRole to a ServiceAccount
kubectl create rolebinding "${ROLE_BINDING_NAME}" --clusterrole="token.kubevirt.io:generate" --serviceaccount="${SERVICE_ACCOUNT_NAME}"
To develop locally, set the environment variables IMG_REPOSITORY
and IMG_TAG
(or the variable IMG
) to your development repository. Then run make build-container push-container
to build the current code and push it into your development repository. Finally, run make deploy
to install the development version.