kcli-configuration

```

~/.kcli/

├── config.yml # Main configuration (clients/providers)

├── profiles.yml # VM profiles (optional, can be in config.yml)

├── id_rsa / id_rsa.pub # SSH keys for VM access

├── id_ed25519 # Alternative SSH key

└── clusters/ # Cluster state (created by kcli)

```

```yaml

default:

client: localhost # Default provider to use

numcpus: 2

memory: 512

pool: default

nets:

- default

disks:

- size: 10

# Provider definitions

localhost:

type: kvm

host: 127.0.0.1

```

| Type | Description | Required Fields |

|------|-------------|-----------------|

| kvm | Local/remote libvirt | host |

| aws | Amazon Web Services | access_key_id, access_key_secret, region |

| gcp | Google Cloud Platform | credentials, project, zone |

| azure | Microsoft Azure | subscription_id, credentials (file) |

| kubevirt | VMs on Kubernetes | context, host |

| openstack | OpenStack cloud | auth_url, user, password, project |

| ovirt | oVirt/RHV | host, user, password, datacenter |

| vsphere | VMware vSphere | host, user, password, datacenter |

| proxmox | Proxmox VE | host, user, password |

| hcloud | Hetzner Cloud | token |

| ibm | IBM Cloud | iam_api_key, region, vpc |

```yaml

# Local libvirt

localhost:

type: kvm

host: 127.0.0.1

pool: default

# Remote libvirt via SSH

remote-kvm:

type: kvm

host: 192.168.1.100

protocol: ssh # ssh (default), tcp, or tls

user: root # SSH user

pool: default

# url: qemu+ssh://root@host/system # Or custom URI

```

```yaml

myaws:

type: aws

access_key_id: AKIAIOSFODNN7EXAMPLE

access_key_secret: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

region: us-east-1

keypair: mykey # EC2 key pair name

```

```yaml

mygcp:

type: gcp

credentials: ~/service-account.json # Service account JSON

project: my-project-id

zone: us-central1-a

region: us-central1 # Optional, derived from zone

```

```yaml

myazure:

type: azure

subscription_id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

credentials: ~/.azure/credentials.json

# Or use environment: AZURE_AUTH_LOCATION

location: eastus

resource_group: my-rg # Optional, created if needed

```

```yaml

mykubevirt:

type: kubevirt

context: my-k8s-context # kubectl context

host: api.cluster.local # API server for SSH tunneling

pool: my-storageclass # StorageClass name

multus: true # Use Multus CNI

cdi: true # Use CDI for images

```

```yaml

myopenstack:

type: openstack

auth_url: https://openstack:5000/v3

user: admin

password: secret

project: myproject

domain: Default

```

```yaml

myovirt:

type: ovirt

host: ovirt-engine.local

user: admin@internal

password: secret

datacenter: Default

cluster: Default

pool: DataDomain

ca_file: ~/ovirt.pem # Engine CA certificate

```

```yaml

default:

# Client selection

client: localhost

# Compute

numcpus: 2

memory: 512 # MB

cpumodel: host-model

nested: true # Nested virtualization

# Storage

pool: default

disks:

- size: 10

diskinterface: virtio

diskthin: true

# Network

nets:

- default

reservedns: false

reservehost: false

reserveip: false

# OS/Cloud-init

cloudinit: true

keys: [] # SSH public keys

cmds: [] # Post-boot commands

files: [] # Files to inject

# Access

tunnel: false # SSH tunneling for console

insecure: false # Ignore SSH host keys

enableroot: true # Allow root SSH

# Metadata

storemetadata: false

planview: false

```

```yaml

# In ~/.kcli/profiles.yml or config.yml profiles section

small:

numcpus: 1

memory: 1024

disks:

- size: 10

medium:

numcpus: 2

memory: 2048

disks:

- size: 20

large:

numcpus: 4

memory: 4096

disks:

- size: 40

- size: 100

webserver:

image: centos9stream

numcpus: 2

memory: 4096

nets:

- default

cmds:

- dnf -y install nginx

- systemctl enable --now nginx

base: medium # Inherit from another profile

```

```yaml

default:

client: local-kvm # Default client

local-kvm:

type: kvm

host: 127.0.0.1

remote-kvm:

type: kvm

host: 192.168.1.100

myaws:

type: aws

access_key_id: ...

access_key_secret: ...

region: us-east-1

```

Switch clients:

```bash

kcli switch local-kvm # Change default

kcli -C myaws list vm # Use specific client

```

```bash

# List configured clients

kcli list client

# Check client connectivity

kcli list host

# Info about current client

kcli info host

# Switch default client

kcli switch

# Test with specific client

kcli -C list vm

```

Some values can come from environment:

• GOOGLE_APPLICATION_CREDENTIALS - GCP credentials path
• AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY - AWS credentials
• AZURE_AUTH_LOCATION - Azure credentials path
• OS_* - OpenStack credentials (standard OS_ vars)

Connection refused (KVM):

```bash

# Check libvirt is running

sudo systemctl status libvirtd

# Test virsh connection

virsh -c qemu:///system list

```

SSH key issues:

```bash

# Generate kcli SSH key

ssh-keygen -t rsa -N '' -f ~/.kcli/id_rsa

# Or use ed25519

ssh-keygen -t ed25519 -N '' -f ~/.kcli/id_ed25519

```

Debug mode:

```bash

kcli -d list vm # Shows provider connection details

```