Connexion
macstadium

orka3-cli

by @macstadium in DevOps & Cloud
0
0
# Install this skill:
npx skills add macstadium/orka3-cli-claude-skill

Or install specific skill: npx add-skill https://github.com/macstadium/orka3-cli-claude-skill

# Description

Expert guidance for using the Orka3 CLI to manage macOS virtualization infrastructure. Use when users need to work with Orka VMs, images, nodes, or cluster resources through natural language requests like "Create 3 VMs with macOS Sonoma", "Show me all running VMs", "How do I configure VM networking?", "Set up a CI/CD pipeline", or any VM management, troubleshooting, or infrastructure configuration tasks. Covers VM lifecycle, image management, OCI registries, node operations, namespaces, RBAC, and authentication.

# SKILL.md

name: orka3-cli
description: Expert guidance for using the Orka3 CLI to manage macOS virtualization infrastructure. Use when users need to work with Orka VMs, images, nodes, or cluster resources through natural language requests like "Create 3 VMs with macOS Sonoma", "Show me all running VMs", "How do I configure VM networking?", "Set up a CI/CD pipeline", or any VM management, troubleshooting, or infrastructure configuration tasks. Covers VM lifecycle, image management, OCI registries, node operations, namespaces, RBAC, and authentication.

Orka3 CLI

Overview

This skill provides expert guidance for using the Orka3 CLI, MacStadium's command-line tool for managing macOS virtualization infrastructure. Use this skill to translate natural language requests into proper Orka3 CLI commands and workflows.

Core Concepts

Architecture Types:
- amd64 (Intel): Mac Pro, Mac mini (Intel), iMac Pro
- arm64 (Apple Silicon): Mac mini (M1/M2/M3/M4), Mac Studio

Key Components:
- VMs: Virtual machines running macOS
- Images: Disk images containing macOS OS and configurations (local or OCI-based)
- Nodes: Physical Mac hardware providing compute resources
- Namespaces: Resource isolation and access control (default: orka-default)
- Service Accounts: Authentication for CI/CD integrations

Authentication:
- User login: orka3 login (MacStadium Customer Portal credentials)
- Service accounts: For automation and CI/CD
- Tokens: Valid for 1 hour, stored in ~/.kube/config

Getting Started Workflow

For first-time setup, follow this sequence:

# 1. Configure the CLI
orka3 config set --api-url <ORKA_API_URL>

# 2. Set up shell completion (optional)
orka3 completion bash  # or zsh, fish, powershell

# 3. Authenticate
orka3 login

# 4. Verify connectivity
orka3 node list

Finding API URL:
- Orka 2.1+: http://10.221.188.20 (Private-1 .20 address)
- Pre-2.1: http://10.221.188.100
- Orka domain: https://company.orka.app
- Custom domain: https://company.com

Quick VM Operations

Deploy a VM (simplest form):

# Deploy from OCI image (recommended)
orka3 vm deploy --image ghcr.io/macstadium/orka-images/sonoma:latest

# Deploy from local image
orka3 vm deploy --image sonoma-90gb-orka3-arm

# Deploy with specific resources
orka3 vm deploy --image <IMAGE> --cpu 6 --memory 16

# Deploy with custom name
orka3 vm deploy my-vm --image <IMAGE> --cpu 4

List VMs:

orka3 vm list                    # Basic info
orka3 vm list --output wide      # Detailed info
orka3 vm list <VM_NAME>          # Specific VM

Delete VMs:

orka3 vm delete <VM_NAME>
orka3 vm delete <VM1> <VM2>      # Multiple VMs

Connect to VMs:
- Screen Sharing: vnc://<VM-IP>:<Screenshare-port> (from orka3 vm list)
- Default credentials: admin/admin (for MacStadium base images)

Image Management

Working with Local Images:

orka3 image list                 # List local images
orka3 image copy <SRC> <DST>     # Copy image
orka3 image delete <IMAGE>       # Delete image

Image Caching (Apple Silicon only):

# Cache image on specific nodes
orka3 imagecache add <IMAGE> --nodes <NODE1>,<NODE2>

# Cache on all nodes in namespace
orka3 imagecache add <IMAGE> --all

# Cache on tagged nodes
orka3 imagecache add <IMAGE> --tags <TAG>

# Check caching status
orka3 imagecache info <IMAGE>

# List cached images
orka3 imagecache list

OCI Registry Integration:

# Add registry credentials (admin only)
orka3 regcred add https://ghcr.io --username <USER> --password <TOKEN>

# Deploy from OCI image
orka3 vm deploy --image ghcr.io/org/repo/image:tag

# Push VM to OCI registry (ARM only)
orka3 vm push <VM_NAME> ghcr.io/org/repo/image:tag
orka3 vm get-push-status <JOB_NAME>

VM Lifecycle Operations

Saving Changes:

# Save as new image (preserves original)
orka3 vm save <VM_NAME> <NEW_IMAGE_NAME>

# Commit to original image (modifies original)
orka3 vm commit <VM_NAME>

# Push to OCI registry (ARM only)
orka3 vm push <VM_NAME> <IMAGE:TAG>

Resizing Disks:

# Apple Silicon (automatic)
orka3 vm resize <VM_NAME> <NEW_SIZE_GB>

# Intel (with automatic repartition)
orka3 vm resize <VM_NAME> <SIZE> --user admin --password admin

Power Operations (Intel only):

orka3 vm start <VM_NAME>         # Power on
orka3 vm stop <VM_NAME>          # Power off
orka3 vm suspend <VM_NAME>       # Suspend
orka3 vm resume <VM_NAME>        # Resume
orka3 vm revert <VM_NAME>        # Revert to image

VM Configuration Templates

Create reusable templates for consistent VM deployments:

# Create template
orka3 vm-config create <NAME> \
  --image <IMAGE> \
  --cpu 6 \
  --memory 12

# Create with node affinity
orka3 vm-config create <NAME> \
  --image <IMAGE> \
  --tag jenkins-builds \
  --tag-required

# Deploy from template
orka3 vm deploy --config <TEMPLATE_NAME>

# Deploy and override settings
orka3 vm deploy --config <TEMPLATE> --cpu 8 --memory 16

# List and delete templates
orka3 vm-config list
orka3 vm-config delete <NAME>

Node Management

Basic Operations:

orka3 node list                  # List nodes
orka3 node list --output wide    # Detailed info
orka3 node list <NODE_NAME>      # Specific node

Node Tagging (admin only):

# Tag node for affinity
orka3 node tag <NODE> <TAG>

# Remove tag
orka3 node untag <NODE> <TAG>

# Check tags
orka3 node list <NODE> --output wide

Moving Nodes Between Namespaces (admin only):

orka3 node namespace <NODE> <TARGET_NAMESPACE>

Namespace Management (Admin)

Creating and Managing Namespaces:

# Create namespace
orka3 namespace create orka-test

# Create for custom pods
orka3 namespace create orka-cp --enable-custom-pods

# List namespaces
orka3 namespace list

# Delete namespace (must be empty)
orka3 namespace delete orka-test

After Creating a Namespace:
1. Move nodes to provide resources: orka3 node namespace <NODE> <NAMESPACE>
2. Grant user access: orka3 rb add-subject --namespace <NS> --user <EMAIL>
3. Grant service account access: orka3 rb add-subject --namespace <NS> --serviceaccount <SA_NS>:<SA_NAME>

Access Control (Admin)

Service Accounts:

# Create service account
orka3 sa create <SA_NAME>

# Create in specific namespace
orka3 sa create <SA_NAME> --namespace <NS>

# Get token (valid 1 year by default)
orka3 sa token <SA_NAME>

# Get token with custom duration
orka3 sa token <SA_NAME> --duration 1h

# Get token with no expiration
orka3 sa token <SA_NAME> --no-expiration

# List service accounts
orka3 sa list
orka3 sa list --namespace <NS>

# Delete service account
orka3 sa delete <SA_NAME>

Rolebindings (RBAC):

# Grant user access to namespace
orka3 rb add-subject --namespace <NS> --user <EMAIL>

# Grant multiple users access
orka3 rb add-subject --namespace <NS> --user <EMAIL1>,<EMAIL2>

# Grant service account access
orka3 rb add-subject --namespace <NS> --serviceaccount <SA_NS>:<SA_NAME>

# List subjects in namespace
orka3 rb list-subjects --namespace <NS>

# Revoke access
orka3 rb remove-subject --namespace <NS> --user <EMAIL>
orka3 rb remove-subject --namespace <NS> --serviceaccount <SA_NS>:<SA_NAME>

Common Workflows

Setting Up a CI/CD Pipeline:
1. Create service account: orka3 sa create sa-jenkins
2. Get token: orka3 sa token sa-jenkins
3. Configure token in CI/CD tool
4. Create VM config for builds: orka3 vmc create ci-build --image <IMAGE> --cpu 4
5. Deploy in CI: orka3 vm deploy --config ci-build

Multi-Namespace Setup:
1. Create namespace: orka3 namespace create orka-team
2. Move nodes: orka3 node namespace mini-1 orka-team
3. Grant access: orka3 rb add-subject --namespace orka-team --user [email protected]
4. Create service account: orka3 sa create sa-team-ci --namespace orka-team

Image Preparation Workflow:
1. Deploy base VM: orka3 vm deploy --image ghcr.io/macstadium/orka-images/sonoma:latest
2. Connect via Screen Sharing
3. Install software and configure
4. Save image: orka3 vm save <VM> my-configured-image
5. Delete VM: orka3 vm delete <VM>
6. Deploy new VMs: orka3 vm deploy --image my-configured-image

Command Patterns & Flags

Common Global Flags:
- -n, --namespace: Specify namespace (default: orka-default)
- -o, --output: Output format (table (default), wide, json)
- -h, --help: Display help

Output Formats:
- table: Essential information (default)
- wide: Extended details and additional columns
- json: Machine-readable for scripting

Command Aliases:
- vm-configvmc
- serviceaccountsa
- rolebindingrb
- registrycredentialregcred
- imagecacheic

Architecture-Specific Features

Intel Only (amd64):
- orka3 image generate: Create empty images for OS installs
- orka3 iso commands: Manage installation ISOs
- Power operations: start, stop, suspend, resume, revert
- --iso: Attach ISO during deployment
- --gpu: Enable GPU passthrough (requires --disable-vnc)
- --system-serial: Custom serial number
- --disable-net-boost: Disable network performance boost

Apple Silicon Only (arm64):
- orka3 vm push: Push to OCI registries
- orka3 imagecache: Cache images on nodes
- OCI image support: Deploy directly from registries
- Automatic disk resize (no SSH credentials needed)

Getting Help

Built-in Help:

orka3 --help                     # Main help
orka3 <command> --help           # Command help
orka3 <command> <sub> --help     # Sub-command help

Checking Async Operations:
- Images: orka3 image list <IMAGE>
- Image caching: orka3 imagecache info <IMAGE>
- Image push: orka3 vm get-push-status <JOB_NAME>

JSON Output with jq:

# Get all VM names
orka3 vm list -o json | jq -r '.items[].name'

# Get VMs with >4 CPUs
orka3 vm list -o json | jq '.items[] | select(.cpu > 4)'

# Count VMs
orka3 vm list -o json | jq '.items | length'

Reference Documentation

For detailed command syntax, options, and advanced usage patterns:
- references/command-reference.md: Complete command syntax for all operations
- references/workflows.md: Common workflows and detailed examples
- references/troubleshooting.md: Common issues and solutions

Best Practices

  1. Always verify namespace context - Use -n flag or check current context
  2. Use output formats appropriately - --output wide for troubleshooting, json for scripting
  3. Cache images before mass deployments - Improves deployment consistency
  4. Use VM configs for repeatability - Create templates for common VM types
  5. Tag nodes for workload isolation - Use --tag for targeted deployments
  6. Test with single VM first - Verify image/config before mass deployment
  7. Save images regularly - Preserve work with vm save or vm commit
  8. Use service accounts for automation - Never use user credentials in CI/CD
  9. Check async operation status - Don't assume operations completed
  10. Use OCI registries for images - Modern approach recommended over deprecated remote-image commands

# README.md

Orka3 CLI Claude Skill

License

A Claude Code skill that enables Claude to execute Orka3 CLI commands for managing macOS virtual machines. When used with Claude Code, this skill provides hands-on automation of MacStadium's virtualization infrastructure—deploying VMs, managing images, and configuring clusters directly from natural language requests.

Features

  • Natural language to Orka3 CLI command translation
  • VM lifecycle management (deploy, save, delete, resize)
  • Image management (local and OCI registries)
  • Node operations and tagging
  • Namespace and access control (RBAC)
  • Service account management for CI/CD
  • Troubleshooting guidance

How It Works

This skill behaves differently depending on how you access Claude:

Environment Capabilities Use Case
Claude Code (CLI) Executes orka3 commands directly on your machine. Deploys VMs, manages images, and interacts with your cluster in real-time. Automation, hands-on management
Regular Claude (claude.ai) Provides documentation, explains commands, and helps plan workflows. Cannot execute commands or interact with your cluster. Learning, planning, troubleshooting

With Claude Code, you can say "Create 3 VMs with macOS Sonoma" and Claude will actually deploy them to your cluster.

Note: When using Claude Code to interact with your Orka cluster, make sure you're connected via VPN using the connection details from your IP plan.

With regular Claude, the same request will explain the commands needed, but you'll need to copy and run them yourself.

Prerequisites

  • Claude Code CLI installed
  • Access to an Orka3 cluster
  • Orka3 CLI installed (orka3)

Installation

Option 1: Clone directly (recommended)

# Clone directly to the skills directory
git clone https://github.com/macstadium/orka3-cli-claude-skill.git ~/.claude/skills/orka3-cli

Option 2: Manual copy

# Clone the repository
git clone https://github.com/macstadium/orka3-cli-claude-skill.git

# Create skills directory and copy skill files
mkdir -p ~/.claude/skills/orka3-cli/references
cp orka3-cli-claude-skill/SKILL.md ~/.claude/skills/orka3-cli/
cp orka3-cli-claude-skill/references/*.md ~/.claude/skills/orka3-cli/references/

Verify installation

After installation, your skill directory should look like this:

~/.claude/skills/orka3-cli/
├── SKILL.md
└── references/
    ├── command-reference.md
    ├── workflows.md
    └── troubleshooting.md

Restart Claude Code after installation for the skill to be detected.

Usage

Once installed, Claude Code will automatically detect the skill when you ask questions about Orka3 or macOS VM management.

With Claude Code (Command Execution)

Claude Code can execute commands directly on your machine:

"Create 3 VMs with macOS Sonoma"        → Deploys 3 VMs to your cluster
"Show me all running VMs"               → Runs orka3 vm list and displays results
"Delete all VMs in namespace dev"       → Removes the VMs after confirmation
"Cache the Sequoia image on all nodes"  → Executes caching across your cluster

With Regular Claude (Guidance Only)

When using claude.ai without Claude Code, you'll receive documentation and command explanations:

"How do I create VMs?"                  → Explains orka3 vm deploy syntax and options
"What's the command to list images?"    → Shows orka3 image list usage
"Help me plan a CI/CD pipeline"         → Provides step-by-step workflow guidance
"Troubleshoot VM connectivity issues"   → Suggests diagnostic commands to run

You'll need to copy the provided commands and run them in your own terminal.

Skill Contents

File Description
SKILL.md Main skill definition with core concepts and quick reference
references/command-reference.md Complete command syntax for all Orka3 CLI operations
references/workflows.md Step-by-step guides for common multi-step tasks
references/troubleshooting.md Solutions to common issues and error messages

Capabilities

VM Management

  • Deploy VMs from local or OCI images
  • Configure CPU, memory, and disk resources
  • Save and commit VM states to images
  • Resize VM disks
  • Power operations (Intel: start/stop/suspend/resume)

Image Management

  • List, copy, and delete local images
  • Cache images on nodes (Apple Silicon)
  • Push images to OCI registries
  • Generate empty images for OS installs (Intel)

Infrastructure

  • View and manage cluster nodes
  • Tag nodes for workload affinity
  • Create and manage namespaces
  • Configure access control with rolebindings

Automation

  • Create and manage service accounts
  • Generate authentication tokens
  • Create VM configuration templates
  • Set up CI/CD pipelines

Architecture Support

Feature Intel (amd64) Apple Silicon (arm64)
VM Deploy Yes Yes
Power Operations Yes No
GPU Passthrough Yes No
ISO Attach Yes No
Image Cache No Yes
OCI Push No Yes

Documentation

Contributing

See CONTRIBUTING.md for guidelines on how to contribute to this project.

License

This project is licensed under the Apache License 2.0 - see the LICENSE file for details.

Support

# Related Skills

# Supported AI Coding Agents

This skill is compatible with the SKILL.md standard and works with all major AI coding agents:

Amp 🚀 Antigravity 🤖 Claude Code 🦀 Clawdbot 📝 Codex ▶️ Cursor 🤖 Droid 💎 Gemini CLI 🐙 GitHub Copilot 🪿 Goose 📊 Kilo Code 🔧 Kiro CLI 💻 OpenCode 🦘 Roo Code 🌲 Trae 🏄 Windsurf

Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.