Skip to content

Instantly share code, notes, and snippets.

@tjfontaine
Last active May 29, 2018 17:20
Show Gist options
  • Save tjfontaine/e89d9f5904852d005cb6a2b00a1e2a81 to your computer and use it in GitHub Desktop.
Save tjfontaine/e89d9f5904852d005cb6a2b00a1e2a81 to your computer and use it in GitHub Desktop.
$ kubessh node.info/external.ipaddress 192.168.2.2
If you don't see a command prompt, try pressing enter.
[root@k8s-worker-ad1-0 /]# exit
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
kubessh-tjfontai-15628 1/1 Running 0 7s
function kubessh() {
###
### Usage: kubessh <label> <selector>
### Example: kubessh node.info/external.ipaddress 192.168.2.2
###
### You'll need to have permission to run privileged containers, as well as
### grab the host's PID namespsace
###
### You will have entered the twighlight zone, where portions of your env
### will be from a different namespace, so certain things will fail in
### interestingly subtle ways. For instance, yum will attempt to ioctl your
### pts, you can work around this with either redirecting input or output
### depending on the failure.
LABEL=$1
VALUE=$2
POD_NAME="kubessh-${USER}-$$"
# Apparently, certain fields are not PATCHd when overriding, so you must
# specify the stdin and tty pieces, otherwise they'll get lost
OVERRIDE=$(cat <<-END
{
"spec": {
"containers": [{
"image": "busybox",
"name":"${POD_NAME}",
"command": ["nsenter", "-t", "1", "-m", "-u", "-i", "-n", "--", "bash"],
"stdin":true,
"stdinOnce":true,
"tty":true,
"securityContext":{"privileged":true}}],
"hostPID": true,
"nodeSelector": { "${LABEL}": "${VALUE}" }
}
}
END
)
kubectl run ${POD_NAME} -i -t --rm --image=busybox --restart=Never --overrides="$OVERRIDE"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment