Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitb6472ca

Browse files
authored
Merge pull request#25 from partcyborg/find-pod-by-labels
Support finding jump pod by labels
2 parentse95247d +351a4ba commitb6472ca

File tree

2 files changed

+42
-22
lines changed

2 files changed

+42
-22
lines changed

‎README.md‎

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -136,6 +136,7 @@ Options:
136136
-n, --namespace <ns> Namespace for jump pod
137137
--context <context> Kubernetes context
138138
--pod-template <file> Path to custom sshjump pod definition
139+
-l, --labels <key>=<val>[,...] Find a pre-existing sshjump pod using labels
139140
--skip-agent Skip automatically starting SSH agent and adding
140141
SSH Identity key into the agent before SSH login
141142
(=> You need to manage SSH agent by yourself)
@@ -177,7 +178,8 @@ In addtion, add `--skip-agent` option if you want to skip automatic starting `ss
177178
###Customize SSH jump pod
178179

179180
You can customize the sshjump pod created by`kubectl ssh-jump` by setting the`--pod-template` flag to the path to a pod template on disk.
180-
However, customized sshjump pods must be named`sshjump` and run in the current namespace or`kubectl ssh-jump` won't be able to find them.
181+
However, customized sshjump pods must be named`sshjump` and run in the current namespace or`kubectl ssh-jump` won't be able to find them without the required flags.
182+
If you change the pod name, you must give the pod a unique set of labels and provide them on the command line by setting the`--labels` flag.
181183

182184
You can also specify the namespace and context used by`kubectl ssh-jump` by setting the`--namespace` and`--context` flags respectively.
183185

‎kubectl-ssh-jump‎

Lines changed: 39 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
#!/usr/bin/env bash
2+
# vim: sw=2:
23
#
34
# A kubectl plugin to ssh into Kubernetes nodes using a SSH jump host Pod
45
#
@@ -36,6 +37,7 @@ Options:
3637
-n, --namespace <ns> Namespace for jump pod
3738
--context <context> Kubernetes context
3839
--pod-template <file> Path to custom sshjump pod definition
40+
-l, --labels <key>=<val>[,...] Find a pre-existing sshjump pod using labels
3941
--skip-agent Skip automatically starting SSH agent and adding
4042
SSH Identity key into the agent before SSH login
4143
(=> You need to manage SSH agent by yourself)
@@ -163,23 +165,34 @@ run_ssh_node(){
163165
local pubkey="$4"
164166
local port="$5"
165167
local sshargs="$6"
168+
local pod_labels="$7"
166169

167-
# Install an SSH Server if not yet installed
168-
r=$(kubectl"${k_args[@]}" get pod sshjump2>/dev/null| tail -1| awk'{print $1}')#
169-
if ["${r}"!="sshjump" ];then
170-
create_jump_pod
171-
172-
# Wait until sshjump gets ready
173-
c=1
174-
while [[${c}-le${MAX_POD_CREATION_TIME} ]];
175-
do
176-
pod_status=$(kubectl"${k_args[@]}" get pod sshjump2>/dev/null| tail -1| awk'{print $3}')
177-
if ["${pod_status}"="Running" ];then
178-
break
179-
fi
180-
(( c++))
181-
sleep 1
182-
done
170+
local pod_name
171+
if [[-n"${pod_labels}" ]];then
172+
pods=($(kubectl"${k_args[@]}" get pods -l"${pod_labels}" -o custom-columns=:metadata.name --no-headers2>/dev/null))
173+
if [["${#pods[@]}"-eq 0 ]];then
174+
echo"Error: failed to find pods with labels${pod_labels}">&2
175+
exit 1
176+
fi
177+
pod_name="${pods[0]}"
178+
echo"Using SSH jump pod${pod_name}..."
179+
else
180+
pod_name=sshjump
181+
# Install an SSH Server if not yet installed
182+
if! kubectl"${k_args[@]}" get pod"${pod_name}"&>/dev/null;then
183+
create_jump_pod
184+
# Wait until sshjump gets ready
185+
c=1
186+
while [[${c}-le${MAX_POD_CREATION_TIME} ]];
187+
do
188+
pod_status=$(kubectl"${k_args[@]}" get pod"${pod_name}" -o jsonpath='{.status.phase}')
189+
if [["${pod_status}"=="Running" ]];then
190+
break
191+
fi
192+
(( c++))
193+
sleep 1
194+
done
195+
fi
183196
fi
184197

185198
local identity_sshjump=${identity}
@@ -195,15 +208,15 @@ run_ssh_node(){
195208
fi
196209

197210
# Setup portforward
198-
kubectl"${k_args[@]}" port-forwardsshjump 2222:222>/dev/null&
211+
kubectl"${k_args[@]}" port-forward"${pod_name}" 2222:222>/dev/null&
199212
pid_port_forward=$!
200213

201214
# Wait a bit for the port forwarding to get ready for connection handling for 2222
202215
sleep 2
203216

204217
# Inject public SSH key to sshjump
205218
cat${pubkey_sshjump}| \
206-
kubectl"${k_args[@]}"exec -isshjump -- /bin/bash -c"cat > /root/.ssh/authorized_keys"
219+
kubectl"${k_args[@]}"exec -i"${pod_name}" -- /bin/bash -c"cat > /root/.ssh/authorized_keys"
207220

208221
# Add default ssh option
209222
sshargs="${sshargs} -o StrictHostKeyChecking=no"
@@ -229,6 +242,7 @@ plugin_main() {
229242
skip_agent=no
230243
cleanup_jump=no
231244
cleanup_agent=no
245+
pod_labels=
232246
sshargs=""
233247
k_args=()
234248
while [$#-gt 0 ];do
@@ -278,6 +292,10 @@ plugin_main() {
278292
jump_pod_template="$2"
279293
nSkip=2
280294
;;
295+
"-l" |"--labels")
296+
pod_labels="$2"
297+
nSkip=2
298+
;;
281299
[0-9a-zA-Z-]*)
282300
destnode=$1
283301
;;
@@ -362,13 +380,13 @@ plugin_main() {
362380
check_and_start_agent${c_identity}
363381
fi
364382
# SSH Logging into desitnation node via Jump host
365-
run_ssh_node"${destnode}""${c_sshuser}""${c_identity}""${c_pubkey}""${c_port}""${sshargs}"
383+
run_ssh_node"${destnode}""${c_sshuser}""${c_identity}""${c_pubkey}""${c_port}""${sshargs}""${pod_labels}"
366384

367385
# Cleaning up resources if needed
368-
if ["${cleanup_jump}"="yes" ];then
386+
if [["${cleanup_jump}"=="yes"&&-z"${pod_labels}" ]];then
369387
cleanup_sshjump_pod
370388
fi
371-
if ["${skip_agent}"="no"]&&["${cleanup_agent}"="yes" ];then
389+
if [["${skip_agent}"="no"&&"${cleanup_agent}"="yes"]];then
372390
cleanup_agent
373391
fi
374392
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp