Log in as root to the node. (#3094)
This executes simple container in host IPC, network and PID space. Then is uses nsenter to switch other namespaces and execute BASH.mine
Sławek Piotrowski
GitHub
parent
6894cb3d84
commit
33d592deb4
|
|
@ -0,0 +1,34 @@
|
||||||
|
plugins:
|
||||||
|
node-root-shell:
|
||||||
|
shortCut: a
|
||||||
|
description: Run root shell on node
|
||||||
|
dangerous: true
|
||||||
|
scopes:
|
||||||
|
- nodes
|
||||||
|
command: bash
|
||||||
|
background: false
|
||||||
|
confirm: true
|
||||||
|
args:
|
||||||
|
- -c
|
||||||
|
- |
|
||||||
|
host="$1"
|
||||||
|
json='
|
||||||
|
{
|
||||||
|
"apiVersion": "v1",
|
||||||
|
"spec": {
|
||||||
|
"hostIPC": true,
|
||||||
|
"hostNetwork": true,
|
||||||
|
"hostPID": true
|
||||||
|
'
|
||||||
|
if ! [[ -z "$host" ]]; then
|
||||||
|
json+=",
|
||||||
|
\"nodeSelector\" : {
|
||||||
|
\"kubernetes.io/hostname\" : \"$host\"
|
||||||
|
}
|
||||||
|
";
|
||||||
|
fi
|
||||||
|
json+='
|
||||||
|
}
|
||||||
|
}
|
||||||
|
'
|
||||||
|
kubectl run -ti --image alpine:3.8 --rm --privileged --restart=Never --overrides="$json" root --command -- nsenter -t 1 -m -u -n -i -- bash -l
|
||||||
Loading…
Reference in New Issue