Log in as root to the node. (#3094)

This executes simple container in host IPC, network and PID space. Then is uses nsenter to switch other namespaces and execute BASH.
2025-02-16 01:02:47 +01:00 · 2025-02-16 01:02:47 +01:00 · 33d592deb4
parent 6894cb3d84
commit 33d592deb4
1 changed files with 34 additions and 0 deletions
--- a/plugins/node-root-shell.yaml
+++ b/plugins/node-root-shell.yaml
@ -0,0 +1,34 @@
+plugins:
+  node-root-shell:
+    shortCut: a
+    description: Run root shell on node
+    dangerous: true
+    scopes:
+      - nodes
+    command: bash
+    background: false
+    confirm: true
+    args:
+      - -c
+      - |
+        host="$1"
+        json='
+        {
+          "apiVersion": "v1",
+          "spec": {
+            "hostIPC": true,
+            "hostNetwork": true,
+            "hostPID": true
+        '
+        if ! [[ -z "$host" ]]; then
+          json+=",
+          \"nodeSelector\" : {
+            \"kubernetes.io/hostname\" : \"$host\"
+          }
+          ";
+        fi
+        json+='
+          }
+        }
+        '
+        kubectl run -ti --image alpine:3.8 --rm --privileged --restart=Never --overrides="$json" root --command -- nsenter -t 1 -m -u -n -i -- bash -l