Categorygithub.com/containerssh/kubernetes/v2
modulepackage
2.0.1
Repository: https://github.com/containerssh/kubernetes.git
Documentation: pkg.go.dev
Overview
Versions
3
Dependencies
37
Dependents
2
Files
2.1k SLOC

# README

ContainerSSH - Launch Containers on Demand

ContainerSSH Kubernetes Library

Go Report Card LGTM Alerts

This library runs Kubernetes pods in integration with the sshserver library.

⚠⚠⚠ Warning: This is a developer documentation. ⚠⚠⚠
The user documentation for ContainerSSH is located at containerssh.io.

How this library works

When a client successfully performs an SSH handshake this library creates a Pod in the specified Kubernetes cluster. This pod will run the command specified in IdleCommand. When the user opens a session channel this library runs an exec command against this container, allowing multiple parallel session channels to work on the same Pod.

Using this library

As this library is designed to be used exclusively with the sshserver library the API to use it is also very closely aligned. This backend doesn't implement a full SSH backend, instead it implements a network connection handler. This handler can be instantiated using the kuberun.New() method:

handler, err := kuberun.New(
    client,
    connectionID,
    config,
    logger,
    backendRequestsCounter,
    backendFailuresCounter,
)

The parameters are as follows:

  • config is a struct of the kuberun.Config type.
  • connectionID is an opaque ID for the connection.
  • client is the net.TCPAddr of the client that connected.
  • logger is the logger from the log library
  • backendRequestsCounter and backendFailuresCounter are counters from the metrics library

Once the handler is created it will wait for a successful handshake:

sshConnection, err := handler.OnHandshakeSuccess("username-here")

This will launch a pod. Conversely, the handler.OnDisconnect() will destroy the pod.

The sshConnection can be used to create session channels and launch programs as described in the sshserver library.

Note: This library does not perform authentication. Instead, it will always sshserver.AuthResponseUnavailable.

# Functions

No description provided by the author
NewKubeRun creates a handler based on the legacy "kuberun" configuration.

# Constants

The ContainerSSH Kubernetes module failed to deliver a signal because guest agent support is disabled.
The ContainerSSH Kubernetes module detected a configuration error.
The ContainerSSH Kubernetes module failed to deliver a signal.
The ContainerSSH Kubernetes module attempted to close the output (stdout and stderr) for writing but failed to do so.
The ContainerSSH Kubernetes module failed to create a pod.
The ContainerSSH Kubernetes module could not remove the pod.
The ContainerSSH Kubernetes module failed to resize the console.
The ContainerSSH Kubernetes module can't deliver a signal because the program already exited.
The ContainerSSH Kubernetes module can't deliver a signal because no PID has been recorded.
The ContainerSSH Kubernetes module has failed to fetch the exit code of the program.
The [ContainerSSH Guest Agent](https://github.com/podssh/agent) has been disabled, which is strongly discouraged.
This message indicates that you are using Kubernetes in the "insecure" mode where certificate verification is disabled.
This message indicates that you are still using the deprecated KubeRun backend.
The ContainerSSH Kubernetes module can't execute the request because the program is already running.
This message indicates that the user tried to execute a program, but program execution is disabled in the legacy KubeRun configuration.
This message indicates that the user requested an action that can only be performed when a program is running, but there is currently no program running.
The ContainerSSH Kubernetes module is shutting down a pod.
The ContainerSSH Kubernetes module is not configured to run the requested subsystem.
ExecutionModeConnection launches one container per SSH connection.
ExecutionModeSession launches one container per SSH session (multiple containers per connection).
The ContainerSSH Kubernetes module is creating an execution.
The ContainerSSH Kubernetes module is delivering a signal.
The ContainerSSH Kubernetes module successfully delivered the requested signal.
The ContainerSSH Kubernetes module has received a PID from the Kubernetes guest agent.
The ContainerSSH Kubernetes module is attaching to a pod in session mode.
The ContainerSSH Kubernetes module is creating a pod.
The ContainerSSH Kubernetes module is removing a pod.
The ContainerSSH Kubernetes module has successfully removed the pod.
The ContainerSSH Kubernetes module is waiting for the pod to come up.
The ContainerSSH Kubernetes module failed to wait for the pod to come up.
The ContainerSSH Kubernetes module is resizing the terminal window.
This message is the user-visible message if the Docker initialization fails.

# Structs

Config is the base configuration structure for kuberun.
ConnectionConfig configures the connection to the Kubernetes cluster.goland:noinspection GoVetStructTag.
KubeRunConfig is the legacy configuration structure for the "kuberun" backend.
KubeRunConnectionConfig is the legacy connection configuration structure for the "kuberun" backend.
KubeRunPodConfig is the legacy pod configuration structure for the "kuberun" backend.
PodConfig describes the pod to launch.goland:noinspection GoVetStructTag.
TimeoutConfig configures the various timeouts for the Kubernetes backend.

# Type aliases

ExecutionMode determines when a container is launched.