Open ConnorsApps opened 8 months ago
Adds the ability to run knsiff in a Kubernetes pod.
manifest.yaml
apiVersion: v1 kind: ServiceAccount metadata: name: sniff-service-account namespace: default --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: sniff-cluster-role rules: - apiGroups: [""] resources: ["*"] verbs: ["*"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: sniff-cluster-role-binding subjects: - kind: ServiceAccount name: sniff-service-account namespace: default roleRef: kind: ClusterRole name: sniff-cluster-role apiGroup: rbac.authorization.k8s.io --- apiVersion: v1 kind: Pod metadata: name: sniff spec: serviceAccountName: sniff-service-account containers: - name: sniff image: golang:1-alpine command: ["tail", "-f", "/dev/null"] restartPolicy: Never
# create pod with overly permissive rbac rules kubectl apply -f manifest.yaml # Copy local repo kubectl cp . sniff:/app -c sniff kubectl exec sniff -c sniff -- sh -c "cd /app && go mod download" kubectl exec sniff -c sniff -- sh -c "cd /app && go run cmd/kubectl-sniff.go pod-name -c container -n my-namespace -p -o -"
Adds the ability to run knsiff in a Kubernetes pod.
Testing
manifest.yaml