ssh

package
v0.0.0-...-55f0144 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 22, 2024 License: Apache-2.0 Imports: 51 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// SSHBastionUsername is the system username on the bastion host.
	SSHBastionUsername = "gardener"
	// DefaultUsername is the default Shoot cluster node ssh login username.
	DefaultUsername = "gardener"
	// SSHPort is the TCP port on a bastion instance that allows incoming SSH.
	SSHPort = 22
)

Variables

This section is empty.

Functions

func NewCmdSSH 

func NewCmdSSH(f util.Factory, o *SSHOptions) *cobra.Command

NewCmdSSH returns a new ssh command.

func RegisterCompletionFuncsForAccessConfigFlags 

func RegisterCompletionFuncsForAccessConfigFlags(cmd *cobra.Command, factory util.Factory)

Types

type AccessConfig 

type AccessConfig struct {
	// CIDRs is a list of IP address ranges to be allowed for accessing the
	// created Bastion host. If not given, gardenctl will attempt to
	// auto-detect the user's IP and allow only it (i.e. use a /32 netmask).
	CIDRs []string

	// AutoDetected indicates if the public IPs of the user were automatically detected.
	// AutoDetected is false in case the CIDRs were provided via flags.
	AutoDetected bool
}

AccessConfig is a struct that is embedded in the options of ssh related commands.

func (*AccessConfig) AddFlags 

func (o *AccessConfig) AddFlags(flags *pflag.FlagSet)

func (*AccessConfig) Complete 

func (o *AccessConfig) Complete(f util.Factory, _ *cobra.Command, _ []string) error

func (*AccessConfig) Validate 

func (o *AccessConfig) Validate() error

type Address 

type Address struct {
	Hostname string `json:"hostname"`
	IP       string `json:"ip"`
}

Address holds information about an IP address and hostname.

func (*Address) String 

func (a *Address) String() string

type Bastion 

type Bastion struct {
	// Name is the name of the Bastion resource.
	Name string `json:"name"`
	// Namespace is the namespace of the Bastion resource.
	Namespace string `json:"namespace"`
	// PreferredAddress is the preferred IP address or hostname to use when connecting to the bastion host.
	PreferredAddress string `json:"preferredAddress"`
	// Port is the port to use when connecting to the bastion host.
	Port string `json:"port"`
	// Address holds information about the IP address and hostname of the bastion host.
	Address
	// SSHPublicKeyFile is the full path to the file containing the public SSH key.
	SSHPublicKeyFile PublicKeyFile `json:"publicKeyFile"`
	// SSHPrivateKeyFile is the full path to the file containing the private SSH key.
	SSHPrivateKeyFile PrivateKeyFile `json:"privateKeyFile"`
	// UserKnownHostsFiles is a list of custom known hosts files for the SSH connection to the bastion.
	UserKnownHostsFiles []string `json:"userKnownHostsFiles"`
	// StrictHostKeyChecking controls the StrictHostKeyChecking option for the SSH connection to the bastion.
	StrictHostKeyChecking StrictHostKeyChecking `json:"strictHostKeyChecking"`
}

Bastion holds information about the bastion host used to connect to the worker nodes.

type ConnectInformation 

type ConnectInformation struct {
	// Bastion holds information about the bastion host used to connect to the worker nodes.
	Bastion Bastion `json:"bastion"`

	// NodeHostname is the name of the Shoot cluster node that the user wants to connect to.
	NodeHostname string `json:"nodeHostname,omitempty"`

	// NodePrivateKeyFiles is a list of file paths containing the private SSH keys for the worker nodes.
	NodePrivateKeyFiles []PrivateKeyFile `json:"nodePrivateKeyFiles"`

	// Nodes is a list of Node objects containing information about the worker nodes.
	Nodes []Node `json:"nodes"`

	// User is the name of the Shoot cluster node ssh login username
	User string

	// NodeUserKnownHostsFiles is a list of custom known hosts files for the SSH connection to the shoot node.
	NodeUserKnownHostsFiles []string `json:"nodeUserKnownHostsFiles"`

	// NodeStrictHostKeyChecking controls the SSH strict host key checking behavior for the shoot node.
	NodeStrictHostKeyChecking StrictHostKeyChecking `json:"nodeStrictHostKeyChecking"`
}

ConnectInformation holds connect information required to establish an SSH connection to Shoot worker nodes.

func NewConnectInformation 

func NewConnectInformation(
	bastion *operationsv1alpha1.Bastion,
	bastionPreferredAddress string,
	bastionPort string,
	bastionUserKnownHostsFiles []string,
	bastionStrictHostKeyChecking StrictHostKeyChecking,
	nodeUserKnownHostsFiles []string,
	nodeStrictHostKeyChecking StrictHostKeyChecking,
	nodeHostname string,
	sshPublicKeyFile PublicKeyFile,
	sshPrivateKeyFile PrivateKeyFile,
	nodePrivateKeyFiles []PrivateKeyFile,
	nodes []corev1.Node,
	pendingNodeNames []string,
	user string,
) (*ConnectInformation, error)

func (*ConnectInformation) String 

func (p *ConnectInformation) String() string

type HostKeyCallbackFactory 

type HostKeyCallbackFactory interface {
	New(strictHostKeyChecking StrictHostKeyChecking, knownHostsFiles []string, ioStreams util.IOStreams) (ssh.HostKeyCallback, error)
}

HostKeyCallbackFactory interface allows creation of new HostKeyCallback instances.

func NewRealHostKeyCallbackFactory 

func NewRealHostKeyCallbackFactory() HostKeyCallbackFactory

NewRealHostKeyCallbackFactory creates a new instance of realHostKeyCallbackFactory with default functions.

type Node 

type Node struct {
	// Name is the name of the worker node.
	Name string `json:"name"`
	// Status is the current status of the worker node.
	Status string `json:"status"`
	// Address holds information about the IP address and hostname of the worker node.
	Address
}

Node holds information about a worker node.

type PrivateKeyFile 

type PrivateKeyFile string

func (*PrivateKeyFile) Set 

func (s *PrivateKeyFile) Set(val string) error

func (*PrivateKeyFile) String 

func (s *PrivateKeyFile) String() string

func (*PrivateKeyFile) Type 

func (s *PrivateKeyFile) Type() string

type PublicKeyFile 

type PublicKeyFile string

func (*PublicKeyFile) Set 

func (s *PublicKeyFile) Set(val string) error

func (*PublicKeyFile) String 

func (s *PublicKeyFile) String() string

func (*PublicKeyFile) Type 

func (s *PublicKeyFile) Type() string

type SSHOptions 

type SSHOptions struct {
	base.Options
	AccessConfig
	// Interactive can be used to toggle between gardenctl just
	// providing the bastion host while keeping it alive (non-interactive),
	// or gardenctl opening the SSH connection itself (interactive). For
	// interactive mode, a NodeName must be specified as well.
	Interactive bool

	// BastionName is the name of the bastion. If not provided, a unique name will be
	// automatically generated.
	BastionName string

	// BastionHost overrides the hostname or IP address of the Bastion used for the SSH command.
	// If not provided, the address will be determined from .status.ingress.ip or
	// status.ingress.hostname of the Bastion.
	BastionHost string

	// BastionPort is the SSH port for the bastion host
	BastionPort string

	// BastionUserKnownHostsFiles is a list of custom known hosts files for the SSH connection to the bastion.
	BastionUserKnownHostsFiles []string

	// BastionStrictHostKeyChecking controls the SSH strict host key checking behavior for the bastion host.
	BastionStrictHostKeyChecking StrictHostKeyChecking

	// NodeUserKnownHostsFiles is a list of custom known hosts files for the SSH connection to the shoot node.
	NodeUserKnownHostsFiles []string

	// NodeStrictHostKeyChecking controls the SSH strict host key checking behavior for the shoot node.
	NodeStrictHostKeyChecking StrictHostKeyChecking

	// NodeName is the name of the Shoot cluster node that the user wants to
	// connect to. If this is left empty, gardenctl will only establish the
	// bastion host, but leave it up to the user to SSH themselves.
	NodeName string

	// User is the name of the Shoot cluster node ssh login username
	User string

	// SSHPublicKeyFile is the full path to the file containing the user's
	// public SSH key. If not given, gardenctl will create a new temporary keypair.
	SSHPublicKeyFile PublicKeyFile

	// SSHPrivateKeyFile is the full path to the file containing the user's
	// private SSH key. If not set, gardenctl relies on the user's SSH agent.
	SSHPrivateKeyFile PrivateKeyFile

	// GeneratedSSHKeys is true if the public and private SSH keys have been generated
	// instead of being provided by the user. This will then be used for the cleanup.
	GeneratedSSHKeys bool

	// WaitTimeout is the maximum time to wait for a bastion to become ready.
	WaitTimeout time.Duration

	// KeepBastion will control whether or not gardenctl deletes the created
	// bastion once it exits. By default it deletes it, but we allow the user to
	// keep it for debugging purposes.
	KeepBastion bool

	// SkipAvailabilityCheck determines whether to check for the availability of
	// the bastion host.
	SkipAvailabilityCheck bool

	// NoKeepalive controls if the command should exit after the bastion becomes available.
	// If this option is true, no SSH connection will be established and the bastion will
	// not be kept alive after it became available.
	// This option can only be used if KeepBastion is set to true and Interactive is set to false.
	NoKeepalive bool

	// ConfirmAccessRestriction, when set to true, implies the user understands the access restrictions for the targeted shoot.
	// In this case, the access restriction banner is displayed without further confirmation.
	ConfirmAccessRestriction bool

	// HostKeyCallbackFactory is used to create SSH host key callbacks based on the StrictHostKeyChecking setting.
	HostKeyCallbackFactory HostKeyCallbackFactory
}

SSHOptions contains all the configurable options for the SSH command.

func NewSSHOptions 

func NewSSHOptions(ioStreams util.IOStreams) *SSHOptions

NewSSHOptions returns initialized SSHOptions.

func (*SSHOptions) AddFlags 

func (o *SSHOptions) AddFlags(flagSet *pflag.FlagSet)

AddFlags adds command-line flags to the flag set.

func (*SSHOptions) Complete 

func (o *SSHOptions) Complete(f util.Factory, cmd *cobra.Command, args []string) error

Complete adapts from the command line args to the data required.

func (*SSHOptions) RegisterCompletionFuncsForStrictHostKeyCheckings 

func (o *SSHOptions) RegisterCompletionFuncsForStrictHostKeyCheckings(cmd *cobra.Command)

func (*SSHOptions) Run 

func (o *SSHOptions) Run(f util.Factory) error

func (*SSHOptions) Validate 

func (o *SSHOptions) Validate() error

Validate validates the provided SSHOptions.

type StrictHostKeyChecking 

type StrictHostKeyChecking string

StrictHostKeyChecking defines the type for strict host key checking options. 

const (
	StrictHostKeyCheckingYes       StrictHostKeyChecking = "yes"
	StrictHostKeyCheckingAsk       StrictHostKeyChecking = "ask"
	StrictHostKeyCheckingAcceptNew StrictHostKeyChecking = "accept-new"
	StrictHostKeyCheckingNo        StrictHostKeyChecking = "no"
	StrictHostKeyCheckingOff       StrictHostKeyChecking = "off"
)

func (*StrictHostKeyChecking) Set 

func (s *StrictHostKeyChecking) Set(value string) error

func (*StrictHostKeyChecking) String 

func (s *StrictHostKeyChecking) String() string

func (*StrictHostKeyChecking) Type 

func (s *StrictHostKeyChecking) Type() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.