sonar

command module

v0.11.0 Latest Latest Go to latest Published: Aug 7, 2024 License: Apache-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/glitchcrab/sonar

Links

Open Source Insights

README ¶

Sonar

Sonar deploys a configurable (if you wish) debugging container to a Kubernetes cluster.

Why Sonar? Well it allows you to see deep into your cluster. That, and most nautically-themed names are already taken.

$ sonar create --image glitchcrab/ubuntu-debug:latest --networkpolicy --podsecuritypolicy \
   --pod-command sleep --pod-args 1h --name glitchcrab-debug --namespace sonar
INFO[0000] serviceaccount "sonar/sonar-glitchcrab-debug" created
INFO[0000] podsecuritypolicy "sonar-glitchcrab-debug" created
INFO[0000] clusterrole "sonar-glitchcrab-debug" created
INFO[0000] clusterrolebinding "sonar-glitchcrab-debug" created
INFO[0000] networkpolicy "sonar-glitchcrab-debug" created
INFO[0000] deployment "sonar/sonar-glitchcrab-debug" created

$ kubectl get po -n sonar
NAME                                      READY   STATUS    RESTARTS   AGE
sonar-glitchcrab-debug-575db85b54-gss4v   1/1     Running   0          43s

$ kubectl exec -it sonar-glitchcrab-debug-575db85b54-gss4v -- bash

notroot@sonar-glitchcrab-debug-575db85b54-gss4v:/$ whoami
notroot

notroot@sonar-glitchcrab-debug-575db85b54-gss4v:/$ hostname
sonar-glitchcrab-debug-575db85b54-gss4v

$ sonar delete --name glitchcrab-debug --namespace sonar --force
INFO[0000] force was set, not asking for confirmation before deleting resources
INFO[0000] deleting deployment
INFO[0000] deleting podsecuritypolicy
INFO[0000] deleting clusterrolebinding
INFO[0000] deleting clusterrole
INFO[0000] deleting networkpolicy
INFO[0000] deleting serviceaccount
INFO[0000] resources deleted: deployment, podsecuritypolicy, clusterrolebinding, clusterrole, networkpolicy, serviceaccount

Configuration

Global flags

flag	default	description
`--kubeconfig`	`/home/$user/.kube/config`	Absolute path to the kubeconfig file to use.
`--context`	current context in kubeconfig	Name of the context to use.
`--name`/`-N`	`debug`	Name given to all resources. Max 50 chars. (see note 1)
`--namespace`/`-n`	`default`	Namespace to deploy resources to.

Notes

All names are automatically prepended with sonar- for visibility. --name debug will result in resources named sonar-debug.

Create

flag	default	description
`--image`/`-i`	`busybox:latest`	Name of the image to use. (see note 1)
`--networkpolicy`	`false`	Creates a NetworkPolicy allowing all ingress & egress.
`--node-exec`	`null`	Creates the pod in the host's IPC/net/PID namespaces (see note 2)
`--node-name`	`null`	Attempt to schedule the pod on the named node.
`--privileged`	`false`	Allow the pod to run as a privileged pod. (see note 3)
`--pod-args`	`24h`	Args to pass to the command.
`--pod-cmd`	`sleep`	Command to use as the entrypoint.
`--podsecuritypolicy`	`false`	Create a PodSecurityPolicy. (see note 4)
`--pod-userid`	`1000`	User ID to run the container as.

Notes

If no tag is provided then latest is automatically used.
A node name to schedule onto must also be provided. Note that the following flags will be ignored: networkpolicy, podsecuritypolicy, privileged.
Must be provided at the same time as --podsecuritypolicy to have any effect.
The PSP will inherit the value set via --pod-userid and configure the minimum value of the RunAs range accordingly.

Examples

sonar create
- accept all defaults. Creates a deployment in namespace default called sonar-debug. The pod image will be busybox:latest with sleep 24h as the initial command.
sonar create --image glitchcrab/ubuntu-debug:v1.0 --pod-cmd sleep --pod-args 1h
- uses the provided image, command and args.
sonar create --podsecuritypolicy --pod-userid 0 --privileged
- creates a deployment which runs as root. Also creates a PodSecurityPolicy (and associated RBAC) which allows the pod to run as root/privileged.
sonar create --networkpolicy
- also creates a NetworkPolicy which allows all ingress and traffic to the Sonar pod.
sonar create --context foo-context --namespace bar
- create a deployment using context foo-context in namespace bar.
sonar create --node-exec true --node-name worker2 --pod-userid 0
- create a pod with root access to the node named worker2.

Delete

flag	default	description
`--force`	`false`	Skips all interaction and deletes all resources created by Sonar.

Examples

sonar delete
- deletes all resources which match the defaults. This will result in deleting all resources in namespace default which are named sonar-debug.
sonar delete --name test --namespace kube-system
- deletes all resources in namespace kube-system named sonar-test.

Installing

Release artifacts:

Grab the binary for your distribution from the releases.

Supported distributions:

Arch Linux

Build from source:

go build -o sonar

Documentation ¶

Overview ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd
internal
helpers
sonarconfig
pkg
project
service
k8sclient
k8sresource

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL