https://rdc-incubator.github.io/kt-docs/#/
https://alibaba.github.io/kt-connect/#/zh-cn/
https://github.com/alibaba/kt-connect
https://my.oschina.net/u/4494662/blog/4667485
https://developer.aliyun.com/article/751321?scm=20140722.184.2.173
权限:
# permissions for ktctl commandapiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata:name: kt:ns:devrules:- apiGroups:- ""resources:- pods- pods/exec- pods/portforward- pods/proxyverbs:- create- delete- deletecollection- get- list- patch- update- watch- apiGroups:- ""resources:- configmaps- services- services/proxyverbs:- create- delete- deletecollection- get- list- patch- update- watch- apiGroups:- ""resources:- events- namespaces/status- pods/statusverbs:- get- list- watch- apiGroups:- ""resources:- namespaces- nodesverbs:- get- list- watch- apiGroups:- appsresources:- deployments- deployments/rollback- deployments/scaleverbs:- create- delete- deletecollection- get- list- patch- update- watch- apiGroups:- extensionsresources:- deployments- deployments/rollback- deployments/scaleverbs:- create- delete- deletecollection- get- list- patch- update- watch
[root@liwm .kube]# ktctl connect --method=vpn12:05AM INF Connect Start At 48512:05AM INF Client address 192.168.61.15012:05AM INF deploy shadow deployment kt-connect-daemon-hwvyz in namespace default12:05AM INF pod label: kt=kt-connect-daemon-hwvyz12:05AM INF pod: kt-connect-daemon-hwvyz-7c9c885f97-5vwdq is running,but not ready12:05AM INF pod: kt-connect-daemon-hwvyz-7c9c885f97-5vwdq is running,but not ready12:05AM INF Shadow pod: kt-connect-daemon-hwvyz-7c9c885f97-5vwdq is ready.Forwarding from 127.0.0.1:2222 -> 22Forwarding from [::1]:2222 -> 2212:05AM INF port-forward start at pid: 500Traceback (most recent call last):File "/usr/bin/sshuttle", line 5, in <module>from sshuttle.cmdline import mainFile "/usr/lib/python2.7/site-packages/sshuttle/cmdline.py", line 5, in <module>import sshuttle.client as clientFile "/usr/lib/python2.7/site-packages/sshuttle/client.py", line 302assert(not re.search(rb'[^-\w\.]', hostname))^SyntaxError: invalid syntax12:05AM INF vpn(sshuttle) start at pid: 51412:05AM INF KT proxy start successful12:05AM INF vpn(sshuttle) finished
#
[root@UR-20210425NAMA home]# ktctl --debug --image=192.168.13.79:6278/base-image/kt-connect-shadow --namespace=ur-ks-test connect --method=socks510:17AM INF Connect Start At 339010:17AM INF Client address 10.0.51.17210:17AM INF deploy shadow deployment kt-connect-daemon-baxis in namespace ur-ks-test10:17AM INF pod label: kt=kt-connect-daemon-baxis10:17AM INF pod: kt-connect-daemon-baxis-6bb69548c-kc96j is running,but not ready10:17AM INF pod: kt-connect-daemon-baxis-6bb69548c-kc96j is running,but not ready10:17AM INF pod: kt-connect-daemon-baxis-6bb69548c-kc96j is running,but not ready10:17AM INF pod: kt-connect-daemon-baxis-6bb69548c-kc96j is running,but not ready10:17AM INF Shadow pod: kt-connect-daemon-baxis-6bb69548c-kc96j is ready.10:17AM DBG Child, os.Args = [ktctl --debug --image=192.168.13.79:6278/base-image/kt-connect-shadow --namespace=ur-ks-test connect --method=socks5]10:17AM DBG Child, cmd.Args = [kubectl --kubeconfig=/root/.kube/config -n ur-ks-test port-forward kt-connect-daemon-baxis-6bb69548c-kc96j 2222:22]Forwarding from 127.0.0.1:2222 -> 22Forwarding from [::1]:2222 -> 2210:17AM INF port-forward start at pid: 341110:17AM INF ==============================================================10:17AM INF Start SOCKS5 Proxy: export http_proxy=socks5://127.0.0.1:222310:17AM INF ==============================================================10:17AM DBG Child, os.Args = [ktctl --debug --image=192.168.13.79:6278/base-image/kt-connect-shadow --namespace=ur-ks-test connect --method=socks5]10:17AM DBG Child, cmd.Args = [ssh -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -i /root/.kt_id_rsa -D 2223 root@127.0.0.1 -p2222 sh loop.sh]Handling connection for 2222Warning: Permanently added '[127.0.0.1]:2222' (ECDSA) to the list of known hosts.10:17AM INF vpn(ssh) start at pid: 343210:17AM INF KT proxy start successful
若有收获,就点个赞吧
0 人点赞
