Documentation
¶
Index ¶
- Constants
- func NewCmdSSH(f util.Factory, o *SSHOptions) *cobra.Command
- func RegisterCompletionFuncsForAccessConfigFlags(cmd *cobra.Command, factory util.Factory)
- type AccessConfig
- type Address
- type Bastion
- type ConnectInformation
- type HostKeyCallbackFactory
- type Node
- type PrivateKeyFile
- type PublicKeyFile
- type SSHOptions
- func (o *SSHOptions) AddFlags(flagSet *pflag.FlagSet)
- func (o *SSHOptions) Complete(f util.Factory, cmd *cobra.Command, args []string) error
- func (o *SSHOptions) RegisterCompletionFuncsForStrictHostKeyCheckings(cmd *cobra.Command)
- func (o *SSHOptions) Run(f util.Factory) error
- func (o *SSHOptions) Validate() error
- type StrictHostKeyChecking
Constants ¶
View Source
const ( // SSHBastionUsername is the system username on the bastion host. SSHBastionUsername = "gardener" // DefaultUsername is the default Shoot cluster node ssh login username. DefaultUsername = "gardener" // SSHPort is the TCP port on a bastion instance that allows incoming SSH. SSHPort = 22 )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AccessConfig ¶
type AccessConfig struct {
// CIDRs is a list of IP address ranges to be allowed for accessing the
// created Bastion host. If not given, gardenctl will attempt to
// auto-detect the user's IP and allow only it (i.e. use a /32 netmask).
CIDRs []string
// AutoDetected indicates if the public IPs of the user were automatically detected.
// AutoDetected is false in case the CIDRs were provided via flags.
AutoDetected bool
}
AccessConfig is a struct that is embedded in the options of ssh related commands.
func (*AccessConfig) AddFlags ¶
func (o *AccessConfig) AddFlags(flags *pflag.FlagSet)
func (*AccessConfig) Validate ¶
func (o *AccessConfig) Validate() error
type Bastion ¶
type Bastion struct {
// Name is the name of the Bastion resource.
Name string `json:"name"`
// Namespace is the namespace of the Bastion resource.
Namespace string `json:"namespace"`
// PreferredAddress is the preferred IP address or hostname to use when connecting to the bastion host.
PreferredAddress string `json:"preferredAddress"`
// Port is the port to use when connecting to the bastion host.
Port string `json:"port"`
// Address holds information about the IP address and hostname of the bastion host.
Address
// SSHPublicKeyFile is the full path to the file containing the public SSH key.
SSHPublicKeyFile PublicKeyFile `json:"publicKeyFile"`
// SSHPrivateKeyFile is the full path to the file containing the private SSH key.
SSHPrivateKeyFile PrivateKeyFile `json:"privateKeyFile"`
// UserKnownHostsFiles is a list of custom known hosts files for the SSH connection to the bastion.
UserKnownHostsFiles []string `json:"userKnownHostsFiles"`
// StrictHostKeyChecking controls the StrictHostKeyChecking option for the SSH connection to the bastion.
StrictHostKeyChecking StrictHostKeyChecking `json:"strictHostKeyChecking"`
}
Bastion holds information about the bastion host used to connect to the worker nodes.
type ConnectInformation ¶
type ConnectInformation struct {
// Bastion holds information about the bastion host used to connect to the worker nodes.
Bastion Bastion `json:"bastion"`
// NodeHostname is the name of the Shoot cluster node that the user wants to connect to.
NodeHostname string `json:"nodeHostname,omitempty"`
// NodePrivateKeyFiles is a list of file paths containing the private SSH keys for the worker nodes.
NodePrivateKeyFiles []PrivateKeyFile `json:"nodePrivateKeyFiles"`
// Nodes is a list of Node objects containing information about the worker nodes.
Nodes []Node `json:"nodes"`
// User is the name of the Shoot cluster node ssh login username
User string
// NodeUserKnownHostsFiles is a list of custom known hosts files for the SSH connection to the shoot node.
NodeUserKnownHostsFiles []string `json:"nodeUserKnownHostsFiles"`
// NodeStrictHostKeyChecking controls the SSH strict host key checking behavior for the shoot node.
NodeStrictHostKeyChecking StrictHostKeyChecking `json:"nodeStrictHostKeyChecking"`
}
ConnectInformation holds connect information required to establish an SSH connection to Shoot worker nodes.
func NewConnectInformation ¶
func NewConnectInformation( bastion *operationsv1alpha1.Bastion, bastionPreferredAddress string, bastionPort string, bastionUserKnownHostsFiles []string, bastionStrictHostKeyChecking StrictHostKeyChecking, nodeUserKnownHostsFiles []string, nodeStrictHostKeyChecking StrictHostKeyChecking, nodeHostname string, sshPublicKeyFile PublicKeyFile, sshPrivateKeyFile PrivateKeyFile, nodePrivateKeyFiles []PrivateKeyFile, nodes []corev1.Node, pendingNodeNames []string, user string, ) (*ConnectInformation, error)
func (*ConnectInformation) String ¶
func (p *ConnectInformation) String() string
type HostKeyCallbackFactory ¶
type HostKeyCallbackFactory interface {
New(strictHostKeyChecking StrictHostKeyChecking, knownHostsFiles []string, ioStreams util.IOStreams) (ssh.HostKeyCallback, error)
}
HostKeyCallbackFactory interface allows creation of new HostKeyCallback instances.
func NewRealHostKeyCallbackFactory ¶
func NewRealHostKeyCallbackFactory() HostKeyCallbackFactory
NewRealHostKeyCallbackFactory creates a new instance of realHostKeyCallbackFactory with default functions.
type Node ¶
type Node struct {
// Name is the name of the worker node.
Name string `json:"name"`
// Status is the current status of the worker node.
Status string `json:"status"`
// Address holds information about the IP address and hostname of the worker node.
Address
}
Node holds information about a worker node.
type PrivateKeyFile ¶
type PrivateKeyFile string
func (*PrivateKeyFile) Set ¶
func (s *PrivateKeyFile) Set(val string) error
func (*PrivateKeyFile) String ¶
func (s *PrivateKeyFile) String() string
func (*PrivateKeyFile) Type ¶
func (s *PrivateKeyFile) Type() string
type PublicKeyFile ¶
type PublicKeyFile string
func (*PublicKeyFile) Set ¶
func (s *PublicKeyFile) Set(val string) error
func (*PublicKeyFile) String ¶
func (s *PublicKeyFile) String() string
func (*PublicKeyFile) Type ¶
func (s *PublicKeyFile) Type() string
type SSHOptions ¶
type SSHOptions struct {
base.Options
AccessConfig
// Interactive can be used to toggle between gardenctl just
// providing the bastion host while keeping it alive (non-interactive),
// or gardenctl opening the SSH connection itself (interactive). For
// interactive mode, a NodeName must be specified as well.
Interactive bool
// BastionName is the name of the bastion. If not provided, a unique name will be
// automatically generated.
BastionName string
// BastionHost overrides the hostname or IP address of the Bastion used for the SSH command.
// If not provided, the address will be determined from .status.ingress.ip or
// status.ingress.hostname of the Bastion.
BastionHost string
// BastionPort is the SSH port for the bastion host
BastionPort string
// BastionUserKnownHostsFiles is a list of custom known hosts files for the SSH connection to the bastion.
BastionUserKnownHostsFiles []string
// BastionStrictHostKeyChecking controls the SSH strict host key checking behavior for the bastion host.
BastionStrictHostKeyChecking StrictHostKeyChecking
// NodeUserKnownHostsFiles is a list of custom known hosts files for the SSH connection to the shoot node.
NodeUserKnownHostsFiles []string
// NodeStrictHostKeyChecking controls the SSH strict host key checking behavior for the shoot node.
NodeStrictHostKeyChecking StrictHostKeyChecking
// NodeName is the name of the Shoot cluster node that the user wants to
// connect to. If this is left empty, gardenctl will only establish the
// bastion host, but leave it up to the user to SSH themselves.
NodeName string
// User is the name of the Shoot cluster node ssh login username
User string
// SSHPublicKeyFile is the full path to the file containing the user's
// public SSH key. If not given, gardenctl will create a new temporary keypair.
SSHPublicKeyFile PublicKeyFile
// SSHPrivateKeyFile is the full path to the file containing the user's
// private SSH key. If not set, gardenctl relies on the user's SSH agent.
SSHPrivateKeyFile PrivateKeyFile
// GeneratedSSHKeys is true if the public and private SSH keys have been generated
// instead of being provided by the user. This will then be used for the cleanup.
GeneratedSSHKeys bool
// WaitTimeout is the maximum time to wait for a bastion to become ready.
WaitTimeout time.Duration
// KeepBastion will control whether or not gardenctl deletes the created
// bastion once it exits. By default it deletes it, but we allow the user to
// keep it for debugging purposes.
KeepBastion bool
// SkipAvailabilityCheck determines whether to check for the availability of
// the bastion host.
SkipAvailabilityCheck bool
// NoKeepalive controls if the command should exit after the bastion becomes available.
// If this option is true, no SSH connection will be established and the bastion will
// not be kept alive after it became available.
// This option can only be used if KeepBastion is set to true and Interactive is set to false.
NoKeepalive bool
// ConfirmAccessRestriction, when set to true, implies the user understands the access restrictions for the targeted shoot.
// In this case, the access restriction banner is displayed without further confirmation.
ConfirmAccessRestriction bool
// HostKeyCallbackFactory is used to create SSH host key callbacks based on the StrictHostKeyChecking setting.
HostKeyCallbackFactory HostKeyCallbackFactory
}
SSHOptions contains all the configurable options for the SSH command.
func NewSSHOptions ¶
func NewSSHOptions(ioStreams util.IOStreams) *SSHOptions
NewSSHOptions returns initialized SSHOptions.
func (*SSHOptions) AddFlags ¶
func (o *SSHOptions) AddFlags(flagSet *pflag.FlagSet)
AddFlags adds command-line flags to the flag set.
func (*SSHOptions) RegisterCompletionFuncsForStrictHostKeyCheckings ¶
func (o *SSHOptions) RegisterCompletionFuncsForStrictHostKeyCheckings(cmd *cobra.Command)
func (*SSHOptions) Validate ¶
func (o *SSHOptions) Validate() error
Validate validates the provided SSHOptions.
type StrictHostKeyChecking ¶
type StrictHostKeyChecking string
StrictHostKeyChecking defines the type for strict host key checking options.
const ( StrictHostKeyCheckingYes StrictHostKeyChecking = "yes" StrictHostKeyCheckingAsk StrictHostKeyChecking = "ask" StrictHostKeyCheckingAcceptNew StrictHostKeyChecking = "accept-new" StrictHostKeyCheckingNo StrictHostKeyChecking = "no" StrictHostKeyCheckingOff StrictHostKeyChecking = "off" )
func (*StrictHostKeyChecking) Set ¶
func (s *StrictHostKeyChecking) Set(value string) error
func (*StrictHostKeyChecking) String ¶
func (s *StrictHostKeyChecking) String() string
func (*StrictHostKeyChecking) Type ¶
func (s *StrictHostKeyChecking) Type() string
Source Files
Click to show internal directories.
Click to hide internal directories.