diff --git a/hack/toolbox/Dockerfile.windows b/hack/toolbox/Dockerfile.windows new file mode 100644 index 0000000000..04de01b5dc --- /dev/null +++ b/hack/toolbox/Dockerfile.windows @@ -0,0 +1,21 @@ +# Build cns +FROM golang:1.17 AS builder +# Build args +ARG VERSION +ARG CNS_AI_PATH +ARG CNS_AI_ID + +WORKDIR /usr/local/src/cns +COPY . . +RUN $Env:CGO_ENABLED=0; go build -v -o /usr/local/bin/toolbox.exe -gcflags="-dwarflocationlists=true" ./hack/toolbox/server + + +# Copy into final image +FROM mcr.microsoft.com/windows/servercore:ltsc2022 +COPY --from=builder /usr/local/bin/toolbox.exe \ + /usr/local/bin/toolbox.exe + +RUN powershell.exe Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1')) +RUN choco install -y vim wget + +ENTRYPOINT ["/usr/local/bin/toolbox.exe"] diff --git a/hack/toolbox/manifests/Dockerfile.heavy b/hack/toolbox/manifests/Dockerfile.heavy new file mode 100644 index 0000000000..b6b07c1840 --- /dev/null +++ b/hack/toolbox/manifests/Dockerfile.heavy @@ -0,0 +1,36 @@ +FROM ubuntu:20.04 +RUN apt-get update +RUN apt-get install -y \ + python3 \ + python \ + nmap \ + iptables \ + ebtables \ + sudo \ + iproute2 \ + curl \ + wget \ + axel \ + jq \ + ssh \ + traceroute \ + iputils-ping \ + net-tools \ + dnsutils \ + bridge-utils \ + netcat \ + ncat \ + ssh \ + tcpdump \ + vim \ + emacs \ + nano +RUN wget -qO- https://golang.org/dl/go1.14.6.linux-amd64.tar.gz | tar zxf - -C /usr/lib/ +ENV PATH="/usr/lib/go/bin/:${PATH}" +ENV GOROOT="/usr/lib/go" +ENV GOPATH="/root/go" +ENV PATH="/root/go/bin/:${PATH}" +ADD ./server.go /app/ +WORKDIR /app +RUN go build -o main . +CMD ["./main"] \ No newline at end of file diff --git a/hack/toolbox/manifests/agents.yaml b/hack/toolbox/manifests/agents.yaml new file mode 100644 index 0000000000..68f7d9a383 --- /dev/null +++ b/hack/toolbox/manifests/agents.yaml @@ -0,0 +1,91 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: agent-pod-8085-tcp-host + labels: + app: agent-pod-8085-tcp-host +spec: + replicas: 1 + selector: + matchLabels: + app: agent-pod-8085-tcp-host + + template: + metadata: + labels: + app: agent-pod-8085-tcp-host + spec: + nodeSelector: + beta.kubernetes.io/os: linux + kubernetes.io/role: agent + hostNetwork: true + containers: + - name: agent-pod-8085-tcp-host + image: acnpublic.azurecr.io/toolbox:latest + env: + - name: TCP_PORT + value: "8085" + - name: UDP_PORT + value: "8086" + ports: + - containerPort: 8085 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: agent-pod-8085-tcp + labels: + app: agent-pod-8085-tcp +spec: + replicas: 1 + selector: + matchLabels: + app: agent-pod-8085-tcp + template: + metadata: + labels: + app: agent-pod-8085-tcp + spec: + nodeSelector: + beta.kubernetes.io/os: linux + kubernetes.io/role: agent + containers: + - name: agent-pod-8085-tcp + image: acnpublic.azurecr.io/toolbox:latest + env: + - name: TCP_PORT + value: "8085" + - name: UDP_PORT + value: "8086" + ports: + - containerPort: 8085 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: agent-pod-8086-udp + labels: + app: agent-pod-8086-udp +spec: + replicas: 1 + selector: + matchLabels: + app: agent-pod-8086-udp + template: + metadata: + labels: + app: agent-pod-8086-udp + spec: + nodeSelector: + beta.kubernetes.io/os: linux + kubernetes.io/role: agent + containers: + - name: agent-pod-8086-udp + image: acnpublic.azurecr.io/toolbox:latest + env: + - name: TCP_PORT + value: "8085" + - name: UDP_PORT + value: "8086" + ports: + - containerPort: 8086 diff --git a/hack/toolbox/manifests/daemonset.yaml b/hack/toolbox/manifests/daemonset.yaml new file mode 100644 index 0000000000..e1bb2aac33 --- /dev/null +++ b/hack/toolbox/manifests/daemonset.yaml @@ -0,0 +1,57 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: azure-npm + namespace: kube-system + labels: + app: azure-npm + addonmanager.kubernetes.io/mode: EnsureExists +spec: + selector: + matchLabels: + k8s-app: azure-npm + template: + metadata: + labels: + k8s-app: azure-npm + annotations: + scheduler.alpha.kubernetes.io/critical-pod: "" + spec: + priorityClassName: system-node-critical + tolerations: + - operator: "Exists" + effect: NoExecute + - operator: "Exists" + effect: NoSchedule + - key: CriticalAddonsOnly + operator: Exists + nodeSelector: + beta.kubernetes.io/os: linux + kubernetes.io/role: agent + containers: + - name: azure-npm + image: mcr.microsoft.com/containernetworking/azure-npm:v1.0.33 + securityContext: + privileged: true + env: + - name: HOSTNAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + volumeMounts: + - name: xtables-lock + mountPath: /run/xtables.lock + - name: log + mountPath: /var/log + hostNetwork: true + volumes: + - name: log + hostPath: + path: /var/log + type: Directory + - name: xtables-lock + hostPath: + path: /run/xtables.lock + type: File + serviceAccountName: azure-npm diff --git a/hack/toolbox/manifests/master.yaml b/hack/toolbox/manifests/master.yaml new file mode 100644 index 0000000000..15e2134b31 --- /dev/null +++ b/hack/toolbox/manifests/master.yaml @@ -0,0 +1,113 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: master-pod-8085-tcp-host + labels: + app: master-pod-8085-tcp-host +spec: + replicas: 1 + selector: + matchLabels: + app: master-pod-8085-tcp-host + + template: + metadata: + labels: + app: master-pod-8085-tcp-host + spec: + nodeSelector: + beta.kubernetes.io/os: linux + kubernetes.io/role: master + hostNetwork: true + tolerations: + - operator: "Exists" + effect: NoExecute + - operator: "Exists" + effect: NoSchedule + - key: CriticalAddonsOnly + operator: Exists + containers: + - name: master-pod-8085-tcp-host + image: acnpublic.azurecr.io/toolbox:latest + env: + - name: TCP_PORT + value: "8085" + - name: UDP_PORT + value: "8086" + ports: + - containerPort: 8085 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: master-pod-8085-tcp + labels: + app: master-pod-8085-tcp +spec: + replicas: 1 + selector: + matchLabels: + app: master-pod-8085-tcp + + template: + metadata: + labels: + app: master-pod-8085-tcp + spec: + nodeSelector: + beta.kubernetes.io/os: linux + kubernetes.io/role: master + tolerations: + - operator: "Exists" + effect: NoExecute + - operator: "Exists" + effect: NoSchedule + - key: CriticalAddonsOnly + operator: Exists + containers: + - name: master-pod-8085-tcp + image: acnpublic.azurecr.io/toolbox:latest + env: + - name: TCP_PORT + value: "8085" + - name: UDP_PORT + value: "8086" + ports: + - containerPort: 8085 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: master-pod-8086-udp + labels: + app: master-pod-8086-udp +spec: + replicas: 1 + selector: + matchLabels: + app: master-pod-8086-udp + template: + metadata: + labels: + app: master-pod-8086-udp + spec: + nodeSelector: + beta.kubernetes.io/os: linux + kubernetes.io/role: master + tolerations: + - operator: "Exists" + effect: NoExecute + - operator: "Exists" + effect: NoSchedule + - key: CriticalAddonsOnly + operator: Exists + containers: + - name: master-pod-udp + image: acnpublic.azurecr.io/toolbox:latest + env: + - name: TCP_PORT + value: "8085" + - name: UDP_PORT + value: "8086" + ports: + - containerPort: 8086 diff --git a/hack/toolbox/manifests/service.yaml b/hack/toolbox/manifests/service.yaml new file mode 100644 index 0000000000..c25d9f40d2 --- /dev/null +++ b/hack/toolbox/manifests/service.yaml @@ -0,0 +1,56 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: agent-pod-8085-tcp-ipv4 +spec: + ipFamily: IPv4 + type: LoadBalancer + selector: + app: agent-pod-8085-tcp + ports: + - protocol: TCP + port: 8085 + targetPort: 8085 +--- +apiVersion: v1 +kind: Service +metadata: + name: agent-pod-8086-udp-ipv4 +spec: + type: LoadBalancer + ipFamily: IPv4 + selector: + app: agent-pod-8086-udp + ports: + - protocol: UDP + port: 8086 + targetPort: 8086 +--- +apiVersion: v1 +kind: Service +metadata: + name: agent-pod-8085-tcp-ipv6 +spec: + ipFamily: IPv6 + type: LoadBalancer + selector: + app: agent-pod-8085-tcp + ports: + - protocol: TCP + port: 8085 + targetPort: 8085 +--- +apiVersion: v1 +kind: Service +metadata: + name: agent-pod-8086-udp-ipv6 +spec: + type: LoadBalancer + ipFamily: IPv6 + selector: + app: agent-pod-8086-udp + ports: + - protocol: UDP + port: 8086 + targetPort: 8086 diff --git a/hack/toolbox/manifests/webserver.yaml b/hack/toolbox/manifests/webserver.yaml new file mode 100644 index 0000000000..8c52d0e8f9 --- /dev/null +++ b/hack/toolbox/manifests/webserver.yaml @@ -0,0 +1,61 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: toolbox +spec: + ipFamily: IPv6 + type: LoadBalancer + selector: + app: toolbox + ports: + - protocol: TCP + port: 8081 + targetPort: 8081 + +--- +apiVersion: v1 +kind: Service +metadata: + name: matmerr-http-v4 +spec: + ipFamily: IPv4 + type: LoadBalancer + selector: + app: matmerr-http-v4 + ports: + - protocol: TCP + port: 8081 + targetPort: 8081 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: toolbox + labels: + app: toolbox +spec: + replicas: 1 + selector: + matchLabels: + app: toolbox + template: + metadata: + labels: + app: toolbox + spec: + nodeSelector: + beta.kubernetes.io/os: linux + kubernetes.io/role: agent + containers: + - name: toolbox + image: matmerr/toolbox:v6.2 + env: + - name: TCP_PORT + value: "8085" + - name: UDP_PORT + value: "8086" + - name: HTTP_PORT + value: "8081" + ports: + - containerPort: 8081 diff --git a/hack/toolbox/server/Dockerfile.heavy b/hack/toolbox/server/Dockerfile.heavy new file mode 100644 index 0000000000..45464ce066 --- /dev/null +++ b/hack/toolbox/server/Dockerfile.heavy @@ -0,0 +1,45 @@ +FROM golang:alpine as build +ADD ./ / +WORKDIR / +RUN CGO_ENABLED=0 GOOS=linux go build -o server . + +FROM alpine:latest +RUN apk update +RUN apk add \ + axel \ + bridge-utils \ + bash \ + curl \ + bind-tools \ + ebtables \ + htop \ + iptables \ + ipset \ + iproute2 \ + iperf3 \ + iftop \ + jq \ + lsof \ + nano \ + net-tools \ + netcat-openbsd \ + nmap \ + nethogs \ + sudo \ + openssh \ + tcpdump \ + tcptraceroute \ + unzip \ + vim \ + wget + +RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" +RUN curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256" +RUN install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl +RUN ln -s /usr/local/bin/kubectl /usr/local/bin/k && rm ./kube* + +RUN wget https://github.com/microsoft/ethr/releases/latest/download/ethr_linux.zip +RUN unzip ethr_linux.zip + +COPY --from=build /server . +CMD ["./server"] diff --git a/hack/toolbox/server/Dockerfile.lite b/hack/toolbox/server/Dockerfile.lite new file mode 100644 index 0000000000..bf09930c8d --- /dev/null +++ b/hack/toolbox/server/Dockerfile.lite @@ -0,0 +1,8 @@ +FROM golang as build +ADD ./server/server.go / +WORKDIR / +RUN CGO_ENABLED=0 GOOS=linux go build -o server . + +FROM scratch +COPY --from=build /server . +CMD ["./server"] diff --git a/hack/toolbox/server/server.go b/hack/toolbox/server/server.go new file mode 100644 index 0000000000..1d1423d940 --- /dev/null +++ b/hack/toolbox/server/server.go @@ -0,0 +1,147 @@ +package main + +import ( + "fmt" + "math/rand" + "net" + "net/http" + "os" + "strconv" + "strings" + "time" +) + +const ( + httpport = 8080 + tcp = "tcp" + tcpport = 8085 + udp = "udp" + udpport = 8086 + + buffersize = 1024 +) + +func main() { + tcpPort, err := strconv.Atoi(os.Getenv("TCP_PORT")) + if err != nil { + tcpPort = tcpport + fmt.Printf("TCP_PORT not set, defaulting to port %d\n", tcpport) + } + + udpPort, err := strconv.Atoi(os.Getenv("UDP_PORT")) + if err != nil { + udpPort = udpport + fmt.Printf("UDP_PORT not set, defaulting to port %d\n", udpport) + } + + httpPort, err := strconv.Atoi(os.Getenv("HTTP_PORT")) + if err != nil { + httpPort = httpport + fmt.Printf("HTTP_PORT not set, defaulting to port %d\n", httpport) + } + + go listenOnUDP(udpPort) + go listenOnTCP(tcpPort) + listenHTTP(httpPort) +} + +func listenHTTP(port int) { + http.HandleFunc("/", func(rw http.ResponseWriter, r *http.Request) { + fmt.Printf("[HTTP] Received Connection from %v\n", r.RemoteAddr) + _, err := rw.Write(getResponse(r.RemoteAddr, "http")) + if err != nil { + fmt.Println(err) + } + }) + + p := strconv.Itoa(port) + fmt.Printf("[HTTP] Listening on %+v\n", p) + + if err := http.ListenAndServe(":"+p, nil); err != nil { + panic(err) + } +} + +func listenOnTCP(port int) { + listener, err := net.ListenTCP(tcp, &net.TCPAddr{Port: port}) + if err != nil { + fmt.Println(err) + return + } + defer listener.Close() + + fmt.Printf("[TCP] Listening on %+v\n", listener.Addr().String()) + rand.Seed(time.Now().Unix()) + + for { + connection, err := listener.Accept() + if err != nil { + fmt.Println(err) + return + } + go handleConnection(connection) + } +} + +func handleConnection(connection net.Conn) { + addressString := fmt.Sprintf("%+v", connection.RemoteAddr()) + fmt.Printf("[TCP] Received Connection from %s\n", addressString) + _, err := connection.Write(getResponse(addressString, tcp)) + if err != nil { + fmt.Println(err) + } + + err = connection.Close() + if err != nil { + fmt.Println(err) + } +} + +func getResponse(addressString, protocol string) []byte { + hostname, _ := os.Hostname() + interfaces, _ := net.Interfaces() + var base string + for _, iface := range interfaces { + base += fmt.Sprintf("\t%+v\n", iface.Name) + addrs, _ := iface.Addrs() + for _, addr := range addrs { + base += fmt.Sprintf("\t\t%+v\n", addr) + } + } + + return []byte(fmt.Sprintf("Connected To: %s via %s\nConnected From: %v\nRemote Interfaces:\n%v", hostname, protocol, addressString, base)) +} + +func listenOnUDP(port int) { + connection, err := net.ListenUDP(udp, &net.UDPAddr{Port: port}) + if err != nil { + fmt.Println(err) + return + } + fmt.Printf("[UDP] Listening on %+v\n", connection.LocalAddr().String()) + + defer connection.Close() + buffer := make([]byte, buffersize) + rand.Seed(time.Now().Unix()) + + for { + n, addr, err := connection.ReadFromUDP(buffer) + if err != nil { + fmt.Println(err) + } + payload := strings.TrimSpace(string(buffer[0 : n-1])) + + if payload == "STOP" { + fmt.Println("Exiting UDP server") + return + } + + addressString := fmt.Sprintf("%+v", addr) + fmt.Printf("[UDP] Received Connection from %s\n", addressString) + _, err = connection.WriteToUDP(getResponse(addressString, udp), addr) + if err != nil { + fmt.Println(err) + return + } + } +}