Skip to content
This repository has been archived by the owner on Sep 21, 2023. It is now read-only.
/ fabric-kubernetes-nodes Public archive

A fabric Fabfile for SSHing into Kubernetes nodes by label query

License

Apache-2.0 license
43 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

coreos/fabric-kubernetes-nodes

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
.gitignore
.gitignore
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
DCO
DCO
 
 
LICENSE
LICENSE
 
 
MAINTAINERS
MAINTAINERS
 
 
NOTICE
NOTICE
 
 
README.md
README.md
 
 
code-of-conduct.md
code-of-conduct.md
 
 
fabfile.py
fabfile.py
 
 

Repository files navigation

Integrating Kubernetes Nodes with the Fabric Tool

Kubernetes has a database of nodes in the cluster which can be queried with kubectl get nodes. This is a powerful database for automation and integration with existing tools. One powerful tool is the Fabric SSH utility which is known as a fabfile.py.

Getting Started

Install the Fabric SSH utility and test it out:

$ fab --version
Fabric 1.13.1

Git clone this repo and move into the directory

git clone https://github.com/coreos/fabric-kubernetes-nodes
cd fabric-kubernetes-nodes

Fabric will use the fabfile.py from the root of this directory. So now Kubernetes Nodes and labels are integrated directly into fabric! Here is an example session using this integration:

$ kubectl label node ip-10-0-0-50.us-west-2.compute.internal my-special-label=true
$ fab -u core -R my-special-label=true -- date
[52.26.54.211] Executing task '<remainder>'
[52.26.54.211] run: date
[52.26.54.211] out: Thu Feb 16 06:54:37 UTC 2017
[52.26.54.211] out:

Demo of fabric integration

Bastion or Gateway Hosts

Many configurations of Kubernetes, like Tectonic, do not enable direct SSH access to machines in the cluster and instead users must first access gateway or bastion hosts. If the Kubernetes cluster has this configuration add the --gateway flag to the command and change the address type to .

$ export FAB_KUBE_NODE_ADDRESS_TYPE=InternalIP
$ fab --gateway=W.X.Y.Z -u core -R  failure-domain.beta.kubernetes.io/zone=us-west-2a -- date
[10.0.3.24] Executing task '<remainder>'
[10.0.3.24] run: date
[10.0.3.24] out: Mon May  1 02:50:13 UTC 2017
[10.0.3.24] out:

[10.0.60.15] Executing task '<remainder>'
[10.0.60.15] run: date
[10.0.60.15] out: Mon May  1 02:50:16 UTC 2017
[10.0.60.15] out:


Done.
Disconnect

By default the fabfile will use the ExternalIP of nodes. However, it can be configured to use any IP address that a Node has available. The example above uses the common InternalIP field. To change this to a custom SpecialIP export the environment variable FAB_KUBE_NODE_ADDRESS_TYPE=SpecialIP.

FAQ

Q: With Kubernetes aren't we living in a post-SSH world?

A: Kubernetes does enable a workflow where SSH should be less and less necessary for administering machines but often there is still a need to SSH into machines to gather statistics, debug issues, or repair configuration issues. So, while we hope that years from now machines will never need SSH and one-off debugging this tool is useful for the realities of today.

About

A fabric Fabfile for SSHing into Kubernetes nodes by label query

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

43 stars

Watchers

35 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 8