Skip to content
Switch branches/tags
Go to file


Failed to load latest commit information.
Latest commit message
Commit time
Jan 30, 2021
Jan 30, 2021
Jan 30, 2021
Jan 30, 2021
Jan 30, 2021
Jan 30, 2021
Jan 30, 2021



To enable high-fidelity, offline review of Kubernetes clusters as a part of Darkbit's cloud and Kubernetes security consulting services offerings, a simple script to export all K8s resources from a cluster was developed. A modified version of this script is included in this repository as

The original goal of this export format was to support ingestion by the OpenCSPM analysis platform. However, there are instances where analysis is best performed with a quick run of kubectl. Without having direct access to a client's cluster, a "mirror" cluster is needed.


Using the in this repo, all the resources in a target cluster are exported to a local, new-line delimited json format. To view, this data, another instance of etcd and the kube-apiserver are needed, so that's what is baked into the container specified by this Dockerfile. The idea is that a local docker container running just the barebones components needed can be populated with the raw exported data directly into etcd.


  • Clone the repository
  • Run against the target cluster. It's output file should be named <kubecontext_name>.json.
  • Copy <kubecontext_name>.json to data/import.json
  • Modify the Dockerfile to use the correct K8S_VERSION
  • Run make build to build the docker container.
  • Run make run to launch the "mirror" cluster container. This container runs etcd, loads the data from /data/import.json into etcd, and then launches an insecure API server. That is, it runs without TLS, listens on localhost:31337 and requires a simple token for authentication as cluster-admin.
  • Run export KUBECONFIG=kubeconfig.honk
  • Run kubectl get pods -A to query for pods in the "mirror" cluster container.
  • When done, kill the container to clean up.


This is a working proof of concept and "pre-alpha" quality. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.


Creates a local mirror of a Kubernetes cluster in a docker container to support offline reviewing




No releases published


No packages published