Skip to content
main
Switch branches/tags
Go to file
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Jan 30, 2021
Jan 30, 2021
Jan 30, 2021
Jan 30, 2021
Jan 30, 2021
Jan 30, 2021
Jan 30, 2021

README.md

K8s-mirror

Why?

To enable high-fidelity, offline review of Kubernetes clusters as a part of Darkbit's cloud and Kubernetes security consulting services offerings, a simple script to export all K8s resources from a cluster was developed. A modified version of this script is included in this repository as kube-exporter.sh.

The original goal of this export format was to support ingestion by the OpenCSPM analysis platform. However, there are instances where analysis is best performed with a quick run of kubectl. Without having direct access to a client's cluster, a "mirror" cluster is needed.

What?

Using the kube-exporter.sh in this repo, all the resources in a target cluster are exported to a local, new-line delimited json format. To view, this data, another instance of etcd and the kube-apiserver are needed, so that's what is baked into the container specified by this Dockerfile. The idea is that a local docker container running just the barebones components needed can be populated with the raw exported data directly into etcd.

How?

  • Clone the repository
  • Run kube-exporter.sh against the target cluster. It's output file should be named <kubecontext_name>.json.
  • Copy <kubecontext_name>.json to data/import.json
  • Modify the Dockerfile to use the correct K8S_VERSION
  • Run make build to build the docker container.
  • Run make run to launch the "mirror" cluster container. This container runs etcd, loads the data from /data/import.json into etcd, and then launches an insecure API server. That is, it runs without TLS, listens on localhost:31337 and requires a simple token for authentication as cluster-admin.
  • Run export KUBECONFIG=kubeconfig.honk
  • Run kubectl get pods -A to query for pods in the "mirror" cluster container.
  • When done, kill the container to clean up.

Warning!

This is a working proof of concept and "pre-alpha" quality. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

About

Creates a local mirror of a Kubernetes cluster in a docker container to support offline reviewing

Resources

License

Releases

No releases published

Packages

No packages published