k8spot

WARNING: THIS IS NOT PRODUCTION READY!

Talk

k8spot has been featured at Troopers 22 (see troopers-22.pdf for the slides)

To Dos / Areas of Improvements

Add client cert fingerprint logging
Secure json paths (gate to third_party dir)
Spoof x-kubernetes headers dynamically
HTTPS (w/ real certs)
More endpoints
Autogen for workloads
- Try parsing OpenAPI
Add more k8s flavors

Usage

go run main.go

Then point your kubectl to the supplied config, e.g.: kubectl --kubeconfig=kubeconfig get nodes

To pull corresponding API JSONs for your kubernetes: curl --cacert /your/ca.crt --cert ~/your/client.crt --key /your/client.key https://your.k8s.fqdn:8443/... ... or run get_json.sh

Name		Name	Last commit message	Last commit date
Latest commit History 16 Commits
pkg		pkg
third_party		third_party
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
get_json.sh		get_json.sh
get_json_files.txt		get_json_files.txt
go.mod		go.mod
go.sum		go.sum
kubeconfig		kubeconfig
kubeconfig-https		kubeconfig-https
main.go		main.go
troopers-22.pdf		troopers-22.pdf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

pkg

pkg

third_party

third_party

.gitignore

.gitignore

Dockerfile

Dockerfile

LICENSE

LICENSE

README.md

README.md

get_json.sh

get_json.sh

get_json_files.txt

get_json_files.txt

go.mod

go.mod

go.sum

go.sum

kubeconfig

kubeconfig

kubeconfig-https

kubeconfig-https

main.go

main.go

troopers-22.pdf

troopers-22.pdf

Repository files navigation

k8spot

Talk

To Dos / Areas of Improvements

Usage

About

Releases

Packages

Languages

License

Maddosaurus/k8spot

Folders and files

Latest commit

History

Repository files navigation

k8spot

Talk

To Dos / Areas of Improvements

Usage

About

Resources

License

Stars

Watchers

Forks

Languages