Just some commands that had value at some time or another.
Resources
All resources in a namespace
Just iterate over the resource type and look for them:
for i in `kubectl api-resources --verbs list --namespaced -o name`; do kubectl get --sho-kind --ignore-not-found $i; done
Which pods still have persistent volume claim
kubectl get pods --all-namespaces -o=json | jq -c '.items[] | {name: .metadata.name, namespace: .metadata.namespace, claimName:.spec.volumes[] | select (has ("persistentVolumeClaim") ).persistentVolumeClaim.claimName }'
Networking
Jump portals
In order to do this you'd need to be able to exec into pods and make sure socat is available on the pod. When that is possible it is possible to tunnel via the pod towards a target.
On the pod setup a tunnel to remote endpoint:
socat tcp-l:<local-port>,fork,reuseaddr tcp:<target-host>:<target-port>
kubectl port-forward pod/<jump-pod> <local-port>:<target-port>
resources:
- socat commad list: https://exploit-notes.hdks.org/exploit/network/port-forwarding/port-forwarding-with-socat/
- k8s port-forward docs: https://kubernetes.io/docs/tasks/access-application-cluster/port-forward-access-application-cluster/
No comments:
Post a Comment