Goglides Dev 🌱

Goglides Dev 🌱 is a community of amazing users

Shaping the future of IT, one connection at a time.

Create account Log in
Balkrishna Pandey
Balkrishna Pandey

Posted on

Running kubectl from pod kubernetes/Openshift

This is a YAML definition file for a Kubernetes Pod. The Pod contains one container, which runs the bitnami/kubectl. Save this content in file kubectl-pod.yaml and apply using oc apply -f kubectl-pod.yaml.

apiVersion: v1
kind: Pod
metadata:
  name: kubectl
spec:
  serviceAccountName: kubectl
  securityContext:
    runAsNonRoot: true
    allowPrivilegeEscalation: false
    capabilities:
      drop: ["ALL"]
    seccompProfile:
      type: RuntimeDefault
  containers:
  - name: kubectl
    image: bitnami/kubectl:latest
    command: ["/bin/sh"]
    args: ["-c", "while true; do echo hello; sleep 10;done"]
    resources: {}
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        drop: ["ALL"]
  dnsPolicy: ClusterFirst
  restartPolicy: Always

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: kubectl
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: pod-kubectl
rules:
- apiGroups: [""]
  resources: ["pods", "configmaps"]
  verbs: ["create", "get", "update", "delete", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: pod-kubectl-rolebinding
subjects:
- kind: ServiceAccount
  name: kubectl
  namespace: default
roleRef:
  kind: ClusterRole
  name: pod-kubectl
  apiGroup: rbac.authorization.k8s.io
Enter fullscreen mode Exit fullscreen mode

Note: If you want to schedule this pod in specific node add, spec.nodeName: <your-specific-nodename> in above pod definition.

Once the Pod is up and running, you should able to connect to the pods using the following command,

oc exec -it kubectl -- bash //OR
oc rsh kubectl
Enter fullscreen mode Exit fullscreen mode

Discussion (0)