Skip to content

Commit

Permalink
Add a sshd, based on okteto
Browse files Browse the repository at this point in the history
  • Loading branch information
@costinm
costinm committed Jun 17, 2021
1 parent 2cd0414 commit ebd6125
Show file tree
Hide file tree
Showing 35 changed files with 909 additions and 265 deletions.
21 changes: 18 additions & 3 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ KO_DOCKER_REPO ?= gcr.io/dmeshgate/ugate
#KO_DOCKER_REPO ?= costinm/ugate
export KO_DOCKER_REPO


all/cr: docker/dev push/dev push/ko run/cloudrun

deploy: deploy/cloudrun deploy/helm

Expand Down Expand Up @@ -60,6 +60,9 @@ push/ugate:
push/ko:
(cd cmd/ugate && ko publish . --bare)

deps/ko:
go install github.com/google/ko@latest

# Run ugate in cloudrun.
# Storage: Env variables, GCP resources (buckets,secrets,k8s)
# Real cert, OIDC tokens via metadata server.
Expand All @@ -72,9 +75,21 @@ run/cloudrun2: #push/docker.ugate
gcloud beta run services replace manifests/knative-ugate.yaml --platform managed --project dmeshgate --region us-central1
gcloud run services update-traffic ugate --to-latest --platform managed --project dmeshgate --region us-central1

run/cloudrun3:
gcloud alpha run deploy ugatevm --sandbox=minivm --platform managed --project dmeshgate \
--region us-central1 --image gcr.io/dmeshgate/ugate:latest --command /usr/local/bin/run.sh --allow-unauthenticated --use-http2 --set-env-vars="SSH_AUTH=$(cat ~/.ssh/id_ecdsa.pub)" --use-http2

run/sshcr:
ssh -v -o StrictHostKeyChecking=no -o ProxyCommand='hbone https://ugatevm-yydsuf6tpq-uc.a.run.app:443/dm/127.0.0.1:22' \
[email protected]:443

run/helm:
helm upgrade --install --create-namespace ugate --namespace ugate manifests/ugate/
helm upgrade --install --create-namespace ugate \
--namespace ugate manifests/charts/ugate/

run/helm-istio-system:
helm upgrade --install --create-namespace ugate-istio-system \
--namespace istio-system manifests/charts/ugate/

test/run-iptables:
docker run -P \
Expand Down Expand Up @@ -107,7 +122,7 @@ test/iptables:
diff ${OUT}/iptables_443_5201.out cmd/ugate/testdata/iptables/iptables_443_5201.out

okteto:
#icurl https://get.okteto.com -sSfL | sh
# curl https://get.okteto.com -sSfL | sh
okteto up

HOSTS=c1 home
Expand Down
36 changes: 19 additions & 17 deletions cmd/hbone/hbone.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,20 +14,22 @@ import (


var (
verbose = flag.Bool("v", false, "Verbose messages")
// WIP:
// port = flag.Int("l", 0, "local port")
//debugPort = flag.Int("d", 0, "debug/status port")
)



var hc *http.Client

// Create a HBONE tunnel to a given URL.
//
// Current client is authenticated using local credentials, or a kube.json file. If no kube.json is found, one
// will be generated.
//
//
// Current client is authenticated for HBONE using local credentials, or a kube.json file.
// If no kube.json is found, one will be generated.
//
// Example:
// ssh -v -o ProxyCommand='wp -nc https://c1.webinf.info:443/dm/PZ5LWHIYFLSUZB7VHNAMGJICH7YVRU2CNFRT4TXFFQSXEITCJUCQ:22' root@PZ5LWHIYFLSUZB7VHNAMGJICH7YVRU2CNFRT4TXFFQSXEITCJUCQ
// ssh -v -o ProxyCommand='hbone https://c1.webinf.info:443/dm/PZ5LWHIYFLSUZB7VHNAMGJICH7YVRU2CNFRT4TXFFQSXEITCJUCQ:22' root@PZ5LWHIYFLSUZB7VHNAMGJICH7YVRU2CNFRT4TXFFQSXEITCJUCQ
//
// Bug: %h:%p doesn't work, ssh uses lower case and confuses the map.
func main() {
Expand All @@ -42,24 +44,23 @@ func main() {
Transport: ug,
}


url := ""
if len(os.Args) > 1 {
url = os.Args[1]
}
if url == "" {
if len(flag.Args()) == 0 {
log.Fatal("Expecting URL")
}

Netcat(ug, url)
url := flag.Arg(0)
err := Netcat(ug, url)
if err != nil {
log.Fatal(err)
}
}

func Netcat(ug *ugatesvc.UGate, s string) {
// Netcat copies stdin/stdout to a HBONE stream.
func Netcat(ug *ugatesvc.UGate, s string) error {
i, o := io.Pipe()
r, _ := http.NewRequest("POST", s, i)
res, err := ug.RoundTrip(r)
if err != nil {
log.Fatal(err)
return err
}
nc := ugate.NewStreamRequestOut(r, o, res, nil)
go func() {
Expand All @@ -76,9 +77,10 @@ func Netcat(ug *ugatesvc.UGate, s string) {
for {
n, err := os.Stdin.Read(b1)
if err != nil {
log.Fatal("Stding read err", err)
return err
}
nc.Write(b1[0:n])
}
return nil
}

3 changes: 3 additions & 0 deletions cmd/ugate/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,12 @@ replace github.com/costinm/ugate/ext/bootstrap => ../../ext/bootstrap

replace github.com/costinm/ugate/ext/quic => ../../ext/quic

replace github.com/costinm/ugate/ext/ssh => ../../ext/ssh

require (
github.com/costinm/ugate v0.0.0-20210425213441-05024f5e8910
github.com/costinm/ugate/dns v0.0.0-20210425213441-05024f5e8910
github.com/costinm/ugate/ext/bootstrap v0.0.0-20210510001934-3cec7b4617c7
github.com/costinm/ugate/ext/ssh v0.0.0-20210521213237-2cd041481a3c // indirect
github.com/miekg/dns v1.1.41 // indirect
)
14 changes: 14 additions & 0 deletions cmd/ugate/go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA=
github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8=
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625 h1:ckJgFhFWywOx+YLEMIJsTb+NV6NexWICk5+AMSuz3ss=
Expand All @@ -39,10 +41,14 @@ github.com/costinm/ugate/ext/h2r v0.0.0-20210425213441-05024f5e8910 h1:VZwVjLnyL
github.com/costinm/ugate/ext/h2r v0.0.0-20210425213441-05024f5e8910/go.mod h1:1d8rSNrB60psQhPU3ciwe1z6IWb96+7ugQ08nYtEDsk=
github.com/costinm/ugate/ext/quic v0.0.0-20210425213441-05024f5e8910 h1:0dacrAzzMXErNprC/DwtZqCKduXGAH6QvOl50YlYerc=
github.com/costinm/ugate/ext/quic v0.0.0-20210425213441-05024f5e8910/go.mod h1:h/Npcs8NuWA7XUZ4TCF7qjprvnNHtFGQIRJ6k8IuHEw=
github.com/costinm/ugate/ext/ssh v0.0.0-20210521213237-2cd041481a3c h1:YEZkTskvGUJNTpovXdC/lnu8zKSpRQZAXkBOzvvnNMg=
github.com/costinm/ugate/ext/ssh v0.0.0-20210521213237-2cd041481a3c/go.mod h1:9Y3iaRWmLp8ejV5OZQIrmY97KlWYxQYU+r9DEg5mNms=
github.com/costinm/ugate/ext/webrtc v0.0.0-20210425213441-05024f5e8910 h1:W1jVbuo/BSet9tumT7qSKOvU+P05oCpKUH56ydmrbwg=
github.com/costinm/ugate/ext/webrtc v0.0.0-20210425213441-05024f5e8910/go.mod h1:VYvT/VW5e+5wP6FdC1dO1wbi6d09/KS7MLsoLvNaK2I=
github.com/costinm/ugate/ext/xds v0.0.0-20210425213441-05024f5e8910 h1:z/Dj7eo0f8PQjoCVijl0PBH1f5R0UbmJ/jQiksrFUpo=
github.com/costinm/ugate/ext/xds v0.0.0-20210425213441-05024f5e8910/go.mod h1:gNg9xkrySEYYmE1q61/1g18+dfnlTS8+N05YA83gpxk=
github.com/creack/pty v1.1.13 h1:rTPnd/xocYRjutMfqide2zle1u96upp1gm6eUHKi7us=
github.com/creack/pty v1.1.13/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
Expand All @@ -66,6 +72,8 @@ github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/gliderlabs/ssh v0.1.1 h1:j3L6gSLQalDETeEg/Jg0mGY0/y/N6zI2xX1978P0Uqw=
github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
github.com/gliderlabs/ssh v0.3.2 h1:gcfd1Aj/9RQxvygu4l3sak711f/5+VOwBw9C/7+N4EI=
github.com/gliderlabs/ssh v0.3.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w=
github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I=
Expand Down Expand Up @@ -141,6 +149,8 @@ github.com/kisielk/errcheck v1.5.0 h1:e8esj/e4R+SAOwFwN+n3zr0nYeCyeweozKfO23MvHz
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
github.com/kisielk/gotool v1.0.0 h1:AV2c/EiW3KqPNT9ZKl07ehoAGi4C5/01Cfbblndcapg=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/kr/fs v0.1.0 h1:Jskdu9ieNAYnjxsi0LbQp1ulIKZV1LAFgK1tWhpZgl8=
github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
Expand Down Expand Up @@ -247,6 +257,8 @@ github.com/pion/webrtc/v3 v3.0.25/go.mod h1:Qx9zd4xvIeFTN1hygyJ77XVi/YbElyjVitL6
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/sftp v1.13.1 h1:I2qBYMChEhIjOgazfJmV3/mZM256btk6wkCDRmW7JYs=
github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/prometheus/client_golang v0.8.0 h1:1921Yw9Gc3iSc4VQh3PIoOqgPCZS7G/4xQNVUp8Mda8=
Expand Down Expand Up @@ -346,6 +358,8 @@ golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWP
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b h1:7mWr3k41Qtv8XlltBkDkl8LoP3mpSgBW8BUoxtEdbXg=
golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210503195802-e9a32991a82e h1:8foAy0aoO5GkqCvAEJ4VC4P3zksTg4X4aJCDpZzmgQI=
golang.org/x/crypto v0.0.0-20210503195802-e9a32991a82e/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4 h1:c2HOrn5iMezYjSlGPncknSEr/8x5LELb/ilJbXi9DEA=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
Expand Down
36 changes: 33 additions & 3 deletions cmd/ugate/skaffold.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,15 @@ build:
- "go.sum"

deploy:
kubectl:
manifests:
- ../../k8s/ugate/templates/*
# kubectl:
# manifests:
# - ../../k8s/ugate/templates/*
helm:
releases:
- name: ugate
namespace: ugate
createNamespace: true
chartPath: ../../manifests/charts/ugate

portForward:
- resourceType: deployment
Expand All @@ -51,3 +57,27 @@ portForward:
resourceName: wps
port: 15000
localPort: 14000

- resourceType: service
namespace: mon
resourceName: prometheus-1-grafana
port: 80
localPort: 3000

- resourceType: service
namespace: mon
resourceName: prometheus-1-prometheus
port: 9090
localPort: 9090
# Registry, for skaffold
# - resourceType: replicationcontroller
# namespace: kube-registry
# resourceName: kube-registry-v0
# port: 5000
# localPort: 5000
# Istio
# - resourceType: service
# namespace: istio-system
# resourceName: istiod
# port: 15010
# localPort: 16010
Loading

0 comments on commit ebd6125

Please sign in to comment.