A containerized multi cloud shell for AWS, Google and Azure with a special focus on Kubernetes.
The core components are:
gcloud
cli for Googleaws
cli for AWSaz
cli for Azure
Plus all additional tools and command line interfaces to manage kubernetes clusters.
On a very high level, you're building your personal shell with all the tools deployed whereby the shell is running containerized in detached mode. To work with the shell, you simply ssh into it. Multiple simultanious connections are supported.
- Docker
Tested with
- Linux,
- MacOS X and
- AWS Cloud9
Linux
Docker
curl -fsSL get.docker.com -o get-docker.sh && sudo sh get-docker.sh
sudo usermod -aG docker `whoami` && sudo service docker start
AWS
Cloud9 requires a VPC with a public subnet available. If you don't have that within the desired region you need to create it before creating the Cloud9 instance, otherwise continue with the Cloud9 configuration.
- Create a VPC
- Name tag: cloud9-vpc
- IPv4 CIDR block: 10.0.0.0/16
- IPv6 CIDR block: No
- Tenancy: Default
- Create a Subnet
- Name tag: cloud9-subnet
- VPC: cloud9-vpc
- Availability Zone: No preference
- IPv4 CIDR block: 10.0.1.0/24
- Create an Internet Gateway
- Name tag: cloud9-igw
- Attach Internet Gateway to VPC
- VPC: cloud9-vpc
- Modify Route Table --> Routes --> Edit routes --> Add route
- Destination 0.0.0.0/0
- Target: cloud9-igw
Cloud9 Configuration:
- Name: <whatever-you-like>
- Instance type: >= t3.medium
- Platform: Ubuntu Server 18.04-LTS
Windows
NOT SUPPORTED, FULLSTOP.
Note: If you are using a Mac and iCloud Drive, you should move the shell folder to a location not within the scope if iCloud Drive. This is not mandatory but recommended.
Build and run it:
git clone https://github.com/mawinkler/mcs.git
cd mcs/shell
If using AWS Cloud9 as the base, you likely need to increase the disk size of the Cloud9 instance depending on the type you chose above. Execute:
./resize.sh
Now build and start
./build.sh
./start.sh
You can access mcs
with ssh:
# Password: mcs
ssh -p 2222 mcs@YOUR-IP
Setup AWS
Authenticate to AWS via
aws configure
AWS Access Key ID [****************....]: <KEY>
AWS Secret Access Key [****************....]: <SECRET>
Default region name [eu-central-1]:
Default output format [None]: json
export AWS_ACCOUNT_ID=$(aws sts get-caller-identity --output text --query Account)
export AWS_REGION=$(cat ~/.aws/config | sed -n 's/^region\s=\s\(.*\)/\1/p')
Setup Azure
Authenticate to Azure via
az login --use-device-code
and follow the process.
Setup Google
Authenticate to GCP via
gcloud auth login
and follow the process.
Persistence is provided by a mapped working directory on your docker host. That means, you can easily destroy and rebuild the image whenever needed. If you want to move your setup, simply tar / zip your local repo directory including the workdir.
mcs
is designed to allow file read / write not only from within the container, but also from your host running the shell. So, simply use your local editor of choice and modify any file within the workdir as you like. All changes will be immedeately available within the mcs
.
To save and restore your environment variables run
# Dump environment to disk
env_save
or
# Restore environment from disk
env_restore`
When restarting the mcs
container with ./start.sh
, the last saved environment will be restored automagically.
The following tools are baked into the container:
- Clouds
- aws
- az
- gcloud
- Kubernetes Tools
Kubebox relies on cAdvisor to retrieve the resource usage metrics. When you're connected to a cluster run
kubectl apply -f https://raw.github.com/astefanutti/kubebox/master/cadvisor.yaml
Nice tools amongst others are
kubectl krew install access-matrix
kubectl krew install rbac-lookup
There are hundreds of aliases set for your convenience. To point out some of the most used:
Kubernetes
kchns <NAMESPACE>
change your working context to a specific namespace, avoiding the requirement to allways dokubectl -n <NAMESPACE>
.kgpo
list all pods in the current namespace.kgsvc
list all pods in the current namespace.kshell
creates a shell running in a pod in the actual workspace. You're root in that shell.keti <POD NAME>
beams you to a shell in the named pod.stern . -t -s10m
will give you realtime logs of all pods in the current namespace including a history of 10 mins. Very handy when debugging deployments.
Shell
scr
creates or reattaches mcs to screened shells, making it possible to switch in between multiple shells within mcs.- Ctrl+a c Create a new window (with shell).
- Ctrl+a " List all windows.
- Ctrl+a 0 Switch to window 0 (by number).
- Ctrl+a A Rename the current window.
- Ctrl+a S Split current region horizontally into two regions.
- Ctrl+a | Split current region vertically into two regions.
- Ctrl+a tab Switch the input focus to the next region.
- Ctrl+a Ctrl+a Toggle between the current and previous windows
- Ctrl+a Q Close all regions but the current one.
- Ctrl+a X Close the current region.
- Ctrl+a d You can detach from the screen session. If you run
scr
again, you will reattach to the screen session.
.. <LEVEL>
traverses down multipleLEVEL
s from the current path.