diff --git a/controlbox/Dockerfile b/controlbox/Dockerfile new file mode 100644 index 0000000..d256ee6 --- /dev/null +++ b/controlbox/Dockerfile @@ -0,0 +1,14 @@ +FROM debian:12-slim + +RUN apt-get update && apt-get install -y curl wget python3 python3-pip openssh-server iputils-ping net-tools screen parallel \ + && rm -rf /var/lib/apt/lists/* + +RUN mkdir -p /run/sshd /root/.ssh && chmod 0755 /run/sshd && chmod 700 /root/.ssh + +RUN pip3 install --break-system-packages --upgrade pip +RUN pip3 install --break-system-packages requests websocket-client kubernetes + +RUN wget https://github.com/.keys -O /root/.ssh/authorized_keys \ + && chmod 600 /root/.ssh/authorized_keys + +CMD ["/bin/sleep", "infinity"] diff --git a/controlbox/README.md b/controlbox/README.md new file mode 100644 index 0000000..6c64206 --- /dev/null +++ b/controlbox/README.md @@ -0,0 +1,46 @@ +# Controlbox + +In order to easy access the status-desktop nodes with requests like: +``` +base_url = f"http://{pod}:3333/statusgo/CallRPC" + +response = requests.post(base_url, json={ + "jsonrpc": "2.0", + "method": "wakuext_fetchCommunity", + "params": [{ + "communityKey": community_id, + "waitForResponse": True, + "tryDatabase": True + }], + "id": 1 + }) +``` + +We will create a pod inside the namespace. Scripts will be run from inside the cluster, +having easier access to all nodes addresses. Also, this can be port-forwarded so you can +still work from your IDE, setting up breakpoints and exploring variables. + +This was the most comfortable/fastest approach to being able to concurrently interact +with a big number of nodes. + +## Building +``` +docker build -t controlbox . +``` + +Make sure you put your GitHub handle in the following line inside the Dockerfile: +``` +RUN wget https://github.com/.keys -O /root/.ssh/authorized_keys \ + && chmod 600 /root/.ssh/authorized_keys +``` + +## Running +Apply the controlbox.yaml file to your Kubernetes cluster. + +## Connecting to the Controlbox +Create a port forward to the controlbox pod on port 2222 -> 22, then: +``` +ssh -p 2222 root@ +``` + +Alternatively (useful for scripts that need Kubernetes env vars) use k9s to shell into the pod. diff --git a/controlbox/controlbox.yaml b/controlbox/controlbox.yaml new file mode 100644 index 0000000..4de675e --- /dev/null +++ b/controlbox/controlbox.yaml @@ -0,0 +1,80 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: controlbox-sa + namespace: status-go-test +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: statefulset-viewer + namespace: status-go-test +rules: +- apiGroups: ["apps"] + resources: ["statefulsets"] + verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: controlbox-statefulset-viewer + namespace: status-go-test +subjects: +- kind: ServiceAccount + name: controlbox-sa + namespace: status-go-test +roleRef: + kind: Role + name: statefulset-viewer + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controlbox + namespace: status-go-test +spec: + replicas: 1 + selector: + matchLabels: + app: controlbox + template: + metadata: + labels: + app: controlbox + spec: + dnsConfig: + searches: + - status-service-node.status-go-test.svc.cluster.local + - status-service-bootstrap.status-go-test.svc.cluster.local + - status-backend-light.status-go-test.svc.cluster.local + - status-backend-relay.status-go-test.svc.cluster.local + serviceAccountName: controlbox-sa + containers: + - name: controlbox + image: soutullostatus/controlbox-status:v1.0.0 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 22 + command: ["/bin/bash", "-c"] + args: + - | + apt-get update && apt-get install -y curl && \ + curl -LO "https://dl.k8s.io/release/stable.txt" && \ + curl -LO "https://dl.k8s.io/release/$(cat stable.txt)/bin/linux/amd64/kubectl" && \ + chmod +x kubectl && \ + mv kubectl /usr/local/bin/ && \ + /usr/sbin/sshd -D +--- +apiVersion: v1 +kind: Service +metadata: + name: controlbox-service + namespace: status-go-test +spec: + clusterIP: None + selector: + app: controlbox