k8s/Kubernetes>> docker-jumper>> 返回
项目作者: jhazelwo

项目描述 :
Jump host/tier using Docker containers
高级语言: Shell
项目地址: git://github.com/jhazelwo/docker-jumper.git
创建时间: 2017-03-26T13:10:45Z
项目社区:https://github.com/jhazelwo/docker-jumper
开源协议:MIT License
下载


Jump tier using Docker containers

docker-jumper is a way to give your users, employees, or customers a
more secure and flexible jump tier.

  • Each user gets their own container, running on their own port.
  • No passwords! Containers only accept SSH keys.
  • Tiny 9MB image size thanks to
    Alpine Linux.
  • User provisioning is just 3 variables (name, port and public key) in
    their own Dockerfile.

Getting started

On your Docker host:

  1. git clone https://github.com/jhazelwo/docker-jumper.git
  2. cd docker-jumper
  3. ./jumper/build_base.sh
  4. Look at the examples in jumper/users/ and create
    your own Dockerfile-username, assign a port, pick a username and
    paste the public SSH key. Remember to remove any
    jumper/users/Dockerfile-{username} files you don’t want to create
    images for.
  5. ./jumper/build_users.sh
  6. ./jumper/run_users.sh

You should be able to SSH as the user and port you specified using your
private key!

Example Dockerfile-username file:

  1. FROM jhazelwo/jumper:1.0
  2. MAINTAINER "Jumper Admins" <jumper-admins@my-company.tld>
  3. ENV PERSON zbeeblebrox
  4. ENV PUBSSHKEY ssh-rsa AAAAB3NzEmmIKHw.......gt3gUNhANLmIokaw= me@laptop
  5. ENV PORT 12345

More info:

The jumper/cfg/settings.sh file has the
repo name, container name and tag settings that the included scripts
use when building and running containers.

See the doc directory for more documentation including a
FAQ, the best ways to Log,
Patch, and extend your Jumper
install to do just about anything a jump tier can do.

‘Image’ vs. ‘Container’; these words are used all throughout the
documentation and it is critical that their meaning is clearly
understood as they are related but different things. An image is a
compiled object, the result of a docker build command, and is akin to
a template. Images are built, not run. A container is a running process,
the result of a docker run command. Containers are based on an image,
much like object instantiation. Deleting a container does not delete
the image the container is based on. Deleting an image can only be done
if no containers running use the image. For programmers, an image is
like a class declaration, a container is like an instance of a class.

Troubleshooting

Please open an
issue if you run
into a problem.

Development

Open beta!
Pull Requests
welcome!

Bugs:

  • None known at this time.

TODO

  • Host DB for jumper-root setups.
  • Session data logging, for super-voyeur corporations. Forkers: Don’t
    use sudosh! It’s not as solid as you might think.
  • Group-based / multi-user containers. Almost defeats the purpose but
    an easy fork candidate.
  • Explain flavors more betterer.