adelorenzo/kubesolo-os
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
main
kubesolo-os/hack/inject-ssh.sh
Adolfo Delorenzo e372df578b feat: initial Phase 1 PoC scaffolding for KubeSolo OS 
Complete Phase 1 implementation of KubeSolo OS — an immutable, bootable
Linux distribution built on Tiny Core Linux for running KubeSolo
single-node Kubernetes.

Build system:
- Makefile with fetch, rootfs, initramfs, iso, disk-image targets
- Dockerfile.builder for reproducible builds
- Scripts to download Tiny Core, extract rootfs, inject KubeSolo,
  pack initramfs, and create bootable ISO/disk images

Init system (10 POSIX sh stages):
- Early mount (proc/sys/dev/cgroup2), cmdline parsing, persistent
  mount with bind-mounts, kernel module loading, sysctl, DHCP
  networking, hostname, clock sync, containerd prep, KubeSolo exec

Shared libraries:
- functions.sh (device wait, IP lookup, config helpers)
- network.sh (static IP, config persistence, interface detection)
- health.sh (containerd, API server, node readiness checks)
- Emergency shell for boot failure debugging

Testing:
- QEMU boot test with serial log marker detection
- K8s readiness test with kubectl verification
- Persistence test (reboot + verify state survives)
- Workload deployment test (nginx pod)
- Local storage test (PVC + local-path provisioner)
- Network policy test
- Reusable run-vm.sh launcher

Developer tools:
- dev-vm.sh (interactive QEMU with port forwarding)
- rebuild-initramfs.sh (fast iteration)
- inject-ssh.sh (dropbear SSH for debugging)
- extract-kernel-config.sh + kernel-audit.sh

Documentation:
- Full design document with architecture research
- Boot flow documentation covering all 10 init stages
- Cloud-init examples (DHCP, static IP, Portainer Edge, air-gapped)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-11 10:18:42 -06:00

83 lines
2.7 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
# inject-ssh.sh — Add SSH (dropbear) to initramfs for debugging
# Usage: ./hack/inject-ssh.sh [path-to-kubesolo-os.gz]
#
# This adds a minimal SSH server to the initramfs so you can SSH into the
# running KubeSolo OS for debugging. NOT for production use.
#
# Prerequisites: dropbear binaries (statically compiled) or tcz packages
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
ROOTFS_DIR="${ROOTFS_DIR:-$PROJECT_ROOT/build/rootfs-work}"
ROOTFS="$ROOTFS_DIR/rootfs"
INITRAMFS="${1:-$ROOTFS_DIR/kubesolo-os.gz}"
if [ ! -d "$ROOTFS" ]; then
echo "ERROR: Rootfs not found: $ROOTFS"
echo "Run 'make rootfs' first."
exit 1
fi
SSH_PUBKEY="${SSH_PUBKEY:-$HOME/.ssh/id_rsa.pub}"
if [ ! -f "$SSH_PUBKEY" ]; then
SSH_PUBKEY="$HOME/.ssh/id_ed25519.pub"
fi
if [ ! -f "$SSH_PUBKEY" ]; then
echo "ERROR: No SSH public key found."
echo "Set SSH_PUBKEY=/path/to/key.pub or generate one with: ssh-keygen"
exit 1
fi
echo "==> Injecting SSH support into rootfs..."
echo " Public key: $SSH_PUBKEY"
# Create SSH directories
mkdir -p "$ROOTFS/root/.ssh"
mkdir -p "$ROOTFS/etc/dropbear"
# Install authorized key
cp "$SSH_PUBKEY" "$ROOTFS/root/.ssh/authorized_keys"
chmod 700 "$ROOTFS/root/.ssh"
chmod 600 "$ROOTFS/root/.ssh/authorized_keys"
# Create a startup script for dropbear
cat > "$ROOTFS/usr/lib/kubesolo-os/init.d/85-ssh.sh" << 'EOF'
#!/bin/sh
# 85-ssh.sh — Start SSH server for debugging (dev only)
if command -v dropbear >/dev/null 2>&1; then
# Generate host keys if missing
if [ ! -f /etc/dropbear/dropbear_rsa_host_key ]; then
dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key >/dev/null 2>&1
fi
if [ ! -f /etc/dropbear/dropbear_ed25519_host_key ]; then
dropbearkey -t ed25519 -f /etc/dropbear/dropbear_ed25519_host_key >/dev/null 2>&1
fi
dropbear -R -p 22 2>/dev/null
log_ok "SSH server (dropbear) started on port 22"
else
log_warn "dropbear not found — SSH not available"
log_warn "To add SSH, install dropbear statically compiled binary to /usr/sbin/dropbear"
fi
EOF
chmod +x "$ROOTFS/usr/lib/kubesolo-os/init.d/85-ssh.sh"
echo "==> SSH stage added (85-ssh.sh)"
echo ""
echo "==> NOTE: You still need the dropbear binary in the rootfs."
echo " Option 1: Download a static dropbear build:"
echo " wget -O $ROOTFS/usr/sbin/dropbear <url-to-static-dropbear>"
echo " chmod +x $ROOTFS/usr/sbin/dropbear"
echo ""
echo " Option 2: Build from source with CGO_ENABLED=0 equivalent"
echo ""
echo "==> After adding dropbear, rebuild:"
echo " make initramfs iso"
echo ""
echo "==> Then connect with:"
echo " ssh -p 2222 root@localhost (when using hack/dev-vm.sh)"
Reference in New Issue View Git Blame Copy Permalink