kubernetes · tstromberg · Jan 24, 2020 · Jan 24, 2020 · Jan 24, 2020 · Jan 24, 2020
diff --git a/Makefile b/Makefile
@@ -485,8 +485,8 @@ endif
 
 .PHONY: kic-base-image
 kic-base-image: ## builds the base image used for kic.
-	docker rmi -f $(REGISTRY)/kicbase:v0.0.1-snapshot || true
-	docker build -f ./hack/images/kicbase.Dockerfile -t $(REGISTRY)/kicbase:v0.0.1-snapshot  --build-arg COMMIT_SHA=${VERSION}-$(COMMIT)  .
+	docker rmi -f $(REGISTRY)/kicbase:v0.0.2-snapshot || true
+	docker build -f ./hack/images/kicbase.Dockerfile -t $(REGISTRY)/kicbase:v0.0.2-snapshot  --build-arg COMMIT_SHA=${VERSION}-$(COMMIT)  .
 
 
 

diff --git a/hack/images/kicbase.Dockerfile b/hack/images/kicbase.Dockerfile
@@ -1,10 +1,21 @@
 ARG COMMIT_SHA
+# for now using node image created by kind https://github.com/kubernetes-sigs/kind
+# could be changed to slim ubuntu with systemd. 
 FROM kindest/node:v1.16.2
 USER root
 RUN apt-get update && apt-get install -y \
   sudo \
   dnsutils \
+  openssh-server \
   && apt-get clean -y 
+# based on https://github.com/rastasheep/ubuntu-sshd/blob/master/18.04/Dockerfile
+# making SSH work for docker container 
+RUN mkdir /var/run/sshd
+RUN echo 'root:root' |chpasswd
+RUN sed -ri 's/^#?PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config
+RUN sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config
+EXPOSE 22
+# Deleting all "kind" related stuff from the image.
 RUN rm -rf \
     /var/cache/debconf/* \
     /var/lib/apt/lists/* \
@@ -16,3 +27,10 @@ RUN rm -rf \
     /usr/share/local/* \
     /kind/bin/kubeadm /kind/bin/kubelet /kind/systemd /kind/images /kind/manifests
 RUN echo "kic! Build: ${COMMIT_SHA} Time :$(date)" > "/kic.txt"
+# for minikube ssh. to match VM using docker username
+RUN adduser --disabled-password --gecos '' docker
+RUN adduser docker sudo
+RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+USER docker
+RUN mkdir /home/docker/.ssh
+USER root
diff --git a/pkg/drivers/kic/kic.go b/pkg/drivers/kic/kic.go
@@ -23,12 +23,17 @@ import (
 	"strings"
 
 	"github.com/docker/machine/libmachine/drivers"
+	"github.com/docker/machine/libmachine/ssh"
 	"github.com/docker/machine/libmachine/state"
+	"github.com/golang/glog"
 	"github.com/pkg/errors"
+	"github.com/spf13/viper"
 	pkgdrivers "k8s.io/minikube/pkg/drivers"
 	"k8s.io/minikube/pkg/drivers/kic/node"
 	"k8s.io/minikube/pkg/drivers/kic/oci"
+	"k8s.io/minikube/pkg/minikube/assets"
 	"k8s.io/minikube/pkg/minikube/command"
+	"k8s.io/minikube/pkg/minikube/config"
 	"k8s.io/minikube/pkg/minikube/constants"
 )
 
@@ -39,7 +44,9 @@ const DefaultPodCIDR = "10.244.0.0/16"
 const DefaultBindIPV4 = "127.0.0.1"
 
 // BaseImage is the base image is used to spin up kic containers created by kind.
-const BaseImage = "gcr.io/k8s-minikube/kicbase:v0.0.1@sha256:c4ad2938877d2ae0d5b7248a5e7182ff58c0603165c3bedfe9d503e2d380a0db"
+// const BaseImage = "gcr.io/k8s-minikube/kicbase:v0.0.1@sha256:c4ad2938877d2ae0d5b7248a5e7182ff58c0603165c3bedfe9d503e2d380a0db"
+// BaseImage is the base image is used to spin up kic containers created by kind.
+const BaseImage = "kicbase:local"
 
 // OverlayImage is the cni plugin used for overlay image, created by kind.
 const OverlayImage = "kindest/kindnetd:0.5.3"
@@ -56,16 +63,17 @@ type Driver struct {
 
 // Config is configuration for the kic driver used by registry
 type Config struct {
-	MachineName  string            // maps to the container name being created
-	CPU          int               // Number of CPU cores assigned to the container
-	Memory       int               // max memory in MB
-	StorePath    string            // libmachine store path
-	OCIBinary    string            // oci tool to use (docker, podman,...)
-	ImageDigest  string            // image name with sha to use for the node
-	HostBindPort int               // port to connect to forward from container to user's machine
-	Mounts       []oci.Mount       // mounts
-	PortMappings []oci.PortMapping // container port mappings
-	Envs         map[string]string // key,value of environment variables passed to the node
+	MachineName     string            // maps to the container name being created
+	CPU             int               // Number of CPU cores assigned to the container
+	Memory          int               // max memory in MB
+	StorePath       string            // libmachine store path
+	OCIBinary       string            // oci tool to use (docker, podman,...)
+	ImageDigest     string            // image name with sha to use for the node
+	APIHostBindPort int               // bind port for api server
+	SSHHostBindPort int               // bind port for ssh server
+	Mounts          []oci.Mount       // mounts
+	PortMappings    []oci.PortMapping // container port mappings
+	Envs            map[string]string // key,value of environment variables passed to the node
 }
 
 // NewDriver returns a fully configured Kic driver
@@ -91,21 +99,53 @@ func (d *Driver) Create() error {
 		CPUs:         strconv.Itoa(d.NodeConfig.CPU),
 		Memory:       strconv.Itoa(d.NodeConfig.Memory) + "mb",
 		Envs:         d.NodeConfig.Envs,
-		ExtraArgs:    []string{"--expose", fmt.Sprintf("%d", d.NodeConfig.HostBindPort)},
+		ExtraArgs:    []string{"--expose", fmt.Sprintf("%d", d.NodeConfig.APIHostBindPort)},
 		OCIBinary:    d.NodeConfig.OCIBinary,
 	}
 
 	// control plane specific options
 	params.PortMappings = append(params.PortMappings, oci.PortMapping{
-		ListenAddress: "127.0.0.1",
-		HostPort:      int32(d.NodeConfig.HostBindPort),
+		ListenAddress: DefaultBindIPV4,
+		HostPort:      int32(d.NodeConfig.APIHostBindPort),
 		ContainerPort: constants.APIServerPort,
-	})
-
+	},
+		oci.PortMapping{
+			ListenAddress: DefaultBindIPV4,
+			HostPort:      int32(d.NodeConfig.APIHostBindPort) + constants.SSHPort, // TODO: @medyagh: use github.com/phayes/freeport instead.
+			ContainerPort: constants.SSHPort,
+		},
+	)
 	_, err := node.CreateNode(params)
 	if err != nil {
 		return errors.Wrap(err, "create kic node")
 	}
+
+	if err := d.prepareSSH(); err != nil {
+		return errors.Wrap(err, "prepare kic ssh")
+	}
+	return nil
+}
+
+// prepareSSH will generate keys and copy to the container so minikube ssh works
+func (d *Driver) prepareSSH() error {
+	keyPath := d.GetSSHKeyPath()
+	glog.Infof("Creating ssh key for kic: %s...", keyPath)
+	if err := ssh.GenerateSSHKey(keyPath); err != nil {
+		return errors.Wrap(err, "generate ssh key")
+	}
+
+	cmder := command.NewKICRunner(d.NodeConfig.MachineName, d.NodeConfig.OCIBinary)
+	f, err := assets.NewFileAsset(d.GetSSHKeyPath()+".pub", "/home/docker/.ssh/", "authorized_keys", "0644")
+	if err != nil {
+		return errors.Wrap(err, "create pubkey assetfile ")
+	}
+	if err := cmder.Copy(f); err != nil {
+		return errors.Wrap(err, "copying pub key")
+	}
+	if rr, err := cmder.RunCmd(exec.Command("chown", "docker:docker", "/home/docker/.ssh/authorized_keys")); err != nil {
+		return errors.Wrapf(err, "apply authorized_keys file ownership, output %s", rr.Output())
+	}
+
 	return nil
 }
 
@@ -129,12 +169,17 @@ func (d *Driver) GetIP() (string, error) {
 
 // GetSSHHostname returns hostname for use with ssh
 func (d *Driver) GetSSHHostname() (string, error) {
-	return "", fmt.Errorf("driver does not have SSHHostName")
+	return DefaultBindIPV4, nil
 }
 
 // GetSSHPort returns port for use with ssh
 func (d *Driver) GetSSHPort() (int, error) {
-	return 0, fmt.Errorf("driver does not support GetSSHPort")
+	cc, err := config.Load(viper.GetString(config.MachineProfile))
+	if err != nil {
+		glog.Infof("error loading config file which may be okay on first run : %v ", err)
+		return 22, nil
+	}
+	return int(cc.SSHBindPort), nil
 }
 
 // GetURL returns ip of the container running kic control-panel

diff --git a/pkg/minikube/config/types.go b/pkg/minikube/config/types.go
@@ -65,7 +65,8 @@ type MachineConfig struct {
 	HostOnlyNicType     string // Only used by virtualbox
 	NatNicType          string // Only used by virtualbox
 	Addons              map[string]bool
-	NodeBindPort        int32 // Only used by kic
+	APIBindPort         int32 // the host port to bind to apiserver inside the container only used by kic
+	SSHBindPort         int32 // the host port to bind to ssh service inside the container only used by kic
 }
 
 // KubernetesConfig contains the parameters used to configure the VM Kubernetes.

diff --git a/pkg/minikube/constants/constants.go b/pkg/minikube/constants/constants.go
@@ -27,6 +27,8 @@ import (
 )
 
 const (
+	// SSHPort is the SSH serviceport on the node vm and container
+	SSHPort = 22
 	// APIServerPort is the default API server port
 	APIServerPort = 8443
 	// APIServerName is the default API server name

diff --git a/pkg/minikube/registry/drvs/docker/docker.go b/pkg/minikube/registry/drvs/docker/docker.go
@@ -43,13 +43,13 @@ func init() {
 
 func configure(mc config.MachineConfig) interface{} {
 	return kic.NewDriver(kic.Config{
-		MachineName:  mc.Name,
-		StorePath:    localpath.MiniPath(),
-		ImageDigest:  kic.BaseImage,
-		CPU:          mc.CPUs,
-		Memory:       mc.Memory,
-		HostBindPort: mc.KubernetesConfig.NodePort,
-		OCIBinary:    oci.Docker,
+		MachineName:     mc.Name,
+		StorePath:       localpath.MiniPath(),
+		ImageDigest:     kic.BaseImage,
+		CPU:             mc.CPUs,
+		Memory:          mc.Memory,
+		APIHostBindPort: mc.KubernetesConfig.NodePort,
+		OCIBinary:       oci.Docker,
 	})
 
 }