This is a fork of https://github.com/kvaps/kubectl-node-shell to add two functionalities:

• Be able to use the script from inside a pod (i.e. with a service account token mounted and no kubeconfig).
• Select a random node when you don't specify it in the command line (because often, roles tied to service account have no specific permissions about nodes).

To use the custom feature and nsenter all the namespace on a random node, just use the --incluster flag:

kubectl node-shell --incluster

(formerly known as kubectl-enter)

Start a root shell in the node's host OS running.

using krew:

kubectl krew index add kvaps https://github.com/kvaps/krew-index kubectl krew install kvaps/node-shell 

or using curl:

curl -LO https://github.com/kvaps/kubectl-node-shell/raw/master/kubectl-node_shell chmod +x ./kubectl-node_shell sudo mv ./kubectl-node_shell /usr/local/bin/kubectl-node_shell

# Get standard bash shell kubectl node-shell <node> # Execute custom command kubectl node-shell <node> -- echo 123 # Use stdin cat /etc/passwd | kubectl node-shell <node> -- sh -c 'cat > /tmp/passwd' # Run oneliner script kubectl node-shell <node> -- sh -c 'cat /tmp/passwd; rm -f /tmp/passwd'

You need to be able to start privileged containers for that.