#!/bin/bash # For each user who needs to use this script you may create the .authorized_keys file using the following pattern: #command="/usr/local/bin/tcp-proxy",no-user-rc,no-x11-forwarding,no-agent-forwarding,no-pty,permitopen="127.0.0.1:23306",permitopen="127.0.0.1:21443" ssh-rsa user@host APP="$SSH_ORIGINAL_COMMAND" case "$APP" in db) USERPORT=23306 TARGETPORT=3306 ;; mssql) USERPORT=21443 TARGETPORT=1433 ;; *) echo "Usage: ssh remotecon@master01.staging.example.com -L3306:127.0.0.1:23306 " echo "Available services:\nmssql \ndb" exit esac export KUBECONFIG=/home/remotecon/k8s-admin-sa-staging-conf SVC=`kubectl get svc $APP --output=go-template --template='{{.metadata.name}}'` echo "Port forwarding $SVC:$TARGETPORT to 127.0.0.1:$USERPORT ..." FWDPID=`ps ax | grep "svc\/$SVC" | awk '{print $1}'` if [ -z $FWDPID ] ; then /usr/sbin/daemonize /usr/local/bin/kubectl port-forward svc/$SVC $USERPORT:$TARGETPORT FWDPID=`ps ax | grep "svc\/$SVC" | awk '{print $1}'` echo "Spawning new forwarder at pid $FWDPID." else echo "Using the running forwarder at pid $FWDPID." fi echo "Press any key to end the session..." read X