We need to generate a ssh key pair for the jumpserver to use. You can do this by running the following command:
ssh-keygen -t ed25519 -C "<name-of-the-jumpserver>" -f <name-of-the-jumpserver>After that you will have a <name-of-the-jumpserver> file with the private key and a <name-of-the-jumpserver>.pub file with the public key.
ssh_host_rsa_key = <content-of-the-jumpserver-file>
ssh_host_rsa_key_public = <content-of-the-jumpserver-file.pub>No requirements.
| Name | Version |
|---|---|
| kubernetes | n/a |
No modules.
| Name | Type |
|---|---|
| kubernetes_config_map.main | resource |
| kubernetes_deployment.main | resource |
| kubernetes_secret.main | resource |
| kubernetes_service.main | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| image_repository | Repository of the image used to deploy the jumpserver. | string |
"linuxserver/openssh-server" |
no |
| image_tag | Tag of the image used to deploy the jumpserver. | string |
"9.7_p1-r4-ls163" |
no |
| load_balancer_class | The class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix. This field can only be set when the svc_type is LoadBalancer | string |
"service.k8s.aws/nlb" |
no |
| motd_name | Name of the place where the user joined. Defaults to 'jumpserver', so it shows: 'Welcome to jumpserver' | string |
"jumpserver" |
no |
| name | Name of the resource. Defaults to 'jumpserver' | string |
"jumpserver" |
no |
| name_prefix | Prefix of the resource. If not specified it won't add a prefix. | string |
"" |
no |
| namespace | Namespace where the resource will be deployed. If not specified it will be deployed in 'default' namespace. | string |
"default" |
no |
| shell_no_login | Determines whether it is possible to login into shell when connecting via SSH with the created user. By default the user is not allowed to shell via SSH, to change this behaviour please set this variable to 'false' | bool |
true |
no |
| ssh_host_rsa_key | Private key used by the OpenSSH server. If not defined it will generated automatically, but won't be saved. | string |
"" |
no |
| ssh_host_rsa_key_public | Public key used by the OpenSSH server. If not defined it will generated automatically, but won't be saved. | string |
"" |
no |
| ssh_keys | List of SSH keys to be added to the authorized keys list. Should be in the same format as the 'authorized_keys' file, represented in Heredoc style as a multi-line string value. | string |
n/a | yes |
| ssh_log_to_stdout | If set to true it will log the SSH connection to stdout. | bool |
true |
no |
| ssh_port | Specify the port that OpenSSH server will bind to. The port value can't be below 1024. If not defined it will use '2222' as default. | number |
2222 |
no |
| ssh_user | Specify a username to connect to. If not defined it will use 'user' as default. | string |
"user" |
no |
| svc_annotations | Map of annotations for the service. | map(any) |
{} |
no |
| svc_create | If set to true it will create the service. | bool |
true |
no |
| svc_port | Port where the OpenSSH will be exposed. If not defined it will use '22' as default | number |
22 |
no |
| svc_type | Type of the Service | string |
"LoadBalancer" |
no |
| Name | Description |
|---|---|
| port_name | Name of the port of the container |