_medium.jpeg)
Kharon ferries your connections safely across the river Styx SSH jumphosts into the underworld private networks.
Kharon is a smart cluster access solution tailored to VSHNs management of Kubernetes clusters over SSH jumphosts.
Starts a socks5 proxy that automatically routes cluster domains of configured jumphosts.
The tool has only been tested on Linux and macOS, but should work on any platform supported by Go and OpenSSH.
Currently the tool relies on a SSH agent running. Either the SSH_AUTH_SOCK environment variable must be set, or a globally set IdentityAgent in the SSH config must be present.
Setup SSH Jumphost (sshop).
Install kharon in your PATH by either downloading the latest release or building from source:
make build
mv kharon ~/.local/bin
# Ensure kharon can be executed from your PATH
kharon helpPull the latest cluster and jumphost information from the API:
kharon updateInstall the proxy with the interactive installer:
# This will install a systemd/launchd unit interactively.
# The proxy will be set up in "on-demand" mode, which means it will only start when
# a connection is made to the proxy port and will stop after a period of inactivity.
# Don't forget to setup auto-complete for your shell of choice, the installer will remind you to do so!
kharon installPoint your browser to socks5h://localhost:12000 or get a shell with environment and kube configs set up:
kharon shellor login to your cluster of choice directly (the APPUiO lab cluster is a good candidate for testing):
kharon oc-web-login c-appuio-lab-cloudscale-rma-0