Knock-knockin’ on kubelet’s door. From the doormat to full node access.

Through this article, we will see a Proof of Concept on how to:

  • Find public unauthenticated kubelet APIs.
  • Use kubelet API to do remote code execution on containers.
  • Gain an interactive shell on a container running inside a node.
  • Explore credentials and access the API Server from inside, with cluster-admin privileges.
  • Spawn a privileged container and escape to the node host.

Table of Contents

· Introduction
· Kubelet API
Don’t Panic (yet)
· Searching for public unauthenticated APIs
· Proof of Concept
Creating a test environment
Remote Code Execution
Obtaining Service Account Tokens
Accessing the API from inside
Escaping the…

An introduction to Prometheus Operator, how to deploy it in Minikube (with helm) and configure alert notifications for Slack.


If you are not patient and wants to skip the better part of the learning, here is your commands/files:

# Minikube setup
$ minikube start --kubernetes-version=v1.13.4 \
--memory=4096 \
--bootstrapper=kubeadm \
--extra-config=scheduler.address= \
# Helm Initialization
$ kubectl create serviceaccount tiller --namespace kube-system
$ kubectl create clusterrolebinding tiller-role-binding --clusterrole cluster-admin --serviceaccount=kube-system:tiller$ helm init --service-account tiller# Installing Prometheus Operator
$ helm install stable/prometheus-operator --version=4.3.6 --name=monitoring --namespace=monitoring --values=values_minikube.yaml


An introduction about terms, tools, Prometheus components and the architecture of the monitoring stack.

Prometheus, a Cloud Native Computing Foundation project, is a systems and service monitoring system.
It collects metrics…

When you are working with multiple Kubernetes clusters, it’s easy to mess up with contexts and run kubectl in the wrong cluster. You don’t want to contribute to the kubernetes-failure-stories, I guess.

Beyond that, Kubernetes has restrictions for versioning mismatch between the client (kubectl) and server (kubernetes master), so running commands in the right context does not mean running the right client version.

[…] a client should be skewed no more than one minor version from the master, but may lead the master by up to one minor version.

Fortunately, there are some useful tools out there to help, which…

Linux lover, DevOps enthusiast, Kubernetes adept and {{insert_another_catchphrase}} —

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store