apiVersion: v1 kind: Namespace metadata: labels: pod-security.kubernetes.io/enforce: privileged name: debug spec: {} --- apiVersion: apps/v1 kind: Deployment metadata: name: debug namespace: debug labels: name: debug spec: selector: matchLabels: name: debug template: metadata: labels: name: debug spec: containers: - name: debug # image: nixery.dev/shell/nix/tmux/vim # command: # - sleep # - infinity image: lscr.io/linuxserver/openssh-server:latest env: - name: PUBLIC_KEY_URL value: https://github.com/zoriya.keys - name: SUDO_ACCESS value: "true" - name: USER_NAME value: zoriya - name: LISTEN_PORT value: "22" securityContext: privileged: true volumeMounts: - mountPath: /dev name: dev - mountPath: /host name: host volumes: - name: host hostPath: path: / type: Directory - name: dev hostPath: path: /dev type: Directory --- apiVersion: v1 kind: Service metadata: name: debug namespace: debug spec: selector: name: debug type: LoadBalancer ports: - protocol: TCP port: 22 targetPort: 22 --- apiVersion: apps/v1 kind: Deployment metadata: name: ubuntu namespace: debug labels: name: ubuntu spec: selector: matchLabels: name: ubuntu template: metadata: labels: name: ubuntu spec: containers: - name: ubuntu image: ubuntu command: - sleep - infinity securityContext: privileged: true volumeMounts: - mountPath: /dev name: dev - mountPath: /host name: host volumes: - name: host hostPath: path: / type: Directory - name: dev hostPath: path: /dev type: Directory tolerations: - key: node.kubernetes.io/disk-pressure operator: Exists effect: PreferNoSchedule