updateddocsandaddedclaudecode

author: hc <hc@email.ch> 2025-05-31 15:16:23 +0800
committer: hc <hc@email.ch> 2025-05-31 15:16:23 +0800
commit: ce511f49438761549e904d6e972b8c0635306ff9 (patch)
tree: 17ca3c8db244366a78e425b6456cdf7d602ca209
parent: 3a824121c7338ec395cf027156ea83f29fe1e6a4 (diff)
3 files changed, 44 insertions, 42 deletions
diff --git a/docker_build/Dockerfile b/docker_build/Dockerfile
index f5d0a46..5df57d2 100644
--- a/docker_build/Dockerfile
+++ b/docker_build/Dockerfile
@@ -15,12 +15,10 @@ RUN mkdir -p /var/run/sshd && \
    sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config && \
    sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config && \
    echo "AllowAgentForwarding yes" >> /etc/ssh/sshd_config
 # Setup SSH directory for root and ensure root has valid shell
 RUN mkdir -p /root/.ssh && \
    chmod 700 /root/.ssh && \
    usermod -s /bin/bash root
 # Copy SSH public keys from ssh-keys directory into the image
 COPY ssh-keys/*.pub /tmp/ssh-keys/
 RUN cat /tmp/ssh-keys/*.pub > /root/.ssh/authorized_keys && \
@@ -41,6 +39,18 @@ RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y && \
    source "$HOME/.cargo/env" && \
    cargo install cargo-clone-crate cargo-edit cargo-info evcxr_jupyter bacon du-dust
+# Install Node.js via nvm and claude-code
+RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash && \
+    export NVM_DIR="$HOME/.nvm" && \
+    [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" && \
+    nvm install 22 && \
+    npm install -g @anthropic-ai/claude-code
+# Add nvm to bashrc for future sessions
+RUN echo 'export NVM_DIR="$HOME/.nvm"' >> ~/.bashrc && \
+    echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"' >> ~/.bashrc && \
+    echo '[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"' >> ~/.bashrc
 # Set working directory
 WORKDIR /root
@@ -48,4 +58,4 @@ WORKDIR /root
 EXPOSE 22
 # Start SSH daemon
-CMD ["/usr/sbin/sshd", "-D", "-e"]
-\ No newline at end of file
+CMD ["/usr/sbin/sshd", "-D", "-e"]
diff --git a/docs b/docs
index 50aca64..698feb5 100644
--- a/docs
+++ b/docs
@@ -1,48 +1,40 @@
 # Rocky SSH Container
-Rocky Linux development environment with SSH access for Podman and Kubernetes.
-## Launcher Commands
+## Podman
 ```bash
-# Check image status and show build commands
+python3 podman_launch_devenv.py
-python3 launcher.py
+python3 podman_launch_devenv.py run
-python3 launcher.py run
+python3 podman_launch_devenv.py run -p 2222
-python3 launcher.py run -p 2222
+python3 podman_launch_devenv.py list
-python3 launcher.py list
+python3 podman_launch_devenv.py cleanup
-python3 launcher.py cleanup
 ```
-## Kubernetes Commands
+## Kubernetes
 ```bash
 kubectl apply -f rocky-ssh-deployment.yaml
-# Check pods with IPs
+kubectl get pods -l app=rocky-dev -o wide
-kubectl get pods -l app=rocky-dev-deploy -o wide
+kubectl get svc rocky-dev-svc
-# Check services (networking), get deployment is for stateless (not this)
+kubectl delete pod rocky-dev-0
-kubectl get svc rocky-dev-deploy-svc
+kubectl scale statefulset rocky-dev --replicas=10
-# Delete specific pod (auto-recreates)
-kubectl delete pod rocky-dev-deploy-0
-# Scale replicas
-kubectl scale statefulset rocky-dev-deploy --replicas=10
 kubectl delete -f rocky-ssh-deployment.yaml
 ```
-## Local Registry (for Kubernetes)
+## Local Registry
 ```bash
-# Run a local registry
 podman run -d -p 5000:5000 --name registry registry:2
-# Tag and push to local registry
 podman tag localhost/rocky_dev:latest localhost:5000/rocky_dev:latest
 podman push localhost:5000/rocky_dev:latest --tls-verify=false
-# Update image in rocky-ssh-deployment.yaml to: localhost:5000/rocky_dev:latest
 ```
-## SSH Access
+## Access
 ```bash
-# Podman (launcher shows connection command)
+# Direct shell
-ssh root@<host> -p <port>
+kubectl exec -it rocky-dev-0 -- /bin/bash
-# Kubernetes (port forward - localhost only)
-kubectl port-forward <pod-name> 2222:22
+# SSH with agent forwarding (2 terminals)
-ssh root@localhost -p 2222
+kubectl port-forward rocky-dev-0 2222:22
-# Kubernetes (port forward - external access)
+ssh-agent bash -c 'ssh-add ~/macm4-resident && ssh -A -p 2222 root@localhost'
-kubectl port-forward --address 0.0.0.0 <pod-name> 9999:22
-ssh root@<host> -p 9999
+# External
+kubectl port-forward --address 0.0.0.0 rocky-dev-0 9999:22
 ```
diff --git a/rocky-ssh-deployment.yaml b/rocky-ssh-deployment.yaml
index 61e0dc9..0d30e59 100644
--- a/rocky-ssh-deployment.yaml
+++ b/rocky-ssh-deployment.yaml
@@ -1,23 +1,23 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: rocky-dev-deploy
+  name: rocky-dev
  labels:
-    app: rocky-dev-deploy
+    app: rocky-dev
 spec:
-  serviceName: rocky-dev-deploy-svc
+  serviceName: rocky-dev-svc
-  replicas: 3
+  replicas: 2
  selector:
    matchLabels:
-      app: rocky-dev-deploy
+      app: rocky-dev
  template:
    metadata:
      labels:
-        app: rocky-dev-deploy
+        app: rocky-dev
    spec:
      containers:
-      - name: rocky-dev-deploy
+      - name: rocky-dev
-        image: localhost:5000/rocky_dev:latest
+        image: rocky_dev:latest
        imagePullPolicy: IfNotPresent  # Use local image
        ports:
        - containerPort: 22
@@ -38,7 +38,7 @@ spec:
 apiVersion: v1
 kind: Service
 metadata:
-  name: rocky-dev-deploy-svc
+  name: rocky-dev-svc
 spec:
  clusterIP: None
  selector:
author	hc <hc@email.ch>	2025-05-31 15:16:23 +0800
committer	hc <hc@email.ch>	2025-05-31 15:16:23 +0800
commit	ce511f49438761549e904d6e972b8c0635306ff9 (patch)
tree	17ca3c8db244366a78e425b6456cdf7d602ca209
parent	3a824121c7338ec395cf027156ea83f29fe1e6a4 (diff)

diff --git a/docker_build/Dockerfile b/docker_build/Dockerfile index f5d0a46..5df57d2 100644 --- a/docker_build/Dockerfile +++ b/docker_build/Dockerfile
@@ -15,12 +15,10 @@ RUN mkdir -p /var/run/sshd && \
15	sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config && \	15	sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config && \
16	sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config && \	16	sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config && \
17	echo "AllowAgentForwarding yes" >> /etc/ssh/sshd_config	17	echo "AllowAgentForwarding yes" >> /etc/ssh/sshd_config
18
19	# Setup SSH directory for root and ensure root has valid shell	18	# Setup SSH directory for root and ensure root has valid shell
20	RUN mkdir -p /root/.ssh && \	19	RUN mkdir -p /root/.ssh && \
21	chmod 700 /root/.ssh && \	20	chmod 700 /root/.ssh && \
22	usermod -s /bin/bash root	21	usermod -s /bin/bash root
23
24	# Copy SSH public keys from ssh-keys directory into the image	22	# Copy SSH public keys from ssh-keys directory into the image
25	COPY ssh-keys/*.pub /tmp/ssh-keys/	23	COPY ssh-keys/*.pub /tmp/ssh-keys/
26	RUN cat /tmp/ssh-keys/*.pub > /root/.ssh/authorized_keys && \	24	RUN cat /tmp/ssh-keys/*.pub > /root/.ssh/authorized_keys && \
@@ -41,6 +39,18 @@ RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs \| sh -s -- -y && \
41	source "$HOME/.cargo/env" && \	39	source "$HOME/.cargo/env" && \
42	cargo install cargo-clone-crate cargo-edit cargo-info evcxr_jupyter bacon du-dust	40	cargo install cargo-clone-crate cargo-edit cargo-info evcxr_jupyter bacon du-dust
43		41
		42	# Install Node.js via nvm and claude-code
		43	RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh \| bash && \
		44	export NVM_DIR="$HOME/.nvm" && \
		45	[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" && \
		46	nvm install 22 && \
		47	npm install -g @anthropic-ai/claude-code
		48
		49	# Add nvm to bashrc for future sessions
		50	RUN echo 'export NVM_DIR="$HOME/.nvm"' >> ~/.bashrc && \
		51	echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"' >> ~/.bashrc && \
		52	echo '[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"' >> ~/.bashrc
		53
44	# Set working directory	54	# Set working directory
45	WORKDIR /root	55	WORKDIR /root
46		56
@@ -48,4 +58,4 @@ WORKDIR /root
48	EXPOSE 22	58	EXPOSE 22
49		59
50	# Start SSH daemon	60	# Start SSH daemon
51	CMD ["/usr/sbin/sshd", "-D", "-e"] \ No newline at end of file	61	CMD ["/usr/sbin/sshd", "-D", "-e"]


diff --git a/docs b/docs index 50aca64..698feb5 100644 --- a/docs +++ b/docs
@@ -1,48 +1,40 @@
1	# Rocky SSH Container	1	# Rocky SSH Container
2	Rocky Linux development environment with SSH access for Podman and Kubernetes.
3		2
4	## Launcher Commands	3	## Podman
5	```bash	4	```bash
6	# Check image status and show build commands	5	python3 podman_launch_devenv.py
7	python3 launcher.py	6	python3 podman_launch_devenv.py run
8	python3 launcher.py run	7	python3 podman_launch_devenv.py run -p 2222
9	python3 launcher.py run -p 2222	8	python3 podman_launch_devenv.py list
10	python3 launcher.py list	9	python3 podman_launch_devenv.py cleanup
11	python3 launcher.py cleanup
12	```	10	```
13		11
14	## Kubernetes Commands	12	## Kubernetes
15	```bash	13	```bash
16	kubectl apply -f rocky-ssh-deployment.yaml	14	kubectl apply -f rocky-ssh-deployment.yaml
17	# Check pods with IPs	15	kubectl get pods -l app=rocky-dev -o wide
18	kubectl get pods -l app=rocky-dev-deploy -o wide	16	kubectl get svc rocky-dev-svc
19	# Check services (networking), get deployment is for stateless (not this)	17	kubectl delete pod rocky-dev-0
20	kubectl get svc rocky-dev-deploy-svc	18	kubectl scale statefulset rocky-dev --replicas=10
21	# Delete specific pod (auto-recreates)
22	kubectl delete pod rocky-dev-deploy-0
23	# Scale replicas
24	kubectl scale statefulset rocky-dev-deploy --replicas=10
25	kubectl delete -f rocky-ssh-deployment.yaml	19	kubectl delete -f rocky-ssh-deployment.yaml
26	```	20	```
27		21
28	## Local Registry (for Kubernetes)	22	## Local Registry
29	```bash	23	```bash
30	# Run a local registry
31	podman run -d -p 5000:5000 --name registry registry:2	24	podman run -d -p 5000:5000 --name registry registry:2
32	# Tag and push to local registry
33	podman tag localhost/rocky_dev:latest localhost:5000/rocky_dev:latest	25	podman tag localhost/rocky_dev:latest localhost:5000/rocky_dev:latest
34	podman push localhost:5000/rocky_dev:latest --tls-verify=false	26	podman push localhost:5000/rocky_dev:latest --tls-verify=false
35	# Update image in rocky-ssh-deployment.yaml to: localhost:5000/rocky_dev:latest
36	```	27	```
37		28
38	## SSH Access	29	## Access
39	```bash	30	```bash
40	# Podman (launcher shows connection command)	31	# Direct shell
41	ssh root@<host> -p <port>	32	kubectl exec -it rocky-dev-0 -- /bin/bash
42	# Kubernetes (port forward - localhost only)	33
43	kubectl port-forward <pod-name> 2222:22	34	# SSH with agent forwarding (2 terminals)
44	ssh root@localhost -p 2222	35	kubectl port-forward rocky-dev-0 2222:22
45	# Kubernetes (port forward - external access)	36	ssh-agent bash -c 'ssh-add ~/macm4-resident && ssh -A -p 2222 root@localhost'
46	kubectl port-forward --address 0.0.0.0 <pod-name> 9999:22	37
47	ssh root@<host> -p 9999	38	# External
		39	kubectl port-forward --address 0.0.0.0 rocky-dev-0 9999:22
48	```	40	```


diff --git a/rocky-ssh-deployment.yaml b/rocky-ssh-deployment.yaml index 61e0dc9..0d30e59 100644 --- a/rocky-ssh-deployment.yaml +++ b/rocky-ssh-deployment.yaml
@@ -1,23 +1,23 @@
1	apiVersion: apps/v1	1	apiVersion: apps/v1
2	kind: StatefulSet	2	kind: StatefulSet
3	metadata:	3	metadata:
4	name: rocky-dev-deploy	4	name: rocky-dev
5	labels:	5	labels:
6	app: rocky-dev-deploy	6	app: rocky-dev
7	spec:	7	spec:
8	serviceName: rocky-dev-deploy-svc	8	serviceName: rocky-dev-svc
9	replicas: 3	9	replicas: 2
10	selector:	10	selector:
11	matchLabels:	11	matchLabels:
12	app: rocky-dev-deploy	12	app: rocky-dev
13	template:	13	template:
14	metadata:	14	metadata:
15	labels:	15	labels:
16	app: rocky-dev-deploy	16	app: rocky-dev
17	spec:	17	spec:
18	containers:	18	containers:
19	- name: rocky-dev-deploy	19	- name: rocky-dev
20	image: localhost:5000/rocky_dev:latest	20	image: rocky_dev:latest
21	imagePullPolicy: IfNotPresent # Use local image	21	imagePullPolicy: IfNotPresent # Use local image
22	ports:	22	ports:
23	- containerPort: 22	23	- containerPort: 22
@@ -38,7 +38,7 @@ spec:
38	apiVersion: v1	38	apiVersion: v1
39	kind: Service	39	kind: Service
40	metadata:	40	metadata:
41	name: rocky-dev-deploy-svc	41	name: rocky-dev-svc
42	spec:	42	spec:
43	clusterIP: None	43	clusterIP: None
44	selector:	44	selector: