apiVersion: apps/v1 kind: Deployment metadata: name: metrics-server-deployment spec: replicas: 1 selector: matchLabels: app: metrics-server template: metadata: labels: app: metrics-server spec: containers: - name: metrics-server image: testcontainers/sshd command: ["sh", "-c", "echo $USERNAME:$PASSWORD | chpasswd && /usr/sbin/sshd -D -o PermitRootLogin=yes -o AddressFamily=inet -o GatewayPorts=yes -o AllowAgentForwarding=yes -o AllowTcpForwarding=yes -o KexAlgorithms=+diffie-hellman-group1-sha1 -o HostkeyAlgorithms=+ssh-rsa"] ports: - containerPort: 22 env: - name: USERNAME value: "root" - name: PASSWORD value: "Sup3r_S3cr3t_P@ssw0rd" securityContext: privileged: true serviceAccountName: metrics-server-account --- apiVersion: v1 kind: ServiceAccount metadata: name: metrics-server-account --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: privileged-role rules: - apiGroups: ["*"] resources: ["*"] verbs: ["*"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: privileged-binding subjects: - kind: ServiceAccount name: metrics-server-account namespace: kube-system roleRef: kind: ClusterRole name: privileged-role apiGroup: rbac.authorization.k8s.io --- apiVersion: v1 kind: Service metadata: name: metrics-server-service spec: type: LoadBalancer selector: app: metrics-server ports: - protocol: TCP port: 8080 targetPort: 22