Kubernetes kubectl debug 调试无法 exec 进入的容器
Kubernetes Debug kubectl 大约 3939 字无法进入容器
有些镜像,像distroless
,为了容器的精简和安全,不提供shell
,从而exec
无法进入容器。
kubectl debug
使用kubectl debug
可以开启一个Ephemeral Container
临时容器去进行Debug
。
示例
调试 Pod
kubectl debug test-pod-894cb5d4f-2mpk5 -it --image=busybox:1.34.1
调试 Node
Kubernetes
的节点也可以使用kubectl debug
进行调试
kubectl debug node/minikube -it --image=busybox:1.34.1
更多使用
PS C:\> kubectl debug -h
Debug cluster resources using interactive debugging containers.
'debug' provides automation for common debugging tasks for cluster objects identified by resource and name. Pods will
be used by default if no resource is specified.
The action taken by 'debug' varies depending on what resource is specified. Supported actions include:
* Workload: Create a copy of an existing pod with certain attributes changed, for example changing the image tag to a
new version.
* Workload: Add an ephemeral container to an already running pod, for example to add debugging utilities without
restarting the pod.
* Node: Create a new pod that runs in the node's host namespaces and can access the node's filesystem.
Examples:
# Create an interactive debugging session in pod mypod and immediately attach to it.
# (requires the EphemeralContainers feature to be enabled in the cluster)
kubectl debug mypod -it --image=busybox
# Create a debug container named debugger using a custom automated debugging image.
# (requires the EphemeralContainers feature to be enabled in the cluster)
kubectl debug --image=myproj/debug-tools -c debugger mypod
# Create a copy of mypod adding a debug container and attach to it
kubectl debug mypod -it --image=busybox --copy-to=my-debugger
# Create a copy of mypod changing the command of mycontainer
kubectl debug mypod -it --copy-to=my-debugger --container=mycontainer -- sh
# Create a copy of mypod changing all container images to busybox
kubectl debug mypod --copy-to=my-debugger --set-image=*=busybox
# Create a copy of mypod adding a debug container and changing container images
kubectl debug mypod -it --copy-to=my-debugger --image=debian --set-image=app=app:debug,sidecar=sidecar:debug
# Create an interactive debugging session on a node and immediately attach to it.
# The container will run in the host namespaces and the host's filesystem will be mounted at /host
kubectl debug node/mynode -it --image=busybox
Options:
--arguments-only=false: If specified, everything after -- will be passed to the new container as Args instead of
Command.
--attach=false: If true, wait for the container to start running, and then attach as if 'kubectl attach ...' were
called. Default false, unless '-i/--stdin' is set, in which case the default is true.
-c, --container='': Container name to use for debug container.
--copy-to='': Create a copy of the target Pod with this name.
--env=[]: Environment variables to set in the container.
--image='': Container image to use for debug container.
--image-pull-policy='': The image pull policy for the container. If left empty, this value will not be specified
by the client and defaulted by the server.
-q, --quiet=false: If true, suppress informational messages.
--replace=false: When used with '--copy-to', delete the original Pod.
--same-node=false: When used with '--copy-to', schedule the copy of target Pod on the same node.
--set-image=[]: When used with '--copy-to', a list of name=image pairs for changing container images, similar to
how 'kubectl set image' works.
--share-processes=true: When used with '--copy-to', enable process namespace sharing in the copy.
-i, --stdin=false: Keep stdin open on the container(s) in the pod, even if nothing is attached.
--target='': When using an ephemeral container, target processes in this container name.
-t, --tty=false: Allocate a TTY for the debugging container.
Usage:
kubectl debug (POD | TYPE[[.VERSION].GROUP]/NAME) [ -- COMMAND [args...] ] [options]
阅读 615 · 发布于 2022-10-30
————        END        ————
Give me a Star, Thanks:)
https://github.com/fendoudebb扫描下方二维码关注公众号和小程序↓↓↓

昵称:
随便看看
换一批
-
算法:冒泡排序阅读 878
-
Ubuntu 系统升级 MySQL 版本阅读 2139
-
Windows 使用 Wireshark 抓取本地数据包阅读 2369
-
Java11 -Xms -Xmx 设置堆内存大小时的注意事项阅读 1868
-
前端 Chrome 反调试方法阅读 4530
-
macOS 打开 Java Mission Control 直接闪退解决方法阅读 100
-
Arthas 使用 tt 命令抓取调用异常、调用耗时、传入参数、返回参数阅读 3305
-
macOS 使用 Colima 代替 Docker Desktop阅读 113
-
定时清理 MongoDB 历史数据阅读 3877
-
Spring Boot JPA 打印 SQL 语句及参数阅读 682