To debug Kubernetes applications, e.g. if pods can reach a service, an interactive container shell including all essential tools is great - a Swiss army knife so to speak. Unfortunately, in popular base images such as Ubuntu, Debian, CentOS, and Busybox essential debugging tools are not included due to image size reduction and security. While this is great in production environments, it is counterproductive for debugging. Here, we presented an approach based on the extended Ubuntu image leodotcloud/swiss-army-knife created by leodotcloud.
Spin up the pod:
kubectl create -n mynamespace -f - <<EOF apiVersion: v1 kind: Pod metadata: name: swiss-army-knife labels: app: swiss-army-knife spec: containers: - name: swiss-army-knife image: leodotcloud/swiss-army-knife:latest command: ["/bin/sleep", "3650d"] imagePullPolicy: IfNotPresent restartPolicy: Always EOF
Get access to the container command line and debug your stuff:
kubectl exec -n mynamespace swiss-army-knife -it -- /bin/bash
As an example the following command checks whether the port
3306 (MySQL) is accessible on
netcat -v -z -w 4 10.152.183.115 3306
After debugging, you can delete the pod:
kubectl delete pod -n mynamespace swiss-army-knife
Following tools and packages are included. An up-to-date list is available in the Dockerfile.