A method to get into a container on the Diego Cell
The requirement is to be able to access the application container in Cloud Foundry in scenarios where cf ssh would not be possible. Main reasons being troubleshooting inside the container. This write-up describes the procedures for the same. The original article for containers based on garden-runc is provided below.
- Obtain the app
cf curl /v2/apps/$(cf app <app-name> --guid)| jq -r '.metadata.guid + "-" + .entity.version'
- Obtain the hosts in which the app is running. Choose one of the I
cf curl v2/apps/$(cf app <app-name> --guid)/stats | grep host
Login to the bosh director.
Identify the cell/VM Instance name associated to the IP
SSH into the VM
bosh -e <environment> -d <deployment> ssh <Instance-Name> diego-cell/8cbe944d-d0cc-4158-802e-59426506faf7:~$ sudo -i diego-cell/8cbe944d-d0cc-4158-802e-59426506faf7:~#
- Obtain the "instance_guid" for the process-guid from step 1
cfdot actual-lrp-groups | grep d7c18647-9560-4327-8bcc-b7ab1ecdf295-2d6ebf81-7857-46d8-8bdc-f958795abf86
- Attach into the container using ctr (containerd client)
export containerid=<Instance_Guid_> /var/vcap/packages/containerd/bin/ctr -a /var/vcap/sys/run/containerd/containerd.sock -n garden tasks exec --exec-id my-shell --tty $containerd /bin/bash root@9b5900f2-34f3-4317-63bb-863c:/#
- You will now be in the container.