Is there a kubectl version of `docker run --net=container:thingie --pid=container:thingie -it --rm busybox sh`

Question

With Docker, if I want to inspect a running container that doesn't have its own shell, I can run something like this:

docker run --net=container:thingie --pid=container:thingie -it --rm busybox sh

This runs a shell in a separate image but with the same pid/network space as the container I want to inspect. There are also options for connecting to the target container file system.

Can I do this with kubectl in kubernetes and point to an existing pod/container?

Answer 1

Of course, first use kubectl get pod | grep YOUR_DEPLOYMENT_NAME to get the uid of the pod. Then, use kubectl exec -it POD_UID bash/sh/whatever to log into the pod. Note that your container might not accept bash, so you might need to change it to sh.

However, as your comment suggests an image might not have a shell (I haven't ever heard from one but we can still solve it). For this you could add another container in your pod which will share the filesystem, network, etc. This will allow you to debug your main container. Use kubectl exec -it $YOUR_POD_UID -c $CONTAINER_NAME alpine sh to get into the debugging container. Here is a yaml in case you need it.

apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: default
  name: alpine
  labels:
    app: alpine
spec:
  replicas: 1
  selector:
    matchLabels:
      app: alpine
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: alpine
    spec:
      containers:
      # Your container.
      - name: your_container_without_shell
        image: container_without_shell:latest
      # Sidecar container.
      - name: alpine
        image: alpine:latest
        command: ["/bin/sleep", "1000000"] # let's say it dies eventually.
      hostname: alpine
      restartPolicy: Always