k8s-临时容器学习

临时容器学习

  • [1. 什么是临时容器](#1. 什么是临时容器)
  • [2. 实验](#2. 实验)

1. 什么是临时容器

在官网:https://kubernetes.io/zh-cn/docs/concepts/workloads/pods/ephemeral-containers/ 中有介绍

临时容器是用于调试Pod中崩溃的容器或者不具备调试工具,比如在一个运行着业务的容器中,加入一个带有tcpdump抓包工具的容器,获取数据包分析。

2. 实验

创建一个Pod

复制代码
kubectl run nginx --image=nginx --restart=Never

将带有tcpdump工具的容器加入到nginx

复制代码
kubectl debug -it nginx --image=nicolaka/netshoot --target=nginx 
clike 复制代码
[root@k8s-master01 ~]# kubectl debug -it nginx --image=nicolaka/netshoot --target=nginx
Targeting container "nginx". If you don't see processes from this container it may be because the container runtime doesn't support this feature.
--profile=legacy is deprecated and will be removed in the future. It is recommended to explicitly specify a profile, for example "--profile=general".
Defaulting debug container name to debugger-x6qrr.
All commands and output from this session will be recorded in container logs, including credentials and sensitive information passed through the command prompt.
If you don't see a command prompt, try pressing enter.
                    dP            dP                           dP
                    88            88                           88
88d888b. .d8888b. d8888P .d8888b. 88d888b. .d8888b. .d8888b. d8888P
88'  `88 88ooood8   88   Y8ooooo. 88'  `88 88'  `88 88'  `88   88
88    88 88.  ...   88         88 88    88 88.  .88 88.  .88   88
dP    dP `88888P'   dP   `88888P' dP    dP `88888P' `88888P'   dP

Welcome to Netshoot! (github.com/nicolaka/netshoot)
Version: 0.14
nginx  ~ 
  • kubectl debug :添加调试容器
  • -it nginx:指向Pod名
  • --target=nginx : 指向容器名
  • --image=nicolaka/netshoot:用于调试的镜像名称

通过窗口打印可以看出,创建了一个临时容器debugger-x6qrr

在调试窗口使用tcpdump抓取本地接口的流量:

复制代码
nginx  ~  tcpdump -i eth0 port 80 -n
clike 复制代码
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
01:59:38.396705 IP 10.244.0.0.57200 > 10.244.2.10.80: Flags [S], seq 3030192777, win 64860, options [mss 1410,sackOK,TS val 1255526443 ecr 0,nop,wscale 7], length 0
01:59:38.396766 IP 10.244.2.10.80 > 10.244.0.0.57200: Flags [S.], seq 3346276368, ack 3030192778, win 64308, options [mss 1410,sackOK,TS val 1694919818 ecr 1255526443,nop,wscale 7], length 0
01:59:38.397115 IP 10.244.0.0.57200 > 10.244.2.10.80: Flags [.], ack 1, win 507, options [nop,nop,TS val 1255526444 ecr 1694919818], length 0
01:59:38.397115 IP 10.244.0.0.57200 > 10.244.2.10.80: Flags [P.], seq 1:75, ack 1, win 507, options [nop,nop,TS val 1255526444 ecr 1694919818], length 74: HTTP: GET / HTTP/1.1
01:59:38.397166 IP 10.244.2.10.80 > 10.244.0.0.57200: Flags [.], ack 75, win 502, options [nop,nop,TS val 1694919819 ecr 1255526444], length 0
01:59:38.397362 IP 10.244.2.10.80 > 10.244.0.0.57200: Flags [P.], seq 1:239, ack 75, win 502, options [nop,nop,TS val 1694919819 ecr 1255526444], length 238: HTTP: HTTP/1.1 200 OK
01:59:38.397452 IP 10.244.2.10.80 > 10.244.0.0.57200: Flags [P.], seq 239:854, ack 75, win 502, options [nop,nop,TS val 1694919819 ecr 1255526444], length 615: HTTP
01:59:38.397786 IP 10.244.0.0.57200 > 10.244.2.10.80: Flags [.], ack 239, win 506, options [nop,nop,TS val 1255526445 ecr 1694919819], length 0
01:59:38.397832 IP 10.244.0.0.57200 > 10.244.2.10.80: Flags [.], ack 854, win 502, options [nop,nop,TS val 1255526445 ecr 1694919819], length 0
01:59:38.398417 IP 10.244.0.0.57200 > 10.244.2.10.80: Flags [F.], seq 75, ack 854, win 502, options [nop,nop,TS val 1255526445 ecr 1694919819], length 0
01:59:38.398507 IP 10.244.2.10.80 > 10.244.0.0.57200: Flags [F.], seq 854, ack 76, win 502, options [nop,nop,TS val 1694919820 ecr 1255526445], length 0
01:59:38.398786 IP 10.244.0.0.57200 > 10.244.2.10.80: Flags [.], ack 855, win 502, options [nop,nop,TS val 1255526446 ecr 1694919820], length 0
相关推荐
黑科技Python1 小时前
生活中的“小智慧”——认识算法
学习·算法·生活
Yupureki1 小时前
从零开始的C++学习生活 16:C++11新特性全解析
c语言·数据结构·c++·学习·visual studio
青云交1 小时前
Java 大视界 -- Java 大数据在智能教育学习社区互动模式创新与用户活跃度提升中的应用(426)
java·大数据·学习·flink 实时计算·智能教育社区·互动模式创新·用户活跃度
Mr.小海1 小时前
gunicorn和docker冲突吗
docker·容器·gunicorn
武清伯MVP3 小时前
阮一峰《TypeScript 教程》学习笔记——类型映射
笔记·学习·typescript
月阳羊3 小时前
【论文学习与撰写】Mathtype的安装与word插件安装
学习·word
BreezeJuvenile3 小时前
MAX30102脉搏血氧传感器相关内容整理(理论版)
学习·max30102·心率血氧传感器
报错小能手4 小时前
C++笔记(面向对象)深赋值 浅赋值
c++·笔记·学习
一介书生-0074 小时前
2025-10-27 Java AI学习路线
java·人工智能·学习
繁花与尘埃4 小时前
CSS引入方式(本文为个人学习笔记,内容整理自哔哩哔哩UP主【非学者勿扰】的公开课程。 > 所有知识点归属原作者,仅作非商业用途分享)
css·笔记·学习