Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add description about custom profile #48154

Merged
merged 5 commits into from
Nov 17, 2024
+72 −2
Merged

Add description about custom profile #48154

Changes from 2 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
c7348db
Add custom profile
mochizuki875 Oct 1, 2024
22c400b
fix1
mochizuki875 Oct 7, 2024
636ae0f
fix2
mochizuki875 Oct 8, 2024
16112b8
fix3
mochizuki875 Oct 8, 2024
09df98e
fix4
mochizuki875 Oct 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
90 changes: 90 additions & 0 deletions content/en/docs/tasks/debug/debug-application/debug-running-pod.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -718,3 +718,93 @@ Clean up the Pod when you're finished with it:
```shell
kubectl delete pod myapp
```

### Custom Profile {#custom-profile}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
### Custom Profile {#custom-profile}
## Custom profiles for ephemeral containers {#custom-profile}

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as Debugging Profiles above, custom profile can be applied not only to an ephemeral containers, but also to a copied Pods or a debugging pods to debug nodes.
Although the following case uses an ephemeral container as an example, I think the title should remain more general, as it is now.
(While other examples can be provided, it would be redundant)

Furthermore, I think custom profile is an extension of debugging profile.
So it would be better for the Custom Profile section under Debugging Profiles to be at level ### instead of ##, or to add a new comprehensive section that consolidates the Debug Profile and Custom Profile.


{{< feature-state for_k8s_version="v1.31" state="beta" >}}

You can define a partial container spec as a custom profile in either YAML or JSON format, and apply it to an ephemeral container or a debugging container in a copied Pod or a debugging Pod using the `--custom` flag.
mochizuki875 marked this conversation as resolved.
Show resolved Hide resolved

{{< note >}}
Custom profile only supports the modification of the debugging container spec. It does not support the modification of the Pod spec of the debug target.
Modifications via a custom profile are not allowed for certain fields, including: `command`, `image`, `lifecycle`, `name`, and fields that define access to storage.
tengqm marked this conversation as resolved.
Show resolved Hide resolved
{{< /note >}}


First, create a Pod named myapp as an example:

```shell
kubectl run myapp --image=busybox:1.28 --restart=Never -- sleep 1d
```

Create a custom profile in YAML or JSON format.
Here, create a YAML format file named `custom-profile.yaml`:

{{< tabs name="custom_profiles" >}}
{{< tab name="YAML" codelang="yaml" >}}
tengqm marked this conversation as resolved.
Show resolved Hide resolved
env:
- name: ENV_VAR_1
value: value_1
- name: ENV_VAR_2
value: value_2
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_TIME

{{< /tab >}}
{{< tab name="JSON" codelang="json" >}}
{
"env": [
{
"name": "ENV_VAR_1",
"value": "value_1"
},
{
"name": "ENV_VAR_2",
"value": "value_2"
}
],
"securityContext": {
"capabilities": {
"add": [
"NET_ADMIN",
"SYS_TIME"
]
}
}
}
{{< /tab >}}
{{< /tabs >}}


Then, debug the Pod using an ephemeral container with the custom profile:
mochizuki875 marked this conversation as resolved.
Show resolved Hide resolved

```shell
kubectl debug -it myapp --image=busybox:1.28 --target=myapp --profile=general --custom=custom-profile.yaml
```

You can check that the ephemeral container was created with the custom profile applied:

```shell
kubectl get pod myapp -o jsonpath='{.spec.ephemeralContainers[0].env}'
```

```
[{"name":"ENV_VAR_1","value":"value_1"},{"name":"ENV_VAR_2","value":"value_2"}]
```

```shell
kubectl get pod myapp -o jsonpath='{.spec.ephemeralContainers[0].securityContext}'
```

```
{"capabilities":{"add":["NET_ADMIN","SYS_TIME"]}}
```

Clean up the Pod when you're finished with it:

```shell
kubectl delete pod myapp
```