Skip to content

Latest commit

 

History

History
68 lines (59 loc) · 1.78 KB

README.md

File metadata and controls

68 lines (59 loc) · 1.78 KB

kubernetes-debug-image

Debug image for debugging within a kubernetes cluster.

Dockerfile

Example of dockerfile with tools for debugging.
Tools can be added or removed in apt install.

FROM ubuntu:22.04

ARG AZ_CLI_VERSION=2.40.0

RUN useradd -u 10001 scratchuser
RUN groupadd -g 30001 debuggroup
RUN apt update; apt -y install vim netcat-openbsd curl wget bind9-host bind9-dnsutils python3 python3-pip postgresql-client; apt clean
RUN pip3 install azure-storage-blob azure-identity azure-cli==${AZ_CLI_VERSION}

USER 10001:30001
ENTRYPOINT ["tail", "-f", "/dev/null"]

Debug deployment

Example of yaml file containing the deployment of debugger pods.
Namespace needs to be changed to match the environment it's deployed in.
Currently the image is set to the default debug-image.
Consider adding egress rules for debugging the network.

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: debug-deployment
  namespace: your-namespace
spec:
  replicas: 1
  selector:
    matchLabels:
      appName: debug
  template:
    metadata:
      labels:
        appName: debug
        netic.dk/network-rules-egress: app-name
        netic.dk/network-component: other-app-name
    spec:
      securityContext:
        runAsUser: 10001
        runAsGroup: 30001
      containers:
      - name: debug-pod
        image: ghcr.io/neticdk/kubernetes-debug-image:<tag>
        command:
          - /bin/tail
          - -f
          - /dev/null
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
              - "ALL"

Installation

Change tag to a version or set to latest.
Run below command to pull the image to docker, or set it for the deployment manifest.
docker pull ghcr.io/neticdk/kubernetes-debug-image:tag