Debugging Running Pods on Kubernetes
<h1>Executing commands using kubectl exec</h1>
<p>If you run software on Kubernetes, you will, at some point, want to debug some aspect of what you deploy. A simple approach to debugging that is natural to people used to working with VMs is to connect to a running pod and hack away:</p>
<pre>
kubectl exec -it podname -c containername -- bash</pre>
<p>This often works and is very useful. However, there are at least two Kubernetes “best practices” limiting exec’s usefulness in the real world:</p>
<ul>
<li><em>Not running as root</em>. Containers run with as few privileges as possible and may even run with randomized UIDs.</li>
<li><em>Minimal images</em>. Images are kept as small as possible, with binaries installed into a <a href="https://github.com/GoogleContainerTools/distroless" rel="noopener ugc nofollow" target="_blank">distroless image</a> as an extreme.</li>
</ul>
<p><a href="https://medium.com/datamindedbe/debugging-running-pods-on-kubernetes-2ba160c47ef5"><strong>Learn More</strong></a></p>