Home

Awesome

A Docker image with Kubernetes manifests for investigation and troubleshooting your cluster.

main build main release

Purpose

The DOKS team provides this image for use as-is and for transparency as the image used when a request to "deploy a debug pod" is made to our customers, which may occur when deeper investigation is needed with direct access to a cluster.

Usage

kubectl apply -f k8s/daemonset.yaml

This DaemonSet manifest will:

  1. Ensure a pod with our Docker image is running indefinitely on every node.
  2. Use hostPID, hostIPC, and hostNetwork.
  3. Mount the entire host filesystem to /host in the containers.
  4. Mount the containerd socket at /run/containerd/containerd.sock from the host into the container.

In order to make use of these workloads, you can exec into a pod of choice by name:

kubectl -n kube-system exec -it my-pod-name bash

If you know the specific node name that you're interested in, you can exec into the debug pod on that node with:

NODE_NAME="my-node-name"
POD_NAME=$(kubectl -n kube-system get pods --field-selector spec.nodeName=${NODE_NAME} -ojsonpath='{.items[0].metadata.name}')
kubectl -n kube-system exec -it ${POD_NAME} bash

Once you're in, you have access to the set of tools listed in the Dockerfile. This includes:

Tips and Tricks

chroot + systemctl

chroot /host /bin/bash
systemctl status kubelet
journalctl -xe
journalctl -u kubelet

Contributing

At DigitalOcean we value and love our community! If you have any issues or would like to contribute, feel free to open an issue or PR and cc any of the maintainers.