Blog / DevOps / pause: how to debug your Kubernetes setup

pause: how to debug your Kubernetes setup

Sometimes you need a debug container hanging around to check something from within your cluster. You cobble something together, make the ‘command’ be ‘sleep 3600’ or ‘tail -f /dev/null’ and call it a day. But they don’t terminate gracefully.

kubectl run debug --restart=Never --image=agilicus/pause

The magic is this ‘pause.c’. It simply waits for a couple of signals, calls pause(2) and thus waits. It exits immediately if anything happens. This means that it uses near zero resources while sleeping and exits gracefully.

#include <unistd.h>
#include <signal.h>
static void 
_endme(int sig)
{
_exit(0);
}
int
main(int argc, char **argv)
{
signal(SIGINT, _endme);
signal(SIGTERM, _endme);
pause();
_exit(0);
}

Now, this seems esoteric, but give it a try. Now, once you have run that  run  command above, you can simply   kubectl exec -it debug bash  and from in there  apk add tool .

So you might  apk add curl  and then  curl http://myservice . Simple, right?

Now, I know a lot of you are committing the cardinal sin of having a shell and debug environment in every container  just in case . Well, let me tell you, that security attacker is going to love your  just in case  toolset. Why not let the container run as root with a writeable filesystem and a compiler while we are at it.

You can check out the copious code @ https://github.com/Agilicus/pause.

Leave a Reply

Your email address will not be published.