当前位置:网站首页>Kubernetes practical skill: entering container netns
Kubernetes practical skill: entering container netns
2022-06-24 12:34:00 【imroc】
This article excerpts from kubernetes Learning notes
background
We use Kubernetes Some network problems are inevitable , It is often necessary to enter the network namespace of the container (netns) in , Do some network debugging to locate the problem , This article describes how to enter the container netns.
Get the container ID
Use kubectl obtain pod In any cotnainer Of id:
kubectl -n test describe pod debug-685b48bcf5-ggn5d
Output sample clip 1 (containerd Runtime ):
Containers:
debug:
Container ID: containerd://529bbd5c935562a9ba66fc9b9ffa95d486c6324f26d8253d744ffe3dfd728289Output sample clip 2 (dockerd Runtime ):
Containers:
debug:
Container ID: docker://e64939086488a9302821566b0c1f193b755c805f5ff5370d5ce5e6f154ffc648 obtain PID
Get container id after , We log in to pod Get its main process from the node pid.
containerd Run time usage crictl Command acquisition :
$ crictl inspect 529bbd5c935562a9ba66fc9b9ffa95d486c6324f26d8253d744ffe3dfd728289 | grep -i pid
"pid": 2266462,
"pid": 1
"type": "pid"In this case pid by 2266462
dockerd Run time usage docker Command acquisition :
$ docker inspect e64939086488a9302821566b0c1f193b755c805f5ff5370d5ce5e6f154ffc648 | grep -i pid
"Pid": 910351,
"PidMode": "",
"PidsLimit": 0,In this case pid by 910351
Use nsenter Into the container netns
Use... On nodes nsenter Get into pod Of netns:
nsenter -n --target 910351
Debug network
Successfully entered the netns, You can use the network tools on the node to debug the network , You can use... First ip a To validate the ip Whether the address is pod ip:
$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
3: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 6a:c6:6f:67:dd:6c brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.18.0.67/26 brd 172.18.0.127 scope global eth0
valid_lft forever preferred_lft foreverIf you want to capture packets, you can also use the tcpdump Tool grab bag .
边栏推荐
- Deep learning ~11+ a new perspective on disease-related miRNA research
- Continuous testing | test process improvement: practice continuous testing within iterations in coding
- MySQL 外键影响
- Collation of related papers on root cause analysis
- 炒伦敦金短线稳定赚钱技巧?在哪里炒伦敦金安全靠谱?
- 微医CodeReview工具链
- Pipeline shared library
- Is it safe to open an account for how many new bonds you can apply for
- Opencv learning notes - Discrete Fourier transform
- How to purchase new bonds is it safe to open an account
猜你喜欢
How to write controller layer code gracefully?
Deep parsing and implementation of redis pub/sub publish subscribe mode message queue
Opencv learning notes -- Separation of color channels and multi-channel mixing
文本转语音功能上线,可以体验专业播音员的服务,诚邀试用
从《梦华录》的争议性,谈谈数字版权作品的价值泡沫
ArrayList # sublist these four holes, you get caught accidentally
[mysql_16] variables, process control and cursors
Database migration tool flyway vs liquibase (II)
QT -- the qtabwidget supports dragging tabbar items
FreeRTOS overview and experience
![[mysql_16] variables, process control and cursors](/img/c3/91ffb21431cf891747d6d09b554d0d)
随机推荐
5分+的单基因泛癌纯生信思路!
Concentrate on research preparation, Tencent cloud, see you next year!
Do you really know "open source"? Please check [nanny level] open source Encyclopedia
VaR in PHP_ export、print_ r、var_ Differences in dump debugging
What should music website SEO do?
Is it safe to apply for new bonds to open an account
As one of the bat, what open source projects does Tencent have?
National standard platform easygbs administrator assigns roles to sub users and troubleshooting of invalid channels
A "full cloud" journey of a quasi financial system
Installing sqlserver extension PDO of PHP under Linux_ sqlsrv
基于AM335X开发板 ARM Cortex-A8——Acontis EtherCAT主站开发案例
Cryptography series: collision defense and collision attack
The pod is evicted due to insufficient disk space of tke node
What is the reason why the video intelligent analysis platform easycvr is locally controllable but the superior equipment cannot control the subordinate equipment?
[cloud based co creation] interpretation of harmonyos application and service ecology
OpenGL es shared context for multi-threaded rendering
Identification of new prognostic DNA methylation features in uveal melanoma by 11+ based on methylation group and transcriptome analysis~
How can a shell script (.Sh file) not automatically close or flash back after execution?
《回归故里》阅读笔记
About Adobe Photoshop adjusting selection