Hey everyone! I'm an SRE with a strong background in Linux and automation dating back to the late 90s. I've noticed that as applications shift to containers, finding effective debugging tools has become more challenging. Historically, we relied on tools like netstat, lsof, find, tcpdump, strace, and others to diagnose issues. However, since developers now manage container images, many of these essential tools are left out in favor of faster startup times. I believe that container base images should still include debugging tools, and ideally, this responsibility would fall to DevOps/SRE teams. I'm curious what options Kubernetes offers to fill this gap. Any insights?
1 Answer
I've used a lot of those tools for debugging inside containers. One cool tool is `nsenter` which allows you to use host tools to debug running containers without having to include all those binaries in your images. Just need the right permissions!
I wasn't aware of `nsenter`; it sounds interesting! But I see some hurdles, like netstat needing procfs. What if you're trying something like `kubectl exec -it -c -- netstat -tnlp`? But these tools can be crucial during production issues, especially in bigger setups!