Spying on Kubernetes Pods with kubespy

Recently I came across this small utility tool called kubespy

.GitHub – huazhihao/kubespy: pod debugging tool for kubernetes clusters with docker runtimeskubespy is a kubectl plugin to debug a running pod. It creates a short-lived spy container, using specified image…github.com

It is a kubectl plugin that enables you to ‘debug’ a running pod.

The way it does it underneath the hood is by creating a ‘short-lived’ spy container using the specified container image that consists of all the required debugging tools, in order to “spy” the target container.

This plugin is very handy indeed.

Installation

The easiest way I found to install this is via the source.

Downloading the source:

curl -so kubectl-spy https://raw.githubusercontent.com/huazhihao/kubespy/master/kubespy

Then move it to the desired location that also contains your kubectl installation.

For me it is:

sudo install kubectl-spy /usr/local/bin/

Alternatively, you can also install via krew:

kubectl krew install spy

However, this requires you to have krew installed. For information on installation and setting up krew for Kubernetes see here:Installing⚠️ Warning: krew is only compatible with kubectl v1.12 or later.krew.sigs.k8s.io

Usage

Using the plugin to spy on running Kubernetes pods is actually really simple. The command format is as follows:

kubectl spy [-c CONTAINER] [-n NAMESPACE] [--spy-image IMAGE] POD

And here are some really basic examples:

kubectl spy nginx
kubectl spy nginx -n defaultkubectl spy mypod --spy-image busyboxkubectl spy mypod --entrypoint /bin/sh

Why is this useful?

Without using kubespy you would normally ‘exec’ into the running Kubernetes pod to troubleshoot for issues.

Let say for example:

kubectl exec nginx -it /bin/bash

More often than not, you would then need maybe to check on the running processes by doing a simple ‘ps’ command check.

ps

And then you’ll hit this problem of ps: command not found…

bash: ps: command not found

To circumvent this, this is where kubespy will come in handy.

kubectl spy nginxloading spy pod spy-4aa84ee77dfc ...
If you don't see a command prompt, try pressing enter.

… and now checking on the list of processes:

/ # ps
PID USER TIME COMMAND
1 root 0:00 nginx: master process nginx -g daemon off;
32 101 0:00 nginx: worker process
33 101 0:00 nginx: worker process
34 101 0:00 nginx: worker process
35 101 0:00 nginx: worker process
45 root 0:00 /bin/sh
52 root 0:00 ps

Voila!

You may also like...