getting error trying to run strace with kubectl debug mode

 

kubectl debug is quite limited and won't let you add for example, SYS_PTRACE (to run strace on your app). To resolve it, try adding shareProcessNamespace and add SYS_PTRACE in your deployment or pod. 

For example, 


apiVersion: v1
kind: Pod
metadata:
  name: nginx
spec:
  shareProcessNamespace: true
  containers:
  - name: nginx
    image: nginx
  - name: shell
    image: ubuntu
    command: ["sleep", "3600"]
    securityContext:
      capabilities:
        add:
        - SYS_PTRACE
    stdin: true
    tty: true


As you can see, we have a shell container and just runs ubuntu image. You can install strace -p PROCESS-ID since these containers are already sharing processes. 

Also noticed the SYS_PTRACE entry. This will resolve issues with strace permissions. 



Comments

Post a Comment

Popular posts from this blog

The specified initialization vector (IV) does not match the block size for this algorithm

Image
If you're getting  exception when trying to assigned key to a symmetric key and getting error message below :- The specified initialization vector (IV) does not match the block size for this algorithm And your code probably look like something below :- Then you need to go into debug mode and start looking into the supported size for IV as shown in diagram below :- As you can see, IV is 16 bytes, so you need to provide 16 bytes. The same goes for Key field too, if you're adding anything to it. As long as you provide a valid key size, then we're good and you're code will be ready.
Read more