k8s tools
Use the nsenter command to enter the container namespace for packet capture and network diagnosis
#!/bin/bash
ns=$1 #传参1:命名空间
pod_name=$2 #传参2:pod名称
Container_id=$(kubectl describe pod -n $ns $pod_name | grep "Container ID:" | cut -d '/' -f 3 | cut -c 1-12)
node=$(kubectl get pods -n $ns $pod_name -o wide | awk '{print $7}' | grep -v NODE)
docker_id='docker_id1=$(docker inspect -f {
{
.State.Pid}}'
read -t 30 -p "是否建立远程连接确认y/n:" num1
if [ $num1 == y ];then
echo "-----------------节点输入-----------------"
echo "$docker_id $Container_id)"
docker_id1="$docker_id $Container_id"
echo 'nsenter -n --target $docker_id1'
echo "------------------------------------------"
read -t 30 -p "ssh连接用户名:" name
ssh $name@$node
else
echo "-----------------节点输入-----------------"
echo "$docker_id $Container_id)"
docker_id1="$docker_id $Container_id"
echo 'nsenter -n --target $docker_id1'
echo "------------------------------------------"
fi
bash k8s_ns.sh kube-system coredns-7cccdb8747-qztnd
#执行脚本并传参
Script command analysis
View the container ID of the specified pod running
- kubectl describe pod -n mservice
Get the pid of the container process (enter the Pod node)
- docker inspect -f { {.State.Pid}}
Enter the network namespace of the container (enter the Pod node)
- nsenter -n --target