How to TCPdump effectively in Kubernetes (part 1)

Philippe Bogaerts
2 min readMay 9, 2019

In a previous blog post, we focused on how to TCPdump in docker containers (see https://dockersec.io/@xxradar/how-to-tcpdump-effectively-in-docker-2ed0a09b5406).

Although the information is still very useful and valid for troubleshooting K8S pods, it might get more difficult figuring out which containers to attach to on what node, etc … but a very valid approach.

While focusing on an easier way, I came across the command

kubectl patch 

--

--

Philippe Bogaerts

#BruCON co-founder, #OWASP supporter, Application Delivery and Web Application Security, #Kubernetes and #container, #pentesting enthousiast, BBQ & cocktails !!