How to TCPdump effectively in Kubernetes (part 2)
In previous blog posts, we focused on how to use TCPdump in a specific container (see https://medium.com/@xxradar/how-to-tcpdump-effectively-in-docker-2ed0a09b5406 ) as well as how we could add it to an existing K8S deployment using a patch (see https://medium.com/@xxradar/how-to-tcpdump-effectively-in-kubernetes-part-1-a1546b683d2f)
While researching some other things recently, I came across a comment suggesting a quick fix for another issue like this …
$ kubectl run -it --rm debug --restart=Never --image=ubuntu --overrides='{"kind":"Pod", "apiVersion":"v1", "spec": {"hostNetwork":true}}'
This is pretty similar as described in a previous blog posts …
docker run -it --net=host ubuntu
… but in the kubectl case, we do not need SSH access to a node or access to the docker client, nor do we need to re-deploy the deployment (aka restart of the pods)
So let’s try this !!
Create a small K8S cluster and deploy a simple nginx service (I used the managed K8S service from Digitalocean and tested as well on an Azure environment)
$ kubectl get no
NAME STATUS ROLES AGE VERSION
demo-pool1-lyg2 Ready <none> 2m3s v1.16.2
demo-pool1-lygl Ready <none> 2m12s…