Extend metalk8s-utils image content
#2156
Comments
|
Some I was thinking of (in no particular order):
|
|
I would add:
Maybe also a
Dunno if |
|
There was a talk in KubeCon NA '19 about how to use a sidecar container for debugging and profiling, included a bunch of useful tools, maybe it would be worth considering as well: https://kccncna19.sched.com/event/UaXU/debugging-live-applications-the-kubernetes-way-from-a-sidecar-joe-elliott-grafana-labs |
|
@NicolasT you suggested |
|
Preinstalling them would allow to use them even if our repos are down/broken for some reasons, no? |
The intent is (for now) not to act as a debug container / detachable sidecar (we don't support that yet). However, that could be useful over time. |
The idea is to come up with a couple of Pod manifests that could be used to deploy a container with this image and get a shell, and be at various degrees of 'host-level access'. As such, we could create such Pod templates to e.g. run on the Then also, run such container as So indeed, some of the tools could be installed on the host. However, for 'ease of use', it may be useful to have a container which includes all those tools, and have a way to deploy it on some host, then troubleshoot things using those tools from inside the container, but as if you're on the host (to a large extent). |
|
One more: |
|
https://github.com/containernetworking/cni/tree/master/cnitool could be useful as well. |
|
https://github.com/microsoft/ethr which can, unlike iperf(3), actually fill a 25Gbit/s+ pipe. |
|
|
This patch extends the `metalk8s-utils` `Dockerfile` to add a bunch of packages (and make some related changes): - The Kubernetes and SaltStack repositories are enabled in the image - No longer override the entrypoint - Fail when a given package (name) doesn't exist - Add the following packages to the image: * `bash-completion` * `conntrack-tools` * `e2fsprogs` * `ebtables` * `etcd`, for `etcdctl` * `ethtool` * `gdb` * `git` * `htop` * `httpd-tools`, for `htpasswd` (see #2352) * `iotop` * `iperf3` (next to `iperf` which was already installed) * `ipset` * `iptables` * `ipvsadm` * `jnettop` * `jq` * `kubectl` (pinned to the version of Kubernetes this MetalK8s release ships with) * `less` * `lsof` * `ltrace` * `lvm2` * `net-tools` * `nethogs` * `nmap` * `nmap-ncat`, for `nc` * `openssh-clients` * `openssh-server` * `openssl`, for its CLI interface * `parted` * `perf` * `rsync` * `salt-master`, for `salt` and `salt-run` * `salt-minion`, for `salt-call` * `strace` * `sysstat` * `tcpdump` * `util-linux`, for `nsenter` and others * `vim` * `wget` * `wireshark`, for `tshark` * `xfsprogs` This resolves #2156 to a great extent. However, documentation on how to use the image is still lacking, as well as some of the tools referred to in the ticket, for which no upstream packages are available. See: #2156 See: #2352
This patch extends the `metalk8s-utils` `Dockerfile` to add a bunch of packages (and make some related changes): - The Kubernetes and SaltStack repositories are enabled in the image - No longer override the entrypoint - Fail when a given package (name) doesn't exist - Add the following packages to the image: * `bash-completion` * `conntrack-tools` * `e2fsprogs` * `ebtables` * `etcd`, for `etcdctl` * `ethtool` * `gdb` * `git` * `htop` * `httpd-tools`, for `htpasswd` (see #2352) * `iotop` * `iperf3` (next to `iperf` which was already installed) * `ipset` * `iptables` * `ipvsadm` * `jnettop` * `jq` * `kubectl` (pinned to the version of Kubernetes this MetalK8s release ships with) * `less` * `lsof` * `ltrace` * `lvm2` * `net-tools` * `nethogs` * `nmap` * `nmap-ncat`, for `nc` * `openssh-clients` * `openssh-server` * `openssl`, for its CLI interface * `parted` * `perf` * `rsync` * `salt-master`, for `salt` and `salt-run` * `salt-minion`, for `salt-call` * `strace` * `sysstat` * `tcpdump` * `util-linux`, for `nsenter` and others * `vim` * `wget` * `wireshark`, for `tshark` * `xfsprogs` This resolves #2156 to a great extent. However, documentation on how to use the image is still lacking, as well as some of the tools referred to in the ticket, for which no upstream packages are available. See: #2156 See: #2352
This patch extends the `metalk8s-utils` `Dockerfile` to add a bunch of packages (and make some related changes): - The Kubernetes and SaltStack repositories are enabled in the image - No longer override the entrypoint - Fail when a given package (name) doesn't exist - Add the following packages to the image: * `bash-completion` * `bash-completion-extras` * `bzip2` * `conntrack-tools` * `e2fsprogs` * `ebtables` * `etcd`, for `etcdctl` * `ethtool` * `gdb` * `git` * `htop` * `httpd-tools`, for `htpasswd` (see #2352) * `iotop` * `iperf3` (next to `iperf` which was already installed) * `ipset` * `iptables` * `ipvsadm` * `jnettop` * `jq` * `kubectl` (pinned to the version of Kubernetes this MetalK8s release ships with) * `less` * `lsof` * `ltrace` * `lvm2` * `net-tools` * `nethogs` * `nmap` * `nmap-ncat`, for `nc` * `openssh-clients` * `openssh-server` * `openssl`, for its CLI interface * `parted` * `perf` * `rsync` * `salt-master`, for `salt` and `salt-run` * `salt-minion`, for `salt-call` * `strace` * `sysstat` * `tcpdump` * `util-linux`, for `nsenter` and others * `vim` * `wget` * `wireshark`, for `tshark` * `xfsprogs` This resolves #2156 to a great extent. However, documentation on how to use the image is still lacking, as well as some of the tools referred to in the ticket, for which no upstream packages are available. See: #2156 See: #2352
This patch extends the `metalk8s-utils` `Dockerfile` to add a bunch of packages (and make some related changes): - The Kubernetes and SaltStack repositories are enabled in the image - No longer override the entrypoint - Fail when a given package (name) doesn't exist - Add the following packages to the image: * `bash-completion` * `bash-completion-extras` * `bzip2` * `conntrack-tools` * `cri-tools`, for `crictl` * `e2fsprogs` * `ebtables` * `etcd`, for `etcdctl` * `ethtool` * `gdb` * `git` * `htop` * `httpd-tools`, for `htpasswd` (see #2352) * `iotop` * `iperf3` (next to `iperf` which was already installed) * `ipset` * `iptables` * `ipvsadm` * `jnettop` * `jq` * `kubectl` (pinned to the version of Kubernetes this MetalK8s release ships with) * `less` * `lsof` * `ltrace` * `lvm2` * `net-tools` * `nethogs` * `nmap` * `nmap-ncat`, for `nc` * `openssh-clients` * `openssh-server` * `openssl`, for its CLI interface * `parted` * `perf` * `rsync` * `salt-master`, for `salt` and `salt-run` * `salt-minion`, for `salt-call` * `strace` * `sysstat` * `tcpdump` * `util-linux`, for `nsenter` and others * `vim` * `wget` * `wireshark`, for `tshark` * `xfsprogs` This resolves #2156 to a great extent. However, documentation on how to use the image is still lacking, as well as some of the tools referred to in the ticket, for which no upstream packages are available. See: #2156 See: #2352
|
Re-opening since not everything listed here in included through #2374. |
This patch extends the `metalk8s-utils` `Dockerfile` to add a bunch of packages (and make some related changes): - The Kubernetes and SaltStack repositories are enabled in the image - No longer override the entrypoint - Fail when a given package (name) doesn't exist - Add the following packages to the image: * `bash-completion` * `bash-completion-extras` * `bzip2` * `conntrack-tools` * `cri-tools`, for `crictl` * `e2fsprogs` * `ebtables` * `etcd`, for `etcdctl` * `ethtool` * `gdb` * `git` * `htop` * `httpd-tools`, for `htpasswd` (see #2352) * `iotop` * `iperf3` (next to `iperf` which was already installed) * `ipset` * `iptables` * `ipvsadm` * `jnettop` * `jq` * `kubectl` (pinned to the version of Kubernetes this MetalK8s release ships with) * `less` * `lsof` * `ltrace` * `lvm2` * `net-tools` * `nethogs` * `nmap` * `nmap-ncat`, for `nc` * `openssh-clients` * `openssh-server` * `openssl`, for its CLI interface * `parted` * `perf` * `rsync` * `salt-master`, for `salt` and `salt-run` * `salt-minion`, for `salt-call` * `strace` * `sysstat` * `tcpdump` * `util-linux`, for `nsenter` and others * `vim` * `wget` * `wireshark`, for `tshark` * `xfsprogs` This resolves #2156 to a great extent. However, documentation on how to use the image is still lacking, as well as some of the tools referred to in the ticket, for which no upstream packages are available. See: #2156 See: #2352
|
One to add, since the image is based on CentOS 7: |
If thanks to #2146 the
metalk8s-utilsimage starts to get used more often, we must ensure it contains all tools people use to debug/troubleshoot a system. We currently only include a couple:bind-utilscurlhttpieiperfiproutesocattelnetI bet there's a bunch of other useful tools we could/should add. This ticket is meant to collect those, so please comment.
The text was updated successfully, but these errors were encountered: