Images are minimal
Shell is available
Containers are considered immutable
Create container image with required tools
Run and share network/pid namespace
Install tools as required
k8s 1.16 introduces ephemeral containers to troubleshoot pods
–
Run container which needs troubleshooting:
docker run -d --name nginx nginx
Join namespaces with existing container:
docker run -it --rm \
--net container:nginx \
--pid container:nginx \
alpine