Linux command
kubectl-debug 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Debug pod
kubectl debug [pod-name] -it --image=[busybox]
Copy pod for debugging
kubectl debug [pod-name] -it --copy-to=[debug-pod]
Debug with different container
kubectl debug [pod-name] -it --container=[container] --image=[image]
Debug node
kubectl debug node/[node-name] -it --image=[busybox]
Share process namespace
kubectl debug [pod-name] -it --image=[busybox] --share-processes
说明
kubectl debug creates ephemeral containers within running pods or nodes for interactive troubleshooting without modifying the original pod specification. This is especially useful for debugging minimal or distroless container images that lack shells and diagnostic tools, as the debug container can be based on a full-featured image like busybox or alpine while sharing the target pod's network and process namespaces. The command supports several debugging strategies. An ephemeral container can be injected directly into an existing pod, or the pod can be copied with `--copy-to` to create an isolated debug clone that leaves the original workload undisturbed. For node-level troubleshooting, `kubectl debug node/` creates a privileged pod on the specified node with the host filesystem mounted, providing access to the node's operating system for diagnosing system-level issues. The `--share-processes` flag enables process namespace sharing so the debug container can see and interact with processes in other containers within the same pod.
参数
- --image _IMAGE_
- Debug container image.
- -it
- Interactive TTY.
- --copy-to _NAME_
- Create debug copy.
- --container _NAME_
- Target container.
- --share-processes
- Share process namespace.
- --help
- Display help information.
FAQ
What is the kubectl-debug command used for?
kubectl debug creates ephemeral containers within running pods or nodes for interactive troubleshooting without modifying the original pod specification. This is especially useful for debugging minimal or distroless container images that lack shells and diagnostic tools, as the debug container can be based on a full-featured image like busybox or alpine while sharing the target pod's network and process namespaces. The command supports several debugging strategies. An ephemeral container can be injected directly into an existing pod, or the pod can be copied with `--copy-to` to create an isolated debug clone that leaves the original workload undisturbed. For node-level troubleshooting, `kubectl debug node/` creates a privileged pod on the specified node with the host filesystem mounted, providing access to the node's operating system for diagnosing system-level issues. The `--share-processes` flag enables process namespace sharing so the debug container can see and interact with processes in other containers within the same pod.
How do I run a basic kubectl-debug example?
Run `kubectl debug [pod-name] -it --image=[busybox]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does --image _IMAGE_ do in kubectl-debug?
Debug container image.