diff --git a/tools/debug/Dockerfile b/tools/debug/Dockerfile new file mode 100644 index 00000000..f9512a4b --- /dev/null +++ b/tools/debug/Dockerfile @@ -0,0 +1,21 @@ +FROM ubuntu:22.04 + +RUN apt-get update -y --fix-missing \ + && apt-get install -y iproute2 tcpdump net-tools iputils-ping netcat wget screen xz-utils strace nftables ipvsadm iptables bird2 ethtool conntrack dnsutils jq + +ADD https://github.com/Nordix/ctraffic/releases/download/v1.7.0/ctraffic.gz ctraffic.gz +RUN gunzip ctraffic.gz \ + && chmod a+x ctraffic + +ADD https://github.com/Nordix/mconnect/releases/download/v2.2.0/mconnect.xz mconnect.xz +RUN unxz mconnect.xz \ + && chmod a+x mconnect + +ADD https://github.com/Nordix/nfqueue-loadbalancer/releases/download/1.0.0/nfqlb-1.0.0.tar.xz / +RUN tar --strip-components=1 -xf /nfqlb-1.0.0.tar.xz nfqlb-1.0.0/bin/nfqlb + +ADD https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.24.1/crictl-v1.24.1-linux-amd64.tar.gz / +RUN tar zxvf crictl-v1.24.1-linux-amd64.tar.gz -C /bin +RUN rm -f crictl-v1.24.1-linux-amd64.tar.gz + +CMD ["tail", "-f", "/dev/null"] \ No newline at end of file diff --git a/tools/debug/debug-daemont.yaml b/tools/debug/debug-daemont.yaml new file mode 100644 index 00000000..9c947159 --- /dev/null +++ b/tools/debug/debug-daemont.yaml @@ -0,0 +1,40 @@ +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: debug-meridio-daemonset + labels: + app: debug-meridio-daemonset +spec: + selector: + matchLabels: + app: debug-meridio-daemonset + template: + metadata: + labels: + app: debug-meridio-daemonset + spec: + hostNetwork: true + containers: + - name: debug + image: registry.nordix.org/cloud-native/meridio/debug-meridio:latest + imagePullPolicy: Always + securityContext: + capabilities: + add: + - NET_ADMIN + - SYS_ADMIN + volumeMounts: + - mountPath: /run/netns + name: netns-volume + - mountPath: /run/containerd + name: containerd-volume + volumes: + - name: netns-volume # To access the network namespaces + hostPath: + path: /run/netns + type: Directory + - name: containerd-volume # To use crictl + hostPath: + path: /run/containerd + type: Directory \ No newline at end of file diff --git a/tools/debug/readme.md b/tools/debug/readme.md new file mode 100644 index 00000000..efb20a7e --- /dev/null +++ b/tools/debug/readme.md @@ -0,0 +1,46 @@ +# Debugging + +## Deploy + +``` +kubectl apply -f tools/debug/debug-daemont.yaml +``` + +## Build + +``` +docker build -t debug-meridio -f tools/debug/Dockerfile . +docker tag debug-meridio:latest registry.nordix.org/cloud-native/meridio/debug-meridio:latest +docker push registry.nordix.org/cloud-native/meridio/debug-meridio:latest +``` + +## Commands +List netns:: +``` +ls -1i /var/run/netn +``` + +List netns (more details): +``` +lsns -t net +``` + +Check the processes running in the network namespace: +``` +ls -l /proc/[1-9]*/ns/net | grep | cut -f3 -d"/" | xargs ps -p +``` + +Find pid from container ID: +``` +crictl inspect --output go-template --template '{{.info.pid}}' +``` + +List containers: +``` +crictl ps +``` + +Find network namespace from pod ID: +``` +crictl inspectp | jq -r '.info.runtimeSpec.linux.namespaces[] |select(.type=="network") | .path' +```