Debugging production issues can sometimes be a challenge in Kubernetes environments. One specific challenge is debugging containers that don’t contain a shell. You may have seen the following when troubleshooting an issue:
$ kubectl exec -it -n kube-system coredns-558bd4d5db-gx469 -- sh
error: Internal error occurred: error executing command in container: failed to exec in container: failed to start exec "4f053952703f78b51bdf38a26ed391d8c2bda4138b87f35170d3fc4ea14fc510": OCI runtime exec failed: exec failed: container_linux.go:380: starting container process caused: exec: "sh": executable file not found in $PATH: unknown Not including a shell in your base image is a best practice, and projects like distroless make it super easy to package your applications with a small shell-less footprint.
↧
