第10关 netshoot
大约 2 分钟
一个Docker + Kubernetes网络故障排查瑞士军刀容器
工欲善其事,必先利其器,在日常的K8S运维工作中,我们运维人员需要一款功能齐全的工具箱容器来排查服务pod的网络问题,就像网络工程师,在排查问题时,需要带上测线仪和网线钳这些工具箱一样。
这里给大家推荐一款开源的容器工具箱 netshoot
它是一个Docker + Kubernetes网络故障排除瑞士军刀容器一点都不为过,我们可以使用这个工具或者参考这个开源项目打造属于自己的容器瑞士军刀。
netshoot镜像docker.io/nicolaka/netshoot里面包括以下这些网络工具包
apache2-utils \
bash \
bind-tools \
bird \
bridge-utils \
busybox-extras \
conntrack-tools \
curl \
dhcping \
drill \
ethtool \
file\
fping \
grpcurl \
iftop \
iperf \
iperf3 \
iproute2 \
ipset \
iptables \
iptraf-ng \
iputils \
ipvsadm \
jq \
libc6-compat \
liboping \
ltrace \
mtr \
net-snmp-tools \
netcat-openbsd \
nftables \
ngrep \
nmap \
nmap-nping \
nmap-scripts \
openssl \
py3-pip \
py3-setuptools \
scapy \
socat \
speedtest-cli \
openssh \
strace \
tcpdump \
tcptraceroute \
tshark \
util-linux \
vim \
git \
zsh \
websocat \
swaks \
perl-crypt-ssleay \
perl-net-ssleayDocker
Netshoot with Docker Compose
version: "3.6"
services:
tcpdump:
image: docker.io/nicolaka/netshoot
depends_on:
- nginx
command: tcpdump -i eth0 -w /data/nginx.pcap
network_mode: service:nginx
volumes:
- $PWD/data:/data
nginx:
image: nginx:alpine
ports:
- 80:80deployment
我这里给大家准备好了在k8s上以deployment形式运行的yaml配置
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: netshoot
name: netshoot
spec:
replicas: 1
selector:
matchLabels:
app: netshoot
template:
metadata:
labels:
app: netshoot
spec:
containers:
- image: docker.io/nicolaka/netshoot
name: netshoot
args:
- /bin/bash
- -c
- >
while :; do
echo "[$(date +%F\ %T)] hello"
sleep 1
done# kubectl -n test apply -f test-netshoot.yaml
# kubectl -n test exec -it netshoot-659d7f6dcf-kt46v -- bash
bash-5.1# ping
ping: usage error: Destination address required