Please note the analogous mechanism on kubernetes ("ephemeral containers") works only with the pod's shareProcessNamespace: true setting, which is usually off. So you won't be able to do this out of the box with your deployment already running on a typical stack
this is not true, `kubectl debug` attaches to the namespace of a container of your choosing (`--target` argument). You don't have to enable process namespace sharing at the pod level
Last time I've checked, kubectl debug would not attach if namespace sharing wasn't enabled in the first place. Has it changed? What k8s version are you using?
PS. Even without checking again, it would be surprising if it changed. Even the official documentation is mentioning that this is needed
Docker Debug was previously a paid-for feature, now available for free since v4.49
Please note the analogous mechanism on kubernetes ("ephemeral containers") works only with the pod's shareProcessNamespace: true setting, which is usually off. So you won't be able to do this out of the box with your deployment already running on a typical stack
this is not true, `kubectl debug` attaches to the namespace of a container of your choosing (`--target` argument). You don't have to enable process namespace sharing at the pod level
Last time I've checked, kubectl debug would not attach if namespace sharing wasn't enabled in the first place. Has it changed? What k8s version are you using?
PS. Even without checking again, it would be surprising if it changed. Even the official documentation is mentioning that this is needed
Does podman contain or plan to implement something similar? Seems very useful.
Not that I could find. There is always the option to use a sidecar container, eg:
https://matthewsanabria.dev/posts/no-shell-for-you-container...
https://iximiuz.com/en/series/mastering-container-debugging/
Only for "Docker Desktop 4.49 and later"
[dead]