Nondestructive Forensics: Debugging Kubernetes Services without Disturbing State

In this KubeCon talk, Alex Leong discusses how to debug Kubernetes services using tools such as Linkerd, debug sidecars, and ephemeral containers. While some errors may take a long time to reproduce – resource leaks and race conditions are a good example – others occur unexpectedly in prod. In both cases, it is key to collect as much information as possible without restarting the pod.

Ephemeral containers are a promising technology yet still in alpha. And detailed logging, Linkerd’s “tap,” and debug sidecars are great tools but only useful if included before the error occurred. In his talk, Alex will compare techniques and showcase how to use direct access to the note to enter a pod’s namespace and do detailed network debugging without needing to restart any running containers.

Similar posts