Run kubernetes debug container with volume mounts (ephemiral container)¶

By default debug containers can't access the filesystem of the pod

Since kubectl 1.30 there is a kubectl debug --custom argument that allows custom container spec additions. Here are some examples on how to use this new feature, make sure your kubectl version is 1.30 and environment variable KUBECTL_DEBUG_CUSTOM_PROFILE=true is set

https://kubernetes.io/docs/tasks/debug/debug-application/debug-running-pod/#ephemeral-container
envFrom not working in ephemeral containers: failed to sync secret cache
kubectl debug: Add custom debug profiles on top of static profiles
Add support for mounting volumes into ephemeral container
https://github.com/bavarianbidi/kubectl-dpm?tab=readme-ov-file#kubectl-custom-debug-profiles

`kubectl` custom debug profiles¶

It's now possible to define volumeMounts in your debugging session by redefining from the mounts of your running application container.

Define volume mounts¶

Create a file custom-debug-profile.json

{
  "volumeMounts": [
    {
      "mountPath": "/data",
      "name": "data",
      "readOnly": true
    }
  ]
}

Start debug container with profile¶

KUBECTL_DEBUG_CUSTOM_PROFILE=true
kubectl debug -it <POD_NAMe> --image=<DEBUG_CONTAINER_IMAGE> --target=<TARGET_CONTAINER> --custom="custom-debug-profile.json"

Extra environment variables¶

Add some extra environment variables by adding them to the custom debug profile.

{
  "env": [
    {
      "name": "FOOBAR",
      "value": "Hello world!"
    },
    {
      "name": "BARBAZ",
      "value": "Whale say!"
    }
  ]
}

Run kubernetes debug container with volume mounts (ephemiral container)¶

kubectl custom debug profiles¶

Define volume mounts¶

Start debug container with profile¶

Extra environment variables¶

`kubectl` custom debug profiles¶