Different ways to debug your Kubernetes apps

Different ways to debug your Kubernetes apps

To learn about the different ways to debug your Kubernetes applications

15 July 2022
ephemeral containers.

In this hands-on lab, we will briefly discuss what I typically use for debugging Kubernetes apps. I hope you will find it helpful too.

Lab Setup

You can start the lab setup by clicking on the Lab Setup button on the right side of the screen. Please note that there are app-specific URLs exposed specifically for the hands-on lab purpose.

Our lab has been set up with all necessary tools like base OS (Ubuntu), and developer tools like Git, Vim, wget, and others.

Exploring different ways to debug Kubernetes apps

In this section, we will be going through some of the ways like kubectl exec, sharing namespaces, and ephemeral containers to debug k8s applications.

Using plain old “exec”

kubectl apply -f exec-demo.yaml
kubectl get pods
kubectl exec -it -c nginx exec-demo -- ls

This approach will not work for environments where exec is disabled or for container images without a shell.

Let’s look at other approaches.

Using a sidecar

Enable process namespace sharing so that you can view processes in the app container from your debug container. You’ll generally need this for debugging.

  • An example POD YAML using a sidecar image with network debugging tools.
kubectl apply -f pod.yaml
kubectl get pods

Using ephemeral containers

This is the latest Kubernetes feature and the most preferred.

You can create a debug container on the fly without pre-provisioning a sidecar. More details are available in the official documentation.

  • Let’s see this in action. In the following example, I will create a debug container with perf tools.
kubectl apply -f nginx-pod.yaml
kubectl get pods
  • Now I will create an ephemeral container by using kubectl debug
kubectl debug --image=quay.io/bpradipt/perf-amd64 -it --share-processes=true nginx-pod -- /bin/bash

Now you can perform your debugging tasks.

If you are wondering what’s happening behind the scenes, then the best place to look at is the POD spec — kubectl get pod nginx -o yaml

kubectl get pod nginx-pod -o yaml

You’ll see a new section added for ephemeral containers, as shown below:

  • You can also create an entirely new debug POD as shown below:
kubectl debug --image=quay.io/bpradipt/perf-amd64 -it --share-processes=true --copy-to=debug-nginx nginx-pod -- /bin/bash

You’ll see a new debug POD created.

kubectl get pods

  I’m sure you’ll find ephemeral containers handy for debugging.


In this hands-on lab, we have explored different ways to debug the Kubernetes applications and the most efficient way is to use ephemeral containers for it.

How likely are you going to recommend this lab to your friends or colleagues?


Leave a comment:

About the Authors

Oshi Gupta

Oshi Gupta

DevOps Engineer & Technical Writer, CloudYuga

Oshi Gupta works as a DevOps Engineer and Technical Writer at CloudYuga Technologies. She is a CKA certified and has been selected for LFX mentorship in Spring 2022 for CNCF Kyverno. She loves writing blogs and is keen to learn about various cloud-native technologies. Besides this, she loves cooking, badminton, traveling, and yoga.

Pradipta Banerjee

Pradipta Banerjee

Senior Principal Software Engineer, Red Hat

Pradipta is currently working on container isolation and confidential computing. He is a strong believer in self-learning and hands-on problem-solving. Connect with him for any help with container security, digitization, or technology adoption for improving livelihoods