Comments (9)
Merged the fix, closing the issue.
if it doesn't resolve the issue for you, please reopen the bug.
from ksniff.
It looks like the namespace "my-product-api" is not correctly passed to the script, I'm saying that because the first line of the attached output: "[+] Sniffing on pod: my-product-api-c97484d9b-bn6d6 container: namespace: " displays the passed namespace as empty space which means the namespace was not passed correctly.
You should have the following output:
"[+] Sniffing on pod: my-product-api-c97484d9b-bn6d6 container: namespace: my-product-api"
If the namespace is empty, the default namespace is used and because you container is not running as part of the default namespace, kubectl report that it can't find it.
For debugging:
- Do you use the latest version of the plugin?
- What is your kubectl version?
- The namespace passed by kubectl to the script in the KUBECTL_PLUGINS_LOCAL_FLAG_NAMESPACE environment variable, please manually edit ksniff.sh and add the line "echo ${KUBECTL_PLUGINS_LOCAL_FLAG_NAMESPACE}" at the file head.
re-run your command line and post the result here.
Eldad.
from ksniff.
Thanks @eldadru
Do you use the latest version of the plugin?
I believe so. I just pulled and built to plugin today.
What is your kubectl version?
v1.10.4
The namespace passed by kubectl to the script in the KUBECTL_PLUGINS_LOCAL_FLAG_NAMESPACE environment variable, please manually edit ksniff.sh and add the line "echo ${KUBECTL_PLUGINS_LOCAL_FLAG_NAMESPACE}" at the file head.
re-run your command line and post the result here.
Ok, I edited the .sh
file, but when I run ksniff via kubectl again, the changes are not picked up.
When I run ./ksniff.sh my-product-8d7599548-vk24f -n my-product
I get:
./ksniff.sh my-product-8d7599548-vk24f -n my-product
namespace is:
[+] Sniffing on pod: my-product-8d7599548-vk24f container: namespace:
[+] Verifying pod status
Error from server (NotFound): pods "my-product-8d7599548-vk24f" not found
[-] Pod is not existing or on different namespace
from ksniff.
-n should only be effective when running via kubectl, the environment variable passed to ksniff.sh by kubectl runtime so running ksniff.sh with -n won't work.
"the changes are not picked up." why? it's have to, maybe you have two different ksniff.sh instances?
the one kubectl execute is placed in ~/.kube/plugin/sniff/ksniff.sh, you should edit this one.
from ksniff.
I'm able to reproduce this after a new install of ksniff.
ksniff ver: 71c9147ba34ca6a7a43c316c1941802d03f92108
(latest master)
kubectl ver:
Client Version: version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.7", GitCommit:"0c38c362511b20a098d7cd855f1314dad92c2780", GitTreeState:"clean", BuildDate:"2018-08-20T10:09:03Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"10+", GitVersion:"v1.10.7-gke.2", GitCommit:"8d9503f982872112eb283f78cefc6944af640427", GitTreeState:"clean", BuildDate:"2018-09-13T22:19:55Z", GoVersion:"go1.9.3b4", Compiler:"gc", Platform:"linux/amd64"}
Adding set -x
to the script I see:
$ kubectl plugin sniff foo -n staging -c bar -f IP
+ POD_NAME=foo
+ CONTAINER_NAME=bar
+ NAMESPACE_NAME=
+ FILTER=IP
+ CONTAINER_FLAG=
+ NAMESPACE_FLAG=
I added a printenv |sort
to the top of ksniff.sh
. The only KUBECTL_PLUGINS_LOCAL_* variables were:
KUBECTL_PLUGINS_LOCAL_FLAG_CONTAINER=bar
KUBECTL_PLUGINS_LOCAL_FLAG_FILTER=IP
KUBECTL_PLUGINS_LOCAL_FLAG_HELP=false
KUBECTL_PLUGINS_LOCAL_FLAG_POD=
from ksniff.
OK, I think I found it.
I used KUBECTL_PLUGINS_LOCAL_FLAG_NAMESPACE instead of KUBECTL_PLUGINS_CURRENT_NAMESPACE to retrieve the current namespace.
I used a fairly old version of kubectl (1.8.7) that did support that, In the more recent versions (1.10+) it's not supported anymore and only KUBECTL_PLUGINS_CURRENT_NAMESPACE will work.
I created a fix #12 and tested it with kubectl 1.10 and it seems to resolve it issue.
@magick93 @znorris can you please confirm that it resolve the issue for you as well?
from ksniff.
@eldadru That fixed it for me. Thank you for creating such a handy tool!
from ksniff.
@znorris awesome!
Thanks for the feedback, please keep reporting bugs/suggesting improvements :)
from ksniff.
ngpe72mgtb26 ~# kubectl sniff -n mvnr-paas istio-pilot-5cc98fd795-bczx6
INFO[0000] sniffing method: upload static tcpdump
INFO[0000] using tcpdump path at: '/root/.krew/store/sniff/v1.4.2/static-tcpdump'
INFO[0000] no container specified, taking first container we found in pod.
INFO[0000] selected container: 'discovery'
INFO[0000] sniffing on pod: 'istio-pilot-5cc98fd795-bczx6' [namespace: 'mvnr-paas', container: 'discovery', filter: '', interface: 'any']
INFO[0000] uploading static tcpdump binary from: '/root/.krew/store/sniff/v1.4.2/static-tcpdump' to: '/tmp/static-tcpdump'
INFO[0000] uploading file: '/root/.krew/store/sniff/v1.4.2/static-tcpdump' to '/tmp/static-tcpdump' on container: 'discovery'
INFO[0000] executing command: '[/bin/sh -c ls -alt /tmp/static-tcpdump]' on container: 'discovery', pod: 'istio-pilot-5cc98fd795-bczx6', namespace: 'mvnr-paas'
INFO[0000] command: '[/bin/sh -c ls -alt /tmp/static-tcpdump]' executing successfully exitCode: '0', stdErr :''
INFO[0000] file found: '-rwxr-xr-x 1 root root 2696368 Jan 1 1970 /tmp/static-tcpdump
'
INFO[0000] file was already found on remote pod
INFO[0000] tcpdump uploaded successfully
INFO[0000] spawning wireshark!
INFO[0000] start sniffing on remote container
INFO[0000] executing command: '[/tmp/static-tcpdump -i any -U -w - ]' on container: 'discovery', pod: 'istio-pilot-5cc98fd795-bczx6', namespace: 'mvnr-paas'
INFO[0000] starting sniffer cleanup
INFO[0000] sniffer cleanup completed successfully
Error: exit status 1
ngpe72mgtb26 ~#
I am getting Error: exit status 1 at the end. where i can see logs to troubleshoot.
@eldadru please suggest
from ksniff.
Related Issues (20)
- netns return empty string so nothing is ever captured HOT 10
- can't execute 'ctr': No such file or directory HOT 3
- can't run in privileged mode
- Openshift 4.10 Mac M1 nsenter: can't execute 'tcpdump': No such file or directory
- sniff on RKE2 fails to create the ksniff pod HOT 2
- Vulnerable 3rd party libs
- Release new version HOT 1
- Add istio inject false label/annotation
- Add ARM linux based static-tcpdump HOT 1
- ksniff failing to create a privileged pod on the node with taints
- Issues running on arm64 HOT 1
- Can ksniff be used for one-time packet captures (~10 min) in production environment for debugging purposes? Apart from clean up of left over pods or containers, what else should I look into after using it for a short pcap?
- cloud storage support for sniff output
- Not able to build static-tcpdump on Ubuntu 22.04 Jammy
- Can we take tcpdump on multiple pods using ksniff ? For an example if a namespace has 4 PODs running can we take TCPDUMP on all the 4 PODs using kubectl sniff -p <pod1> <pod2> <pod3>
- 'kubectl sniff' command returning 139 exit/error code during execution. RCA required for failed attempt at packet capture so that workaround can be identified. HOT 6
- exitCode: '126' when using --tcpdump-image for an airgapped scenario HOT 1
- kubectl sniff fails with certificate error.
- Incorrect Makefile install path for kubectl >= 1.28
- K8S API client 30s timeout: request canceled (Client.Timeout exceeded while awaiting headers)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ksniff.