0

How can I access the directories of a container from the node which executes the container?

I have root-access to the master-node. Now I would like to have a look at the /etc directory of the etcd pod/container.

kubectl exec does not help, since it is a distroless image which misses the usual shell tools like ls and tar.

I use containerd

guettli
  • 3,591
  • 17
  • 72
  • 123

2 Answers2

3

I use containerd in my local setup and I use remote etcd server. But the idea explained below can be use for local etcd.

  1. [Optional step] ssh to etcd node. If using local etcd in master then ignore this step.
  2. First find the process ID for the etcd container ps -aux | grep -i etcd

enter image description here

  1. Now lets us the magic /proc directory to find the etcd DB location.

sudo ls /proc/9591/root/var/lib/etcd

enter image description here

  1. Navigate to etcd directory sudo ls /proc/9591/root/etc/kubernetes

enter image description here

  1. Let's check the etcd certiifcates: sudo ls /proc/9591/root/etc/kubernetes/pki/etcd/

enter image description here

Rajesh Dutta
  • 306
  • 1
  • 5
  • Great! `/proc/PID/root` was new to me. – guettli Jan 30 '22 at 12:14
  • +1 but please when posting console output / settings format it as "`code`" using [Markdown](http://serverfault.com/editing-help) and/or the formatting options in the edit menu to properly type-set your posts. Also use copy-paste and avoid posting screenshots of text. That improves readability, attracts better answers and allows indexing by search engines, which may help people with similar questions. – Bob Jan 31 '22 at 12:53
1

you can use the following command (be careful when performing operations):

nsenter -p -m  -t <processid>

basically track the pid of the application inside a container you wish to enter and replace with it's process id

Liran Cohen
  • 41
  • 3