I want to delete a specific file from a cronJob to the following container, the problem is that when I run exec I got error, how can I exec to distroless container (k8s v1.22.5) and delte the file from a cronJob, which option do we have?
this is the deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: distro
labels:
app: distro
spec:
replicas: 1
selector:
matchLabels:
app: distro
template:
metadata:
labels:
app: distro
spec:
containers:
- name: edistro
image: timberio/vector:0.21.X-distroless-libc
ports:
- containerPort: 80
what I tried is
kubectl exec -i -t -n apits aor-agent-zz -c tor "--" sh -c "clear; (bash || ash || sh)"
The error is:
error: Internal error occurred: error executing command in container: failed to exec in container: failed to start exec
I tried it out like following
kubectl debug -it distro-d49b456cf-t85cm --image=ubuntu --target=edistro --share-processes -n default
And got error:
Targeting container "edistro". If you don't see processes from this container it may be because the container runtime doesn't support this feature. Defaulting debug container name to debugger-fvfxs. error: ephemeral containers are disabled for this cluster (error from server: "the server could not find the requested resource").
As I guess (not sure) that our the container runtime doesnt support it which option do we have?
The answer below doesn't solve the issue, I need a way to access from outside the distroless pod and delete specific file there, how can I do this?
The point of using distro-less is to have a minimal amount of tools/software packaged in the image. This means the removal of unnecessary tools like shell from the image.
You may work around using, however it may depend on your objective:
kubectl debug -it <POD_TO_DEBUG> --image=<helper-image> --target=<CONTAINER_TO_DEBUG> --share-processes
Eg:
kubectl debug -it distro-less-pod --image=ubuntu --target=edistro --share-processes