How to Enter a Pod as Root

How to enter a pod as root?

I found the answer.

You cannot log into the pod directly as root via kubectl.

You can do via the following steps.

1) find out what node it is running on kubectl get po -n [NAMESPACE] -o wide

2) ssh node

3) find the docker container sudo docker ps | grep [namespace]

4) log into container as root sudo docker exec -it -u root [DOCKER ID] /bin/bash

Why kubectl exec --username=root does not work?

This is not supported.

Source code suggests it's a TODO feature: kubernetes/kubectl/pkg/cmd/exec/exec.go

The --username flag explained by kubectl:

➜  ~ kubectl options  | grep user    
  --user='': The name of the kubeconfig user to use
  --username='': Username for basic authentication to the API server

As you probably see, none of the user flags can change user/UID for exec.

All flags supported by exec command:

➜  ~ kubectl exec --help
[...]

Options:
  -c, --container='': Container name. If omitted, the first container in the pod will be chosen
  -f, --filename=[]: to use to exec into the resource
      --pod-running-timeout=1m0s: The length of time (like 5s, 2m, or 3h, higher than zero) to wait until at least one
pod is running
  -i, --stdin=false: Pass stdin to the container
  -t, --tty=false: Stdin is a TTY

Additionally, apt-get update is best to be run at build time, not at a run time.

It is a good practise to keep your containers immutable. For testing purpouses you should stick with docker exec because ther is no other known alternative.

Also, If you have a specific problem to solve, explain the problem, not the solution. xyproblem

How access to kubernetes with root user?

From 3.7.7-r19 the RabbitMQ container has been migrated to a non-root user approach. Previously the container ran as the root user and the RabbitMQ daemon was started as the rabbitmq user. From now on, both the container and the RabbitMQ daemon run as user 1001. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing USER 1001 to USER root in the Dockerfile.

So either you need to build custom docker image or use old docker image.

Reference:

https://hub.docker.com/r/bitnami/rabbitmq

https://github.com/bitnami/containers/blob/main/bitnami/rabbitmq/README.md

Kubernetes run pod as root

found the issue, it was in the same namespace as my Azure Dev Spaces and there was a conflict there, moved to a new namespace and it was fixed


Related Topics

Understanding Load Average VS. CPU Usage

How to Append the Output to a File

How to Check for Opencv on Ubuntu 9.10

Readelf VS. Objdump: Why Are Both Needed

How to Track Child Process Using Strace

Remote Linux Server to Remote Linux Server Dir Copy. How

Setting a Gdb Exit Breakpoint Not Working

Recursively Cat All the Files into Single File

What Is a Reasonable Amount of Inotify Watches with Linux

Differencebetween Ld_Library_Path and -L at Link Time

Expression After Last Specific Character

Scp File from Local to Heroku Server

Failing to Connect to Remote Mongodb Server

Monitoring File and Directory Access on Linux

When "Vagrant Up" It Says "It Appears Your Machine Doesn't Support Nfs" (Debian Jessie)

Visual Block Edit in Vim

How to Set Kptr_Restrict to 0

Posix Shared Memory and Semaphores Permissions Set Incorrectly by Open Calls


Leave a reply



Submit