TCPdump inside docker

For TCPDump 1
=============

k get pod productpage-v1-8554d58bff-rz25r -o json | grep containerID

docker exec ff8e6d1a169bc225ad1e357b54445e9055423189b900176bcc6cdd393f9cd83d /bin/bash -c 'cat /sys/class/net/eth0/iflink'

ip link | grep ^47

tcpdump -i

For TCPDump 2
=============

add

- name: tcpdump
image: corfr/tcpdump
command:
- /bin/sleep
- infinity

k get pod productpage-v1-8554d58bff-rz25r -o json | grep containerID

docker exec 867662a10a0324059b71d3be9765069b900eca4f2f5f29fdb2e7b7792fcfc726 tcpdump -s 0 -n -w /tmp/container.pcap

docker cp 867662a10a0324059b71d3be9765069b900eca4f2f5f29fdb2e7b7792fcfc726:/tmp/container.pcap .

For TCPDump 3
=============

1. run 'docker ps' at worker node.

get the container Id, for target container

2. get pid of that container

docker inspect --format '{{.State.pid}}' "Container ID from previous command"

3. nsenter -t "PID value from previous command" -n tcpdump

1 comments:

Manish Panchmatia said...: https://blog.getambassador.io/verifying-service-mesh-tls-in-kubernetes-using-ksniff-and-wireshark-454b1e3f4dc9; June 13, 2020 at 11:05 PM

Life is an exercise to express the InExpressible.

Express YourSelf !

TCPdump inside docker

1 comments:

Post a Comment

Total Pageviews

Subscribe by E-mail

Labels

Popular Posts

Coming Soon...

Followers

My Social Network

Blog Archive