What is the best way to exec into another container and access its directory?

11/13/2018

I have a container running inside a pod and I want to be able to monitor its content every week. I want to write a Kube cronjob for it. Is there a best way to do this?

At the moment I am doing this by running a script in my local machine that does kubectl exec my-container and monitors the content of the directory in that container.

-- Sudesh Banskota
kubectl
kubernetes

2 Answers

11/14/2018

You can run your script in another sidecar of your pod.

  • Define a empty directory volume
  • Mount this volume as your content directory
  • Also mount this directory to sidecar, so that it can access and able to monitor.

Example:

apiVersion: v1
kind: Pod
metadata:
  name: monitor-by-sidecar
spec:

  restartPolicy: Never

  volumes: # empty directory volume
  - name: shared-data
    emptyDir: {}

  containers:

  - name: container-which-produce-content # This container is main application which generate contect. Suppose in /usr/share/nginx/html directory
    image: debian
    volumeMounts:
    - name: shared-data
      mountPath: /usr/share/nginx/html
    command: ["/bin/bash", "-c"]
    args:
      - while true;
        do 
        echo "hello world";
        echo "----------------" > /usr/share/nginx/html/index.html;
        cat /usr/share/nginx/html/index.html;
        done

  - name: container-which-run-script-to-monitor # this container will run your monitor scripts. this container mount main application's volume in /pod-data directory and run required scripts.
    image: debian
    volumeMounts:
    - name: shared-data
      mountPath: /pod-data
    command: ["/bin/sh", "-c"]
    args:
    - while true; 
      do 
      echo "hello"; 
      sleep 10;
      ls -la /pod-data/;
      cat /pod-data/index.html;
      done

Example Description

  • First container(named container-which-produce-content) is main application, which mount a emptyDir volume in /usr/share/nginx/html. In this directory main application will generate data.
  • Second container(named container-which-run-script-to-monitor) will mount same emptyDir volume (named shared-data which also mounted by main application in /usr/share/nginx/html dir) in /pod-data directory. This /pod-data contains whole data which main application generated in /usr/share/nginx/html directory. You can then run your scripts on this directory.
-- Abu Hanifa
Source: StackOverflow

11/13/2018

kubectl exec my-container sounds perfectly fine to me. You might want to look at this if you want to run kubectl in a pod (Kubernetes CronJob).

There are other ways but depending on what you are trying to do in the long term it might be an overkill. For example:

  • You can set up a Fluentd or tail/grep sidecar (or ls, if you are using a binary file?) to send the content or part of the content of that file to an Elasticsearch cluster.

  • You can set up Prometheus in Kubernetes to scrape metrics on the pod mounted filesystems. You will probably have to use a custom exporter in the pod or something else that exports files in mount points in the pod. This is a similar example.

-- Rico
Source: StackOverflow