Skip to content

Commit

Permalink
Merge pull request #151 from rundeck-plugins/debug-ephemeral-container
Browse files Browse the repository at this point in the history
RUN-1525: Add plugin for Ephemeral Debug Container
  • Loading branch information
ltamaster authored Mar 6, 2023
2 parents ecda614 + 1a97a81 commit ebd553f
Show file tree
Hide file tree
Showing 2 changed files with 162 additions and 0 deletions.
78 changes: 78 additions & 0 deletions contents/debug-ephemeral-container.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
#!/usr/bin/env python -u
import logging
import sys
import os
import common
import json

from kubernetes import client
from kubernetes.client.rest import ApiException
from kubernetes import watch

logging.basicConfig(stream=sys.stdout, level=logging.INFO,
format='%(message)s')
log = logging.getLogger('kubernetes-model-source')

if os.environ.get('RD_JOB_LOGLEVEL') == 'DEBUG':
log.setLevel(logging.DEBUG)

def main():

common.connect()

container_name = os.environ.get("RD_CONFIG_CONTAINER_NAME")
container_image = os.environ.get("RD_CONFIG_CONTAINER_IMAGE")

if os.environ.get("RD_CONFIG_TARGET_CONTAINER"):
target_container = os.environ.get("RD_CONFIG_TARGET_CONTAINER")

try:
v1 = client.CoreV1Api()

[name, namespace, container] = common.get_core_node_parameter_list()

if not container:
core_v1 = client.CoreV1Api()
response = core_v1.read_namespaced_pod_status(
name=name,
namespace=namespace,
pretty="True"
)
container = response.spec.containers[0].name

common.log_pod_parameters(log, {'name': name, 'namespace': namespace, 'container_name': container})
common.verify_pod_exists(name, namespace)

# add a debug container to it
body = {
"spec": {
"ephemeralContainers": [
{
"name": container_name,
"image": container_image,
"targetContainerName": target_container,
"stdin": True,
"tty": True
}
]
}
}

response = v1.patch_namespaced_pod_ephemeralcontainers(
name,
namespace,
body,
_preload_content=False)

if os.environ.get("RD_CONFIG_PRINT_POD_SPEC") == "true":
json_data = json.loads(response.data.decode("utf-8"))
print(json.dumps(json_data, indent=2))
else:
print("Ephemeral container " + container_name + " successfully added to pod " + name)

except ApiException:
log.exception("Exception error creating:")
sys.exit(1)

if __name__ == '__main__':
main()
84 changes: 84 additions & 0 deletions plugin.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2348,6 +2348,90 @@ providers:
scope: Instance
renderingOptions:
groupName: Authentication
- name: Kubernetes-Ephemeral-Container
service: WorkflowNodeStep
title: Kubernetes / Debug / Ephemeral Container
description: 'Add an ephemeral container to a pod for debugging.'
plugin-type: script
script-interpreter: python -u
script-file: debug-ephemeral-container.py
script-args: ${config.name}
config:
- name: name
type: String
title: "Pod Name"
required: true
description: "Name of the running pod that the ephemeral container will get attached to."
- name: namespace
type: String
title: "Namespace"
description: "Namespace where the job was created"
required: false
default: default
- name: container_name
type: String
title: "Name for Ephemeral Container"
description: "Name for the ephemeral container that will be added to the running pod."
required: true
default: debugger
- name: container_image
type: String
title: "Container Image"
description: "Image for the ephemeral container to be added to the running pod."
default: "busybox"
- name: target_container
type: String
title: "Target Container"
description: "Name of a container within the running pod that the ephemeral container should target.\n The ephemeral container will be run in the namespaces (IPC, PID, etc) of the Target Container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. See the official Kubernetes documentation [here](https://kubernetes.io/docs/tasks/debug/debug-application/debug-running-pod/#ephemeral-container) for further details."
required: false
- name: print_pod_spec
type: Boolean
title: "Print Pod Spec"
description: "Optionally print the pod spec to the log output after the ephemeral container has been added."
default: "false"
- name: config_file
type: String
title: "Kubernetes Config File Path"
description: "Leave empty if you want to pass the connection parameters"
required: false
scope: Instance
renderingOptions:
groupName: Authentication
- name: url
type: String
title: "Cluster URL"
description: "Kubernetes Cluster URL"
required: false
scope: Instance
renderingOptions:
groupName: Authentication
- name: token
type: String
title: "Token"
required: false
scope: Instance
description: "Kubernetes API Token"
renderingOptions:
groupName: Authentication
selectionAccessor: "STORAGE_PATH"
valueConversion: "STORAGE_PATH_AUTOMATIC_READ"
storage-path-root: "keys"
- name: verify_ssl
type: Boolean
title: "Verify ssl"
description: "Verify ssl for SSL connections"
required: false
scope: Instance
renderingOptions:
groupName: Authentication
- name: ssl_ca_cert
type: String
title: "SSL Certificate Path"
description: "SSL Certificate Path for SSL connections"
required: false
scope: Instance
renderingOptions:
groupName: Authentication
- name: Kubernetes-InlineScript-Step
service: WorkflowNodeStep
title: Kubernetes / Pods / Execute Script
Expand Down

0 comments on commit ebd553f

Please sign in to comment.