Debugging a failed pod in kubernetes

Hi, I got a failed pod and would like to get into the pod container and check/see the processes running. How can I go about this? So far I have tried;

kubectl debug securityreview -it --image=busybox --copy-to=sec-debug --container=securityreview – sh


Okay, I am getting into the shell of the busybox, but I cannot see anything of the failed pod/container.

Can you help with this?

Hello @dmatinyarare

If you are having a failed pod, you can simply analyze its logs to determine the errors. this could be done $ kubectl logs <pod_name>
Or
$ kubectl describe

Yes, I did analyze the logs and I know where the issues is… -this is to do with the wrong securityContext. The securityContext from the pod is runAsUser: 2100 and the securityContext in the created container is runAsUser: 3000. Please NOTE this is an nginx pod deployment. The question request me to login into the container and find out with which processIP is the nginx process running. When I get that processID I then need to update the pod is the correct security context.

My question is how do I get the nginx process IP in the container when the pod is failing and I can’t log-in the pod? Is there any other way to get the nginx process ID with which the nginx start with before it fails? Does ssuch information get logged in the logs? (When I run the #kubectl logs nginsx, I do not get the nginx processID.

You can get the id of processes inside a docker container. The command to find the process id is docker container top