Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding this to KoolKits? #4

Open
TomGranot opened this issue Apr 26, 2022 · 9 comments
Open

Adding this to KoolKits? #4

TomGranot opened this issue Apr 26, 2022 · 9 comments

Comments

@TomGranot
Copy link

Hiya!

I've caught this repo from Observability News by Michael Hasuenblas - great stuff:)

I wonder, since this requires 0 code changes, whether it will be a good fit to bundle into our OSS project KoolKits.

We have docker debug images specifically geared towards debugging applications written in a specific language - you can check out the project here.

This might fit into our Go KoolKit.

Your comments much appreciated @edeNFed :)
@edeNFed
Copy link
Contributor

edeNFed commented Apr 26, 2022

Hi @TomGranot,
KoolKit looks like a really cool project!
Adding auto instrumentation to the Go image should be pretty easy, probably just copying the binary from this Dockerfile:
https://github.com/keyval-dev/opentelemetry-go-instrumentation/blob/master/Dockerfile

Will be happy to open a PR if you think it's a good idea.

@TomGranot
Copy link
Author

TomGranot commented Apr 26, 2022
edited
Loading

@edeNFed Please do! That would be awesome.

If you can also add it to the README for the Go KoolKit with a quick explainer I'll appreciate that too:)

We usually also ask maintainers to add a reference to the tool in their own READMEs - i.e. "To run this in k8s you can use a KoolKit" - would that be OK with you? I can open a PR here.

@edeNFed
Copy link
Contributor

edeNFed commented Apr 26, 2022

Sure no problem, I'll let you know once I finished adding to KoolKit so we can update the README file.

@TomGranot
Copy link
Author

@edeNFed Dope. Talk soon!

@edeNFed
Copy link
Contributor

edeNFed commented May 3, 2022

Hi @TomGranot,
I tried to include the project in the KoolKit container but I had a few issues.
The main problem is that in order for this instrumentation to run we need to add privileges to the pod, for example:

          securityContext:
            runAsUser: 0
            capabilities:
              add:
                - SYS_PTRACE
            privileged: true
          volumeMounts:
            - mountPath: /sys/kernel/debug
              name: kernel-debug

I could not find a flag in kubectl debug which allows adding securtityContext or volume mounts.
I do see that kubectl debug has a "node mode" which allows the creation of pods that runs with enhanced privileges.
What do you think? Should I try to use this mode or do you have other suggestions?

@TomGranot
Copy link
Author

@edeNFed Interesting.

To add what I know off the top of my head, kubectl debug has two modes - container-in-existing-pod and container-in-new-pod.

If I understand correctly, you were attempting to target the latter - copying a pod and debugging it. I'm pretty sure that if you use that you indeed can't change the securityContext, so using 'node mode" seems like the right path to go.

Let me know if I can help out with something!

@TomGranot
Copy link
Author

@edeNFed Any luck testing this out?

@edeNFed
Copy link
Contributor

edeNFed commented May 17, 2022

@TomGranot sorry for the delay, I had a couple of busy days.
Hope to get it done by the end of this week.

@TomGranot
Copy link
Author

@edeNFed NP! Just let me know if i can help.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@edeNFed @TomGranot