Add iputils to all images to allow the use of ping

[seanhamlin]

At present /bin/ping is a symlink to busybox

lrwxrwxrwx    1 root     root            12 Feb 10 16:45 ping -> /bin/busybox
lrwxrwxrwx    1 root     root            12 Feb 10 16:45 ping6 -> /bin/busybox

You need to be root in order to execute tools like ping.

According to https://serverfault.com/a/1001312/54411, we can add the iputils package, and then prefer that for the ping command. Then non-root can execute ping.

Ping is useful for many things, from measuring latency to testing connectivity.

[smlx]

SUID binaries will not work with the restricted pod security standard policy (see the section on privilege escalation). So the solution described with iputils will not work in that case.

Instead an admin can just run a pod on the same node manually for checking latency between the node and other services.

If you want to add the ability to ping from all Lagoon workload pods then since ping_group_range is in the safe set of sysctls you could add it to the standard template for Lagoon pods, and include the rootless GID in the range.